www.ghicitul-in-cafea.visele.ro Open in urlscan Pro
188.247.130.221 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.ghicitul-in-cafea.visele.ro/
Submission: On January 31 via api (January 31st 2024, 7:46:09 pm UTC) from US — Scanned from US

Summary HTTP 135 Redirects Links 51 Behaviour Indicators

Summary

This website contacted 26 IPs in 7 countries across 31 domains to perform 135 HTTP transactions. The main IP is 188.247.130.221, located in Romania and belongs to TIER-DATA-CENTER, RO. The main domain is www.ghicitul-in-cafea.visele.ro.
TLS certificate: Issued by R3 on January 30th 2024. Valid for: 3 months.

This is the only time www.ghicitul-in-cafea.visele.ro was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
24	188.247.130.221 188.247.130.221	50515 (TIER-DATA...) (TIER-DATA-CENTER)
1	2607:f8b0:400... 2607:f8b0:4004:c17::61	15169 (GOOGLE) (GOOGLE)
13	2607:f8b0:400... 2607:f8b0:4004:c1b::9d	15169 (GOOGLE) (GOOGLE)
13	185.132.133.134 185.132.133.134	49981 (WORLDSTREAM) (WORLDSTREAM)
1 8	2607:f8b0:400... 2607:f8b0:4004:c17::9a	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:34::181	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4004:c1d::9c	15169 (GOOGLE) (GOOGLE)
3 28	51.222.39.187 51.222.39.187	16276 (OVH) (OVH)
4	2607:f8b0:400... 2607:f8b0:4004:c06::5f	15169 (GOOGLE) (GOOGLE)
1 1	54.38.197.123 54.38.197.123	16276 (OVH) (OVH)
5 6	35.211.178.172 35.211.178.172	19527 (GOOGLE-2) (GOOGLE-2)
3 3	34.111.113.62 34.111.113.62	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
4 4	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
1	212.8.243.91 212.8.243.91	49981 (WORLDSTREAM) (WORLDSTREAM)
9	2607:f8b0:400... 2607:f8b0:4004:c06::84	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4004:c0b::5e	15169 (GOOGLE) (GOOGLE)
11	2607:f8b0:400... 2607:f8b0:4004:c1b::8b	15169 (GOOGLE) (GOOGLE)
2 2	35.207.24.140 35.207.24.140	15169 (GOOGLE) (GOOGLE)
1 1	216.200.232.253 216.200.232.253	30419 (MEDIAMATH...) (MEDIAMATH-INC)
1 1	213.19.162.80 213.19.162.80	3356 (LEVEL3) (LEVEL3)
2 2	68.67.160.26 68.67.160.26	29990 (ASN-APPNEX) (ASN-APPNEX)
2 2	63.251.28.234 63.251.28.234	13789 (INTERNAP-...) (INTERNAP-BLK3)
2	8.43.72.97 8.43.72.97	26667 (RUBICONPR...) (RUBICONPROJECT)
2 2	80.77.87.166 80.77.87.166	46636 (NATCOWEB) (NATCOWEB)
2 2	82.145.213.8 82.145.213.8	39832 (NO-OPERA) (NO-OPERA)
3 4	142.251.167.156 142.251.167.156	15169 (GOOGLE) (GOOGLE)
1 1	216.22.16.68 216.22.16.68	30633 (LEASEWEB-...) (LEASEWEB-USA-WDC)
2	209.54.182.161 209.54.182.161	16509 (AMAZON-02) (AMAZON-02)
3 3	162.248.18.32 162.248.18.32	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	162.248.18.37 162.248.18.37	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2 2	198.148.27.131 198.148.27.131	19189 (PULSEPOINT) (PULSEPOINT)
4 4	2606:ae80:145... 2606:ae80:1451:22::730	25751 (VALUECLICK) (VALUECLICK)
2 3	3.225.218.10 3.225.218.10	14618 (AMAZON-AES) (AMAZON-AES)
1 1	2600:1f18:4e9... 2600:1f18:4e9:5a07:acdb:313c:b151:6999	14618 (AMAZON-AES) (AMAZON-AES)
1 2	190.2.153.150 190.2.153.150	49981 (WORLDSTREAM) (WORLDSTREAM)
1	216.219.92.22 216.219.92.22	19318 (IS-AS-1) (IS-AS-1)
4	2607:f8b0:400... 2607:f8b0:4004:c06::5e	15169 (GOOGLE) (GOOGLE)
2	172.253.122.156 172.253.122.156	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4004:c1d::95	15169 (GOOGLE) (GOOGLE)
4	185.165.240.123 185.165.240.123	49981 (WORLDSTREAM) (WORLDSTREAM)
1	2607:f8b0:400... 2607:f8b0:4004:c1d::63	15169 (GOOGLE) (GOOGLE)
135	26

24 188.247.130.221 (Romania)

ASN50515 (TIER-DATA-CENTER, RO)
PTR: mail.twoside.ro

www.ghicitul-in-cafea.visele.ro	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.visele.ro	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c17::61 (Washington, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2607:f8b0:4004:c1b::9d (Washington, United States)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 185.132.133.134 (Naaldwijk, Netherlands)

ASN49981 (WORLDSTREAM, NL)
PTR: 185-132-133-134.hosted-by-worldstream.net

ad.vidverto.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2607:f8b0:4004:c17::9a (Washington, United States) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:34::181 (United States)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c1d::9c (Washington, United States)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 51.222.39.187 (Canada) 3 redirects

ASN16276 (OVH, FR)
PTR: ip187.ip-51-222-39.net

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4004:c06::5f (Washington, United States)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.38.197.123 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: app-ngx-pl-01.radius.technology

a4p.adpartner.pro	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 35.211.178.172 (North Charleston, United States) 5 redirects

ASN19527 (GOOGLE-2, US)
PTR: 172.178.211.35.bc.googleusercontent.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.111.113.62 (Kansas City, United States) 3 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 3.33.220.150 (Seattle, United States) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.8.243.91 (Naaldwijk, Netherlands)

ASN49981 (WORLDSTREAM, NL)
PTR: 212-8-243-91.hosted-by-worldstream.net

ad.vidver.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2607:f8b0:4004:c06::84 (Washington, United States)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c0b::5e (Ashburn, United States)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2607:f8b0:4004:c1b::8b (Washington, United States)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.207.24.140 (North Charleston, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 140.24.207.35.bc.googleusercontent.com

rtb.mfadsrvr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.200.232.253 (Frederick, United States) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.19.162.80 (United Kingdom) 1 redirects

ASN3356 (LEVEL3, US)

pixel-eu.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 68.67.160.26 (Jersey City, United States) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 567.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 63.251.28.234 (Secaucus, United States) 2 redirects

ASN13789 (INTERNAP-BLK3, US)

ads.stickyadstv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 8.43.72.97 (United States)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 80.77.87.166 (Clifton, United States) 2 redirects

ASN46636 (NATCOWEB, US)

cs.admanmedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 82.145.213.8 (Norway) 2 redirects

ASN39832 (NO-OPERA, NO)
PTR: n-sysadmin-jumpbox-03.feednews.opera.technology

t.adx.opera.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.251.167.156 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: ww-in-f156.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.22.16.68 (Manassas, United States) 1 redirects

ASN30633 (LEASEWEB-USA-WDC, US)

ssbsync-global.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 209.54.182.161 (Ashburn, United States)

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 162.248.18.32 (United States) 3 redirects

ASN62713 (AS-PUBMATIC, US)

image8.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.248.18.37 (United States) 1 redirects

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 198.148.27.131 (New York, United States) 2 redirects

ASN19189 (PULSEPOINT, US)

bh.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:ae80:1451:22::730 (United States) 4 redirects

ASN25751 (VALUECLICK, US)

prebid-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.225.218.10 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-225-218-10.compute-1.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:4e9:5a07:acdb:313c:b151:6999 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 190.2.153.150 (Naaldwijk, Netherlands) 1 redirects

ASN49981 (WORLDSTREAM, NL)

ad.mox.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.219.92.22 (United States)

ASN19318 (IS-AS-1, US)

inv-nets.admixer.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4004:c06::5e (Washington, United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.253.122.156 (United States)

ASN15169 (GOOGLE, US)
PTR: bh-in-f156.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c1d::95 (Washington, United States)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.165.240.123 (Naaldwijk, Netherlands)

ASN49981 (WORLDSTREAM, NL)
PTR: 185-165-240-123.hosted-by-worldstream.net

cdn.vidverto.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c1d::63 (Washington, United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
28	onetag-sys.com 3 redirects onetag-sys.com — Cisco Umbrella Rank: 707	13 KB
24	visele.ro www.ghicitul-in-cafea.visele.ro www.visele.ro	136 KB
22	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 110 tpc.googlesyndication.com — Cisco Umbrella Rank: 157	402 KB
17	vidverto.io ad.vidverto.io — Cisco Umbrella Rank: 35429 cdn.vidverto.io — Cisco Umbrella Rank: 45337	330 KB
14	google.com analytics.google.com — Cisco Umbrella Rank: 154 fundingchoicesmessages.google.com — Cisco Umbrella Rank: 1143 www.google.com — Cisco Umbrella Rank: 2	71 KB
13	doubleclick.net 4 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 38 stats.g.doubleclick.net — Cisco Umbrella Rank: 79 cm.g.doubleclick.net — Cisco Umbrella Rank: 260	53 KB
6	bidswitch.net 5 redirects x.bidswitch.net — Cisco Umbrella Rank: 373	3 KB
5	gstatic.com www.gstatic.com fonts.gstatic.com	84 KB
4	yahoo.com 3 redirects ups.analytics.yahoo.com — Cisco Umbrella Rank: 358 pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 495	1 KB
4	dotomi.com 4 redirects prebid-match.dotomi.com — Cisco Umbrella Rank: 1917	1 KB
4	pubmatic.com 4 redirects image8.pubmatic.com — Cisco Umbrella Rank: 664 image2.pubmatic.com — Cisco Umbrella Rank: 912	2 KB
4	adsrvr.org 4 redirects match.adsrvr.org — Cisco Umbrella Rank: 357	2 KB
4	googleapis.com imasdk.googleapis.com — Cisco Umbrella Rank: 485 fonts.googleapis.com — Cisco Umbrella Rank: 28	614 KB
3	rubiconproject.com 1 redirects pixel-eu.rubiconproject.com — Cisco Umbrella Rank: 2084 pixel.rubiconproject.com — Cisco Umbrella Rank: 381	3 KB
3	tapad.com 3 redirects pixel.tapad.com — Cisco Umbrella Rank: 501	1 KB
2	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 145
2	mox.tv 1 redirects ad.mox.tv — Cisco Umbrella Rank: 52892	300 B
2	contextweb.com 2 redirects bh.contextweb.com — Cisco Umbrella Rank: 523	1 KB
2	amazon-adsystem.com s.amazon-adsystem.com — Cisco Umbrella Rank: 326	958 B
2	opera.com 2 redirects t.adx.opera.com — Cisco Umbrella Rank: 1217	1 KB
2	admanmedia.com 2 redirects cs.admanmedia.com — Cisco Umbrella Rank: 973	1 KB
2	stickyadstv.com 2 redirects ads.stickyadstv.com — Cisco Umbrella Rank: 562	1 KB
2	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 253	2 KB
2	mfadsrvr.com 2 redirects rtb.mfadsrvr.com — Cisco Umbrella Rank: 1282	836 B
1	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 336	17 KB
1	admixer.net inv-nets.admixer.net — Cisco Umbrella Rank: 1841	421 B
1	smartadserver.com 1 redirects ssbsync-global.smartadserver.com — Cisco Umbrella Rank: 1724	252 B
1	mathtag.com 1 redirects sync.mathtag.com — Cisco Umbrella Rank: 1331	671 B
1	vidver.to ad.vidver.to — Cisco Umbrella Rank: 62947	155 B
1	adpartner.pro 1 redirects a4p.adpartner.pro — Cisco Umbrella Rank: 9812	258 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 37	89 KB
135	31

