mail.84-239-11-81.cprapid.com Open in urlscan Pro
84.239.11.81 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://mail.84-239-11-81.cprapid.com/
Submission: On May 16 via api (May 16th 2024, 9:13:10 am UTC) from US — Scanned from DE

Summary HTTP 54 Redirects Links 39 Behaviour Indicators

Summary

This website contacted 10 IPs in 5 countries across 7 domains to perform 54 HTTP transactions. The main IP is 84.239.11.81, located in Romania and belongs to BINBOX-GLOBAL-SERVICES, RO. The main domain is mail.84-239-11-81.cprapid.com.
TLS certificate: Issued by R3 on May 1st 2024. Valid for: 3 months.

This is the only time mail.84-239-11-81.cprapid.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	84.239.11.81 84.239.11.81	44679 (BINBOX-GL...) (BINBOX-GLOBAL-SERVICES)
1	2a00:1450:400... 2a00:1450:4001:811::2008	15169 (GOOGLE) (GOOGLE)
5	104.17.111.223 104.17.111.223	13335 (CLOUDFLAR...) (CLOUDFLARENET)
12	172.217.18.2 172.217.18.2	15169 (GOOGLE) (GOOGLE)
1 22	188.114.97.3 188.114.97.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:10:... 2606:4700:10::ac43:2794	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	172.67.39.148 172.67.39.148	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:830::2001	15169 (GOOGLE) (GOOGLE)
54	10

1 84.239.11.81 (Romania)

ASN44679 (BINBOX-GLOBAL-SERVICES, RO)

mail.84-239-11-81.cprapid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.17.111.223 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 172.217.18.2 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s22-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 188.114.97.3 (Amsterdam, Netherlands) 1 redirects

ASN13335 (CLOUDFLARENET, US)

ciolex.ro	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::ac43:2794 (United States)

ASN13335 (CLOUDFLARENET, US)

static.addtoany.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 172.67.39.148 (United States)

ASN13335 (CLOUDFLARENET, US)

static.addtoany.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
22	ciolex.ro 1 redirects ciolex.ro	758 KB
14	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 103 tpc.googlesyndication.com — Cisco Umbrella Rank: 164	261 KB
10	addtoany.com static.addtoany.com — Cisco Umbrella Rank: 4069	34 KB
5	onesignal.com cdn.onesignal.com — Cisco Umbrella Rank: 4680 onesignal.com — Cisco Umbrella Rank: 1554	77 KB
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2533	264 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	115 KB
1	cprapid.com mail.84-239-11-81.cprapid.com	37 KB
54	7

	Domain	Requested by
22	ciolex.ro	1 redirects mail.84-239-11-81.cprapid.com
12	pagead2.googlesyndication.com	mail.84-239-11-81.cprapid.com pagead2.googlesyndication.com
10	static.addtoany.com	mail.84-239-11-81.cprapid.com static.addtoany.com
4	cdn.onesignal.com	mail.84-239-11-81.cprapid.com cdn.onesignal.com
2	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
1	onesignal.com	cdn.onesignal.com
1	region1.google-analytics.com	www.googletagmanager.com
1	www.googletagmanager.com	mail.84-239-11-81.cprapid.com
1	mail.84-239-11-81.cprapid.com
54	9

This site contains links to these domains. Also see Links.

Domain
ciolex.ro
www.addtoany.com

Subject Issuer	Validity	Valid
www.ciolex.ro R3	`2024-05-01` - `2024-07-30`	3 months	crt.sh
*.google-analytics.com WR2	`2024-05-06` - `2024-07-29`	3 months	crt.sh
onesignal.com GTS CA 1P5	`2024-04-01` - `2024-06-30`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-05-06` - `2024-07-29`	3 months	crt.sh
ciolex.ro E1	`2024-04-21` - `2024-07-20`	3 months	crt.sh
static.addtoany.com E1	`2024-04-23` - `2024-07-22`	3 months	crt.sh
tpc.googlesyndication.com WR2	`2024-05-06` - `2024-07-29`	3 months	crt.sh

This page contains 6 frames:

Primary Page: https://mail.84-239-11-81.cprapid.com/
Frame ID: C2139A016C454D2B6770D9D42A153B28
Requests: 49 HTTP requests in this frame

Frame: https://static.addtoany.com/menu/sm.25.html
Frame ID: 0C9D816EDA6D76098541AA3559DDCF13
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/html/r20240513/r20110914/zrt_lookup_fy2021.html
Frame ID: 7B69C0F8A19B95E94D6E322DF73A914D
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-9277298805951083&output=html&adk=1812271804&adf=3025194257&abgtt=6&lmt=1715850783&plat=3%3A16%2C4%3A16%2C8%3A4194304%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A34635776%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fmail.84-239-11-81.cprapid.com%2F&host=ca-host-pub-2644536267352236&pra=5&wgl=1&easpi=0&aihb=0&asro=0&aslmct=0.7&asamct=0.7&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNC4wLjYzNjcuMjAxIixudWxsLDAsbnVsbCwiNjQiLFtbIkNocm9taXVtIiwiMTI0LjAuNjM2Ny4yMDEiXSxbIkdvb2dsZSBDaHJvbWUiLCIxMjQuMC42MzY3LjIwMSJdLFsiTm90LUEuQnJhbmQiLCI5OS4wLjAuMCJdXSwwXQ..&dt=1715850783488&bpp=1&bdt=730&idt=278&shv=r20240513&mjsv=m202405090101&ptt=9&saldr=aa&abxe=1&eoidce=1&nras=1&correlator=7384038430216&frm=20&pv=2&ga_vid=1377735202.1715850784&ga_sid=1715850784&ga_hid=1777173407&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31083587%2C95331983%2C95332917%2C31083610%2C95331711%2C95331954%2C95332415&oid=2&pvsid=3735958540682842&tmod=2129814921&uas=0&nvt=1&fsapi=1&fc=1920&brdim=1570%2C1170%2C1570%2C1170%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&ifi=1&uci=a!1&fsb=1&dtd=308
Frame ID: 936AEBAD57B345CB8EE3791A6535E64F
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-9277298805951083&output=html&h=280&slotname=7733028789&adk=2124071707&adf=545111591&pi=t.ma~as.7733028789&w=1200&abgtt=6&fwrn=4&fwrnh=100&lmt=1715850783&rafmt=1&format=1200x280&url=https%3A%2F%2Fmail.84-239-11-81.cprapid.com%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNC4wLjYzNjcuMjAxIixudWxsLDAsbnVsbCwiNjQiLFtbIkNocm9taXVtIiwiMTI0LjAuNjM2Ny4yMDEiXSxbIkdvb2dsZSBDaHJvbWUiLCIxMjQuMC42MzY3LjIwMSJdLFsiTm90LUEuQnJhbmQiLCI5OS4wLjAuMCJdXSwwXQ..&dt=1715850783489&bpp=2&bdt=730&idt=324&shv=r20240513&mjsv=m202405090101&ptt=9&saldr=aa&abxe=1&eoidce=1&prev_fmts=0x0&nras=1&correlator=7384038430216&frm=20&pv=1&ga_vid=1377735202.1715850784&ga_sid=1715850784&ga_hid=1777173407&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=8&ady=182&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31083587%2C95331983%2C95332917%2C31083610%2C95331711%2C95331954%2C95332415&oid=2&pvsid=3735958540682842&tmod=2129814921&uas=0&nvt=1&fc=1920&brdim=1570%2C1170%2C1570%2C1170%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&ifi=2&uci=a!2&fsb=1&dtd=334
Frame ID: 1467AE814D65896466FB71A3CF5C90B6
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 733E24CFC58902098AF8FEAE6A19ADD9
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

CIOLEX.RO | ALL DREAMS -

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

AddToAny (Widgets) Expand

Overall confidence: 100%
Detected patterns

addtoany\.com/menu/page\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

OneSignal (Marketing automation) Expand

Overall confidence: 100%
Detected patterns

cdn\.onesignal\.com

Page Statistics

54
Requests

94 %
HTTPS

44 %
IPv6

7
Domains

9
Subdomains

10
IPs

5
Countries

1282 kB
Transfer

2762 kB
Size

4
Cookies

39 Outgoing links

These are links going to different origins than the main page.

URL: https://ciolex.ro/

Search URL Search Domain Scan URL

URL: https://ciolex.ro/horoscop-11-mai-2023-cu-neti-sandu-cine-primeste-un-rezultat-favorabil-la-scoala-sau-la-un-interviu-pentru-un-job/

Search URL Search Domain Scan URL

URL: https://ciolex.ro/category/stiri/
Title: ȘTIRI NOI

Search URL Search Domain Scan URL

URL: https://ciolex.ro/category/horoscop-astrologie/
Title: HOROSCOP & ASTROLOGIE

Search URL Search Domain Scan URL

URL: https://ciolex.ro/category/sanatate/
Title: SANATATE SI NUTRITIE

Search URL Search Domain Scan URL

URL: https://ciolex.ro/category/despre-masini/
Title: DESPRE MASINI

Search URL Search Domain Scan URL

URL: https://ciolex.ro/category/probleme-auto/
Title: PROBLEME AUTO

Search URL Search Domain Scan URL

URL: https://ciolex.ro/continuare-sfatul-zilei-de-miercuri-28-februarie-2024/

Search URL Search Domain Scan URL

URL: https://ciolex.ro/author/ciolex/
Title: ciolex

Search URL Search Domain Scan URL

URL: https://ciolex.ro/sfatul-zilei-de-miercuri-28-februarie-2024/

Search URL Search Domain Scan URL

URL: https://ciolex.ro/continuare-horoscopul-zilei-de-miercuri-28-februarie-2024/

