www.gandul.ro Open in urlscan Pro
2a06:98c1:3121::7 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.gandul.ro/stiri/un-adolescent-de-17-ani-inecat-therme-ce-spun-reprezentatii-complexului-19749318?utm_sourc...
Submission: On February 13 via manual (February 13th 2022, 2:35:31 pm UTC) from RO — Scanned from DE

Summary HTTP 205 Redirects Links 27 Behaviour Indicators

Summary

This website contacted 77 IPs in 12 countries across 74 domains to perform 205 HTTP transactions. The main IP is 2a06:98c1:3121::7, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.gandul.ro. The Cisco Umbrella rank of the primary domain is 433641.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 10th 2021. Valid for: a year.

This is the only time www.gandul.ro was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
33	2a06:98c1:312... 2a06:98c1:3121::7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
1	104.111.245.50 104.111.245.50	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a00:1450:400... 2a00:1450:4001:80f::2008	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
3	2a02:26f0:6c0... 2a02:26f0:6c00:2a7::268b	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2606:4700:20:... 2606:4700:20::681a:686	13335 (CLOUDFLAR...) (CLOUDFLARENET)
12	2606:4700::68... 2606:4700::6810:8616	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	192.102.6.94 192.102.6.94	57682 (HVDS-AS) (HVDS-AS)
4	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2606:4700:303... 2606:4700:3032::6815:4ae4	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2606:4700::68... 2606:4700::6812:e234	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:20:... 2606:4700:20::681a:6c9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	2600:9000:219... 2600:9000:2190:5a00:9:46dc:4700:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:219... 2600:9000:2190:ac00:3:a4cd:8380:93a1	16509 (AMAZON-02) (AMAZON-02)
13 13	2606:4700:303... 2606:4700:3031::6815:4cf9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
1	37.157.6.251 37.157.6.251	198622 (ADFORM) (ADFORM)
1	185.184.8.65 185.184.8.65	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
6	2606:4700:20:... 2606:4700:20::ac43:49e4	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	178.250.0.165 178.250.0.165	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
4	116.202.80.165 116.202.80.165	24940 (HETZNER-AS) (HETZNER-AS)
1	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
1	2620:116:800d... 2620:116:800d:21:36a9:ecb:e518:b308	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:303... 2606:4700:3031::ac43:81b0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:219... 2600:9000:2190:bc00:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
2	192.102.6.123 192.102.6.123	57682 (HVDS-AS) (HVDS-AS)
1	18.158.39.89 18.158.39.89	16509 (AMAZON-02) (AMAZON-02)
5	13.224.90.44 13.224.90.44	16509 (AMAZON-02) (AMAZON-02)
3	99.80.67.233 99.80.67.233	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6810:8516	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	192.102.6.144 192.102.6.144	57682 (HVDS-AS) (HVDS-AS)
4 6	176.9.60.211 176.9.60.211	24940 (HETZNER-AS) (HETZNER-AS)
1 1	192.102.6.72 192.102.6.72	57682 (HVDS-AS) (HVDS-AS)
1 25	104.111.216.213 104.111.216.213	16625 (AKAMAI-AS) (AKAMAI-AS)
1	104.111.245.23 104.111.245.23	16625 (AKAMAI-AS) (AKAMAI-AS)
1	147.75.85.120 147.75.85.120	54825 (PACKET) (PACKET)
3	184.31.84.150 184.31.84.150	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2606:2800:235... 2606:2800:235:1c73:1f86:1376:22ce:2cd	15133 (EDGECAST) (EDGECAST)
1 2	104.16.83.19 104.16.83.19	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	185.117.134.138 185.117.134.138	204006 (IQOPTION) (IQOPTION)
1 2	2606:4700:10:... 2606:4700:10::ac43:1e5d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:20:... 2606:4700:20::681b:5171	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	107.154.132.27 107.154.132.27	19551 (INCAPSULA) (INCAPSULA)
1 2	104.22.7.169 104.22.7.169	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 3	104.18.11.75 104.18.11.75	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 3	45.60.78.64 45.60.78.64	19551 (INCAPSULA) (INCAPSULA)
1 2	151.101.129.29 151.101.129.29	54113 (FASTLY) (FASTLY)
1 2	2606:4700::68... 2606:4700::6813:b729	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:99	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:10:... 2606:4700:10::ac43:557	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:e763	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	185.28.232.10 185.28.232.10	39605 (IGUANESOL...) (IGUANESOLUTIONS)
2 3	2606:4700::68... 2606:4700::6812:6528	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2606:4700:20:... 2606:4700:20::6819:e935	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	185.75.253.85 185.75.253.85	48684 (VIKINGHOST) (VIKINGHOST)
1 1	195.85.23.89 195.85.23.89	209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare)
1	195.85.23.96 195.85.23.96	209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare)
1	2606:4700::68... 2606:4700::6811:3b3a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	172.66.43.179 172.66.43.179	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	104.21.89.238 104.21.89.238	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	82.196.14.221 82.196.14.221	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	2606:4700:20:... 2606:4700:20::ac43:4be2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:7311	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	104.109.77.182 104.109.77.182	16625 (AKAMAI-AS) (AKAMAI-AS)
1	44.237.79.85 44.237.79.85	16509 (AMAZON-02) (AMAZON-02)
1 2	2a06:98c1:312... 2a06:98c1:3120::7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	2.16.186.241 2.16.186.241	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	104.111.224.226 104.111.224.226	16625 (AKAMAI-AS) (AKAMAI-AS)
2 3	178.248.238.82 178.248.238.82	197068 (QRATOR) (QRATOR)
1 1	13.224.89.8 13.224.89.8	16509 (AMAZON-02) (AMAZON-02)
1	13.224.89.60 13.224.89.60	16509 (AMAZON-02) (AMAZON-02)
1	104.111.243.137 104.111.243.137	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	104.20.0.53 104.20.0.53	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:10:... 2606:4700:10::ac43:16c4	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	209.140.129.51 209.140.129.51	11643 (EBAY) (EBAY)
1	184.30.25.27 184.30.25.27	16625 (AKAMAI-AS) (AKAMAI-AS)
13	104.111.214.74 104.111.214.74	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a00:1450:400... 2a00:1450:4001:80e::2008	15169 (GOOGLE) (GOOGLE)
2	47.254.143.112 47.254.143.112	45102 (CNNIC-ALI...) (CNNIC-ALIBABA-US-NET-AP Alibaba US Technology Co.)
7	47.246.110.42 47.246.110.42	45102 (CNNIC-ALI...) (CNNIC-ALIBABA-US-NET-AP Alibaba US Technology Co.)
2	2408:4001:f00... 2408:4001:f00::f3	37963 (CNNIC-ALI...) (CNNIC-ALIBABA-CN-NET-AP Hangzhou Alibaba Advertising Co.)
2	2a02:2638::3 2a02:2638::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a02:2638:1::13 2a02:2638:1::13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
205	77

33 2a06:98c1:3121::7 (United States)

ASN13335 (CLOUDFLARENET, US)

www.gandul.ro	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
media.gandul.ro	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.245.50 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-245-50.deploy.static.akamaitechnologies.com

code3.adtlgc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:26f0:6c00:2a7::268b (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

scdn.cxense.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.cxense.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:686 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.unblockia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2606:4700::6810:8616 (United States)

ASN13335 (CLOUDFLARENET, US)

live.demand.supply	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.102.6.94 (Kyiv, Ukraine)

ASN57682 (HVDS-AS, UA)
PTR: s3.zevshost.net

neuronales.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2.18.234.21 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

js-sec.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
as-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3032::6815:4ae4 (United States)

ASN13335 (CLOUDFLARENET, US)

agorahtag.tech	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700::6812:e234 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
img.onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:6c9 (United States)

ASN13335 (CLOUDFLARENET, US)

views.cancan.ro	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2600:9000:2190:5a00:9:46dc:4700:93a1 (United States)

ASN16509 (AMAZON-02, US)

quantcast.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2190:ac00:3:a4cd:8380:93a1 (United States)

ASN16509 (AMAZON-02, US)

test.quantcast.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2606:4700:3031::6815:4cf9 (United States) 13 redirects

ASN13335 (CLOUDFLARENET, US)

www.gandul.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.6.251 (Denmark)

ASN198622 (ADFORM, DK)
PTR: s1.adform.net

adx.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.184.8.65 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-65.rtbhouse.net

prebid-eu.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700:20::ac43:49e4 (United States)

ASN13335 (CLOUDFLARENET, US)

rtb.adpone.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.165 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.par.vip.prod.criteo.com

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 116.202.80.165 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.165.80.202.116.clients.your-server.de

comcluster.cxense.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
p1cluster.cxense.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
id.cxense.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:36a9:ecb:e518:b308 (United States)

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3031::ac43:81b0 (United States)

ASN13335 (CLOUDFLARENET, US)

aghtag.tech	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.33.220.150 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2190:bc00:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.102.6.123 (Kyiv, Ukraine)

ASN57682 (HVDS-AS, UA)
PTR: server.odnaknopka.ru

odnaknopka.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.158.39.89 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-158-39-89.eu-central-1.compute.amazonaws.com

audit-tcfv2.quantcast.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 13.224.90.44 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-90-44.zrh50.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 99.80.67.233 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-99-80-67-233.eu-west-1.compute.amazonaws.com

admp-tc-sati.adtlgc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:8516 (United States)

ASN13335 (CLOUDFLARENET, US)

api.demand.supply	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.102.6.144 (Kyiv, Ukraine) 1 redirects

ASN57682 (HVDS-AS, UA)
PTR: 192.102.6.144.stat.zevshost.net

webcache.pp.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 176.9.60.211 (Germany) 4 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.211.60.9.176.clients.your-server.de

pubmedya.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.102.6.72 (Kyiv, Ukraine) 1 redirects

ASN57682 (HVDS-AS, UA)
PTR: s1.zevshost.net

tsystatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 104.111.216.213 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-216-213.deploy.static.akamaitechnologies.com

s.click.aliexpress.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
u.alicdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
i.alicdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.alicdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.245.23 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-245-23.deploy.static.akamaitechnologies.com

sale.aliexpress.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 147.75.85.120 (Schiphol, Netherlands)

ASN54825 (PACKET, US)

api.cxense.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 184.31.84.150 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-31-84-150.deploy.static.akamaitechnologies.com

htlb.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:2800:235:1c73:1f86:1376:22ce:2cd (United States)

ASN15133 (EDGECAST, US)

de.dhgate.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.16.83.19 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

localbitcoins.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.117.134.138 (Cyprus)

ASN204006 (IQOPTION, CY)

iqbroker.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::ac43:1e5d (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

remitano.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681b:5171 (United States)

ASN13335 (CLOUDFLARENET, US)

p2pb2b.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 107.154.132.27 (United States)

ASN19551 (INCAPSULA, US)
PTR: 107.154.132.27.ip.incapdns.net

www.thelotter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.22.7.169 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

freebitco.in	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.18.11.75 (None, ) 2 redirects

ASN13335 (CLOUDFLARENET, US)

www.iherb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
de.iherb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 45.60.78.64 (United States) 2 redirects

ASN19551 (INCAPSULA, US)

www.exness.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.exness.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.129.29 (United States) 1 redirects

ASN54113 (FASTLY, US)

ro.hotelscombined.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6813:b729 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

stripchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
de.stripchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:99 (United States)

ASN13335 (CLOUDFLARENET, US)

kinsta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::ac43:557 (United States)

ASN13335 (CLOUDFLARENET, US)

faucetcrypto.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:e763 (United States)

ASN13335 (CLOUDFLARENET, US)

www.forextime.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.28.232.10 (France)

ASN39605 (IGUANESOLUTIONS, FR)
PTR: spo-webvip-01.ig-1.net

www.spartoo.ro	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6812:6528 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

chaturbate.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::6819:e935 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

is.gd	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.75.253.85 (Netherlands) 1 redirects

ASN48684 (VIKINGHOST, NL)

bngpt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 195.85.23.89 (Czech Republic) 1 redirects

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)
PTR: net-89-23-conversasro.com

bongacams.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 195.85.23.96 (Czech Republic)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)
PTR: net-96-23-conversasro.com

de.bongacams.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:3b3a (United States)

ASN13335 (CLOUDFLARENET, US)

paxful.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.66.43.179 (United States)

ASN13335 (CLOUDFLARENET, US)

gleam.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.21.89.238 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

rbfxdirect.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 82.196.14.221 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)

my5.roboforex.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::ac43:4be2 (United States)

ASN13335 (CLOUDFLARENET, US)

faucetpay.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:7311 (United States)

ASN13335 (CLOUDFLARENET, US)

www.canva.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.109.77.182 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-109-77-182.deploy.static.akamaitechnologies.com

www.banggood.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
de.banggood.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.237.79.85 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-237-79-85.us-west-2.compute.amazonaws.com

www.tomtop.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a06:98c1:3120::7 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

coinsbit.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.16.186.241 (Frankfurt am Main, Germany) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-186-241.deploy.static.akamaitechnologies.com

www.miniinthebox.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.224.226 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-224-226.deploy.static.akamaitechnologies.com

www.nike.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 178.248.238.82 (Russian Federation) 2 redirects

ASN197068 (QRATOR, RU)

www.liteforex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
litefinance.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.litefinance.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.89.8 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-224-89-8.zrh50.r.cloudfront.net

www.binance.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.89.60 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-89-60.zrh50.r.cloudfront.net

accounts.binance.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.243.137 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-243-137.deploy.static.akamaitechnologies.com

offer.alibaba.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.20.0.53 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

cex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::ac43:16c4 (United States)

ASN13335 (CLOUDFLARENET, US)

www.instaforex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 209.140.129.51 (United States) 2 redirects

ASN11643 (EBAY, US)
PTR: rover-public-rnoaz03-1-1.ebay.com

rover.ebay.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.30.25.27 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-25-27.deploy.static.akamaitechnologies.com

www.ebay.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 104.111.214.74 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-214-74.deploy.static.akamaitechnologies.com

ae01.alicdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ssl.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 47.254.143.112 (Frankfurt am Main, Germany)

ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba US Technology Co., Ltd., CN)

gpsfront.aliexpress.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 47.246.110.42 (United States)

ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba US Technology Co., Ltd., CN)

ae.mmstat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2408:4001:f00::f3 (Beijing, China)

ASN37963 (CNNIC-ALIBABA-CN-NET-AP Hangzhou Alibaba Advertising Co.,Ltd., CN)

fourier.taobao.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:1::13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
37	alicdn.com u.alicdn.com — Cisco Umbrella Rank: 37355 i.alicdn.com — Cisco Umbrella Rank: 18910 ae01.alicdn.com — Cisco Umbrella Rank: 7756 assets.alicdn.com — Cisco Umbrella Rank: 11062	672 KB
33	gandul.ro www.gandul.ro — Cisco Umbrella Rank: 433641 media.gandul.ro — Cisco Umbrella Rank: 820513	1 MB
13	gandul.info 13 redirects www.gandul.info	8 KB
13	demand.supply live.demand.supply — Cisco Umbrella Rank: 28082 api.demand.supply — Cisco Umbrella Rank: 50568	39 KB
10	consensu.org quantcast.mgr.consensu.org — Cisco Umbrella Rank: 2040 test.quantcast.mgr.consensu.org — Cisco Umbrella Rank: 5726 audit-tcfv2.quantcast.mgr.consensu.org — Cisco Umbrella Rank: 9863	217 KB
8	cxense.com scdn.cxense.com — Cisco Umbrella Rank: 9903 cdn.cxense.com — Cisco Umbrella Rank: 4660 comcluster.cxense.com — Cisco Umbrella Rank: 4318 p1cluster.cxense.com — Cisco Umbrella Rank: 6557 id.cxense.com — Cisco Umbrella Rank: 8288 api.cxense.com — Cisco Umbrella Rank: 6479	47 KB
7	mmstat.com ae.mmstat.com — Cisco Umbrella Rank: 22553	1 KB
6	casalemedia.com htlb.casalemedia.com — Cisco Umbrella Rank: 427 as-sec.casalemedia.com — Cisco Umbrella Rank: 1146	2 KB
6	pubmedya.net 4 redirects pubmedya.net — Cisco Umbrella Rank: 321050	5 KB
6	adpone.com rtb.adpone.com — Cisco Umbrella Rank: 14115	4 KB
6	onesignal.com cdn.onesignal.com — Cisco Umbrella Rank: 2951 onesignal.com — Cisco Umbrella Rank: 1314 img.onesignal.com	95 KB
5	amazon-adsystem.com c.amazon-adsystem.com — Cisco Umbrella Rank: 263	40 KB
4	aliexpress.com 1 redirects s.click.aliexpress.com — Cisco Umbrella Rank: 23127 sale.aliexpress.com — Cisco Umbrella Rank: 33325 gpsfront.aliexpress.com — Cisco Umbrella Rank: 37380	18 KB
4	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 159 googleads.g.doubleclick.net — Cisco Umbrella Rank: 37	152 KB
4	adtlgc.com code3.adtlgc.com — Cisco Umbrella Rank: 73140 admp-tc-sati.adtlgc.com — Cisco Umbrella Rank: 79881	13 KB
3	ebay.com 2 redirects rover.ebay.com — Cisco Umbrella Rank: 6447 www.ebay.com — Cisco Umbrella Rank: 2679	592 B
3	chaturbate.com 2 redirects chaturbate.com — Cisco Umbrella Rank: 17578	8 KB
3	iherb.com 2 redirects www.iherb.com — Cisco Umbrella Rank: 59631 de.iherb.com — Cisco Umbrella Rank: 404478	1 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 31 ssl.google-analytics.com — Cisco Umbrella Rank: 236	37 KB
3	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 92	157 KB
2	criteo.net static.criteo.net — Cisco Umbrella Rank: 638	57 KB
2	taobao.com fourier.taobao.com — Cisco Umbrella Rank: 12794	2 KB
2	cex.io 1 redirects cex.io — Cisco Umbrella Rank: 144791	914 B
2	binance.com 1 redirects www.binance.com — Cisco Umbrella Rank: 17222 accounts.binance.com — Cisco Umbrella Rank: 92144	304 B
2	litefinance.com 1 redirects litefinance.com — Cisco Umbrella Rank: 647530 www.litefinance.com — Cisco Umbrella Rank: 892437	235 B
2	miniinthebox.com 1 redirects www.miniinthebox.com — Cisco Umbrella Rank: 306944	902 B
2	coinsbit.io 1 redirects coinsbit.io — Cisco Umbrella Rank: 219252	1 KB
2	banggood.com 1 redirects www.banggood.com — Cisco Umbrella Rank: 97439 de.banggood.com — Cisco Umbrella Rank: 259601	2 KB
2	bongacams.com 1 redirects bongacams.com — Cisco Umbrella Rank: 40161 de.bongacams.com — Cisco Umbrella Rank: 233483	964 B
2	stripchat.com 1 redirects stripchat.com — Cisco Umbrella Rank: 23534 de.stripchat.com — Cisco Umbrella Rank: 253563	424 B
2	hotelscombined.com 1 redirects ro.hotelscombined.com	2 KB
2	exness.com 2 redirects www.exness.com — Cisco Umbrella Rank: 272029	2 KB
2	freebitco.in 1 redirects freebitco.in — Cisco Umbrella Rank: 121294	256 B
2	remitano.com 1 redirects remitano.com — Cisco Umbrella Rank: 359520	1 KB
2	localbitcoins.com 1 redirects localbitcoins.com — Cisco Umbrella Rank: 182170	597 B
2	odnaknopka.ru odnaknopka.ru	1 KB
2	criteo.com bidder.criteo.com — Cisco Umbrella Rank: 736 gum.criteo.com — Cisco Umbrella Rank: 355	2 KB
2	cancan.ro views.cancan.ro — Cisco Umbrella Rank: 485878	2 KB
1	instaforex.com www.instaforex.com — Cisco Umbrella Rank: 652047
1	alibaba.com offer.alibaba.com — Cisco Umbrella Rank: 28471
1	liteforex.com 1 redirects www.liteforex.com	333 B
1	nike.com www.nike.com — Cisco Umbrella Rank: 12784
1	tomtop.com www.tomtop.com — Cisco Umbrella Rank: 313112
1	canva.com www.canva.com — Cisco Umbrella Rank: 5440
1	faucetpay.io faucetpay.io — Cisco Umbrella Rank: 299341
1	roboforex.org my5.roboforex.org
1	rbfxdirect.com 1 redirects rbfxdirect.com — Cisco Umbrella Rank: 731351	549 B
1	gleam.io gleam.io — Cisco Umbrella Rank: 41577
1	paxful.com paxful.com — Cisco Umbrella Rank: 255125
1	bngpt.com 1 redirects bngpt.com — Cisco Umbrella Rank: 48118	3 KB
1	is.gd 1 redirects is.gd — Cisco Umbrella Rank: 91724	490 B
1	spartoo.ro www.spartoo.ro
1	forextime.com www.forextime.com — Cisco Umbrella Rank: 374118
1	faucetcrypto.com faucetcrypto.com — Cisco Umbrella Rank: 352854
1	kinsta.com kinsta.com — Cisco Umbrella Rank: 153175
1	exness.uk www.exness.uk
1	thelotter.com www.thelotter.com — Cisco Umbrella Rank: 493461
1	p2pb2b.io p2pb2b.io — Cisco Umbrella Rank: 394404
1	iqbroker.com iqbroker.com — Cisco Umbrella Rank: 75685
1	dhgate.com de.dhgate.com — Cisco Umbrella Rank: 230515
1	tsystatic.com 1 redirects tsystatic.com — Cisco Umbrella Rank: 239762	408 B
1	pp.ua 1 redirects webcache.pp.ua — Cisco Umbrella Rank: 783312	210 B
1	quantcount.com rules.quantcount.com — Cisco Umbrella Rank: 770	345 B
1	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 295	389 B
1	aghtag.tech aghtag.tech — Cisco Umbrella Rank: 44130	82 KB
1	quantserve.com secure.quantserve.com — Cisco Umbrella Rank: 829	10 KB
1	creativecdn.com prebid-eu.creativecdn.com — Cisco Umbrella Rank: 5927	175 B
1	adform.net adx.adform.net — Cisco Umbrella Rank: 4785	487 B
1	agorahtag.tech agorahtag.tech — Cisco Umbrella Rank: 96976	2 KB
1	indexww.com js-sec.indexww.com — Cisco Umbrella Rank: 618	34 KB
1	neuronales.xyz neuronales.xyz	532 B
1	unblockia.com cdn.unblockia.com — Cisco Umbrella Rank: 22091	25 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 50	36 KB
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 146	27 KB
205	74

	Domain	Requested by
21	www.gandul.ro	www.gandul.ro
13	ae01.alicdn.com	sale.aliexpress.com
13	www.gandul.info	13 redirects
12	live.demand.supply	www.gandul.ro live.demand.supply client
12	media.gandul.ro	www.gandul.ro
11	i.alicdn.com	sale.aliexpress.com i.alicdn.com
8	assets.alicdn.com	sale.aliexpress.com assets.alicdn.com www.gandul.ro
7	ae.mmstat.com	www.gandul.ro sale.aliexpress.com
7	quantcast.mgr.consensu.org	www.gandul.ro quantcast.mgr.consensu.org
6	pubmedya.net	4 redirects odnaknopka.ru pubmedya.net
6	rtb.adpone.com	www.gandul.ro
5	u.alicdn.com	sale.aliexpress.com u.alicdn.com
5	c.amazon-adsystem.com	live.demand.supply c.amazon-adsystem.com
3	chaturbate.com	2 redirects pubmedya.net
3	as-sec.casalemedia.com	js-sec.indexww.com
3	htlb.casalemedia.com	js-sec.indexww.com
3	admp-tc-sati.adtlgc.com	code3.adtlgc.com
3	onesignal.com	cdn.onesignal.com
3	securepubads.g.doubleclick.net	www.googletagservices.com live.demand.supply
3	pagead2.googlesyndication.com	www.gandul.ro pagead2.googlesyndication.com cdn.unblockia.com
2	static.criteo.net	www.gandul.ro static.criteo.net
2	fourier.taobao.com	www.gandul.ro assets.alicdn.com
2	gpsfront.aliexpress.com	i.alicdn.com
2	rover.ebay.com	2 redirects
2	cex.io	1 redirects pubmedya.net
2	www.miniinthebox.com	1 redirects pubmedya.net
2	coinsbit.io	1 redirects pubmedya.net
2	ro.hotelscombined.com	1 redirects pubmedya.net
2	www.exness.com	2 redirects
2	www.iherb.com	2 redirects
2	freebitco.in	1 redirects pubmedya.net
2	remitano.com	1 redirects pubmedya.net
2	localbitcoins.com	1 redirects pubmedya.net
2	odnaknopka.ru	neuronales.xyz odnaknopka.ru
2	comcluster.cxense.com	scdn.cxense.com cdn.cxense.com
2	cdn.cxense.com	scdn.cxense.com cdn.cxense.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	test.quantcast.mgr.consensu.org	www.gandul.ro quantcast.mgr.consensu.org
2	views.cancan.ro	www.gandul.ro
2	cdn.onesignal.com	www.gandul.ro cdn.onesignal.com
1	img.onesignal.com
1	gum.criteo.com	static.criteo.net
1	ssl.google-analytics.com	sale.aliexpress.com
1	www.ebay.com	pubmedya.net
1	www.instaforex.com	pubmedya.net
1	offer.alibaba.com	pubmedya.net
1	accounts.binance.com	pubmedya.net
1	www.binance.com	1 redirects
1	www.litefinance.com	pubmedya.net
1	litefinance.com	1 redirects
1	www.liteforex.com	1 redirects
1	www.nike.com	pubmedya.net
1	www.tomtop.com	pubmedya.net
1	de.banggood.com	pubmedya.net
1	www.banggood.com	1 redirects
1	www.canva.com	pubmedya.net
1	faucetpay.io	pubmedya.net
1	my5.roboforex.org	pubmedya.net
1	rbfxdirect.com	1 redirects
1	gleam.io	pubmedya.net
1	paxful.com	pubmedya.net
1	de.bongacams.com	pubmedya.net
1	bongacams.com	1 redirects
1	bngpt.com	1 redirects
1	is.gd	1 redirects
1	www.spartoo.ro	pubmedya.net
1	www.forextime.com	pubmedya.net
1	faucetcrypto.com	pubmedya.net
1	kinsta.com	pubmedya.net
1	de.stripchat.com	pubmedya.net
1	stripchat.com	1 redirects
1	www.exness.uk	pubmedya.net
1	de.iherb.com	pubmedya.net
1	www.thelotter.com	pubmedya.net
1	p2pb2b.io	pubmedya.net
1	iqbroker.com	pubmedya.net
1	de.dhgate.com	pubmedya.net
1	api.cxense.com	scdn.cxense.com
1	sale.aliexpress.com	odnaknopka.ru
1	s.click.aliexpress.com	1 redirects
1	tsystatic.com	1 redirects
1	webcache.pp.ua	1 redirects
1	api.demand.supply	live.demand.supply
1	id.cxense.com	scdn.cxense.com
1	audit-tcfv2.quantcast.mgr.consensu.org	quantcast.mgr.consensu.org
1	rules.quantcount.com	secure.quantserve.com
1	p1cluster.cxense.com	cdn.cxense.com
1	match.adsrvr.org	js-sec.indexww.com
1	aghtag.tech	agorahtag.tech
1	secure.quantserve.com	quantcast.mgr.consensu.org
1	googleads.g.doubleclick.net	pagead2.googlesyndication.com
1	bidder.criteo.com	www.gandul.ro
1	prebid-eu.creativecdn.com	www.gandul.ro
1	adx.adform.net	www.gandul.ro
1	agorahtag.tech	www.gandul.ro
1	js-sec.indexww.com	www.gandul.ro
1	neuronales.xyz	www.gandul.ro
1	cdn.unblockia.com	www.gandul.ro
1	scdn.cxense.com	www.gandul.ro
1	www.googletagmanager.com	www.gandul.ro
1	code3.adtlgc.com	www.gandul.ro
1	www.googletagservices.com	www.gandul.ro
205	102

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
web.whatsapp.com
www.cancan.ro
www.prosport.ro
www.csid.ro
www.telekomsport.ro
tacataca.prosport.ro
www.mediafax.ro
www.promotor.ro
raziculacrimi.ro
alephnews.ro
www.descopera.ro
www.replicaonline.ro
www.apropotv.ro
www.stirilekanald.ro
www.capital.ro
evz.ro
www.zf.ro
www.businessmagazin.ro
ciao.ro
www.antena3.ro
sulvo.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-10` - `2022-07-09`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
cdn-content-production.cxpublic.com R3	`2022-01-10` - `2022-04-10`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
*.cxense.com DigiCert SHA2 Secure Server CA	`2021-05-21` - `2022-05-26`	a year	crt.sh
demand.supply Cloudflare Inc ECC CA-3	`2021-04-21` - `2022-04-20`	a year	crt.sh
neuronales.xyz R3	`2021-12-12` - `2022-03-12`	3 months	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-12-12` - `2022-12-13`	a year	crt.sh
quantcast.mgr.consensu.org Amazon	`2021-04-24` - `2022-05-23`	a year	crt.sh
track.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2021-09-06` - `2022-10-07`	a year	crt.sh
*.creativecdn.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-03-30` - `2022-04-12`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-02-04` - `2022-05-03`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-22` - `2022-09-21`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh
odnaknopka.ru Sectigo RSA Domain Validation Secure Server CA	`2021-11-11` - `2022-12-12`	a year	crt.sh
c.amazon-adsystem.com Amazon	`2021-07-06` - `2022-06-27`	a year	crt.sh
*.adtlgc.com R3	`2022-02-05` - `2022-05-06`	3 months	crt.sh
pubmedya.net R3	`2021-12-30` - `2022-03-30`	3 months	crt.sh
www.aliexpress.com DigiCert SHA2 Secure Server CA	`2021-04-02` - `2022-03-28`	a year	crt.sh
*.iqbroker.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2022-01-11` - `2023-01-12`	a year	crt.sh
p2pb2b.io Cloudflare Inc ECC CA-3	`2021-06-30` - `2022-06-29`	a year	crt.sh
*.thelotter.com GeoTrust RSA CA 2018	`2021-12-16` - `2023-01-05`	a year	crt.sh
*.spartoo.ro Gandi Standard SSL CA 2	`2020-03-25` - `2022-03-29`	2 years	crt.sh
*.gleam.io Sectigo RSA Domain Validation Secure Server CA	`2021-03-16` - `2022-02-25`	a year	crt.sh
canva.com Cloudflare Inc ECC CA-3	`2021-08-08` - `2022-08-07`	a year	crt.sh
*.tomtop.com Secure Site CA G2	`2021-09-14` - `2022-10-06`	a year	crt.sh
air.alibaba.com DigiCert SHA2 Secure Server CA	`2021-12-16` - `2022-09-13`	9 months	crt.sh
ru.aliexpress.com DigiCert SHA2 Secure Server CA	`2021-04-01` - `2022-04-05`	a year	crt.sh
img.alicdn.com DigiCert SHA2 Secure Server CA	`2021-04-02` - `2022-04-05`	a year	crt.sh
*.aliexpress.com GlobalSign Organization Validation CA - SHA256 - G2	`2021-12-20` - `2022-06-26`	6 months	crt.sh
*.mmstat.com GlobalSign Organization Validation CA - SHA256 - G2	`2021-06-28` - `2022-07-30`	a year	crt.sh
*.taobao.com GlobalSign Organization Validation CA - SHA256 - G2	`2021-12-22` - `2022-06-26`	6 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-02-02` - `2022-05-03`	3 months	crt.sh

This page contains 7 frames:

Primary Page: https://www.gandul.ro/stiri/un-adolescent-de-17-ani-inecat-therme-ce-spun-reprezentatii-complexului-19749318?utm_source=ZF+Articol&utm_medium=website&utm_campaign=fidmee
Frame ID: 3263CB7FD26E305EC115D7C15459E0FD
Requests: 114 HTTP requests in this frame

Frame: https://cdn.cxense.com/sp1.html
Frame ID: FC2ECD0A33BCCBF15FF7EF532F1448DB
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220209/r20190131/zrt_lookup.html
Frame ID: 7C7C1EC6B67AFA67E3E55860CDFC8CED
Requests: 1 HTTP requests in this frame

Frame: https://pubmedya.net/vu/ro/
Frame ID: A0FEE760B1DEF5917E9E80317A3071E4
Requests: 1 HTTP requests in this frame

Frame: https://sale.aliexpress.com/__mobile/coupon_aliexpress.htm?af=a&47182&cn=-&cv=84215&dp=193.27.14.24&aff_fcid=ab345720c5ee43bc842a1b35e626ad8d-1644762924160-06522-_d8O2mSk&aff_fsk=_d8O2mSk&aff_platform=portals-tool&sk=_d8O2mSk&aff_trace_key=ab345720c5ee43bc842a1b35e626ad8d-1644762924160-06522-_d8O2mSk&terminal_id=85ff93f48190446ba6e1a3afdb3ed8fd
Frame ID: 5C7677F03B602D35333524F7C2486D6B
Requests: 50 HTTP requests in this frame

Frame: https://pubmedya.net/vu/ro/
Frame ID: 95398E54AF16936401AC46D76922E847
Requests: 34 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.gandul.ro&gdpr=1&gdpr_consent=
Frame ID: 046793B4B32322C41BE82BF45C0B5DD7
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Incident grav la Therme. Un adolescent de 17 ani s-a înecat în piscină. Reprezentanții complexului spun că echipa de salvamari a intervenit conform protocolului, dar nu i-au putut salva viața

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/
wp-embed\.min\.js\?ver=([\d.]+)

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

OneSignal (Marketing automation) Expand

Overall confidence: 100%
Detected patterns

cdn\.onesignal\.com

Quantcast Choice (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

quantcast\.mgr\.consensu\.org

Quantcast Measure (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.quantserve\.com/quant\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

205
Requests

84 %
HTTPS

44 %
IPv6

74
Domains

102
Subdomains

77
IPs

12
Countries

2918 kB
Transfer

7253 kB
Size

119
Cookies

27 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/sharer/sharer.php?u=https://www.gandul.ro/stiri/un-adolescent-de-17-ani-inecat-therme-ce-spun-reprezentatii-complexului-19749318

Search URL Search Domain Scan URL

URL: https://web.whatsapp.com/send?text=https://www.gandul.ro/stiri/un-adolescent-de-17-ani-inecat-therme-ce-spun-reprezentatii-complexului-19749318

Search URL Search Domain Scan URL

URL: https://www.cancan.ro/cati-lei-incaseaza-lunar-un-recenzor-de-la-recensamantul-populatiei-in-2022-20577792?utm_source=gandul+temporar&utm_medium=website&utm_campaign=fidmee
Title: Nu e banc! Câți lei încasează lunar un recenzor de la recensământul populației, în 2022

Search URL Search Domain Scan URL

URL: https://www.prosport.ro/poze/rusoaica-considerata-cea-mai-frumoasa-concurenta-de-la-jocurile-olimpice-de-la-beijing-imaginile-care-au-facut-o-sa-fie-considerata-cea-mai-sexy-atleta-din-competitie-internautii-n-19408311?pic=19408314&utm_source=GANDUL+INTERIOR+TEXT+LINK&utm_medium=website&utm_campaign=fidmee
Title: FOTO. Rusoaica Iulia e cea mai frumoasă sportivă de la Jocurile Olimpice! Nici Vladimir Putin nu a putut-o ignora la deschiderea competiției

Search URL Search Domain Scan URL

URL: https://www.csid.ro/galerie/alimentul-minune-care-%E2%80%9Erepar%C4%83%E2%80%9D-ficatul-bolnav-top-13-alimente-%C3%AEn-dieta-pentru-un-ficat-s%C4%83n%C4%83tos-19541718/?pic=0&utm_source=Gandul+articol&utm_medium=website&utm_campaign=fidmee
Title: Alimentul-minune care „repară” ficatul bolnav. TOP 13 alimente în dieta pentru un ficat sănătos

Search URL Search Domain Scan URL

URL: https://www.telekomsport.ro/accidentul-vestimentar-care-i-a-facut-pe-patinatorii-din-franta-sa-piarda-medalia-de-aur-olimpica-costumul-meu-s-a-deschis-20598963?utm_source=gandul&utm_medium=cross&utm_campaign=Cross

Search URL Search Domain Scan URL

URL: https://www.cancan.ro/cati-lei-incaseaza-lunar-un-recenzor-de-la-recensamantul-populatiei-in-2022-20577792?utm_source=Gandul+HP&utm_medium=website&utm_campaign=fidmee

Search URL Search Domain Scan URL

URL: https://tacataca.prosport.ro/poze/foto-cantareata-mira-intr-un-costum-de-baie-ultradecupat-168069/?pic=168071&utm_source=GANDUL+INTERIOR+TEXT+LINK+%5B2%5D&utm_medium=website&utm_campaign=fidmee

Search URL Search Domain Scan URL

URL: https://www.csid.ro/poze/povestea-incredibila-a-sportivului-care-a-invins-cancerul-si-a-devenit-campion-mondial-max-parrot-cancerul-m-a-invatat-sa-traiesc-in-prezent-sa-apreciez-fiecare-zi-19992605?utm_source=Gandul+articol+%5B2%5D&utm_medium=website&utm_campaign=fidmee

Search URL Search Domain Scan URL

URL: https://www.prosport.ro/sport-life/imaginile-anului-cu-cristi-borcea-si-valentina-pelinel-ce-i-a-facut-fostul-manechin-international-milionarului-in-vazul-tuturor-la-restaurant-foto-exclusiv-19409793?utm_source=Gandul+articol&utm_medium=website&utm_campaign=fidmee

Search URL Search Domain Scan URL

URL: http://www.mediafax.ro/externe/ziua-indragostitilor-atipica-tinerii-din-thailanda-sunt-sfatuiti-sa-poarte-masca-si-sa-nu-se-sarute-cand-fac-sex-20521177

Search URL Search Domain Scan URL

URL: https://www.promotor.ro/poze/preturi-dacia-dupa-rabla-2022-18995186?pic=18985038&utm_source=gandul-interior&utm_medium=website&utm_campaign=fidmee

Search URL Search Domain Scan URL

URL: https://raziculacrimi.ro/bancuri-rcl/bronz-doar-cu-palarie/

Search URL Search Domain Scan URL

URL: https://alephnews.ro/sanatate/oms-omicron-nu-va-fi-ultima-varianta-despre-care-vom-vorbi/

Search URL Search Domain Scan URL

URL: https://www.cancan.ro/cati-lei-incaseaza-lunar-un-recenzor-de-la-recensamantul-populatiei-in-2022-20577792?utm_source=Gandul+Articol&utm_medium=website&utm_campaign=fidmee

Search URL Search Domain Scan URL

URL: https://www.descopera.ro/galerii/16198721-varsta-la-care-femeile-sunt-cele-mai-atractive-pentru-barbati?pic=0&utm_source=Gandul+Articol&utm_medium=website&utm_campaign=fidmee

Search URL Search Domain Scan URL

URL: https://www.replicaonline.ro/studentii-nu-pot-fi-conditionati-de-vaccinare-pentru-acces-la-examene-sau-in-camine-508656/

Search URL Search Domain Scan URL

URL: https://www.apropotv.ro/poze/johnny-depp-a-vazut-cap-coada-doar-unul-dintre-filmele-in-care-a-jucat-alegerea-e-surprinzatoare-20246479?pic=20246488&utm_source=gandul.ro&utm_medium=website&utm_campaign=fidmee

Search URL Search Domain Scan URL

URL: https://www.stirilekanald.ro/dinca-scrisoare-4-pagini-romania-cedo-bani-20200884?utm_campaign=cross_parteneri&utm_source=gandul&utm_medium=gandul

Search URL Search Domain Scan URL

URL: https://www.capital.ro/anunt-de-ultima-ora-despre-viorel-lis-ce-s-a-intamplat-cu-fostul-primar.html

Search URL Search Domain Scan URL

URL: https://evz.ro/blestemul-pe-care-regina-elisabeta-a-ii-a-il-poarta-cu-ea-zeci-de-lideri-au-luptat-pentru-asta.html

Search URL Search Domain Scan URL

URL: https://www.zf.ro/fiscalitate/tichete-de-masa-2022-din-aceasta-luna-tichetele-de-masa-vor-fi-emise-20519405

Search URL Search Domain Scan URL

URL: http://www.businessmagazin.ro/actualitate/un-studiu-al-universitatii-harvard-care-a-durat-80-de-ani-a-scos-la-20518453

Search URL Search Domain Scan URL

URL: https://ciao.ro/bianca-dragusanu-a-devastat-magazinele-de-lux-si-cei-mai-mari-milionari-din-romania-ar-fi-invidiosi-pe-ea/?utm_source=Gandul-interior&utm_medium=website&utm_campaign=fidmee

Search URL Search Domain Scan URL

URL: https://www.descopera.ro/natura/19941410-efectele-nestiute-pe-care-excrementele-cainilor-le-pot-avea-asupra-rezervatiilor-naturale

Search URL Search Domain Scan URL

URL: https://www.antena3.ro/coronavirus/doua-semne-timpurii-avertizare-posibil-aveti-omicron-629026.html?utm_source=gandul.ro&utm_medium=referral&utm_campaign=Gandul

Search URL Search Domain Scan URL

URL: https://sulvo.com/?utm_source=https://www.gandul.ro/stiri/un-adolescent-de-17-ani-inecat-therme-ce-spun-reprezentatii-complexului-19749318?utm_source=ZF+Articol&utm_medium=website&utm_campaign=fidmee&utm_adtype=sticky_display&utm_medium=sulvo

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 28

https://www.gandul.info/wp-content/uploads/feeds/2022/02/1600171340/27354ea0750854d7d13558d543b27d31-t.jpg HTTP 301
https://www.gandul.ro/wp-content/uploads/feeds/2022/02/1600171340/27354ea0750854d7d13558d543b27d31-t.jpg

Request Chain 29

https://www.gandul.info/wp-content/uploads/feeds/2022/02/1574327681/35fd9338e1c876b71cf1c4fc4941bb9b-t.jpg HTTP 301
https://www.gandul.ro/wp-content/uploads/feeds/2022/02/1574327681/35fd9338e1c876b71cf1c4fc4941bb9b-t.jpg

Request Chain 30

https://www.gandul.info/wp-content/uploads/feeds/2022/02/1592228965/2c0dea5c19e613401fb1d8e58eee73d7-t.jpg HTTP 301
https://www.gandul.ro/wp-content/uploads/feeds/2022/02/1592228965/2c0dea5c19e613401fb1d8e58eee73d7-t.jpg

Request Chain 31

https://www.gandul.info/wp-content/uploads/feeds/2022/02/1576590984/ba9507758b53f6e710ff9642eefa24bf-t.png HTTP 301
https://www.gandul.ro/wp-content/uploads/feeds/2022/02/1576590984/ba9507758b53f6e710ff9642eefa24bf-t.png

Request Chain 32

https://www.gandul.info/wp-content/uploads/feeds/2022/02/1576576393/28ea48c9ec95a17beda807ccea15d4f7-t.jpg HTTP 301
https://www.gandul.ro/wp-content/uploads/feeds/2022/02/1576576393/28ea48c9ec95a17beda807ccea15d4f7-t.jpg

Request Chain 33

https://www.gandul.info/wp-content/uploads/feeds/2022/02/1576590673/e82e4132f5a48e0f333c888779f327e9-t.jpg HTTP 301
https://www.gandul.ro/wp-content/uploads/feeds/2022/02/1576590673/e82e4132f5a48e0f333c888779f327e9-t.jpg

Request Chain 34

https://www.gandul.info/wp-content/uploads/feeds/2022/02/1576590920/c919a89da668e758ed189c535c4f12d9-t.jpg HTTP 301
https://www.gandul.ro/wp-content/uploads/feeds/2022/02/1576590920/c919a89da668e758ed189c535c4f12d9-t.jpg

Request Chain 35

https://www.gandul.info/wp-content/uploads/feeds/2021/04/1608198304/7bc024b0d57e826cc8ae0bf32aa20bb7-t.jpg HTTP 301
https://www.gandul.ro/wp-content/uploads/feeds/2021/04/1608198304/7bc024b0d57e826cc8ae0bf32aa20bb7-t.jpg

Request Chain 36

https://www.gandul.info/wp-content/uploads/feeds/1970/01/1600778955/f815359640b16a14a0438de92a47ddad-t.jpg HTTP 301
https://www.gandul.ro/wp-content/uploads/feeds/1970/01/1600778955/f815359640b16a14a0438de92a47ddad-t.jpg

Request Chain 37

https://www.gandul.info/wp-content/uploads/feeds/2022/02/1576590808/35fd9338e1c876b71cf1c4fc4941bb9b-t.jpg HTTP 301
https://www.gandul.ro/wp-content/uploads/feeds/2022/02/1576590808/35fd9338e1c876b71cf1c4fc4941bb9b-t.jpg

Request Chain 38

https://www.gandul.info/wp-content/uploads/feeds/2021/12/1576590664/221b0b7194b1f01db75e32dce7e2469c-t.jpg HTTP 301
https://www.gandul.ro/wp-content/uploads/feeds/2021/12/1576590664/221b0b7194b1f01db75e32dce7e2469c-t.jpg

Request Chain 39

https://www.gandul.info/wp-content/uploads/feeds/2022/02/1632147107/a709635434c2cc82f3d5390574253623-t.jpg HTTP 301
https://www.gandul.ro/wp-content/uploads/feeds/2022/02/1632147107/a709635434c2cc82f3d5390574253623-t.jpg

Request Chain 62

https://www.gandul.info/wp-content/uploads/feeds/2022/02/1576591306/a7b5e1974f9ad964156f7179324c4731-t.jpg HTTP 301
https://www.gandul.ro/wp-content/uploads/feeds/2022/02/1576591306/a7b5e1974f9ad964156f7179324c4731-t.jpg