	Domain	Requested by
28	onetag-sys.com	3 redirects ad.vidverto.io onetag-sys.com
14	www.ghicitul-in-cafea.visele.ro	www.ghicitul-in-cafea.visele.ro
13	ad.vidverto.io	www.ghicitul-in-cafea.visele.ro ad.vidverto.io
13	pagead2.googlesyndication.com	www.ghicitul-in-cafea.visele.ro pagead2.googlesyndication.com googleads.g.doubleclick.net imasdk.googleapis.com tpc.googlesyndication.com
11	fundingchoicesmessages.google.com	pagead2.googlesyndication.com
10	www.visele.ro	www.ghicitul-in-cafea.visele.ro www.visele.ro
9	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
8	googleads.g.doubleclick.net	1 redirects pagead2.googlesyndication.com
6	x.bidswitch.net	5 redirects onetag-sys.com
4	cdn.vidverto.io	www.ghicitul-in-cafea.visele.ro
4	fonts.gstatic.com	fonts.googleapis.com ad.vidverto.io
4	prebid-match.dotomi.com	4 redirects
4	cm.g.doubleclick.net	3 redirects onetag-sys.com
4	match.adsrvr.org	4 redirects
3	ups.analytics.yahoo.com	2 redirects onetag-sys.com
3	image8.pubmatic.com	3 redirects
3	pixel.tapad.com	3 redirects
3	imasdk.googleapis.com	www.ghicitul-in-cafea.visele.ro imasdk.googleapis.com
2	www.googleadservices.com	www.ghicitul-in-cafea.visele.ro
2	ad.mox.tv	1 redirects onetag-sys.com
2	bh.contextweb.com	2 redirects
2	s.amazon-adsystem.com	onetag-sys.com
2	t.adx.opera.com	2 redirects
2	cs.admanmedia.com	2 redirects
2	pixel.rubiconproject.com	onetag-sys.com
2	ads.stickyadstv.com	2 redirects
2	ib.adnxs.com	2 redirects
2	rtb.mfadsrvr.com	2 redirects
2	analytics.google.com	www.googletagmanager.com
1	www.google.com	tpc.googlesyndication.com
1	s0.2mdn.net	imasdk.googleapis.com
1	inv-nets.admixer.net	ad.vidverto.io
1	pr-bh.ybp.yahoo.com	1 redirects
1	image2.pubmatic.com	1 redirects
1	ssbsync-global.smartadserver.com	1 redirects
1	pixel-eu.rubiconproject.com	1 redirects
1	sync.mathtag.com	1 redirects
1	www.gstatic.com	googleads.g.doubleclick.net
1	fonts.googleapis.com	googleads.g.doubleclick.net
1	ad.vidver.to	www.ghicitul-in-cafea.visele.ro
1	a4p.adpartner.pro	1 redirects
1	stats.g.doubleclick.net	www.googletagmanager.com
1	www.googletagmanager.com	www.ghicitul-in-cafea.visele.ro
135	43

This site contains links to these domains. Also see Links.

Domain
www.visele.ro
viata-anterioara.visele.ro
ghicitul-in-cafea.visele.ro
ghicitul-in-palma.visele.ro
www.ghicitulincarti.ro
horoscop.visele.ro
semnificatia-numelui.visele.ro
superstitii.visele.ro
bioritm.visele.ro
vidverto.io
www.facebook.com
www.youtube.com
twitter.com
www.sforaitul.ro
www.cancerlacolon.ro
www.comisioanele.ro
www.semnificatia-viselor.ro
www.cineainventat.ro

Subject Issuer	Validity	Valid
ghicitul-in-cafea.visele.ro R3	`2024-01-30` - `2024-04-29`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
visele.ro R3	`2023-12-17` - `2024-03-16`	3 months	crt.sh
ad.vidverto.io R3	`2023-11-23` - `2024-02-21`	3 months	crt.sh
*.google.com GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
*.onetag-sys.com DigiCert Global G3 TLS ECC SHA384 2020 CA1	`2024-01-23` - `2025-01-29`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-05` - `2024-04-03`	a year	crt.sh
*.admixer.net Sectigo ECC Domain Validation Secure Server CA	`2023-12-08` - `2024-12-07`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
cdn.vidverto.io R3	`2024-01-22` - `2024-04-21`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
www.google.com GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
ups.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-12-26` - `2024-06-19`	6 months	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2023-03-23` - `2024-03-23`	a year	crt.sh

This page contains 17 frames:

Primary Page: https://www.ghicitul-in-cafea.visele.ro/
Frame ID: E2C7982B974F81B8189BE41BAB6D090E
Requests: 75 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240124/r20190131/zrt_lookup_fy2021.html
Frame ID: D35E0001EE3E39C8CA4722D5B33621A0
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7658725291548330&output=html&adk=1812271804&adf=3025194257&lmt=1706730359&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=188x1080_l%7C188x1080_r&format=0x0&url=https%3A%2F%2Fwww.ghicitul-in-cafea.visele.ro%2F&pra=5&wgl=1&easpi=1&asro=0&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~3~4~6&aslcwct=150&asacwct=25&aslmct=0.5&asamct=0.5&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706730359022&bpp=38&bdt=260&idt=313&shv=r20240124&mjsv=m202401250101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=885186682325&frm=20&pv=2&ga_vid=1983624473.1706730359&ga_sid=1706730359&ga_hid=262910539&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320377%2C95320870%2C95320892%2C95323009&oid=2&pvsid=1492829663965137&tmod=1562015107&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=357
Frame ID: AF3292CA9DC6A97C928B25F327BD6D5B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7658725291548330&output=html&h=280&adk=1213588912&adf=2369281301&pi=t.aa~a.1795398077~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1706730359&rafmt=1&to=qs&pwprc=5444177883&format=1200x280&url=https%3A%2F%2Fwww.ghicitul-in-cafea.visele.ro%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706730359060&bpp=14&bdt=298&idt=329&shv=r20240124&mjsv=m202401250101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=885186682325&frm=20&pv=1&ga_vid=1983624473.1706730359&ga_sid=1706730359&ga_hid=262910539&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=199&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320377%2C95320870%2C95320892%2C95323009&oid=2&pvsid=1492829663965137&tmod=1562015107&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=343
Frame ID: 5718AC8DEE488144C91E9E8408967831
Requests: 15 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=
Frame ID: 5DEA8BA7B07057E67F6D622528D93529
Requests: 20 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-7658725291548330&output=html&h=600&adk=3582989967&adf=3754241251&pi=t.aa~a.316159829~rp.4&w=165&fwrn=4&fwrnh=100&lmt=1706730360&rafmt=1&to=qs&pwprc=5444177883&format=165x600&url=https%3A%2F%2Fwww.ghicitul-in-cafea.visele.ro%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706730360476&bpp=1&bdt=1714&idt=-M&shv=r20240124&mjsv=m202401250101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9ecc79d0a07ddf8b%3AT%3D1706730359%3ART%3D1706730359%3AS%3DALNI_MZQqIQxzXB2bwqYb69NhQnrdg1q4w&gpic=UID%3D00000dbc69f1bff8%3AT%3D1706730359%3ART%3D1706730359%3AS%3DALNI_MYWCJcbvG93Oc_txDJjoTC_FagjWw&eo_id_str=ID%3D82a3c4e2c9f7663a%3AT%3D1706730359%3ART%3D1706730359%3AS%3DAA-AfjZD6fiDNjWNZPWLZcUrRwNY&prev_fmts=0x0%2C1200x280&nras=3&correlator=885186682325&frm=20&pv=1&ga_vid=1983624473.1706730359&ga_sid=1706730359&ga_hid=262910539&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1367&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320377%2C95320870%2C95320892%2C95323009&oid=2&psts=AOrYGsnR3kK9lqLquOobkBoNhvPwAFHF_cq_mZax47eC7qlja7JIK-0S37mvkJm_XTqT46RExBCCWUZnoYJ1xEVSBxUK7GHw&pvsid=1492829663965137&tmod=1562015107&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=448
Frame ID: A385F0FE874781BA00032C501D940106
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-7658725291548330&output=html&h=240&adk=2223558045&adf=261726550&pi=t.aa~a.316154636~rp.4&w=165&fwrn=4&fwrnh=100&lmt=1706730360&rafmt=1&to=qs&pwprc=5444177883&format=165x240&url=https%3A%2F%2Fwww.ghicitul-in-cafea.visele.ro%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706730360476&bpp=1&bdt=1714&idt=-M&shv=r20240124&mjsv=m202401250101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9ecc79d0a07ddf8b%3AT%3D1706730359%3ART%3D1706730359%3AS%3DALNI_MZQqIQxzXB2bwqYb69NhQnrdg1q4w&gpic=UID%3D00000dbc69f1bff8%3AT%3D1706730359%3ART%3D1706730359%3AS%3DALNI_MYWCJcbvG93Oc_txDJjoTC_FagjWw&eo_id_str=ID%3D82a3c4e2c9f7663a%3AT%3D1706730359%3ART%3D1706730359%3AS%3DAA-AfjZD6fiDNjWNZPWLZcUrRwNY&prev_fmts=0x0%2C1200x280%2C165x600&nras=4&correlator=885186682325&frm=20&pv=1&ga_vid=1983624473.1706730359&ga_sid=1706730359&ga_hid=262910539&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=2243&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320377%2C95320870%2C95320892%2C95323009&oid=2&psts=AOrYGsnR3kK9lqLquOobkBoNhvPwAFHF_cq_mZax47eC7qlja7JIK-0S37mvkJm_XTqT46RExBCCWUZnoYJ1xEVSBxUK7GHw&pvsid=1492829663965137&tmod=1562015107&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=458
Frame ID: 9A844669B52935F9B92F551ACB0CD404
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-7658725291548330&output=html&h=90&adk=2820297975&adf=1712765404&pi=t.aa~a.1506372498~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1706730360&rafmt=1&to=qs&pwprc=5444177883&format=1200x90&url=https%3A%2F%2Fwww.ghicitul-in-cafea.visele.ro%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706730360476&bpp=1&bdt=1714&idt=-M&shv=r20240124&mjsv=m202401250101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9ecc79d0a07ddf8b%3AT%3D1706730359%3ART%3D1706730359%3AS%3DALNI_MZQqIQxzXB2bwqYb69NhQnrdg1q4w&gpic=UID%3D00000dbc69f1bff8%3AT%3D1706730359%3ART%3D1706730359%3AS%3DALNI_MYWCJcbvG93Oc_txDJjoTC_FagjWw&eo_id_str=ID%3D82a3c4e2c9f7663a%3AT%3D1706730359%3ART%3D1706730359%3AS%3DAA-AfjZD6fiDNjWNZPWLZcUrRwNY&prev_fmts=0x0%2C1200x280%2C165x600%2C165x240&nras=5&correlator=885186682325&frm=20&pv=1&ga_vid=1983624473.1706730359&ga_sid=1706730359&ga_hid=262910539&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3661&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320377%2C95320870%2C95320892%2C95323009&oid=2&psts=AOrYGsnR3kK9lqLquOobkBoNhvPwAFHF_cq_mZax47eC7qlja7JIK-0S37mvkJm_XTqT46RExBCCWUZnoYJ1xEVSBxUK7GHw&pvsid=1492829663965137&tmod=1562015107&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=474
Frame ID: 807D6CCF7155F2972E5C09A90C32A8D4
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-7658725291548330&output=html&h=50&adk=1099639076&adf=3066093774&pi=t.aa~a.3940500885~rp.4&w=1140&fwrn=4&fwrnh=100&lmt=1706730360&rafmt=1&to=qs&pwprc=5444177883&format=1140x50&url=https%3A%2F%2Fwww.ghicitul-in-cafea.visele.ro%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706730360476&bpp=1&bdt=1714&idt=0&shv=r20240124&mjsv=m202401250101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9ecc79d0a07ddf8b%3AT%3D1706730359%3ART%3D1706730359%3AS%3DALNI_MZQqIQxzXB2bwqYb69NhQnrdg1q4w&gpic=UID%3D00000dbc69f1bff8%3AT%3D1706730359%3ART%3D1706730359%3AS%3DALNI_MYWCJcbvG93Oc_txDJjoTC_FagjWw&eo_id_str=ID%3D82a3c4e2c9f7663a%3AT%3D1706730359%3ART%3D1706730359%3AS%3DAA-AfjZD6fiDNjWNZPWLZcUrRwNY&prev_fmts=0x0%2C1200x280%2C165x600%2C165x240%2C1200x90&nras=6&correlator=885186682325&frm=20&pv=1&ga_vid=1983624473.1706730359&ga_sid=1706730359&ga_hid=262910539&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=3551&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320377%2C95320870%2C95320892%2C95323009&oid=2&psts=AOrYGsnR3kK9lqLquOobkBoNhvPwAFHF_cq_mZax47eC7qlja7JIK-0S37mvkJm_XTqT46RExBCCWUZnoYJ1xEVSBxUK7GHw&pvsid=1492829663965137&tmod=1562015107&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=4&fsb=1&dtd=489
Frame ID: 0D88441651DD61122836AC46AFBFDB07
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/i_I7gtk5u389ZGUJiYlLngBTR4no54KgcGkAXYvtCUw.js
Frame ID: 68A5E9879F1EABB529EF7F027459E876
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.616.1_en.html
Frame ID: F159139E449334128252DD350B7B6AC8
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 13C4853D4FBF15E3EE9793195C4561A5
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.616.1_en.html
Frame ID: 606E05B05D7E460107E89B05C737EA80
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 9C37E950636E7E5178357C3A0ABB0802
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 2853819F6A9CEA88F2A89EF78523EB41
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 4153DA940C0017F4BE451D745278FB1F
Requests: 2 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1706730361209
Frame ID: 10A74F54341762B35F10D6EDF9E7EB51
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Ghicitul in cafea - tehnici si invataturi