Search URL Search Domain Scan URL

URL: https://ciolex.ro/horoscopul-zilei-de-miercuri-28-februarie-2024/

Search URL Search Domain Scan URL

URL: https://ciolex.ro/ce-este-interzis-sa-faci-pe-24-februarie-superstitii-si-traditii-de-dragobete-care-alunga-ghinionul/

Search URL Search Domain Scan URL

URL: https://www.addtoany.com/share#url=https%3A%2F%2Fciolex.ro%2Fce-este-interzis-sa-faci-pe-24-februarie-superstitii-si-traditii-de-dragobete-care-alunga-ghinionul%2F&title=Ce%20este%20interzis%20s%C4%83%20faci%20pe%2024%20februarie.%20Supersti%C8%9Bii%20%C8%99i%20tradi%C8%9Bii%20de%20Dragobete%20care%20alung%C4%83%20ghinionul
Title: Teilen

Search URL Search Domain Scan URL

URL: https://ciolex.ro/care-sunt-cele-mai-puternice-blesteme-cum-iti-dai-seama-ca-cineva-a-trimis-fortele-raului-asupra-ta/

Search URL Search Domain Scan URL

URL: https://ciolex.ro/la-multi-ani-2024-cele-mai-frumoase-mesaje-pentru-familie-si-prieteni/

Search URL Search Domain Scan URL

URL: https://ciolex.ro/cum-sa-ai-cel-mai-pufos-cozonac-o-sa-te-invidieze-toata-lumea-trucul-acesta-este-stiut-numai-de-gospodinele-de-la-tara/

Search URL Search Domain Scan URL

URL: https://ciolex.ro/femeile-care-piloteaza-bmw-uri/

Search URL Search Domain Scan URL

URL: https://www.addtoany.com/share#url=https%3A%2F%2Fciolex.ro%2Ffemeile-care-piloteaza-bmw-uri%2F&title=FEMEILE%20care%20PILOTEAZA%20BMW-URI
Title: Teilen

Search URL Search Domain Scan URL

URL: https://ciolex.ro/ce-masina-testeaza-groupe-renault-dacia-mioveni-in-romania/

Search URL Search Domain Scan URL

URL: https://ciolex.ro/cum-restez-pedala-de-acceleratie-la-bmw-e46/

Search URL Search Domain Scan URL

URL: https://ciolex.ro/totul-despre-carligul-de-remorcare-la-autovehicul/

Search URL Search Domain Scan URL

URL: https://ciolex.ro/totul-despre-alternatorul-de-la-masina-ce-rol-are-de-ce-se-strica-cum-se-verifica-cat-costa-si-cand-trebuie-inlocuit/

Search URL Search Domain Scan URL

URL: https://ciolex.ro/bautura-din-patrunjel-care-te-scapa-de-oboseala-este-inventia-unui-medic-roman-simti-un-fel-de-zguduitura-in-corp/

Search URL Search Domain Scan URL

URL: https://www.addtoany.com/share#url=https%3A%2F%2Fciolex.ro%2Fbautura-din-patrunjel-care-te-scapa-de-oboseala-este-inventia-unui-medic-roman-simti-un-fel-de-zguduitura-in-corp%2F&title=B%C4%83utura%20din%20p%C4%83trunjel%20care%20te%20scap%C4%83%20de%20oboseal%C4%83.%20Este%20inven%C8%9Bia%20unui%20medic%20rom%C3%A2n%3A%20%E2%80%9DSim%C8%9Bi%20un%20fel%20de%20zguduitur%C4%83%20%C3%AEn%20corp%E2%80%9D
Title: Teilen

Search URL Search Domain Scan URL

URL: https://ciolex.ro/principalele-mituri-despre-monturi-ce-sunt-de-fapt-si-cum-putem-preveni-aparitia-acestora/

Search URL Search Domain Scan URL

URL: https://ciolex.ro/ceaiul-pe-care-trebuie-sa-l-bei-obligatoriu-pentru-o-memorie-perfecta-ce-spune-medicul-vlad-ciurea/

Search URL Search Domain Scan URL

URL: https://ciolex.ro/cum-sa-scapi-de-cearcane-cosuri-puncte-negre-si-herpes-prin-metode-traditionale-dovedite/

Search URL Search Domain Scan URL

URL: https://ciolex.ro/10-oameni-explica-ce-inseamna-dragostea-pentru-ei-trebuie-sa-le-cunosti-si-tu/

Search URL Search Domain Scan URL

URL: https://ciolex.ro/horoscop-zilnic-pentru-marti-27-februarie-2024-gemenii-pot-lua-decizii-gresite/
Title: Horoscop zilnic pentru marți, 27 februarie 2024. Gemenii pot lua decizii greșite

Search URL Search Domain Scan URL

URL: https://ciolex.ro/mesajul-astrelor-pentru-zodii-27-februarie-2024-berbecul-are-multe-planuri-schimbare-pentru-gemeni/
Title: Mesajul astrelor pentru zodii, 27 februarie 2024. Berbecul are multe planuri, schimbare pentru Gemeni

Search URL Search Domain Scan URL

URL: https://ciolex.ro/cele-patru-zodii-care-dau-lovitura-pana-pe-1-martie-2024-sunt-pe-val-primesc-bani-cu-nemiluita-si-isi-pot-schimba-viata/
Title: Cele patru zodii care dau lovitura până pe 1 martie 2024. Sunt pe val, primesc bani cu nemiluita și își pot schimba viața

Search URL Search Domain Scan URL

URL: https://ciolex.ro/horoscop-rune-luna-martie-2024-mihai-voropchievici-atentionare-pentru-3-zodii/
Title: Horoscop rune luna martie 2024. Mihai Voropchievici, atenționare pentru 3 zodii

Search URL Search Domain Scan URL

URL: https://ciolex.ro/continuare-sfatul-zilei-de-marti-27-februarie-2024/
Title: Continuare: Sfatul zilei de marți, 27 februarie 2024. Nu toți nativii încep săptămâna cu bine.

Search URL Search Domain Scan URL

URL: https://ciolex.ro/sfatul-zilei-de-marti-27-februarie-2024/
Title: Sfatul zilei de marți, 27 februarie 2024. Nu toți nativii încep săptămâna cu bine.

Search URL Search Domain Scan URL

URL: https://ciolex.ro/?page_id=4650&preview=true/
Title: Termeni si Conditii

Search URL Search Domain Scan URL

URL: https://ciolex.ro/cookie-policy/
Title: Cookie Policy

Search URL Search Domain Scan URL

URL: https://ciolex.ro/?page_id=3&preview=true
Title: Politică de confidențialitate

Search URL Search Domain Scan URL

URL: https://www.addtoany.com/
Title: AddToAny

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 25

https://ciolex.ro/wp-content/cache/autoptimize/js/autoptimize_a76d83d2f9c6913fa16c682081910593.js HTTP 302
https://ciolex.ro/wp-content/cache/autoptimize/js/autoptimize_fallback.js

54 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
mail.84-239-11-81.cprapid.com/ 148 KB
37 KB 535ms
70ms Document
text/html 84.239.11.81
BINBOX-GLOBAL-SER...

General

Check archive.org

Show headers Download Go to

Full URL: https://mail.84-239-11-81.cprapid.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 84.239.11.81 , Romania, ASN44679 (BINBOX-GLOBAL-SERVICES, RO),
Reverse DNS
Software: Apache /
Resource Hash: fe7ff7316dfe51144735b1f4573d94c04b628896e623c5fb912d3ecc6fbc1a63

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

Connection: keep-alive, Keep-Alive
Content-Encoding: gzip
Content-Length: 38096
Content-Type: text/html; charset=UTF-8
Date: Thu, 16 May 2024 09:13:02 GMT
Keep-Alive: timeout=5, max=100
Server: Apache
Vary: Accept-Encoding
X-Cache-Handler: cache-enabler-engine

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 349 KB
115 KB 129ms
58ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-K0HCG54YRS

Requested by

Host: mail.84-239-11-81.cprapid.com
URL: https://mail.84-239-11-81.cprapid.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c88ef6bd1374e21b46e52fdb449b7fb3ec4f92339cdbe56464086050bec65410

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://mail.84-239-11-81.cprapid.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 09:13:02 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 117843
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 16 May 2024 09:13:02 GMT

GET
H3 200 OneSignalSDK.js Show response
cdn.onesignal.com/sdks/ 9 KB
3 KB 82ms
38ms Script
application/javascript 104.17.111.223
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.onesignal.com/sdks/OneSignalSDK.js

Requested by

Host: mail.84-239-11-81.cprapid.com
URL: https://mail.84-239-11-81.cprapid.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.111.223 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4191d89ec03bce5dc273716075335e31851031184b0fff0ab9fc900a8442019f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://mail.84-239-11-81.cprapid.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 09:13:02 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains
age: 1556
etag: W/"a87c48d211877c49b878679b2e3cdab8"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 884a3fe09df437ce-FRA
access-control-allow-headers: OneSignal-Subscription-Id
alt-svc: h3=":443"; ma=86400
expires: Sun, 19 May 2024 09:13:02 GMT

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 151 KB
51 KB 128ms
76ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9277298805951083

Requested by

Host: mail.84-239-11-81.cprapid.com
URL: https://mail.84-239-11-81.cprapid.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

cafe /

Resource Hash

f461ddc311999693c9af33d3563dea2e81295b2117cab77a66c8562a6f21658e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://mail.84-239-11-81.cprapid.com/
Origin: https://mail.84-239-11-81.cprapid.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 09:13:03 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52160
x-xss-protection: 0
server: cafe
etag: 12904987357586130625
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Thu, 16 May 2024 09:13:03 GMT

GET
H3 200 h754.css
ciolex.ro/wp-content/cache/wpfc-minified/k0hb2w6e/ 20 B
487 B 564ms
511ms Stylesheet
text/css 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ciolex.ro/wp-content/cache/wpfc-minified/k0hb2w6e/h754.css
Requested by: Host: mail.84-239-11-81.cprapid.com
URL: https://mail.84-239-11-81.cprapid.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7f46e16eda1fc7b95637ec47468901d9704ffd44d7cb738c13d3caffad39796b