Request Chain 98

https://webcache.pp.ua/stat HTTP 302
https://pubmedya.net/vu/ro/

Request Chain 99

https://tsystatic.com/a HTTP 302
https://s.click.aliexpress.com/e/_d8O2mSk?af=a;47182&cn=-&cv=84215&dp=193.27.14.24 HTTP 302
https://sale.aliexpress.com/__mobile/coupon_aliexpress.htm?af=a&47182&cn=-&cv=84215&dp=193.27.14.24&aff_fcid=ab345720c5ee43bc842a1b35e626ad8d-1644762924160-06522-_d8O2mSk&aff_fsk=_d8O2mSk&aff_platform=portals-tool&sk=_d8O2mSk&aff_trace_key=ab345720c5ee43bc842a1b35e626ad8d-1644762924160-06522-_d8O2mSk&terminal_id=85ff93f48190446ba6e1a3afdb3ed8fd

Request Chain 111

https://pubmedya.net/to2/dhgate/ HTTP 307
https://de.dhgate.com/?f=bm|aff|admitad|1019090|504fc55d89d5ae1ba83b8bbe7bb8e979|197649||

Request Chain 112

https://localbitcoins.com/buy-bitcoins-online/?ch=1cmsy HTTP 302
https://localbitcoins.com/buy-bitcoins-online/

Request Chain 114

https://remitano.com/join/2716653 HTTP 302
https://remitano.com/

Request Chain 117

https://freebitco.in/?r=3669689 HTTP 302
https://freebitco.in/?op=signup_page&r=3669689

Request Chain 118

https://pubmedya.net/to2/iherb.com/ HTTP 307
https://www.iherb.com/?clickref=1011liQgeRUf&utm_source=phgagru&utm_medium=affiliate&utm_campaign=1100l95727 HTTP 301
https://www.iherb.com/?utm_source=phgagru&utm_medium=affiliate&utm_campaign=1100l95727 HTTP 302
https://de.iherb.com/?utm_source=phgagru&utm_medium=affiliate&utm_campaign=1100l95727

Request Chain 119

https://www.exness.com/a/vps0b6j3 HTTP 302
https://www.exness.com/?utm_source=partners&_8f4x=1 HTTP 302
https://www.exness.uk/?utm_source=partners&_8f4x=1

Request Chain 120

https://ro.hotelscombined.com/?a_aid=172493 HTTP 302
https://ro.hotelscombined.com/

Request Chain 121

https://stripchat.com/?affiliateId=73b0fbd3ee36ead2b74e59d3464a7035c57d58262dabefced6d54007bc244727 HTTP 302
https://de.stripchat.com/?affiliateId=73b0fbd3ee36ead2b74e59d3464a7035c57d58262dabefced6d54007bc244727

Request Chain 126

https://chaturbate.com/in/?track=default&tour=hr8m&campaign=sgo1n HTTP 302
https://chaturbate.com/toproom/?join_overlay=1&tour=hr8m&disable_sound=0&campaign=sgo1n HTTP 302
https://chaturbate.com/pepperxminthe/?join_overlay=1&tour=hr8m&disable_sound=0&campaign=sgo1n

Request Chain 127

https://is.gd/6P9p5C HTTP 301
https://bngpt.com/h.php?v=2&c=287325 HTTP 302
https://bongacams.com/?bcs=aXNiZTRhMWRkMWY0ZWNlOGQ4YWQyNDZmMmFhY2JjM2I0NDhhOjoxODMzNDY6Omh0dHBzOi8vcHVibWVkeWEubmV0Lzo6Ojo6OjI4NzMyNTo6MDo6MDo6MDo6OjowOjpkZWZhdWx0Ojow HTTP 302
https://de.bongacams.com/?bcs=aXNiZTRhMWRkMWY0ZWNlOGQ4YWQyNDZmMmFhY2JjM2I0NDhhOjoxODMzNDY6Omh0dHBzOi8vcHVibWVkeWEubmV0Lzo6Ojo6OjI4NzMyNTo6MDo6MDo6MDo6OjowOjpkZWZhdWx0Ojow

Request Chain 130

https://rbfxdirect.com/ru/lk/?a=zkeb HTTP 302
https://my5.roboforex.org/ru/?a=zkeb

Request Chain 133

https://www.banggood.com/?p=5Z30141707865201505S&custlinkid=1737278 HTTP 302
https://de.banggood.com/de/?akmClientCountry=DE&p=5Z30141707865201505S&custlinkid=1737278

Request Chain 135

https://coinsbit.io/referral/abbb0df8-7383-4a72-b68a-b161a8ae6e74 HTTP 302
https://coinsbit.io/register

Request Chain 136

https://www.miniinthebox.com/?utm_campaign=1398851&utm_content=Indoleads2019&utm_source=gan&utm_medium=affiliate&litb_from=affiliate_gan&clickid=2jfXwuUbjxyIUeizap0BSzDkUkGU4E1%3Ac0o4VQ0&irgwc=1 HTTP 302
https://www.miniinthebox.com/de/?utm_campaign=1398851&utm_content=Indoleads2019&utm_source=gan&utm_medium=affiliate&litb_from=affiliate_gan&clickid=2jfXwuUbjxyIUeizap0BSzDkUkGU4E1%3Ac0o4VQ0&irgwc=1

Request Chain 137

https://pubmedya.net/to2/nike.apac/ HTTP 307
https://www.nike.com/sg/?cp=76060516106_aff_|qKqcOVHts48|&ranMID=41134&ranEAID=qKqcOVHts48&ranSiteID=qKqcOVHts48-3tF9ra7EcDltDMmMC6vq7g

Request Chain 138

https://www.liteforex.com/?uid=322652589 HTTP 301
https://litefinance.com/?uid=322652589 HTTP 301
https://www.litefinance.com/?uid=322652589

Request Chain 139

https://www.binance.com/ru/register?ref=KZTDOPQP HTTP 302
https://accounts.binance.com/ru/register?ref=KZTDOPQP

Request Chain 141

https://cex.io/r/0/up111785894/0/ HTTP 301
https://cex.io/

Request Chain 143

https://pubmedya.net/to2/uatest/ HTTP 307
https://rover.ebay.com/rover/1/711-155609-835623-2/16?PARM3_ID=GBH_168&FF11=GBH_168&kw=6208c5f65c66c50001da8041_14330&mpre= HTTP 301
https://rover.ebay.com/rover/1/711-155609-835623-2/16?PARM3_ID=GBH_168&FF11=GBH_168&kw=6208c5f65c66c50001da8041_14330&mkevt=1&mkcid=16&mkrid=711-155609-835623-2&ufes_redirect=true HTTP 301
https://www.ebay.com/?PARM3_ID=GBH_168&FF11=GBH_168&kw=6208c5f65c66c50001da8041_14330&mkevt=1&mkcid=16&mkrid=711-155609-835623-2&ufes_redirect=true&mkevt=1&mkcid=16&mkrid=711-155609-835623-2&ufes_redirect=true

205 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request un-adolescent-de-17-ani-inecat-therme-ce-spun-reprezentatii-complexului-19749318 Show response
www.gandul.ro/stiri/ 180 KB
33 KB 97ms
68ms Document
text/html 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gandul.ro/stiri/un-adolescent-de-17-ani-inecat-therme-ce-spun-reprezentatii-complexului-19749318?utm_source=ZF+Articol&utm_medium=website&utm_campaign=fidmee

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

55cb573b9e4698fde7bad8645ff43251753d854153f1c60faaf952c3f931da66

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Sun, 13 Feb 2022 14:35:23 GMT
content-type: text/html; charset=UTF-8
link: <https://www.gandul.ro/wp-json/>; rel="https://api.w.org/" <https://www.gandul.ro/wp-json/wp/v2/posts/19749318>; rel="alternate"; type="application/json" <https://www.gandul.ro/?p=19749318>; rel=shortlink
x-ws: gandul-118
cache-control: public, max-age=600, s-maxage=600
vary: Accept-Encoding
age: 470
x-cache-0: H
x-ba-0: default
x-ttfb: 1
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o7qyiq0Vq8x%2BJW5k3aA%2BUTvd8ZO3h5O8VVuAWZurbRb9pNg1%2B79G%2BWAEKE%2FGamRWWQEjr%2F8EOcls%2BW31RQ7a55idn7Oyql8KG0rb0IUceY3Hl8WzjmtoBd%2FFkqqUduJRETz6d3qthqiM8R64"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6dcec86d2afe9235-FRA
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 lato-black-webfont.woff2
www.gandul.ro/wp-content/themes/gandul-twentyone/assets/fonts/ 21 KB
21 KB 146ms
145ms Font
font/woff2 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gandul.ro/wp-content/themes/gandul-twentyone/assets/fonts/lato-black-webfont.woff2

Requested by

Host: www.gandul.ro
URL: https://www.gandul.ro/stiri/un-adolescent-de-17-ani-inecat-therme-ce-spun-reprezentatii-complexului-19749318?utm_source=ZF+Articol&utm_medium=website&utm_campaign=fidmee

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cfcab20aa21a4818bdc5b1c526319f37de98e28797c17a0beceb3bbb99ef1475

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.gandul.ro/stiri/un-adolescent-de-17-ani-inecat-therme-ce-spun-reprezentatii-complexului-19749318?utm_source=ZF+Articol&utm_medium=website&utm_campaign=fidmee
Origin: https://www.gandul.ro
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 13 Feb 2022 14:35:23 GMT
etag: W/"60bde857-5340"
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-ws: gandul-118
age: 1650466
x-ttfb: 1
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-ba-0: default
last-modified: Mon, 07 Jun 2021 09:35:19 GMT
server: cloudflare
x-cache-0: M
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BqipxKGiavjXfnLmkZGlNgD7N04BP08yfuX9wcmAWXMZ9X%2FMrzhsGifgb4kFbY0gv%2FVNtC6uMr1Lls3sSZQ2hUlq5Ldge0g2I6elfirokaVDNJqfHD%2F9SGIdxBwHvsi%2B2IPe6Z4xoEmU4F4E"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
vary: Accept-Encoding
cache-control: public, max-age=15768000, s-maxage=15768000
cf-ray: 6dcec86dbc4f9235-FRA

GET
H2 200 lato-bold-webfont.woff2
www.gandul.ro/wp-content/themes/gandul-twentyone/assets/fonts/ 21 KB
22 KB 23ms
22ms Font
font/woff2 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gandul.ro/wp-content/themes/gandul-twentyone/assets/fonts/lato-bold-webfont.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1c0cab0b1de2ea45cdf2ad2a71645503f763e8747c077b65a38fc17605aa854a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.gandul.ro/stiri/un-adolescent-de-17-ani-inecat-therme-ce-spun-reprezentatii-complexului-19749318?utm_source=ZF+Articol&utm_medium=website&utm_campaign=fidmee
Origin: https://www.gandul.ro
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 13 Feb 2022 14:35:23 GMT
etag: W/"60bde857-55dc"
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-ws: gandul-118
age: 1650466
x-ttfb: 1
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-ba-0: default
last-modified: Mon, 07 Jun 2021 09:35:19 GMT
server: cloudflare
x-cache-0: M
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ndkohrzyjX%2Bhzaba%2BdS%2B%2BVRc%2FaviaAbJ6x8BLpb1ESk89m%2Bme%2FzEOPsePZ1g5%2BQK09ibHZp3tDuB%2BmOYTjerJqSid5Ne%2BqwgQ8RbOFYP%2F0N3xmiZEpWs%2Bgv%2FPd9LUzyFSFKxndS1WxvwQwXH"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
vary: Accept-Encoding
cache-control: public, max-age=15768000, s-maxage=15768000
cf-ray: 6dcec86dbc539235-FRA

GET
H2 200 lato-regular-webfont.woff2
www.gandul.ro/wp-content/themes/gandul-twentyone/assets/fonts/ 21 KB
22 KB 21ms
21ms Font
font/woff2 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gandul.ro/wp-content/themes/gandul-twentyone/assets/fonts/lato-regular-webfont.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

252f958ab7334260744af174539c91fbc11457e99b7001adae9d952ec163e0d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.gandul.ro/stiri/un-adolescent-de-17-ani-inecat-therme-ce-spun-reprezentatii-complexului-19749318?utm_source=ZF+Articol&utm_medium=website&utm_campaign=fidmee
Origin: https://www.gandul.ro
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 13 Feb 2022 14:35:23 GMT
etag: W/"60bde858-55d4"
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-ws: gandul-118
age: 1650466
x-ttfb: 1
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-ba-0: default
last-modified: Mon, 07 Jun 2021 09:35:20 GMT
server: cloudflare
x-cache-0: M
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yk8s5cjplvSHbzu87MpaZOqLUlq4lp%2FWFvI28T7Q32%2BNX3XV3belQHe6FeUfm%2FIfGsBuV4L4%2F7H5u5fukI5aKlF8BESttiOIwWc8nxDdzLAYAJ%2BDvFyn%2BHfLQsZAI%2FZ2QB8GE8NhAMi%2Fn1R4"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
vary: Accept-Encoding
cache-control: public, max-age=15768000, s-maxage=15768000
cf-ray: 6dcec86dbc559235-FRA

GET
H2 200 97742870_1199456360400843_4737544756521861120_n.jpg
media.gandul.ro/unsafe/768x432/smart/filters:contrast(5):format(webp):quality(80)/http://gandul.ro/wp-content/uploads/2022/02/ 124 KB
125 KB 31ms
17ms Image
image/webp 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gandul.ro/unsafe/768x432/smart/filters:contrast(5):format(webp):quality(80)/http://gandul.ro/wp-content/uploads/2022/02/97742870_1199456360400843_4737544756521861120_n.jpg
Requested by: Host: www.gandul.ro
URL: https://www.gandul.ro/stiri/un-adolescent-de-17-ani-inecat-therme-ce-spun-reprezentatii-complexului-19749318?utm_source=ZF+Articol&utm_medium=website&utm_campaign=fidmee
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 480b692711d4e10519693d698fffdf99866b25be2953772ce1c51f385c074ea8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gandul.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 13 Feb 2022 14:35:23 GMT
etag: "726388935ba5e065f91386bb587ef9f2fa088f9d"
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-ws: 24
age: 68868
x-content-class: static
x-ttfb: 1
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 127302
server: cloudflare
x-cache-0: M
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sTh8Sk7HTfGbwkh16d5WI2W9936kp8BTYZ%2FShoT%2Fcl2PKPCRjOZnP%2FaI0TUk40EZQOBMT7WWaBbUEcjbzqHn8fxMYRryd3PwfHyRNKBch3GPKVlofswPQXtmIAwRyq7bLBmS24MRUj1SND%2FsQ%2FE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
x-debug-0: He
cache-control: public, max-age=15780000, s-maxage=15780000
x-ba-0: thumbor
accept-ranges: bytes
cf-ray: 6dcec86dfcfd9235-FRA
x-storage: MA

GET
H2 200 97742870_1199456360400843_4737544756521861120_n.jpg
media.gandul.ro/unsafe/1260x709/smart/filters:contrast(5):format(webp):quality(80)/http://gandul.ro/wp-content/uploads/2022/02/ 280 KB
281 KB 49ms
36ms Image
image/webp 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gandul.ro/unsafe/1260x709/smart/filters:contrast(5):format(webp):quality(80)/http://gandul.ro/wp-content/uploads/2022/02/97742870_1199456360400843_4737544756521861120_n.jpg
Requested by: Host: www.gandul.ro
URL: https://www.gandul.ro/stiri/un-adolescent-de-17-ani-inecat-therme-ce-spun-reprezentatii-complexului-19749318?utm_source=ZF+Articol&utm_medium=website&utm_campaign=fidmee
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 97b5bf86bfd8028ddec41c07e946df8ba181962d5ce12b71dfff639536fb57b9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gandul.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 13 Feb 2022 14:35:23 GMT
etag: "2b4d270b4581113dd69516fd94f67b53f5dd7f27"
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-ws: 25
age: 68867
x-content-class: static
x-ttfb: 1
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 286774
server: cloudflare
x-cache-0: M
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jDsK82%2F8Wv5BXOLS4TXMgDf1vozpS5AuX%2Fgsz4%2F11W6EswCXX7qjZS48VhK26qBnAadxDJP1b2A6hNwD14iBg%2FwK938g%2FBEaD6k%2B2aS%2FDVrDrsIKfenUCghsCDkJ8x%2BPd525cy7%2BXoouK3L6%2F4s%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
x-debug-0: He
cache-control: public, max-age=15780000, s-maxage=15780000
x-ba-0: thumbor
accept-ranges: bytes
cf-ray: 6dcec86dfcf99235-FRA
x-storage: MA

GET
H2 200 style.min.css
www.gandul.ro/wp-content/plugins/quantcast-choice/public/css/ 3 KB
1 KB 20ms
20ms Stylesheet
text/css 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gandul.ro/wp-content/plugins/quantcast-choice/public/css/style.min.css?ver=2.0.4

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

544e774fc2fd3796265f83f0a118d91695dce18925f615f84d67cfbe5147b76a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gandul.ro/stiri/un-adolescent-de-17-ani-inecat-therme-ce-spun-reprezentatii-complexului-19749318?utm_source=ZF+Articol&utm_medium=website&utm_campaign=fidmee
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 13 Feb 2022 14:35:23 GMT
content-encoding: br
etag: W/"5ffc4a3a-c5b"
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-ws: gandul-118
age: 1650456
x-ttfb: 1
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-ba-0: default
last-modified: Mon, 11 Jan 2021 12:53:14 GMT
server: cloudflare
x-cache-0: H
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OY%2Fxl%2F5idR5lulISNotN4GtZZISjexqY46X8kkrFbeVPKhkl5vjd4lDBo%2B8zNXNbL4ZGPWbz7WhvCxp%2FzNoDAgzErSxZnoyecNHauLoxsP1L4HqC9RTgxsGBhmLbLsiICQ1YQbT5fhxxwi1V"}],"group":"cf-nel","max_age":604800}
content-type: text/css
vary: Accept-Encoding
cache-control: public, max-age=15768000, s-maxage=15768000
cf-ray: 6dcec86dbc569235-FRA

GET
H2 200 script.min.js Show response
www.gandul.ro/wp-content/plugins/quantcast-choice/public/js/ 5 KB
2 KB 24ms
22ms Script
application/javascript 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gandul.ro/wp-content/plugins/quantcast-choice/public/js/script.min.js?ver=2.0.4

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fe40216e07f1870b98db5d50b9301fbdb2974ebf6760d03a43dd1ab106ade4f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gandul.ro/stiri/un-adolescent-de-17-ani-inecat-therme-ce-spun-reprezentatii-complexului-19749318?utm_source=ZF+Articol&utm_medium=website&utm_campaign=fidmee
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 13 Feb 2022 14:35:23 GMT
content-encoding: br
etag: W/"5ffc4a3a-14cb"
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-ws: gandul-118
age: 1650455
x-ttfb: 1
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-ba-0: default
last-modified: Mon, 11 Jan 2021 12:53:14 GMT
server: cloudflare
x-cache-0: H
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T6MSO1QmBVINrBLd3EUBhAhKjEcHPLXmM%2FlKeLphT70Axts6WYaze7vWOE3YmUOiL3gAooCRUq%2B%2FpHUpslQZ24ycK1%2BsV4CAm4WvUuv9SUiv8DJvxFGjRSqNqZhIzkXjaMV8CXrLcFHnBDyh"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
vary: Accept-Encoding
cache-control: public, max-age=15768000, s-maxage=15768000
cf-ray: 6dcec86decd29235-FRA

GET
H2 200 prebid4.40.0.js Show response
www.gandul.ro/wp-content/plugins/strawberry-ads-manager/js/ 189 KB
59 KB 58ms
56ms Script
application/javascript 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gandul.ro/wp-content/plugins/strawberry-ads-manager/js/prebid4.40.0.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

540f1860bba67de8970966fc9f72c31d07910ea9428a8e0801f7fed98b48a807

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gandul.ro/stiri/un-adolescent-de-17-ani-inecat-therme-ce-spun-reprezentatii-complexului-19749318?utm_source=ZF+Articol&utm_medium=website&utm_campaign=fidmee
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 13 Feb 2022 14:35:23 GMT
content-encoding: br
etag: W/"60b0b41b-2f453"
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-ws: gandul-118
age: 1650466
x-ttfb: 1
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-ba-0: default
last-modified: Fri, 28 May 2021 09:12:59 GMT
server: cloudflare
x-cache-0: H
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=phKGUtArY1Iur7Vquyc4txdTTCsdbh1rdEnvgs9feHXeO6gGbT2uJxPjSyHwmj9H9QQUGfIugAH1Z2g1R6VFL53pgtMJMLH1ZkD2CgqeiLirqACA%2FCfDkNaU8F%2FsfoF5Ud8hMrBcYrylnfe6"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
vary: Accept-Encoding
cache-control: public, max-age=15768000, s-maxage=15768000
cf-ray: 6dcec86decd89235-FRA

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 80 KB
27 KB 56ms
18ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4ae689a5b37c61962b7f8702568778b5fe5afa464b5d7e21646cd6e75cdd0153

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gandul.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 13 Feb 2022 14:35:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27131
x-xss-protection: 0
server: sffe
etag: "1130 / 326 of 1000 / last-modified: 1644620882"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sun, 13 Feb 2022 14:35:23 GMT

GET
H/1.1 200
OK sati_init.js Show response
code3.adtlgc.com/js/ 48 KB
12 KB 118ms
27ms Script
application/javascript 104.111.245.50
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://code3.adtlgc.com/js/sati_init.js
Requested by: Host: www.gandul.ro
URL: https://www.gandul.ro/stiri/un-adolescent-de-17-ani-inecat-therme-ce-spun-reprezentatii-complexului-19749318?utm_source=ZF+Articol&utm_medium=website&utm_campaign=fidmee
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.245.50 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-245-50.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 33d9e41593440dc2a4d14d2b6bb46f408514d73412c7a3835e789a6c44b44ab3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gandul.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Sun, 13 Feb 2022 14:35:23 GMT
Content-Encoding: gzip
Last-Modified: Thu, 23 Sep 2021 16:40:41 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA56-P3
ETag: W/"67184b081833e14163cd48db728deb4d"
Vary: Accept-Encoding
X-Edge-Origin-Shield-Skipped: 0
Content-Type: application/javascript
Cache-Control: max-age=68091
Connection: keep-alive
Content-Length: 12109
X-Amz-Cf-Id: sHm2qJf4ILR_8sP4UlIYgk_iKTAmA5WNXQglQb2Pzt9uWh-4kRc1_w==
Expires: Mon, 14 Feb 2022 09:30:14 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 90 KB
36 KB 42ms
17ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-1572980-1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f68a7ed4f1ebd0f96f62aebbf1f8facd71f9620c9accb1447d4bad4c664157dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gandul.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 13 Feb 2022 14:35:23 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36093
x-xss-protection: 0
last-modified: Sun, 13 Feb 2022 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 13 Feb 2022 14:35:23 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 153 KB
53 KB 84ms
59ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f1527496e0b2d7ebacd8f57223c2b733c3f8f3bd7248274dbdbddea1e47b5fd3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gandul.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 13 Feb 2022 14:35:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53865
x-xss-protection: 0
server: cafe
etag: 2080335765910511570
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 13 Feb 2022 14:35:23 GMT

GET
H2 200 97742870_1199456360400843_4737544756521861120_n.jpg
media.gandul.ro/unsafe/820x461/smart/filters:contrast(5):format(webp):quality(80)/http://gandul.ro/wp-content/uploads/2022/02/ 139 KB
140 KB 49ms
37ms Image
image/webp 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gandul.ro/unsafe/820x461/smart/filters:contrast(5):format(webp):quality(80)/http://gandul.ro/wp-content/uploads/2022/02/97742870_1199456360400843_4737544756521861120_n.jpg
Requested by: Host: www.gandul.ro
URL: https://www.gandul.ro/stiri/un-adolescent-de-17-ani-inecat-therme-ce-spun-reprezentatii-complexului-19749318?utm_source=ZF+Articol&utm_medium=website&utm_campaign=fidmee
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 35cc9007f7a9d3ee9b23ce45eb2d8e3b5b839fe6479c93670e92c3a68e9098f9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gandul.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 13 Feb 2022 14:35:23 GMT
etag: "309aed81b9168512e15f2fdfac5da986c70b8e0d"
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-ws: 25
age: 68867
x-content-class: static
x-ttfb: 1
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 142796
server: cloudflare
x-cache-0: M
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PWADIIo5uJBZW%2FzUtVTpw8pyT77i%2BdxC5vqC1Ae6%2FAkBVy4mo2esHphzJmfx4%2F%2B2V3EzEL8Cfha7OX0mJDY9I7ypau8SloXlohp2Bp8RdIGaTUtIpcQT3Rz9FNMn5AN%2BdBxUB1fCr2HtJm3OtuQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
x-debug-0: He
cache-control: public, max-age=15780000, s-maxage=15780000
x-ba-0: thumbor
accept-ranges: bytes
cf-ray: 6dcec86dfcfe9235-FRA
x-storage: MA

GET
H2 200 wp-embed.min.js Show response
www.gandul.ro/wp-includes/js/ 1 KB
1 KB 23ms
23ms Script
application/javascript 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gandul.ro/wp-includes/js/wp-embed.min.js?ver=5.8.3

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gandul.ro/stiri/un-adolescent-de-17-ani-inecat-therme-ce-spun-reprezentatii-complexului-19749318?utm_source=ZF+Articol&utm_medium=website&utm_campaign=fidmee
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 13 Feb 2022 14:35:23 GMT
content-encoding: br
etag: W/"60472028-592"
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-ws: gandul-118
age: 1650455
x-ttfb: 1
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-ba-0: default
last-modified: Tue, 09 Mar 2021 07:13:44 GMT
server: cloudflare
x-cache-0: H
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GyupUGIlz%2Bq37xPK4EhspgaoVVWzXOZujr8l9yUTKvmkiV0Td2RIiCnMqD5X6ZMXfijx6APD8PjmSidX5ebQ92iifWFzNQ%2FIZHgfCGLr4Mo1jjbkENBEsSg50yJTxhgasLS%2Fl2I9GXFt7ZFg"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
vary: Accept-Encoding
cache-control: public, max-age=15768000, s-maxage=15768000
cf-ray: 6dcec86ddcb39235-FRA

GET
H/1.1 200
OK cx.js Show response
scdn.cxense.com/ 64 KB
22 KB 75ms
17ms Script
application/x-javascript 2a02:26f0:6c00:2a7::268b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://scdn.cxense.com/cx.js
Requested by: Host: www.gandul.ro
URL: https://www.gandul.ro/stiri/un-adolescent-de-17-ani-inecat-therme-ce-spun-reprezentatii-complexului-19749318?utm_source=ZF+Articol&utm_medium=website&utm_campaign=fidmee
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:2a7::268b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 36aa85b5d97f76a381de07cdcc8f2bdecf7462384f8207f8a54d6aae1a40e4f6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gandul.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Sun, 13 Feb 2022 14:35:23 GMT
Content-Encoding: gzip
Last-Modified: Thu, 03 Feb 2022 13:47:07 GMT
Server: AkamaiNetStorage
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 21887
Expires: Sun, 13 Feb 2022 15:35:23 GMT

GET
H2 200 h.js Show response
cdn.unblockia.com/ 131 KB
25 KB 143ms
53ms Script
application/x-javascript 2606:4700:20::681a:686
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.unblockia.com/h.js
Requested by: Host: www.gandul.ro
URL: https://www.gandul.ro/stiri/un-adolescent-de-17-ani-inecat-therme-ce-spun-reprezentatii-complexului-19749318?utm_source=ZF+Articol&utm_medium=website&utm_campaign=fidmee
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:686 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7b57a7fd60cc98fc7d1a5ab5fef9e2a5271d94713a43b02cb44b911cfe647473

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gandul.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 13 Feb 2022 14:35:23 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5142
x-amz-request-id: 22RADN3XKAVJ36KH
x-amz-id-2: IL5Ntl5re1UJoPARIqzcBnybcAi6kVo7FGJQWnrojrcpcUj9TSlVPIRcM+DBC4vrw3GEGbFdKsM=
last-modified: Wed, 09 Feb 2022 19:08:10 GMT
server: cloudflare
etag: W/"a0c7e33966a5f7ad3bc448dcfda51957"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dxe44vV2%2Bn8L3tCn3WhYYpzw5SFk82%2Bmhbmq9LzS2v%2BO%2FeyBahI6QY%2Bc%2FuyNM3YzJXsVEX9sLZBJjsuGCUvwD6BOMXQItbevYrjWEnPoVR9nMMWhqpoDUgI7PTB6Dsyb0QQ34XLAZ8YIrUTf5KpB"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
x-amz-version-id: 5dsbmyhMAJFu6dk9cMPVEFfOJNzB3SCj
cf-ray: 6dcec86e7a2e59d1-MXP

GET
H2 200 up.js Show response
live.demand.supply/ 9 KB
4 KB 369ms
277ms Script
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/up.js
Requested by: Host: www.gandul.ro
URL: https://www.gandul.ro/stiri/un-adolescent-de-17-ani-inecat-therme-ce-spun-reprezentatii-complexului-19749318?utm_source=ZF+Articol&utm_medium=website&utm_campaign=fidmee
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 27f8499315b051dacd4d7e6473ca1ca28dd60917570d8d48cb3fabb221c9c82e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gandul.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-nf-request-id: 01FQTEVBM9CBM6XQ6MY4FJCBS4
date: Sun, 13 Feb 2022 14:35:23 GMT
content-encoding: br
cf-cache-status: HIT
age: 290
cf-polished: origSize=9084
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
timing-allow-origin: *
cf-bgj: minify
server: cloudflare
etag: W/"b1e58731788823bdf6e0bbec4e10cf9e-ssl-df"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=1200,must-revalidate,stale-while-revalidate=3600
cf-ray: 6dcec86e8d2b5a07-MXP
link: <https://live.demand.supply/impl.v14.0.0.js>; rel=preload; as=script,<https://live.demand.supply/p4/v14-0-0/d3d3LmdhbmR1bC5yby8=>; rel=preload; as=script

GET
H/1.1 200
OK 13087 Show response
neuronales.xyz/easylist/ 312 B
532 B 210ms
82ms Script
application/javascript 192.102.6.94
HVDS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://neuronales.xyz/easylist/13087
Requested by: Host: www.gandul.ro
URL: https://www.gandul.ro/stiri/un-adolescent-de-17-ani-inecat-therme-ce-spun-reprezentatii-complexului-19749318?utm_source=ZF+Articol&utm_medium=website&utm_campaign=fidmee
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.102.6.94 Kyiv, Ukraine, ASN57682 (HVDS-AS, UA),
Reverse DNS: s3.zevshost.net
Software: nginx/1.14.1 / PHP/7.3.4
Resource Hash: a66cbaa6396f8b7923fffa0939d3ed8502aa3563963bab760f2e029c9a4602bd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gandul.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Sun, 13 Feb 2022 14:35:23 GMT
Server: nginx/1.14.1
Connection: keep-alive
X-Powered-By: PHP/7.3.4
Transfer-Encoding: chunked
Content-Type: application/javascript; charset=UTF-8

GET
H/1.1 200
OK 190540-122528310662128.js Show response
js-sec.indexww.com/ht/p/ 112 KB
34 KB 116ms
37ms Script
text/javascript 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/ht/p/190540-122528310662128.js
Requested by: Host: www.gandul.ro
URL: https://www.gandul.ro/stiri/un-adolescent-de-17-ani-inecat-therme-ce-spun-reprezentatii-complexului-19749318?utm_source=ZF+Articol&utm_medium=website&utm_campaign=fidmee
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 53380e9fd4b0c2d1d97ffdd41e929db5edecde579918fdb518f6e994191581d2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gandul.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Sun, 13 Feb 2022 14:35:23 GMT
Content-Encoding: gzip
Last-Modified: Sun, 13 Feb 2022 13:36:19 GMT
Server: Apache
ETag: "76477a-1c0d4-5d7e662932d51"
Vary: Accept-Encoding
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=198
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: text/javascript
Content-Length: 34085
Expires: Sun, 13 Feb 2022 14:38:41 GMT

GET
H2 200 gandul.ro.js Show response
agorahtag.tech/c/ 2 KB
2 KB 96ms
59ms Script
application/javascript 2606:4700:3032::6815:4ae4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://agorahtag.tech/c/gandul.ro.js
Requested by: Host: www.gandul.ro
URL: https://www.gandul.ro/stiri/un-adolescent-de-17-ani-inecat-therme-ce-spun-reprezentatii-complexului-19749318?utm_source=ZF+Articol&utm_medium=website&utm_campaign=fidmee
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:4ae4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bf8c2b102a4fa637d407576e5820b598caa216067a35c53d9331a338937f76dd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gandul.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 13 Feb 2022 14:35:23 GMT
content-encoding: gzip
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4822
cf-ray: 6dcec86e6f315c62-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1149
x-amz-id-2: g9kFT26HUydkWYoM8Yt8ZY5+mGqvjtBJqxVJJf2VVlICKp3wq9xgvLXRWSL5qwNED6Df5xuyxO8=
last-modified: Wed, 01 Sep 2021 09:13:52 GMT
server: cloudflare
etag: "c3f5611a7d3f1265d6df39b943170139"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1INoaLzyfoFoJkk8u4NYY8Nduh2HpRSluePm34a80x6zgjA8TTGP5FxnFS37cQNiRIow%2BhhzbphArz%2FwI0wYs4PkZMmPfUFhRC88zEe2mI%2FwNiCfc8gwkbAMaNb3cntCj5USRmSALawJ860%2BdQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-amz-request-id: 669G60W52W25HPVV
cache-control: max-age=14400
accept-ranges: bytes
content-type: application/javascript

GET
H2 200 OneSignalSDK.js Show response
cdn.onesignal.com/sdks/ 9 KB
3 KB 108ms
72ms Script
application/javascript 2606:4700::6812:e234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js
Requested by: Host: www.gandul.ro
URL: https://www.gandul.ro/stiri/un-adolescent-de-17-ani-inecat-therme-ce-spun-reprezentatii-complexului-19749318?utm_source=ZF+Articol&utm_medium=website&utm_campaign=fidmee
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5df9eee36a61ef8f89d39c04ff402ded30aa9c627b6ef2134f55fa0e8b537153

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gandul.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 13 Feb 2022 14:35:23 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 1149
etag: W/"a393ad4e03deeab316f7121a80708ce6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 6dcec86e79d490d6-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Wed, 16 Feb 2022 14:35:23 GMT

GET
H2 200 track.js Show response
views.cancan.ro/ 2 KB
1 KB 87ms
18ms Script
application/javascript 2606:4700:20::681a:6c9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://views.cancan.ro/track.js?v=1.3.2
Requested by: Host: www.gandul.ro
URL: https://www.gandul.ro/stiri/un-adolescent-de-17-ani-inecat-therme-ce-spun-reprezentatii-complexului-19749318?utm_source=ZF+Articol&utm_medium=website&utm_campaign=fidmee
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:6c9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 95e8437579d865f9c28eb09d2b7822018e0bbb71a94e7c67ed91913e78c62432

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gandul.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 13 Feb 2022 14:35:23 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 29 Dec 2019 12:09:33 GMT
server: cloudflare
age: 1667196
etag: W/"5e08977d-7d7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HOt5aYmw8CNnR74E9TOkJa5ntPvIN9%2FfIOYL3RqtRAK45kCQY90AYlJcjNIPvkDEJWJhGjZ6mkXvzv4e4DZwPrPmQ6lXLL34LUnD86fSZj3k7XWFH81ECe8d9bCphREDfWEf5qq4axYM7KhktA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6dcec86ebf496946-FRA

GET
H2 200 choice.js Show response
quantcast.mgr.consensu.org/choice/bt8V6jazXTuLs/www.gandul.ro/ 3 KB
2 KB 49ms
23ms Script
application/javascript 2600:9000:2190:5a00:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://quantcast.mgr.consensu.org/choice/bt8V6jazXTuLs/www.gandul.ro/choice.js
Requested by: Host: www.gandul.ro
URL: https://www.gandul.ro/wp-content/plugins/quantcast-choice/public/js/script.min.js?ver=2.0.4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:5a00:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d90a3e8724f5f1a18ca679af2b7992bdf64f9921da1ab75df7150a6b7baa3cce

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gandul.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Sun, 13 Feb 2022 14:35:23 GMT
content-encoding: br
last-modified: Wed, 25 Aug 2021 08:13:08 GMT
server: AmazonS3
age: 44
etag: W/"f5cef1827a8bd97be6d234c4a9f480da"
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin,Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 eb7b239aed47669f8a7b6ac95bc8aff0.cloudfront.net (CloudFront)
cache-control: max-age=900
cross-origin-resource-policy: cross-origin
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: m7kY-Yg9nOW9C4Ir5raofLULUr2OsE3PMV0lsrtZz9RAcTR4ooQjOg==

GET
H2 200 vendor-list.json Show response
test.quantcast.mgr.consensu.org/GVL-v2/ 305 KB
35 KB 41ms
14ms XHR
application/json 2600:9000:2190:ac00:3:a4cd:8380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://test.quantcast.mgr.consensu.org/GVL-v2/vendor-list.json
Requested by: Host: www.gandul.ro
URL: https://www.gandul.ro/wp-content/plugins/quantcast-choice/public/js/script.min.js?ver=2.0.4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:ac00:3:a4cd:8380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 143d7967cd93ecf7ef34da6c8f3e2781dcb21164e99aeea04d053f805e7c5495

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gandul.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 13 Feb 2022 03:00:35 GMT
content-encoding: br
age: 41689
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
access-control-max-age: 86400
access-control-allow-origin: *
last-modified: Sun, 13 Feb 2022 03:00:31 GMT
server: AmazonS3
etag: W/"3d06aeae11d7f30eade79c29f8ee62b5"
vary: Accept-Encoding
access-control-allow-methods: GET
x-amz-version-id: qKKY1fX_D3R4e1rckwD2Qn3ZpMiCnQ0v
via: 1.1 af287426c130b47dba79bf825f91ebba.cloudfront.net (CloudFront)
cache-control: max-age=172800
x-amz-cf-pop: ZRH50-C1
content-type: application/json
x-amz-cf-id: -2D8emvVm7sssk5cxI-U6upeov-ujYxi1D6DMf136sW34ZAE0f3N0Q==

GET
H2 204 noniab-vendorlist.json Show response
quantcast.mgr.consensu.org/choice/bt8V6jazXTuLs/www.gandul.ro/.well-known/ 0
383 B 50ms
22ms XHR
text/plain 2600:9000:2190:5a00:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://quantcast.mgr.consensu.org/choice/bt8V6jazXTuLs/www.gandul.ro/.well-known/noniab-vendorlist.json?timestamp=1644762923250
Requested by: Host: www.gandul.ro
URL: https://www.gandul.ro/wp-content/plugins/quantcast-choice/public/js/script.min.js?ver=2.0.4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:5a00:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gandul.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 13 Feb 2022 14:34:51 GMT
via: 1.1 a2037d86ccb1a548f20827ebd95a65f2.cloudfront.net (CloudFront)
server: AmazonS3
age: 32
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=900
access-control-allow-credentials: true
x-cache: Hit from cloudfront
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: PKS2Hm44zSq4Obu2qEqwWA_wEmtr-Rh_Uq3HvDEtcnQK3ZoN4o5vMw==

GET
H3 200 politia-shutters-scaled.jpg
media.gandul.ro/unsafe/170x96/smart/filters:contrast(5):format(webp):quality(80)/http://gandul.ro/wp-content/uploads/2022/02/ 4 KB
5 KB 185ms
184ms Image
image/webp 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gandul.ro/unsafe/170x96/smart/filters:contrast(5):format(webp):quality(80)/http://gandul.ro/wp-content/uploads/2022/02/politia-shutters-scaled.jpg
Requested by: Host: www.gandul.ro
URL: https://www.gandul.ro/stiri/un-adolescent-de-17-ani-inecat-therme-ce-spun-reprezentatii-complexului-19749318?utm_source=ZF+Articol&utm_medium=website&utm_campaign=fidmee
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0c2cbf8e701ee017fa7a3fb4f202d4542572ea8ba76ee678917635049e61aaa9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gandul.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 13 Feb 2022 14:35:23 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-ws: 24
x-ttfb: 1
x-content-class: static
x-cache-0: H
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4048
server: cloudflare
etag: "8036432500b5dcef56b2e7b4186f8c19e70d2577"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ew%2BsDSHMTwGl1%2B6ldns4y9GV7uLWgK%2FfLP0cOOS0GGXZ2jufC75onzcrL2yY9F7kTL9BdvkPg8sPnlr4B1seL6Pej8RokxeCMkDAL1fKtTui2flaMru%2F7ZCf%2BOo9ePLJKirgDQnER%2BUB4HwIpqA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
x-debug-0: He
cache-control: public, max-age=15780000, s-maxage=15780000
x-ba-0: thumbor
accept-ranges: bytes
cf-ray: 6dcec86e6e155a01-MXP
x-storage: MA

GET
H3 200 sts.jpg
media.gandul.ro/unsafe/170x96/smart/filters:contrast(5):format(webp):quality(80)/http://gandul.ro/wp-content/uploads/2022/02/ 2 KB
3 KB 79ms
78ms Image
image/webp 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gandul.ro/unsafe/170x96/smart/filters:contrast(5):format(webp):quality(80)/http://gandul.ro/wp-content/uploads/2022/02/sts.jpg
Requested by: Host: www.gandul.ro
URL: https://www.gandul.ro/stiri/un-adolescent-de-17-ani-inecat-therme-ce-spun-reprezentatii-complexului-19749318?utm_source=ZF+Articol&utm_medium=website&utm_campaign=fidmee
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 63a1b7ff248936433183a9b63a967a15398521f5b700ea34e5d2bae48bf2d57d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gandul.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 13 Feb 2022 14:35:23 GMT
etag: "b0d5d0d34158d8937f8b241e7381f541eac7ad4d"
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-ws: 24
age: 888
x-content-class: static
x-ttfb: 1
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2122
server: cloudflare
x-cache-0: H
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zQMLRded0G65gNPv5YfRxeVFeqMCHiJ%2FqkuJIyJAD04CdW4tCGifl3lzgwzALQSMEMAojGl975YL15GulGsR2OEiYBlrU0XbTQ%2B2XneqSPYYEGDG2ybk%2BE6oR2JMBlhE2SV55d%2BD0nxuRQuW3%2Fk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
x-debug-0: He
cache-control: public, max-age=15780000, s-maxage=15780000
x-ba-0: thumbor
accept-ranges: bytes
cf-ray: 6dcec86e6e175a01-MXP
x-storage: MA

GET
H3 200 Masina-IML-Botosani.jpg
media.gandul.ro/unsafe/170x96/smart/filters:contrast(5):format(webp):quality(80)/http://gandul.ro/wp-content/uploads/2022/01/ 4 KB
4 KB 79ms
78ms Image
image/webp 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gandul.ro/unsafe/170x96/smart/filters:contrast(5):format(webp):quality(80)/http://gandul.ro/wp-content/uploads/2022/01/Masina-IML-Botosani.jpg
Requested by: Host: www.gandul.ro
URL: https://www.gandul.ro/stiri/un-adolescent-de-17-ani-inecat-therme-ce-spun-reprezentatii-complexului-19749318?utm_source=ZF+Articol&utm_medium=website&utm_campaign=fidmee
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6a9fa133099e73e0fe032248c4458feb037e6d6c47d4ee16ced253b4194abb13

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gandul.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 13 Feb 2022 14:35:23 GMT
etag: "52b26c0ab4f544e887ccbe724b48fc3eb0788074"
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-ws: 24
age: 3191
x-content-class: static
x-ttfb: 1
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3584
server: cloudflare
x-cache-0: H
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4hJA6949myY8CaJB5l65VRzfmOxAWQ6V%2Bvigk3MMZ9qbiPeJ5NVvGgrDKa3sTi7TdhI8ANf76DzX1AXCyjCH%2BW3U9TJQOTJSJnlJ3%2BqyANeJMCR8imK5znkg%2Bi5qirUgbpzPmEaGGWReCwDuURI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
x-debug-0: He
cache-control: public, max-age=15780000, s-maxage=15780000
x-ba-0: thumbor
accept-ranges: bytes
cf-ray: 6dcec86e6e185a01-MXP
x-storage: MA

GET
H3

200

27354ea0750854d7d13558d543b27d31-t.jpg
www.gandul.ro/wp-content/uploads/feeds/2022/02/1600171340/
Redirect Chain

https://www.gandul.info/wp-content/uploads/feeds/2022/02/1600171340/27354ea0750854d7d13558d543b27d31-t.jpg
https://www.gandul.ro/wp-content/uploads/feeds/2022/02/1600171340/27354ea0750854d7d13558d543b27d31-t.jpg

13 KB
13 KB

143ms
142ms

Image
image/jpeg

2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gandul.ro/wp-content/uploads/feeds/2022/02/1600171340/27354ea0750854d7d13558d543b27d31-t.jpg

Requested by

Protocol

Server

2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ac18203e9b752c937d96d9dcad8147a3c832b8d678679e61dc27426d719b70e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gandul.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 13 Feb 2022 14:35:23 GMT
etag: "6203bd52-334e"
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-ws: gandul-118
age: 350073
x-ttfb: 1
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 13134
last-modified: Wed, 09 Feb 2022 13:10:42 GMT
server: cloudflare
x-cache-0: H
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eoDSWv4U8dBNh4Ro6embhqDxyFUuXBgtUuSKiFHi0tiQFAZtsq7eFW9LmJZ3IGD2wTdfyeHzaI9dDYiXnIFAnGwyGJxsdb%2BfjW3Cp0DpTMztsqpNNC%2BgkFcNMbsmSOQi42z0aUU9u8j4z%2Fsg"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=15768000, s-maxage=15768000
x-ba-0: default_last_resort1
accept-ranges: bytes
cf-ray: 6dcec86f1fe15a01-MXP