Detected technologies

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Modernizr (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

/prebid\.js

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

135
Requests

77 %
HTTPS

34 %
IPv6

31
Domains

43
Subdomains

26
IPs

7
Countries

1811 kB
Transfer

5455 kB
Size

62
Cookies

51 Outgoing links

These are links going to different origins than the main page.

URL: https://www.visele.ro/
Title: Acasa

Search URL Search Domain Scan URL

URL: https://www.visele.ro/forum/lista-subiecte.php
Title: Forum

Search URL Search Domain Scan URL

URL: https://www.visele.ro/contact.php
Title: Contact

Search URL Search Domain Scan URL

URL: https://www.visele.ro/dictionar-de-vise.php
Title: Dictionar de vise

Search URL Search Domain Scan URL

URL: https://www.visele.ro/vise-cu-litera-a.php
Title: Vise cu litera A

Search URL Search Domain Scan URL

URL: https://www.visele.ro/vise-cu-litera-b.php
Title: Vise cu litera B

Search URL Search Domain Scan URL

URL: https://www.visele.ro/vise-cu-litera-c.php
Title: Vise cu litera C

Search URL Search Domain Scan URL

URL: https://www.visele.ro/vise-cu-litera-d.php
Title: Vise cu litera D

Search URL Search Domain Scan URL

URL: https://www.visele.ro/vise-cu-litera-e.php
Title: Vise cu litera E

Search URL Search Domain Scan URL

URL: https://www.visele.ro/vise-cu-litera-f.php
Title: Vise cu litera F

Search URL Search Domain Scan URL

URL: https://www.visele.ro/vise-cu-litera-g.php
Title: Vise cu litera G

Search URL Search Domain Scan URL

URL: https://www.visele.ro/vise-cu-litera-h.php
Title: Vise cu litera H

Search URL Search Domain Scan URL

URL: https://www.visele.ro/vise-cu-litera-i.php
Title: Vise cu litera I

Search URL Search Domain Scan URL

URL: https://www.visele.ro/vise-cu-litera-j.php
Title: Vise cu litera J

Search URL Search Domain Scan URL

URL: https://www.visele.ro/vise-cu-litera-k.php
Title: Vise cu litera K

Search URL Search Domain Scan URL

URL: https://www.visele.ro/vise-cu-litera-l.php
Title: Vise cu litera L

Search URL Search Domain Scan URL

URL: https://www.visele.ro/vise-cu-litera-m.php
Title: Vise cu litera M

Search URL Search Domain Scan URL

URL: https://www.visele.ro/vise-cu-litera-n.php
Title: Vise cu litera N

Search URL Search Domain Scan URL

URL: https://www.visele.ro/vise-cu-litera-o.php
Title: Vise cu litera O

Search URL Search Domain Scan URL

URL: https://www.visele.ro/vise-cu-litera-p.php
Title: Vise cu litera P

Search URL Search Domain Scan URL

URL: https://www.visele.ro/vise-cu-litera-r.php
Title: Vise cu litera R

Search URL Search Domain Scan URL

URL: https://www.visele.ro/vise-cu-litera-s.php
Title: Vise cu litera S

Search URL Search Domain Scan URL

URL: https://www.visele.ro/vise-cu-litera-t.php
Title: Vise cu litera T

Search URL Search Domain Scan URL

URL: https://www.visele.ro/vise-cu-litera-u.php
Title: Vise cu litera U

Search URL Search Domain Scan URL

URL: https://www.visele.ro/vise-cu-litera-v.php
Title: Vise cu litera V

Search URL Search Domain Scan URL

URL: https://www.visele.ro/vise-cu-litera-w.php
Title: Vise cu litera W

Search URL Search Domain Scan URL

URL: https://www.visele.ro/vise-cu-litera-x.php
Title: Vise cu litera X

Search URL Search Domain Scan URL

URL: https://www.visele.ro/vise-cu-litera-y.php
Title: Vise cu litera Y

Search URL Search Domain Scan URL

URL: https://www.visele.ro/vise-cu-litera-z.php
Title: Vise cu litera Z

Search URL Search Domain Scan URL

URL: https://viata-anterioara.visele.ro/
Title: Viata anterioara

Search URL Search Domain Scan URL

URL: http://ghicitul-in-cafea.visele.ro/
Title: Ghicitul in cafea

Search URL Search Domain Scan URL

URL: http://ghicitul-in-palma.visele.ro/
Title: Ghicitul in palma

Search URL Search Domain Scan URL

URL: https://www.ghicitulincarti.ro/
Title: Ghicitul in carti

Search URL Search Domain Scan URL

URL: https://horoscop.visele.ro/
Title: Horoscop

Search URL Search Domain Scan URL

URL: http://semnificatia-numelui.visele.ro/
Title: Semnificatia numelui

Search URL Search Domain Scan URL

URL: https://superstitii.visele.ro/
Title: Superstitii

Search URL Search Domain Scan URL

URL: https://bioritm.visele.ro/
Title: Bioritm

Search URL Search Domain Scan URL

URL: https://vidverto.io/

Search URL Search Domain Scan URL

URL: https://www.visele.ro/inregistrare.php
Title: Inregirstrare cont

Search URL Search Domain Scan URL

URL: https://www.facebook.com/dictionardevise
Title: Facebook

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UC6rsBrrjVU2zz6pTEyw0frw
Title: Youtube

Search URL Search Domain Scan URL

URL: https://twitter.com/dictionarvise
Title: Twitter

Search URL Search Domain Scan URL

URL: http://www.sforaitul.ro/
Title: Sforaitul

Search URL Search Domain Scan URL

URL: http://www.cancerlacolon.ro/
Title: Cancer de colon

Search URL Search Domain Scan URL

URL: http://www.comisioanele.ro/comisioane-moneygram/
Title: Comisioane Moneygram

Search URL Search Domain Scan URL

URL: http://www.comisioanele.ro/comisioane-western-union/
Title: Comisioane Western Union

Search URL Search Domain Scan URL

URL: http://www.semnificatia-viselor.ro/
Title: Semnificatia viselor

Search URL Search Domain Scan URL

URL: http://www.cineainventat.ro/
Title: Inventii

Search URL Search Domain Scan URL

URL: http://www.semnificatia-viselor.ro/farmece/
Title: Farmece

Search URL Search Domain Scan URL

URL: http://www.semnificatia-viselor.ro/farmece/descantecele.php
Title: Descantece

Search URL Search Domain Scan URL

URL: https://www.visele.ro/confidentialitate.php
Title: Politica de confidentialitate

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 40

https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fad.vidverto.io%2Fdelivery%2Fv2%2Fsync%3Fuserid%3D%7Buser_id%7D%26p_id%3D23 HTTP 302
https://ad.vidverto.io/delivery/v2/sync?userid=674c798d-6a7b-4efb-ba01-ac54e9995205&p_id=23

Request Chain 41

https://x.bidswitch.net/sync?ssp=prodoohmox&user_id=beffed39-db5a-4edb-b646-5c26ad1ccdbb&gdpr=0&gdpr_consent= HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=prodoohmox&user_id=beffed39-db5a-4edb-b646-5c26ad1ccdbb&gdpr=0&gdpr_consent= HTTP 302
https://pixel.tapad.com/idsync/ex/receive?partner_id=3205&partner_device_id=8607be8d-a986-426e-b314-c983d715e8d8&partner_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D437%26ssp%3Dprodoohmox%26user_id%3D HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3205&partner_device_id=8607be8d-a986-426e-b314-c983d715e8d8&partner_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D437%26ssp%3Dprodoohmox%26user_id%3D HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=726b09a9-fd15-4a94-a4cb-e58865ac3ccb%252Chttps%25253A%25252F%25252Fx.bidswitch.net%25252Fsync%25253Fdsp_id%25253D437%252526ssp%25253Dprodoohmox%252526user_id%25253D%252C&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=726b09a9-fd15-4a94-a4cb-e58865ac3ccb%252Chttps%25253A%25252F%25252Fx.bidswitch.net%25252Fsync%25253Fdsp_id%25253D437%252526ssp%25253Dprodoohmox%252526user_id%25253D%252C&gdpr=0&gdpr_consent= HTTP 302
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=6edc52bc-27e4-4f2b-bb90-bad0470989f5&ttd_puid=726b09a9-fd15-4a94-a4cb-e58865ac3ccb%2Chttps%253A%252F%252Fx.bidswitch.net%252Fsync%253Fdsp_id%253D437%2526ssp%253Dprodoohmox%2526user_id%253D%2C HTTP 302
https://x.bidswitch.net/sync?dsp_id=437&ssp=prodoohmox&user_id= HTTP 302
https://ad.vidver.to/delivery/v2/sync?userid=8607be8d-a986-426e-b314-c983d715e8d8&p_id=15