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://mail.84-239-11-81.cprapid.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 09:13:03 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Thu, 16 May 2024 09:13:03 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RUNJ33lR8lZaD2MBRF0PPsrQgcIoDPvck3AN7HDuzqay0JVZNt2SAipitHp6tpqwpfFFK%2B%2B6h0kF1QLE1dN10pfO%2By2QH4BcA41VUcx%2BHapnzqYA%2FtS1EBm1QQQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css;charset=UTF-8
cache-control: max-age=16070400
accept-ranges: bytes
cf-ray: 884a3fe0ac4a9bdd-FRA
alt-svc: h3=":443"; ma=86400
content-length: 40

GET
H2 200 page.js Show response
static.addtoany.com/menu/ 3 KB
2 KB 103ms
37ms Script
application/javascript 2606:4700:10::ac43:2794
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/page.js

Requested by

Host: mail.84-239-11-81.cprapid.com
URL: https://mail.84-239-11-81.cprapid.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:2794 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6e0cc78c402cbc02fdfd41cd77c5fd6ffbd8066cc07935ea8eb5f3fcc59744a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://mail.84-239-11-81.cprapid.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 09:13:03 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 21766
content-encoding: br
alt-svc: h3=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
cf-bgj: minify
server: cloudflare
etag: W/"e346c2841e4abbb66ee259e9540abb61"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Xjq7QFbi12VLG54U%2Bjg5quy%2FqZWru17BHm6PirUOYF94VC2B7wKgRRo6Tq0MWiJPYNcOnO%2BzleFhfMH2CV3E8h8WUqGEd6QTErTt6AGLBVlmKbsyuCHSr1v00lL3d2%2BHGJuSTSjs"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400, stale-while-revalidate=30, public
cf-ray: 884a3fe4df459290-FRA

GET
H3 200 h754.js Show response
ciolex.ro/wp-content/cache/wpfc-minified/7vp7b1nl/ 86 KB
31 KB 653ms
601ms Script
text/js 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ciolex.ro/wp-content/cache/wpfc-minified/7vp7b1nl/h754.js
Requested by: Host: mail.84-239-11-81.cprapid.com
URL: https://mail.84-239-11-81.cprapid.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 52de21e1ba9eba192b9e121375fce0310603a46d823618e0f3565303029071a6

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://mail.84-239-11-81.cprapid.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 09:13:03 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 16 May 2024 09:13:03 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6U4yWjwcspmg3at2kIUnuLYcnYiam9jcb%2FkGwnetUT8SA%2FUxYU2lXfxWfKAwk5ZXL3%2BEGdUrqiey2UnKMr%2BqapC%2Bd4Ez5UzcWw8I5ZXz5Y4qLTGKrhuOki8dr3U%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/js;charset=UTF-8
cache-control: max-age=16070400
cf-ray: 884a3fe0ac4d9bdd-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 152 KB
51 KB 70ms
70ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9277298805951083&host=ca-host-pub-2644536267352236

Requested by

Host: mail.84-239-11-81.cprapid.com
URL: https://mail.84-239-11-81.cprapid.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

cafe /

Resource Hash

bb479a93edef0e0af265b0a32313d0187c1e571e1148e33b5f8d9c312ebe9c72

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://mail.84-239-11-81.cprapid.com/
Origin: https://mail.84-239-11-81.cprapid.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 09:13:03 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52433
x-xss-protection: 0
server: cafe
etag: 15168654359719992972
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Thu, 16 May 2024 09:13:03 GMT

GET
H3 200 cropped-cropped-CioLex.png
ciolex.ro/wp-content/uploads/2020/10/ 23 KB
24 KB 87ms
35ms Image
image/png 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ciolex.ro/wp-content/uploads/2020/10/cropped-cropped-CioLex.png
Requested by: Host: mail.84-239-11-81.cprapid.com
URL: https://mail.84-239-11-81.cprapid.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cfd2def8f0fec107e64f24450431f101b9904a7d00b4207a01549188fd6eda15

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://mail.84-239-11-81.cprapid.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 09:13:02 GMT
cf-cache-status: HIT
last-modified: Tue, 02 Nov 2021 11:16:11 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4707980
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XiWsvaGjhzGChmTnH5A%2BRIX4hOuxjiQsmtsNlmIN6qG%2BvVDzEOEQIzp0Lyl%2FShOIyEjYIcjssGfs5lrxn%2Fx0k57v4jQZ50iLisGfBJlOPD9jLasnX8P3Oug%2FBKo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=16070400
accept-ranges: bytes
cf-ray: 884a3fe0ac499bdd-FRA
alt-svc: h3=":443"; ma=86400
content-length: 24032
expires: max-age=A10368000, public

GET
H3 200 mihai-voropchievici-sfatul-zilei-ascendent-in-zodii-ciolex.ro_-392x272.png
ciolex.ro/wp-content/uploads/2023/01/ 161 KB
161 KB 243ms
191ms Image
image/png 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ciolex.ro/wp-content/uploads/2023/01/mihai-voropchievici-sfatul-zilei-ascendent-in-zodii-ciolex.ro_-392x272.png
Requested by: Host: mail.84-239-11-81.cprapid.com
URL: https://mail.84-239-11-81.cprapid.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 61941fe8907f1fefdb970e8ade2543f3e1f63a1ecac90412423fbae91f362d90

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://mail.84-239-11-81.cprapid.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 09:13:02 GMT
cf-cache-status: MISS
last-modified: Sun, 29 Jan 2023 18:53:03 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=b6cMVNp5Ydg3YJcoeuhAW1pyPY1OYOactl5y2zo5R4llLu%2BgR28ca6KjsFz%2FLC6UJEHQ5QDD0RJ%2FxDWPHlulXxzj%2F5KQ3gA%2B0HIYYve30woT2hVTxWC1hQJSTEE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=16070400
accept-ranges: bytes
cf-ray: 884a3fe0ac449bdd-FRA
alt-svc: h3=":443"; ma=86400
content-length: 164453
expires: max-age=A10368000, public

GET
H3 200 horoscop-zilnic-ciolex.ro_-2-392x272.jpg
ciolex.ro/wp-content/uploads/2023/10/ 28 KB
28 KB 209ms
158ms Image
image/jpeg 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ciolex.ro/wp-content/uploads/2023/10/horoscop-zilnic-ciolex.ro_-2-392x272.jpg
Requested by: Host: mail.84-239-11-81.cprapid.com
URL: https://mail.84-239-11-81.cprapid.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8215538fc3fb8173dd69cd0b194a34a2048b8055651234bbf09eb8758aab6d4b

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://mail.84-239-11-81.cprapid.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 09:13:02 GMT
cf-cache-status: MISS
last-modified: Tue, 24 Oct 2023 19:06:45 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SoxXmY%2BPBOGNx9%2BrJLAV%2BJtq4DbKxP56sPuddTxCwoEum9b0ykFeOxhwat47tSSWX0fSLZXJH71%2F%2By58IFm4F1VrjFz10RfR0Np5iAWw2H86yVu5Slgraaf1YxI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=16070400
accept-ranges: bytes
cf-ray: 884a3fe0ac489bdd-FRA
alt-svc: h3=":443"; ma=86400
content-length: 28610
expires: max-age=A10368000, public

GET
H3 200 image-91-390x205.png
ciolex.ro/wp-content/uploads/2024/02/ 151 KB
151 KB 193ms
192ms Image
image/png 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ciolex.ro/wp-content/uploads/2024/02/image-91-390x205.png
Requested by: Host: mail.84-239-11-81.cprapid.com
URL: https://mail.84-239-11-81.cprapid.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7a92d0135c865237c8d0544e7495168f84437004123d9eb87049c02696630cff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://mail.84-239-11-81.cprapid.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 09:13:03 GMT
cf-cache-status: MISS
last-modified: Fri, 23 Feb 2024 19:12:28 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=i4U9%2FwuSHDNrD8bH6AowcTTc4oHhv3DmmVFE8mcrKtUc8GNT4yQKxQbT7A8gjxsUrXvw6yd9aOGEQ0gO673JA2LBTUe%2BQYUOsfyJM5oTaR%2FK6ev9K2eMfevBNFw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=16070400
accept-ranges: bytes
cf-ray: 884a3fe488769bdd-FRA
alt-svc: h3=":443"; ma=86400
content-length: 154151
expires: max-age=A10368000, public

GET
H3 200 image-75-130x90.png
ciolex.ro/wp-content/uploads/2024/02/ 29 KB
29 KB 171ms
169ms Image
image/png 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ciolex.ro/wp-content/uploads/2024/02/image-75-130x90.png
Requested by: Host: mail.84-239-11-81.cprapid.com
URL: https://mail.84-239-11-81.cprapid.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8785ba0bcc7694b6ac253bfcf41e89a62638d6de51398f982b91a72a4c41dc19

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://mail.84-239-11-81.cprapid.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 09:13:03 GMT
cf-cache-status: MISS
last-modified: Tue, 20 Feb 2024 08:11:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RW5T2ey4ZPX6KvM4FO0JWKYUB%2Bquhl3jgWyUzpWmXdJi8DixiyribwonRH00Fzn00nazYP9fJB8Mv%2BZJF5RTC5UqbBNVcmf9HJz5nXMt0HI3VqdbkYY3EDRztOI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=16070400
accept-ranges: bytes
cf-ray: 884a3fe488819bdd-FRA
alt-svc: h3=":443"; ma=86400
content-length: 29685
expires: max-age=A10368000, public