Redirect headers

date: Sun, 13 Feb 2022 14:35:23 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1027
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h%2FHBx53uFt%2BEnzGYalcW%2F6AxuOeCrzoVh8oDEZmMhqhO2U5IT1LJEsvpTQX9w2QWNgmXTUBJfwZtBxztmnerP%2BA9qYWXKhFe%2F9VbcE1dkFykP5t7ymRi%2F4GZ48%2BYhofqU5VAyktMLXNCQqzwASY%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
location: https://www.gandul.ro/wp-content/uploads/feeds/2022/02/1600171340/27354ea0750854d7d13558d543b27d31-t.jpg
cache-control: max-age=14400
x-ttfb: 1
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 6dcec86ee8ab913d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3

200

35fd9338e1c876b71cf1c4fc4941bb9b-t.jpg
www.gandul.ro/wp-content/uploads/feeds/2022/02/1574327681/
Redirect Chain

https://www.gandul.info/wp-content/uploads/feeds/2022/02/1574327681/35fd9338e1c876b71cf1c4fc4941bb9b-t.jpg
https://www.gandul.ro/wp-content/uploads/feeds/2022/02/1574327681/35fd9338e1c876b71cf1c4fc4941bb9b-t.jpg

20 KB
21 KB

205ms
203ms

Image
image/jpeg

2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gandul.ro/wp-content/uploads/feeds/2022/02/1574327681/35fd9338e1c876b71cf1c4fc4941bb9b-t.jpg

Requested by

Protocol

Server

2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a34949785dbf5ed9d3104700d0cdd7ccb60ddc8723d619dded4dad0fc1694566

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gandul.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 13 Feb 2022 14:35:23 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-ws: gandul-118
x-ttfb: 1
x-cache-0: H
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 20778
last-modified: Sun, 13 Feb 2022 14:25:09 GMT
server: cloudflare
etag: "620914c5-512a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sLbw87ex2PGEosoGaCp656wPkF0SKrhIvo1N5nwQHJtEdQSzWfL7yIi%2B0bxfaW3XROZweZpTflT7h5wE%2F5ormpGUYFN%2FR5wl8OJlLwjvwa31R1SmpLPWKV5O%2FPYz3FnFj%2F5HXW13zK97Zode"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=15768000, s-maxage=15768000
x-ba-0: default_last_resort1
accept-ranges: bytes
cf-ray: 6dcec86f1ff25a01-MXP

Redirect headers

date: Sun, 13 Feb 2022 14:35:23 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 461
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LFolaanLD9xxr5UGJPsXDdDpRWZIxt4PtPpjF%2BP5IEqjR3V7qlh8%2B4bJg1zfG3%2BJkzeQY0sjDlJ2oV4M75jwWE566XVlMWmu%2FcqqMkp%2B%2FuJCUUzkV2%2FqhqivfcPm0sizpliBisoS3Cs85l7OrjU%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
location: https://www.gandul.ro/wp-content/uploads/feeds/2022/02/1574327681/35fd9338e1c876b71cf1c4fc4941bb9b-t.jpg
cache-control: max-age=14400
x-ttfb: 1
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 6dcec86ee8b0913d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3

200

2c0dea5c19e613401fb1d8e58eee73d7-t.jpg
www.gandul.ro/wp-content/uploads/feeds/2022/02/1592228965/
Redirect Chain

https://www.gandul.info/wp-content/uploads/feeds/2022/02/1592228965/2c0dea5c19e613401fb1d8e58eee73d7-t.jpg
https://www.gandul.ro/wp-content/uploads/feeds/2022/02/1592228965/2c0dea5c19e613401fb1d8e58eee73d7-t.jpg

24 KB
25 KB

75ms
73ms

Image
image/jpeg

2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gandul.ro/wp-content/uploads/feeds/2022/02/1592228965/2c0dea5c19e613401fb1d8e58eee73d7-t.jpg

Requested by

Protocol

Server

2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

773f7e361964893ac3e0d81021388b72fa225cdd63eeeee9a711352210ba500c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gandul.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 13 Feb 2022 14:35:23 GMT
etag: "6207b8d9-5ff7"
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-ws: gandul-118
age: 37196
x-ttfb: 1
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 24567
last-modified: Sat, 12 Feb 2022 13:40:41 GMT
server: cloudflare
x-cache-0: H
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q3j2rsea9LznKVjgQ9xOrr7XilopHoxdAxi2aTebp%2FgJn1rfGPlQ%2BTmnnjDlDmb0Ue%2BDBn%2BYx2LGykvseN5KND80%2Fbdc%2FVN5255l%2FZfgZY8%2B3ovMY8ajc8EMHmVSuVhotxU3xmVp7wXx9mMT"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=15768000, s-maxage=15768000
x-ba-0: default_last_resort1
accept-ranges: bytes
cf-ray: 6dcec86f1fde5a01-MXP

Redirect headers

date: Sun, 13 Feb 2022 14:35:23 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 856
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b4vG1IS9M%2BsdGAXZfQdy1kHAhpzKtBiLIsln3oGoFJt0gS7pS6ALfp3CYRYcGOWyfOajg9l8gCxRCGwExPkOoCOGcFK75gRH9Vr2HP1sg81k7kH2OoAK2H1%2FNFyfrnQZSwxb0NxxdfdbUokDiTk%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
location: https://www.gandul.ro/wp-content/uploads/feeds/2022/02/1592228965/2c0dea5c19e613401fb1d8e58eee73d7-t.jpg
cache-control: max-age=14400
x-ttfb: 1
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 6dcec86ee8b5913d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3

200

ba9507758b53f6e710ff9642eefa24bf-t.png
www.gandul.ro/wp-content/uploads/feeds/2022/02/1576590984/
Redirect Chain

https://www.gandul.info/wp-content/uploads/feeds/2022/02/1576590984/ba9507758b53f6e710ff9642eefa24bf-t.png
https://www.gandul.ro/wp-content/uploads/feeds/2022/02/1576590984/ba9507758b53f6e710ff9642eefa24bf-t.png

102 KB
103 KB

161ms
160ms

Image
image/png

2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gandul.ro/wp-content/uploads/feeds/2022/02/1576590984/ba9507758b53f6e710ff9642eefa24bf-t.png

Requested by

Protocol

Server

2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3035408a986ba6eefa34e2e5f3ff348f2f21053f3ce18f6ff320c8f7e0deaefb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gandul.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 13 Feb 2022 14:35:23 GMT
etag: "6206a8de-197c2"
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-ws: gandul-118
age: 98200
x-ttfb: 1
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 104386
last-modified: Fri, 11 Feb 2022 18:20:14 GMT
server: cloudflare
x-cache-0: H
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rrsxM6wcspNBApPqC8cm%2FIPuuBcTF877l3PqyDWSuXn%2FVl9ZBnvUEUfv6Ky7NDju2iDfA4MRFTJ%2F%2BiOLFUvV69ApYk6lEDdl9m2iMZRolapV22NxtreQGBaYPtNgS7Axi4wxM%2FN0B6YOgjXC"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=15768000, s-maxage=15768000
x-ba-0: default_last_resort1
accept-ranges: bytes
cf-ray: 6dcec86f18185a01-MXP

Redirect headers

date: Sun, 13 Feb 2022 14:35:23 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 860
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FCI7fBJSbCpLej8%2F5ai2PphbVkB%2FMozcrna5hHkrNsHP0xQNmHKuZU0eyIPFC4UppXRDkbYR02RelLVJoUFjf%2BdEHiq9TN69e7oX87MkU%2F0a5gxsFWt2allNPO9bh0CSqiKWZTTFvLGBXnVnsBs%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
location: https://www.gandul.ro/wp-content/uploads/feeds/2022/02/1576590984/ba9507758b53f6e710ff9642eefa24bf-t.png
cache-control: max-age=14400
x-ttfb: 1
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 6dcec86ee8b7913d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3

200

28ea48c9ec95a17beda807ccea15d4f7-t.jpg
www.gandul.ro/wp-content/uploads/feeds/2022/02/1576576393/
Redirect Chain

https://www.gandul.info/wp-content/uploads/feeds/2022/02/1576576393/28ea48c9ec95a17beda807ccea15d4f7-t.jpg
https://www.gandul.ro/wp-content/uploads/feeds/2022/02/1576576393/28ea48c9ec95a17beda807ccea15d4f7-t.jpg

21 KB
21 KB

108ms
106ms

Image
image/jpeg

2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gandul.ro/wp-content/uploads/feeds/2022/02/1576576393/28ea48c9ec95a17beda807ccea15d4f7-t.jpg

Requested by

Protocol

Server

2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

14e7db7ac94e5630b7c913a07a94a69cfe39044c3a4ffabba64b52d0fafcb5dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gandul.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 13 Feb 2022 14:35:23 GMT
etag: "62068121-5218"
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-ws: gandul-118
age: 167138
x-ttfb: 1
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 21016
last-modified: Fri, 11 Feb 2022 15:30:41 GMT
server: cloudflare
x-cache-0: H
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8N8vmIVRxdAVGFYlokMs2h7MQbLKMJ0PyuXqRSNU5lOTGgSuo9Spw8pzpH4dEvXx7mEWbHKNE0ay0NeY1ARV91f3LxebSavJAni8oZKk7IRaUZfMWt%2FRzYWKMER0yrJRHJuVa0HROQoa%2BzIm"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=15768000, s-maxage=15768000
x-ba-0: default_last_resort1
accept-ranges: bytes
cf-ray: 6dcec86f1fe55a01-MXP

Redirect headers

date: Sun, 13 Feb 2022 14:35:23 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 407
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dDWhdiPHT9yNXl44oSotQGhc8xR1AsPCFQZysDzakB4cJ44d3VEmDFpKBaZRxHJyEmEey4CfoaMNAk8kWui1WyQbDmuzS13JcMYD1zIre8wk%2FsnLtz%2FknBoCmdu7ojXduzTm8QY0HOlCXlix%2FtM%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
location: https://www.gandul.ro/wp-content/uploads/feeds/2022/02/1576576393/28ea48c9ec95a17beda807ccea15d4f7-t.jpg
cache-control: max-age=14400
x-ttfb: 1
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 6dcec86ee8b4913d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3

200

e82e4132f5a48e0f333c888779f327e9-t.jpg
www.gandul.ro/wp-content/uploads/feeds/2022/02/1576590673/
Redirect Chain

https://www.gandul.info/wp-content/uploads/feeds/2022/02/1576590673/e82e4132f5a48e0f333c888779f327e9-t.jpg
https://www.gandul.ro/wp-content/uploads/feeds/2022/02/1576590673/e82e4132f5a48e0f333c888779f327e9-t.jpg

26 KB
26 KB

72ms
70ms

Image
image/jpeg

2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gandul.ro/wp-content/uploads/feeds/2022/02/1576590673/e82e4132f5a48e0f333c888779f327e9-t.jpg

Requested by

Protocol

Server

2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

46a2dfbca7c60d870f73158ee8a66651d83595bccbe486861df2d66890794ea9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gandul.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 13 Feb 2022 14:35:23 GMT
etag: "6207b673-66dc"
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-ws: gandul-118
age: 90044
x-ttfb: 1
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 26332
last-modified: Sat, 12 Feb 2022 13:30:27 GMT
server: cloudflare
x-cache-0: H
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EZDtBQWlWmboYCEIK7xEwDAP9xhcLgz%2BM0MCuols1utie1gFg3l9Y9rGb4Lfmgw2T5xvhjSsTJbUcbCBZ%2F6xBv6o55I0q1lrT%2BnagiDLP6gEfiZkEhStE6fyI6%2BJCBXdpPVYjgOD9FIHh7NO"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=15768000, s-maxage=15768000
x-ba-0: default_last_resort1
accept-ranges: bytes
cf-ray: 6dcec86f1fa05a01-MXP

Redirect headers

date: Sun, 13 Feb 2022 14:35:23 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1107
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=96zaYgIjPeCkBrw0U78rXVRi1ujmE5tmFZSTLD3K4hYjErGGzEDRT5Z1wkbE7EL6NXN9AT6HOkru%2FbHEi2IElKUOxJZ2tVtEoVi3yYiSJCr6is9XO7TwHQtcrVzBRH%2FTOuyiWtqIc%2BWv1oos5fk%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
location: https://www.gandul.ro/wp-content/uploads/feeds/2022/02/1576590673/e82e4132f5a48e0f333c888779f327e9-t.jpg
cache-control: max-age=14400
x-ttfb: 1
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 6dcec86ee8ba913d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3

200

c919a89da668e758ed189c535c4f12d9-t.jpg
www.gandul.ro/wp-content/uploads/feeds/2022/02/1576590920/
Redirect Chain

https://www.gandul.info/wp-content/uploads/feeds/2022/02/1576590920/c919a89da668e758ed189c535c4f12d9-t.jpg
https://www.gandul.ro/wp-content/uploads/feeds/2022/02/1576590920/c919a89da668e758ed189c535c4f12d9-t.jpg

18 KB
19 KB

106ms
104ms

Image
image/jpeg

2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gandul.ro/wp-content/uploads/feeds/2022/02/1576590920/c919a89da668e758ed189c535c4f12d9-t.jpg

Requested by

Protocol

Server

2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ea0577a936e0bb42aff1aa27b654a59413e276e9aee66729d89e5a57534c7bf8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gandul.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 13 Feb 2022 14:35:23 GMT
etag: "6208ba9f-498b"
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-ws: gandul-118
age: 22333
x-ttfb: 1
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 18827
last-modified: Sun, 13 Feb 2022 08:00:31 GMT
server: cloudflare
x-cache-0: H
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S9AbrIgZjlwf4%2BTYlbcOrtF9Z5IYa1y%2FAPdYKLgBJzzP1yPqWH0xoIjtiSVLytUIxICDtiOLBVD9fHe7%2B2ThF5BI4WjoxAurx9VdANzSgxFK%2FCecRGfdIkeiG4zJxjm2QAIz30QnJ%2BovCOu2"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=15768000, s-maxage=15768000
x-ba-0: default_last_resort1
accept-ranges: bytes
cf-ray: 6dcec86f1fe65a01-MXP

Redirect headers

date: Sun, 13 Feb 2022 14:35:23 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 532
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zgs%2Fo5qJLZPTeOxUMryRlYwEF8e3i8IV5a5Ngr%2FAKzhNzLkrYknWjGBMaEiW2MxrtZxa7gAxieH6hwS65KkFlOcNvMdZxCIReXTXgZxT%2FhUNCaJMqvQJY1QOXBIoDsYhPt9jBeey9GJf70uOOpM%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
location: https://www.gandul.ro/wp-content/uploads/feeds/2022/02/1576590920/c919a89da668e758ed189c535c4f12d9-t.jpg
cache-control: max-age=14400
x-ttfb: 1
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 6dcec86ee8cb913d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3

200

7bc024b0d57e826cc8ae0bf32aa20bb7-t.jpg
www.gandul.ro/wp-content/uploads/feeds/2021/04/1608198304/
Redirect Chain

https://www.gandul.info/wp-content/uploads/feeds/2021/04/1608198304/7bc024b0d57e826cc8ae0bf32aa20bb7-t.jpg
https://www.gandul.ro/wp-content/uploads/feeds/2021/04/1608198304/7bc024b0d57e826cc8ae0bf32aa20bb7-t.jpg

26 KB
27 KB

118ms
117ms

Image
image/jpeg

2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gandul.ro/wp-content/uploads/feeds/2021/04/1608198304/7bc024b0d57e826cc8ae0bf32aa20bb7-t.jpg

Requested by

Protocol

Server

2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

107f38816f8b522965b199e921da335a55438d9ab733eac1eb54e8af255ccda1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gandul.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 13 Feb 2022 14:35:23 GMT
etag: "62024c8a-69ad"
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-ws: gandul-118
age: 444846
x-ttfb: 1
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 27053
last-modified: Tue, 08 Feb 2022 10:57:14 GMT
server: cloudflare
x-cache-0: H
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3tv3tE6uE94aNJwYMWDqUqzGFUfxsrHTATUbyHP%2FBzPcx19zrp%2BSJp8HveohITtF8g3491U6b8CW8kUyAxQgDUXFgu2ePAXPLOOsSOW4bjVTy0HrizvNNZBgEFwOS0Bi93WUtF14K41BHFZE"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=15768000, s-maxage=15768000
x-ba-0: default_last_resort1
accept-ranges: bytes
cf-ray: 6dcec86f1fe25a01-MXP

Redirect headers

date: Sun, 13 Feb 2022 14:35:23 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 406
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J2RgLszYBJ4FlJCOq3Za7DX1jEWjJNACkK2FpDhOEcG72wjt0tFjlaZ%2Fr6MkBtPgu1YchPbKzR52wENnyvnSWOgbMHpSW5BpY5oufPEaS7JoNq5b%2F9ouEue5ZRZdjshZYFWJ8FREBHeyafzAcW4%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
location: https://www.gandul.ro/wp-content/uploads/feeds/2021/04/1608198304/7bc024b0d57e826cc8ae0bf32aa20bb7-t.jpg
cache-control: max-age=14400
x-ttfb: 1
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 6dcec86ee8cc913d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3

200

f815359640b16a14a0438de92a47ddad-t.jpg
www.gandul.ro/wp-content/uploads/feeds/1970/01/1600778955/
Redirect Chain

https://www.gandul.info/wp-content/uploads/feeds/1970/01/1600778955/f815359640b16a14a0438de92a47ddad-t.jpg
https://www.gandul.ro/wp-content/uploads/feeds/1970/01/1600778955/f815359640b16a14a0438de92a47ddad-t.jpg

21 KB
22 KB

149ms
147ms

Image
image/jpeg

2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gandul.ro/wp-content/uploads/feeds/1970/01/1600778955/f815359640b16a14a0438de92a47ddad-t.jpg

Requested by

Protocol

Server

2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b24604bde2da70cf05fc0ecfd9b18f74e266adfda6b5c7aa4aad76507e00742e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gandul.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 13 Feb 2022 14:35:23 GMT
etag: "62040cdd-55f4"
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-ws: gandul-118
age: 329709
x-ttfb: 1
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 22004
last-modified: Wed, 09 Feb 2022 18:50:05 GMT
server: cloudflare
x-cache-0: M
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zTEHtA68MKVQt6rzFBvqC9WFwQM6YQSdNAWe7qikOFYI7pmapOlEFGbn53AbLecc%2FoHiFWrn1asreh63UYxE%2BHTKPDpt%2F%2FNpE3vrNCxsBiKBtTLFbT4GZtmPfMoxP602Uz7M0F5DexiyvWUs"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=15768000, s-maxage=15768000
x-ba-0: default_last_resort1
accept-ranges: bytes
cf-ray: 6dcec86f1ff45a01-MXP

Redirect headers

date: Sun, 13 Feb 2022 14:35:23 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 182
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ReoItBseLZ%2FldIAlTPfDzrH6%2BRuZNF18DXlxHh0poXwu5kEA9o4D31JSx2sJ5BwssAYBHCq2UfwbGnHKyNwrx%2B46vgaUfTexDMtj6sEI8xIGK%2BFyAVQHCtAZbsXzYr9roc%2Buz%2BvH8rU5UW4fisw%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
location: https://www.gandul.ro/wp-content/uploads/feeds/1970/01/1600778955/f815359640b16a14a0438de92a47ddad-t.jpg
cache-control: max-age=14400
x-ttfb: 1
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 6dcec86ee8d4913d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3

200

35fd9338e1c876b71cf1c4fc4941bb9b-t.jpg
www.gandul.ro/wp-content/uploads/feeds/2022/02/1576590808/
Redirect Chain

https://www.gandul.info/wp-content/uploads/feeds/2022/02/1576590808/35fd9338e1c876b71cf1c4fc4941bb9b-t.jpg
https://www.gandul.ro/wp-content/uploads/feeds/2022/02/1576590808/35fd9338e1c876b71cf1c4fc4941bb9b-t.jpg

20 KB
21 KB

147ms
146ms

Image
image/jpeg

2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gandul.ro/wp-content/uploads/feeds/2022/02/1576590808/35fd9338e1c876b71cf1c4fc4941bb9b-t.jpg

Requested by

Protocol

Server

2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a34949785dbf5ed9d3104700d0cdd7ccb60ddc8723d619dded4dad0fc1694566

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gandul.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 13 Feb 2022 14:35:23 GMT
etag: "6208e134-512a"
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-ws: gandul-118
age: 13579
x-ttfb: 1
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 20778
last-modified: Sun, 13 Feb 2022 10:45:08 GMT
server: cloudflare
x-cache-0: H
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RgEGwVVYyH2l5Rg0zNfv8j3xMX%2FNUQj6AMpSob%2FreI1JpaEfMXAy8I3vhR6rh6SqHBrAEPqaaWfTu82JV6P25OdGnNH7SSYk4kfIYaHEKuUeWsvV08%2Fr3ay8HwZ%2Fcua7LU62cIP%2FiUfHV0hq"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=15768000, s-maxage=15768000
x-ba-0: default_last_resort1
accept-ranges: bytes
cf-ray: 6dcec86f180f5a01-MXP

Redirect headers

date: Sun, 13 Feb 2022 14:35:23 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 138
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2dUMjkZRTx4hZ%2F%2FmqSVR15D8NWuFLEI7Do5J3BOWiGeyizykKuGUnJWF6RyW3%2BhV9VMnb8xY%2Fg6B%2BaX3%2FeZ3Co83uZCG2iZ55gcKoWjGRnXT5LOPi1XgpsYohZun4C8uT1f2D45ZpsZavzoh2Ms%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
location: https://www.gandul.ro/wp-content/uploads/feeds/2022/02/1576590808/35fd9338e1c876b71cf1c4fc4941bb9b-t.jpg
cache-control: max-age=14400
x-ttfb: 1
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 6dcec86ee8d8913d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3

200

221b0b7194b1f01db75e32dce7e2469c-t.jpg
www.gandul.ro/wp-content/uploads/feeds/2021/12/1576590664/
Redirect Chain

https://www.gandul.info/wp-content/uploads/feeds/2021/12/1576590664/221b0b7194b1f01db75e32dce7e2469c-t.jpg
https://www.gandul.ro/wp-content/uploads/feeds/2021/12/1576590664/221b0b7194b1f01db75e32dce7e2469c-t.jpg

20 KB
21 KB

201ms
201ms

Image
image/jpeg

2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gandul.ro/wp-content/uploads/feeds/2021/12/1576590664/221b0b7194b1f01db75e32dce7e2469c-t.jpg

Requested by

Protocol

Server

2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

12cc51d94c0a48f10301c8b3641cc4e1f3ae6c598849f360da4c931332316a51

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gandul.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 13 Feb 2022 14:35:23 GMT
etag: "61c6c3d7-50de"
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-ws: gandul-118
age: 4345974
x-ttfb: 1
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 20702
last-modified: Sat, 25 Dec 2021 07:10:15 GMT
server: cloudflare
x-cache-0: H
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pN6hINI3U7FP6BjckJjJ4ezm9U9M4XkX0FnspU5XrVqAOQlQ%2BGP9iz%2BDttZFdQTKwPOgFz7t1l8CuJjn7rtZXPQrciKwDjILnzOfrWgonye5F%2FIt%2Fr5gfOLrzftVLGoIcZL70F%2FNeqthkvqy"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=15768000, s-maxage=15768000
x-ba-0: default_last_resort1
accept-ranges: bytes
cf-ray: 6dcec86f18135a01-MXP

Redirect headers

date: Sun, 13 Feb 2022 14:35:23 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 138
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L4jHiGhu%2Bh6PUcmQB9x9LQ6y%2F05mI%2BgTXoDLicf0llZKfiNWWmpMiLbE28JHbZ7qrFCJLt77bydYE106d4mx742Ih7C72Olzl9hq0VoPUDMIWt%2FSN2oK7xrlS3zdCUt3TH%2FFAPHjiljD1R1RXEA%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
location: https://www.gandul.ro/wp-content/uploads/feeds/2021/12/1576590664/221b0b7194b1f01db75e32dce7e2469c-t.jpg
cache-control: max-age=14400
x-ttfb: 1
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 6dcec86ee8d9913d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3

200

a709635434c2cc82f3d5390574253623-t.jpg
www.gandul.ro/wp-content/uploads/feeds/2022/02/1632147107/
Redirect Chain

https://www.gandul.info/wp-content/uploads/feeds/2022/02/1632147107/a709635434c2cc82f3d5390574253623-t.jpg
https://www.gandul.ro/wp-content/uploads/feeds/2022/02/1632147107/a709635434c2cc82f3d5390574253623-t.jpg

28 KB
29 KB

104ms
103ms

Image
image/jpeg

2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gandul.ro/wp-content/uploads/feeds/2022/02/1632147107/a709635434c2cc82f3d5390574253623-t.jpg

Requested by

Protocol

Server

2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0ae60fc6a8b82af9de5daf77968dd3c708bf1385a84ccb88ec9fd1cae4edd08b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gandul.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 13 Feb 2022 14:35:23 GMT
etag: "62082e17-71e0"
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-ws: gandul-118
age: 59353
x-ttfb: 1
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 29152
last-modified: Sat, 12 Feb 2022 22:00:55 GMT
server: cloudflare
x-cache-0: H
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5AQkiRnQnG73hoeLERuawH9Hit2%2FwBxKulCjpJvs2SChbJYs%2BhBZstswcbHILBRdFg%2FbLtMcVMJWyIMFn37enQVsYqTlXTNOr1QWphBxncgvF2bi%2ByxWJYoXUIzolfzVqmWU2XWqyRzMd8oo"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=15768000, s-maxage=15768000
x-ba-0: default_last_resort1
accept-ranges: bytes
cf-ray: 6dcec86f1fec5a01-MXP

Redirect headers

date: Sun, 13 Feb 2022 14:35:23 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 423
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EqAu0kDQLWClKRvSBKPLrYmi0QNQT7KZp%2Fai0DHmUBb%2Bon%2FGY4F0dZ4eZouNP1bMXYd7z5LdAZfARKxACyEAmK8utsEo7doWu6hF08wInnj2ofDHKtodGjdiBJEYmFvt3J%2BFNPfeEEgW%2F1P7WUI%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
location: https://www.gandul.ro/wp-content/uploads/feeds/2022/02/1632147107/a709635434c2cc82f3d5390574253623-t.jpg
cache-control: max-age=14400
x-ttfb: 1
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 6dcec86ee8dc913d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 image-2022-02-7-25352345-41-george-simion-virgil-popescu.jpg
media.gandul.ro/unsafe/300x169/smart/filters:contrast(5):format(webp):quality(80)/http://gandul.ro/wp-content/uploads/2022/02/ 8 KB
8 KB 78ms
77ms Image
image/webp 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gandul.ro/unsafe/300x169/smart/filters:contrast(5):format(webp):quality(80)/http://gandul.ro/wp-content/uploads/2022/02/image-2022-02-7-25352345-41-george-simion-virgil-popescu.jpg
Requested by: Host: www.gandul.ro
URL: https://www.gandul.ro/stiri/un-adolescent-de-17-ani-inecat-therme-ce-spun-reprezentatii-complexului-19749318?utm_source=ZF+Articol&utm_medium=website&utm_campaign=fidmee
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7519019acfad65ba6e32c4add102ee02b9c781e311991a3b30e447574715065b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gandul.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 13 Feb 2022 14:35:23 GMT
etag: "f80b2fe7715793b53c8e6cf2a132dfed283b8020"
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-ws: 24
age: 1441
x-content-class: static
x-ttfb: 1
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7708
server: cloudflare
x-cache-0: M
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uuZB9tua4gRpyrpvxSJO9YW5DvjFqQAOtHZj5lbhkdUzuSY1jbrxUvH9WrQpeMZmZUQaRU%2Faw3z6hMvjoh39Y5PTX6qcwpPxW%2BSV%2B%2FBtXmoXntxhy6pDvbD49KEBvf0b0jl9zd2vMxjPXvXQUAs%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
x-debug-0: He
cache-control: public, max-age=15780000, s-maxage=15780000
x-ba-0: thumbor
accept-ranges: bytes
cf-ray: 6dcec86e6e1b5a01-MXP
x-storage: MA

GET
H3 200 mircea-geoana.jpg
media.gandul.ro/unsafe/300x169/smart/filters:contrast(5):format(webp):quality(80)/http://gandul.ro/wp-content/uploads/2022/02/ 6 KB
7 KB 109ms
108ms Image
image/webp 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gandul.ro/unsafe/300x169/smart/filters:contrast(5):format(webp):quality(80)/http://gandul.ro/wp-content/uploads/2022/02/mircea-geoana.jpg
Requested by: Host: www.gandul.ro
URL: https://www.gandul.ro/stiri/un-adolescent-de-17-ani-inecat-therme-ce-spun-reprezentatii-complexului-19749318?utm_source=ZF+Articol&utm_medium=website&utm_campaign=fidmee
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f2ee1716accd7bbb3942126b84c012d13ea0dce17bc12aa157293227f64b204a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gandul.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 13 Feb 2022 14:35:23 GMT
etag: "c0a17dbe4142cec9f6bb4094d5712faed79177b1"
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-ws: 25
age: 2723
x-content-class: static
x-ttfb: 1
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6258
server: cloudflare
x-cache-0: H
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9hU%2Bm40BbCInwNyPD%2FJmjhL68lvRb1aKubYc71UytSdeQmhcr82IDE%2BgSDxGj%2FoyTHgNkKPIVf2aXWRg56UdI8Lz5LZkA1mDU12et0wyaO%2BLt7rcB3nC5Sf3hjxyKV%2BAl80rsd%2FtnOMoXqo2rGI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
x-debug-0: He
cache-control: public, max-age=15780000, s-maxage=15780000
x-ba-0: thumbor
accept-ranges: bytes
cf-ray: 6dcec86e6e1e5a01-MXP
x-storage: MA

GET
H3 200 WhatsApp-Image-2022-02-13-at-13.17.40.jpeg
media.gandul.ro/unsafe/300x169/smart/filters:contrast(5):format(webp):quality(80)/http://gandul.ro/wp-content/uploads/2022/02/ 8 KB
8 KB 43ms
43ms Image
image/webp 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gandul.ro/unsafe/300x169/smart/filters:contrast(5):format(webp):quality(80)/http://gandul.ro/wp-content/uploads/2022/02/WhatsApp-Image-2022-02-13-at-13.17.40.jpeg
Requested by: Host: www.gandul.ro
URL: https://www.gandul.ro/stiri/un-adolescent-de-17-ani-inecat-therme-ce-spun-reprezentatii-complexului-19749318?utm_source=ZF+Articol&utm_medium=website&utm_campaign=fidmee
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1f34abd643795da3cfe0826af6dc79bad5bf9a0e4e00dca9b38946b488785d07

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gandul.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 13 Feb 2022 14:35:23 GMT
etag: "423e93cfcef5345818ad6509f91fc4cabb54626c"
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-ws: 24
age: 57
x-content-class: static
x-ttfb: 1
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7770
server: cloudflare
x-cache-0: H
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UXSes2lqh12Q4ChDQOMVn4fYocc7QpDXGzmjtSmvr3BJacsJ9x1vt5t8sPmwwwK%2Fl9Gi0Nhv7ozE%2B0TxbSGRW8ad%2BPjl9K97%2F5gEUgOX83tP6dNDeAED4AKDNidQ4GIuf1aLT%2BFm9uez9JKmELw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
x-debug-0: He
cache-control: public, max-age=15780000, s-maxage=15780000
x-ba-0: thumbor
accept-ranges: bytes
cf-ray: 6dcec86e6e225a01-MXP
x-storage: MA

GET
H3 200 Vaccinare-anti-covid-copii-FOTO-Alexandra-Pandrea.jpg
media.gandul.ro/unsafe/300x169/smart/filters:contrast(5):format(webp):quality(80)/http://gandul.ro/wp-content/uploads/2022/01/ 6 KB
7 KB 46ms
45ms Image
image/webp 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gandul.ro/unsafe/300x169/smart/filters:contrast(5):format(webp):quality(80)/http://gandul.ro/wp-content/uploads/2022/01/Vaccinare-anti-covid-copii-FOTO-Alexandra-Pandrea.jpg
Requested by: Host: www.gandul.ro
URL: https://www.gandul.ro/stiri/un-adolescent-de-17-ani-inecat-therme-ce-spun-reprezentatii-complexului-19749318?utm_source=ZF+Articol&utm_medium=website&utm_campaign=fidmee
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c3007e1f92183b9442a6a88d5a77bafe07509b588ed299ace0cb03023930e234

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gandul.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 13 Feb 2022 14:35:23 GMT
etag: "478932de2d3d4530907e7db1e1c19d72b34aa765"
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-ws: 24
age: 3286
x-content-class: static
x-ttfb: 1
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6486
server: cloudflare
x-cache-0: H
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BA4cL%2BQoXga4E9schyYdMClxmPa4kuM4b0D0C0ADeTo6lcfgZvcSyGbAIWpZ7%2FQGToCoRvApisJp6zjwEyXnbwdppE4Ny18HXjrCsBnRT8J9tF17VQowBgC6xiRZe%2BeKvyIiCb6%2FbiI0p2W3Ow4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
x-debug-0: He
cache-control: public, max-age=15780000, s-maxage=15780000
x-ba-0: thumbor
accept-ranges: bytes
cf-ray: 6dcec86e6e245a01-MXP
x-storage: MA

GET
H3 200 bataie-suporteri-uta-dinamo-2-aradon.jpg
media.gandul.ro/unsafe/300x169/smart/filters:contrast(5):format(webp):quality(80)/http://gandul.ro/wp-content/uploads/2022/02/ 10 KB
11 KB 78ms
77ms Image
image/webp 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gandul.ro/unsafe/300x169/smart/filters:contrast(5):format(webp):quality(80)/http://gandul.ro/wp-content/uploads/2022/02/bataie-suporteri-uta-dinamo-2-aradon.jpg
Requested by: Host: www.gandul.ro
URL: https://www.gandul.ro/stiri/un-adolescent-de-17-ani-inecat-therme-ce-spun-reprezentatii-complexului-19749318?utm_source=ZF+Articol&utm_medium=website&utm_campaign=fidmee
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 11384cf53ccc43781b3800b8299915ed16aa26466dee03da6f73cd13d95d353d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gandul.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 13 Feb 2022 14:35:23 GMT
etag: "74a5e9b9a62a7f21008592e191893c5eaa759409"
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-ws: 25
age: 1793
x-content-class: static
x-ttfb: 1
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 10118
server: cloudflare
x-cache-0: H
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P2JPsm8Ocw8gVzw8bVa%2BziDTDlawhvpwyH7uPJofHzD8ipBYXA%2FIIS6fULvkoAKNMp8SpKlNbNKSsl3skj%2BeyVFJTP3ZTtKXedcyZQbZ3Y5mgOYo8Bx4s8Y59fJyT20ggPcZJNz344PCd5Mbwwo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
x-debug-0: He
cache-control: public, max-age=15780000, s-maxage=15780000
x-ba-0: thumbor
accept-ranges: bytes
cf-ray: 6dcec86e6e285a01-MXP
x-storage: MA

GET
H3 200 troleibuz-linia-66-soseaua-Colentina-FOTO-ratb.stfp_.net_.jpg
media.gandul.ro/unsafe/300x169/smart/filters:contrast(5):format(webp):quality(80)/http://gandul.ro/wp-content/uploads/2022/02/ 12 KB
12 KB 109ms
108ms Image
image/webp 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gandul.ro/unsafe/300x169/smart/filters:contrast(5):format(webp):quality(80)/http://gandul.ro/wp-content/uploads/2022/02/troleibuz-linia-66-soseaua-Colentina-FOTO-ratb.stfp_.net_.jpg
Requested by: Host: www.gandul.ro
URL: https://www.gandul.ro/stiri/un-adolescent-de-17-ani-inecat-therme-ce-spun-reprezentatii-complexului-19749318?utm_source=ZF+Articol&utm_medium=website&utm_campaign=fidmee
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dd6c8371bb4b3d5dbe4bf6c65ade32e34c121a618001f949f64ca9e2307c7744

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gandul.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 13 Feb 2022 14:35:23 GMT
etag: "cf4dfa787b23127d6ce42634f299e61acdabed63"
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-ws: 25
age: 3859
x-content-class: static
x-ttfb: 1
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 12082
server: cloudflare
x-cache-0: H
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QjiVotZLIzRc9QTAfaJvrG2JipVuVMAwaOqMUQpPsCyiA8fciLZxnMHYALJWeKkfllevrOYY%2BAMpm4MewH95otsngE8xkc9zjZOTH%2BMkX3m3ge6Kz0JJcH7H0qrlPtwsrxavntEfo3S1xjDqbdA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
x-debug-0: He
cache-control: public, max-age=15780000, s-maxage=15780000
x-ba-0: thumbor
accept-ranges: bytes
cf-ray: 6dcec86e6e295a01-MXP
x-storage: MA

GET
H3 200 pubads_impl_2022020801.js Show response
securepubads.g.doubleclick.net/gpt/ 357 KB
119 KB 26ms
8ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020801.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

sffe /

Resource Hash

8f4b70778aa21c1c093c6acbad70c70b2e69d4d22e47d9405ee137db16ca050b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gandul.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 13 Feb 2022 14:32:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 196
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 122244
x-xss-protection: 0
last-modified: Tue, 08 Feb 2022 09:34:27 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 13 Feb 2023 14:32:07 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 204 B
758 B 40ms
17ms XHR
application/json 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.gandul.ro

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

298d0041946e2b4f141262fa102741fdf30ef6f1ec3bd4670466fea1734e4a93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gandul.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 13 Feb 2022 14:35:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 122
x-xss-protection: 0
expires: Sun, 13 Feb 2022 14:35:23 GMT

GET
H2 200 / Show response
adx.adform.net/adx/ 20 B
487 B 144ms
69ms XHR
application/json 37.157.6.251
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/?rp=4&bWlkPTEwNDc1NzUmdHJhbnNhY3Rpb25JZD00MmQ4NGVkZi1hZDFjLTQ4NDItOWQ4YS01OWRhNjc4MDc1YTg%3D&bWlkPTEwNDc1NzUmdHJhbnNhY3Rpb25JZD0xMjQ4YzQ1Ny04YzljLTQyODAtOTczMC01ZjYwYTJlZjJkM2Y%3D&bWlkPTEwNDc1NzcmdHJhbnNhY3Rpb25JZD0xMjQ4YzQ1Ny04YzljLTQyODAtOTczMC01ZjYwYTJlZjJkM2Y%3D&bWlkPTEwNDc1NzYmdHJhbnNhY3Rpb25JZD01YmE4ZGM1Ni00NWI0LTQ3ZTMtYjg1MS1hMGY1OTczYTU5MWQ%3D&pt=gross&stid=ce86e912-e8ff-4d63-8d68-54b04dece0b9&fd=1

Requested by

Host: www.gandul.ro
URL: https://www.gandul.ro/wp-content/plugins/strawberry-ads-manager/js/prebid4.40.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.251 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

s1.adform.net

Software

nginx /

Resource Hash

c83c7670c31d4127fb493e87ba84436b9ac70c4ef71614027252eb671350d7c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.gandul.ro/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 13 Feb 2022 14:35:23 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://www.gandul.ro
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/json
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ 0
175 B 52ms
19ms XHR
text/plain 185.184.8.65
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: www.gandul.ro
URL: https://www.gandul.ro/wp-content/plugins/strawberry-ads-manager/js/prebid4.40.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.65 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-65.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.gandul.ro/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.gandul.ro
date: Sun, 13 Feb 2022 14:35:23 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST

POST
H2 200 bid-request Show response
rtb.adpone.com/ 733 B
708 B 291ms
259ms XHR
application/json 2606:4700:20::ac43:49e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.adpone.com/bid-request?pid=12111117134669
Requested by: Host: www.gandul.ro
URL: https://www.gandul.ro/wp-content/plugins/strawberry-ads-manager/js/prebid4.40.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d50f08d04f6cc269dc20fa32f8a786a4a4121b2b8839748296aba996c810caf2

Request headers

Referer: https://www.gandul.ro/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 13 Feb 2022 14:35:23 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9N0cS9WCfZ6ZUZ1hLU3UPdXDjxxzNdAhiY8M7cJtF07%2F57XgHm%2F%2FBF%2BvGmUNbKw7gp5QIyjJ%2BKw5u2vo1OFeo%2FCddmclhgIfY76Ks7L3g1JmmCaeWGFtXnlbGzNocNTLabfpMNySZUmn0IBT"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://www.gandul.ro
access-control-allow-credentials: true
cf-ray: 6dcec86edcc09277-FRA

POST
H2 200 bid-request Show response
rtb.adpone.com/ 736 B
703 B 181ms
149ms XHR
application/json 2606:4700:20::ac43:49e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.adpone.com/bid-request?pid=1211111713441
Requested by: Host: www.gandul.ro
URL: https://www.gandul.ro/wp-content/plugins/strawberry-ads-manager/js/prebid4.40.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fa8341e1e1d5298d96aa4791c6cf19daaccd0b0d29358e3a52261c013d0839ce

Request headers

Referer: https://www.gandul.ro/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 13 Feb 2022 14:35:23 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AALsfz%2FoDV4npOO1NKizEa6Od%2FneCHsh4en2SvH9ck58Cmxst3nRNzRjv5GOQuuT8mAkqh38QDQbLz73OMPyEEBo451NWlLJkar5uMDJy1D%2BX5nJe35yDokI0MpQlEFEaEyATjbnPspK2FHR"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://www.gandul.ro
access-control-allow-credentials: true
cf-ray: 6dcec86eecd19277-FRA

POST
H2 200 bid-request Show response
rtb.adpone.com/ 766 B
741 B 1468ms
1435ms XHR
application/json 2606:4700:20::ac43:49e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.adpone.com/bid-request?pid=12111117134669
Requested by: Host: www.gandul.ro
URL: https://www.gandul.ro/wp-content/plugins/strawberry-ads-manager/js/prebid4.40.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a70f53616993fbee9773d1800651be18910856f99e680ae852c4d6e02f6888fc

Request headers

Referer: https://www.gandul.ro/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 13 Feb 2022 14:35:24 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UrNB620JtaN6%2B37cIuQ2iHcHywy3hIVmrdJCrpKuMOw486i%2Bm45CXXb5LANEKNbRXHEGw1keaFwOMZ0KwRmjx6iOUt9cSOVXI%2BjpgRThhrCRFqIzBpseUbJ9OtgyQ0fwVU09oh2hI8w7oIQW"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://www.gandul.ro
access-control-allow-credentials: true
cf-ray: 6dcec86edcc99277-FRA

POST
H2 200 bid-request Show response
rtb.adpone.com/ 770 B
724 B 180ms
147ms XHR
application/json 2606:4700:20::ac43:49e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.adpone.com/bid-request?pid=121111171348310
Requested by: Host: www.gandul.ro
URL: https://www.gandul.ro/wp-content/plugins/strawberry-ads-manager/js/prebid4.40.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5eaca4a68ab44d3a73a4ea339b3074b1ecfe76c910a53784f7a5c3fdd2473b24

Request headers

Referer: https://www.gandul.ro/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 13 Feb 2022 14:35:23 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9qaURuY3teEiPfsfDoQGpblOx4M2hVLjjy8OI%2FDGwsPhvWT9%2FbJphsjGnV84xXO6O2HO7FMZUDdl3B8Yx9ULOnhk94dBqp%2FF3%2BEQ5Z0XE1loQT5UGRta9DBSxe2Y0KK5NdZTgkByaRW7%2FBAY"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://www.gandul.ro
access-control-allow-credentials: true
cf-ray: 6dcec86edcc69277-FRA

POST
H2 200 bid-request Show response
rtb.adpone.com/ 736 B
704 B 182ms
150ms XHR
application/json 2606:4700:20::ac43:49e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.adpone.com/bid-request?pid=121111171350171
Requested by: Host: www.gandul.ro
URL: https://www.gandul.ro/wp-content/plugins/strawberry-ads-manager/js/prebid4.40.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1530aac11efe77d9e36cd4b41dd6da90a55271c5cf618911d7262e7e02b2834e

Request headers

Referer: https://www.gandul.ro/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 13 Feb 2022 14:35:23 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WnQ2Dms0ixd79hYZBYbdh6KgFZpoppv6W1FMmiZuMo4%2FQ1%2FILwA8wXOsB2ArNxq5GPwhBeSu1uNsV4j1cEsWzi3lXaKqwE8G7XMvNI%2F%2BGuemhb9WbXnk7beyv9iHBbmsYsU%2BaoStWSEXyHii"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://www.gandul.ro
access-control-allow-credentials: true
cf-ray: 6dcec86edccc9277-FRA

POST
H2 200 bid-request Show response
rtb.adpone.com/ 770 B
991 B 150ms
118ms XHR
application/json 2606:4700:20::ac43:49e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.adpone.com/bid-request?pid=1211111713441
Requested by: Host: www.gandul.ro
URL: https://www.gandul.ro/wp-content/plugins/strawberry-ads-manager/js/prebid4.40.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a96b20d5eb8d506a6c690ef870b0b4e8a928e00eb4d0e3dd217cf803803d4de2

Request headers

Referer: https://www.gandul.ro/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 13 Feb 2022 14:35:23 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Tya9z7Acruolo07RTEKDH7DgMl5sNERv9xsYDgVUiHkpfYHp7FI%2FV1H%2FhFXQZicB8ylOFeD3%2FUArongNMTXSI%2Fiul%2B3Qot69QECo4s3dw%2FkIr%2BgPY39KRO7y7YPNaQtEZUmfRPSZf9d%2F2nJr"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://www.gandul.ro
access-control-allow-credentials: true
cf-ray: 6dcec86eecd49277-FRA

POST
H2 200 cdb Show response
bidder.criteo.com/ 18 B
310 B 89ms
49ms XHR
application/json 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=33&wv=4.40.0&cb=37486995711

Requested by

Host: www.gandul.ro
URL: https://www.gandul.ro/wp-content/plugins/strawberry-ads-manager/js/prebid4.40.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

bidder.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.gandul.ro/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 13 Feb 2022 14:35:23 GMT
content-encoding: gzip
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.gandul.ro
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 44