Request Chain 53

https://rtb.mfadsrvr.com/sync?ssp=onetag&ssp_user_id=g72Dh4m_ytTtsMc8Gmnc6yQmgrm8927gFq9HGkR7m4w HTTP 302
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=onetag&ssp_user_id=g72Dh4m_ytTtsMc8Gmnc6yQmgrm8927gFq9HGkR7m4w HTTP 302
https://onetag-sys.com/match/?int_id=160&uid=fce124bc-f65b-476a-a7b8-8a8dc5dbf0e3

Request Chain 54

https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://onetag-sys.com/match/?int_id=1&uid=dac465ba-a378-4800-b264-4d4e16313560&gdpr=0&gdpr_consent=

Request Chain 55

https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag&gdpr=0&gdpr_consent= HTTP 302
https://onetag-sys.com/match/?int_id=2&uid=LS276UUP-24-KT8O&gdpr=0

Request Chain 56

https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D0%26gdpr_consent%3D%26uid%3D$UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fonetag-sys.com%252Fmatch%252F%253Fint_id%253D98%2526gdpr%253D0%2526gdpr_consent%253D%2526uid%253D%24UID HTTP 302
https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=4547992079856504676

Request Chain 57

https://ads.stickyadstv.com/user-matching?id=3679&gdpr=0&gdpr_consent= HTTP 302
https://onetag-sys.com/match/?int_id=3&uid=e643c03e4e8ca4ffc2366ef420a0735a&gdpr_consent=&gdpr=0

Request Chain 59

https://cs.admanmedia.com/73c1e1bfc3bde354d60b80e601ae3914.gif?puid=[UID]&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D164%26gdpr%3D%24%7BGDPR%7D%26gdpr_consent%3D%24%7BGDPR_STRING%7D%26uid%3D%5BUID%5D&gdpr=0&gdpr_consent=&ccpa=&coppa= HTTP 302
https://onetag-sys.com/match/?int_id=164&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=b4a49eda-4893-4edf-aaee-82bfc1cf327f

Request Chain 60

https://t.adx.opera.com/pub/sync?pubid=pub10101531197440 HTTP 302
https://onetag-sys.com/match/?gdpr=&gdpr_consent=%24%7BGDPR_STRING%7D&int_id=168&uid=OPUe552fbe545014cbf9f162d5c6ad3a43d

Request Chain 61

https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABjWEOjtPF9DWUYHd_Vx5An3xTao0SrzmMdw

Request Chain 62

https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D107%26uid%3D[ssb_sync_pid] HTTP 302
https://onetag-sys.com/match/?int_id=107&uid=2007631507573146312

Request Chain 63

https://onetag-sys.com/match/?int_id=113&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1 HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=g72Dh4m_ytTtsMc8Gmnc6yQmgrm8927gFq9HGkR7m4w

Request Chain 64

https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=0&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26gdpr%3D${GDPR}%26gdpr_consent%3D${GDPR_STRING}%26uid%3D%23PMUID HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=0&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26gdpr%3D${GDPR}%26gdpr_consent%3D${GDPR_STRING}%26uid%3D%23PMUID&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NEQyRTNDMTktNDk0Mi00RUVFLTlEMkMtRUVCMDFFMUE4OTBC&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent= HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=4D2E3C19-4942-4EEE-9D2C-EEB01E1A890B

Request Chain 65

https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm HTTP 302
https://onetag-sys.com/match/?int_id=106&google_gid=CAESELSm1C1tlWaIwvIP72qlw-E&google_cver=1

Request Chain 66

https://bh.contextweb.com/bh/rtset?pid=562985&ev=1&us_privacy=&rurl=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D149%26gdpr%3D%24%7BGDPR%7D%26gdpr_consent%3D%24%7BGDPR_STRING%7D%26uid%3D%25%25VGUID%25%25 HTTP 302
https://onetag-sys.com/match/?int_id=149&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=PQsFBDa1KvfJ&ev=1&us_privacy=&pid=562985

Request Chain 67

https://prebid-match.dotomi.com/match/bounce/current?version=1&networkId=72582&rurl=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D90%26gdpr%3D0%26gdpr_consent%3D%26uid%3D HTTP 302
https://prebid-match.dotomi.com/match/bounce/current?DotomiTest=5ec5871289f30ff8&is_secure=true&version=1&networkId=72582&rurl=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D90%26gdpr%3D0%26gdpr_consent%3D%26uid%3D HTTP 302
https://onetag-sys.com/match/?int_id=90&gdpr=0&gdpr_consent=&uid=AAAGuPX7omvXfgN9A6HDAAAAAAA&expiration=1706816761

Request Chain 68

https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=0&gdpr_consent= HTTP 302
https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=0&gdpr_consent=&verify=true HTTP 302
https://onetag-sys.com/match/?int_id=92&uid=y-vdDhNjRE2uERBp66oyP7uGjn_M5cxK7bLBJXwoA-~A

Request Chain 69

https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=0&gdpr_consent= HTTP 302
https://onetag-sys.com/match/?int_id=29&uid=6edc52bc-27e4-4f2b-bb90-bad0470989f5&gdpr=0&gdpr_consent=

Request Chain 70

https://x.bidswitch.net/sync?ssp=onetag&gdpr=0&gdpr_consent= HTTP 302
https://pr-bh.ybp.yahoo.com/sync/iponweb?bidswitch_ssp_id=onetag&ssp_user_id=8607be8d-a986-426e-b314-c983d715e8d8&gdpr=0&gdpr_consent= HTTP 302
https://x.bidswitch.net/sync?dsp_id=74&&user_id=y-7.xAMEtE2plnI5AQENtKOAGzi09qS_C1Bm08Xw--~A&expires=5&ssp=onetag HTTP 302
https://onetag-sys.com/match/?int_id=30&uid=8607be8d-a986-426e-b314-c983d715e8d8&gdpr=&gdpr_consent=&us_privacy=

Request Chain 71

https://ad.mox.tv/delivery/sync?userid=g72Dh4m_ytTtsMc8Gmnc6yQmgrm8927gFq9HGkR7m4w&p_id=5 HTTP 301
https://ad.mox.tv/delivery/v2/sync?userid=g72Dh4m_ytTtsMc8Gmnc6yQmgrm8927gFq9HGkR7m4w&p_id=5

Request Chain 85

https://googleads.g.doubleclick.net/pagead/adview?ai=CHbLod6O6ZejQG8WI3rsP0o6S2AO6_vDKdeXjypCQErHR_d8FEAEg--W4DGDJ7o6LwKSMEKABqsDC7inIAQmpAjOWNy3ILrI-qAMByAPLBKoE7AFP0MdGtShS2Odyep2IMfmC6cWoBAsnlw623FKj75NMM4mlUpfnbEkE-yTNZqvg77OeFDok54eQ2-Yz-DDx-yOR8Gu0aX4L4Cx9TxiEs-y2YcGQelQ_Ecdzw1MY0qa73EFO4sx0AnFSWMuGOiTToE41Dygz4zL9LaHgwAKC_CdbxF8DlzBqa2lpmAReksXmM89ltZxYxe-2Hv1Me7h6alnhgEXeWQSDQSON081XheBqpmJkrWpnZg-Zj5OOFs1HLnqkyU32fLm9BWs1j-9A7b8cqB8MuhBYX0h9V4fb8bNSULjEZPJmJ6V_G3WfmMAEiduqpNcEiAWP4qzvTZIFBAgEGAGSBQQIBRgEoAYugAeZl4e1BagH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcA8gcEEJyyA9IIHwiAYRABGB8yAooCOgSAQIBASL39wTpYra21hrKIhAOaCdMCaHR0cHM6Ly9vcHRpb25pc2guY29tL2xhbmRlcj9xdWVyeT1iZXN0K3BhcmNlbCthdWRpdCtzb2Z0d2FyZSZ1dG1fc291cmNlPWdvb2dsZXMmcF9pZD02MzQxJmNfaWQ9MjA5MDMwNDc0MzkmYV9pZD0xNjA4NjkwMzU0MDEmdXRtX2NvbnRlbnQ9YmVzdCtwYXJjZWwrYXVkaXQrc29mdHdhcmUmd2M9MTUmcGw9OTAwNTUzMiZ1dG1fdGVybT1iZXN0K3BhcmNlbCthdWRpdCtzb2Z0d2FyZSUyQ2RhdGErY29tcGxpYW5jZStzb2Z0d2FyZSUyQ3BhcmNlbCthdWRpdCtzb2Z0d2FyZSUyQ3BhcmNlbCtpbnZvaWNlK2F1ZGl0JTJDcGFyY2VsK2F1ZGl0JTJDY29tcGxpYW5jZSttYW5hZ2VtZW50K3NvZnR3YXJlgAoByAsB2gwRCgsQ0J6Do9XehIfPARICAQO4E-QD2BMM0BUBgBcBshccChoIABIUcHViLTc2NTg3MjUyOTE1NDgzMzAYAA&sigh=vL5gXrYLzaw&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTwAvHhf_fb_yYn4Q2a-BSC3Thn6K3plncXgDDMNj0unFdSashQXDhQsWkHuxTBGMJFEnIGUupb7D-rbbU6mw4m9-IMTrG9r1brVgy60wLuUYAQ&template_id=484&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x423b32eec45aedaf0000000000000000%22,%222%22:%220x1ca2d29b94700c8c0000000000000000%22,%223%22:%220x1c741767503b9f820000000000000000%22,%224%22:%220xa905d8006302c5030000000000000000%22,%225%22:%220x8f5b255ccce41b7b0000000000000000%22},%22debug_key%22:%2213697302216009607348%22,%22debug_reporting%22:true,%22destination%22:%22https://optionish.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211237629994%22],%2222%22:[%22true%22],%224%22:[%2201-31%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2211143779162951045441%22}&andc=true

Request Chain 126

https://ads.stickyadstv.com/user-matching?id=3679&gdpr=1&gdpr_consent= HTTP 302
https://onetag-sys.com/match/?int_id=3&uid=e643c03e4e8ca4ffc2366ef420a0735a&gdpr_consent=&gdpr=1

Request Chain 128

https://cs.admanmedia.com/73c1e1bfc3bde354d60b80e601ae3914.gif?puid=[UID]&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D164%26gdpr%3D%24%7BGDPR%7D%26gdpr_consent%3D%24%7BGDPR_STRING%7D%26uid%3D%5BUID%5D&gdpr=1&gdpr_consent=&ccpa=&coppa= HTTP 302
https://onetag-sys.com/match/?int_id=164&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=b4a49eda-4893-4edf-aaee-82bfc1cf327f

Request Chain 129

https://t.adx.opera.com/pub/sync?pubid=pub10101531197440 HTTP 302
https://onetag-sys.com/match/?gdpr=&gdpr_consent=%24%7BGDPR_STRING%7D&int_id=168&uid=OPUe552fbe545014cbf9f162d5c6ad3a43d

Request Chain 130

https://onetag-sys.com/match/?int_id=113&gdpr=1&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1 HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=xOWtfEUx-oFpzf-jnYIvRCdO56gQs_VZe79lBmEAo8M

Request Chain 131

https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm HTTP 302
https://onetag-sys.com/match/?int_id=106&google_gid=CAESELSm1C1tlWaIwvIP72qlw-E&google_cver=1

Request Chain 132

https://bh.contextweb.com/bh/rtset?pid=562985&ev=1&us_privacy=&rurl=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D149%26gdpr%3D%24%7BGDPR%7D%26gdpr_consent%3D%24%7BGDPR_STRING%7D%26uid%3D%25%25VGUID%25%25 HTTP 302
https://onetag-sys.com/match/?int_id=149&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=PQsFBDa1KvfJ&ev=1&us_privacy=&pid=562985