GET
H3 200 LA-MULTI-ANI-2024-130x90.png
ciolex.ro/wp-content/uploads/2023/12/ 29 KB
29 KB 167ms
165ms Image
image/png 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ciolex.ro/wp-content/uploads/2023/12/LA-MULTI-ANI-2024-130x90.png
Requested by: Host: mail.84-239-11-81.cprapid.com
URL: https://mail.84-239-11-81.cprapid.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 31fd59cd740a8265c6734a57e23a814efa09c14561ec1583a2a77e3746dc4b6e

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://mail.84-239-11-81.cprapid.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 09:13:03 GMT
cf-cache-status: MISS
last-modified: Sun, 31 Dec 2023 19:36:49 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DFxU4j5SJVJZVUy1idtF6MjLF7ya9eOGtv6Oeu9OQ6IGd3WQnF1ugaXIk8g9FvEbrexnjovhv1Gyczfc7PkRntrWfICdF4a43kFDmqK5dIPcvmIJHHSX%2FZRRymk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=16070400
accept-ranges: bytes
cf-ray: 884a3fe488829bdd-FRA
alt-svc: h3=":443"; ma=86400
content-length: 29269
expires: max-age=A10368000, public

GET
H3 200 image-100-130x90.png
ciolex.ro/wp-content/uploads/2023/12/ 31 KB
31 KB 1420ms
1418ms Image
image/png 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ciolex.ro/wp-content/uploads/2023/12/image-100-130x90.png
Requested by: Host: mail.84-239-11-81.cprapid.com
URL: https://mail.84-239-11-81.cprapid.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d184d9c5bb8bd2546ac802476f8faa75b83f5f80d66d79268173a6ce0202b675

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://mail.84-239-11-81.cprapid.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 09:13:04 GMT
cf-cache-status: MISS
last-modified: Sun, 24 Dec 2023 07:16:48 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=I3%2BS531STIf1gi%2F7xrwgCosrhQ6rMxXI9iuOBEqD4s2GEVFPVPFrt4jXxFb79dnQKl6ulEZR7z6jeb2d2UIwKgPdFeXXOKFHZmTrO5G40Z15I8lwrna45lnnU3U%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=16070400
accept-ranges: bytes
cf-ray: 884a3fe488859bdd-FRA
alt-svc: h3=":443"; ma=86400
content-length: 31595
expires: max-age=A10368000, public

GET
H3 200 femeile-la-bmw-ciolex.ro_-390x205.jpg
ciolex.ro/wp-content/uploads/2020/07/ 17 KB
18 KB 43ms
41ms Image
image/jpeg 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ciolex.ro/wp-content/uploads/2020/07/femeile-la-bmw-ciolex.ro_-390x205.jpg
Requested by: Host: mail.84-239-11-81.cprapid.com
URL: https://mail.84-239-11-81.cprapid.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 18763cf06c318139a7363fe7f0d3e16c993f8c6a8b1d460f9b33d347ed036b64

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://mail.84-239-11-81.cprapid.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 09:13:03 GMT
cf-cache-status: HIT
last-modified: Mon, 06 Jul 2020 19:07:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 80531
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WAb%2BLS8Du%2FQ0800hdMlC0%2FTxSXLWVvAfWBk3Rt%2FmS%2FCG1F0qfUfyN%2F19ZcFFNfY7ibYbyS0%2BFlpGJvo4bN08ISFq4RX%2Fvd5Z51VXyRmwuoZwM7OJ3h2%2BEErE8%2Bc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=16070400
accept-ranges: bytes
cf-ray: 884a3fe488869bdd-FRA
alt-svc: h3=":443"; ma=86400
content-length: 17485
expires: max-age=A10368000, public

GET
H3 200 dacia-logan-3-ciolex.ro_-130x90.jpg
ciolex.ro/wp-content/uploads/2020/07/ 5 KB
6 KB 142ms
141ms Image
image/jpeg 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ciolex.ro/wp-content/uploads/2020/07/dacia-logan-3-ciolex.ro_-130x90.jpg
Requested by: Host: mail.84-239-11-81.cprapid.com
URL: https://mail.84-239-11-81.cprapid.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1c204871cef5ace748cfb6800788e9b959d97d52fb447da5841379fb291604b3

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://mail.84-239-11-81.cprapid.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 09:13:03 GMT
cf-cache-status: MISS
last-modified: Thu, 02 Jul 2020 18:43:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aCDpbVf5p5hSx1o29RlKX2%2FU%2FKI2hp3D1DScIqYUgeJOiU3YUR43F6ubQvKusR1WmSqH0x3t%2FxnWtcQ9pfENJU0FmorkNbFDWyvj9ASZBxta%2FISxF0cw9AgyLUE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=16070400
accept-ranges: bytes
cf-ray: 884a3fe488889bdd-FRA
alt-svc: h3=":443"; ma=86400
content-length: 5285
expires: max-age=A10368000, public

GET
H3 200 resetare-pedala-acceleratie-bmw-e46-ciolex.ro_-130x90.jpg
ciolex.ro/wp-content/uploads/2020/06/ 4 KB
5 KB 141ms
139ms Image
image/jpeg 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ciolex.ro/wp-content/uploads/2020/06/resetare-pedala-acceleratie-bmw-e46-ciolex.ro_-130x90.jpg
Requested by: Host: mail.84-239-11-81.cprapid.com
URL: https://mail.84-239-11-81.cprapid.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ad707419188b582049adacb5e60aa0825014f4edeed367b6ba8dfd9be3e57038

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://mail.84-239-11-81.cprapid.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 09:13:03 GMT
cf-cache-status: MISS
last-modified: Sat, 13 Jun 2020 14:48:43 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hrPQlZTPMjtFYYcJMhh9TOH%2B3B1wgvZEEOLZrXkvAVOn0Kuz7mWxc6C8XAaz1xn7hm4GEhu1i%2FalGF6GzQEDPbkEEV5MXSaAHcokMWI3tL2%2B5FVMIj%2Fnhxv5Yfc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=16070400
accept-ranges: bytes
cf-ray: 884a3fe488899bdd-FRA
alt-svc: h3=":443"; ma=86400
content-length: 4525
expires: max-age=A10368000, public

GET
H3 200 cui-tractare-carlig-remorca-bmw-x1-e84-bmw-ciolex.ro_-130x90.jpg
ciolex.ro/wp-content/uploads/2020/06/ 4 KB
5 KB 139ms
138ms Image
image/jpeg 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ciolex.ro/wp-content/uploads/2020/06/cui-tractare-carlig-remorca-bmw-x1-e84-bmw-ciolex.ro_-130x90.jpg
Requested by: Host: mail.84-239-11-81.cprapid.com
URL: https://mail.84-239-11-81.cprapid.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 15d26f489fc2d0879c37c181ed6b3581bc68c9ca11d2cacb4713ae3236022a56

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://mail.84-239-11-81.cprapid.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 09:13:03 GMT
cf-cache-status: MISS
last-modified: Fri, 12 Jun 2020 19:51:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=30%2FsBAxDxw56zpO7%2BPUEbkzuagmQu3%2FN2vsNMKbg9cjd7KmCgkb3bcqhlTasWMxDjrlZ7gzLf6kMwnqyzicjqAzno9KP%2BPiDizNPq4FdzApQeegK%2Bm6IK0IBBBM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=16070400
accept-ranges: bytes
cf-ray: 884a3fe4888c9bdd-FRA
alt-svc: h3=":443"; ma=86400
content-length: 4329
expires: max-age=A10368000, public

GET
H3 200 alterator-masina-ciolex.ro_-130x90.jpg
ciolex.ro/wp-content/uploads/2020/06/ 6 KB
6 KB 156ms
155ms Image
image/jpeg 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ciolex.ro/wp-content/uploads/2020/06/alterator-masina-ciolex.ro_-130x90.jpg
Requested by: Host: mail.84-239-11-81.cprapid.com
URL: https://mail.84-239-11-81.cprapid.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 25597d59296203c4ec7fe6efabb7511dbed272ca78f2722e9c3c4ea83925c840

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://mail.84-239-11-81.cprapid.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 09:13:03 GMT
cf-cache-status: MISS
last-modified: Thu, 11 Jun 2020 14:02:59 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KSThKu7s8VFz15BZzrsAg65WJn%2Fqa17CZplK2el9NoDhM2zrV06F3ZZoSy9ZdwaXt1y1KCKTFJ7TIkZlVwhGSpuORZvhUzPUrHvfFCisytpg3bVPoiBhDskSSiw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=16070400
accept-ranges: bytes
cf-ray: 884a3fe4888d9bdd-FRA
alt-svc: h3=":443"; ma=86400
content-length: 5674
expires: max-age=A10368000, public

GET
H3 200 image-78-390x205.png
ciolex.ro/wp-content/uploads/2024/02/ 142 KB
143 KB 205ms
204ms Image
image/png 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ciolex.ro/wp-content/uploads/2024/02/image-78-390x205.png
Requested by: Host: mail.84-239-11-81.cprapid.com
URL: https://mail.84-239-11-81.cprapid.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 769de6c9d8563e079fe784b59e047964829170bfa10bba418d21817a262b6a0d

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://mail.84-239-11-81.cprapid.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 09:13:03 GMT
cf-cache-status: MISS
last-modified: Tue, 20 Feb 2024 19:41:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=25k81bJSFLkpTon7a0pu9xWgFRFgx%2Bk4U8xXg3n7bMLGrNN%2B%2BsepaTxX5XO1Vg%2FfsI5XCGQBT%2F33nVDnnsSXnvYVfknubbfioOfToNxiqNQ4bpKJdAkWmty9U%2Bs%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=16070400
accept-ranges: bytes
cf-ray: 884a3fe488909bdd-FRA
alt-svc: h3=":443"; ma=86400
content-length: 145616
expires: max-age=A10368000, public