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 33ms
6ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-1572980-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gandul.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 3629
date: Sun, 13 Feb 2022 13:34:54 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Sun, 13 Feb 2022 15:34:54 GMT

GET
H/1.1 200
OK sp1.html Show response
cdn.cxense.com/ Frame FC2E 684 B
749 B 49ms
16ms Document
text/html 2a02:26f0:6c00:2a7::268b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.cxense.com/sp1.html
Requested by: Host: scdn.cxense.com
URL: https://scdn.cxense.com/cx.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:2a7::268b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 535be4b8bedf82433d210152dfb19dd4eaf5796c4e61c2be1c2ed356827b5580

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.gandul.ro/

Response headers

Accept-Ranges: bytes
Last-Modified: Tue, 11 Jan 2022 07:21:04 GMT
Server: AkamaiNetStorage
Content-Length: 379
Cache-Control: max-age=864000
Expires: Wed, 23 Feb 2022 14:35:23 GMT
Date: Sun, 13 Feb 2022 14:35:23 GMT
Connection: keep-alive
Content-Type: text/html
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Vary: Accept-Encoding

GET
H/1.1 200
OK push Show response
comcluster.cxense.com/dmp/ 64 B
636 B 47ms
11ms Script
text/javascript 116.202.80.165
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://comcluster.cxense.com/dmp/push?callback=cXJsonpCBkzlddlxddz7r1sxy&ver=2.3.1&persisted=fcadb0c22bec63a3e94af5a65644fc6b869880e0&json=%7B%22events%22%3A%5B%7B%22type%22%3A%22adBlockerDetection%22%2C%22rnd%22%3A%22kzlddlxdufclmq25%22%2C%22siteId%22%3A%221135102062960807732%22%2C%22prnd%22%3A%22kzlddlvrul102cil%22%2C%22userIds%22%3A%5B%7B%22id%22%3A%22kzlddlx4nhclf5oq%22%2C%22type%22%3A%22cx%22%7D%5D%2C%22origin%22%3A%22brt-adblock%22%2C%22customParameters%22%3A%5B%7B%22group%22%3A%22adBlockerDetected%22%2C%22item%22%3A%22No%22%2C%22type%22%3A%22string%22%7D%5D%7D%5D%7D

Requested by

Host: scdn.cxense.com
URL: https://scdn.cxense.com/cx.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

116.202.80.165 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.165.80.202.116.clients.your-server.de

Software

Jetty(9.4.28.v20200408) /

Resource Hash

28ed259a66f24e12d3737d918032f4652905a26a38e8df6f987e64de5a38c44e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gandul.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Feb 2022 14:35:23 GMT
x-content-type-options: nosniff
server: Jetty(9.4.28.v20200408)
p3p: policyref="http://www.cxense.com/w3c/p3p.xml", CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-store, no-cache, must-revalidate
content-type: text/javascript;charset=utf-8
content-length: 64
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202090101/ 290 KB
104 KB 50ms
35ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202090101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8829549769681779&plah=www.gandul.ro&bust=31064826

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e1b17c4d20dd9b8f6b2c6c976d4c175dcc03f15fee014043fe94b36fe4da15d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gandul.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 13 Feb 2022 14:35:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 106763
x-xss-protection: 0
server: cafe
etag: 2449237803975434097
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 13 Feb 2022 14:35:23 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220209/r20190131/ Frame 7C7C 10 KB
5 KB 34ms
8ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220209/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a575e2f63d79cdaf5a92b4453bfcaadb462119aa1216b4f28920e37e2d9b8e7b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.gandul.ro/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4612
x-xss-protection: 0
date: Sat, 12 Feb 2022 23:18:13 GMT
expires: Sat, 26 Feb 2022 23:18:13 GMT
cache-control: public, max-age=1209600
age: 55030
etag: 18247940800414524076
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3

200

a7b5e1974f9ad964156f7179324c4731-t.jpg
www.gandul.ro/wp-content/uploads/feeds/2022/02/1576591306/
Redirect Chain

https://www.gandul.info/wp-content/uploads/feeds/2022/02/1576591306/a7b5e1974f9ad964156f7179324c4731-t.jpg
https://www.gandul.ro/wp-content/uploads/feeds/2022/02/1576591306/a7b5e1974f9ad964156f7179324c4731-t.jpg

20 KB
20 KB

134ms
134ms

Image
image/jpeg

2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gandul.ro/wp-content/uploads/feeds/2022/02/1576591306/a7b5e1974f9ad964156f7179324c4731-t.jpg

Requested by

Protocol

Server

2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

00d39bcb79d09253cb6d63796707d23469406080b2ffcfef47a9fba8b1a36eb5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gandul.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 13 Feb 2022 14:35:23 GMT
etag: "62063983-4eac"
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-ws: gandul-118
age: 186970
x-ttfb: 1
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 20140
last-modified: Fri, 11 Feb 2022 10:25:07 GMT
server: cloudflare
x-cache-0: H
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lBlFibwdS7Zfoqr3bYri1AeCAhrHDmLvdHp2v3HciEjJNaEgmf5slYmadMc5TvElwD8E1KTSAOspg6I639%2F0li3lm9qeGaoWguI4nboXatde6QyBsvOrImyLziSHkBXh6LF%2BBYCyXc%2Ff5iYy"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=15768000, s-maxage=15768000
x-ba-0: default_last_resort1
accept-ranges: bytes
cf-ray: 6dcec86f18155a01-MXP

Redirect headers

date: Sun, 13 Feb 2022 14:35:23 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 66
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X%2BFPy6BZpHT1%2FNa96XTHjVPFGLK1gAvrdBHBRthDOACBQbtJAmW87Gou1mt0wbQJMJVQ8fnXzqXEglzSTV5%2BCATNBiUm05sKgmjPU56Gu4QHo%2FiJj3BK2Zr1aoXaInpbv0u5AX6Z4ZQMcTAlJe8%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
location: https://www.gandul.ro/wp-content/uploads/feeds/2022/02/1576591306/a7b5e1974f9ad964156f7179324c4731-t.jpg
cache-control: max-age=14400
x-ttfb: 1
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 6dcec86ef901913d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 quant.js Show response
secure.quantserve.com/ 24 KB
10 KB 34ms
13ms Script
application/javascript 2620:116:800d:21:36a9:ecb:e518:b308
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/choice/bt8V6jazXTuLs/www.gandul.ro/choice.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:36a9:ecb:e518:b308 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: b236dccee1a0d5280842bdff52b4005e2b0c9ee5d74a15db3e939c53306576d3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gandul.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 13 Feb 2022 14:35:23 GMT
content-encoding: gzip
etag: "yoD6mq4JTyPdtDBolW+GUg=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
expires: Sun, 20 Feb 2022 14:35:23 GMT

GET
H2 200 cmp2.js Show response
quantcast.mgr.consensu.org/tcfv2/ 178 KB
44 KB 16ms
13ms Script
text/javascript 2600:9000:2190:5a00:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://quantcast.mgr.consensu.org/tcfv2/cmp2.js?referer=www.gandul.ro
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/choice/bt8V6jazXTuLs/www.gandul.ro/choice.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:5a00:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 32ed95b190974ab3c06dcbfe84decbe46ba5bf9ef759aaad201b053d06342d9e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gandul.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 13 Feb 2022 14:35:10 GMT
content-encoding: br
age: 19
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
access-control-max-age: 86400
access-control-allow-origin: *
last-modified: Thu, 03 Feb 2022 15:12:49 GMT
server: AmazonS3
etag: W/"654a79dfaa26ade386414ddc75ea4b75"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/javascript;charset=UTF-8
via: 1.1 eb7b239aed47669f8a7b6ac95bc8aff0.cloudfront.net (CloudFront)
cache-control: max-age=3600
x-amz-meta-qc-ineu: True
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: 2XLAzcH5KkRp3cT9hLARMtqrFWzzzSVaB4ojZKe2a_jcl7EhK5uTzg==

GET
H2 200 projectagora.min.js Show response
aghtag.tech/libs/ 277 KB
82 KB 157ms
62ms Script
application/javascript 2606:4700:3031::ac43:81b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://aghtag.tech/libs/projectagora.min.js
Requested by: Host: agorahtag.tech
URL: https://agorahtag.tech/c/gandul.ro.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:81b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 89f22d5d48e9dc60ce475f61f1e31e152f6294cbabe48a49b7da23a1225e68d4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gandul.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 13 Feb 2022 14:35:23 GMT
content-encoding: gzip
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2395
cf-ray: 6dcec8700ef64be8-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 82702
x-amz-id-2: afQVdiZsNTwVFLJAcBnKWvCamJJgo7rPynzhxnQfBtRjBr8d80qyOLHaQnPs3LxFrrZhneKLlsk=
last-modified: Mon, 07 Feb 2022 13:15:15 GMT
server: cloudflare
etag: "db4a6c10b79c1f6fad6f8bf08d5543f8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2gCy6pKhkkhEX%2Bi5DE%2Bzuc6xHhfIuXNywijBRMqwRxXWc7HhqdSPR7Jo55L9ffTMZNq3V1wQzo4GKTObT5xvpa10KVp%2BnabjmPhk39BkF3lIZSlnxdhOGNDp7obhIxSk%2Fkxt2tFVsX6GPg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-amz-request-id: 530VPSYAFYPC20FK
cache-control: max-age=14400
accept-ranges: bytes
content-type: application/javascript

GET
H2 200 harvest
views.cancan.ro/ 252 B
252 B 67ms
66ms Image
text/html 2606:4700:20::681a:6c9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://views.cancan.ro/harvest?url=https://www.gandul.ro/stiri/un-adolescent-de-17-ani-inecat-therme-ce-spun-reprezentatii-complexului-19749318?utm_source=ZF+Articol&utm_medium=website&utm_campaign=fidmee&id=19749318&type=article&date=1644700627&platform=desktop&source=ZF+Articol&title=Incident+grav+la+Therme.+Un+adolescent+de+17+ani+s-a+%25C3%25AEnecat+%25C3%25AEn+piscin%25C4%2583.+Reprezentan%25C8%259Bii+complexului+spun+c%25C4%2583+echipa+de+salvamari+a+intervenit+conform+protocolului%252C+dar+nu+i-au+putut+salva+via%25C8%259Ba
Requested by: Host: www.gandul.ro
URL: https://www.gandul.ro/stiri/un-adolescent-de-17-ani-inecat-therme-ce-spun-reprezentatii-complexului-19749318?utm_source=ZF+Articol&utm_medium=website&utm_campaign=fidmee
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:6c9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gandul.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 13 Feb 2022 14:35:23 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HgdyAlN%2BPZrXWk421QznxbQbFTcFFMVzF6YZbdtYfD3LRzeGJFR3KC4s%2Fdgo9n4YerCtA%2BnSXj%2FQpJpnvAuJBVwXAPgnw378ejZ%2B%2Bdv%2F%2F5bb1oKG8pYtZ9DKkUIxHs%2ByT7MLoHVsdrCEgWV9kA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cache-control: no-cache, private
cf-ray: 6dcec86f184f6946-FRA

GET
H3 200 OneSignalPageSDKES6.js Show response
cdn.onesignal.com/sdks/ 283 KB
68 KB 89ms
50ms Script
application/javascript 2606:4700::6812:e234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151513
Requested by: Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7512bf3b9ec62642bc0800d0ca3c5b8b37a1384814cc7a29d31f6823740fd403

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gandul.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 13 Feb 2022 14:35:23 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 2034
etag: W/"0e269028feac530d16f00d8dad8ece74"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 6dcec86f5f4159b3-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Wed, 16 Feb 2022 14:35:23 GMT

GET
H2 200 rid Show response
match.adsrvr.org/track/ 63 B
389 B 117ms
35ms XHR
application/json 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=casale&fmt=json&p=190540&gdpr=1
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/190540-122528310662128.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 11129876a78405216b9a79522017a3e2b204e69790637e941bf4f637654233bc

Request headers

Referer: https://www.gandul.ro/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Sun, 13 Feb 2022 14:35:23 GMT
x-aspnet-version: 4.0.30319
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.gandul.ro
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 63
expires: Tue, 15 Mar 2022 14:35:23 GMT

GET
H/1.1 200
OK cx.js Show response
cdn.cxense.com/ Frame FC2E 64 KB
22 KB 19ms
19ms Script
application/x-javascript 2a02:26f0:6c00:2a7::268b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.cxense.com/cx.js
Requested by: Host: cdn.cxense.com
URL: https://cdn.cxense.com/sp1.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:2a7::268b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 36aa85b5d97f76a381de07cdcc8f2bdecf7462384f8207f8a54d6aae1a40e4f6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.cxense.com/sp1.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Sun, 13 Feb 2022 14:35:23 GMT
Content-Encoding: gzip
Last-Modified: Thu, 03 Feb 2022 13:47:07 GMT
Server: AkamaiNetStorage
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 21887
Expires: Sun, 13 Feb 2022 15:35:23 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 28ms
14ms XHR
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1127139490&t=pageview&_s=1&dl=https%3A%2F%2Fwww.gandul.ro%2Fstiri%2Fun-adolescent-de-17-ani-inecat-therme-ce-spun-reprezentatii-complexului-19749318%3Futm_source%3DZF%2BArticol%26utm_medium%3Dwebsite%26utm_campaign%3Dfidmee&ul=en-us&de=UTF-8&dt=Incident%20grav%20la%20Therme.%20Un%20adolescent%20de%2017%20ani%20s-a%20%C3%AEnecat%20%C3%AEn%20piscin%C4%83.%20Reprezentan%C8%9Bii%20complexului%20spun%20c%C4%83%20echipa%20de%20salvamari%20a%20intervenit%20conform%20protocolului%2C%20dar%20nu%20i-au%20putut%20salva%20via%C8%9Ba&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=573676135&gjid=862720677&cid=1288305701.1644762923&tid=UA-1572980-1&_gid=1587596877.1644762923&_r=1&gtm=2ou290&z=389195623

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gandul.ro/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 13 Feb 2022 14:35:23 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.gandul.ro
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cmp-list.json Show response
test.quantcast.mgr.consensu.org/GVL-v2/ 9 KB
3 KB 13ms
12ms XHR
application/json 2600:9000:2190:ac00:3:a4cd:8380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://test.quantcast.mgr.consensu.org/GVL-v2/cmp-list.json
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/tcfv2/cmp2.js?referer=www.gandul.ro
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:ac00:3:a4cd:8380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ea2cfd052397a2a777ace87690d76dc8caa81d75a37d35639401e7e995bff377

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.gandul.ro/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 13 Feb 2022 03:00:34 GMT
content-encoding: br
age: 41689
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
access-control-max-age: 86400
access-control-allow-origin: *
last-modified: Thu, 03 Feb 2022 19:52:29 GMT
server: AmazonS3
etag: W/"4b1249837503afcdf64c329aec87b38a"
vary: Accept-Encoding
access-control-allow-methods: GET
x-amz-version-id: wJc6WWcV90znCBTeZs7CxIHimMpQQ1tj
via: 1.1 af287426c130b47dba79bf825f91ebba.cloudfront.net (CloudFront)
cache-control: max-age=172800
x-amz-cf-pop: ZRH50-C1
content-type: application/json
x-amz-cf-id: H3gIXDuwOnY3wMQwqTq0YmY6QpUMncOA2kKJczogioeV2-DkygpCKQ==

GET
H/1.1 200
OK p1.js Show response
p1cluster.cxense.com/ Frame FC2E 47 B
638 B 45ms
11ms Script
text/javascript 116.202.80.165
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://p1cluster.cxense.com/p1.js
Requested by: Host: cdn.cxense.com
URL: https://cdn.cxense.com/sp1.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 116.202.80.165 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.165.80.202.116.clients.your-server.de
Software: Jetty(9.4.28.v20200408) /
Resource Hash: f7ba1013a4ac19256053047d9c5837307a5b46362b9a6ddfe1ac05011bcdab64

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.cxense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 13 Feb 2022 14:35:23 GMT
last-modified: Fri, 13 Aug 2021 14:35:23 GMT
server: Jetty(9.4.28.v20200408)
etag: 1r9bbjl5r1n8v15uv15nop3etf
p3p: policyref="http://www.cxense.com/w3c/p3p.xml", CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: private, proxy-revalidate
content-type: text/javascript;charset=utf-8
content-length: 47
expires: Mon, 13 Feb 2023 14:35:23 GMT

GET
H2 200 rules-p-bt8V6jazXTuLs.js Show response
rules.quantcount.com/ 2 B
345 B 38ms
11ms Script
application/javascript 2600:9000:2190:bc00:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-bt8V6jazXTuLs.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:bc00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gandul.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 13 Feb 2022 14:13:42 GMT
via: 1.1 666ff4ad81b3b60af3d2241160893ee2.cloudfront.net (CloudFront)
server: AmazonS3
age: 1300
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
cross-origin-resource-policy: cross-origin
x-cache: Hit from cloudfront
x-amz-cf-pop: ZRH50-C1
content-length: 2
x-amz-cf-id: 4FHcCvQ_V4GwI9rL2WRCo6gjeFEM7OufAVwV_S9ylJSw1CYiamvc5A==

GET
H2 200 cmp2ui-ro.js Show response
quantcast.mgr.consensu.org/tcfv2/39/ 235 KB
58 KB 13ms
13ms Script
text/javascript 2600:9000:2190:5a00:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://quantcast.mgr.consensu.org/tcfv2/39/cmp2ui-ro.js
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/tcfv2/cmp2.js?referer=www.gandul.ro
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:5a00:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b91e98b8ee14e7452814fa031d66aaad582a683f3651e2e4aceb5605e68f3ddb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gandul.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 23:07:02 GMT
content-encoding: gzip
age: 142131
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
access-control-max-age: 86400
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
last-modified: Thu, 03 Feb 2022 15:12:24 GMT
server: AmazonS3
etag: W/"9a4e61cdcdaf9247e0b68555b36783e1"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/javascript;charset=UTF-8
via: 1.1 eb7b239aed47669f8a7b6ac95bc8aff0.cloudfront.net (CloudFront)
cache-control: max-age=172800
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: C8QuU9MUG6TIjCyxsYZuR4VL3coDzylgm47rpRRKCYezFiy_XJuOSQ==

GET
H2 200 vendor-list-trimmed-v1.json Show response
quantcast.mgr.consensu.org/GVL-v2/ 283 KB
33 KB 14ms
14ms XHR
application/json 2600:9000:2190:5a00:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://quantcast.mgr.consensu.org/GVL-v2/vendor-list-trimmed-v1.json
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/tcfv2/cmp2.js?referer=www.gandul.ro
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:5a00:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 67c9df4ca932fac2379e97fcf5d0922b17b1721add1b5ecad1415bca1da3f519

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gandul.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 13 Feb 2022 03:00:34 GMT
content-encoding: br
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
age: 41689
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Sun, 13 Feb 2022 03:00:32 GMT
server: AmazonS3
etag: W/"9319ab533140e86457ff4571b5d4193d"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/json
via: 1.1 a2037d86ccb1a548f20827ebd95a65f2.cloudfront.net (CloudFront)
cache-control: max-age=172800
access-control-allow-credentials: true
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: CTAoVRWY7HrIL0uydHPImC-aZWArThwF37XSHxGEGjlZg0vKM9Azbw==

GET
H2 200 google-atp-list.json Show response
quantcast.mgr.consensu.org/tcfv2/ 154 KB
36 KB 24ms
23ms XHR
application/json 2600:9000:2190:5a00:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://quantcast.mgr.consensu.org/tcfv2/google-atp-list.json
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/tcfv2/cmp2.js?referer=www.gandul.ro
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:5a00:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6ddba1f102cb48d395bbf224367107ae24c018cb19c035f716572a1f8523f462

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.gandul.ro/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 13 Feb 2022 03:00:28 GMT
content-encoding: br
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
age: 41695
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Sun, 13 Feb 2022 03:00:26 GMT
server: AmazonS3
etag: W/"2766074b6ad0826e8a89f01ea9c9174f"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/json
via: 1.1 a2037d86ccb1a548f20827ebd95a65f2.cloudfront.net (CloudFront)
cache-control: max-age=172800
access-control-allow-credentials: true
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: aum0Bc8mYwdhpLAd2tRVXeX1gdDAf6wLntVOfJf3S__CuHbJwc6xWw==

GET
H/1.1 200
OK ok9.js Show response
odnaknopka.ru/ 143 B
414 B 182ms
35ms Script
text/javascript 192.102.6.123
HVDS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://odnaknopka.ru/ok9.js
Requested by: Host: neuronales.xyz
URL: https://neuronales.xyz/easylist/13087
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.102.6.123 Kyiv, Ukraine, ASN57682 (HVDS-AS, UA),
Reverse DNS: server.odnaknopka.ru
Software: nginx/1.4.6 (Ubuntu) / PHP/5.5.9-1ubuntu4.5
Resource Hash: f70c6e0720a4769e224d4ceb25d9908ae0f9da93dac347971cac311be73b1022

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gandul.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Sun, 13 Feb 2022 14:35:23 GMT
Server: nginx/1.4.6 (Ubuntu)
Connection: keep-alive
X-Powered-By: PHP/5.5.9-1ubuntu4.5
ETag: 1357584194cf997045a4e072bfa88200
Transfer-Encoding: chunked
Content-Type: text/javascript; charset=UTF-8

HEAD
H3 200 adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 0
0 46ms
31ms Fetch
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?test_adblock=true

Requested by

Host: cdn.unblockia.com
URL: https://cdn.unblockia.com/h.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gandul.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 13 Feb 2022 14:35:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53874
x-xss-protection: 0
server: cafe
etag: 18288349571227368510
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 13 Feb 2022 14:35:23 GMT

GET
H2 200 purposes-RO.json Show response
quantcast.mgr.consensu.org/GVL-v2/ 34 KB
5 KB 12ms
12ms XHR
application/json 2600:9000:2190:5a00:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://quantcast.mgr.consensu.org/GVL-v2/purposes-RO.json
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/tcfv2/cmp2.js?referer=www.gandul.ro
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:5a00:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 517de6ba19fa6bbecd42631681f5bd816b5645c18d03499b9ce0e8b247ec5343

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gandul.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 13 Feb 2022 03:00:35 GMT
content-encoding: br
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
age: 41689
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Sun, 13 Feb 2022 03:00:32 GMT
server: AmazonS3
etag: W/"fa4b19c208b56395fb8501ab8a35c9be"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/json
via: 1.1 a2037d86ccb1a548f20827ebd95a65f2.cloudfront.net (CloudFront)
cache-control: max-age=172800
access-control-allow-credentials: true
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: Vs1Xo1QzdkwBUYZhuewxVGIpa__qWbm-DA4NbIUXU4lRBEYCifntDg==

GET
H2 200 / Show response
audit-tcfv2.quantcast.mgr.consensu.org/ 2 B
101 B 25ms
7ms XHR
text/plain 18.158.39.89
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://audit-tcfv2.quantcast.mgr.consensu.org/?log=%7B%22accountId%22%3A%22bt8V6jazXTuLs%22%2C%22domain%22%3A%22www.gandul.ro%22%2C%22publisher%22%3A%22Gandul.ro%22%2C%22cmpId%22%3A10%2C%22cmpVersion%22%3A%222.39%22%2C%22displayType%22%3A%22tcfui%3Amandatory%22%2C%22configurationHashCode%22%3A%2222zCn0WhJ8QvUrV1D2264Q%22%2C%22clientTimestamp%22%3A1644762923517%2C%22operationType%22%3A%22init%22%2C%22sessionId%22%3A%22GDPR-nyho2l4v8e42a4q49u81%22%7D
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/tcfv2/39/cmp2ui-ro.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.158.39.89 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-158-39-89.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.gandul.ro/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 13 Feb 2022 14:35:23 GMT
content-length: 2
content-type: text/plain; charset=utf-8

GET
H3 200 impl.v14.0.0.js Show response
live.demand.supply/ 78 KB
25 KB 135ms
88ms Script
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/impl.v14.0.0.js
Requested by: Host: www.gandul.ro
URL: https://www.gandul.ro/stiri/un-adolescent-de-17-ani-inecat-therme-ce-spun-reprezentatii-complexului-19749318?utm_source=ZF+Articol&utm_medium=website&utm_campaign=fidmee
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 47a00c205ac23427984e572961850c21efd9d16502680c3876904f4a9840e61d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gandul.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-nf-request-id: 01FKEFKNZGD9ZVC0KK5CB35266
date: Sun, 13 Feb 2022 14:35:23 GMT
content-encoding: br
cf-cache-status: HIT
age: 1191986
cf-polished: origSize=79681
cf-ray: 6dcec87098aa375b-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
server: cloudflare
etag: W/"ce85a984a9876904f1c4ef475c2ab350-ssl-df"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=2592000,immutable,stale-if-error=604800
timing-allow-origin: *

GET
H3 200 d3d3LmdhbmR1bC5yby8= Show response
live.demand.supply/p4/v14-0-0/ 1 KB
822 B 283ms
237ms Script
text/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/p4/v14-0-0/d3d3LmdhbmR1bC5yby8=
Requested by: Host: www.gandul.ro
URL: https://www.gandul.ro/stiri/un-adolescent-de-17-ani-inecat-therme-ce-spun-reprezentatii-complexului-19749318?utm_source=ZF+Articol&utm_medium=website&utm_campaign=fidmee
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eb891945f4f3b5e5c2a05efb3821e2ce99929d17c0b6293bd556953e4891189b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gandul.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 13 Feb 2022 14:35:23 GMT
content-encoding: br
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=3600, s-maxage=7200, stale-while-revalidate=3600, stale-if-error=84600
cf-ray: 6dcec870a8af375b-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1 200
OK rep.gif
comcluster.cxense.com/Repo/ Frame FC2E 43 B
469 B 14ms
14ms Image
image/gif 116.202.80.165
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://comcluster.cxense.com/Repo/rep.gif?ver=2.3.1&typ=pgv&rnd=kzlddlvrul102cil&sid=1135102062960807732&loc=https%3A%2F%2Fwww.gandul.ro%2Fstiri%2Fun-adolescent-de-17-ani-inecat-therme-ce-spun-reprezentatii-complexului-19749318%3Futm_source%3DZF%2BArticol%26utm_medium%3Dwebsite%26utm_campaign%3Dfidmee&new=1&arf=0&ltm=1644762923271&ref=&tzo=0&wsz=1600x1200&res=1600x1200&dpr=1&col=24&bln=en-US&chs=UTF-8&cks=kzlddlx2cum5s0le&ckp=kzlddlx4nhclf5oq&glb=&amo=1644737558&cst=1r9bbjl5r1n8v15uv15nop3etf
Requested by: Host: cdn.cxense.com
URL: https://cdn.cxense.com/sp1.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 116.202.80.165 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.165.80.202.116.clients.your-server.de
Software: Jetty(9.4.28.v20200408) /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.cxense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 13 Feb 2022 14:35:23 GMT
server: Jetty(9.4.28.v20200408)
p3p: policyref="http://www.cxense.com/w3c/p3p.xml", CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 43
content-type: image/gif

GET
H/1.1 200
OK id Show response
id.cxense.com/public/user/ 118 B
691 B 62ms
30ms Script
text/javascript 116.202.80.165
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://id.cxense.com/public/user/id?json=%7B%22identities%22%3A%5B%7B%22type%22%3A%22ckp%22%2C%22id%22%3A%22kzlddlx4nhclf5oq%22%7D%2C%7B%22type%22%3A%22lst%22%2C%22id%22%3A%221r9bbjl5r1n8v15uv15nop3etf%22%7D%2C%7B%22type%22%3A%22cst%22%2C%22id%22%3A%221r9bbjl5r1n8v15uv15nop3etf%22%7D%5D%2C%22siteId%22%3A%221135102062960807732%22%2C%22location%22%3A%22https%3A%2F%2Fwww.gandul.ro%2Fstiri%2Fun-adolescent-de-17-ani-inecat-therme-ce-spun-reprezentatii-complexului-19749318%3Futm_source%3DZF%2BArticol%26utm_medium%3Dwebsite%26utm_campaign%3Dfidmee%22%7D&callback=cXJsonpCBkzlddm4fyna0ma1f

Requested by

Host: scdn.cxense.com
URL: https://scdn.cxense.com/cx.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

116.202.80.165 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.165.80.202.116.clients.your-server.de

Software

Jetty(9.4.28.v20200408) /

Resource Hash

5f6c89067bc83bb63581f765c73b567140d8fe10f08e250cceec52ffb1a9397a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gandul.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Feb 2022 14:35:23 GMT
x-content-type-options: nosniff
server: Jetty(9.4.28.v20200408)
p3p: policyref="http://www.cxense.com/w3c/p3p.xml", CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-store, no-cache, must-revalidate
content-type: text/javascript;charset=utf-8
content-length: 118
expires: Mon, 26 Jul 1997 05:00:00 GMT

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
401 B 118ms
76ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?e=ll&d=373&cs=c&dsReferer=aHR0cHM6Ly93d3cuZ2FuZHVsLnJvL3N0aXJpL3VuLWFkb2xlc2NlbnQtZGUtMTctYW5pLWluZWNhdC10aGVybWUtY2Utc3B1bi1yZXByZXplbnRhdGlpLWNvbXBsZXh1bHVpLTE5NzQ5MzE4P3V0bV9zb3VyY2U9WkYrQXJ0aWNvbCZ1dG1fbWVkaXVtPXdlYnNpdGUmdXRtX2NhbXBhaWduPWZpZG1lZQ==
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/up.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gandul.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-nf-request-id: 01FN1PNCK8SCCFKGWHBWVFNPJE
date: Sun, 13 Feb 2022 14:35:23 GMT
cf-cache-status: HIT
age: 2280714
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "1e7512eab4ec94e546e05bc6561a8453-ssl"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 6dcec870bc043749-MXP

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 80 KB
27 KB 20ms
19ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: live.demand.supply
URL: https://live.demand.supply/up.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

sffe /

Resource Hash

4ae689a5b37c61962b7f8702568778b5fe5afa464b5d7e21646cd6e75cdd0153

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gandul.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 13 Feb 2022 14:35:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27131
x-xss-protection: 0
server: sffe
etag: "1130 / 217 of 1000 / last-modified: 1644620882"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sun, 13 Feb 2022 14:35:23 GMT

GET
H3 200 d3d3LmdhbmR1bC5yby9zdGlyaS91bi1hZG9sZXNjZW50LWRlLTE3LWFuaS1pbmVjYXQtdGhlcm1lLWNlLXNwdW4tcmVwcmV6ZW50YXRpaS1jb21wbGV4dWx1aS0xOTc0OTMxOD91dG1fc291cmNlPVpGK0FydGljb2wmdXRtX21lZGl1bT13ZWJzaXRlJnV0bV9jY... Show response
live.demand.supply/p4/v14-0-0/ 570 B
616 B 244ms
215ms Script
text/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/p4/v14-0-0/d3d3LmdhbmR1bC5yby9zdGlyaS91bi1hZG9sZXNjZW50LWRlLTE3LWFuaS1pbmVjYXQtdGhlcm1lLWNlLXNwdW4tcmVwcmV6ZW50YXRpaS1jb21wbGV4dWx1aS0xOTc0OTMxOD91dG1fc291cmNlPVpGK0FydGljb2wmdXRtX21lZGl1bT13ZWJzaXRlJnV0bV9jYW1wYWlnbj1maWRtZWU=
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/up.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c70c0f23a43839b2baf7e757a84c6226e112e7ea0d24a4a3afe2a15fce6cdadd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gandul.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 13 Feb 2022 14:35:23 GMT
content-encoding: br
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=3600, s-maxage=7200, stale-while-revalidate=3600, stale-if-error=84600
cf-ray: 6dcec870a8b2375b-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 ds.2.html Show response
live.demand.supply/ 413 B
470 B 121ms
80ms XHR
text/html 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/ds.2.html
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/up.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bdd1579c84daab8cdd1e5a4f71b546c9eaa6a76418f83e0215c573523614c309

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gandul.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-nf-request-id: 01FMYG85FX85PJ1BN09VMJ97FW
date: Sun, 13 Feb 2022 14:35:23 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
timing-allow-origin: *
age: 1385018
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=2592000,immutable,stale-if-error=604800
cf-ray: 6dcec870bc193749-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 134 KB
36 KB 65ms
18ms Script
application/javascript 13.224.90.44
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/up.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.90.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-90-44.zrh50.r.cloudfront.net
Software: Server /
Resource Hash: 784acd540b5fcfb87c47dfe12e5311084ce692366a2ac196fd5cc8eb28ff4c23

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gandul.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id: HISltcT4EtRtqxCZ_leiYbAE6TJJFUPD
content-encoding: gzip
etag: c1da564f59b83b9805e8df92eca012f5
age: 315
x-cache: Hit from cloudfront
server: Server
x-amz-rid: 17VMN4PS9X00XT2VC6TQ
date: Sun, 13 Feb 2022 14:30:20 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 871dedfc10f4428aa2412b6f788b791a.cloudfront.net (CloudFront)
cache-control: public, max-age=900
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: SrlnVd-vWbONodnsvYYLl4dL8SX2abtzi1BaBcGZRL9Ek_7xX4mp_w==

GET
H3 200 uamp.1.json Show response
live.demand.supply/ 8 KB
3 KB 233ms
192ms XHR
application/json 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/uamp.1.json?&dsReferer=aHR0cHM6Ly93d3cuZ2FuZHVsLnJvL3N0aXJpL3VuLWFkb2xlc2NlbnQtZGUtMTctYW5pLWluZWNhdC10aGVybWUtY2Utc3B1bi1yZXByZXplbnRhdGlpLWNvbXBsZXh1bHVpLTE5NzQ5MzE4P3V0bV9zb3VyY2U9WkYrQXJ0aWNvbCZ1dG1fbWVkaXVtPXdlYnNpdGUmdXRtX2NhbXBhaWduPWZpZG1lZQ==
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/up.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 561aec52e5ec804ee143532298b8677dcf6da42fec6541484f50cdb94611d65b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gandul.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-nf-request-id: 01FVS1N73TZY0YSC3YJB615NXJ
date: Sun, 13 Feb 2022 14:35:23 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
etag: W/"362f610a25ff544356d95c210cc7ef4e-ssl-df"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=2592000,immutable,stale-if-error=604800
cf-ray: 6dcec870bc163749-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 web Show response
onesignal.com/api/v1/sync/f487e21e-4a37-4c7b-a2de-dedb267c05f9/ 5 KB
2 KB 36ms
24ms Script
text/javascript 2606:4700::6812:e234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onesignal.com/api/v1/sync/f487e21e-4a37-4c7b-a2de-dedb267c05f9/web?callback=__jp0

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151513

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

afae99894b4ae3af0641f5d47f7d95123f216405fa5ac467d5efdf2495d59a1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gandul.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 13 Feb 2022 14:35:23 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 3587
cf-polished: origSize=5125
status: 200 OK
x-envoy-upstream-service-time: 37
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 5bd7d882-4b6d-4462-8488-fbe14cc1b2e6
x-runtime: 0.034662
referrer-policy: strict-origin-when-cross-origin
cf-bgj: minify
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"f4a727c205115ffbfc95a4cef9388a34"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=3600
cf-ray: 6dcec87098fa90d6-FRA
access-control-allow-headers: SDK-Version
expires: Sun, 13 Feb 2022 15:35:23 GMT

GET
H2 204 config Show response
c.amazon-adsystem.com/cdn/prod/ 0
309 B 17ms
16ms XHR
text/plain 13.224.90.44
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.gandul.ro&pubid=66ef05f7-ad53-48f6-873a-ac7543370392
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.90.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-90-44.zrh50.r.cloudfront.net
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gandul.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 13 Feb 2022 12:51:53 GMT
via: 1.1 871dedfc10f4428aa2412b6f788b791a.cloudfront.net (CloudFront)
server: Server
age: 6209
x-cache: Hit from cloudfront
access-control-allow-origin: https://www.gandul.ro
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: PV8FMDPV9G74zOnVXf611NOmx1GhDOdeiHoZsyJ2lLKD_qdoVeuNbw==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 40ms
11ms XHR
application/javascript 13.224.90.44
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.90.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-90-44.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gandul.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id: eaU6ir6qmGswM2SGRmLi7PKhBcBrRdvn
content-encoding: gzip
etag: W/"a4d296427fc806b21335359e398c025c"
age: 38840
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Fri, 21 Jan 2022 02:54:57 GMT
server: AmazonS3
date: Sun, 13 Feb 2022 03:48:04 GMT
vary: Origin
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 8455bcb2c0203b0c4ee93b610d75e69a.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: 93ICnZGXA3zV30zO-sKBLkJwFu85n59KDkrYiqNNekgc9GsRZYBM5A==

GET
H/1.1 200
OK stat.js Show response
odnaknopka.ru/ 766 B
990 B 141ms
140ms Script
application/javascript 192.102.6.123
HVDS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://odnaknopka.ru/stat.js
Requested by: Host: odnaknopka.ru
URL: https://odnaknopka.ru/ok9.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.102.6.123 Kyiv, Ukraine, ASN57682 (HVDS-AS, UA),
Reverse DNS: server.odnaknopka.ru
Software: nginx/1.4.6 (Ubuntu) / PHP/5.5.9-1ubuntu4.5
Resource Hash: 4c483342f6b6854fd49a77996a70c99e0f502a44c34d3119ab3fdb87f287d68e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gandul.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Sun, 13 Feb 2022 14:35:23 GMT
Server: nginx/1.4.6 (Ubuntu)
Connection: keep-alive
X-Powered-By: PHP/5.5.9-1ubuntu4.5
Transfer-Encoding: chunked
Content-Type: application/javascript

GET
H/1.1 200
OK user Show response
admp-tc-sati.adtlgc.com/ 63 B
315 B 138ms
33ms Script
application/javascript 99.80.67.233
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://admp-tc-sati.adtlgc.com/user?nw=0&cm=1&sg=1&callback=adapt_dataRequest_sati_admp.campaignCallback&cb=1644762923680&evid=&v=2.39
Requested by: Host: code3.adtlgc.com
URL: https://code3.adtlgc.com/js/sati_init.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.80.67.233 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-99-80-67-233.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: baee049272b23bef0a1a5f69bec303a844dc431d25607426aba9f49161e69be5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gandul.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Sun, 13 Feb 2022 14:35:23 GMT
Connection: keep-alive
P3P: policyref="http://code.adtlgc.com/w3c/p3p.xml",CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND COM NAV INT"
Content-Length: 63
Content-Type: application/javascript

HEAD
H3 200 e.js Show response
live.demand.supply/x/ 0
364 B 70ms
69ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/x/e.js?ce=fs&dsReferer=aHR0cHM6Ly93d3cuZ2FuZHVsLnJvL3N0aXJpL3VuLWFkb2xlc2NlbnQtZGUtMTctYW5pLWluZWNhdC10aGVybWUtY2Utc3B1bi1yZXByZXplbnRhdGlpLWNvbXBsZXh1bHVpLTE5NzQ5MzE4P3V0bV9zb3VyY2U9WkYrQXJ0aWNvbCZ1dG1fbWVkaXVtPXdlYnNpdGUmdXRtX2NhbXBhaWduPWZpZG1lZQ==
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v14.0.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gandul.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-nf-request-id: 01FMV3Z855637WVE1HQJYTWK30
date: Sun, 13 Feb 2022 14:35:23 GMT
cf-cache-status: HIT
age: 1680123
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "1e7512eab4ec94e546e05bc6561a8453-ssl"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 6dcec8718e2e3749-MXP

GET
H2 200 gandul.ro_728x90_sticky_display_bottom Show response
api.demand.supply/v14-0-0/a/ 353 B
612 B 199ms
78ms XHR
application/json 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.demand.supply/v14-0-0/a/gandul.ro_728x90_sticky_display_bottom?&dsReferer=aHR0cHM6Ly93d3cuZ2FuZHVsLnJvL3N0aXJpL3VuLWFkb2xlc2NlbnQtZGUtMTctYW5pLWluZWNhdC10aGVybWUtY2Utc3B1bi1yZXByZXplbnRhdGlpLWNvbXBsZXh1bHVpLTE5NzQ5MzE4P3V0bV9zb3VyY2U9WkYrQXJ0aWNvbCZ1dG1fbWVkaXVtPXdlYnNpdGUmdXRtX2NhbXBhaWduPWZpZG1lZQ==
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v14.0.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b5a6563c92813ae7ed0e71c63e4a420964c6fa387e7a836d196d820b1a1187bf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gandul.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 13 Feb 2022 14:35:23 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 5659
etag: W/"161-USUXAu1rZi/rSTyahnKbz1gGgDI"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=3600, s-maxage=7200, stale-while-revalidate=3600, stale-if-error=84600
cf-ray: 6dcec8728c1b374d-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1

200
OK

/ Show response
pubmedya.net/vu/ro/ Frame A0FE
Redirect Chain

https://webcache.pp.ua/stat
https://pubmedya.net/vu/ro/

191 B
367 B

106ms
15ms

Document
text/html

176.9.60.211
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pubmedya.net/vu/ro/
Requested by: Host: odnaknopka.ru
URL: https://odnaknopka.ru/stat.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 176.9.60.211 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.211.60.9.176.clients.your-server.de
Software: nginx/1.12.2 /
Resource Hash: 0d62300aa4b20dc39891778b4aeb2a11ef3302c111c1df9271d4579730b2d0e6

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.gandul.ro/

Response headers

Server: nginx/1.12.2
Date: Sun, 13 Feb 2022 14:35:24 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close

Redirect headers

server: nginx/1.20.1
date: Sun, 13 Feb 2022 14:35:23 GMT
content-type: text/html; charset=UTF-8
content-length: 0
x-powered-by: PHP/8.0.12
access-control-allow-origin: *
location: https://pubmedya.net/vu/ro/

GET
H2

200

coupon_aliexpress.htm Show response
sale.aliexpress.com/__mobile/ Frame 5C76
Redirect Chain

https://tsystatic.com/a
https://s.click.aliexpress.com/e/_d8O2mSk?af=a;47182&cn=-&cv=84215&dp=193.27.14.24
https://sale.aliexpress.com/__mobile/coupon_aliexpress.htm?af=a&47182&cn=-&cv=84215&dp=193.27.14.24&aff_fcid=ab345720c5ee43bc842a1b35e626ad8d-1644762924160-06522-_d8O2mSk&aff_fsk=_d8O2mSk&aff_platf...