Request Chain 133

https://prebid-match.dotomi.com/match/bounce/current?version=1&networkId=72582&rurl=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D90%26gdpr%3D0%26gdpr_consent%3D%26uid%3D HTTP 302
https://prebid-match.dotomi.com/match/bounce/current?DotomiTest=1dd9cd931eb51557&is_secure=true&version=1&networkId=72582&rurl=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D90%26gdpr%3D0%26gdpr_consent%3D%26uid%3D HTTP 302
https://onetag-sys.com/match/?int_id=90&gdpr=0&gdpr_consent=&uid=AAAGuPX7omvX8ANF-OWoAAAAAAA&expiration=1706816764

Request Chain 135

https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=1&gdpr_consent= HTTP 302
https://onetag-sys.com/match/?int_id=29&uid=6edc52bc-27e4-4f2b-bb90-bad0470989f5&gdpr=0&gdpr_consent=

135 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.ghicitul-in-cafea.visele.ro/ 54 KB
16 KB 1254ms
345ms Document
text/html 188.247.130.221
TIER-DATA-CENTER

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ghicitul-in-cafea.visele.ro/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.247.130.221 , Romania, ASN50515 (TIER-DATA-CENTER, RO),

Reverse DNS

mail.twoside.ro

Software

nginx/1.20.2 /

Resource Hash

facbe5d25cb610fd4917bccf6811729a08ff1c9a6cc5fc538df3193452811917

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: max-age=0, no-cache, no-store
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Wed, 31 Jan 2024 19:45:58 GMT
pragma: no-cache
server: nginx/1.20.2
strict-transport-security: max-age=31536000;
x-mod-pagespeed: 1.13.35.2-0
x-page-speed: 1.13.35.2-0

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 264 KB
89 KB 135ms
59ms Script
application/javascript 2607:f8b0:4004:c17::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-XNG1RRT3E2

Requested by

Host: www.ghicitul-in-cafea.visele.ro
URL: https://www.ghicitul-in-cafea.visele.ro/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8a52fae2b15c66cfcc9e1d3fe3582ba6a50f8882bd09b91019c680ebae508c58

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.ghicitul-in-cafea.visele.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 19:45:58 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 91222
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 31 Jan 2024 19:45:58 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 152 KB
51 KB 137ms
62ms Script
text/javascript 2607:f8b0:4004:c1b::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7658725291548330

Requested by

Host: www.ghicitul-in-cafea.visele.ro
URL: https://www.ghicitul-in-cafea.visele.ro/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d6f328f7cc5f46e438c1b810c0bff08043c5dbb6d9f3b2608b7a95d5767074f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ghicitul-in-cafea.visele.ro/
Origin: https://www.ghicitul-in-cafea.visele.ro
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 19:45:58 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51864
x-xss-protection: 0
server: cafe
etag: 8863026711189539172
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Wed, 31 Jan 2024 19:45:58 GMT

GET
H2 200 modernizr.js Show response
www.visele.ro/vendor/modernizr/ 8 KB
4 KB 1925ms
438ms Script
application/javascript 188.247.130.221
TIER-DATA-CENTER

General

Check archive.org

Show headers Download Go to

Full URL

https://www.visele.ro/vendor/modernizr/modernizr.js?update=12

Requested by

Host: www.ghicitul-in-cafea.visele.ro
URL: https://www.ghicitul-in-cafea.visele.ro/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.247.130.221 , Romania, ASN50515 (TIER-DATA-CENTER, RO),

Reverse DNS

mail.twoside.ro

Software

nginx/1.20.2 /

Resource Hash

0e386ec40a4551f6ee228dfd09918c8c07ba780f2ee6fc72ba1432e81f479df6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.ghicitul-in-cafea.visele.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000;
content-encoding: gzip
date: Wed, 31 Jan 2024 19:46:00 GMT
x-original-content-length: 8300
server: nginx/1.20.2
etag: W/"PSA-aj-QLAr_5aVgJ"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=9039140
content-length: 3481
expires: Wed, 15 May 2024 10:38:21 GMT

GET
H2 200 logo.png
www.visele.ro/img/ 1 KB
1 KB 1909ms
423ms Image
image/png 188.247.130.221
TIER-DATA-CENTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.visele.ro/img/logo.png

Requested by

Host: www.ghicitul-in-cafea.visele.ro
URL: https://www.ghicitul-in-cafea.visele.ro/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.247.130.221 , Romania, ASN50515 (TIER-DATA-CENTER, RO),

Reverse DNS

mail.twoside.ro

Software

nginx/1.20.2 /

Resource Hash

c4d0100bb6be2451e26336757493faa7dbcf58c215bc90af0dabf74dddac25c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.ghicitul-in-cafea.visele.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000;
date: Fri, 17 Nov 2023 10:52:17 GMT
server: nginx/1.20.2
etag: "5c00071c-50e"
content-type: image/png
cache-control: max-age=15552000
accept-ranges: bytes
content-length: 1294
expires: Wed, 15 May 2024 10:52:17 GMT

GET
H2 404 xinel-in-cafea.png.pagespeed.ic.6B_zeKizZf.webp
www.ghicitul-in-cafea.visele.ro/media/ 555 B
555 B 153ms
148ms Image
text/html 188.247.130.221
TIER-DATA-CENTER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.ghicitul-in-cafea.visele.ro/media/xinel-in-cafea.png.pagespeed.ic.6B_zeKizZf.webp
Requested by: Host: www.ghicitul-in-cafea.visele.ro
URL: https://www.ghicitul-in-cafea.visele.ro/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 188.247.130.221 , Romania, ASN50515 (TIER-DATA-CENTER, RO),
Reverse DNS: mail.twoside.ro
Software: nginx/1.20.2 /
Resource Hash: 680a11e8d8d61e7731d3f814dbed1503792180638f22ef3e79d958194152c8e9

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.ghicitul-in-cafea.visele.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 19:45:58 GMT
content-encoding: gzip
server: nginx/1.20.2
content-type: text/html

GET
H2 404 xcaine-in-cafea.png.pagespeed.ic.q21kTR6bYp.webp
www.ghicitul-in-cafea.visele.ro/media/ 555 B
555 B 153ms
149ms Image
text/html 188.247.130.221
TIER-DATA-CENTER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.ghicitul-in-cafea.visele.ro/media/xcaine-in-cafea.png.pagespeed.ic.q21kTR6bYp.webp
Requested by: Host: www.ghicitul-in-cafea.visele.ro
URL: https://www.ghicitul-in-cafea.visele.ro/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 188.247.130.221 , Romania, ASN50515 (TIER-DATA-CENTER, RO),
Reverse DNS: mail.twoside.ro
Software: nginx/1.20.2 /
Resource Hash: 680a11e8d8d61e7731d3f814dbed1503792180638f22ef3e79d958194152c8e9

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.ghicitul-in-cafea.visele.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 19:45:58 GMT
content-encoding: gzip
server: nginx/1.20.2
content-type: text/html

GET
H2 404 xcal-in-cafea.png.pagespeed.ic.Op-2gPI0Be.webp
www.ghicitul-in-cafea.visele.ro/media/ 555 B
555 B 157ms
153ms Image
text/html 188.247.130.221
TIER-DATA-CENTER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.ghicitul-in-cafea.visele.ro/media/xcal-in-cafea.png.pagespeed.ic.Op-2gPI0Be.webp
Requested by: Host: www.ghicitul-in-cafea.visele.ro
URL: https://www.ghicitul-in-cafea.visele.ro/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 188.247.130.221 , Romania, ASN50515 (TIER-DATA-CENTER, RO),
Reverse DNS: mail.twoside.ro
Software: nginx/1.20.2 /
Resource Hash: 680a11e8d8d61e7731d3f814dbed1503792180638f22ef3e79d958194152c8e9

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.ghicitul-in-cafea.visele.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 19:45:58 GMT
content-encoding: gzip
server: nginx/1.20.2
content-type: text/html

GET
H2 404 xanimale-in-cafea.png.pagespeed.ic.FSXPZn0POd.webp
www.ghicitul-in-cafea.visele.ro/media/ 555 B
555 B 161ms
157ms Image
text/html 188.247.130.221
TIER-DATA-CENTER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.ghicitul-in-cafea.visele.ro/media/xanimale-in-cafea.png.pagespeed.ic.FSXPZn0POd.webp
Requested by: Host: www.ghicitul-in-cafea.visele.ro
URL: https://www.ghicitul-in-cafea.visele.ro/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 188.247.130.221 , Romania, ASN50515 (TIER-DATA-CENTER, RO),
Reverse DNS: mail.twoside.ro
Software: nginx/1.20.2 /
Resource Hash: 680a11e8d8d61e7731d3f814dbed1503792180638f22ef3e79d958194152c8e9

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.ghicitul-in-cafea.visele.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 19:45:58 GMT
content-encoding: gzip
server: nginx/1.20.2
content-type: text/html

GET
H2 404 xlitere-in-cafea.png.pagespeed.ic.TeXAkL8Ou5.webp
www.ghicitul-in-cafea.visele.ro/media/ 555 B
555 B 161ms
158ms Image
text/html 188.247.130.221
TIER-DATA-CENTER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.ghicitul-in-cafea.visele.ro/media/xlitere-in-cafea.png.pagespeed.ic.TeXAkL8Ou5.webp
Requested by: Host: www.ghicitul-in-cafea.visele.ro
URL: https://www.ghicitul-in-cafea.visele.ro/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 188.247.130.221 , Romania, ASN50515 (TIER-DATA-CENTER, RO),
Reverse DNS: mail.twoside.ro
Software: nginx/1.20.2 /
Resource Hash: 680a11e8d8d61e7731d3f814dbed1503792180638f22ef3e79d958194152c8e9

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.ghicitul-in-cafea.visele.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 19:45:58 GMT
content-encoding: gzip
server: nginx/1.20.2
content-type: text/html

GET
H2 404 xsarpe-in-cafea.png.pagespeed.ic.NIvOAzAMuQ.webp
www.ghicitul-in-cafea.visele.ro/media/ 555 B
555 B 161ms
158ms Image
text/html 188.247.130.221
TIER-DATA-CENTER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.ghicitul-in-cafea.visele.ro/media/xsarpe-in-cafea.png.pagespeed.ic.NIvOAzAMuQ.webp
Requested by: Host: www.ghicitul-in-cafea.visele.ro
URL: https://www.ghicitul-in-cafea.visele.ro/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 188.247.130.221 , Romania, ASN50515 (TIER-DATA-CENTER, RO),
Reverse DNS: mail.twoside.ro
Software: nginx/1.20.2 /
Resource Hash: 680a11e8d8d61e7731d3f814dbed1503792180638f22ef3e79d958194152c8e9

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.ghicitul-in-cafea.visele.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 19:45:58 GMT
content-encoding: gzip
server: nginx/1.20.2
content-type: text/html

GET
H2 404 xghicitul-in-cafea.jpg.pagespeed.ic.vionf38GLc.webp
www.ghicitul-in-cafea.visele.ro/img/ 555 B
555 B 162ms
159ms Image
text/html 188.247.130.221
TIER-DATA-CENTER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.ghicitul-in-cafea.visele.ro/img/xghicitul-in-cafea.jpg.pagespeed.ic.vionf38GLc.webp
Requested by: Host: www.ghicitul-in-cafea.visele.ro
URL: https://www.ghicitul-in-cafea.visele.ro/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 188.247.130.221 , Romania, ASN50515 (TIER-DATA-CENTER, RO),
Reverse DNS: mail.twoside.ro
Software: nginx/1.20.2 /
Resource Hash: 680a11e8d8d61e7731d3f814dbed1503792180638f22ef3e79d958194152c8e9