GET
H3 200 monturi-picioare-ciolex.ro_-130x90.png
ciolex.ro/wp-content/uploads/2023/11/ 23 KB
23 KB 172ms
171ms Image
image/png 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ciolex.ro/wp-content/uploads/2023/11/monturi-picioare-ciolex.ro_-130x90.png
Requested by: Host: mail.84-239-11-81.cprapid.com
URL: https://mail.84-239-11-81.cprapid.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 70c105cb447cee1489f80dc8abe33ea20a7a392fb869e63bb09ee40159a04317

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://mail.84-239-11-81.cprapid.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 09:13:03 GMT
cf-cache-status: MISS
last-modified: Sun, 19 Nov 2023 16:46:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=G4F%2B%2FZtTKznI4nyVGsGjQseJMxetGrrp5b8w3xk7LzKDSGSAGf%2FsQt3kItd4KaYE9g3bXsbfeG3%2ByMEZGWTlurOkRhgHfBm0adyrCyj5S8Rs0oyE%2B3oFLFCfYQA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=16070400
accept-ranges: bytes
cf-ray: 884a3fe488959bdd-FRA
alt-svc: h3=":443"; ma=86400
content-length: 23196
expires: max-age=A10368000, public

GET
H3 200 image-113-130x90.png
ciolex.ro/wp-content/uploads/2023/11/ 19 KB
20 KB 171ms
170ms Image
image/png 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ciolex.ro/wp-content/uploads/2023/11/image-113-130x90.png
Requested by: Host: mail.84-239-11-81.cprapid.com
URL: https://mail.84-239-11-81.cprapid.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9a4ee6b13813bfde5a134e24f95ced76b1b23e3638486d982836a49110911b5a

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://mail.84-239-11-81.cprapid.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 09:13:03 GMT
cf-cache-status: MISS
last-modified: Sun, 19 Nov 2023 16:16:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ii8B9iyS%2Fle7drXhABglEAV9nzIA%2F%2BxporpQQdnEgv20eiv3%2BR2WvNEoGqfXoNbzd3LoQfJ%2B4Hh5V6zPGvfbJBXEEKGVANZAvUpxe6a7hcD5OPoZbDW3IU1f%2BRo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=16070400
accept-ranges: bytes
cf-ray: 884a3fe488989bdd-FRA
alt-svc: h3=":443"; ma=86400
content-length: 19830
expires: max-age=A10368000, public

GET
H3 200 image-49-130x90.png
ciolex.ro/wp-content/uploads/2023/09/ 19 KB
20 KB 411ms
410ms Image
image/png 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ciolex.ro/wp-content/uploads/2023/09/image-49-130x90.png
Requested by: Host: mail.84-239-11-81.cprapid.com
URL: https://mail.84-239-11-81.cprapid.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3fac084be90c38c94774e1ae1e976fe43df4ac6a5721c0584b88f2a1da767253

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://mail.84-239-11-81.cprapid.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 09:13:03 GMT
cf-cache-status: MISS
last-modified: Mon, 18 Sep 2023 11:32:48 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=I85ZcoEe%2F4Ag5CgE5NONZgCW%2F%2ByLYlmjrKqm6YbqP3rlkQCn%2F8RzqXMONRqBUzJFhV7cuVR3iyU1BShkQhJTgXes1RYLrhvd2znbRAT3dRZ5T%2Bi4R4n0BJJkOc0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=16070400
accept-ranges: bytes
cf-ray: 884a3fe488999bdd-FRA
alt-svc: h3=":443"; ma=86400
content-length: 19760
expires: max-age=A10368000, public

GET
H3 200 10-oameni-explica-ce-inseamna-dragostea-pentru-ei.-Trebuie-sa-le-cunosti-si-tu-ciolex.ro_-130x90.jpg
ciolex.ro/wp-content/uploads/2023/06/ 5 KB
5 KB 144ms
143ms Image
image/jpeg 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ciolex.ro/wp-content/uploads/2023/06/10-oameni-explica-ce-inseamna-dragostea-pentru-ei.-Trebuie-sa-le-cunosti-si-tu-ciolex.ro_-130x90.jpg
Requested by: Host: mail.84-239-11-81.cprapid.com
URL: https://mail.84-239-11-81.cprapid.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7aa1d9fb1bf09f8f419f0ce1283311e586443df3687c9b1cbe51a5eb6f0772f8

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://mail.84-239-11-81.cprapid.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 09:13:03 GMT
cf-cache-status: MISS
last-modified: Sun, 11 Jun 2023 15:42:31 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JtfgIbikFS9AxAeQtyd%2FeNkUbBRD0aNVYQTn%2B8p9x5R%2BnP%2BdTnImiVXYK2KzDOAZIwlBGfJ3chdCKIpdcXz7VmzuLOIG13%2BEgBfr2c1KTIEM8kO0jukBHZ8pVnU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=16070400
accept-ranges: bytes
cf-ray: 884a3fe4889b9bdd-FRA
alt-svc: h3=":443"; ma=86400
content-length: 5137
expires: max-age=A10368000, public

GET
H3 200 OneSignalSDK.js Show response
cdn.onesignal.com/sdks/ 9 KB
3 KB 66ms
65ms Script
application/javascript 104.17.111.223
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.onesignal.com/sdks/OneSignalSDK.js?ver=1.0.0

Requested by

Host: mail.84-239-11-81.cprapid.com
URL: https://mail.84-239-11-81.cprapid.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.111.223 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4191d89ec03bce5dc273716075335e31851031184b0fff0ab9fc900a8442019f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://mail.84-239-11-81.cprapid.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 09:13:03 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains
age: 3049
etag: W/"a87c48d211877c49b878679b2e3cdab8"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 884a3fe48acc37ce-FRA
access-control-allow-headers: OneSignal-Subscription-Id
alt-svc: h3=":443"; ma=86400
expires: Sun, 19 May 2024 09:13:03 GMT

GET
H3

200

autoptimize_fallback.js Show response
ciolex.ro/wp-content/cache/autoptimize/js/
Redirect Chain

https://ciolex.ro/wp-content/cache/autoptimize/js/autoptimize_a76d83d2f9c6913fa16c682081910593.js
https://ciolex.ro/wp-content/cache/autoptimize/js/autoptimize_fallback.js

64 KB
19 KB

1521ms
1521ms

Script
application/javascript

188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ciolex.ro/wp-content/cache/autoptimize/js/autoptimize_fallback.js
Requested by: Host: mail.84-239-11-81.cprapid.com
URL: https://mail.84-239-11-81.cprapid.com/
Protocol: H3
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 06b3ec6f6612b16d5d1d7bae7c771529fd174da9c6d18ebf74529f9be66b78ad

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://mail.84-239-11-81.cprapid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

date: Thu, 16 May 2024 09:13:05 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Thu, 16 May 2024 07:04:31 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Dwl3OoGARR%2Fd1GjErH4DUeHGIeq8xjzKF%2FGB0qsVzRysdIC2DYUhvYX3yogaISKMz6JdeRSvtcTQkr7UdXoDsUCLAN3%2FdgcfvEbSIdCItIqotdIh%2FpkXnvdnw94%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=16070400, immutable
accept-ranges: bytes
cf-ray: 884a3fea2e7a9bdd-FRA
alt-svc: h3=":443"; ma=86400
content-length: 19484
expires: max-age=A10368000, public

Redirect headers

date: Thu, 16 May 2024 09:13:04 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-redirect-by: WordPress
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=r%2BI4UTQ%2BS7ZVrstix2uRKp1NexALI288ZAVPc8bbfvSgMIEyNTcohwgxzlLLs0FQpcyKebscEokDorUjEmcfTPMMV2%2FByWofuTcvihtrdFd%2FZPDUdG0cCQ1ARbc%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
location: /wp-content/cache/autoptimize/js/autoptimize_fallback.js
cache-control: max-age=16070400, must-revalidate
vary: Accept-Encoding
cf-ray: 884a3fe4889c9bdd-FRA
link: <https://ciolex.ro/wp-json/>; rel="https://api.w.org/"
alt-svc: h3=":443"; ma=86400
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H3 200 OneSignalPageSDKES6.js Show response
cdn.onesignal.com/sdks/ 284 KB
68 KB 43ms
42ms Script
application/javascript 104.17.111.223
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151605

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.111.223 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ebe0f94ca53bc5f7d865f89aec5b0315bca03ace6942d6c1c76d94d5b59d419a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://mail.84-239-11-81.cprapid.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 09:13:03 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains
age: 103
etag: W/"e3be409ac3c100e2a5d3f264ec260551"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 884a3fe48ad137ce-FRA
access-control-allow-headers: OneSignal-Subscription-Id
alt-svc: h3=":443"; ma=86400
expires: Sun, 19 May 2024 09:13:03 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202405090101/ 412 KB
139 KB 133ms
83ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202405090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9277298805951083&plah=mail.84-239-11-81.cprapid.com&aplac=true&bust=31083610

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9277298805951083

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

cafe /

Resource Hash

223bba6ac4174a5261a9835dfc5a094b8ee08d91851e6143ecb5f361fef4b258

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://mail.84-239-11-81.cprapid.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 09:13:03 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 142606
x-xss-protection: 0
server: cafe
etag: 17918618777137406937
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 16 May 2024 09:13:03 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 99ms
56ms Image
image/gif 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=new_abg_tag&value=true&host_v=false&frequency=0.01&eid=44759875%2C44759926%2C44759837%2C31083587%2C95331983%2C95332917%2C31083610

Requested by

Host: mail.84-239-11-81.cprapid.com
URL: https://mail.84-239-11-81.cprapid.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://mail.84-239-11-81.cprapid.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 16 May 2024 09:13:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 OneSignalPageSDKES6.js Show response
cdn.onesignal.com/sdks/ 284 KB
0 0ms
0ms Script
application/javascript 104.17.111.223
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151605
Requested by: Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js?ver=1.0.0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.17.111.223 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ebe0f94ca53bc5f7d865f89aec5b0315bca03ace6942d6c1c76d94d5b59d419a