25 KB
6 KB

144ms
21ms

Document
text/html

104.111.245.23
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://sale.aliexpress.com/__mobile/coupon_aliexpress.htm?af=a&47182&cn=-&cv=84215&dp=193.27.14.24&aff_fcid=ab345720c5ee43bc842a1b35e626ad8d-1644762924160-06522-_d8O2mSk&aff_fsk=_d8O2mSk&aff_platform=portals-tool&sk=_d8O2mSk&aff_trace_key=ab345720c5ee43bc842a1b35e626ad8d-1644762924160-06522-_d8O2mSk&terminal_id=85ff93f48190446ba6e1a3afdb3ed8fd

Requested by

Host: odnaknopka.ru
URL: https://odnaknopka.ru/stat.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

104.111.245.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-245-23.deploy.static.akamaitechnologies.com

Software

Tengine/Aserver /

Resource Hash

a36eedcdede3108e74cbc7593170dc7955f0325125dde1cb649fb627751d278e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.gandul.ro/

Response headers

content-type: text/html;charset=UTF-8
vary: Accept-Encoding
p3p: CP="CAO PSA OUR"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000 ; includeSubDomains max-age=31536000
server: Tengine/Aserver
eagleeye-traceid: 0b8b036316447628557831018e4e6f
timing-allow-origin: *
content-encoding: gzip
content-length: 5985
cache-control: public, no-transform, max-age=31, s-maxage=120
expires: Sun, 13 Feb 2022 14:35:55 GMT
date: Sun, 13 Feb 2022 14:35:24 GMT

Redirect headers

content-length: 0
x-application-context: global-traffic-holmes-f:production:7001
access-control-allow-methods: GET, POST, OPTION
access-control-allow-credentials: true
p3p: CP="CAO PSA OUR"
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: 0
strict-transport-security: max-age=31536000 ; includeSubDomains max-age=31536000
location: https://sale.aliexpress.com/__mobile/coupon_aliexpress.htm?af=a&47182&cn=-&cv=84215&dp=193.27.14.24&aff_fcid=ab345720c5ee43bc842a1b35e626ad8d-1644762924160-06522-_d8O2mSk&aff_fsk=_d8O2mSk&aff_platform=portals-tool&sk=_d8O2mSk&aff_trace_key=ab345720c5ee43bc842a1b35e626ad8d-1644762924160-06522-_d8O2mSk&terminal_id=85ff93f48190446ba6e1a3afdb3ed8fd
content-language: en-US
server: Tengine/Aserver
eagleeye-traceid: 2100bdd816447629241606088e4f71
timing-allow-origin: *
date: Sun, 13 Feb 2022 14:35:24 GMT

GET
H/1.1 200
OK user Show response
admp-tc-sati.adtlgc.com/ 98 B
537 B 32ms
31ms Script
application/javascript 99.80.67.233
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://admp-tc-sati.adtlgc.com/user?nw=1&cm=0&sg=0&callback=adapt_dataRequest_sati_admp.validateCallback&cb=1644762923830&evid=cx:1h3zv7bo9vdk51a0henpvf6h5r:3mezkd0l6u944&v=2.39
Requested by: Host: code3.adtlgc.com
URL: https://code3.adtlgc.com/js/sati_init.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.80.67.233 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-99-80-67-233.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: bfc02e049a9f0f9ee103c673a20e7703df89aad62dfb38e9a5dbed0f6dbdc620

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gandul.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Sun, 13 Feb 2022 14:35:23 GMT
Connection: keep-alive
P3P: policyref="http://code.adtlgc.com/w3c/p3p.xml",CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND COM NAV INT"
Content-Length: 98
Content-Type: application/javascript

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 23 B
490 B 48ms
47ms XHR
text/javascript 13.224.90.44
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.gandul.ro%2Fstiri%2Fun-adolescent-de-17-ani-inecat-therme-ce-spun-reprezentatii-complexului-19749318%3Futm_source%3DZF%2BArticol%26utm_medium%3Dwebsite%26utm_campaign%3Dfidmee&pid=uUM3lQ32zQszE&cb=0&ws=1600x1200&v=7.73.0&t=2000&slots=%5B%7B%22sd%22%3A%22gandul.ro_auto_728x90_sticky_display_bottom%22%2C%22s%22%3A%5B%22728x90%22%5D%7D%5D&pubid=66ef05f7-ad53-48f6-873a-ac7543370392&gdpre=1&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.90.44 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-90-44.zrh50.r.cloudfront.net

Software

Server /

Resource Hash

745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gandul.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 13 Feb 2022 14:35:23 GMT
via: 1.1 871dedfc10f4428aa2412b6f788b791a.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: ZRH50-C1
x-amz-rid: Q19X6HHTPD47262W7YB0
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.gandul.ro
access-control-allow-credentials: true
permissions-policy: interest-cohort=()
strict-transport-security: max-age=47474747; includeSubDomains; preload
timing-allow-origin: *
content-length: 23
x-amz-cf-id: 7XDRTorMozv54p4qyebJE9_da5GAd_QDk8l4qynWu1j2ZFbDjBWmpw==

GET
H/1.1 200
OK pagestat Show response
admp-tc-sati.adtlgc.com/event/v3/ 0
276 B 127ms
31ms XHR
image/jpeg 99.80.67.233
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://admp-tc-sati.adtlgc.com/event/v3/pagestat?location=https%3A%2F%2Fwww.gandul.ro%2Fstiri%2Fun-adolescent-de-17-ani-inecat-therme-ce-spun-reprezentatii-complexului-19749318%3Futm_source%3DZF%2BArticol%26utm_medium%3Dwebsite%26utm_campaign%3Dfidmee&cb=1644762923866&evid=cx:1h3zv7bo9vdk51a0henpvf6h5r:3mezkd0l6u944&v=2.39
Requested by: Host: code3.adtlgc.com
URL: https://code3.adtlgc.com/js/sati_init.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.80.67.233 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-99-80-67-233.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gandul.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

XDomainRequestAllowed: 1
Date: Sun, 13 Feb 2022 14:35:23 GMT
Access-Control-Allow-Methods: *
Content-Type: image/jpeg
Access-Control-Allow-Origin: https://www.gandul.ro
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK segment Show response
api.cxense.com/profile/user/ 91 B
708 B 52ms
15ms Script
text/javascript 147.75.85.120
PACKET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.cxense.com/profile/user/segment?callback=cXJsonpCBkzlddmcffdgiau1m&persisted=993f7e91f41899181a61f3b6fa338bd436cdd1b7&json=%7B%22identities%22%3A%5B%7B%22id%22%3A%22kzlddlx4nhclf5oq%22%2C%22type%22%3A%22cx%22%7D%5D%7D

Requested by

Host: scdn.cxense.com
URL: https://scdn.cxense.com/cx.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

147.75.85.120 Schiphol, Netherlands, ASN54825 (PACKET, US),

Reverse DNS

Software

Jetty(9.4.28.v20200408) /

Resource Hash

b9eabffe9aace6cbdc1916932773ec9f2504266708b9395c286f0d8e5f639d31

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gandul.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Feb 2022 14:35:23 GMT
x-content-type-options: nosniff
server: Jetty(9.4.28.v20200408)
strict-transport-security: max-age=31536000
p3p: policyref="http://www.cxense.com/w3c/p3p.xml", CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-store, no-cache, must-revalidate
content-type: text/javascript;charset=utf-8
content-length: 91
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ 78 B
370 B 114ms
83ms XHR
text/javascript 184.31.84.150
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?v=7.2&s=403901&fn=headertag.IndexExchangeHtb.adResponseCallback&sd=1&r=%7B%22id%22%3A%2211079467%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.gandul.ro%2Fstiri%2Fun-adolescent-de-17-ani-inecat-therme-ce-spun-reprezentatii-complexului-19749318%3Futm_source%3DZF%2BArticol%26utm_medium%3Dwebsite%26utm_campaign%3Dfidmee%22%7D%2C%22imp%22%3A%5B%7B%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A970%2C%22h%22%3A250%2C%22ext%22%3A%7B%22sid%22%3A%221%22%2C%22siteID%22%3A%22470594%22%7D%7D%5D%7D%2C%22id%22%3A%221%22%7D%5D%2C%22ext%22%3A%7B%22source%22%3A%22ixwrapper%22%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A1%2C%22us_privacy%22%3A%221---%22%7D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%22consent%22%3A%22%22%7D%7D%7D
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/190540-122528310662128.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.31.84.150 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-31-84-150.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: db0a1a8888477b188d4e806d410b57c93398e92c2221c76aa2f2a1b9856a324f

Request headers

Referer: https://www.gandul.ro/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 13 Feb 2022 14:35:24 GMT
x-ak-initial-geo: CC:[DE], RC:[HE], CN:[EU], CIP:[193.27.14.24], XFF:[]
server: Apache
content-type: text/javascript
access-control-allow-origin: https://www.gandul.ro
x-cs-client-geo: 12
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 78
x-ak-client-geo: 12
expires: Sun, 13 Feb 2022 14:35:24 GMT

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ 78 B
370 B 112ms
83ms XHR
text/javascript 184.31.84.150
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?v=7.2&s=403901&fn=headertag.IndexExchangeHtb.adResponseCallback&sd=1&r=%7B%22id%22%3A%2217718074%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.gandul.ro%2Fstiri%2Fun-adolescent-de-17-ani-inecat-therme-ce-spun-reprezentatii-complexului-19749318%3Futm_source%3DZF%2BArticol%26utm_medium%3Dwebsite%26utm_campaign%3Dfidmee%22%7D%2C%22imp%22%3A%5B%7B%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22sid%22%3A%2231%22%2C%22siteID%22%3A%22470610%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A600%2C%22ext%22%3A%7B%22sid%22%3A%2232%22%2C%22siteID%22%3A%22470612%22%7D%7D%5D%7D%2C%22id%22%3A%221%22%7D%5D%2C%22ext%22%3A%7B%22source%22%3A%22ixwrapper%22%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A1%2C%22us_privacy%22%3A%221---%22%7D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%22consent%22%3A%22%22%7D%7D%7D
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/190540-122528310662128.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.31.84.150 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-31-84-150.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 0e827346aa7bc7850d92185d5550127650f9daf100668fa0c8b0fe1ff4254d36

Request headers

Referer: https://www.gandul.ro/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 13 Feb 2022 14:35:24 GMT
x-ak-initial-geo: CC:[DE], RC:[HE], CN:[EU], CIP:[193.27.14.24], XFF:[]
server: Apache
content-type: text/javascript
access-control-allow-origin: https://www.gandul.ro
x-cs-client-geo: 12
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 78
x-ak-client-geo: 12
expires: Sun, 13 Feb 2022 14:35:24 GMT

GET
H3 200 sdb.css
live.demand.supply/css/ 4 KB
2 KB 87ms
86ms Stylesheet
text/css 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/css/sdb.css
Requested by: Host: client
URL: about:client
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 99456b3711ac205efcbdbc08ae9dae0124aa6a94d0edf9701a80caa6fc38b5db

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gandul.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-nf-request-id: 01FN0J18J3PBRSCV8HHF6ZFMWF
date: Sun, 13 Feb 2022 14:35:24 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
server: cloudflare
age: 2487407
etag: W/"9bafda7cf8dec16f272df141e953a55a-ssl-df"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: max-age=2592000,immutable,stale-if-error=604800
cf-ray: 6dcec8730f80375b-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 gandul.ro_728x90_sticky_display_bottom Show response
live.demand.supply/cp/ 27 B
255 B 410ms
409ms XHR
text/plain 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/cp/gandul.ro_728x90_sticky_display_bottom?mlos=wi&mlbr=ch&mlla=en&mlbs=48&dsReferer=aHR0cHM6Ly93d3cuZ2FuZHVsLnJvL3N0aXJpL3VuLWFkb2xlc2NlbnQtZGUtMTctYW5pLWluZWNhdC10aGVybWUtY2Utc3B1bi1yZXByZXplbnRhdGlpLWNvbXBsZXh1bHVpLTE5NzQ5MzE4P3V0bV9zb3VyY2U9WkYrQXJ0aWNvbCZ1dG1fbWVkaXVtPXdlYnNpdGUmdXRtX2NhbXBhaWduPWZpZG1lZQ==
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v14.0.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fa90ae4478f005d82a53a1ca9a161075fbf49bcbc7e0f21946d25771f8da49fe

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gandul.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 13 Feb 2022 14:35:24 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: private,max-age=3600
cf-ray: 6dcec87309a43749-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 27

POST
H/1.1 200
OK headerstats Show response
as-sec.casalemedia.com/ 0
426 B 75ms
20ms XHR
text/plain 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://as-sec.casalemedia.com/headerstats?s=403901&u=https%3A%2F%2Fwww.gandul.ro%2Fstiri%2Fun-adolescent-de-17-ani-inecat-therme-ce-spun-reprezentatii-complexului-19749318%3Futm_source%3DZF%2BArticol%26utm_medium%3Dwebsite%26utm_campaign%3Dfidmee&v=3
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/190540-122528310662128.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.gandul.ro/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma: no-cache
Date: Sun, 13 Feb 2022 14:35:24 GMT
X-AK-INITIAL-GEO: CC:[DE], RC:[HE], CN:[EU], CIP:[193.27.14.24], XFF:[]
Server: Apache
Access-Control-Allow-Origin: https://www.gandul.ro
X-CS-CLIENT-GEO: 12
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
X-AK-CLIENT-GEO: 12
Expires: Sun, 13 Feb 2022 14:35:24 GMT

POST
H/1.1 200
OK headerstats Show response
as-sec.casalemedia.com/ 0
426 B 97ms
27ms XHR
text/plain 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://as-sec.casalemedia.com/headerstats?s=403901&u=https%3A%2F%2Fwww.gandul.ro%2Fstiri%2Fun-adolescent-de-17-ani-inecat-therme-ce-spun-reprezentatii-complexului-19749318%3Futm_source%3DZF%2BArticol%26utm_medium%3Dwebsite%26utm_campaign%3Dfidmee&v=3
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/190540-122528310662128.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.gandul.ro/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma: no-cache
Date: Sun, 13 Feb 2022 14:35:24 GMT
X-AK-INITIAL-GEO: CC:[DE], RC:[HE], CN:[EU], CIP:[193.27.14.24], XFF:[]
Server: Apache
Access-Control-Allow-Origin: https://www.gandul.ro
X-CS-CLIENT-GEO: 12
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
X-AK-CLIENT-GEO: 12
Expires: Sun, 13 Feb 2022 14:35:24 GMT

GET
H/1.1 200
OK / Show response
pubmedya.net/vu/ro/ Frame 9539 3 KB
3 KB 36ms
15ms Document
text/html 176.9.60.211
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pubmedya.net/vu/ro/?
Requested by: Host: pubmedya.net
URL: https://pubmedya.net/vu/ro/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 176.9.60.211 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.211.60.9.176.clients.your-server.de
Software: nginx/1.12.2 /
Resource Hash: 4990db2057afe64906afbe7c901e7e7439db6b0a93b67c6b01bf3954a973e12e

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://pubmedya.net/vu/ro/

Response headers

Server: nginx/1.12.2
Date: Sun, 13 Feb 2022 14:35:24 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close

GET
H2

200

/ Show response
de.dhgate.com/ Frame 9539
Redirect Chain

https://pubmedya.net/to2/dhgate/
https://de.dhgate.com/?f=bm|aff|admitad|1019090|504fc55d89d5ae1ba83b8bbe7bb8e979|197649||

0
0

509ms
258ms

Script
text/html

2606:2800:235:1c73:1f86:1376:22ce:2cd
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://de.dhgate.com/?f=bm|aff|admitad|1019090|504fc55d89d5ae1ba83b8bbe7bb8e979|197649||
Requested by: Host: pubmedya.net
URL: https://pubmedya.net/vu/ro/?
Protocol: H2
Server: 2606:2800:235:1c73:1f86:1376:22ce:2cd , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Redirect headers

Location: https://de.dhgate.com/?f=bm|aff|admitad|1019090|504fc55d89d5ae1ba83b8bbe7bb8e979|197649||
Date: Sun, 13 Feb 2022 14:35:24 GMT
Referrer-Policy: no-referrer
Server: nginx/1.12.2
Connection: close
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H2

200

/ Show response
localbitcoins.com/buy-bitcoins-online/ Frame 9539
Redirect Chain

https://localbitcoins.com/buy-bitcoins-online/?ch=1cmsy
https://localbitcoins.com/buy-bitcoins-online/

0
0

486ms
486ms

Script
text/html

104.16.83.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://localbitcoins.com/buy-bitcoins-online/
Requested by: Host: pubmedya.net
URL: https://pubmedya.net/vu/ro/?
Protocol: H2
Server: 104.16.83.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pubmedya.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Redirect headers

date: Sun, 13 Feb 2022 14:35:24 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-type: text/html; charset=utf-8
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: DENY
content-language: en
location: /buy-bitcoins-online/
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-ray: 6dcec8745aeb39e1-CDG
vary: Accept-Language, Cookie
content-length: 0

GET
H/1.1 200
OK / Show response
iqbroker.com//lp/ultimate-trading/ Frame 9539 0
0 71ms
30ms Script
text/html 185.117.134.138
IQOPTION

General

Check archive.org

Show headers Download Go to

Full URL: https://iqbroker.com//lp/ultimate-trading/?active=forex2&aff=7792
Requested by: Host: pubmedya.net
URL: https://pubmedya.net/vu/ro/?
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 185.117.134.138 , Cyprus, ASN204006 (IQOPTION, CY),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pubmedya.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

GET
H2

200

/ Show response
remitano.com/ Frame 9539
Redirect Chain

https://remitano.com/join/2716653
https://remitano.com/

0
0

363ms
363ms

Script
text/html

2606:4700:10::ac43:1e5d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://remitano.com/
Requested by: Host: pubmedya.net
URL: https://pubmedya.net/vu/ro/?
Protocol: H2
Server: 2606:4700:10::ac43:1e5d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pubmedya.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Redirect headers

date: Sun, 13 Feb 2022 14:35:24 GMT
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: Remitano
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: text/plain; charset=utf-8
location: /
permissions-policy: camera=(*)
content-security-policy: default-src * 'self' https: wss: data: blob: 'unsafe-inline' 'unsafe-eval'
cf-ray: 6dcec8756e2683ba-MXP
content-length: 23

GET
H2 503 /
p2pb2b.io/ Frame 9539 0
0 180ms
65ms Script
text/html 2606:4700:20::681b:5171
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://p2pb2b.io/?referral=5dacfd8f
Requested by: Host: pubmedya.net
URL: https://pubmedya.net/vu/ro/?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681b:5171 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pubmedya.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

GET
H2 200 / Show response
www.thelotter.com/de/ Frame 9539 0
0 439ms
380ms Script
text/html 107.154.132.27
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thelotter.com/de/?tl_affid=9175&tl_bannerid=6eff90c0
Requested by: Host: pubmedya.net
URL: https://pubmedya.net/vu/ro/?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.132.27 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.132.27.ip.incapdns.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pubmedya.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

GET
H2

200

/ Show response
freebitco.in/ Frame 9539
Redirect Chain

https://freebitco.in/?r=3669689
https://freebitco.in/?op=signup_page&r=3669689

0
0

291ms
290ms

Script
text/html

104.22.7.169
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://freebitco.in/?op=signup_page&r=3669689
Requested by: Host: pubmedya.net
URL: https://pubmedya.net/vu/ro/?
Protocol: H2
Server: 104.22.7.169 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pubmedya.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Redirect headers

date: Sun, 13 Feb 2022 14:35:24 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: text/html; charset=iso-8859-1
location: https://freebitco.in/?op=signup_page&r=3669689
cache-control: max-age=0
cf-ray: 6dcec8743b479255-FRA
expires: Sun, 13 Feb 2022 14:35:24 GMT

GET
H2

200

/ Show response
de.iherb.com/ Frame 9539
Redirect Chain

https://pubmedya.net/to2/iherb.com/
https://www.iherb.com/?clickref=1011liQgeRUf&utm_source=phgagru&utm_medium=affiliate&utm_campaign=1100l95727
https://www.iherb.com/?utm_source=phgagru&utm_medium=affiliate&utm_campaign=1100l95727
https://de.iherb.com/?utm_source=phgagru&utm_medium=affiliate&utm_campaign=1100l95727

0
0

545ms
534ms

Script
text/html

104.18.11.75
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://de.iherb.com/?utm_source=phgagru&utm_medium=affiliate&utm_campaign=1100l95727
Requested by: Host: pubmedya.net
URL: https://pubmedya.net/vu/ro/?
Protocol: H2
Server: 104.18.11.75 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Redirect headers

date: Sun, 13 Feb 2022 14:35:25 GMT
datacenter: production/catalog/frankfurt
cf-cache-status: EXPIRED
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
location: https://de.iherb.com/?utm_source=phgagru&utm_medium=affiliate&utm_campaign=1100l95727
vary: Accept-Encoding
cache-control: max-age=0
x-client-id: page-home
x-envoy-upstream-service-time: 1374
buildnumber: 1544
cf-ray: 6dcec8752df19249-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0

GET
H2

200

/ Show response
www.exness.uk/ Frame 9539
Redirect Chain

https://www.exness.com/a/vps0b6j3
https://www.exness.com/?utm_source=partners&_8f4x=1
https://www.exness.uk/?utm_source=partners&_8f4x=1

0
0

85ms
19ms

Script
text/html

45.60.78.64
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.exness.uk/?utm_source=partners&_8f4x=1
Requested by: Host: pubmedya.net
URL: https://pubmedya.net/vu/ro/?
Protocol: H2
Server: 45.60.78.64 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pubmedya.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Redirect headers

location: https://www.exness.uk/?utm_source=partners&_8f4x=1
x-iinfo: 11-53089263-53088550 pNNN RT(1644762923657 0) q(0 0 0 -1) r(0 0) U11
cache-control: no-cache
x-cdn: Imperva
content-length: 0

GET
H2

200

/ Show response
ro.hotelscombined.com/ Frame 9539
Redirect Chain

https://ro.hotelscombined.com/?a_aid=172493
https://ro.hotelscombined.com/

0
0

174ms
173ms

Script
text/html

151.101.129.29
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ro.hotelscombined.com/
Requested by: Host: pubmedya.net
URL: https://pubmedya.net/vu/ro/?
Protocol: H2
Server: 151.101.129.29 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pubmedya.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Redirect headers

content-security-policy: upgrade-insecure-requests; frame-ancestors 'self'
referrer-policy: origin-when-cross-origin
server: KAYAK/1.0
date: Sun, 13 Feb 2022 14:35:24 GMT
content-security-policy-report-only: default-src https: blob:; connect-src https:; font-src https: data:; frame-src https:; img-src https: data: blob:; media-src https:; object-src https: data: blob:; script-src 'unsafe-inline' 'unsafe-eval' https:; style-src 'unsafe-inline' https:; worker-src blob:; report-uri /s/run/cspreport/reportHttp; report-to csp-log
report-to: { "group": "csp-log", "max_age": 43200, "endpoints": [ { "url": "https://www.kayak.com/s/run/cspreport/reportHttp" } ] }
location: /
permissions-policy: camera=(), microphone=(), midi=(), geolocation=(self), usb=(), interest-cohort=()
x-content-type-options: nosniff
accept-ranges: bytes
content-length: 0
x-xss-protection: 1; mode=block

GET
H2

200

/ Show response
de.stripchat.com/ Frame 9539
Redirect Chain

https://stripchat.com/?affiliateId=73b0fbd3ee36ead2b74e59d3464a7035c57d58262dabefced6d54007bc244727
https://de.stripchat.com/?affiliateId=73b0fbd3ee36ead2b74e59d3464a7035c57d58262dabefced6d54007bc244727

0
0

329ms
315ms

Script
text/html

2606:4700::6813:b729
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://de.stripchat.com/?affiliateId=73b0fbd3ee36ead2b74e59d3464a7035c57d58262dabefced6d54007bc244727
Requested by: Host: pubmedya.net
URL: https://pubmedya.net/vu/ro/?
Protocol: H2
Server: 2606:4700::6813:b729 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pubmedya.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Redirect headers

date: Sun, 13 Feb 2022 14:35:24 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: deny
content-type: text/html
location: https://de.stripchat.com/?affiliateId=73b0fbd3ee36ead2b74e59d3464a7035c57d58262dabefced6d54007bc244727
strict-transport-security: max-age=15768000
cf-ray: 6dcec8753b2f3754-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 / Show response
kinsta.com/ Frame 9539 0
0 644ms
541ms Script
text/html 2606:4700::6812:99
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kinsta.com/?kaid=ARRPTWYMWIMC
Requested by: Host: pubmedya.net
URL: https://pubmedya.net/vu/ro/?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:99 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pubmedya.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

GET
H2 200 443457 Show response
faucetcrypto.com/ref/ Frame 9539 0
0 392ms
272ms Script
text/html 2606:4700:10::ac43:557
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://faucetcrypto.com/ref/443457
Requested by: Host: pubmedya.net
URL: https://pubmedya.net/vu/ro/?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:557 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pubmedya.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

GET
H2 200 / Show response
www.forextime.com/ Frame 9539 0
0 182ms
70ms Script
text/html 2606:4700::6812:e763
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.forextime.com/?partner_id=4822342
Requested by: Host: pubmedya.net
URL: https://pubmedya.net/vu/ro/?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:e763 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pubmedya.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

GET
H/1.1 200
OK / Show response
www.spartoo.ro/ Frame 9539 0
0 139ms
40ms Script
text/html 185.28.232.10
IGUANESOLUTIONS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.spartoo.ro/?track_id=cityads1jf&click_id=9aRZ1VMflEZvDw7&k2X1c=1
Requested by: Host: pubmedya.net
URL: https://pubmedya.net/vu/ro/?
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.28.232.10 , France, ASN39605 (IGUANESOLUTIONS, FR),
Reverse DNS: spo-webvip-01.ig-1.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pubmedya.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

GET
H2

200

/ Show response
chaturbate.com/pepperxminthe/ Frame 9539
Redirect Chain

https://chaturbate.com/in/?track=default&tour=hr8m&campaign=sgo1n
https://chaturbate.com/toproom/?join_overlay=1&tour=hr8m&disable_sound=0&campaign=sgo1n
https://chaturbate.com/pepperxminthe/?join_overlay=1&tour=hr8m&disable_sound=0&campaign=sgo1n

0
0

339ms
338ms

Script
text/html

2606:4700::6812:6528
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://chaturbate.com/pepperxminthe/?join_overlay=1&tour=hr8m&disable_sound=0&campaign=sgo1n
Requested by: Host: pubmedya.net
URL: https://pubmedya.net/vu/ro/?
Protocol: H2
Server: 2606:4700::6812:6528 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pubmedya.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Redirect headers

date: Sun, 13 Feb 2022 14:35:25 GMT
via: 1.1 google, 1.1 google
x-content-type-options: nosniff, nosniff
cf-cache-status: DYNAMIC
nel: {"report_to":"default","max_age":2592000,"include_subdomains":true}
cf-ctrl: Z
cf-ray: 6dcec8794a2b3753-MXP
p3p: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
vary: Accept-Language, Cookie, Accept-Encoding
x-xss-protection: 1; mode=block; report=https://report-uri.highwebmedia.com/r/t/xss/enforce, 1; mode=block; report=https://report-uri.highwebmedia.com/r/t/xss/enforce
referrer-policy: strict-origin-when-cross-origin, strict-origin-when-cross-origin
server: cloudflare
x-frame-options: DENY
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"default","max_age":2592000,"endpoints":[{"url":"https://report-uri.mmcdn.com/a/t/g"}],"include_subdomains":true}
content-language: de
location: /pepperxminthe/?join_overlay=1&tour=hr8m&disable_sound=0&campaign=sgo1n
cache-control: no-cache
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.mmcdn.com https://*.highwebmedia.com https://*.chaturbate.com https://chaturbate.com https://ajax.googleapis.com https://cdn.exoticads.com https://js-agent.newrelic.com https://cdnjs.cloudflare.com https://www.google-analytics.com https://www.google.com/recaptcha/ https://www.google.com/cv/ https://www.gstatic.com/recaptcha/ https://www.gstatic.com/cv/ https://www.gstatic.com/eureka/ https://www.gstatic.com/cast/ https://*.nr-data.net https://certify-js.alexametrics.com https://player.vimeo.com/api/player.js; style-src 'self' data: 'unsafe-inline' https://*.highwebmedia.com https://cdnjs.cloudflare.com https://fonts.googleapis.com ; img-src 'self' data: https://*.mmcdn.com https://*.highwebmedia.com https://*.stream.highwebmedia.com https://*.chaturbate.com https://chaturbate.com https://www.google-analytics.com https://static-pub.highwebmedia.com https://s3pv.highwebmedia.com https://cbphotovideo.s3.amazonaws.com https://cbphotovideo-eu.s3.amazonaws.com https://static-pub.highwebmedia.com.s3.amazonaws.com https://wowdvr.s3.amazonaws.com https://cbvideoupload.s3.amazonaws.com https://cdnjs.cloudflare.com https://www.gstatic.com https://*.nr-data.net https://certify.alexametrics.com https://stats.g.doubleclick.net https://cbgames.s3.amazonaws.com https://player.vimeo.com; font-src 'self' data: https://*.mmcdn.com https://*.highwebmedia.com https://cdnjs.cloudflare.com https://fonts.gstatic.com ; connect-src 'self' blob: blob https://*.mmcdn.com wss://*.mmcdn.com wss://*.mmcdn.com:8443 https://*.highwebmedia.com wss://*.highwebmedia.com wss://*.highwebmedia.com:8443 https://*.nr-data.net https://*.chaturbate.com https://chaturbate.com https://www.google-analytics.com https://cbvideoupload.s3-accelerate.amazonaws.com https://stats.g.doubleclick.net https://internet-up.ably-realtime.com https://static-pub.highwebmedia.com https://s3pv.highwebmedia.com https://cbphotovideo.s3.amazonaws.com https://cbphotovideo-eu.s3.amazonaws.com https://static-pub.highwebmedia.com.s3.amazonaws.com https://wowdvr.s3.amazonaws.com https://cbvideoupload.s3.amazonaws.com ; media-src 'self' https://*.mmcdn.com https://*.highwebmedia.com https://*.chaturbate.com https://chaturbate.com mediasource: blob: data: https://static-pub.highwebmedia.com https://s3pv.highwebmedia.com https://cbphotovideo.s3.amazonaws.com https://cbphotovideo-eu.s3.amazonaws.com https://static-pub.highwebmedia.com.s3.amazonaws.com https://wowdvr.s3.amazonaws.com https://cbvideoupload.s3.amazonaws.com; object-src 'self' https://*.mmcdn.com https://*.highwebmedia.com https://download.macromedia.com https://static-pub.highwebmedia.com https://s3pv.highwebmedia.com https://cbphotovideo.s3.amazonaws.com https://cbphotovideo-eu.s3.amazonaws.com https://static-pub.highwebmedia.com.s3.amazonaws.com https://wowdvr.s3.amazonaws.com https://cbvideoupload.s3.amazonaws.com ; frame-src 'self' https://*.mmcdn.com https://*.chaturbate.com https://chaturbate.com https://*.highwebmedia.com https://adserver.exoticads.com https://www.google.com/recaptcha/ https://*.wnu.com https://wnu.com https://checkout.2000charge.com https://www.sofort.com https://*.girogate.de https://txn.apac.paywithpoli.com https://player.vimeo.com; child-src 'self' blob: blob ; worker-src 'self' blob: blob ; form-action 'self' https://*.chaturbate.com https://chaturbate.com https://*.stream.highwebmedia.com https://www.coinpayments.net https://*.wnu.com https://wnu.com https://devportal.cb.dev ; manifest-src 'self' https://*.mmcdn.com https://*.highwebmedia.com ; report-uri https://report-uri.mmcdn.com/r/t/csp/enforce;
content-type: text/html; charset=utf-8

GET
H2

200

/ Show response
de.bongacams.com/ Frame 9539
Redirect Chain

https://is.gd/6P9p5C
https://bngpt.com/h.php?v=2&c=287325
https://bongacams.com/?bcs=aXNiZTRhMWRkMWY0ZWNlOGQ4YWQyNDZmMmFhY2JjM2I0NDhhOjoxODMzNDY6Omh0dHBzOi8vcHVibWVkeWEubmV0Lzo6Ojo6OjI4NzMyNTo6MDo6MDo6MDo6OjowOjpkZWZhdWx0Ojow
https://de.bongacams.com/?bcs=aXNiZTRhMWRkMWY0ZWNlOGQ4YWQyNDZmMmFhY2JjM2I0NDhhOjoxODMzNDY6Omh0dHBzOi8vcHVibWVkeWEubmV0Lzo6Ojo6OjI4NzMyNTo6MDo6MDo6MDo6OjowOjpkZWZhdWx0Ojow

0
0

390ms
334ms

Script
text/html

195.85.23.96
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://de.bongacams.com/?bcs=aXNiZTRhMWRkMWY0ZWNlOGQ4YWQyNDZmMmFhY2JjM2I0NDhhOjoxODMzNDY6Omh0dHBzOi8vcHVibWVkeWEubmV0Lzo6Ojo6OjI4NzMyNTo6MDo6MDo6MDo6OjowOjpkZWZhdWx0Ojow
Requested by: Host: pubmedya.net
URL: https://pubmedya.net/vu/ro/?
Protocol: H2
Server: 195.85.23.96 , Czech Republic, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS: net-96-23-conversasro.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pubmedya.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Redirect headers

date: Sun, 13 Feb 2022 14:35:25 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: text/html; charset=utf-8
location: https://de.bongacams.com/?bcs=aXNiZTRhMWRkMWY0ZWNlOGQ4YWQyNDZmMmFhY2JjM2I0NDhhOjoxODMzNDY6Omh0dHBzOi8vcHVibWVkeWEubmV0Lzo6Ojo6OjI4NzMyNTo6MDo6MDo6MDo6OjowOjpkZWZhdWx0Ojow
cache-control: no-cache, no-store, must-revalidate
cf-ray: 6dcec87a6ba5912b-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-zone: 5-web23

GET
H2 403 /
paxful.com/ru/ Frame 9539 0
0 142ms
94ms Script
text/html 2606:4700::6811:3b3a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://paxful.com/ru/?r=GzdvAoGWyQA
Requested by: Host: pubmedya.net
URL: https://pubmedya.net/vu/ro/?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:3b3a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pubmedya.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

GET
H2 200 / Show response
gleam.io/ Frame 9539 0
0 402ms
322ms Script
text/html 172.66.43.179
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gleam.io/?via=1874976
Requested by: Host: pubmedya.net
URL: https://pubmedya.net/vu/ro/?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 172.66.43.179 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pubmedya.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

GET
H/1.1

403
Forbidden

/
my5.roboforex.org/ru/ Frame 9539
Redirect Chain

https://rbfxdirect.com/ru/lk/?a=zkeb
https://my5.roboforex.org/ru/?a=zkeb

0
0

81ms
22ms

Script
text/html

82.196.14.221
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://my5.roboforex.org/ru/?a=zkeb
Requested by: Host: pubmedya.net
URL: https://pubmedya.net/vu/ro/?
Protocol: HTTP/1.1
Server: 82.196.14.221 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pubmedya.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Redirect headers

date: Sun, 13 Feb 2022 14:35:24 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3ZjB0ttaScCEE34K5OSfQUzOdglsqyJNIfCn%2BCNjrz5hjEt%2BsSBcrnn%2FpSyiFIj3xHt9t6xbpLpboMLS%2B53jG8wVSMKhd8gKA85ixARr18QX25tZCWkH0BpmdDvGRJkghw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
location: https://my5.roboforex.org/ru/?a=zkeb
cf-ray: 6dcec8781fca9195-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 / Show response
faucetpay.io/ Frame 9539 0
0 245ms
137ms Script
text/html 2606:4700:20::ac43:4be2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://faucetpay.io/?r=612200
Requested by: Host: pubmedya.net
URL: https://pubmedya.net/vu/ro/?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4be2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pubmedya.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

GET
H2 200 / Show response
www.canva.com/q/pro/ Frame 9539 0
0 253ms
144ms Script
text/html 2606:4700::6811:7311
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.canva.com/q/pro/?irgwc=1&utm_medium=affiliate&utm_source=korfoorg&clickId=3x7W23UblxyIRBs3f2zLu1xeUkGU4Axfc0o4VQ0
Requested by: Host: pubmedya.net
URL: https://pubmedya.net/vu/ro/?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:7311 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pubmedya.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

GET
H2

200

/ Show response
de.banggood.com/de/ Frame 9539
Redirect Chain

https://www.banggood.com/?p=5Z30141707865201505S&custlinkid=1737278
https://de.banggood.com/de/?akmClientCountry=DE&p=5Z30141707865201505S&custlinkid=1737278

0
0

30ms
17ms

Script
text/html

104.109.77.182
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://de.banggood.com/de/?akmClientCountry=DE&p=5Z30141707865201505S&custlinkid=1737278
Requested by: Host: pubmedya.net
URL: https://pubmedya.net/vu/ro/?
Protocol: H2
Server: 104.109.77.182 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-77-182.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pubmedya.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Redirect headers

pragma: no-cache
date: Sun, 13 Feb 2022 14:35:25 GMT
server: nginx
x-frame-options: SAMEORIGIN
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
location: https://de.banggood.com/de/?akmClientCountry=DE&p=5Z30141707865201505S&custlinkid=1737278
cache-control: max-age=0, no-cache, no-store
content-type: text/html; charset=utf-8
content-length: 0
x-xss-protection: 1; mode=block
x-dc-origin: MtlBnl5A6m8dADAi4SRjx7h5CRb19YHbhUZ/jSMuGCo=
expires: Sun, 13 Feb 2022 14:35:25 GMT

GET
H2 200 / Show response
www.tomtop.com/ Frame 9539 0
0 633ms
310ms Script
text/html 44.237.79.85
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tomtop.com/?aid=agru
Requested by: Host: pubmedya.net
URL: https://pubmedya.net/vu/ro/?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.237.79.85 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-237-79-85.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pubmedya.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

GET
H3

200

https://coinsbit.io/referral/abbb0df8-7383-4a72-b68a-b161a8ae6e74
https://coinsbit.io/register

0
0

369ms
273ms

Script
text/html

2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://coinsbit.io/register
Requested by: Host: pubmedya.net
URL: https://pubmedya.net/vu/ro/?
Protocol: H3
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pubmedya.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Redirect headers

date: Sun, 13 Feb 2022 14:35:25 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.2.34
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Hfqj9dhNi6uOTlW6KzMujTEJBVTpAuO7XZFKXN5vJzpF6ZuYvWZ45yxlXmd4iE5Xk2VnEyL58xBE5ArePLt2kluMQ96Ok0ZMUqFe4aCcZMTXr8CkRjUwqlwssUNU5buHcQC%2BxoqF4BUggQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
location: https://coinsbit.io/register
cache-control: no-cache, private
cf-ray: 6dcec87a7bae3760-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2

200

/ Show response
www.miniinthebox.com/de/ Frame 9539
Redirect Chain

https://www.miniinthebox.com/?utm_campaign=1398851&utm_content=Indoleads2019&utm_source=gan&utm_medium=affiliate&litb_from=affiliate_gan&clickid=2jfXwuUbjxyIUeizap0BSzDkUkGU4E1%3Ac0o4VQ0&irgwc=1
https://www.miniinthebox.com/de/?utm_campaign=1398851&utm_content=Indoleads2019&utm_source=gan&utm_medium=affiliate&litb_from=affiliate_gan&clickid=2jfXwuUbjxyIUeizap0BSzDkUkGU4E1%3Ac0o4VQ0&irgwc=1

0
0

924ms
924ms

Script
text/html

2.16.186.241
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.miniinthebox.com/de/?utm_campaign=1398851&utm_content=Indoleads2019&utm_source=gan&utm_medium=affiliate&litb_from=affiliate_gan&clickid=2jfXwuUbjxyIUeizap0BSzDkUkGU4E1%3Ac0o4VQ0&irgwc=1
Requested by: Host: pubmedya.net
URL: https://pubmedya.net/vu/ro/?
Protocol: H2
Server: 2.16.186.241 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-241.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pubmedya.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Redirect headers

pragma: no-cache
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
date: Sun, 13 Feb 2022 14:35:25 GMT
x-frame-options: SAMEORIGIN;
p3p: CP="CAO PSA OUR"
location: https://www.miniinthebox.com/de/?utm_campaign=1398851&utm_content=Indoleads2019&utm_source=gan&utm_medium=affiliate&litb_from=affiliate_gan&clickid=2jfXwuUbjxyIUeizap0BSzDkUkGU4E1%3Ac0o4VQ0&irgwc=1
cache-control: no-store, no-cache, must-revalidate
server-timing: cdn-cache; desc=MISS, edge; dur=119, origin; dur=32
content-type: text/html; charset=UTF-8
content-length: 0
x-xss-protection: 1;mode=block
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2

200

/ Show response
www.nike.com/sg/ Frame 9539
Redirect Chain

https://pubmedya.net/to2/nike.apac/
https://www.nike.com/sg/?cp=76060516106_aff_|qKqcOVHts48|&ranMID=41134&ranEAID=qKqcOVHts48&ranSiteID=qKqcOVHts48-3tF9ra7EcDltDMmMC6vq7g

0
0

455ms
324ms

Script
text/html

104.111.224.226
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.nike.com/sg/?cp=76060516106_aff_|qKqcOVHts48|&ranMID=41134&ranEAID=qKqcOVHts48&ranSiteID=qKqcOVHts48-3tF9ra7EcDltDMmMC6vq7g
Requested by: Host: pubmedya.net
URL: https://pubmedya.net/vu/ro/?
Protocol: H2
Server: 104.111.224.226 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-224-226.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Redirect headers

Location: https://www.nike.com/sg/?cp=76060516106_aff_|qKqcOVHts48|&ranMID=41134&ranEAID=qKqcOVHts48&ranSiteID=qKqcOVHts48-3tF9ra7EcDltDMmMC6vq7g
Date: Sun, 13 Feb 2022 14:35:25 GMT
Referrer-Policy: no-referrer
Server: nginx/1.12.2
Connection: close
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H/1.1

200
OK

/ Show response
www.litefinance.com/ Frame 9539
Redirect Chain

https://www.liteforex.com/?uid=322652589
https://litefinance.com/?uid=322652589
https://www.litefinance.com/?uid=322652589

0
0

139ms
113ms

Script
text/html

178.248.238.82
QRATOR

General

Check archive.org

Show headers Download Go to

Full URL: https://www.litefinance.com/?uid=322652589
Requested by: Host: pubmedya.net
URL: https://pubmedya.net/vu/ro/?
Protocol: HTTP/1.1
Server: 178.248.238.82 , Russian Federation, ASN197068 (QRATOR, RU),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pubmedya.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Redirect headers

Location: https://www.litefinance.com/?uid=322652589
Date: Sun, 13 Feb 2022 14:35:25 GMT
Server: QRATOR
Connection: keep-alive
Keep-Alive: timeout=15
Content-Length: 162
Content-Type: text/html

GET
H2

200

https://www.binance.com/ru/register?ref=KZTDOPQP
https://accounts.binance.com/ru/register?ref=KZTDOPQP

0
0

128ms
47ms

Script
text/html

13.224.89.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://accounts.binance.com/ru/register?ref=KZTDOPQP
Requested by: Host: pubmedya.net
URL: https://pubmedya.net/vu/ro/?
Protocol: H2
Server: 13.224.89.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-89-60.zrh50.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pubmedya.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Redirect headers

date: Sun, 13 Feb 2022 14:34:48 GMT
via: 1.1 666ff4ad81b3b60af3d2241160893ee2.cloudfront.net (CloudFront)
server: Tengine
age: 37
x-cache: Hit from cloudfront
content-type: text/html
location: https://accounts.binance.com/ru/register?ref=KZTDOPQP
cache-control: no-store,max-age=0,must-revalidate
x-amz-cf-pop: ZRH50-C1
content-length: 215
x-amz-cf-id: 2uVv41hRqhEh0vbVcyDXFoZ7P2S08qGdLI-u7Vci_MHhmihXNLoAeg==

GET
H2 200 j19u1ne5 Show response
offer.alibaba.com/cps/ Frame 9539 0
0 432ms
310ms Script
text/html 104.111.243.137
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://offer.alibaba.com/cps/j19u1ne5?bm=cps&src=saf&tp1=431557d33e62c1d20f1ea47e83f1715f&pid=656490
Requested by: Host: pubmedya.net
URL: https://pubmedya.net/vu/ro/?
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.243.137 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-243-137.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pubmedya.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

GET
H2

200

/ Show response
cex.io/ Frame 9539
Redirect Chain

https://cex.io/r/0/up111785894/0/
https://cex.io/

0
0

80ms
80ms

Script
text/html

104.20.0.53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cex.io/
Requested by: Host: pubmedya.net
URL: https://pubmedya.net/vu/ro/?
Protocol: H2
Server: 104.20.0.53 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pubmedya.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Redirect headers

location: https://cex.io
date: Sun, 13 Feb 2022 14:35:25 GMT
vary: Accept-Encoding
x-app-version: master.e3ebb6f4.c475f68f4d068495da948b1755a76e7d96f9e65fed42f8aa79842b05b777a6e1
server: cloudflare
x-frame-options: DENY
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-security-policy-report-only: default-src 'self';connect-src 'self' https://maps.googleapis.com https://cex.io wss://cex.io/ws/;frame-src 'self' * ext.cex.io;font-src 'self' data: 'unsafe-inline' https://fonts.googleapis.com https://fonts.gstatic.com https://static.cex.io;img-src 'self' data: https://static.cex.io;media-src 'self' https://static.cex.io;style-src 'self' 'unsafe-inline' https://*.googleapis.com https://code.jquery.com https://static.cex.io;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.cex.io;report-uri https://cex.io/cspr;
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: *
strict-transport-security: max-age=15724800; includeSubDomains
cf-ray: 6dcec87bf9e168fb-FRA
cf-cache-status: DYNAMIC

GET
H2 520 /
www.instaforex.com/ Frame 9539 0
0 252ms
145ms Script
text/html 2606:4700:10::ac43:16c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.instaforex.com/?x=LVYG
Requested by: Host: pubmedya.net
URL: https://pubmedya.net/vu/ro/?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:16c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pubmedya.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

GET
H2

200

/ Show response
www.ebay.com/ Frame 9539
Redirect Chain

https://pubmedya.net/to2/uatest/
https://rover.ebay.com/rover/1/711-155609-835623-2/16?PARM3_ID=GBH_168&FF11=GBH_168&kw=6208c5f65c66c50001da8041_14330&mpre=
https://rover.ebay.com/rover/1/711-155609-835623-2/16?PARM3_ID=GBH_168&FF11=GBH_168&kw=6208c5f65c66c50001da8041_14330&mkevt=1&mkcid=16&mkrid=711-155609-835623-2&ufes_redirect=true
https://www.ebay.com/?PARM3_ID=GBH_168&FF11=GBH_168&kw=6208c5f65c66c50001da8041_14330&mkevt=1&mkcid=16&mkrid=711-155609-835623-2&ufes_redirect=true&mkevt=1&mkcid=16&mkrid=711-155609-835623-2&ufes_r...