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.ghicitul-in-cafea.visele.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 19:45:58 GMT
content-encoding: gzip
server: nginx/1.20.2
content-type: text/html

GET
H2 404 xibric.jpg.pagespeed.ic.0wMMA3mUYE.webp
www.ghicitul-in-cafea.visele.ro/img/ 555 B
555 B 162ms
160ms Image
text/html 188.247.130.221
TIER-DATA-CENTER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.ghicitul-in-cafea.visele.ro/img/xibric.jpg.pagespeed.ic.0wMMA3mUYE.webp
Requested by: Host: www.ghicitul-in-cafea.visele.ro
URL: https://www.ghicitul-in-cafea.visele.ro/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 188.247.130.221 , Romania, ASN50515 (TIER-DATA-CENTER, RO),
Reverse DNS: mail.twoside.ro
Software: nginx/1.20.2 /
Resource Hash: 680a11e8d8d61e7731d3f814dbed1503792180638f22ef3e79d958194152c8e9

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.ghicitul-in-cafea.visele.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 19:45:58 GMT
content-encoding: gzip
server: nginx/1.20.2
content-type: text/html

GET
H2 404 xghicit-in-cafea-detalii1.jpg.pagespeed.ic.ejMp0NSpfu.webp
www.ghicitul-in-cafea.visele.ro/img/ 555 B
555 B 162ms
160ms Image
text/html 188.247.130.221
TIER-DATA-CENTER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.ghicitul-in-cafea.visele.ro/img/xghicit-in-cafea-detalii1.jpg.pagespeed.ic.ejMp0NSpfu.webp
Requested by: Host: www.ghicitul-in-cafea.visele.ro
URL: https://www.ghicitul-in-cafea.visele.ro/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 188.247.130.221 , Romania, ASN50515 (TIER-DATA-CENTER, RO),
Reverse DNS: mail.twoside.ro
Software: nginx/1.20.2 /
Resource Hash: 680a11e8d8d61e7731d3f814dbed1503792180638f22ef3e79d958194152c8e9

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.ghicitul-in-cafea.visele.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 19:45:58 GMT
content-encoding: gzip
server: nginx/1.20.2
content-type: text/html

GET
H2 404 xceasca-de-cafea.jpg.pagespeed.ic.juH4pAiuVS.webp
www.ghicitul-in-cafea.visele.ro/img/ 555 B
555 B 163ms
161ms Image
text/html 188.247.130.221
TIER-DATA-CENTER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.ghicitul-in-cafea.visele.ro/img/xceasca-de-cafea.jpg.pagespeed.ic.juH4pAiuVS.webp
Requested by: Host: www.ghicitul-in-cafea.visele.ro
URL: https://www.ghicitul-in-cafea.visele.ro/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 188.247.130.221 , Romania, ASN50515 (TIER-DATA-CENTER, RO),
Reverse DNS: mail.twoside.ro
Software: nginx/1.20.2 /
Resource Hash: 680a11e8d8d61e7731d3f814dbed1503792180638f22ef3e79d958194152c8e9

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.ghicitul-in-cafea.visele.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 19:45:58 GMT
content-encoding: gzip
server: nginx/1.20.2
content-type: text/html

GET
H2 404 xghicit-in-cafea-detalii2.jpg.pagespeed.ic.vAUVNM87Z7.webp
www.ghicitul-in-cafea.visele.ro/img/ 555 B
555 B 283ms
281ms Image
text/html 188.247.130.221
TIER-DATA-CENTER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.ghicitul-in-cafea.visele.ro/img/xghicit-in-cafea-detalii2.jpg.pagespeed.ic.vAUVNM87Z7.webp
Requested by: Host: www.ghicitul-in-cafea.visele.ro
URL: https://www.ghicitul-in-cafea.visele.ro/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 188.247.130.221 , Romania, ASN50515 (TIER-DATA-CENTER, RO),
Reverse DNS: mail.twoside.ro
Software: nginx/1.20.2 /
Resource Hash: 680a11e8d8d61e7731d3f814dbed1503792180638f22ef3e79d958194152c8e9

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.ghicitul-in-cafea.visele.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 19:45:58 GMT
content-encoding: gzip
server: nginx/1.20.2
content-type: text/html

GET
H2 200 invocation.js Show response
ad.vidverto.io/vidverto/js/aries/v1/ 26 KB
8 KB 443ms
113ms Script
application/javascript 185.132.133.134
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Requested by: Host: www.ghicitul-in-cafea.visele.ro
URL: https://www.ghicitul-in-cafea.visele.ro/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.132.133.134 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 185-132-133-134.hosted-by-worldstream.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 786c7be1974ccce2bd33de1579abfd3bf4343ea99da16780ffa18c27b4cb6ee2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.ghicitul-in-cafea.visele.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 19:45:59 GMT
content-encoding: gzip
last-modified: Thu, 16 Nov 2023 09:10:40 GMT
server: nginx/1.14.0 (Ubuntu)
etag: W/"6555dc90-66a0"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=3600, public, max-age=3600
expires: Wed, 31 Jan 2024 20:45:59 GMT

GET
H2 200 logo-footer.png
www.visele.ro/img/ 1 KB
1 KB 1923ms
439ms Image
image/png 188.247.130.221
TIER-DATA-CENTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.visele.ro/img/logo-footer.png

Requested by

Host: www.ghicitul-in-cafea.visele.ro
URL: https://www.ghicitul-in-cafea.visele.ro/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.247.130.221 , Romania, ASN50515 (TIER-DATA-CENTER, RO),

Reverse DNS

mail.twoside.ro

Software

nginx/1.20.2 /

Resource Hash

9e0d9305d9b6d1180d688dd067a1d2d7bd7a36fa061727e9dcf1e13db5b47a66

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.ghicitul-in-cafea.visele.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000;
date: Fri, 17 Nov 2023 10:38:11 GMT
server: nginx/1.20.2
etag: "5c0006d8-424"
content-type: image/png
cache-control: max-age=15552000
accept-ranges: bytes
content-length: 1060
expires: Wed, 15 May 2024 10:38:11 GMT

GET
H2 200 total-jquery.js Show response
www.visele.ro/vendor/ 133 KB
44 KB 1920ms
438ms Script
application/javascript 188.247.130.221
TIER-DATA-CENTER

General

Check archive.org

Show headers Download Go to

Full URL

https://www.visele.ro/vendor/total-jquery.js?update=001

Requested by

Host: www.ghicitul-in-cafea.visele.ro
URL: https://www.ghicitul-in-cafea.visele.ro/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.247.130.221 , Romania, ASN50515 (TIER-DATA-CENTER, RO),

Reverse DNS

mail.twoside.ro

Software

nginx/1.20.2 /

Resource Hash

a8b0bd4804c08d24d0cab495b8c4f6d83fda775e0d4a611a2532e10ad6c2153f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.ghicitul-in-cafea.visele.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000;
content-encoding: gzip
date: Wed, 31 Jan 2024 19:46:00 GMT
x-original-content-length: 136285
server: nginx/1.20.2
etag: W/"PSA-aj-0czZyDtjtT"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=4119838
content-length: 44796
expires: Tue, 19 Mar 2024 12:09:59 GMT

GET
H2 200 jquery.magnific-popup.js Show response
www.visele.ro/vendor/magnific-popup/ 29 KB
9 KB 1921ms
439ms Script
application/javascript 188.247.130.221
TIER-DATA-CENTER

General

Check archive.org

Show headers Download Go to

Full URL

https://www.visele.ro/vendor/magnific-popup/jquery.magnific-popup.js

Requested by

Host: www.ghicitul-in-cafea.visele.ro
URL: https://www.ghicitul-in-cafea.visele.ro/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.247.130.221 , Romania, ASN50515 (TIER-DATA-CENTER, RO),

Reverse DNS

mail.twoside.ro

Software

nginx/1.20.2 /

Resource Hash

8d09ba63299c10a51481a27989f5f569d39d64fbc56b7c533bc35d234209e4dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.ghicitul-in-cafea.visele.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000;
content-encoding: gzip
date: Wed, 31 Jan 2024 19:46:00 GMT
x-original-content-length: 29667
server: nginx/1.20.2
etag: W/"PSA-aj-b0pTMJ-0Aa"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=9039141
content-length: 8903
expires: Wed, 15 May 2024 10:38:22 GMT

GET
H2 200 theme.js Show response
www.visele.ro/js/ 59 KB
11 KB 1919ms
437ms Script
application/javascript 188.247.130.221
TIER-DATA-CENTER

General

Check archive.org

Show headers Download Go to

Full URL

https://www.visele.ro/js/theme.js?update=129

Requested by

Host: www.ghicitul-in-cafea.visele.ro
URL: https://www.ghicitul-in-cafea.visele.ro/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.247.130.221 , Romania, ASN50515 (TIER-DATA-CENTER, RO),

Reverse DNS

mail.twoside.ro

Software

nginx/1.20.2 /

Resource Hash

54a799b7db34d6464ca37bfcb0869c8f3672dab3e0c4880b8ed0bb246546e6bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.ghicitul-in-cafea.visele.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000;
content-encoding: gzip
date: Wed, 31 Jan 2024 19:46:00 GMT
x-original-content-length: 61846
server: nginx/1.20.2
etag: W/"PSA-aj-jVrkxq0D2R"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=15478206
content-length: 11178
expires: Sun, 28 Jul 2024 23:16:07 GMT

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ba5d4fc1d1dc37bfde9eac8ffe03de2066530a9f50aa7e54d0e4530daee440d2

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/webp

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d2f4fe6f3e6f68a3846aa62cfa2bb7da0aed6695d7b70a18108d1d2f93003897

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/webp

GET
H2 200 style-css.php
www.visele.ro/ 141 KB
22 KB 1722ms
294ms Stylesheet
text/css 188.247.130.221
TIER-DATA-CENTER

General

Check archive.org

Show headers Download Go to

Full URL

https://www.visele.ro/style-css.php

Requested by

Host: www.ghicitul-in-cafea.visele.ro
URL: https://www.ghicitul-in-cafea.visele.ro/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.247.130.221 , Romania, ASN50515 (TIER-DATA-CENTER, RO),

Reverse DNS

mail.twoside.ro

Software

nginx/1.20.2 / PHP/7.4.26

Resource Hash

b0af5b7f3b096e4e8bb873c4f3d3252124418166f1b4860acb3445e1117c9b73

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.ghicitul-in-cafea.visele.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000;
content-encoding: gzip
date: Wed, 31 Jan 2024 19:46:00 GMT
x-original-content-length: 144208
server: nginx/1.20.2
x-powered-by: PHP/7.4.26
etag: W/"PSA-aj-afgaDjN7Hv"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: max-age=6840391
content-length: 22649
expires: Fri, 19 Apr 2024 23:52:32 GMT

GET
H2 200 font-awesome.min.css
www.visele.ro/vendor/fontawesome/css/ 13 KB
3 KB 1849ms
421ms Stylesheet
text/css 188.247.130.221
TIER-DATA-CENTER

General

Check archive.org

Show headers Download Go to

Full URL

https://www.visele.ro/vendor/fontawesome/css/font-awesome.min.css

Requested by

Host: www.ghicitul-in-cafea.visele.ro
URL: https://www.ghicitul-in-cafea.visele.ro/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.247.130.221 , Romania, ASN50515 (TIER-DATA-CENTER, RO),