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://mail.84-239-11-81.cprapid.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 09:13:03 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 103
etag: W/"e3be409ac3c100e2a5d3f264ec260551"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 884a3fe48ad137ce-FRA
access-control-allow-headers: OneSignal-Subscription-Id
alt-svc: h3=":443"; ma=86400
expires: Sun, 19 May 2024 09:13:03 GMT

GET
H3 200 sm.25.html
static.addtoany.com/menu/ Frame 0C9D 0
0 72ms
37ms Document
text/html 172.67.39.148
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/sm.25.html

Requested by

Host: static.addtoany.com
URL: https://static.addtoany.com/menu/page.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.39.148 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://mail.84-239-11-81.cprapid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: *
age: 23766
alt-svc: h3=":443"; ma=86400
cache-control: max-age=315360000, immutable
cf-cache-status: HIT
cf-ray: 884a3fe5687091e4-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Thu, 16 May 2024 09:13:03 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TSb6ceU8Km%2FQoBhHnOVawQ5nlOg7YHtAwc1zYeeACM1Vejf1hsvQsU5EgzZBYHlnxkwG7E3VnrdXIcTw%2FClwIyVWcp%2BvsfkuC8R0rRwidtcjh65vd3CqQFRL0gJVfF3Dqwl1JOvRnnEjZi6fPTkCvL%2Fd"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff

GET
H3 200 core.BRQnzO8v.js Show response
static.addtoany.com/menu/modules/ 70 KB
26 KB 122ms
84ms Script
application/javascript 172.67.39.148
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/modules/core.BRQnzO8v.js

Requested by

Host: static.addtoany.com
URL: https://static.addtoany.com/menu/page.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.39.148 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

91b9b24f0aa59668e4d0a770ee7a294b9baa361a76a20ade8128cd0482a5d805

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://mail.84-239-11-81.cprapid.com/
Origin: https://mail.84-239-11-81.cprapid.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 09:13:03 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"25da5432b1057724b8210f17e9b9db05"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Fw%2FP1dpnkyQ8rpMms87P3lz1sCdQtqq0ywsmiwnWvW8HsZhO3rRMfSOprlJ4Hg3erY6mgUuIlerA%2BQlO%2B%2FSwfMQ25GkKTl3d60pQJNU7TGJzGEuz7uR3BTSN9fcKhGfxSRWSLFmo"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000, immutable
cf-ray: 884a3fe56d82bbe5-FRA

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 58ms
58ms Image
image/gif 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=abg::amalserr&status=tcto&guarding=true&timeout=50&rate=0.01&eid=44759875%2C44759926%2C44759837%2C31083587%2C95331983%2C95332917%2C31083610

Requested by

Host: mail.84-239-11-81.cprapid.com
URL: https://mail.84-239-11-81.cprapid.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://mail.84-239-11-81.cprapid.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 16 May 2024 09:13:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 de.js Show response
static.addtoany.com/menu/locale/ 750 B
775 B 41ms
40ms Script
application/javascript 2606:4700:10::ac43:2794
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/locale/de.js

Requested by

Host: static.addtoany.com
URL: https://static.addtoany.com/menu/modules/core.BRQnzO8v.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:2794 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e26044e4f60fab991ddde9378091a990f77cad49dadf8d6b4bd96c632428546c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://mail.84-239-11-81.cprapid.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 09:13:03 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 19061
cf-polished: origSize=902
content-encoding: br
alt-svc: h3=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
cf-bgj: minify
server: cloudflare
etag: W/"86610d84a116a5704d658324728b063f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cGWyoJcYiwh4nkd14jSp3c1lEQA2Xx68kgN2X7sktVG1ruQFCFHZU25bN%2BfFaPfLaMNiiKT2gPjgQEmsicLhviJwFYb5aUf2uCufjHGGmF9DbcjHvIHgr%2FvxURg0wLrBhwJlbhRHMIPRsLm9uL91EPX%2B"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400, stale-while-revalidate=30, public
cf-ray: 884a3fe618899290-FRA

GET
H3 200 facebook.js Show response
static.addtoany.com/menu/svg/icons/ 429 B
812 B 75ms
73ms Script
application/javascript 172.67.39.148
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/svg/icons/facebook.js

Requested by

Host: static.addtoany.com
URL: https://static.addtoany.com/menu/modules/core.BRQnzO8v.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.39.148 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4b475960843a5619b907af1f0a89e3136bd5e6a4a700ec78cb417f302647cf49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://static.addtoany.com/menu/modules/core.BRQnzO8v.js
Origin: https://mail.84-239-11-81.cprapid.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 09:13:03 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"68925fa8e347041c6006837e73c518bc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YyfvaexabdqkeRj%2F7%2Fpb%2Bz6eYtvg8nXvMvOdWhVwsis9z8%2BnPCQYCnVgyjvKWpD7tfOsANLa9rrG6C39rXDLe6GSJCRlKcTPmlh5mKJ6BrDLsZ7hECYj8Uo9LSQV9R1a9LAzB0an"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=7776000, stale-while-revalidate=30, public
cf-ray: 884a3fe61e8fbbe5-FRA

GET
H3 200 facebook_messenger.js Show response
static.addtoany.com/menu/svg/icons/ 377 B
785 B 86ms
84ms Script
application/javascript 172.67.39.148
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/svg/icons/facebook_messenger.js

Requested by

Host: static.addtoany.com
URL: https://static.addtoany.com/menu/modules/core.BRQnzO8v.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.39.148 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9b0725996689167816d5e5cff57ebee596e1fd353e96cbcdfa8f816a9228a678

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://static.addtoany.com/menu/modules/core.BRQnzO8v.js
Origin: https://mail.84-239-11-81.cprapid.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 09:13:03 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"f483bc9dc6e969b7039e6a0cc1b8a62c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=C1gP1REe2%2Flb%2FTSRJOyzzv0%2F80x5aSCXlEM6Zhe1SJVWAkIujxjtu%2BLCaTZqtQXte2UzOzutMofu0yxNe2WJuzFFBzUA7j06iJGxDzq9LgZLP6wQuwoVPof8qeyfkT51TUPlCUaO"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=7776000, stale-while-revalidate=30, public
cf-ray: 884a3fe61e92bbe5-FRA

GET
H3 200 whatsapp.js Show response
static.addtoany.com/menu/svg/icons/ 1 KB
1 KB 78ms
76ms Script
application/javascript 172.67.39.148
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/svg/icons/whatsapp.js

Requested by

Host: static.addtoany.com
URL: https://static.addtoany.com/menu/modules/core.BRQnzO8v.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.39.148 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c15e1379ca2c59f99912500bbc23a0d1d88f43198cbe1b53d87776fa351385eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://static.addtoany.com/menu/modules/core.BRQnzO8v.js
Origin: https://mail.84-239-11-81.cprapid.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 09:13:03 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"83af4df8173e43227812296bb8542dcf"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XOor21K2Ugwk%2FgOPUeE%2B8UvgqNhm5kDsgucFD3r0iZpErmbM0QkhH4e%2B%2F0Ku7U44CmB9Mm%2FOd0CTUPxGm8a%2BugbWrG8Dbyc4S52sORHajmxiyhCm%2Bcj09vD%2FKjD50fOGTMMU%2BlnV"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=7776000, stale-while-revalidate=30, public
cf-ray: 884a3fe61e94bbe5-FRA

GET
H3 200 email.js Show response
static.addtoany.com/menu/svg/icons/ 415 B
799 B 76ms
75ms Script
application/javascript 172.67.39.148
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/svg/icons/email.js

Requested by

Host: static.addtoany.com
URL: https://static.addtoany.com/menu/modules/core.BRQnzO8v.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.39.148 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d432ad1988efa5b258294f52dae3d1b4c10660aec15e49017e21a1ee74bfd453

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://static.addtoany.com/menu/modules/core.BRQnzO8v.js
Origin: https://mail.84-239-11-81.cprapid.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 09:13:03 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"eb2119ad4221a9d01abc336e06962867"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pHML6FYtwmZhG0YMDYQqB3UsrJ12yluwjILbmjuuRv5bj0ep3bRtZ81j4gCcyivBjjYPEsBtiTZZF7UsZAPqu8e9MNCdXgs0f1GX2lBjZl3OmwK%2B87QfZQMoD9yNbO0W74HPsLdn"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=7776000, stale-while-revalidate=30, public
cf-ray: 884a3fe61e97bbe5-FRA

GET
H3 200 sms.js Show response
static.addtoany.com/menu/svg/icons/ 1 KB
1 KB 67ms
66ms Script
application/javascript 172.67.39.148
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/svg/icons/sms.js

Requested by

Host: static.addtoany.com
URL: https://static.addtoany.com/menu/modules/core.BRQnzO8v.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.39.148 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8aa5087a5c31564c259063d074756190d836a064365e67c0e8306b8e30267f9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://static.addtoany.com/menu/modules/core.BRQnzO8v.js
Origin: https://mail.84-239-11-81.cprapid.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 09:13:03 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"f047697927053d4c7c623fcad21d4716"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=N6FWaZOfUv5hFDBul9udNNB7UyhnU45pLn9EZDahIWtcHtJEoqVkWGYOesbugxg1udrwRrob6%2FLWquS7Q2TLJgpg1zxcUwDDHj7%2BFv6HKG9LVT0oZ3i7YHR3fL%2Fr%2BEl38QBN3EET"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=7776000, stale-while-revalidate=30, public
cf-ray: 884a3fe61e99bbe5-FRA