0
0

286ms
243ms

Script
text/html

184.30.25.27
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ebay.com/?PARM3_ID=GBH_168&FF11=GBH_168&kw=6208c5f65c66c50001da8041_14330&mkevt=1&mkcid=16&mkrid=711-155609-835623-2&ufes_redirect=true&mkevt=1&mkcid=16&mkrid=711-155609-835623-2&ufes_redirect=true
Requested by: Host: pubmedya.net
URL: https://pubmedya.net/vu/ro/?
Protocol: H2
Server: 184.30.25.27 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-25-27.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Redirect headers

location: https://www.ebay.com?PARM3_ID=GBH_168&FF11=GBH_168&kw=6208c5f65c66c50001da8041_14330&mkevt=1&mkcid=16&mkrid=711-155609-835623-2&ufes_redirect=true&mkevt=1&mkcid=16&mkrid=711-155609-835623-2&ufes_redirect=true
date: Sun, 13 Feb 2022 14:35:26 GMT
server: ebay-proxy-server
content-length: 0

GET
H2 200 /
u.alicdn.com/css/6v/run/ws-mobile/core/ Frame 5C76 4 KB
2 KB 76ms
18ms Stylesheet
text/css 104.111.216.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://u.alicdn.com/css/6v/run/ws-mobile/core/??core-ws.css?t=0_2f98f3abf

Requested by

Host: sale.aliexpress.com
URL: https://sale.aliexpress.com/__mobile/coupon_aliexpress.htm?af=a&47182&cn=-&cv=84215&dp=193.27.14.24&aff_fcid=ab345720c5ee43bc842a1b35e626ad8d-1644762924160-06522-_d8O2mSk&aff_fsk=_d8O2mSk&aff_platform=portals-tool&sk=_d8O2mSk&aff_trace_key=ab345720c5ee43bc842a1b35e626ad8d-1644762924160-06522-_d8O2mSk&terminal_id=85ff93f48190446ba6e1a3afdb3ed8fd

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

104.111.216.213 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-216-213.deploy.static.akamaitechnologies.com

Software

Tengine /

Resource Hash

0382aaad6eb14c49bc35e75fee3ac688a58a8b0b3816e0802cf053b4a615e310

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sale.aliexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=0
content-encoding: gzip
etag: 0_28820d9a9
x-swift-error: orig response 5xx error
x-swift-cachetime: 30
fw_ip: 104.111.216.213
x-server-id: 5dd621d318911325a05c259270f04ee823aa9a348aaa2daacc358da1ed5d9accc4c49cae92c66e93
x-swift-savetime: Fri, 03 Dec 2021 08:27:33 GMT
x-readtime: 1
server-timing: rt;dur=0.003,eagleid;desc=4f85b19c16388377083581991e
content-length: 1491
last-modified: Mon, 26 Mar 2018 06:55:57 GMT
server: Tengine
date: Sun, 13 Feb 2022 14:35:24 GMT
vary: Accept-Encoding
ali-swift-global-savetime: 1638837708
content-type: text/css
access-control-allow-origin: *
access-control-expose-headers: FW_IP
cache-control: max-age=5
served-from: 2.16.187.20
timing-allow-origin: *, *, *
network_info: DE_FRANKFURT_9009
eagleid: 4f85b19c16388377083581991e, 4f85b19a16388377351893017e
expires: Sun, 13 Feb 2022 14:35:29 GMT

GET
H2 200 /
u.alicdn.com/mobile/ae/ Frame 5C76 36 KB
12 KB 78ms
20ms Stylesheet
text/css 104.111.216.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://u.alicdn.com/mobile/ae/??common/header/1.0.0/header.css,common/loading/1.0.0/loading.css,common/button/1.0.0/button.css,common/footer/1.0.0/footer.css?t=11422a54e_b3e953e50

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

104.111.216.213 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-216-213.deploy.static.akamaitechnologies.com

Software

Tengine /

Resource Hash

76f0ce7f8bf3411ccf620c50e9650bdc2da3503aeccc653e9acfb76ee84c38e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sale.aliexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=0
content-encoding: gzip
etag: 11422a54e_772b854e8
x-swift-error: orig response 5xx error
x-swift-cachetime: 17
fw_ip: 104.111.216.213
x-server-id: 5dd621d318911325a05c259270f04ee803b93bdcd80cf648cc358da1ed5d9acc921c630316b46fd3
x-swift-savetime: Fri, 03 Dec 2021 08:29:45 GMT
x-readtime: 1
server-timing: rt;dur=0.005,eagleid;desc=800e74a016388383790823108e
content-length: 11172
last-modified: Mon, 26 Mar 2018 06:55:57 GMT
server: Tengine
date: Sun, 13 Feb 2022 14:35:24 GMT
vary: Accept-Encoding
ali-swift-global-savetime: 1638838379
content-type: text/css
access-control-allow-origin: *
access-control-expose-headers: FW_IP
cache-control: max-age=2
served-from: 2.16.187.101
timing-allow-origin: *, *, *
network_info: DE_FRANKFURT_9009
eagleid: 800e74a016388383790823108e, 4f85b19616388383902236640e
expires: Sun, 13 Feb 2022 14:35:26 GMT

GET
H2 200 jquery.js Show response
u.alicdn.com/js/5v/we/lib/ Frame 5C76 92 KB
33 KB 79ms
21ms Script
application/javascript 104.111.216.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://u.alicdn.com/js/5v/we/lib/jquery.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

104.111.216.213 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-216-213.deploy.static.akamaitechnologies.com

Software

Tengine /

Resource Hash

81ef130604ec4926d96cd5f765d1845e870ad662d39211faed6cc3d6509a3514

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sale.aliexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=0
content-encoding: gzip
etag: 151664d7_0
x-swift-error: orig response 5xx error
x-swift-cachetime: 1799
fw_ip: 104.111.216.213
x-server-id: 5dd621d318911325124867fc2ee7b6804339bf71694b0683c85f8dcd1d88a1fe
x-swift-savetime: Tue, 07 Jul 2020 13:37:52 GMT
x-readtime: 1
server-timing: rt;dur=0.008,eagleid;desc=2ff6149516335736784727071e
content-length: 33552
last-modified: Mon, 26 Mar 2018 06:55:57 GMT
server: Tengine
date: Sun, 13 Feb 2022 14:35:24 GMT
vary: Accept-Encoding
ali-swift-global-savetime: 1633573678
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: FW_IP
cache-control: max-age=1358
served-from: 2.16.187.142
timing-allow-origin: *, *, *
network_info: DE_FRANKFURT_9009
eagleid: 2ff6149516335736784727071e, 4f85b19616335738922921019e
expires: Sun, 13 Feb 2022 14:58:02 GMT

GET
H2 200 index.js Show response
i.alicdn.com/ae-ams-ui/1.1.0/widget/ Frame 5C76 51 KB
18 KB 120ms
31ms Script
application/javascript 104.111.216.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://i.alicdn.com/ae-ams-ui/1.1.0/widget/index.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

104.111.216.213 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-216-213.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

90ec3c93846a1a334c31b864830f0e6c9f7837c019afffd27a8154a3f795131f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sale.aliexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
x-content-type-options: nosniff
x-swift-cachetime: 18415667
fw_ip: 92.122.105.52, 104.111.216.213
x-server-id: b0381a5e42020db0072a77127f27bf15fbabe94bc0c9b2e8e5c2ff2812bc29daf1442cd4e182044e
x-swift-savetime: Wed, 02 Jun 2021 15:07:26 GMT
network_info: US_SEATTLE_35994, DE_FRANKFURT_9009
x-readtime: 448
server-timing: rt;dur=0.453,eagleid;desc=2ff6309b16095261132066376e
content-length: 17480
x-xss-protection: 1; mode=block
last-modified: Wed, 02 Jun 2021 15:07:27 GMT
server: Akamai Resource Optimizer
date: Sun, 13 Feb 2022 14:35:24 GMT
x-download-options: noopen
ali-swift-global-savetime: 1609526113
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: FW_IP
cache-control: max-age=12999138
served-from: 2.20.143.159
timing-allow-origin: *, *
x-new-origin: 1
eagleid: 2ff6309b16095261132066376e, 2ff62b9716226464464492432e
expires: Thu, 14 Jul 2022 01:27:42 GMT

GET
H2 200 mobile-atom-ams.js Show response
u.alicdn.com/js/6v/biz/common/atom-ams/ Frame 5C76 39 KB
16 KB 99ms
41ms Script
application/javascript 104.111.216.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://u.alicdn.com/js/6v/biz/common/atom-ams/mobile-atom-ams.js?v=2017-04-25

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

104.111.216.213 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-216-213.deploy.static.akamaitechnologies.com

Software

Tengine /

Resource Hash

41b54fd8e7da53469be14104144a39a348c012aee9e597ceb3b979b77d99d18e

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sale.aliexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=0
content-encoding: gzip
x-swift-cachetime: 27483506
fw_ip: 104.111.216.213
x-server-id: 5dd621d318911325124867fc2ee7b680fb58b578374b0eb7c85f8dcd1d88a1fe
x-readtime: 2
server-timing: rt;dur=0.007,eagleid;desc=2ff62b9815900513859851264e
content-length: 16149
expires: Sun, 27 Nov 2022 23:19:21 GMT
last-modified: Mon, 26 Mar 2018 06:55:57 GMT
server: Tengine
date: Sun, 13 Feb 2022 14:35:24 GMT
vary: Accept-Encoding
ali-swift-global-savetime: 1590051386
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: FW_IP
cache-control: max-age=24828237
served-from: 2.16.110.196
timing-allow-origin: *, *, *
network_info: DE_FRANKFURT_9009
eagleid: 2ff62b9815900513859851264e, 2ff62b9715941362905653981e
x-swift-savetime: Tue, 07 Jul 2020 06:38:00 GMT

GET
H2 200 page-timing.6053ce70.js Show response
i.alicdn.com/aefe-mobile-global/timing/ Frame 5C76 7 KB
3 KB 128ms
38ms Script
application/javascript 104.111.216.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://i.alicdn.com/aefe-mobile-global/timing/page-timing.6053ce70.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

104.111.216.213 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-216-213.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

9d44738d23ad42c959887e4592962e1c4073025ec705ca237a33f1d3060f318c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sale.aliexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
x-content-type-options: nosniff
x-swift-cachetime: 31371015
fw_ip: 173.222.180.66, 104.111.216.213
x-server-id: b0381a5e42020db0072a77127f27bf1584e267672cf7c85d5efd296e851b8cb18ccf041454c3613c
x-swift-savetime: Mon, 03 May 2021 00:42:29 GMT
network_info: US_CHICAGO_35994, DE_FRANKFURT_9009
x-readtime: 166
server-timing: rt;dur=0.168,eagleid;desc=81e3ce9f16198375642707544e
content-length: 2327
x-xss-protection: 1; mode=block
last-modified: Mon, 03 May 2021 00:42:43 GMT
server: Akamai Resource Optimizer
date: Sun, 13 Feb 2022 14:35:24 GMT
x-download-options: noopen
ali-swift-global-savetime: 1619837564
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: FW_IP
cache-control: max-age=6610546
served-from: 203.74.95.172
timing-allow-origin: *, *
x-new-origin: 1
eagleid: 81e3ce9f16198375642707544e, a3b52a9f16200025493431306e
expires: Sun, 01 May 2022 02:51:10 GMT

GET
H2 200 font-face.css
i.alicdn.com/ae-ams-ui/1.0.3/studio/css/font-face/ Frame 5C76 124 KB
6 KB 110ms
20ms Stylesheet
text/css 104.111.216.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://i.alicdn.com/ae-ams-ui/1.0.3/studio/css/font-face/font-face.css

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

104.111.216.213 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-216-213.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

e4c08ae82c23e77fdf53506535dd7c31379a8343618b0ab1951d7f8c3d3e8d88

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sale.aliexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
x-content-type-options: nosniff
x-swift-cachetime: 5284704
fw_ip: 23.192.173.86, 104.111.216.213
x-server-id: b0381a5e42020db0072a77127f27bf15869972f651ec57f0e5607f5d3617601ff1442cd4e182044e
x-swift-savetime: Thu, 20 May 2021 12:12:55 GMT
network_info: US_SANJOSE_35994, DE_FRANKFURT_9009
x-readtime: 1230
server-timing: rt;dur=1.234,eagleid;desc=2ff6169d15952614781136906e
content-length: 5231
x-xss-protection: 1; mode=block
last-modified: Thu, 20 May 2021 12:12:56 GMT
server: Akamai Resource Optimizer
date: Sun, 13 Feb 2022 14:35:24 GMT
x-download-options: noopen
x-frame-options: SAMEORIGIN
ali-swift-global-savetime: 1589113299
content-type: text/css
access-control-allow-origin: *
access-control-expose-headers: FW_IP
cache-control: max-age=8285911
served-from: 77.67.85.122
timing-allow-origin: *, *
x-new-origin: 1
eagleid: 2ff6169d15952614781136906e, 082d349716215127758732000e
expires: Fri, 20 May 2022 12:13:55 GMT

GET
H2 200 index.css
i.alicdn.com/ae-game/1.1.0/fun/activities/member/ Frame 5C76 103 KB
14 KB 116ms
27ms Stylesheet
text/css 104.111.216.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://i.alicdn.com/ae-game/1.1.0/fun/activities/member/index.css

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

104.111.216.213 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-216-213.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

196f8725ae92bf39e37f87cf10cb08665feed6e383d522083fc6d79858d3226e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sale.aliexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
x-content-type-options: nosniff
x-swift-cachetime: 31536000
fw_ip: 104.93.84.131, 104.111.216.213
x-server-id: b0381a5e42020db0072a77127f27bf1584e267672cf7c85d5605309bcfb60e5a8ccf041454c3613c
x-swift-savetime: Thu, 15 Apr 2021 03:37:49 GMT
network_info: US_CHICAGO_35994, DE_FRANKFURT_9009
x-readtime: 655
server-timing: rt;dur=0.661,eagleid;desc=2ff6108516184578684438778e
content-length: 13889
x-xss-protection: 1; mode=block
last-modified: Thu, 15 Apr 2021 03:37:50 GMT
server: Akamai Resource Optimizer
date: Sun, 13 Feb 2022 14:35:24 GMT
x-download-options: noopen
ali-swift-global-savetime: 1618457869
content-type: text/css
access-control-allow-origin: *
access-control-expose-headers: FW_IP
cache-control: max-age=5230976
served-from: 118.97.158.20
timing-allow-origin: *, *
x-new-origin: 1
eagleid: 2ff6108516184578684438778e, 2ff6108516184578684438778e
expires: Fri, 15 Apr 2022 03:38:20 GMT

GET
H2 200 voucher.css
i.alicdn.com/ae-channel-ui/1.1.0/material/coupon-spree/ Frame 5C76 58 KB
16 KB 112ms
23ms Stylesheet
text/css 104.111.216.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://i.alicdn.com/ae-channel-ui/1.1.0/material/coupon-spree/voucher.css

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

104.111.216.213 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-216-213.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

1458cebb34e92686ec440da645a290563a5dafb341ec0874379bec6655a51ec8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sale.aliexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
x-content-type-options: nosniff
x-swift-cachetime: 8835560
fw_ip: 92.122.105.52, 104.111.216.213
x-server-id: b0381a5e42020db0072a77127f27bf158fee7f9a8a8595926fe53d5a549664fbf1442cd4e182044e
x-swift-savetime: Sun, 26 Sep 2021 18:47:54 GMT
network_info: GB_LONDON_34164, DE_FRANKFURT_9009
x-readtime: 532
server-timing: rt;dur=0.535,eagleid;desc=2ff62f9916099816335944284e
content-length: 15855
x-xss-protection: 1; mode=block
last-modified: Tue, 13 Jul 2021 10:49:52 GMT
server: Akamai Resource Optimizer
date: Sun, 13 Feb 2022 14:35:24 GMT
x-download-options: noopen
ali-swift-global-savetime: 1609981634
content-type: text/css
access-control-allow-origin: *
access-control-expose-headers: FW_IP
cache-control: max-age=5702393
served-from: 47.246.43.252
timing-allow-origin: *, *
x-new-origin: 1
eagleid: 2ff62f9916099816335944284e, 2ff62b9716326820740536014e
expires: Wed, 20 Apr 2022 14:35:17 GMT

GET
H2 200 index.css
i.alicdn.com/ae-ams-ui/1.1.1/widget/ Frame 5C76 6 KB
2 KB 117ms
28ms Stylesheet
text/css 104.111.216.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://i.alicdn.com/ae-ams-ui/1.1.1/widget/index.css

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

104.111.216.213 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-216-213.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

b9cabd04cf61df3009c93a6373bc132a07e32db677dda9ec9c9dcd9afd8db730

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sale.aliexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
x-content-type-options: nosniff
x-swift-cachetime: 30519156
fw_ip: 23.211.180.45, 104.111.216.213
x-server-id: b0381a5e42020db0072a77127f27bf156eb5838a700500100d52e858d73970bd3328d48de7b301be72f877a8d9336e5e
x-swift-savetime: Fri, 17 Dec 2021 16:07:36 GMT
network_info: US_SEATTLE_35994, DE_FRANKFURT_9009
x-readtime: 308
server-timing: rt;dur=0.313,eagleid;desc=2ff6149a16387404117244863e
content-length: 1260
x-xss-protection: 1; mode=block
last-modified: Wed, 29 Dec 2021 20:18:42 GMT
server: Akamai Resource Optimizer
date: Sun, 13 Feb 2022 14:35:24 GMT
x-download-options: noopen
ali-swift-global-savetime: 1638740412
content-type: text/css
access-control-allow-origin: *
access-control-expose-headers: FW_IP
cache-control: max-age=25513482
served-from: 23.59.89.143
timing-allow-origin: *, *
x-new-origin: 1
eagleid: 2ff6149a16387404117244863e, 2ff6189916397572565085762e
expires: Mon, 05 Dec 2022 21:40:06 GMT

GET
H2 200 flexible.js Show response
i.alicdn.com/ae-ams-ui/1.0.3/studio/js/ Frame 5C76 2 KB
1 KB 128ms
40ms Script
application/javascript 104.111.216.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://i.alicdn.com/ae-ams-ui/1.0.3/studio/js/flexible.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

104.111.216.213 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-216-213.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

c2015b18e18277331733c7ed55ff83147763161e631da4a2d2db7f4e37f3d1ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sale.aliexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
x-content-type-options: nosniff
x-swift-cachetime: 10839898
fw_ip: 173.222.200.66, 104.111.216.213
x-server-id: b0381a5e42020db0072a77127f27bf15c2c97622f489282e44a7cf7c5e1fc544f1442cd4e182044e
x-swift-savetime: Fri, 03 Sep 2021 10:52:42 GMT
network_info: US_SEATTLE_35994, DE_FRANKFURT_9009
x-readtime: 233
server-timing: rt;dur=0.234,eagleid;desc=2ff62b9716099702601026512e
content-length: 787
x-xss-protection: 1; mode=block
last-modified: Thu, 29 Apr 2021 05:29:31 GMT
server: Akamai Resource Optimizer
date: Sun, 13 Feb 2022 14:35:24 GMT
x-download-options: noopen
ali-swift-global-savetime: 1609970260
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: FW_IP
cache-control: max-age=16404573
served-from: 47.246.49.251
timing-allow-origin: *, *
x-new-origin: 1
eagleid: 2ff62b9716099702601026512e, 2ff6319616306663625526095e
expires: Mon, 22 Aug 2022 11:24:57 GMT

GET
H2 200 HTB1pXjWceOSBuNjy0Fd762DnVXaq.png
ae01.alicdn.com/kf/ Frame 5C76 3 KB
3 KB 114ms
25ms Image
image/webp 104.111.214.74
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ae01.alicdn.com/kf/HTB1pXjWceOSBuNjy0Fd762DnVXaq.png
Requested by: Host: sale.aliexpress.com
URL: https://sale.aliexpress.com/__mobile/coupon_aliexpress.htm?af=a&47182&cn=-&cv=84215&dp=193.27.14.24&aff_fcid=ab345720c5ee43bc842a1b35e626ad8d-1644762924160-06522-_d8O2mSk&aff_fsk=_d8O2mSk&aff_platform=portals-tool&sk=_d8O2mSk&aff_trace_key=ab345720c5ee43bc842a1b35e626ad8d-1644762924160-06522-_d8O2mSk&terminal_id=85ff93f48190446ba6e1a3afdb3ed8fd
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.111.214.74 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-214-74.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: d95c0dad372bf0a75a701dbc888c4968cd5cea17f0944e6613227e90b0570898

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sale.aliexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 13 Feb 2022 14:35:24 GMT
last-modified: Sun, 28 Mar 2021 17:27:40 GMT
server: Akamai Image Manager
content-type: image/webp
access-control-allow-origin: *
cache-control: private, no-transform, max-age=43200
served-from: 2.16.187.92
content-length: 3040
timing-allow-origin: *
network_info: DE_FRANKFURT_9009
from-req-dns-type: NA
expires: Mon, 14 Feb 2022 02:35:24 GMT

GET
H2 200 HTB1p1f0cf1TBuNjy0Fj761jyXXaK.png
ae01.alicdn.com/kf/ Frame 5C76 3 KB
4 KB 122ms
33ms Image
image/webp 104.111.214.74
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ae01.alicdn.com/kf/HTB1p1f0cf1TBuNjy0Fj761jyXXaK.png
Requested by: Host: sale.aliexpress.com
URL: https://sale.aliexpress.com/__mobile/coupon_aliexpress.htm?af=a&47182&cn=-&cv=84215&dp=193.27.14.24&aff_fcid=ab345720c5ee43bc842a1b35e626ad8d-1644762924160-06522-_d8O2mSk&aff_fsk=_d8O2mSk&aff_platform=portals-tool&sk=_d8O2mSk&aff_trace_key=ab345720c5ee43bc842a1b35e626ad8d-1644762924160-06522-_d8O2mSk&terminal_id=85ff93f48190446ba6e1a3afdb3ed8fd
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.111.214.74 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-214-74.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: c77b8be20411a7d671a80e67cdad991dcf68d8ebc571f997e72ab0c3214e0bfe

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sale.aliexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 13 Feb 2022 14:35:24 GMT
x-check-cacheable: YES
x-serial: 654
content-type: image/webp
access-control-allow-origin: *
expires: Mon, 14 Feb 2022 02:35:24 GMT
cache-control: private, no-transform, max-age=43200
last-modified: Wed, 02 Jun 2021 10:48:50 GMT
content-length: 3562
timing-allow-origin: *
network_info: DE_FRANKFURT_9009
from-req-dns-type: NA
server: Akamai Image Manager
served-from: 2.16.187.92

GET
H2 200 HTB1bvVpcCBYBeNjy0Fe762nmFXaw.png
ae01.alicdn.com/kf/ Frame 5C76 3 KB
4 KB 131ms
42ms Image
image/webp 104.111.214.74
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ae01.alicdn.com/kf/HTB1bvVpcCBYBeNjy0Fe762nmFXaw.png
Requested by: Host: sale.aliexpress.com
URL: https://sale.aliexpress.com/__mobile/coupon_aliexpress.htm?af=a&47182&cn=-&cv=84215&dp=193.27.14.24&aff_fcid=ab345720c5ee43bc842a1b35e626ad8d-1644762924160-06522-_d8O2mSk&aff_fsk=_d8O2mSk&aff_platform=portals-tool&sk=_d8O2mSk&aff_trace_key=ab345720c5ee43bc842a1b35e626ad8d-1644762924160-06522-_d8O2mSk&terminal_id=85ff93f48190446ba6e1a3afdb3ed8fd
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.111.214.74 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-214-74.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: cd64ca5f9069e503002845b8044091bb47f0f7bfbf2fb94eb2a5bea705ed9c6a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sale.aliexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 13 Feb 2022 14:35:24 GMT
x-check-cacheable: YES
x-serial: 470
content-type: image/webp
access-control-allow-origin: *
expires: Thu, 03 Mar 2022 08:25:50 GMT
cache-control: private, no-transform, max-age=1533026
last-modified: Tue, 19 Jan 2021 08:18:03 GMT
content-length: 3514
timing-allow-origin: *
network_info: DE_FRANKFURT_9009
from-req-dns-type: NA
server: Akamai Image Manager
served-from: 2.16.187.92

GET
H2 200 HTB1war4ch9YBuNjy0Ff760IsVXa9.png
ae01.alicdn.com/kf/ Frame 5C76 3 KB
3 KB 143ms
54ms Image
image/webp 104.111.214.74
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ae01.alicdn.com/kf/HTB1war4ch9YBuNjy0Ff760IsVXa9.png
Requested by: Host: sale.aliexpress.com
URL: https://sale.aliexpress.com/__mobile/coupon_aliexpress.htm?af=a&47182&cn=-&cv=84215&dp=193.27.14.24&aff_fcid=ab345720c5ee43bc842a1b35e626ad8d-1644762924160-06522-_d8O2mSk&aff_fsk=_d8O2mSk&aff_platform=portals-tool&sk=_d8O2mSk&aff_trace_key=ab345720c5ee43bc842a1b35e626ad8d-1644762924160-06522-_d8O2mSk&terminal_id=85ff93f48190446ba6e1a3afdb3ed8fd
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.111.214.74 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-214-74.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: 1ce37b40dcd8a7d6dd6e2d5e36940aa74f4f42994bf3718ebc75ae7d188785eb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sale.aliexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 13 Feb 2022 14:35:24 GMT
last-modified: Sun, 19 Sep 2021 15:52:38 GMT
server: Akamai Image Manager
content-type: image/webp
access-control-allow-origin: *
cache-control: private, no-transform, max-age=43200
served-from: 2.16.187.92
content-length: 2958
timing-allow-origin: *
network_info: DE_FRANKFURT_9009
from-req-dns-type: NA
expires: Mon, 14 Feb 2022 02:35:24 GMT

GET
H2 200 model.js Show response
i.alicdn.com/ae-ams-ui/1.1.1/widget/menu/ Frame 5C76 33 KB
9 KB 37ms
36ms Script
application/javascript 104.111.216.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://i.alicdn.com/ae-ams-ui/1.1.1/widget/menu/model.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

104.111.216.213 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-216-213.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

46415bfdc61eb61aed452afcc3ede66badba4a41a81bb7cc45c014a6fbeecca0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sale.aliexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
x-content-type-options: nosniff
x-swift-cachetime: 30052233
fw_ip: 23.45.230.96, 104.111.216.213
x-server-id: b0381a5e42020db0072a77127f27bf1584e267672cf7c85d5a4eefa35fad7e9e8ccf041454c3613c
x-swift-savetime: Thu, 26 Aug 2021 19:07:37 GMT
network_info: US_ASHBURN_20940, DE_FRANKFURT_9009
x-readtime: 397
server-timing: rt;dur=0.400,eagleid;desc=a3b5409816285210891874592e
content-length: 8653
x-xss-protection: 1; mode=block
last-modified: Thu, 26 Aug 2021 23:14:21 GMT
server: Akamai Resource Optimizer
date: Sun, 13 Feb 2022 14:35:24 GMT
x-download-options: noopen
ali-swift-global-savetime: 1628521090
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: FW_IP
cache-control: max-age=15294208
served-from: 47.246.23.253
timing-allow-origin: *, *
x-new-origin: 1
eagleid: a3b5409816285210891874592e, 2ff6179916300196614374299e
expires: Tue, 09 Aug 2022 14:58:52 GMT

GET
H2 200 index.js Show response
i.alicdn.com/ae-game/1.1.0/fun/activities/member/ Frame 5C76 549 KB
129 KB 31ms
29ms Script
application/javascript 104.111.216.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://i.alicdn.com/ae-game/1.1.0/fun/activities/member/index.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

104.111.216.213 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-216-213.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

8df1a33972dd21047641b27a2482074444006296f1c13beffd36da2eb5a0342b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sale.aliexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
x-content-type-options: nosniff
x-swift-cachetime: 30934860
fw_ip: 23.38.176.46, 104.111.216.213
x-server-id: b0381a5e42020db0072a77127f27bf15e7e584576b58d00f120994c4368ec10e3328d48de7b301be3617112567202689
x-swift-savetime: Tue, 11 Jan 2022 17:00:10 GMT
network_info: US_CHICAGO_35994, DE_FRANKFURT_9009
x-readtime: 1346
server-timing: rt;dur=1.372,eagleid;desc=2ff6189f16413192692565730e
content-length: 131428
x-xss-protection: 1; mode=block
last-modified: Tue, 18 Jan 2022 00:59:15 GMT
server: Akamai Resource Optimizer
date: Sun, 13 Feb 2022 14:35:24 GMT
x-download-options: noopen
ali-swift-global-savetime: 1641319270
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: FW_IP
cache-control: max-age=28092201
served-from: 23.201.194.37
timing-allow-origin: *, *
x-new-origin: 1
eagleid: 2ff6189f16413192692565730e, 2ff6149a16419204104288399e
expires: Wed, 04 Jan 2023 17:58:45 GMT

GET
H2 200 auth-banner.js Show response
i.alicdn.com/ae-channel-ui/1.1.0/material/auth-banner/ Frame 5C76 120 KB
37 KB 41ms
40ms Script
application/javascript 104.111.216.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://i.alicdn.com/ae-channel-ui/1.1.0/material/auth-banner/auth-banner.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

104.111.216.213 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-216-213.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

c0ff306c82a606868276b16286946ac7d28043323a1da9f91422470c5f58682b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sale.aliexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
x-content-type-options: nosniff
x-swift-cachetime: 2397299
fw_ip: 23.192.173.86, 104.111.216.213
x-server-id: b0381a5e42020db0072a77127f27bf1584e267672cf7c85d1aa67ed755abdde18ccf041454c3613c
x-swift-savetime: Mon, 02 Aug 2021 15:43:23 GMT
network_info: US_SANJOSE_35994, DE_FRANKFURT_9009
x-readtime: 1611
server-timing: rt;dur=1.617,eagleid;desc=2ff6129615987803006724874e
content-length: 36872
x-xss-protection: 1; mode=block
last-modified: Sat, 14 Aug 2021 09:31:00 GMT
server: Akamai Resource Optimizer
date: Sun, 13 Feb 2022 14:35:24 GMT
x-download-options: noopen
x-frame-options: SAMEORIGIN
ali-swift-global-savetime: 1598780302
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: FW_IP
cache-control: max-age=14692039
served-from: 77.67.85.122
timing-allow-origin: *, *
x-new-origin: 1
eagleid: 2ff6129615987803006724874e, 082d349c16279190034413330e
expires: Tue, 02 Aug 2022 15:42:43 GMT

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
366 B 59ms
58ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?r=gandul.ro_728x90_sticky_display_bottom&pdc=-2.6615090370178223&ucv=005099&e=tcp&dsReferer=aHR0cHM6Ly93d3cuZ2FuZHVsLnJvL3N0aXJpL3VuLWFkb2xlc2NlbnQtZGUtMTctYW5pLWluZWNhdC10aGVybWUtY2Utc3B1bi1yZXByZXplbnRhdGlpLWNvbXBsZXh1bHVpLTE5NzQ5MzE4P3V0bV9zb3VyY2U9WkYrQXJ0aWNvbCZ1dG1fbWVkaXVtPXdlYnNpdGUmdXRtX2NhbXBhaWduPWZpZG1lZQ==
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v14.0.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gandul.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-nf-request-id: 01FN1PNCK8SCCFKGWHBWVFNPJE
date: Sun, 13 Feb 2022 14:35:24 GMT
cf-cache-status: HIT
age: 2280715
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "1e7512eab4ec94e546e05bc6561a8453-ssl"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 6dcec8759f593749-MXP

HEAD
H3 200 e.js Show response
live.demand.supply/x/ 0
365 B 52ms
51ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/x/e.js?ce=bb&r=gandul.ro_728x90_sticky_display_bottom&dsReferer=aHR0cHM6Ly93d3cuZ2FuZHVsLnJvL3N0aXJpL3VuLWFkb2xlc2NlbnQtZGUtMTctYW5pLWluZWNhdC10aGVybWUtY2Utc3B1bi1yZXByZXplbnRhdGlpLWNvbXBsZXh1bHVpLTE5NzQ5MzE4P3V0bV9zb3VyY2U9WkYrQXJ0aWNvbCZ1dG1fbWVkaXVtPXdlYnNpdGUmdXRtX2NhbXBhaWduPWZpZG1lZQ==
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v14.0.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gandul.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-nf-request-id: 01FMV3Z855637WVE1HQJYTWK30
date: Sun, 13 Feb 2022 14:35:24 GMT
cf-cache-status: HIT
age: 1680124
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "1e7512eab4ec94e546e05bc6561a8453-ssl"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 6dcec8759f5d3749-MXP

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 23 B
491 B 49ms
49ms XHR
text/javascript 13.224.90.44
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.gandul.ro%2Fstiri%2Fun-adolescent-de-17-ani-inecat-therme-ce-spun-reprezentatii-complexului-19749318%3Futm_source%3DZF%2BArticol%26utm_medium%3Dwebsite%26utm_campaign%3Dfidmee&pid=uUM3lQ32zQszE&cb=1&ws=1600x1200&v=7.73.0&t=2000&slots=%5B%7B%22sd%22%3A%22gandul.ro_728x90_sticky_display_bottom%22%2C%22s%22%3A%5B%22728x90%22%5D%7D%5D&pubid=66ef05f7-ad53-48f6-873a-ac7543370392&gdpre=1&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.90.44 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-90-44.zrh50.r.cloudfront.net

Software

Server /

Resource Hash

89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gandul.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 13 Feb 2022 14:35:24 GMT
via: 1.1 871dedfc10f4428aa2412b6f788b791a.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: ZRH50-C1
x-amz-rid: Y5ECXP0Q1BZHD6P1R8K6
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.gandul.ro
access-control-allow-credentials: true
permissions-policy: interest-cohort=()
strict-transport-security: max-age=47474747; includeSubDomains; preload
timing-allow-origin: *
content-length: 23
x-amz-cf-id: nbSDSsJvkYNihV1xzM1DzrIqtb5nwbO2I1r1UW00SZfj30z0MglC5Q==

GET
H2 200 / Show response
assets.alicdn.com/g/alilog/ Frame 5C76 24 KB
10 KB 44ms
35ms Script
application/javascript 104.111.216.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.alicdn.com/g/alilog/??aplus_plugin_aefront/index.js,mlog/aplus_int.js
Requested by: Host: sale.aliexpress.com
URL: https://sale.aliexpress.com/__mobile/coupon_aliexpress.htm?af=a&47182&cn=-&cv=84215&dp=193.27.14.24&aff_fcid=ab345720c5ee43bc842a1b35e626ad8d-1644762924160-06522-_d8O2mSk&aff_fsk=_d8O2mSk&aff_platform=portals-tool&sk=_d8O2mSk&aff_trace_key=ab345720c5ee43bc842a1b35e626ad8d-1644762924160-06522-_d8O2mSk&terminal_id=85ff93f48190446ba6e1a3afdb3ed8fd
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.111.216.213 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-216-213.deploy.static.akamaitechnologies.com
Software: Tengine /
Resource Hash: 3868ce2e26f01eb8255b66e28650e840d84a5b3fbbe9b5ae62736fb7987f8869

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sale.aliexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 13 Feb 2022 14:35:24 GMT
content-encoding: gzip
x-oss-request-id: 62090F18792C1D373674557A
content-md5: gygBRN2M4MlVRBr7rF/+vA==
x-swift-cachetime: 1800
x-swift-savetime: Sun, 13 Feb 2022 14:00:56 GMT
content-length: 9844
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 15290110112012039273
server: Tengine
vary: Accept-Encoding
ali-swift-global-savetime: 1644760856
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1535, s-maxage=1800
served-from: 2.16.187.13
x-oss-storage-class: Standard
x-source-scheme: https
timing-allow-origin: *
network_info: DE_FRANKFURT_9009
eagleid: 4f85b19916447608561236799e
x-oss-server-time: 8

GET
H2 200 start-render.png
ae01.alicdn.com/wimg/monitor/ Frame 5C76 74 B
359 B 137ms
49ms Image
image/webp 104.111.214.74
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ae01.alicdn.com/wimg/monitor/start-render.png
Requested by: Host: sale.aliexpress.com
URL: https://sale.aliexpress.com/__mobile/coupon_aliexpress.htm?af=a&47182&cn=-&cv=84215&dp=193.27.14.24&aff_fcid=ab345720c5ee43bc842a1b35e626ad8d-1644762924160-06522-_d8O2mSk&aff_fsk=_d8O2mSk&aff_platform=portals-tool&sk=_d8O2mSk&aff_trace_key=ab345720c5ee43bc842a1b35e626ad8d-1644762924160-06522-_d8O2mSk&terminal_id=85ff93f48190446ba6e1a3afdb3ed8fd
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.111.214.74 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-214-74.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: 80c2ec9b37b201bfc24e3db6313b4aef5d7e1567e7a28e235e0094d8f400ed2b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sale.aliexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 13 Feb 2022 14:35:24 GMT
x-check-cacheable: YES
x-serial: 1887
content-type: image/webp
access-control-allow-origin: *
expires: Tue, 15 Feb 2022 14:35:24 GMT
cache-control: private, no-transform, max-age=172800
last-modified: Wed, 09 Feb 2022 07:39:00 GMT
content-length: 74
timing-allow-origin: *
network_info: DE_FRANKFURT_9009
from-req-dns-type: NA
server: Akamai Image Manager
served-from: 2.16.187.92

GET
H2 200 ga.js Show response
ssl.google-analytics.com/ Frame 5C76 45 KB
17 KB 32ms
8ms Script
text/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.google-analytics.com/ga.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sale.aliexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 5244
date: Sun, 13 Feb 2022 13:08:00 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17168
expires: Sun, 13 Feb 2022 15:08:00 GMT

GET
H2 200 domdot.js Show response
u.alicdn.com/js/6v/biz/common/domdot/ Frame 5C76 5 KB
3 KB 18ms
18ms Script
application/javascript 104.111.216.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://u.alicdn.com/js/6v/biz/common/domdot/domdot.js

Requested by

Host: u.alicdn.com
URL: https://u.alicdn.com/js/6v/biz/common/atom-ams/mobile-atom-ams.js?v=2017-04-25

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

104.111.216.213 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-216-213.deploy.static.akamaitechnologies.com

Software

Tengine /

Resource Hash

4f53ca029c13aed819acf305863fc7ce376cc9dd03630b1ac4e177b744f686a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sale.aliexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=0
content-encoding: gzip
x-swift-error: orig response 5xx error
x-swift-cachetime: 990
fw_ip: 104.111.216.213
x-server-id: 5dd621d318911325124867fc2ee7b680424c8d52df7729dfc85f8dcd1d88a1fe
x-swift-savetime: Tue, 08 Dec 2020 22:41:05 GMT
x-readtime: 1
server-timing: rt;dur=0.004,eagleid;desc=2ff62c9916285293586257905e
content-length: 2184
last-modified: Mon, 26 Mar 2018 06:55:57 GMT
server: Tengine
date: Sun, 13 Feb 2022 14:35:24 GMT
vary: Accept-Encoding
ali-swift-global-savetime: 1621015514
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: FW_IP
cache-control: max-age=1589
served-from: 2.16.187.7
timing-allow-origin: *, *, *
network_info: DE_FRANKFURT_9009
eagleid: 2ff62c9916285293586257905e, 2ff62b9616285314259922589e
expires: Sun, 13 Feb 2022 15:01:53 GMT

GET
H2 200 getRecommendingResults.do Show response
gpsfront.aliexpress.com/ Frame 5C76 2 KB
1 KB 375ms
46ms Script
application/javascript 47.254.143.112
CNNIC-ALIBABA-US-...

General

Check archive.org

Show headers Download Go to

Full URL

https://gpsfront.aliexpress.com/getRecommendingResults.do?callback=jQuery18306055022363184246_1644762924556&widgetId=5451013&limit=13&platform=pc&_=1644762924626

Requested by

Host: i.alicdn.com
URL: https://i.alicdn.com/ae-game/1.1.0/fun/activities/member/index.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

47.254.143.112 Frankfurt am Main, Germany, ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba US Technology Co., Ltd., CN),

Reverse DNS

Software

Tengine/Aserver /

Resource Hash

eb530c53d63d87c35641b0d61b5a3d2e7fa1e814976d0c6803ba8def8b863d46

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains, max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sale.aliexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 13 Feb 2022 14:35:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="CAO PSA OUR"
vary: Accept-Encoding
x-xss-protection: 1; mode=block
x-application-context: ae-gpsfront:prod,de:7001
pragma: no-cache
server: Tengine/Aserver
x-frame-options: DENY
strict-transport-security: max-age=31536000 ; includeSubDomains, max-age=0
content-type: application/javascript
traceid: 2100bdec16447629249591325e0a42
cache-control: no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin: *
eagleeye-traceid: 2100bdec16447629249591325e0a42
expires: 0

GET
H2 200 HTB1iszJcf9TBuNjy0Fc762eiFXaY.png
ae01.alicdn.com/kf/ Frame 5C76 32 KB
32 KB 22ms
20ms Image
image/webp 104.111.214.74
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ae01.alicdn.com/kf/HTB1iszJcf9TBuNjy0Fc762eiFXaY.png
Requested by: Host: sale.aliexpress.com
URL: https://sale.aliexpress.com/__mobile/coupon_aliexpress.htm?af=a&47182&cn=-&cv=84215&dp=193.27.14.24&aff_fcid=ab345720c5ee43bc842a1b35e626ad8d-1644762924160-06522-_d8O2mSk&aff_fsk=_d8O2mSk&aff_platform=portals-tool&sk=_d8O2mSk&aff_trace_key=ab345720c5ee43bc842a1b35e626ad8d-1644762924160-06522-_d8O2mSk&terminal_id=85ff93f48190446ba6e1a3afdb3ed8fd
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.111.214.74 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-214-74.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: 6f30b1f3a9167fd40f15fffbffa965e3526ed399a80ee272de18249f5bef2757

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sale.aliexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 13 Feb 2022 14:35:24 GMT
x-check-cacheable: YES
x-serial: 1839
content-type: image/webp
access-control-allow-origin: *
expires: Sun, 20 Feb 2022 11:14:05 GMT
cache-control: private, no-transform, max-age=592721
last-modified: Tue, 22 Sep 2020 11:05:33 GMT
content-length: 32532
timing-allow-origin: *
network_info: DE_FRANKFURT_9009
from-req-dns-type: NA
server: Akamai Image Manager
served-from: 2.16.187.92

GET
H2 200 / Show response
assets.alicdn.com/g/alilog/ Frame 5C76 118 KB
47 KB 77ms
18ms Fetch
application/javascript 104.111.216.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.alicdn.com/g/alilog/??s/8.15.19/plugin/aplus_client.js,aplus_cplugin/0.7.11/toolkit.js,aplus_cplugin/0.7.11/monitor.js,s/8.15.19/aplus_int.js,s/8.15.19/plugin/aplus_spmact.js,aplus_plugin_ae/0.0.9/index.js?v=20220125204830
Requested by: Host: assets.alicdn.com
URL: https://assets.alicdn.com/g/alilog/??aplus_plugin_aefront/index.js,mlog/aplus_int.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.111.216.213 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-216-213.deploy.static.akamaitechnologies.com
Software: Tengine /
Resource Hash: 99341ba7670e94153b9a53dba35c2d4981cabeca6cb4f37f77f88fd30b11b592

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sale.aliexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 13 Feb 2022 14:35:24 GMT
content-encoding: gzip
x-oss-request-id: 61EFF5F5F90E1C39329BAFF6
content-md5: wHlbGFYgXWI2PIizZqgtWg==
x-swift-cachetime: 85757
x-swift-savetime: Tue, 25 Jan 2022 13:17:44 GMT
content-length: 47423
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 3317974796299936166
server: Tengine
vary: Accept-Encoding
ali-swift-global-savetime: 1643116021
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=945746, s-maxage=86400
served-from: 2.16.187.103
x-oss-storage-class: Standard
x-source-scheme: https
timing-allow-origin: *
network_info: DE_FRANKFURT_9009
eagleid: 2ff62b1a16431166647404119e
x-oss-server-time: 5

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ 78 B
370 B 93ms
93ms XHR
text/javascript 184.31.84.150
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?v=7.2&s=403901&fn=headertag.IndexExchangeHtb.adResponseCallback&sd=1&r=%7B%22id%22%3A%2259819977%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.gandul.ro%2Fstiri%2Fun-adolescent-de-17-ani-inecat-therme-ce-spun-reprezentatii-complexului-19749318%3Futm_source%3DZF%2BArticol%26utm_medium%3Dwebsite%26utm_campaign%3Dfidmee%22%7D%2C%22imp%22%3A%5B%7B%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A970%2C%22h%22%3A250%2C%22ext%22%3A%7B%22sid%22%3A%221%22%2C%22siteID%22%3A%22470594%22%7D%7D%5D%7D%2C%22id%22%3A%221%22%7D%2C%7B%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22sid%22%3A%2231%22%2C%22siteID%22%3A%22470610%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A600%2C%22ext%22%3A%7B%22sid%22%3A%2232%22%2C%22siteID%22%3A%22470612%22%7D%7D%5D%7D%2C%22id%22%3A%222%22%7D%5D%2C%22ext%22%3A%7B%22source%22%3A%22ixwrapper%22%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A1%2C%22us_privacy%22%3A%221---%22%7D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%22consent%22%3A%22%22%7D%7D%7D
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/190540-122528310662128.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.31.84.150 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-31-84-150.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: f18406fab29423ac7a758be3c07d59f5bd85376bb0fc6758cc4a60e17d055e20

Request headers

Referer: https://www.gandul.ro/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 13 Feb 2022 14:35:24 GMT
x-ak-initial-geo: CC:[DE], RC:[HE], CN:[EU], CIP:[193.27.14.24], XFF:[]
server: Apache
content-type: text/javascript
access-control-allow-origin: https://www.gandul.ro
x-cs-client-geo: 12
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 78
x-ak-client-geo: 12
expires: Sun, 13 Feb 2022 14:35:24 GMT

GET
H2 200 eg.js Show response
ae.mmstat.com/ Frame 5C76 91 B
334 B 818ms
261ms Script
application/javascript 47.246.110.42
CNNIC-ALIBABA-US-...

General

Check archive.org

Show headers Download Go to

Full URL: https://ae.mmstat.com/eg.js?t=1644762924758
Requested by: Host: www.gandul.ro
URL: https://www.gandul.ro/stiri/un-adolescent-de-17-ani-inecat-therme-ce-spun-reprezentatii-complexului-19749318?utm_source=ZF+Articol&utm_medium=website&utm_campaign=fidmee
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 47.246.110.42 , United States, ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software: nginx /
Resource Hash: 10cd123f9f70d7b842bd6a15ffd4a41ccd1b1fb64310e7b2f9d87e09e2f09533

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sale.aliexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Feb 2022 14:35:25 GMT
stag: 2
server: nginx
etag: "LQWQGiXv/WUCAcEbDhif994Y"
content-type: application/javascript
cache-control: no-cache
content-length: 91
expires: Thu, 01 Jan 1970 00:00:01 GMT

POST
H/1.1 200
OK headerstats Show response
as-sec.casalemedia.com/ 0
426 B 33ms
33ms XHR
text/plain 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://as-sec.casalemedia.com/headerstats?s=403901&u=https%3A%2F%2Fwww.gandul.ro%2Fstiri%2Fun-adolescent-de-17-ani-inecat-therme-ce-spun-reprezentatii-complexului-19749318%3Futm_source%3DZF%2BArticol%26utm_medium%3Dwebsite%26utm_campaign%3Dfidmee&v=3
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/190540-122528310662128.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.gandul.ro/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma: no-cache
Date: Sun, 13 Feb 2022 14:35:24 GMT
X-AK-INITIAL-GEO: CC:[DE], RC:[HE], CN:[EU], CIP:[193.27.14.24], XFF:[]
Server: Apache
Access-Control-Allow-Origin: https://www.gandul.ro
X-CS-CLIENT-GEO: 12
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
X-AK-CLIENT-GEO: 12
Expires: Sun, 13 Feb 2022 14:35:24 GMT

GET
H2 200 getRecommendingResults.do Show response
gpsfront.aliexpress.com/ Frame 5C76 64 KB
9 KB 134ms
133ms Script
application/javascript 47.254.143.112
CNNIC-ALIBABA-US-...