Reverse DNS

mail.twoside.ro

Software

nginx/1.20.2 /

Resource Hash

d2e197bda04e6aaec9f13eb411887b6a3815e754a63102aebb91b5d6c5fb724b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.ghicitul-in-cafea.visele.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000;
content-encoding: gzip
date: Wed, 31 Jan 2024 19:46:00 GMT
x-original-content-length: 13547
server: nginx/1.20.2
etag: W/"PSA-aj-dkjtclJwmI"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=9038399
content-length: 3073
expires: Wed, 15 May 2024 10:26:00 GMT

GET
H2 200 css-combine.php
www.visele.ro/ 51 KB
10 KB 1723ms
296ms Stylesheet
text/css 188.247.130.221
TIER-DATA-CENTER

General

Check archive.org

Show headers Download Go to

Full URL

https://www.visele.ro/css-combine.php

Requested by

Host: www.ghicitul-in-cafea.visele.ro
URL: https://www.ghicitul-in-cafea.visele.ro/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.247.130.221 , Romania, ASN50515 (TIER-DATA-CENTER, RO),

Reverse DNS

mail.twoside.ro

Software

nginx/1.20.2 / PHP/7.4.26

Resource Hash

ca962fe02babaef3519f848a2bba993f41bb8f2cc7043baa3ee798cd940f8800

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.ghicitul-in-cafea.visele.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000;
content-encoding: gzip
date: Wed, 31 Jan 2024 19:46:00 GMT
x-original-content-length: 52595
server: nginx/1.20.2
x-powered-by: PHP/7.4.26
etag: W/"PSA-aj-DQzSO6CwUR"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: max-age=4677463
content-length: 10263
expires: Mon, 25 Mar 2024 23:03:44 GMT

GET
H3 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401250101/ 406 KB
138 KB 222ms
126ms Script
text/javascript 2607:f8b0:4004:c1b::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401250101/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7658725291548330

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1b::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8f4b97e0c22b9d9f3103f6783faf0f2a124fcd2670e0d7fac1f8a9b732987c9d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.ghicitul-in-cafea.visele.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 19:45:59 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 140846
x-xss-protection: 0
server: cafe
etag: 5874605680116648629
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Wed, 31 Jan 2024 19:45:59 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240124/r20190131/ Frame D35E 9 KB
5 KB 129ms
32ms Document
text/html 2607:f8b0:4004:c17::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240124/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7658725291548330

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ghicitul-in-cafea.visele.ro/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 29513
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4209
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 31 Jan 2024 11:34:06 GMT
etag: 3890843268177463596
expires: Wed, 14 Feb 2024 11:34:06 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 collect
analytics.google.com/g/ 0
256 B 158ms
68ms Ping
text/plain 2001:4860:4802:34::181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-XNG1RRT3E2&gtm=45je41t0v886641045&_p=1706730358803&_gaz=1&gcd=11l1l1l1l1&npa=0&dma=0&cid=1983624473.1706730359&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=1&sid=1706730359&sct=1&seg=0&dl=https%3A%2F%2Fwww.ghicitul-in-cafea.visele.ro%2F&dt=Ghicitul%20in%20cafea%20-%20tehnici%20si%20invataturi&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1932
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-XNG1RRT3E2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.ghicitul-in-cafea.visele.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 31 Jan 2024 19:45:59 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.ghicitul-in-cafea.visele.ro
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
256 B 144ms
39ms Ping
text/plain 2607:f8b0:4004:c1d::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-XNG1RRT3E2&cid=1983624473.1706730359&gtm=45je41t0v886641045&aip=1&dma=0&gcd=11l1l1l1l1&npa=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-XNG1RRT3E2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c1d::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.ghicitul-in-cafea.visele.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 31 Jan 2024 19:45:59 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.ghicitul-in-cafea.visele.ro
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 impress Show response
ad.vidverto.io/delivery/ 63 KB
17 KB 179ms
168ms XHR
application/json 185.132.133.134
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.vidverto.io/delivery/impress?ctype=div&width=720&height=405&tld=www.ghicitul-in-cafea.visele.ro&pzoneid=6931&in_iframe=&position=btf&screen_width=1600&screen_height=1200&top_domain=www.ghicitul-in-cafea.visele.ro&top_url=https%3A%2F%2Fwww.ghicitul-in-cafea.visele.ro%2F&domain=www.ghicitul-in-cafea.visele.ro&url=https%3A%2F%2Fwww.ghicitul-in-cafea.visele.ro%2F&referrer=&async=1&uid=6839760855&gdpr=0&gdpr_consent=
Requested by: Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.132.133.134 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 185-132-133-134.hosted-by-worldstream.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 04b8f1b2e2effb63dbf7702fa503d2515c210d7e284c83c8771d4081cc22bfbf

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.ghicitul-in-cafea.visele.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-origin: https://www.ghicitul-in-cafea.visele.ro
date: Wed, 31 Jan 2024 19:45:59 GMT
content-encoding: gzip
access-control-allow-credentials: true
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding
content-type: application/json; charset=utf-8

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame AF32 19 KB
6 KB 538ms
535ms Document
text/html 2607:f8b0:4004:c17::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7658725291548330&output=html&adk=1812271804&adf=3025194257&lmt=1706730359&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=188x1080_l%7C188x1080_r&format=0x0&url=https%3A%2F%2Fwww.ghicitul-in-cafea.visele.ro%2F&pra=5&wgl=1&easpi=1&asro=0&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~3~4~6&aslcwct=150&asacwct=25&aslmct=0.5&asamct=0.5&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706730359022&bpp=38&bdt=260&idt=313&shv=r20240124&mjsv=m202401250101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=885186682325&frm=20&pv=2&ga_vid=1983624473.1706730359&ga_sid=1706730359&ga_hid=262910539&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320377%2C95320870%2C95320892%2C95323009&oid=2&pvsid=1492829663965137&tmod=1562015107&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=357

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401250101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cf79004d2054ab221bcce5da558da6829d6896f8d20607de3ecc2b91121d074d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ghicitul-in-cafea.visele.ro/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 5734
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 31 Jan 2024 19:45:59 GMT
expires: Wed, 31 Jan 2024 19:45:59 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 5718 119 KB
40 KB 356ms
354ms Document
text/html 2607:f8b0:4004:c17::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7658725291548330&output=html&h=280&adk=1213588912&adf=2369281301&pi=t.aa~a.1795398077~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1706730359&rafmt=1&to=qs&pwprc=5444177883&format=1200x280&url=https%3A%2F%2Fwww.ghicitul-in-cafea.visele.ro%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706730359060&bpp=14&bdt=298&idt=329&shv=r20240124&mjsv=m202401250101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=885186682325&frm=20&pv=1&ga_vid=1983624473.1706730359&ga_sid=1706730359&ga_hid=262910539&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=199&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320377%2C95320870%2C95320892%2C95323009&oid=2&pvsid=1492829663965137&tmod=1562015107&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=343

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401250101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

331b0f9d5396d01d39991550efc3d00e2a9ac074cda6a6fbe061319e0b7d71da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ghicitul-in-cafea.visele.ro/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 40779
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 31 Jan 2024 19:45:59 GMT
expires: Wed, 31 Jan 2024 19:45:59 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 / Show response
onetag-sys.com/usync/ Frame 5DEA 5 KB
2 KB 863ms
46ms Document
text/html 51.222.39.187
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=

Requested by

Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.222.39.187 , Canada, ASN16276 (OVH, FR),

Reverse DNS

ip187.ip-51-222-39.net

Software

Resource Hash

2086ddf0b4f0f30fc0795169fc46523a34ae53796b6d7579340c2d89212e66f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://www.ghicitul-in-cafea.visele.ro/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control: no-transform, no-cache
content-encoding: gzip
content-length: 1682
content-type: text/html
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security: max-age=15552000

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ 377 KB
130 KB 870ms
37ms Script
text/javascript 2607:f8b0:4004:c06::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: www.ghicitul-in-cafea.visele.ro
URL: https://www.ghicitul-in-cafea.visele.ro/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5774904b98820aea68f7e83928abf56698af5a7e22f40b43da5bdafd9ce52a10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.ghicitul-in-cafea.visele.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 19:46:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 132592
x-xss-protection: 0
expires: Wed, 31 Jan 2024 19:46:00 GMT

GET
H2 200 inview.min.js Show response
ad.vidverto.io/js/ima2/2/ 5 KB
2 KB 126ms
108ms Script
application/javascript 185.132.133.134
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.vidverto.io/js/ima2/2/inview.min.js
Requested by: Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.132.133.134 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 185-132-133-134.hosted-by-worldstream.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 2ebcdc45625d8bd6eb8cea62780c1128df28c86ef0e10a6369ec23c97d61d92c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.ghicitul-in-cafea.visele.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 19:45:59 GMT
content-encoding: gzip
last-modified: Wed, 10 Jun 2020 14:52:51 GMT
server: nginx/1.14.0 (Ubuntu)
etag: W/"5ee0f3c3-1389"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=3600, public, max-age=3600
expires: Wed, 31 Jan 2024 20:45:59 GMT

GET
H2 200 vast-client.min.js Show response
ad.vidverto.io/js/ima2/2/ 60 KB
13 KB 127ms
110ms Script
application/javascript 185.132.133.134
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.vidverto.io/js/ima2/2/vast-client.min.js
Requested by: Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.132.133.134 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 185-132-133-134.hosted-by-worldstream.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 3b89ecb06b2a8c769d46141b38046fe5f8d827a9b958194466e942534c55c1c6

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.ghicitul-in-cafea.visele.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 19:45:59 GMT
content-encoding: gzip
last-modified: Wed, 03 Jan 2024 16:14:05 GMT
server: nginx/1.14.0 (Ubuntu)
etag: W/"659587cd-f153"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=3600, public, max-age=3600
expires: Wed, 31 Jan 2024 20:45:59 GMT

GET
H2 200 ima.min.js Show response
ad.vidverto.io/js/ima2/2/ 87 KB
22 KB 130ms
114ms Script
application/javascript 185.132.133.134
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.vidverto.io/js/ima2/2/ima.min.js?correlator=f903ef402683235575d29edf77909311
Requested by: Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.132.133.134 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 185-132-133-134.hosted-by-worldstream.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: c39dd8bf2426c71724231c135407c7c314b9cce470cb1aa3a7dc2d6cc5d64b37

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.ghicitul-in-cafea.visele.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 19:45:59 GMT
content-encoding: gzip
last-modified: Mon, 08 Jan 2024 12:28:32 GMT
server: nginx/1.14.0 (Ubuntu)
etag: W/"659bea70-15d7d"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=3600, public, max-age=3600
expires: Wed, 31 Jan 2024 20:45:59 GMT

GET
H2 200 vidvertoplayer.js Show response
ad.vidverto.io/vidverto/player/ 130 KB
41 KB 251ms
236ms Script
application/javascript 185.132.133.134
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.vidverto.io/vidverto/player/vidvertoplayer.js
Requested by: Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.132.133.134 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 185-132-133-134.hosted-by-worldstream.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: a61d8ed19b5bba32c11ba948036fe83489cc0a85662a9031e9db1707518ccd61

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.ghicitul-in-cafea.visele.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 19:45:59 GMT
content-encoding: gzip
last-modified: Wed, 01 Nov 2023 15:40:22 GMT
server: nginx/1.14.0 (Ubuntu)
etag: W/"65427166-20687"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=3600, public, max-age=3600
expires: Wed, 31 Jan 2024 20:45:59 GMT