GET
H3 200 a2a.js Show response
static.addtoany.com/menu/svg/icons/ 182 B
664 B 79ms
79ms Script
application/javascript 172.67.39.148
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/svg/icons/a2a.js

Requested by

Host: static.addtoany.com
URL: https://static.addtoany.com/menu/modules/core.BRQnzO8v.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.39.148 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3dab93242ee573bbcfc22c9d15acd47794e500ed44e6bd48a35400b39d65aa43

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://static.addtoany.com/menu/modules/core.BRQnzO8v.js
Origin: https://mail.84-239-11-81.cprapid.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 09:13:03 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"0aca4ea1e5f8f250126a8e0c597dd969"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ipouAlK5CUYl4oYMbrEETQkN0aZlJH5TJ5GeVSFLZyJQK3SGzEYXXhsB36dT7VytHdXg%2FRUDE%2FtlRo2M7Hg8AEbDnbypYOXAuG0sU0uzoeoZ5vv27QIItY35%2B8kfe5JBV9zRoYLE"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=7776000, stale-while-revalidate=30, public
cf-ray: 884a3fe61e9abbe5-FRA

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 59ms
59ms Image
image/gif 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=afc_etu&etus=4&sig=1&tms=200&eid=44759875%2C44759926%2C44759837%2C31083587%2C95331983%2C95332917%2C31083610

Requested by

Host: mail.84-239-11-81.cprapid.com
URL: https://mail.84-239-11-81.cprapid.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://mail.84-239-11-81.cprapid.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 16 May 2024 09:13:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 zrt_lookup_fy2021.html
pagead2.googlesyndication.com/pagead/html/r20240513/r20110914/ Frame 7B69 0
0 67ms
23ms Document
text/html 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/html/r20240513/r20110914/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202405090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9277298805951083&plah=mail.84-239-11-81.cprapid.com&aplac=true&bust=31083610

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://mail.84-239-11-81.cprapid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

age: 58448
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4155
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 15 May 2024 16:58:55 GMT
etag: 5035419970550746386
expires: Wed, 29 May 2024 16:58:55 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 403 ads
pagead2.googlesyndication.com/pagead/ Frame 936A 0
0 83ms
55ms Document
text/html 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-9277298805951083&output=html&adk=1812271804&adf=3025194257&abgtt=6&lmt=1715850783&plat=3%3A16%2C4%3A16%2C8%3A4194304%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A34635776%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fmail.84-239-11-81.cprapid.com%2F&host=ca-host-pub-2644536267352236&pra=5&wgl=1&easpi=0&aihb=0&asro=0&aslmct=0.7&asamct=0.7&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNC4wLjYzNjcuMjAxIixudWxsLDAsbnVsbCwiNjQiLFtbIkNocm9taXVtIiwiMTI0LjAuNjM2Ny4yMDEiXSxbIkdvb2dsZSBDaHJvbWUiLCIxMjQuMC42MzY3LjIwMSJdLFsiTm90LUEuQnJhbmQiLCI5OS4wLjAuMCJdXSwwXQ..&dt=1715850783488&bpp=1&bdt=730&idt=278&shv=r20240513&mjsv=m202405090101&ptt=9&saldr=aa&abxe=1&eoidce=1&nras=1&correlator=7384038430216&frm=20&pv=2&ga_vid=1377735202.1715850784&ga_sid=1715850784&ga_hid=1777173407&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31083587%2C95331983%2C95332917%2C31083610%2C95331711%2C95331954%2C95332415&oid=2&pvsid=3735958540682842&tmod=2129814921&uas=0&nvt=1&fsapi=1&fc=1920&brdim=1570%2C1170%2C1570%2C1170%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&ifi=1&uci=a!1&fsb=1&dtd=308

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://mail.84-239-11-81.cprapid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 16 May 2024 09:13:03 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 59ms
59ms Image
image/gif 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=afc_etu&etus=4&sig=4&tms=200&eid=44759875%2C44759926%2C44759837%2C31083587%2C95331983%2C95332917%2C31083610%2C95331711%2C95331954%2C95332415

Requested by

Host: mail.84-239-11-81.cprapid.com
URL: https://mail.84-239-11-81.cprapid.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://mail.84-239-11-81.cprapid.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 16 May 2024 09:13:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 403 ads
pagead2.googlesyndication.com/pagead/ Frame 1467 0
0 49ms
48ms Document
text/html 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-9277298805951083&output=html&h=280&slotname=7733028789&adk=2124071707&adf=545111591&pi=t.ma~as.7733028789&w=1200&abgtt=6&fwrn=4&fwrnh=100&lmt=1715850783&rafmt=1&format=1200x280&url=https%3A%2F%2Fmail.84-239-11-81.cprapid.com%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNC4wLjYzNjcuMjAxIixudWxsLDAsbnVsbCwiNjQiLFtbIkNocm9taXVtIiwiMTI0LjAuNjM2Ny4yMDEiXSxbIkdvb2dsZSBDaHJvbWUiLCIxMjQuMC42MzY3LjIwMSJdLFsiTm90LUEuQnJhbmQiLCI5OS4wLjAuMCJdXSwwXQ..&dt=1715850783489&bpp=2&bdt=730&idt=324&shv=r20240513&mjsv=m202405090101&ptt=9&saldr=aa&abxe=1&eoidce=1&prev_fmts=0x0&nras=1&correlator=7384038430216&frm=20&pv=1&ga_vid=1377735202.1715850784&ga_sid=1715850784&ga_hid=1777173407&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=8&ady=182&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31083587%2C95331983%2C95332917%2C31083610%2C95331711%2C95331954%2C95332415&oid=2&pvsid=3735958540682842&tmod=2129814921&uas=0&nvt=1&fc=1920&brdim=1570%2C1170%2C1570%2C1170%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&ifi=2&uci=a!2&fsb=1&dtd=334

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://mail.84-239-11-81.cprapid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 16 May 2024 09:13:03 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 collect
region1.google-analytics.com/g/ 0
264 B 86ms
31ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-K0HCG54YRS&gtm=45je45f0v867652618za200&_p=1715850785855&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=1377735202.1715850784&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.201%7CGoogle%2520Chrome%3B124.0.6367.201%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&frm=0&pscdl=noapi&_s=1&sid=1715850785&sct=1&seg=0&dl=https%3A%2F%2Fmail.84-239-11-81.cprapid.com%2F&dt=CIOLEX.RO%20%7C%20ALL%20DREAMS%20-&en=page_view&_fv=1&_ss=1&_ee=1&tfd=3643
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-K0HCG54YRS
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://mail.84-239-11-81.cprapid.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 16 May 2024 09:13:05 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://mail.84-239-11-81.cprapid.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 web Show response
onesignal.com/api/v1/sync/5be9d38d-9ddf-40a9-ad8f-d85176aa6869/ 5 KB
2 KB 41ms
40ms Script
text/javascript 104.17.111.223
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onesignal.com/api/v1/sync/5be9d38d-9ddf-40a9-ad8f-d85176aa6869/web?callback=__jp0

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151605

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.111.223 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a7ef208f26cc77887ae47cc06a163e3178d33d9ab2353e2401f1fbddfd35575d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://mail.84-239-11-81.cprapid.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 09:13:05 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
x-permitted-cross-domain-policies: none
strict-transport-security: max-age=15552000; includeSubDomains
age: 2129
cf-polished: origSize=5571
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: e9c2ad47-839a-4aaf-af93-344cfee05193
x-runtime: 0.032903
referrer-policy: strict-origin-when-cross-origin
cf-bgj: minify
server: cloudflare
etag: W/"4930bd48029de1a0e51b670e04d2f902"
x-download-options: noopen
vary: Origin, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=3600
cf-ray: 884a3ff3cc8537ce-FRA
access-control-allow-headers: SDK-Version
expires: Thu, 16 May 2024 10:13:05 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 17 KB
13 KB 84ms
84ms XHR
application/json 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240513&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

cafe /

Resource Hash

ebaed155efdc50be0333dc241694ac2f0348c28a9d950cb87cac118f4a64b5e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://mail.84-239-11-81.cprapid.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 09:13:05 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12847
x-xss-protection: 0

GET
H3 200 cropped-CioLex-1-32x32.png
ciolex.ro/wp-content/uploads/2020/10/ 2 KB
2 KB 33ms
33ms Other
image/png 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ciolex.ro/wp-content/uploads/2020/10/cropped-CioLex-1-32x32.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 82667f1254c0bb21dd3ad435e7356fe96e76805f78fc39a5a5012198c57ca3d1

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://mail.84-239-11-81.cprapid.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 09:13:05 GMT
cf-cache-status: HIT
last-modified: Tue, 13 Oct 2020 14:34:34 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2445146
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=R9D2Gem0amAeyPnZOh4miVjznu30H2Rnu0RakxSVMSDOer2skfWA2v%2BhqsvRpWjpnJHTFaE%2FwoB%2BSf%2BQt5vqQhB0IQEZPFpinpVo8HJvHpkBEsVchhkud9JlFGs%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=16070400
accept-ranges: bytes
cf-ray: 884a3ff419a49bdd-FRA
alt-svc: h3=":443"; ma=86400
content-length: 1857
expires: max-age=A10368000, public

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 108ms
51ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://mail.84-239-11-81.cprapid.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 09:13:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 16 May 2024 09:13:06 GMT

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 733E 0
0 79ms
26ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://mail.84-239-11-81.cprapid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
age: 332
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 16 May 2024 09:07:34 GMT
expires: Fri, 16 May 2025 09:07:34 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 57ms
56ms Image
image/gif 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_stats&wpc=ca-pub-9277298805951083&su=mail.84-239-11-81.cprapid.com&eid=44759875%2C44759926%2C44759837%2C31083587%2C95331983%2C95332917%2C31083610%2C95331711%2C95331954%2C95332415&doc=complete&pg_h=73274&pg_w=1600&pg_hs=73274&c=12&aa_c=0&av_h=306.667&av_w=1584&av_a=485760&s=59.438&all_s=59.438&b=47.391&all_b=47.391&d=0.050&all_d=0.050&ard=0.050&all_ard=0.050&dt=d