General

Check archive.org

Show headers Download Go to

Full URL

https://gpsfront.aliexpress.com/getRecommendingResults.do?callback=jQuery18306055022363184246_1644762924556&widgetId=5442926&limit=10&platform=pc&_=1644762925014

Requested by

Host: i.alicdn.com
URL: https://i.alicdn.com/ae-game/1.1.0/fun/activities/member/index.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

47.254.143.112 Frankfurt am Main, Germany, ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba US Technology Co., Ltd., CN),

Reverse DNS

Software

Tengine/Aserver /

Resource Hash

01d7ffe9fc066a386ed1045b99001bae89d48c9bbb048a4dd43bb223c7b69e90

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains, max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sale.aliexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 13 Feb 2022 14:35:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="CAO PSA OUR"
vary: Accept-Encoding
x-xss-protection: 1; mode=block
x-application-context: ae-gpsfront:prod,de:7001
pragma: no-cache
server: Tengine/Aserver
x-frame-options: DENY
strict-transport-security: max-age=31536000 ; includeSubDomains, max-age=0
content-type: application/javascript
traceid: 2100bdec16447629250191326e0a42
cache-control: no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin: *
eagleeye-traceid: 2100bdec16447629250191326e0a42
expires: 0

GET
H2 200 glyph.woff
i.alicdn.com/ae-ams-ui/1.1.1/widget/common/fonts/ Frame 5C76 21 KB
22 KB 22ms
18ms Font
font/woff 104.111.216.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://i.alicdn.com/ae-ams-ui/1.1.1/widget/common/fonts/glyph.woff

Requested by

Host: i.alicdn.com
URL: https://i.alicdn.com/ae-ams-ui/1.1.1/widget/index.css

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

104.111.216.213 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-216-213.deploy.static.akamaitechnologies.com

Software

Tengine /

Resource Hash

a01469dcb9f4679340142394000c4db05b6ccc96f8c7ec0c70ce7bf3cd13b452

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000, max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://i.alicdn.com/ae-ams-ui/1.1.1/widget/index.css
Origin: https://sale.aliexpress.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000, max-age=31536000
x-content-type-options: nosniff
x-swift-cachetime: 13347037
fw_ip: 104.111.216.213
x-readtime: 343
server-timing: rt;dur=0.344,eagleid;desc=2ff6079916086593005688415e
x-new-origin: 1
content-length: 21972
x-xss-protection: 1; mode=block
x-swift-savetime: Wed, 21 Jul 2021 06:17:44 GMT
server: Tengine
date: Sun, 13 Feb 2022 14:35:25 GMT
x-download-options: noopen
ali-swift-global-savetime: 1608659301
content-type: font/woff
access-control-allow-origin: *
access-control-expose-headers: FW_IP
cache-control: max-age=23814806
served-from: 2.16.110.133
timing-allow-origin: *, *, *
network_info: DE_FRANKFURT_9009
eagleid: 2ff6079916086593005688415e, 2ff62b9516370417499441688e
x-server-id: b0381a5e42020db0072a77127f27bf150f96abadfeb38bef16a2e7d22898a1418ccf041454c3613c

GET
H2 200 HTB19PwZX79WBuNjSspe761z5VXaK.png
ae01.alicdn.com/kf/ Frame 5C76 2 KB
3 KB 22ms
21ms Image
image/webp 104.111.214.74
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ae01.alicdn.com/kf/HTB19PwZX79WBuNjSspe761z5VXaK.png
Requested by: Host: sale.aliexpress.com
URL: https://sale.aliexpress.com/__mobile/coupon_aliexpress.htm?af=a&47182&cn=-&cv=84215&dp=193.27.14.24&aff_fcid=ab345720c5ee43bc842a1b35e626ad8d-1644762924160-06522-_d8O2mSk&aff_fsk=_d8O2mSk&aff_platform=portals-tool&sk=_d8O2mSk&aff_trace_key=ab345720c5ee43bc842a1b35e626ad8d-1644762924160-06522-_d8O2mSk&terminal_id=85ff93f48190446ba6e1a3afdb3ed8fd
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.111.214.74 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-214-74.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: 46823e6264c9023cc72c26ade0474674d0b2b18b1c496fe15f732d1bfee900e2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sale.aliexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 13 Feb 2022 14:35:25 GMT
x-check-cacheable: YES
x-serial: 301
content-type: image/webp
access-control-allow-origin: *
expires: Mon, 14 Feb 2022 02:35:25 GMT
cache-control: private, no-transform, max-age=43200
last-modified: Sun, 03 Oct 2021 14:16:14 GMT
content-length: 2298
timing-allow-origin: *
network_info: DE_FRANKFURT_9009
from-req-dns-type: NA
server: Akamai Image Manager
served-from: 2.16.187.92

GET
H2 200 HTB18YyhX3mTBuNjy1Xb761MrVXaj.png
ae01.alicdn.com/kf/ Frame 5C76 225 B
508 B 25ms
24ms Image
image/png 104.111.214.74
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ae01.alicdn.com/kf/HTB18YyhX3mTBuNjy1Xb761MrVXaj.png
Requested by: Host: sale.aliexpress.com
URL: https://sale.aliexpress.com/__mobile/coupon_aliexpress.htm?af=a&47182&cn=-&cv=84215&dp=193.27.14.24&aff_fcid=ab345720c5ee43bc842a1b35e626ad8d-1644762924160-06522-_d8O2mSk&aff_fsk=_d8O2mSk&aff_platform=portals-tool&sk=_d8O2mSk&aff_trace_key=ab345720c5ee43bc842a1b35e626ad8d-1644762924160-06522-_d8O2mSk&terminal_id=85ff93f48190446ba6e1a3afdb3ed8fd
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.111.214.74 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-214-74.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: 614004f83a52d51caf263df4f95a281fcfc0c4da500a7a6daab69fb538ee2020

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sale.aliexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 13 Feb 2022 14:35:25 GMT
x-check-cacheable: YES
x-serial: 147
content-type: image/png
access-control-allow-origin: *
expires: Mon, 14 Feb 2022 02:35:25 GMT
cache-control: private, no-transform, max-age=43200
last-modified: Thu, 30 Jul 2020 11:55:28 GMT
content-length: 225
timing-allow-origin: *
network_info: DE_FRANKFURT_9009
from-req-dns-type: NA
server: Akamai Image Manager
served-from: 2.16.187.92

GET
H2 200 H729c57f9a88b49ae856ddf5612fc976bM.jpg_350x350.jpg
ae01.alicdn.com/kf/ Frame 5C76 39 KB
39 KB 47ms
46ms Image
image/jpeg 104.111.214.74
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ae01.alicdn.com/kf/H729c57f9a88b49ae856ddf5612fc976bM.jpg_350x350.jpg
Requested by: Host: sale.aliexpress.com
URL: https://sale.aliexpress.com/__mobile/coupon_aliexpress.htm?af=a&47182&cn=-&cv=84215&dp=193.27.14.24&aff_fcid=ab345720c5ee43bc842a1b35e626ad8d-1644762924160-06522-_d8O2mSk&aff_fsk=_d8O2mSk&aff_platform=portals-tool&sk=_d8O2mSk&aff_trace_key=ab345720c5ee43bc842a1b35e626ad8d-1644762924160-06522-_d8O2mSk&terminal_id=85ff93f48190446ba6e1a3afdb3ed8fd
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.111.214.74 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-214-74.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: 0b58cb23782de79059d72a26ccefbff2590c3cf793f464a1460cd5e65c643134

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sale.aliexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 13 Feb 2022 14:35:25 GMT
last-modified: Thu, 27 May 2021 15:02:35 GMT
server: Akamai Image Manager
content-type: image/jpeg
access-control-allow-origin: *
cache-control: private, no-transform, max-age=43200
served-from: 2.16.187.92
content-length: 39922
timing-allow-origin: *
network_info: DE_FRANKFURT_9009
from-req-dns-type: NA
expires: Mon, 14 Feb 2022 02:35:25 GMT

GET
H2 200 H648640211b6a484e977409d0fc2bd055D.jpg_350x350.jpg
ae01.alicdn.com/kf/ Frame 5C76 34 KB
35 KB 30ms
28ms Image
image/webp 104.111.214.74
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ae01.alicdn.com/kf/H648640211b6a484e977409d0fc2bd055D.jpg_350x350.jpg
Requested by: Host: sale.aliexpress.com
URL: https://sale.aliexpress.com/__mobile/coupon_aliexpress.htm?af=a&47182&cn=-&cv=84215&dp=193.27.14.24&aff_fcid=ab345720c5ee43bc842a1b35e626ad8d-1644762924160-06522-_d8O2mSk&aff_fsk=_d8O2mSk&aff_platform=portals-tool&sk=_d8O2mSk&aff_trace_key=ab345720c5ee43bc842a1b35e626ad8d-1644762924160-06522-_d8O2mSk&terminal_id=85ff93f48190446ba6e1a3afdb3ed8fd
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.111.214.74 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-214-74.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: 94de641dbcf5a453defcf15386b00db280ed7881609e5ff3d535c98d54a1f884

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sale.aliexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 13 Feb 2022 14:35:25 GMT
x-check-cacheable: YES
x-serial: 1522
content-type: image/webp
access-control-allow-origin: *
expires: Mon, 14 Feb 2022 02:35:25 GMT
cache-control: private, no-transform, max-age=43200
last-modified: Thu, 15 Oct 2020 09:38:04 GMT
content-length: 35060
timing-allow-origin: *
network_info: DE_FRANKFURT_9009
from-req-dns-type: NA
server: Akamai Image Manager
served-from: 2.16.187.92

GET
H2 200 HTB1XQB6dBKw3KVjSZTEq6AuRpXaY.jpg_350x350.jpg
ae01.alicdn.com/kf/ Frame 5C76 5 KB
5 KB 47ms
46ms Image
image/webp 104.111.214.74
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ae01.alicdn.com/kf/HTB1XQB6dBKw3KVjSZTEq6AuRpXaY.jpg_350x350.jpg
Requested by: Host: sale.aliexpress.com
URL: https://sale.aliexpress.com/__mobile/coupon_aliexpress.htm?af=a&47182&cn=-&cv=84215&dp=193.27.14.24&aff_fcid=ab345720c5ee43bc842a1b35e626ad8d-1644762924160-06522-_d8O2mSk&aff_fsk=_d8O2mSk&aff_platform=portals-tool&sk=_d8O2mSk&aff_trace_key=ab345720c5ee43bc842a1b35e626ad8d-1644762924160-06522-_d8O2mSk&terminal_id=85ff93f48190446ba6e1a3afdb3ed8fd
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.111.214.74 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-214-74.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: 7f1bd095e46c6a90271fb68ae230901b65f5ea79e10393db00802e2a8fba5e3e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sale.aliexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 13 Feb 2022 14:35:25 GMT
last-modified: Mon, 15 Nov 2021 23:26:25 GMT
server: Akamai Image Manager
content-type: image/webp
access-control-allow-origin: *
cache-control: private, no-transform, max-age=43200
served-from: 2.16.187.92
content-length: 4884
timing-allow-origin: *
network_info: DE_FRANKFURT_9009
from-req-dns-type: NA
expires: Mon, 14 Feb 2022 02:35:25 GMT

GET
H2 200 HTB1iVLyNYvpK1RjSZFqq6AXUVXao.jpg_350x350.jpg
ae01.alicdn.com/kf/ Frame 5C76 22 KB
22 KB 43ms
42ms Image
image/webp 104.111.214.74
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ae01.alicdn.com/kf/HTB1iVLyNYvpK1RjSZFqq6AXUVXao.jpg_350x350.jpg
Requested by: Host: sale.aliexpress.com
URL: https://sale.aliexpress.com/__mobile/coupon_aliexpress.htm?af=a&47182&cn=-&cv=84215&dp=193.27.14.24&aff_fcid=ab345720c5ee43bc842a1b35e626ad8d-1644762924160-06522-_d8O2mSk&aff_fsk=_d8O2mSk&aff_platform=portals-tool&sk=_d8O2mSk&aff_trace_key=ab345720c5ee43bc842a1b35e626ad8d-1644762924160-06522-_d8O2mSk&terminal_id=85ff93f48190446ba6e1a3afdb3ed8fd
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.111.214.74 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-214-74.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: 4bc6e73fbde05f6a231e0d39d1b5ebc4ace68951889713220c4a15272e733f0a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sale.aliexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 13 Feb 2022 14:35:25 GMT
last-modified: Wed, 18 Aug 2021 09:20:34 GMT
server: Akamai Image Manager
content-type: image/webp
access-control-allow-origin: *
cache-control: private, no-transform, max-age=1109540
served-from: 2.16.187.92
content-length: 22530
timing-allow-origin: *
network_info: DE_FRANKFURT_9009
from-req-dns-type: NA
expires: Sat, 26 Feb 2022 10:47:45 GMT

GET
H2 200 HTB1xAXrQFXXXXXeXXXXq6xXFXXXL.jpg_350x350.jpg
ae01.alicdn.com/kf/ Frame 5C76 34 KB
34 KB 48ms
47ms Image
image/jpeg 104.111.214.74
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ae01.alicdn.com/kf/HTB1xAXrQFXXXXXeXXXXq6xXFXXXL.jpg_350x350.jpg
Requested by: Host: sale.aliexpress.com
URL: https://sale.aliexpress.com/__mobile/coupon_aliexpress.htm?af=a&47182&cn=-&cv=84215&dp=193.27.14.24&aff_fcid=ab345720c5ee43bc842a1b35e626ad8d-1644762924160-06522-_d8O2mSk&aff_fsk=_d8O2mSk&aff_platform=portals-tool&sk=_d8O2mSk&aff_trace_key=ab345720c5ee43bc842a1b35e626ad8d-1644762924160-06522-_d8O2mSk&terminal_id=85ff93f48190446ba6e1a3afdb3ed8fd
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.111.214.74 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-214-74.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: 5a8d06baf419f749dc34351dec91a47b35026b6e2c8a82e6dde5a61ea2af6381

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sale.aliexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 13 Feb 2022 14:35:25 GMT
x-check-cacheable: YES
x-serial: 1568
content-type: image/jpeg
access-control-allow-origin: *
expires: Mon, 14 Feb 2022 02:35:25 GMT
cache-control: private, no-transform, max-age=43200
last-modified: Sat, 16 Oct 2021 11:19:30 GMT
content-length: 34306
timing-allow-origin: *
network_info: DE_FRANKFURT_9009
from-req-dns-type: NA
server: Akamai Image Manager
served-from: 2.16.187.92

GET
H2 200 ae.pc_ctr.statweb_ae_ctr
ae.mmstat.com/ Frame 5C76 43 B
219 B 407ms
261ms Image
image/gif 47.246.110.42
CNNIC-ALIBABA-US-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ae.mmstat.com/ae.pc_ctr.statweb_ae_ctr?gmkey=&gokey=project_id%3D%26exp_page%3D%26exp_page_area%3D%26exp_type%3Dcoupon_exposure%26exp_condition%3Dcoupon_promotion_id%253D1914314869%253Bcoupon_type%253DSTORE%26exp_product%3D%26exp_attribute%3D%26exp_result_cnt%3D%26Page_size%3D%26Page_no%3D%26refer%3D%26scm_id%3D%26pvid%3D%26spm-cnt%3Da2g01.11642078.center-coupon.0%26st_page_id%3D17ef382865b17b7cbc04ddc9148ef7447f14bb1a44%26ali_apache_track%3D-%26jsver%3Daplus_int%26lver%3D8.15.19%26pver%3D0.7.11%26cache%3Dae244d5%26page_cna%3D%26_slog%3D0&cna=&_p_url=https%3A%2F%2Fsale.aliexpress.com%2F__mobile%2Fcoupon_aliexpress.htm%3Faf%3Da%2647182%26cn%3D-%26cv%3D84215%26dp%3D193.27.14.24%26aff_fcid%3Dab345720c5ee43bc842a1b35e626ad8d-1644762924160-06522-_d8O2mSk%26aff_fsk%3D_d8O2mSk%26aff_platform%3Dportals-tool%26sk%3D_d8O2mSk%26aff_trace_key%3Dab345720c5ee43bc842a1b35e626ad8d-1644762924160-06522-_d8O2mSk%26terminal_id%3D85ff93f48190446ba6e1a3afdb3ed8fd&spm-cnt=undefined&logtype=2
Requested by: Host: sale.aliexpress.com
URL: https://sale.aliexpress.com/__mobile/coupon_aliexpress.htm?af=a&47182&cn=-&cv=84215&dp=193.27.14.24&aff_fcid=ab345720c5ee43bc842a1b35e626ad8d-1644762924160-06522-_d8O2mSk&aff_fsk=_d8O2mSk&aff_platform=portals-tool&sk=_d8O2mSk&aff_trace_key=ab345720c5ee43bc842a1b35e626ad8d-1644762924160-06522-_d8O2mSk&terminal_id=85ff93f48190446ba6e1a3afdb3ed8fd
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 47.246.110.42 , United States, ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sale.aliexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Feb 2022 14:35:25 GMT
server: nginx
p3p: CP="NOI DSP COR CURa ADMa DEVa PSAa PSDa OUR IND UNI PUR NAV"
cache-control: no-cache
cross-origin-resource-policy: cross-origin
content-type: image/gif
content-length: 43
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 ae.pc_ctr.statweb_ae_ctr
ae.mmstat.com/ Frame 5C76 43 B
124 B 408ms
262ms Image
image/gif 47.246.110.42
CNNIC-ALIBABA-US-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ae.mmstat.com/ae.pc_ctr.statweb_ae_ctr?gmkey=&gokey=project_id%3D%26exp_page%3D%26exp_page_area%3D%26exp_type%3Dcoupon_exposure%26exp_condition%3Dcoupon_promotion_id%253D5000000056635174%253Bcoupon_type%253DSTORE%26exp_product%3D%26exp_attribute%3D%26exp_result_cnt%3D%26Page_size%3D%26Page_no%3D%26refer%3D%26scm_id%3D%26pvid%3D%26spm-cnt%3Da2g01.11642078.center-coupon.0%26st_page_id%3D17ef382865b17b7cbc04ddc9148ef7447f14bb1a44%26ali_apache_track%3D-%26jsver%3Daplus_int%26lver%3D8.15.19%26pver%3D0.7.11%26cache%3Da71883f%26page_cna%3D%26_slog%3D0&cna=&_p_url=https%3A%2F%2Fsale.aliexpress.com%2F__mobile%2Fcoupon_aliexpress.htm%3Faf%3Da%2647182%26cn%3D-%26cv%3D84215%26dp%3D193.27.14.24%26aff_fcid%3Dab345720c5ee43bc842a1b35e626ad8d-1644762924160-06522-_d8O2mSk%26aff_fsk%3D_d8O2mSk%26aff_platform%3Dportals-tool%26sk%3D_d8O2mSk%26aff_trace_key%3Dab345720c5ee43bc842a1b35e626ad8d-1644762924160-06522-_d8O2mSk%26terminal_id%3D85ff93f48190446ba6e1a3afdb3ed8fd&spm-cnt=undefined&logtype=2
Requested by: Host: sale.aliexpress.com
URL: https://sale.aliexpress.com/__mobile/coupon_aliexpress.htm?af=a&47182&cn=-&cv=84215&dp=193.27.14.24&aff_fcid=ab345720c5ee43bc842a1b35e626ad8d-1644762924160-06522-_d8O2mSk&aff_fsk=_d8O2mSk&aff_platform=portals-tool&sk=_d8O2mSk&aff_trace_key=ab345720c5ee43bc842a1b35e626ad8d-1644762924160-06522-_d8O2mSk&terminal_id=85ff93f48190446ba6e1a3afdb3ed8fd
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 47.246.110.42 , United States, ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sale.aliexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Feb 2022 14:35:25 GMT
server: nginx
p3p: CP="NOI DSP COR CURa ADMa DEVa PSAa PSDa OUR IND UNI PUR NAV"
cache-control: no-cache
cross-origin-resource-policy: cross-origin
content-type: image/gif
content-length: 43
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 ae.pc_ctr.statweb_ae_ctr
ae.mmstat.com/ Frame 5C76 43 B
124 B 408ms
263ms Image
image/gif 47.246.110.42
CNNIC-ALIBABA-US-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ae.mmstat.com/ae.pc_ctr.statweb_ae_ctr?gmkey=&gokey=project_id%3D%26exp_page%3D%26exp_page_area%3D%26exp_type%3Dcoupon_exposure%26exp_condition%3Dcoupon_promotion_id%253D5000000056894972%253Bcoupon_type%253DSTORE%26exp_product%3D%26exp_attribute%3D%26exp_result_cnt%3D%26Page_size%3D%26Page_no%3D%26refer%3D%26scm_id%3D%26pvid%3D%26spm-cnt%3Da2g01.11642078.center-coupon.0%26st_page_id%3D17ef382865b17b7cbc04ddc9148ef7447f14bb1a44%26ali_apache_track%3D-%26jsver%3Daplus_int%26lver%3D8.15.19%26pver%3D0.7.11%26cache%3D94f3589%26page_cna%3D%26_slog%3D0&cna=&_p_url=https%3A%2F%2Fsale.aliexpress.com%2F__mobile%2Fcoupon_aliexpress.htm%3Faf%3Da%2647182%26cn%3D-%26cv%3D84215%26dp%3D193.27.14.24%26aff_fcid%3Dab345720c5ee43bc842a1b35e626ad8d-1644762924160-06522-_d8O2mSk%26aff_fsk%3D_d8O2mSk%26aff_platform%3Dportals-tool%26sk%3D_d8O2mSk%26aff_trace_key%3Dab345720c5ee43bc842a1b35e626ad8d-1644762924160-06522-_d8O2mSk%26terminal_id%3D85ff93f48190446ba6e1a3afdb3ed8fd&spm-cnt=undefined&logtype=2
Requested by: Host: sale.aliexpress.com
URL: https://sale.aliexpress.com/__mobile/coupon_aliexpress.htm?af=a&47182&cn=-&cv=84215&dp=193.27.14.24&aff_fcid=ab345720c5ee43bc842a1b35e626ad8d-1644762924160-06522-_d8O2mSk&aff_fsk=_d8O2mSk&aff_platform=portals-tool&sk=_d8O2mSk&aff_trace_key=ab345720c5ee43bc842a1b35e626ad8d-1644762924160-06522-_d8O2mSk&terminal_id=85ff93f48190446ba6e1a3afdb3ed8fd
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 47.246.110.42 , United States, ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sale.aliexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Feb 2022 14:35:25 GMT
server: nginx
p3p: CP="NOI DSP COR CURa ADMa DEVa PSAa PSDa OUR IND UNI PUR NAV"
cache-control: no-cache
cross-origin-resource-policy: cross-origin
content-type: image/gif
content-length: 43
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 ae.pc_ctr.statweb_ae_ctr
ae.mmstat.com/ Frame 5C76 43 B
123 B 408ms
262ms Image
image/gif 47.246.110.42
CNNIC-ALIBABA-US-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ae.mmstat.com/ae.pc_ctr.statweb_ae_ctr?gmkey=&gokey=project_id%3D%26exp_page%3D%26exp_page_area%3D%26exp_type%3Dcoupon_exposure%26exp_condition%3Dcoupon_promotion_id%253D5000000057122773%253Bcoupon_type%253DSTORE%26exp_product%3D%26exp_attribute%3D%26exp_result_cnt%3D%26Page_size%3D%26Page_no%3D%26refer%3D%26scm_id%3D%26pvid%3D%26spm-cnt%3Da2g01.11642078.center-coupon.0%26st_page_id%3D17ef382865b17b7cbc04ddc9148ef7447f14bb1a44%26ali_apache_track%3D-%26jsver%3Daplus_int%26lver%3D8.15.19%26pver%3D0.7.11%26cache%3D599c185%26page_cna%3D%26_slog%3D0&cna=&_p_url=https%3A%2F%2Fsale.aliexpress.com%2F__mobile%2Fcoupon_aliexpress.htm%3Faf%3Da%2647182%26cn%3D-%26cv%3D84215%26dp%3D193.27.14.24%26aff_fcid%3Dab345720c5ee43bc842a1b35e626ad8d-1644762924160-06522-_d8O2mSk%26aff_fsk%3D_d8O2mSk%26aff_platform%3Dportals-tool%26sk%3D_d8O2mSk%26aff_trace_key%3Dab345720c5ee43bc842a1b35e626ad8d-1644762924160-06522-_d8O2mSk%26terminal_id%3D85ff93f48190446ba6e1a3afdb3ed8fd&spm-cnt=undefined&logtype=2
Requested by: Host: sale.aliexpress.com
URL: https://sale.aliexpress.com/__mobile/coupon_aliexpress.htm?af=a&47182&cn=-&cv=84215&dp=193.27.14.24&aff_fcid=ab345720c5ee43bc842a1b35e626ad8d-1644762924160-06522-_d8O2mSk&aff_fsk=_d8O2mSk&aff_platform=portals-tool&sk=_d8O2mSk&aff_trace_key=ab345720c5ee43bc842a1b35e626ad8d-1644762924160-06522-_d8O2mSk&terminal_id=85ff93f48190446ba6e1a3afdb3ed8fd
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 47.246.110.42 , United States, ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sale.aliexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Feb 2022 14:35:25 GMT
server: nginx
p3p: CP="NOI DSP COR CURa ADMa DEVa PSAa PSDa OUR IND UNI PUR NAV"
cache-control: no-cache
cross-origin-resource-policy: cross-origin
content-type: image/gif
content-length: 43
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 ae.pc_ctr.statweb_ae_ctr
ae.mmstat.com/ Frame 5C76 43 B
124 B 409ms
264ms Image
image/gif 47.246.110.42
CNNIC-ALIBABA-US-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ae.mmstat.com/ae.pc_ctr.statweb_ae_ctr?gmkey=&gokey=project_id%3D%26exp_page%3D%26exp_page_area%3D%26exp_type%3Dcoupon_exposure%26exp_condition%3Dcoupon_promotion_id%253D5000000056640439%253Bcoupon_type%253DSTORE%26exp_product%3D%26exp_attribute%3D%26exp_result_cnt%3D%26Page_size%3D%26Page_no%3D%26refer%3D%26scm_id%3D%26pvid%3D%26spm-cnt%3Da2g01.11642078.center-coupon.0%26st_page_id%3D17ef382865b17b7cbc04ddc9148ef7447f14bb1a44%26ali_apache_track%3D-%26jsver%3Daplus_int%26lver%3D8.15.19%26pver%3D0.7.11%26cache%3D2b7d90a%26page_cna%3D%26_slog%3D0&cna=&_p_url=https%3A%2F%2Fsale.aliexpress.com%2F__mobile%2Fcoupon_aliexpress.htm%3Faf%3Da%2647182%26cn%3D-%26cv%3D84215%26dp%3D193.27.14.24%26aff_fcid%3Dab345720c5ee43bc842a1b35e626ad8d-1644762924160-06522-_d8O2mSk%26aff_fsk%3D_d8O2mSk%26aff_platform%3Dportals-tool%26sk%3D_d8O2mSk%26aff_trace_key%3Dab345720c5ee43bc842a1b35e626ad8d-1644762924160-06522-_d8O2mSk%26terminal_id%3D85ff93f48190446ba6e1a3afdb3ed8fd&spm-cnt=undefined&logtype=2
Requested by: Host: sale.aliexpress.com
URL: https://sale.aliexpress.com/__mobile/coupon_aliexpress.htm?af=a&47182&cn=-&cv=84215&dp=193.27.14.24&aff_fcid=ab345720c5ee43bc842a1b35e626ad8d-1644762924160-06522-_d8O2mSk&aff_fsk=_d8O2mSk&aff_platform=portals-tool&sk=_d8O2mSk&aff_trace_key=ab345720c5ee43bc842a1b35e626ad8d-1644762924160-06522-_d8O2mSk&terminal_id=85ff93f48190446ba6e1a3afdb3ed8fd
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 47.246.110.42 , United States, ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sale.aliexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Feb 2022 14:35:25 GMT
server: nginx
p3p: CP="NOI DSP COR CURa ADMa DEVa PSAa PSDa OUR IND UNI PUR NAV"
cache-control: no-cache
cross-origin-resource-policy: cross-origin
content-type: image/gif
content-length: 43
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 index.js Show response
assets.alicdn.com/g/sd/baxia-entry/ Frame 5C76 2 KB
2 KB 18ms
18ms Script
application/javascript 104.111.216.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.alicdn.com/g/sd/baxia-entry/index.js?t=228439
Requested by: Host: www.gandul.ro
URL: https://www.gandul.ro/stiri/un-adolescent-de-17-ani-inecat-therme-ce-spun-reprezentatii-complexului-19749318?utm_source=ZF+Articol&utm_medium=website&utm_campaign=fidmee
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.111.216.213 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-216-213.deploy.static.akamaitechnologies.com
Software: Tengine /
Resource Hash: 7c8898172b879d771a77be7f5b2133f8ccdd26eaafb36f653a0ca0ebce0216fb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sale.aliexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 13 Feb 2022 14:35:25 GMT
content-encoding: gzip
x-oss-request-id: 61EED7487B212A3630916DC9
content-md5: uYfEYSicLJQePdry/LZh7Q==
x-swift-cachetime: 900
x-oss-hash-crc64ecma: 13547624062769674599
x-swift-savetime: Mon, 24 Jan 2022 16:43:52 GMT
content-length: 1097
x-oss-object-type: Normal
last-modified: Thu, 01 Jan 1970 00:00:01 GMT
server: Tengine
vary: Accept-Encoding
ali-swift-global-savetime: 1643042632
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=66, s-maxage=900
served-from: 23.202.51.110
x-oss-storage-class: Standard
x-source-scheme: https
timing-allow-origin: *
network_info: KZ_ALMATY_9198, DE_FRANKFURT_9009
eagleid: 2ff6149b16430426321434683e
x-oss-server-time: 3
expires: Sun, 13 Feb 2022 14:36:31 GMT

GET
H2 200 g.gif
ae.mmstat.com/ Frame 5C76 43 B
146 B 262ms
262ms Image
image/gif 47.246.110.42
CNNIC-ALIBABA-US-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ae.mmstat.com/g.gif?logtype=0&title=Coupon%20Center&pre=https%3A%2F%2Fwww.gandul.ro%2F&scr=1600x1200&_p_url=https%3A%2F%2Fsale.aliexpress.com%2F__mobile%2Fcoupon_aliexpress.htm%3Faf%3Da%2647182%26cn%3D-%26cv%3D84215%26dp%3D193.27.14.24%26aff_fcid%3Dab345720c5ee43bc842a1b35e626ad8d-1644762924160-06522-_d8O2mSk%26aff_fsk%3D_d8O2mSk%26aff_platform%3Dportals-tool%26sk%3D_d8O2mSk%26aff_trace_key%3Dab345720c5ee43bc842a1b35e626ad8d-1644762924160-06522-_d8O2mSk%26terminal_id%3D85ff93f48190446ba6e1a3afdb3ed8fd&cna=LQWQGiXv/WUCAcEbDhif994Y&spm-cnt=a2g01.11642078.0.0.40b63884ipPgBi&aplus=&sidx=aplusSidx&pageid=17ef382865b17b7cbc04ddc9148ef7447f14bb1a44&dmtrack_b=%7Bifm%3D1%7Clogin%3D0%7D&dmtrack_c=%7Bacs_rt%3D85ff93f48190446ba6e1a3afdb3ed8fd%7Caep_usuc_f%3D-%7Caeu_cid%3Dab345720c5ee43bc842a1b35e626ad8d-1644762924160-06522-_d8O2mSk%7D&ali_beacon_id=-&ali_apache_id=-&ali_apache_track=-&ali_apache_tracktmp=-&_p_uid=-&p=1&o=win10&b=chrome98&s=1600x1200&w=webkit&ism=pc&cache=c57bda8&lver=8.15.19&jsver=aplus_int&pver=0.7.11&_pw=801&_ph=601&tag=0&stag=2&lstag=0&_slog=0
Requested by: Host: www.gandul.ro
URL: https://www.gandul.ro/stiri/un-adolescent-de-17-ani-inecat-therme-ce-spun-reprezentatii-complexului-19749318?utm_source=ZF+Articol&utm_medium=website&utm_campaign=fidmee
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 47.246.110.42 , United States, ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sale.aliexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Feb 2022 14:35:25 GMT
server: nginx
p3p: CP="NOI DSP COR CURa ADMa DEVa PSAa PSDa OUR IND UNI PUR NAV"
cache-control: no-cache
cross-origin-resource-policy: cross-origin
content-type: image/gif
content-length: 43
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 index.js Show response
assets.alicdn.com/g/secdev/entry/ Frame 5C76 6 KB
3 KB 18ms
18ms Script
application/javascript 104.111.216.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.alicdn.com/g/secdev/entry/index.js?t=228439
Requested by: Host: www.gandul.ro
URL: https://www.gandul.ro/stiri/un-adolescent-de-17-ani-inecat-therme-ce-spun-reprezentatii-complexului-19749318?utm_source=ZF+Articol&utm_medium=website&utm_campaign=fidmee
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.111.216.213 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-216-213.deploy.static.akamaitechnologies.com
Software: Tengine /
Resource Hash: 5ae832fce3a62e8ca665034351571312bcf0e165109a303f27d44a18e1bc1f24

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sale.aliexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 13 Feb 2022 14:35:25 GMT
content-encoding: gzip
x-oss-request-id: 61EED749496A0B3932C25FB2
content-md5: uX76p9ACMtkK1QyA7NPH6w==
x-swift-cachetime: 3600
x-oss-hash-crc64ecma: 5804250900312149111
x-swift-savetime: Mon, 24 Jan 2022 16:43:53 GMT
content-length: 2961
x-oss-object-type: Normal
last-modified: Thu, 01 Jan 1970 00:00:01 GMT
server: Tengine
vary: Accept-Encoding
ali-swift-global-savetime: 1643042633
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=261, s-maxage=3600
served-from: 47.246.20.254
x-oss-storage-class: Standard
x-source-scheme: https
timing-allow-origin: *
network_info: KZ_ALMATY_9198, DE_FRANKFURT_9009
eagleid: 2ff6149a16430426337283673e
x-oss-server-time: 10
expires: Sun, 13 Feb 2022 14:39:46 GMT

GET
H2 200 baxiaCommon.js Show response
assets.alicdn.com/g/sd/baxia/2.0.50/ Frame 5C76 23 KB
8 KB 19ms
19ms Script
application/javascript 104.111.216.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.alicdn.com/g/sd/baxia/2.0.50/baxiaCommon.js
Requested by: Host: assets.alicdn.com
URL: https://assets.alicdn.com/g/sd/baxia-entry/index.js?t=228439
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.111.216.213 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-216-213.deploy.static.akamaitechnologies.com
Software: Akamai Resource Optimizer /
Resource Hash: 0a40dea2ad8c38d54437a638dc460a19581857e6d8cf1883b5df58896bfa2489

Request headers

Referer: https://sale.aliexpress.com/
Origin: https://sale.aliexpress.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 13 Feb 2022 14:35:25 GMT
content-encoding: br
x-oss-request-id: 61E6C4AE39899C3431D8018F
content-md5: RbR3KfKCEtEd6Zppk3ZhZg==
x-swift-cachetime: 15308
x-oss-hash-crc64ecma: 5412104085485261180
x-swift-savetime: Wed, 19 Jan 2022 09:31:14 GMT
content-length: 7295
x-oss-object-type: Normal
last-modified: Wed, 19 Jan 2022 09:35:22 GMT
server: Akamai Resource Optimizer
ali-swift-global-savetime: 1642513582
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=342632, s-maxage=86400
served-from: 210.61.249.38
x-oss-storage-class: Standard
timing-allow-origin: *
network_info: US_SEATTLE_35994, DE_FRANKFURT_9009
eagleid: a3b5279e16425846740015381e
x-oss-server-time: 4
expires: Thu, 17 Feb 2022 13:45:57 GMT

GET
H2 200 index.js Show response
assets.alicdn.com/g/secdev/sufei_data/3.9.9/ Frame 5C76 17 KB
7 KB 19ms
19ms Script
application/javascript 104.111.216.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.alicdn.com/g/secdev/sufei_data/3.9.9/index.js
Requested by: Host: assets.alicdn.com
URL: https://assets.alicdn.com/g/secdev/entry/index.js?t=228439
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.111.216.213 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-216-213.deploy.static.akamaitechnologies.com
Software: Akamai Resource Optimizer /
Resource Hash: 1181008c4d533ae52f2533ef482bb326ae0df168e10175d15c74a63ac86531d4

Request headers

Referer: https://sale.aliexpress.com/__mobile/coupon_aliexpress.htm?af=a&47182&cn=-&cv=84215&dp=193.27.14.24&aff_fcid=ab345720c5ee43bc842a1b35e626ad8d-1644762924160-06522-_d8O2mSk&aff_fsk=_d8O2mSk&aff_platform=portals-tool&sk=_d8O2mSk&aff_trace_key=ab345720c5ee43bc842a1b35e626ad8d-1644762924160-06522-_d8O2mSk&terminal_id=85ff93f48190446ba6e1a3afdb3ed8fd
Origin: https://sale.aliexpress.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 13 Feb 2022 14:35:25 GMT
content-encoding: br
x-oss-request-id: 61E5CA950111123332B39B57
content-md5: BLF6Clts+DnJshKrVXCXFw==
x-swift-cachetime: 74795
x-oss-hash-crc64ecma: 2824524793130602968
x-swift-savetime: Mon, 17 Jan 2022 23:12:42 GMT
content-length: 6733
x-oss-object-type: Normal
last-modified: Tue, 18 Jan 2022 06:10:22 GMT
server: Akamai Resource Optimizer
ali-swift-global-savetime: 1642449557
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=278733, s-maxage=86400
served-from: 23.215.131.70
x-oss-storage-class: Standard
x-source-scheme: https
timing-allow-origin: *
network_info: US_ASHBURN_20940, DE_FRANKFURT_9009
eagleid: 2ff6189f16424862198008788e
x-oss-server-time: 57
expires: Wed, 16 Feb 2022 20:00:58 GMT

GET
H2 200 g Show response
assets.alicdn.com/ Frame 5C76 130 KB
56 KB 21ms
21ms Script
application/javascript 104.111.216.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.alicdn.com/g??xlly/spl/rp.js,secdev/nsv/1.0.78/ns_e_88_3_f.js?v=1
Requested by: Host: assets.alicdn.com
URL: https://assets.alicdn.com/g/secdev/entry/index.js?t=228439
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.111.216.213 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-216-213.deploy.static.akamaitechnologies.com
Software: Tengine /
Resource Hash: 1aeda7bc76ae0865178647144bdd612b499c12e5435264a96c931d569db8518f

Request headers

Referer: https://sale.aliexpress.com/__mobile/coupon_aliexpress.htm?af=a&47182&cn=-&cv=84215&dp=193.27.14.24&aff_fcid=ab345720c5ee43bc842a1b35e626ad8d-1644762924160-06522-_d8O2mSk&aff_fsk=_d8O2mSk&aff_platform=portals-tool&sk=_d8O2mSk&aff_trace_key=ab345720c5ee43bc842a1b35e626ad8d-1644762924160-06522-_d8O2mSk&terminal_id=85ff93f48190446ba6e1a3afdb3ed8fd
Origin: https://sale.aliexpress.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 13 Feb 2022 14:35:25 GMT
content-encoding: gzip
x-oss-request-id: 6208A8B7E0AD9938335E2DEE
content-md5: /bAOACTA0CoKGqWC2cODqw==
x-swift-cachetime: 86400
x-swift-savetime: Sun, 13 Feb 2022 06:44:07 GMT
content-length: 56711
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 8675859113826473122
server: Tengine
vary: Accept-Encoding
ali-swift-global-savetime: 1644734647
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=58119, s-maxage=86400
served-from: 2.16.187.12
x-oss-storage-class: Standard
x-source-scheme: https
timing-allow-origin: *
network_info: DE_FRANKFURT_9009
eagleid: 2ff62b2116447346469875505e
x-oss-server-time: 5

GET
H2 200 et_f.js Show response
assets.alicdn.com/g/AWSC/et/1.62.1/ Frame 5C76 100 KB
31 KB 32ms
32ms Script
application/javascript 104.111.216.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.alicdn.com/g/AWSC/et/1.62.1/et_f.js
Requested by: Host: assets.alicdn.com
URL: https://assets.alicdn.com/g/secdev/entry/index.js?t=228439
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.111.216.213 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-216-213.deploy.static.akamaitechnologies.com
Software: Akamai Resource Optimizer /
Resource Hash: 16e7e09559097312d131e3a5d9171161528470f5365226fa83a3bee4314071c3

Request headers

Referer: https://sale.aliexpress.com/__mobile/coupon_aliexpress.htm?af=a&47182&cn=-&cv=84215&dp=193.27.14.24&aff_fcid=ab345720c5ee43bc842a1b35e626ad8d-1644762924160-06522-_d8O2mSk&aff_fsk=_d8O2mSk&aff_platform=portals-tool&sk=_d8O2mSk&aff_trace_key=ab345720c5ee43bc842a1b35e626ad8d-1644762924160-06522-_d8O2mSk&terminal_id=85ff93f48190446ba6e1a3afdb3ed8fd
Origin: https://sale.aliexpress.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 13 Feb 2022 14:35:25 GMT
content-encoding: br
x-oss-request-id: 620088A51FC3B3323405DC60
content-md5: 4NiYCFMG7NhygH1t2RM9TA==
x-swift-cachetime: 3599
x-oss-hash-crc64ecma: 679467694893097074
x-swift-savetime: Mon, 07 Feb 2022 02:49:10 GMT
content-length: 31200
x-oss-object-type: Normal
last-modified: Mon, 07 Feb 2022 02:49:11 GMT
server: Akamai Resource Optimizer
ali-swift-global-savetime: 1644202149
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2031150, s-maxage=3600
served-from: 2.21.231.110
x-oss-storage-class: Standard
timing-allow-origin: *
network_info: US_CHICAGO_35994, DE_FRANKFURT_9009
eagleid: 2ff61c9716442021493351311e
x-oss-server-time: 4
expires: Wed, 09 Mar 2022 02:47:55 GMT

GET
H2 200 ts
fourier.taobao.com/ Frame 5C76 0
60 B 989ms
280ms Image
image/gif 2408:4001:f00::f3
CNNIC-ALIBABA-CN-...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fourier.taobao.com/ts?url=https%3A%2F%2Fwww.gandul.ro%2F&token=BIKCeNFrVFR_6kiI6ybwDPY404HkU4ZtAlIvI8ybrvWgHyKZtOPWfQhJzQNjVP4F&cna=LQWQGiXv%2FWUCAcEbDhif994Y&ext=1

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2408:4001:f00::f3 Beijing, China, ASN37963 (CNNIC-ALIBABA-CN-NET-AP Hangzhou Alibaba Advertising Co.,Ltd., CN),

Reverse DNS

Software

Tengine/Aserver /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sale.aliexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 13 Feb 2022 14:35:26 GMT
eagleeye-traceid: 21329a7d16447629264882613ecd21
server: Tengine/Aserver
timing-allow-origin: *
content-length: 0
strict-transport-security: max-age=31536000
content-type: image/gif

GET
H2 200 rp Show response
fourier.taobao.com/ Frame 5C76 1023 B
1 KB 901ms
240ms Script
application/javascript 2408:4001:f00::f3
CNNIC-ALIBABA-CN-...