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://mail.84-239-11-81.cprapid.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 16 May 2024 09:13:06 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET sodar
pagead2.googlesyndication.com/pagead/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240513&jk=3735958540682842&bg=!7O-l76DNAAav94VWj_c7ADQBe5WfOINvhZ8enQ2YZfU6SrQUEPyN3C2Kh_2WMo9ISwyumWSxSuBxr5hLkhLN3zi8WpooAgAAAdNSAAAAAWgBB34ANdBes_GU4VwP20evXxoYR5YgkdZ6_PEvMY2tVQcLzGDE55AJBLNJ7CBtEFY7V6Dfp4PkPEh_CgBoljpXG4rqcGFClY0Z4nnB7KIdJemd6zbdng9WI2FYqMX6e6eCPsNWqDCuvhia4aovzh0vSJAD7deJjYcAUGgKPpGtHCrBUtU_vqMyV-1y_CiHps_VQDmvX052QvVXNtWdd_ekTgEVnIeZAqppotIFoChefxFoIf7htjKbWAyr3Kyib7x_heFn5vsVzAhKHL0hrRMxqlzSi14Wk_QFsL3u75omFNiI0MCAMoohDyLgebkCjBEOuDPRzogLj71tZcrpQZos09cpOB5_r3YSUlbY9iJ4OkQ_-XIUkwm9dBY0dpDhpaS4k3fU_LGIH7pA41-zFoOAA_VGMoxmXE1FH-91q0301y4tudosG1XWeWeAVmLdSpiQIJce8AgX-qfoSGP4SKSyUNOv01zd-rPwri7EUBStbwvNYc7RzOl8YRZnVGVf_sZZZa-qmBFrI7EqucIfDppeMNCdPj9aFKsbNKUJ0ZjrujrvxK22Znxu4Lw-fj4sZwiH384a6-IWk28CADnRNoKQPCcpn6WAUqnCSfL6ipW0jHjYqxxK7lPW8yKaIahGXTvkMl1O6QPKCQYF77mTAyKgODO-yiG1HakKBClJLBpqwBBu7m-wTI5JQ9xASlLygGknNT-SSEWfjIy4Y2RnSuuI9IkGW0JjaTZPkCnA_NUlevrS7dIaybvixu-Arjl0SC01ZqhPqJY50QBftQNr7Yutu8JXAOZ2PiDOOw2kvh1gmqH1hbOTwQNdcc-Sl-ZwjZbaUzR-dOlWrrpfhH1jb1bVZOg-5LzFiNYAUH5dajTz8hlBtech5nhZ8qEl74Dyd5oRFSDhdJqVe6Wt8XHuVGGcUW5UaYiVwo7HsABGtRihUf0rkB3znVRGrhO5STFZaHZlPm_B5eFeHM8qXBltiMrux7oWNygS0fuGO1A8NnKT2x4r-s6PIAmGbqbPjh6EPdlveP2binUsUENT52bEIBTT_aWVsvNs9XdtQSpS_HF45Z5H0NvCqbENvfje8XbC4N8PqQ5lAMVKMNPzA9PQUFSb4hhF1su5lo1NXAqTwEIgAzcG

Verdicts & Comments Add Verdict or Comment

79 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.onesignal.com/	1970-01-20 20:37:32	Name: __cf_bm Value: Qs22NuCGdiknr86IpWiLyPx2uJqcMYONmZS3r4JPzmo-1715850782-1.0.1.1-g1J1iGOkq_5NTyzO09xBNtMUtR5DS1RZxyY2rP351vwFpvJ4R4jNDtRRy5BjwrprOESkGIO7DIW1J7kbzTRIjA
.mail.84-239-11-81.cprapid.com/	1970-01-21 06:13:30	Name: _ga_K0HCG54YRS Value: GS1.1.1715850785.1.0.1715850785.0.0.0
.mail.84-239-11-81.cprapid.com/	1970-01-21 06:13:30	Name: _ga Value: GA1.1.1377735202.1715850784
.mail.84-239-11-81.cprapid.com/	1970-01-20 22:47:06	Name: _gcl_au Value: 1.1.474200142.1715850786

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://mail.84-239-11-81.cprapid.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mail.84-239-11-81.cprapid.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mail.84-239-11-81.cprapid.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://mail.84-239-11-81.cprapid.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.onesignal.com
ciolex.ro
mail.84-239-11-81.cprapid.com
onesignal.com
pagead2.googlesyndication.com
region1.google-analytics.com
static.addtoany.com
tpc.googlesyndication.com
www.googletagmanager.com
pagead2.googlesyndication.com
104.17.111.223
172.217.18.2
172.67.39.148
188.114.97.3
2001:4860:4802:34::36
2606:4700:10::ac43:2794
2a00:1450:4001:811::2008
2a00:1450:4001:830::2001
84.239.11.81
06b3ec6f6612b16d5d1d7bae7c771529fd174da9c6d18ebf74529f9be66b78ad
15d26f489fc2d0879c37c181ed6b3581bc68c9ca11d2cacb4713ae3236022a56
18763cf06c318139a7363fe7f0d3e16c993f8c6a8b1d460f9b33d347ed036b64
1c204871cef5ace748cfb6800788e9b959d97d52fb447da5841379fb291604b3
223bba6ac4174a5261a9835dfc5a094b8ee08d91851e6143ecb5f361fef4b258
25597d59296203c4ec7fe6efabb7511dbed272ca78f2722e9c3c4ea83925c840
31fd59cd740a8265c6734a57e23a814efa09c14561ec1583a2a77e3746dc4b6e
3dab93242ee573bbcfc22c9d15acd47794e500ed44e6bd48a35400b39d65aa43
3fac084be90c38c94774e1ae1e976fe43df4ac6a5721c0584b88f2a1da767253
4191d89ec03bce5dc273716075335e31851031184b0fff0ab9fc900a8442019f
4b475960843a5619b907af1f0a89e3136bd5e6a4a700ec78cb417f302647cf49
52de21e1ba9eba192b9e121375fce0310603a46d823618e0f3565303029071a6
61941fe8907f1fefdb970e8ade2543f3e1f63a1ecac90412423fbae91f362d90
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6e0cc78c402cbc02fdfd41cd77c5fd6ffbd8066cc07935ea8eb5f3fcc59744a3
70c105cb447cee1489f80dc8abe33ea20a7a392fb869e63bb09ee40159a04317
769de6c9d8563e079fe784b59e047964829170bfa10bba418d21817a262b6a0d
7a92d0135c865237c8d0544e7495168f84437004123d9eb87049c02696630cff
7aa1d9fb1bf09f8f419f0ce1283311e586443df3687c9b1cbe51a5eb6f0772f8
7f46e16eda1fc7b95637ec47468901d9704ffd44d7cb738c13d3caffad39796b
8215538fc3fb8173dd69cd0b194a34a2048b8055651234bbf09eb8758aab6d4b
82667f1254c0bb21dd3ad435e7356fe96e76805f78fc39a5a5012198c57ca3d1
8785ba0bcc7694b6ac253bfcf41e89a62638d6de51398f982b91a72a4c41dc19
8aa5087a5c31564c259063d074756190d836a064365e67c0e8306b8e30267f9b
91b9b24f0aa59668e4d0a770ee7a294b9baa361a76a20ade8128cd0482a5d805
9a4ee6b13813bfde5a134e24f95ced76b1b23e3638486d982836a49110911b5a
9b0725996689167816d5e5cff57ebee596e1fd353e96cbcdfa8f816a9228a678
a7ef208f26cc77887ae47cc06a163e3178d33d9ab2353e2401f1fbddfd35575d
ad707419188b582049adacb5e60aa0825014f4edeed367b6ba8dfd9be3e57038
bb479a93edef0e0af265b0a32313d0187c1e571e1148e33b5f8d9c312ebe9c72
c15e1379ca2c59f99912500bbc23a0d1d88f43198cbe1b53d87776fa351385eb
c88ef6bd1374e21b46e52fdb449b7fb3ec4f92339cdbe56464086050bec65410
cfd2def8f0fec107e64f24450431f101b9904a7d00b4207a01549188fd6eda15
d184d9c5bb8bd2546ac802476f8faa75b83f5f80d66d79268173a6ce0202b675
d432ad1988efa5b258294f52dae3d1b4c10660aec15e49017e21a1ee74bfd453
e26044e4f60fab991ddde9378091a990f77cad49dadf8d6b4bd96c632428546c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ebaed155efdc50be0333dc241694ac2f0348c28a9d950cb87cac118f4a64b5e0
ebe0f94ca53bc5f7d865f89aec5b0315bca03ace6942d6c1c76d94d5b59d419a
f461ddc311999693c9af33d3563dea2e81295b2117cab77a66c8562a6f21658e
fe7ff7316dfe51144735b1f4573d94c04b628896e623c5fb912d3ecc6fbc1a63

mail.84-239-11-81.cprapid.com Open in urlscan Pro 84.239.11.81 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

54 Requests

94 %HTTPS

44 %IPv6

7 Domains

9 Subdomains

10 IPs

5 Countries

1282 kBTransfer

2762 kBSize

4 Cookies

39 Outgoing links

Redirected requests

54 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

mail.84-239-11-81.cprapid.com Open in urlscan Pro
84.239.11.81 Public Scan

Screenshot
Live screenshot

Full Image

54
Requests

94 %
HTTPS

44 %
IPv6

7
Domains

9
Subdomains

10
IPs

5
Countries

1282 kB
Transfer

2762 kB
Size

4
Cookies

54 HTTP transactions
0 data transactions