General

Check archive.org

Show headers Download Go to

Full URL

https://fourier.taobao.com/rp?ext=51&data=jm_LQWQGiXv/WUCAcEbDhif994Y&random=42380734622512395&href=https%3A%2F%2Fsale.aliexpress.com%2F__mobile%2Fcoupon_aliexpress.htm%3Faf%3Da%2647182%26cn%3D-%26cv%3D84215%26dp%3D193.27.14.24%26aff_fcid%3Dab345720c5ee43bc842a1b35e626ad8d-1644762924160-06522-_d8O2mSk%26aff_fsk%3D_d8O2mSk%26aff_platform%3Dportals-tool%26sk%3D_d8O2mSk%26aff_trace_key%3Dab345720c5ee43bc842a1b35e626ad8d-1644762924160-06522-_d8O2mSk%26terminal_id%3D85ff93f48190446ba6e1a3afdb3ed8fd&protocol=https:

Requested by

Host: assets.alicdn.com
URL: https://assets.alicdn.com/g??xlly/spl/rp.js,secdev/nsv/1.0.78/ns_e_88_3_f.js?v=1

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2408:4001:f00::f3 Beijing, China, ASN37963 (CNNIC-ALIBABA-CN-NET-AP Hangzhou Alibaba Advertising Co.,Ltd., CN),

Reverse DNS

Software

Tengine/Aserver /

Resource Hash

486ba168351c19d6297fdb944a8c532ddb1c2be56b9f6b4404e60ddd044dc758

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sale.aliexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 13 Feb 2022 14:35:26 GMT
bxuuid: 16a960e2b20cf95daf03d9f1fabbba6f, {"login-token":"16a960e2b20cf95daf03d9f1fabbba6f___null___24cccf24aa376649a3ca7b87f5d10078"}
server: Tengine/Aserver
strict-transport-security: max-age=31536000
content-type: application/javascript;charset=UTF-8
cache-control: no-store
access-control-allow-credentials: true
x5-punish-cache: miss
timing-allow-origin: *
content-length: 1023
eagleeye-traceid: 21329a7d16447629264882614ecd21
use-raw: true
bxpunish: 1

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 90 KB
28 KB 53ms
17ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.js

Requested by

Host: www.gandul.ro
URL: https://www.gandul.ro/wp-content/plugins/strawberry-ads-manager/js/prebid4.40.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

2c8ae0c883c62c03c5800ca91a31d1f0e00088683fb5f4131667c0504ce99e64

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gandul.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 13 Feb 2022 14:35:26 GMT
content-encoding: gzip
last-modified: Mon, 31 Jan 2022 09:04:35 GMT
server: nginx
etag: W/"61f7a623-16685"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 14 Feb 2022 14:35:26 GMT

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 90 KB
28 KB 50ms
18ms XHR
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.js

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

2c8ae0c883c62c03c5800ca91a31d1f0e00088683fb5f4131667c0504ce99e64

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gandul.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 13 Feb 2022 14:35:26 GMT
content-encoding: gzip
last-modified: Mon, 31 Jan 2022 09:04:35 GMT
server: nginx
etag: W/"61f7a623-16685"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 14 Feb 2022 14:35:26 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 0467 2 KB
1 KB 69ms
20ms Document
text/html 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.gandul.ro&gdpr=1&gdpr_consent=

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

d7639ef9732adaf582c2006a5de74d4e4fa148e000abb6dfd2e2a9f3455490db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.gandul.ro/

Response headers

cache-control: private, max-age=0
content-type: text/html; charset=utf-8
content-encoding: gzip
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
server-processing-duration-in-ticks: 421
date: Sun, 13 Feb 2022 14:35:26 GMT
content-length: 972
strict-transport-security: max-age=31536000; preload;

GET
H3 200 OneSignalSDKStyles.css
onesignal.com/sdks/ 82 KB
9 KB 75ms
74ms Stylesheet
text/css 2606:4700::6812:e234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://onesignal.com/sdks/OneSignalSDKStyles.css?v=2
Requested by: Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151513
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gandul.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 13 Feb 2022 14:35:28 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 932
etag: W/"4e9aaefffd5f8ae7dc83361aa2294190"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=2592000
cf-ray: 6dcec8904e6959b3-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 15 Mar 2022 14:35:28 GMT

GET
H3 200 icon Show response
onesignal.com/api/v1/apps/f487e21e-4a37-4c7b-a2de-dedb267c05f9/ 184 B
576 B 433ms
368ms Fetch
application/json 2606:4700::6812:e234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onesignal.com/api/v1/apps/f487e21e-4a37-4c7b-a2de-dedb267c05f9/icon

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151513

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

92b5a21f280b2ec0c5ace3662020bb71bc18cb471b889682e6a2f7d98a2fe51e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gandul.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 13 Feb 2022 14:35:29 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
status: 200 OK
x-envoy-upstream-service-time: 7
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 2b543e66-0190-4105-9d4e-8da577bb6a91
x-runtime: 0.005842
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"92b5a21f280b2ec0c5ace3662020bb71"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=0, private, must-revalidate
cf-ray: 6dcec8918de859f5-MXP
access-control-allow-headers: SDK-Version

GET
H2 200 8fd01cc6-c61d-46ce-95fb-a08d9a926d48
img.onesignal.com/permanent/ 11 KB
12 KB 33ms
22ms Image
image/png 2606:4700::6812:e234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.onesignal.com/permanent/8fd01cc6-c61d-46ce-95fb-a08d9a926d48
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a6e9baf39e743b080af5a4ab05a1383a0e39f8f0374e296b9cd33bc9f31a0e75

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gandul.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 13 Feb 2022 14:35:29 GMT
cf-cache-status: HIT
age: 1900
x-amz-meta-cache-control: public, maxage=604800
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 11687
x-amz-id-2: Rkb3jJ+nVNB7TOa9JvklzNkAPe9Bm7XLiEBgTMXMx5RWdIaMLbA731Qlua09rphipmBI1MK5OtI=
last-modified: Wed, 20 Oct 2021 14:05:52 GMT
server: cloudflare
etag: "8628b67b9c4091b926befece73b5b351"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-request-id: ZDQQDXJE0Q3GGY2A
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 6dcec893ea5d90d6-FRA
expires: Wed, 16 Mar 2022 14:35:29 GMT

Verdicts & Comments Add Verdict or Comment

134 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

119 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.gandul.ro/	1970-01-20 00:52:44	Name: __cf_bm Value: Jfpw6N_c6ZX6PYWLRsTjFSf_8s7DnV0oKGWIvq7h1Wo-1644762923-0-Af+hrh19w3hRZK/SP1eKA2JRapUWEzB/fbToPajThatFGRNoVVo/YcDwJ9KPXK2C/vt7/P4o+7jC1B5++dz+W4s=
.gandul.ro/	1969-12-31 23:59:59	Name: cX_S Value: kzlddlx2cum5s0le
.gandul.ro/	1970-01-20 09:38:18	Name: cX_P Value: kzlddlx4nhclf5oq
.gandul.info/	1970-01-20 00:52:44	Name: __cf_bm Value: .UkemavsbSsVlSevN0vjwdHptpPeZkhkNiNHHnaxFdM-1644762923-0-AY2CQkL91MKbyxExQVG3iIba3I+MglOpGxx45MHFGUAQQIKVRc3gxkA1Y9jl+Y9ivk0U6NeUn2HpfLsKz3iqfHM=
.gandul.ro/	1970-01-20 18:23:54	Name: _ga Value: GA1.2.1288305701.1644762923
.gandul.ro/	1970-01-20 00:54:09	Name: _gid Value: GA1.2.1587596877.1644762923
.gandul.ro/	1970-01-20 00:52:42	Name: _gat_gtag_UA_1572980_1 Value: 1
live.demand.supply/	1970-01-20 18:23:54	Name: demandSupplyTi Value: ea4fc9d7-cd78-4753-ae01-76f56666acae
.cxense.com/	1970-01-20 09:38:18	Name: gckp Value: 3diqbbl2fthip27iaaex006ycu
.gandul.ro/	1970-01-20 09:38:18	Name: cX_G Value: cx%3A1h3zv7bo9vdk51a0henpvf6h5r%3A3mezkd0l6u944
www.gandul.ro/	1970-01-20 03:02:18	Name: evid_0046 Value: cx:1h3zv7bo9vdk51a0henpvf6h5r:3mezkd0l6u944
.adtlgc.com/	1970-01-20 13:50:18	Name: evid_0046 Value: cx:1h3zv7bo9vdk51a0henpvf6h5r:3mezkd0l6u944
www.gandul.ro/	1970-01-20 00:52:50	Name: adptset_0046 Value: 1
www.gandul.ro/	1970-01-20 00:52:42	Name: evid_set_0046 Value: 2
.aliexpress.com/	1970-02-13 21:24:06	Name: xman_us_f Value: x_l=0&x_as_i=%7B%22aeuCID%22%3A%22ab345720c5ee43bc842a1b35e626ad8d-1644762924160-06522-_d8O2mSk%22%2C%22af%22%3A%22a%22%2C%22affiliateKey%22%3A%22_d8O2mSk%22%2C%22channel%22%3A%22AFFILIATE%22%2C%22cv%22%3A%221%22%2C%22isCookieCache%22%3A%22N%22%2C%22ms%22%3A%221%22%2C%22pid%22%3A%22716815331%22%2C%22tagtime%22%3A1644762924160%7D&acs_rt=85ff93f48190446ba6e1a3afdb3ed8fd
.aliexpress.com/	1969-12-31 23:59:59	Name: acs_usuc_t Value: x_csrf=15uvo0w0717e6&acs_rt=85ff93f48190446ba6e1a3afdb3ed8fd
.aliexpress.com/	1970-02-13 21:24:06	Name: aeu_cid Value: ab345720c5ee43bc842a1b35e626ad8d-1644762924160-06522-_d8O2mSk
.aliexpress.com/	1970-01-20 03:02:18	Name: xman_t Value: rwXzlBBcBN9UEbC1V2DsqrtI38sq4lAeUDT6H1LhVtS0qceImTZKwF/V6WXDDMBU
.aliexpress.com/	1970-02-13 21:24:06	Name: xman_f Value: nsvZPCEKvRgViTSK99QgWTGfscyEvEH43dKlbbtQIiBeF1RfiOfDqBBSC9aokIb8Nksb37mhsqoUPwNdlEqr4I6+MqlsSFUB9xgf5BkiW205K9xW89KlGg==
.aliexpress.com/	1970-02-13 21:24:06	Name: af_ss_a Value: 1
.iqbroker.com/	1970-01-20 01:33:02	Name: IsRestrictedCountry Value: false
.iqbroker.com/	1970-01-20 01:33:02	Name: IsRegulatedCountry Value: true
.iqbroker.com/	1970-01-20 01:33:02	Name: Country Value: de
.iqbroker.com/	1970-01-20 01:33:02	Name: CountryID Value: 78
.iqbroker.com/	1970-01-20 01:33:02	Name: landing Value: /lp/ultimate-trading/
.iqbroker.com/	1970-01-20 01:33:02	Name: aff Value: 7792
.iqbroker.com/	1970-01-20 01:33:02	Name: retrack Value:
.iqbroker.com/	1970-01-20 01:33:02	Name: affextra Value:
.iqbroker.com/	1970-01-20 01:33:02	Name: afftrack Value:
.iqbroker.com/	1970-01-20 01:33:02	Name: aff_model Value:
.iqbroker.com/	1970-01-20 01:33:02	Name: aff_ts Value: 2022-02-13T14:35:24Z
.iqbroker.com/	1970-01-20 01:33:02	Name: AffTrackGroup Value: Black_team_(partnerka)
.iqbroker.com/	1970-01-20 01:33:02	Name: Serv Value: NL
.iqbroker.com/	1970-01-20 01:33:02	Name: referrer Value: https://pubmedya.net/
.iqbroker.com/	1970-01-20 01:33:02	Name: AppID Value: id871125783
.iqbroker.com/	1970-01-20 01:33:02	Name: platform Value: 9
.iqbroker.com/	1970-01-20 01:33:02	Name: client_platform_id Value: 9
.iqbroker.com/	1970-01-20 01:33:02	Name: support_email Value: support@eu.iqoption.com
.iqbroker.com/	1970-01-20 01:33:02	Name: IsAppStoreCountry Value: true
.iqbroker.com/	1970-01-20 01:33:02	Name: RedirectDomain Value: iqoption.com
.iqbroker.com/	1970-01-20 01:33:02	Name: RedirectDomains Value: iqoption.com,iqtrading.asia
.iqbroker.com/	1970-01-20 01:33:02	Name: linkPolicy Value: /de/terms-and-conditions/privacy-policy-new
.iqbroker.com/	1970-01-20 01:33:02	Name: linkTerms Value: /de/terms-and-conditions/terms-and-conditions
ro.hotelscombined.com/	1970-01-21 00:52:42	Name: Apache Value: wRsOGA-AAABfvOChMM-82-ae38pg
ro.hotelscombined.com/	1970-01-20 00:52:45	Name: cluster Value: 5
ro.hotelscombined.com/	1969-12-31 23:59:59	Name: kayak.t Value: ZgRDRvgt8jwZoWAA83f9
ro.hotelscombined.com/	1969-12-31 23:59:59	Name: p1.med.sid Value: R-5eMnO9213TTgE6q3XYNti-XL9Tt3U0RyaejOu9AUfn0pHpbP_p6Bv49IUuubiCZ
ro.hotelscombined.com/	1970-01-20 01:35:54	Name: kanid Value: kan_172493
ro.hotelscombined.com/	1970-01-30 23:40:42	Name: languageCode Value: RO
ro.hotelscombined.com/	1970-01-30 23:40:42	Name: currencyCode Value: EUR
ro.hotelscombined.com/	1970-01-20 01:35:54	Name: a_aid Value: 172493
ro.hotelscombined.com/	1969-12-31 23:59:59	Name: brandId Value:
ro.hotelscombined.com/	1969-12-31 23:59:59	Name: label Value:
ro.hotelscombined.com/	1970-01-20 01:35:54	Name: Mobile Value: 0
ro.hotelscombined.com/	1970-01-20 01:35:54	Name: visitor Value: id=e3906be3-c768-4fe6-ae35-b7c43926254b&tracked=false
ro.hotelscombined.com/	1970-01-20 00:52:57	Name: visit Value: date=2022-02-14T01:35:24.263739+11:00&id=ddd6170c-175e-46be-80ca-d389709409c5
ro.hotelscombined.com/	1969-12-31 23:59:59	Name: QueryBasedAffiliate Value: 11
.iherb.com/	1970-01-20 09:38:18	Name: iher-pref1 Value: storeid=0
.iherb.com/	1970-01-20 09:38:18	Name: ih-preference Value: store=0
.iherb.com/	1970-01-20 01:02:47	Name: ihr-ea Value: PerformanceHorizon-1011liQgeRUf
.iherb.com/	1970-01-20 00:52:44	Name: __cf_bm Value: 0DwHb9ZoMcP2LBJEX85.YF_Wv4rkHRogsjbkr6ZWBGA-1644762924-0-ARR6gtkoJQdnCPjeEHG9MKsGOYk6H9QvrDRqS25y3EDwQh3tjdopfb7W7uLqv9IU2u2bNhCqhu/WajmFLnMVMsnA/od73xwtQ+Al4oFRKW/r
ro.hotelscombined.com/	1969-12-31 23:59:59	Name: kayak.mc Value: 300$ZgRDRvgt8jwZoWAA83f9$AQyA0qEdcnbtiOi7GMNazk161JMYTwTU3uepInpCKV71Uokou-sJBFSmSJOuhlfD1pvhIiT_QoJKxNB4MqEj2frPfd3T7WxbyqNCuDtZPdt5SZNc-Wo-5V3SA5wDy6UWjzeUUr-elfII4aLNpwrmE4jCFBLpDZ23SJ-bJBr0KBg_cWkQJX8675GqfaJqoBjB-_8km2GsHDRX6_T6q3pv_fF_rlEwn3F2sGpmAhQEgc5g5Z_s3h3mDUSCuoUAogU6qx0pq2nWFBoOq1Ap2wOreN225cMIJ4_bHyurvI1o8SpU
stripchat.com/	1970-01-20 00:54:05	Name: __cflb Value: 02DiuFntVtrkFMde1dj4D9CxNaLvjfJ7eDR4GEm9NBQnx
.thelotter.com/	1970-01-20 09:37:25	Name: visid_incap_1066313 Value: 8LDP4lpCSZmCUaPDuL2Q5SwXCWIAAAAAQUIPAAAAAACTP02yvgRrJGIhO/6iwwqi
.thelotter.com/	1969-12-31 23:59:59	Name: incap_ses_390_1066313 Value: k/32adPRsyXPAQS5gY9pBSwXCWIAAAAAhkT5+xaL+o6hi9DOdYUVyw==
.www.spartoo.ro/	1970-01-21 20:40:42	Name: sid Value: 984b8480b9cf43bfec8be8b360f0c344
.stripchat.com/	1970-01-20 03:02:18	Name: stripchat_com_guestId Value: d4194a64eeb0e87c14e71d7986c39c1836e70d32ec957e0b31e2984975a4
.stripchat.com/	1970-01-20 03:02:18	Name: stripchat_com_affiliateId Value: 73b0fbd3ee36ead2b74e59d3464a7035c57d58262dabefced6d54007bc244727
de.stripchat.com/	1970-01-20 00:54:05	Name: __cflb Value: 02DiuFntVtrkFMde1diFXc6auiQ5NotZkxrUfc4xesQ5a
.paxful.com/	1970-01-20 00:52:44	Name: __cf_bm Value: gGekvgPYRwm3hsvJfe6tGhh9.X0tswi3NYUZsiSBl7w-1644762924-0-ASMMMT3U4vq5Y9pzRaGLocbwLnfi798sqVL7s5iP1GtOjrSU94+5A/izz+fWz0v08v2DieE1/jRARFf9px9eQDg=
.chaturbate.com/	1970-01-20 01:35:54	Name: affkey Value: "eJwdi0EOgCAMBL9CejYSPBl+U6VgoiAp5WCMfzflNjuTfUH4BG8gUMR+CUwGMEY1mLg3VFF1Lk6RFQ+R2ry1tW+ZwoNzIbFaZVRes449j19Ltyvw/TQmHc0="
.chaturbate.com/	1970-01-21 00:51:16	Name: sbr Value: "sec:sbr3f398cbd-323e-49bf-947e-d81ea8b4caea:1nJFyG:1MqEE0fayJg61PuUugww9WKNxzU"
chaturbate.com/	1970-01-20 00:52:46	Name: py3 Value: true
.chaturbate.com/	1969-12-31 23:59:59	Name: fromaffiliate Value: 1
chaturbate.com/	1969-12-31 23:59:59	Name: us_hr8m Value: 1
chaturbate.com/	1970-01-20 01:35:54	Name: stcki Value: "pOtSwZ=0\054FqPd9a=0\054aDBbcK=1\0546pduSG=0\0540cCgb2=1"
chaturbate.com/	1970-01-20 00:59:54	Name: u_hr8m Value: 1
chaturbate.com/	1970-01-20 00:53:04	Name: noads Value: 1
.chaturbate.com/	1970-01-20 00:52:44	Name: __cf_bm Value: EkoP7qTe0CLvREpmeMWlYpz9LBcL49lM0OHpHadI8Rk-1644762924-0-AWi0ufaFgnSE0WUSfq+SrVsUPbd2BWqZb+2mwgB14jor8yIyR0oYI2D50QkM2FG2v0DG1vWhj5cH+Zz4AS8Ikzg=
remitano.com/	1970-01-20 01:02:47	Name: AWSALBCORS Value: vJ8kmLWy1Hzs3dDncYYK078pKg/OlMyaPyz0RhlQZOn3oNx8LSOTOinvAcaA3P2+Gb5tsY5E7VAoc3Gj09fgfAx+9R153hsvbTS98XX/vYvhN4YDLoCCa3gtsRlN
.canva.com/	1970-01-20 00:52:44	Name: __cf_bm Value: g7Ghlcfg.MqCwKNJHb2oXD9qih4eBASsATHJ191nwNk-1644762925-0-ASOd+oWrYd1Oi3dRcSv2Mj4r07yFuOxHwRjEGDF2A3Hs5d3VL7ZeLsRFzqGhAauoJJxREc4i9eZKF8qSQ88tuCA=
gleam.io/	1969-12-31 23:59:59	Name: XSRF-TOKEN Value: IWge9ffNLiyBqD7VsADg111hyUtje03Z2hXnG1DcPuy2inZPhjacMK%2F251NSTRW7RBijKP9QqQMjfV%2B51oxOXA%3D%3D
gleam.io/	1970-01-20 01:33:02	Name: _app_session Value: se36VRF0cc3tMOPTmXgqhcU5RwRThcu7l%2FFGeyM5m%2B%2FzpyIGHlpz%2BXhRdd1NUZuUziH5VGDi9q6XdlZ96j5gfAmdzkInFWDW6uMzUtsdkPPQaGM7g1MXLmlqCisSIgxhNoEBtO036yq%2FdhEExTCoZFo2dzvhDp6tx8%2F0uhM5rzyt5J1Zwd48iJbSBu5mvKujcQXs6suKepdJPwlvfz%2B%2BKxHrUKY42H7NYRVUPoNsMpxWBx8NiXLK9eTK9Ea6eFKurSQuWqCZvkRjXZhYsW8a8LhdmAneogl33XKdDwFeXZ817yfzkFzDbQDEzA%2B59xd0LXhWO%2F7BBu67Yk073db1BGWHQQ0fBjR6I2bJBt5TrfLv%2BEoZE15oyaz59DlRiqV%2FwGE8Ao%2FolcBd--ogEkDV5p1nUN%2FDJw--T54FyD618pRHrbS1cTaGlQ%3D%3D
.gleam.io/	1970-01-20 00:52:44	Name: __cf_bm Value: tbl6y5PhmFLrEiiwAMy6ERNzJuGCi0nU43KAuVDXom8-1644762925-0-AcW+srsXjGRxlGixwI9a1fDZlw0KIeVqBMDwqcca3gW4UJVryyHQ0+ugCGTQvPHFRUTIKyF077vGPVaTcgx90ac=
.banggood.com/	1970-01-20 03:02:18	Name: banggood_SID Value: 866a39378e9014b18249c3bde2e24ce5
www.banggood.com/	1970-01-20 01:02:47	Name: currency Value: EUR
.bongacams.com/	1969-12-31 23:59:59	Name: bonga20120608 Value: 1371a9460af6386b420e08f0bbd4d948
cex.io/	1969-12-31 23:59:59	Name: cex-session Value: s%3AO5WjADSznpEcYHjilmQVZlTF.4OCpiHFizCJarUujcRBfORggPeZZ2RxgY47es%2FWFTMM
.chaturbate.com/	1970-01-20 09:36:52	Name: csrftoken Value: Hl3rVoeekh8l3zIscvTXy8gaqM3dLFQYjoAmqJxidebsgE9vEysWDFFmG18xddqm
.mmstat.com/	1970-01-23 16:28:42	Name: cna Value: LQWQGiXv/WUCAcEbDhif994Y
.mmstat.com/	1969-12-31 23:59:59	Name: sca Value: f7962524
.aliexpress.com/	1970-01-27 08:04:42	Name: cna Value: LQWQGiXv/WUCAcEbDhif994Y
.bongacams.com/	1970-01-20 05:11:54	Name: BONGAH_HIT Value: 4a1dd1f4ece8d8ad246f2aacbc3b448a%3A%3A183346%3A%3Ahttps%3A%2F%2Fpubmedya.net%2F%3A%3A%3A%3A%3A%3A287325%3A%3A%3A%3A%3A%3A0%3A%3A0%3A%3A0%3A%3A0%3A%3A%3A%3A0%3A%3Adefault%3A%3A0%3A%3A2022-02-13%2016%3A35%3A25
.bongacams.com/	1970-01-20 09:38:18	Name: sg Value: 998
.bongacams.com/	1970-01-20 09:38:18	Name: warning18 Value: %5B%22de_DE%22%5D
.alibaba.com/	1969-12-31 23:59:59	Name: cookie2 Value: a16e47e37a3fc84313a58dfa14e8a107
.alibaba.com/	1970-01-23 14:18:40	Name: t Value: 524283218a66c9a8fe8b41be60d65030
.alibaba.com/	1969-12-31 23:59:59	Name: _tb_token_ Value: e889636b7d3fe
.aliexpress.com/	1970-01-20 05:11:54	Name: isg Value: BP39iKLiQxW8U-f5ON-H7dURDFD3mjHsAcvAcr9COdSD9h0oh-pBvMu0ojKw7Umk
.mmstat.com/	1969-12-31 23:59:59	Name: atpsida Value: 0340cad147c4d4df210a0110_1644762925_1
.miniinthebox.com/	1970-01-20 09:38:18	Name: first_visit_time Value: 1da90ab834dc0b452684a48dda0dc10a
.miniinthebox.com/	1970-01-20 00:52:44	Name: vela_s_c Value: 42
.miniinthebox.com/	1970-01-20 00:53:11	Name: vela_v_c Value: 42
.miniinthebox.com/	1970-01-20 01:02:47	Name: vela_w_c Value: 42
.miniinthebox.com/	1970-01-20 01:35:54	Name: vela_m_c Value: 42
.miniinthebox.com/	1970-01-20 03:02:18	Name: vela_3m_c Value: 42
.miniinthebox.com/	1970-01-20 01:35:54	Name: vela_m_ca Value: 42
.miniinthebox.com/	1970-01-20 00:52:44	Name: vela_s Value: 6209172d7519e
.miniinthebox.com/	1970-01-20 01:35:54	Name: vela_m Value: 6209172d751a8
.miniinthebox.com/	1970-01-20 03:02:18	Name: vela_3m Value: 6209172d751af
.miniinthebox.com/	1970-01-20 00:53:11	Name: vela_v Value: 6209172d751b4
.miniinthebox.com/	1970-01-20 01:02:47	Name: vela_w Value: 6209172d751ba
.miniinthebox.com/	1970-01-20 00:54:09	Name: vela_device Value: desktop
.miniinthebox.com/	1970-01-20 09:38:18	Name: vela_is_first_visit Value: 1
.miniinthebox.com/	1970-01-20 01:57:30	Name: affi Value: 664b08e55c41be35e1e822fee3b61691
.miniinthebox.com/	1970-01-20 03:02:18	Name: utm_source Value: gan
.miniinthebox.com/	1970-01-20 03:02:18	Name: feature Value: V7536_B%7CV1074681_B%7CV1081204-1_B%7CV1015700_B
.miniinthebox.com/	1970-01-20 01:35:54	Name: local Value: de%7CDE%7CEUR
.aliexpress.com/	1970-01-20 00:54:09	Name: xlly_s Value: 1

9 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://p2pb2b.io/?referral=5dacfd8f Message: Failed to load resource: the server responded with a status of 503 ()
network	error	URL: https://paxful.com/ru/?r=GzdvAoGWyQA Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://my5.roboforex.org/ru/?a=zkeb Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
network	error	URL: https://www.instaforex.com/?x=LVYG Message: Failed to load resource: the server responded with a status of 520 ()
javascript	warning	URL: https://assets.alicdn.com/g/secdev/sufei_data/3.9.9/index.js Message: The deviceorientation events are blocked by permissions policy. See https://github.com/w3c/webappsec-permissions-policy/blob/master/features.md#sensor-features
javascript	warning	URL: https://assets.alicdn.com/g??xlly/spl/rp.js,secdev/nsv/1.0.78/ns_e_88_3_f.js?v=1(Line 1) Message: The deviceorientation events are blocked by permissions policy. See https://github.com/w3c/webappsec-permissions-policy/blob/master/features.md#sensor-features
javascript	warning	URL: https://www.gandul.ro/stiri/un-adolescent-de-17-ani-inecat-therme-ce-spun-reprezentatii-complexului-19749318?utm_source=ZF+Articol&utm_medium=website&utm_campaign=fidmee Message: The resource https://live.demand.supply/p4/v14-0-0/d3d3LmdhbmR1bC5yby8= was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://www.gandul.ro/stiri/un-adolescent-de-17-ani-inecat-therme-ce-spun-reprezentatii-complexului-19749318?utm_source=ZF+Articol&utm_medium=website&utm_campaign=fidmee Message: The resource https://media.gandul.ro/unsafe/1260x709/smart/filters:contrast(5):format(webp):quality(80)/http://gandul.ro/wp-content/uploads/2022/02/97742870_1199456360400843_4737544756521861120_n.jpg was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://www.gandul.ro/stiri/un-adolescent-de-17-ani-inecat-therme-ce-spun-reprezentatii-complexului-19749318?utm_source=ZF+Articol&utm_medium=website&utm_campaign=fidmee Message: The resource https://media.gandul.ro/unsafe/768x432/smart/filters:contrast(5):format(webp):quality(80)/http://gandul.ro/wp-content/uploads/2022/02/97742870_1199456360400843_4737544756521861120_n.jpg was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.binance.com
admp-tc-sati.adtlgc.com
adx.adform.net
ae.mmstat.com
ae01.alicdn.com
aghtag.tech
agorahtag.tech
api.cxense.com
api.demand.supply
as-sec.casalemedia.com
assets.alicdn.com
audit-tcfv2.quantcast.mgr.consensu.org
bidder.criteo.com
bngpt.com
bongacams.com
c.amazon-adsystem.com
cdn.cxense.com
cdn.onesignal.com
cdn.unblockia.com
cex.io
chaturbate.com
code3.adtlgc.com
coinsbit.io
comcluster.cxense.com
de.banggood.com
de.bongacams.com
de.dhgate.com
de.iherb.com
de.stripchat.com
faucetcrypto.com
faucetpay.io
fourier.taobao.com
freebitco.in
gleam.io
googleads.g.doubleclick.net
gpsfront.aliexpress.com
gum.criteo.com
htlb.casalemedia.com
i.alicdn.com
id.cxense.com
img.onesignal.com
iqbroker.com
is.gd
js-sec.indexww.com
kinsta.com
litefinance.com
live.demand.supply
localbitcoins.com
match.adsrvr.org
media.gandul.ro
my5.roboforex.org
neuronales.xyz
odnaknopka.ru
offer.alibaba.com
onesignal.com
p1cluster.cxense.com
p2pb2b.io
pagead2.googlesyndication.com
paxful.com
prebid-eu.creativecdn.com
pubmedya.net
quantcast.mgr.consensu.org
rbfxdirect.com
remitano.com
ro.hotelscombined.com
rover.ebay.com
rtb.adpone.com
rules.quantcount.com
s.click.aliexpress.com
sale.aliexpress.com
scdn.cxense.com
secure.quantserve.com
securepubads.g.doubleclick.net
ssl.google-analytics.com
static.criteo.net
stripchat.com
test.quantcast.mgr.consensu.org
tsystatic.com
u.alicdn.com
views.cancan.ro
webcache.pp.ua
www.banggood.com
www.binance.com
www.canva.com
www.ebay.com
www.exness.com
www.exness.uk
www.forextime.com
www.gandul.info
www.gandul.ro
www.google-analytics.com
www.googletagmanager.com
www.googletagservices.com
www.iherb.com
www.instaforex.com
www.litefinance.com
www.liteforex.com
www.miniinthebox.com
www.nike.com
www.spartoo.ro
www.thelotter.com
www.tomtop.com
104.109.77.182
104.111.214.74
104.111.216.213
104.111.224.226
104.111.243.137
104.111.245.23
104.111.245.50
104.16.83.19
104.18.11.75
104.20.0.53
104.21.89.238
104.22.7.169
107.154.132.27
116.202.80.165
13.224.89.60
13.224.89.8
13.224.90.44
142.250.184.226
147.75.85.120
151.101.129.29
172.66.43.179
176.9.60.211
178.248.238.82
178.250.0.165
18.158.39.89
184.30.25.27
184.31.84.150
185.117.134.138
185.184.8.65
185.28.232.10
185.75.253.85
192.102.6.123
192.102.6.144
192.102.6.72
192.102.6.94
195.85.23.89
195.85.23.96
2.16.186.241
2.18.234.21
209.140.129.51
2408:4001:f00::f3
2600:9000:2190:5a00:9:46dc:4700:93a1
2600:9000:2190:ac00:3:a4cd:8380:93a1
2600:9000:2190:bc00:6:44e3:f8c0:93a1
2606:2800:235:1c73:1f86:1376:22ce:2cd
2606:4700:10::ac43:16c4
2606:4700:10::ac43:1e5d
2606:4700:10::ac43:557
2606:4700:20::6819:e935
2606:4700:20::681a:686
2606:4700:20::681a:6c9
2606:4700:20::681b:5171
2606:4700:20::ac43:49e4
2606:4700:20::ac43:4be2
2606:4700:3031::6815:4cf9
2606:4700:3031::ac43:81b0
2606:4700:3032::6815:4ae4
2606:4700::6810:8516
2606:4700::6810:8616
2606:4700::6811:3b3a
2606:4700::6811:7311
2606:4700::6812:6528
2606:4700::6812:99
2606:4700::6812:e234
2606:4700::6812:e763
2606:4700::6813:b729
2620:116:800d:21:36a9:ecb:e518:b308
2a00:1450:4001:80e::2008
2a00:1450:4001:80f::2008
2a00:1450:4001:810::200e
2a00:1450:4001:811::2002
2a00:1450:4001:827::2002
2a00:1450:4001:831::2002
2a02:2638:1::13
2a02:2638::3
2a02:26f0:6c00:2a7::268b
2a06:98c1:3120::7
2a06:98c1:3121::7
3.33.220.150
37.157.6.251
44.237.79.85
45.60.78.64
47.246.110.42
47.254.143.112
82.196.14.221
99.80.67.233
00d39bcb79d09253cb6d63796707d23469406080b2ffcfef47a9fba8b1a36eb5
01d7ffe9fc066a386ed1045b99001bae89d48c9bbb048a4dd43bb223c7b69e90
0382aaad6eb14c49bc35e75fee3ac688a58a8b0b3816e0802cf053b4a615e310
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0a40dea2ad8c38d54437a638dc460a19581857e6d8cf1883b5df58896bfa2489
0ae60fc6a8b82af9de5daf77968dd3c708bf1385a84ccb88ec9fd1cae4edd08b
0b58cb23782de79059d72a26ccefbff2590c3cf793f464a1460cd5e65c643134
0c2cbf8e701ee017fa7a3fb4f202d4542572ea8ba76ee678917635049e61aaa9
0d62300aa4b20dc39891778b4aeb2a11ef3302c111c1df9271d4579730b2d0e6
0e827346aa7bc7850d92185d5550127650f9daf100668fa0c8b0fe1ff4254d36
107f38816f8b522965b199e921da335a55438d9ab733eac1eb54e8af255ccda1
10cd123f9f70d7b842bd6a15ffd4a41ccd1b1fb64310e7b2f9d87e09e2f09533
11129876a78405216b9a79522017a3e2b204e69790637e941bf4f637654233bc
11384cf53ccc43781b3800b8299915ed16aa26466dee03da6f73cd13d95d353d
1181008c4d533ae52f2533ef482bb326ae0df168e10175d15c74a63ac86531d4
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
12cc51d94c0a48f10301c8b3641cc4e1f3ae6c598849f360da4c931332316a51
143d7967cd93ecf7ef34da6c8f3e2781dcb21164e99aeea04d053f805e7c5495
1458cebb34e92686ec440da645a290563a5dafb341ec0874379bec6655a51ec8
14e7db7ac94e5630b7c913a07a94a69cfe39044c3a4ffabba64b52d0fafcb5dd
1530aac11efe77d9e36cd4b41dd6da90a55271c5cf618911d7262e7e02b2834e
16e7e09559097312d131e3a5d9171161528470f5365226fa83a3bee4314071c3
196f8725ae92bf39e37f87cf10cb08665feed6e383d522083fc6d79858d3226e
1aeda7bc76ae0865178647144bdd612b499c12e5435264a96c931d569db8518f
1c0cab0b1de2ea45cdf2ad2a71645503f763e8747c077b65a38fc17605aa854a
1ce37b40dcd8a7d6dd6e2d5e36940aa74f4f42994bf3718ebc75ae7d188785eb
1f34abd643795da3cfe0826af6dc79bad5bf9a0e4e00dca9b38946b488785d07
252f958ab7334260744af174539c91fbc11457e99b7001adae9d952ec163e0d6
27f8499315b051dacd4d7e6473ca1ca28dd60917570d8d48cb3fabb221c9c82e
28ed259a66f24e12d3737d918032f4652905a26a38e8df6f987e64de5a38c44e
298d0041946e2b4f141262fa102741fdf30ef6f1ec3bd4670466fea1734e4a93
2c8ae0c883c62c03c5800ca91a31d1f0e00088683fb5f4131667c0504ce99e64
3035408a986ba6eefa34e2e5f3ff348f2f21053f3ce18f6ff320c8f7e0deaefb
32ed95b190974ab3c06dcbfe84decbe46ba5bf9ef759aaad201b053d06342d9e
33d9e41593440dc2a4d14d2b6bb46f408514d73412c7a3835e789a6c44b44ab3
35cc9007f7a9d3ee9b23ce45eb2d8e3b5b839fe6479c93670e92c3a68e9098f9
36aa85b5d97f76a381de07cdcc8f2bdecf7462384f8207f8a54d6aae1a40e4f6
3868ce2e26f01eb8255b66e28650e840d84a5b3fbbe9b5ae62736fb7987f8869
41b54fd8e7da53469be14104144a39a348c012aee9e597ceb3b979b77d99d18e
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
46415bfdc61eb61aed452afcc3ede66badba4a41a81bb7cc45c014a6fbeecca0
46823e6264c9023cc72c26ade0474674d0b2b18b1c496fe15f732d1bfee900e2
46a2dfbca7c60d870f73158ee8a66651d83595bccbe486861df2d66890794ea9
47a00c205ac23427984e572961850c21efd9d16502680c3876904f4a9840e61d
480b692711d4e10519693d698fffdf99866b25be2953772ce1c51f385c074ea8
486ba168351c19d6297fdb944a8c532ddb1c2be56b9f6b4404e60ddd044dc758
4990db2057afe64906afbe7c901e7e7439db6b0a93b67c6b01bf3954a973e12e
4ae689a5b37c61962b7f8702568778b5fe5afa464b5d7e21646cd6e75cdd0153
4bc6e73fbde05f6a231e0d39d1b5ebc4ace68951889713220c4a15272e733f0a
4c483342f6b6854fd49a77996a70c99e0f502a44c34d3119ab3fdb87f287d68e
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f53ca029c13aed819acf305863fc7ce376cc9dd03630b1ac4e177b744f686a2
517de6ba19fa6bbecd42631681f5bd816b5645c18d03499b9ce0e8b247ec5343
53380e9fd4b0c2d1d97ffdd41e929db5edecde579918fdb518f6e994191581d2
535be4b8bedf82433d210152dfb19dd4eaf5796c4e61c2be1c2ed356827b5580
540f1860bba67de8970966fc9f72c31d07910ea9428a8e0801f7fed98b48a807
544e774fc2fd3796265f83f0a118d91695dce18925f615f84d67cfbe5147b76a
55cb573b9e4698fde7bad8645ff43251753d854153f1c60faaf952c3f931da66
561aec52e5ec804ee143532298b8677dcf6da42fec6541484f50cdb94611d65b
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5a8d06baf419f749dc34351dec91a47b35026b6e2c8a82e6dde5a61ea2af6381
5ae832fce3a62e8ca665034351571312bcf0e165109a303f27d44a18e1bc1f24
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
5df9eee36a61ef8f89d39c04ff402ded30aa9c627b6ef2134f55fa0e8b537153
5eaca4a68ab44d3a73a4ea339b3074b1ecfe76c910a53784f7a5c3fdd2473b24
5f6c89067bc83bb63581f765c73b567140d8fe10f08e250cceec52ffb1a9397a
614004f83a52d51caf263df4f95a281fcfc0c4da500a7a6daab69fb538ee2020
63a1b7ff248936433183a9b63a967a15398521f5b700ea34e5d2bae48bf2d57d
67c9df4ca932fac2379e97fcf5d0922b17b1721add1b5ecad1415bca1da3f519
6a9fa133099e73e0fe032248c4458feb037e6d6c47d4ee16ced253b4194abb13
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6ddba1f102cb48d395bbf224367107ae24c018cb19c035f716572a1f8523f462
6f30b1f3a9167fd40f15fffbffa965e3526ed399a80ee272de18249f5bef2757
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
7512bf3b9ec62642bc0800d0ca3c5b8b37a1384814cc7a29d31f6823740fd403
7519019acfad65ba6e32c4add102ee02b9c781e311991a3b30e447574715065b
76f0ce7f8bf3411ccf620c50e9650bdc2da3503aeccc653e9acfb76ee84c38e2
773f7e361964893ac3e0d81021388b72fa225cdd63eeeee9a711352210ba500c
784acd540b5fcfb87c47dfe12e5311084ce692366a2ac196fd5cc8eb28ff4c23
7b57a7fd60cc98fc7d1a5ab5fef9e2a5271d94713a43b02cb44b911cfe647473
7c8898172b879d771a77be7f5b2133f8ccdd26eaafb36f653a0ca0ebce0216fb
7f1bd095e46c6a90271fb68ae230901b65f5ea79e10393db00802e2a8fba5e3e
80c2ec9b37b201bfc24e3db6313b4aef5d7e1567e7a28e235e0094d8f400ed2b
81ef130604ec4926d96cd5f765d1845e870ad662d39211faed6cc3d6509a3514
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4
89f22d5d48e9dc60ce475f61f1e31e152f6294cbabe48a49b7da23a1225e68d4
8df1a33972dd21047641b27a2482074444006296f1c13beffd36da2eb5a0342b
8f4b70778aa21c1c093c6acbad70c70b2e69d4d22e47d9405ee137db16ca050b
90ec3c93846a1a334c31b864830f0e6c9f7837c019afffd27a8154a3f795131f
92b5a21f280b2ec0c5ace3662020bb71bc18cb471b889682e6a2f7d98a2fe51e
94de641dbcf5a453defcf15386b00db280ed7881609e5ff3d535c98d54a1f884
95e8437579d865f9c28eb09d2b7822018e0bbb71a94e7c67ed91913e78c62432
97b5bf86bfd8028ddec41c07e946df8ba181962d5ce12b71dfff639536fb57b9
99341ba7670e94153b9a53dba35c2d4981cabeca6cb4f37f77f88fd30b11b592
99456b3711ac205efcbdbc08ae9dae0124aa6a94d0edf9701a80caa6fc38b5db
9d44738d23ad42c959887e4592962e1c4073025ec705ca237a33f1d3060f318c
a01469dcb9f4679340142394000c4db05b6ccc96f8c7ec0c70ce7bf3cd13b452
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a34949785dbf5ed9d3104700d0cdd7ccb60ddc8723d619dded4dad0fc1694566
a36eedcdede3108e74cbc7593170dc7955f0325125dde1cb649fb627751d278e
a575e2f63d79cdaf5a92b4453bfcaadb462119aa1216b4f28920e37e2d9b8e7b
a66cbaa6396f8b7923fffa0939d3ed8502aa3563963bab760f2e029c9a4602bd
a6e9baf39e743b080af5a4ab05a1383a0e39f8f0374e296b9cd33bc9f31a0e75
a70f53616993fbee9773d1800651be18910856f99e680ae852c4d6e02f6888fc
a96b20d5eb8d506a6c690ef870b0b4e8a928e00eb4d0e3dd217cf803803d4de2
ac18203e9b752c937d96d9dcad8147a3c832b8d678679e61dc27426d719b70e1
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
afae99894b4ae3af0641f5d47f7d95123f216405fa5ac467d5efdf2495d59a1b
b236dccee1a0d5280842bdff52b4005e2b0c9ee5d74a15db3e939c53306576d3
b24604bde2da70cf05fc0ecfd9b18f74e266adfda6b5c7aa4aad76507e00742e
b5a6563c92813ae7ed0e71c63e4a420964c6fa387e7a836d196d820b1a1187bf
b91e98b8ee14e7452814fa031d66aaad582a683f3651e2e4aceb5605e68f3ddb
b9cabd04cf61df3009c93a6373bc132a07e32db677dda9ec9c9dcd9afd8db730
b9eabffe9aace6cbdc1916932773ec9f2504266708b9395c286f0d8e5f639d31
baee049272b23bef0a1a5f69bec303a844dc431d25607426aba9f49161e69be5
bdd1579c84daab8cdd1e5a4f71b546c9eaa6a76418f83e0215c573523614c309
bf8c2b102a4fa637d407576e5820b598caa216067a35c53d9331a338937f76dd
bfc02e049a9f0f9ee103c673a20e7703df89aad62dfb38e9a5dbed0f6dbdc620
c0ff306c82a606868276b16286946ac7d28043323a1da9f91422470c5f58682b
c2015b18e18277331733c7ed55ff83147763161e631da4a2d2db7f4e37f3d1ee
c3007e1f92183b9442a6a88d5a77bafe07509b588ed299ace0cb03023930e234
c70c0f23a43839b2baf7e757a84c6226e112e7ea0d24a4a3afe2a15fce6cdadd
c77b8be20411a7d671a80e67cdad991dcf68d8ebc571f997e72ab0c3214e0bfe
c83c7670c31d4127fb493e87ba84436b9ac70c4ef71614027252eb671350d7c8
cd64ca5f9069e503002845b8044091bb47f0f7bfbf2fb94eb2a5bea705ed9c6a
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cfcab20aa21a4818bdc5b1c526319f37de98e28797c17a0beceb3bbb99ef1475
d50f08d04f6cc269dc20fa32f8a786a4a4121b2b8839748296aba996c810caf2
d7639ef9732adaf582c2006a5de74d4e4fa148e000abb6dfd2e2a9f3455490db
d90a3e8724f5f1a18ca679af2b7992bdf64f9921da1ab75df7150a6b7baa3cce
d95c0dad372bf0a75a701dbc888c4968cd5cea17f0944e6613227e90b0570898
db0a1a8888477b188d4e806d410b57c93398e92c2221c76aa2f2a1b9856a324f
db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7
dd6c8371bb4b3d5dbe4bf6c65ade32e34c121a618001f949f64ca9e2307c7744
e1b17c4d20dd9b8f6b2c6c976d4c175dcc03f15fee014043fe94b36fe4da15d4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4c08ae82c23e77fdf53506535dd7c31379a8343618b0ab1951d7f8c3d3e8d88
ea0577a936e0bb42aff1aa27b654a59413e276e9aee66729d89e5a57534c7bf8
ea2cfd052397a2a777ace87690d76dc8caa81d75a37d35639401e7e995bff377
eb530c53d63d87c35641b0d61b5a3d2e7fa1e814976d0c6803ba8def8b863d46
eb891945f4f3b5e5c2a05efb3821e2ce99929d17c0b6293bd556953e4891189b
f1527496e0b2d7ebacd8f57223c2b733c3f8f3bd7248274dbdbddea1e47b5fd3
f18406fab29423ac7a758be3c07d59f5bd85376bb0fc6758cc4a60e17d055e20
f2ee1716accd7bbb3942126b84c012d13ea0dce17bc12aa157293227f64b204a
f68a7ed4f1ebd0f96f62aebbf1f8facd71f9620c9accb1447d4bad4c664157dd
f70c6e0720a4769e224d4ceb25d9908ae0f9da93dac347971cac311be73b1022
f7ba1013a4ac19256053047d9c5837307a5b46362b9a6ddfe1ac05011bcdab64
fa8341e1e1d5298d96aa4791c6cf19daaccd0b0d29358e3a52261c013d0839ce
fa90ae4478f005d82a53a1ca9a161075fbf49bcbc7e0f21946d25771f8da49fe
fe40216e07f1870b98db5d50b9301fbdb2974ebf6760d03a43dd1ab106ade4f1

www.gandul.ro Open in urlscan Pro 2a06:98c1:3121::7 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

205 Requests

84 %HTTPS

44 %IPv6

74 Domains

102 Subdomains

77 IPs

12 Countries

2918 kBTransfer

7253 kBSize

119 Cookies

27 Outgoing links

Redirected requests

205 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.gandul.ro Open in urlscan Pro
2a06:98c1:3121::7 Public Scan

Screenshot
Live screenshot

Full Image

205
Requests

84 %
HTTPS

44 %
IPv6

74
Domains

102
Subdomains

77
IPs

12
Countries

2918 kB
Transfer

7253 kB
Size

119
Cookies

205 HTTP transactions
0 data transactions