GET
H2 200 prebid.js Show response
ad.vidverto.io/js/achernar/ 306 KB
103 KB 249ms
236ms Script
application/javascript 185.132.133.134
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.vidverto.io/js/achernar/prebid.js
Requested by: Host: www.ghicitul-in-cafea.visele.ro
URL: https://www.ghicitul-in-cafea.visele.ro/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.132.133.134 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 185-132-133-134.hosted-by-worldstream.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: f72ebdef3ae3cd5438701d4879bd2022afcd556e3e7a8b96ba9ef06d6e466c3f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.ghicitul-in-cafea.visele.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 19:45:59 GMT
content-encoding: gzip
last-modified: Wed, 06 Dec 2023 16:37:49 GMT
server: nginx/1.14.0 (Ubuntu)
etag: W/"6570a35d-4c73f"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=3600, public, max-age=3600
expires: Wed, 31 Jan 2024 20:45:59 GMT

GET
H2 200 invocation.min.css
ad.vidverto.io/vidverto/ 3 KB
850 B 119ms
107ms Stylesheet
text/css 185.132.133.134
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.vidverto.io/vidverto/invocation.min.css
Requested by: Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.132.133.134 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 185-132-133-134.hosted-by-worldstream.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 60f74110267d386c033ca330fc5bbd7d2472c972b63b33fa8000e87c8f815de6

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.ghicitul-in-cafea.visele.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 19:45:59 GMT
content-encoding: gzip
last-modified: Wed, 11 Nov 2020 16:53:37 GMT
server: nginx/1.14.0 (Ubuntu)
etag: W/"5fac1711-a0a"
vary: Accept-Encoding
content-type: text/css

GET
H2

200

sync
ad.vidverto.io/delivery/v2/
Redirect Chain

https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fad.vidverto.io%2Fdelivery%2Fv2%2Fsync%3Fuserid%3D%7Buser_id%7D%26p_id%3D23
https://ad.vidverto.io/delivery/v2/sync?userid=674c798d-6a7b-4efb-ba01-ac54e9995205&p_id=23

0
151 B

113ms
107ms

Image
text/plain

185.132.133.134
WORLDSTREAM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.vidverto.io/delivery/v2/sync?userid=674c798d-6a7b-4efb-ba01-ac54e9995205&p_id=23
Requested by: Host: www.ghicitul-in-cafea.visele.ro
URL: https://www.ghicitul-in-cafea.visele.ro/
Protocol: H2
Server: 185.132.133.134 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 185-132-133-134.hosted-by-worldstream.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.ghicitul-in-cafea.visele.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 19:46:01 GMT
content-length: 0
server: nginx/1.14.0 (Ubuntu)

Redirect headers

location: https://ad.vidverto.io/delivery/v2/sync?userid=674c798d-6a7b-4efb-ba01-ac54e9995205&p_id=23
date: Wed, 31 Jan 2024 19:46:00 GMT
cache-control: no-store no-transform
server: nginx
content-length: 161
content-type: text/html; charset=utf-8

GET
H2

200

sync
ad.vidver.to/delivery/v2/
Redirect Chain

https://x.bidswitch.net/sync?ssp=prodoohmox&user_id=beffed39-db5a-4edb-b646-5c26ad1ccdbb&gdpr=0&gdpr_consent=
https://x.bidswitch.net/ul_cb/sync?ssp=prodoohmox&user_id=beffed39-db5a-4edb-b646-5c26ad1ccdbb&gdpr=0&gdpr_consent=
https://pixel.tapad.com/idsync/ex/receive?partner_id=3205&partner_device_id=8607be8d-a986-426e-b314-c983d715e8d8&partner_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D437%26ssp%3Dprodoohmox%2...
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3205&partner_device_id=8607be8d-a986-426e-b314-c983d715e8d8&partner_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D437%26ssp%3Dprodoo...
https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=726b09a9-fd15-4a94-a4cb-e58865ac3ccb%252Chttps%25253A%25252F%25252Fx.bidswitch.net%25252Fsync%25253Fdsp_id%25253D437%2525...
https://match.adsrvr.org/track/cmb/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=726b09a9-fd15-4a94-a4cb-e58865ac3ccb%252Chttps%25253A%25252F%25252Fx.bidswitch.net%25252Fsync%25253Fdsp_id%25253D437%2525...
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=6edc52bc-27e4-4f2b-bb90-bad0470989f5&ttd_puid=726b09a9-fd15-4a94-a4cb-e58865ac3ccb%2Chttps%253A%252F%252Fx.bidswitch.net%...
https://x.bidswitch.net/sync?dsp_id=437&ssp=prodoohmox&user_id=
https://ad.vidver.to/delivery/v2/sync?userid=8607be8d-a986-426e-b314-c983d715e8d8&p_id=15

0
155 B

813ms
110ms

Image
text/plain

212.8.243.91
WORLDSTREAM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.vidver.to/delivery/v2/sync?userid=8607be8d-a986-426e-b314-c983d715e8d8&p_id=15
Requested by: Host: www.ghicitul-in-cafea.visele.ro
URL: https://www.ghicitul-in-cafea.visele.ro/
Protocol: H2
Server: 212.8.243.91 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 212-8-243-91.hosted-by-worldstream.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.ghicitul-in-cafea.visele.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 19:46:01 GMT
content-length: 0
server: nginx/1.14.0 (Ubuntu)

Redirect headers

Location: //ad.vidver.to/delivery/v2/sync?userid=8607be8d-a986-426e-b314-c983d715e8d8&p_id=15
Date: Wed, 31 Jan 2024 19:46:01 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H2 200 favicon-16px.png
ad.vidverto.io/images/ 900 B
1 KB 222ms
210ms Image
image/png 185.132.133.134
WORLDSTREAM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.vidverto.io/images/favicon-16px.png
Requested by: Host: www.ghicitul-in-cafea.visele.ro
URL: https://www.ghicitul-in-cafea.visele.ro/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.132.133.134 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 185-132-133-134.hosted-by-worldstream.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 42fe10d8382d3fb7f84308b95ae83c5959838f0aeff2cb1733bab9d394c5a2d7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.ghicitul-in-cafea.visele.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 19:45:59 GMT
last-modified: Wed, 10 Jun 2020 14:52:51 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "5ee0f3c3-384"
content-type: image/png
cache-control: max-age=604800, public, max-age=604800
accept-ranges: bytes
content-length: 900
expires: Wed, 07 Feb 2024 19:45:59 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 5718 4 KB
1 KB 153ms
45ms Stylesheet
text/css 2607:f8b0:4004:c06::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7658725291548330&output=html&h=280&adk=1213588912&adf=2369281301&pi=t.aa~a.1795398077~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1706730359&rafmt=1&to=qs&pwprc=5444177883&format=1200x280&url=https%3A%2F%2Fwww.ghicitul-in-cafea.visele.ro%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706730359060&bpp=14&bdt=298&idt=329&shv=r20240124&mjsv=m202401250101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=885186682325&frm=20&pv=1&ga_vid=1983624473.1706730359&ga_sid=1706730359&ga_hid=262910539&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=199&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320377%2C95320870%2C95320892%2C95323009&oid=2&pvsid=1492829663965137&tmod=1562015107&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=343

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f8238cdd1cc6032f1c34cf7e559b55a936097f78cc8839628e5cc39a6fc3f390

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 31 Jan 2024 19:46:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 31 Jan 2024 18:40:01 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 31 Jan 2024 19:46:00 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240124/r20110914/client/ Frame 5718 2 KB
903 B 176ms
70ms Script
text/javascript 2607:f8b0:4004:c06::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240124/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 22:46:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 75572
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 13 Feb 2024 22:46:28 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240124/r20110914/ Frame 5718 23 KB
9 KB 122ms
43ms Script
text/javascript 2607:f8b0:4004:c06::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240124/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7f83ea973e4739eb4a3d39bf8bac90016fa95d0167c45d3b883d34f39868e132

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 22:42:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 75794
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9319
x-xss-protection: 0
server: cafe
etag: 3610546441309021303
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 13 Feb 2024 22:42:46 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240124/r20110914/client/ Frame 5718 3 KB
2 KB 109ms
31ms Script
text/javascript 2607:f8b0:4004:c06::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240124/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 07:01:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 45878
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 14 Feb 2024 07:01:22 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240124/r20110914/client/ Frame 5718 20 KB
8 KB 140ms
34ms Script
text/javascript 2607:f8b0:4004:c06::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240124/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0899097f526aab0c82c4332c8dd24d4041cb5fbde0638d98e883e159ecbe2a64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 20:57:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 82130
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8501
x-xss-protection: 0
server: cafe
etag: 9351358253902147912
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 13 Feb 2024 20:57:10 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 5718 205 KB
62 KB 73ms
72ms Script
text/javascript 2607:f8b0:4004:c1b::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1b::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2efd5b088456b5b350cdd2afd4e91b4bb44217e2c212a5d150f96ffa185752f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 19:42:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 203
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 63264
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 31 Jan 2024 20:42:37 GMT

GET
H2 200 ddb466d8785cb75acd721f17b1b8dd87.js Show response
www.gstatic.com/mysidia/ Frame 5718 37 KB
16 KB 116ms
39ms Script
text/javascript 2607:f8b0:4004:c0b::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/ddb466d8785cb75acd721f17b1b8dd87.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c0b::5e Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

54090d5321bc8e3a05531aacf2ef2b7769f24e94b14f4a0687587375fffa2523

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 19:51:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 86058
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15487
x-xss-protection: 0
last-modified: Thu, 25 Jan 2024 03:17:29 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 29 Apr 2024 19:51:42 GMT

GET
H2 200 ca-pub-7658725291548330 Show response
fundingchoicesmessages.google.com/i/ 183 KB
61 KB 163ms
62ms Script
application/javascript 2607:f8b0:4004:c1b::8b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/ca-pub-7658725291548330?ers=2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401250101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::8b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c6ba6ad1f8cf24f36fb0d67b4380e1a1d1377d07ee19db4ebf991005c8f89dd5

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-CLdO9yN-w2CAobTM-gRh-Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.ghicitul-in-cafea.visele.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 19:46:00 GMT
content-security-policy: script-src 'report-sample' 'nonce-CLdO9yN-w2CAobTM-gRh-Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjOsKoxSXFEKQhxXDe6Q7TdSC-qPKU6SYQ1zI8Y2oF4gfhz5heALGBxnMmCyAuyH7OVAHEjH9eMHEC8bsvL5kEvr5kkgBiLSB-J_mK6RsQ7_DxYHkTPp2VL2I66-mC6ayXgZitAsgH4ri66awFQMy3bjqr4frprFvOTGfdA8Qxz6ezpgDxYtYZrKuBeErgDNY5QNwSPYN1GhA7pc9gDQHiz5kzWH8Dcdntc6x1QCzEw_Hj2Ku1bAI3brx_ywgAgE9Zug"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/12066668117109949259/ Frame 5718 33 KB
33 KB 50ms
43ms Image
image/jpeg 2607:f8b0:4004:c06::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/12066668117109949259/14763004658117789537?w=600&h=314&tw=1&q=75

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aabd2e53566a21b49f0dc6fd10e0ab3f28e73e8e90ddf32f296effe5e8d828b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Thu, 30 Jan 2025 04:05:34 GMT
date: Wed, 31 Jan 2024 04:05:34 GMT
x-content-type-options: nosniff
age: 56426
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33799
x-xss-protection: 0
last-modified: Thu, 28 Dec 2023 17:07:15 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/11678475451283459103/ Frame 5718 2 KB
2 KB 45ms
40ms Image
image/jpeg 2607:f8b0:4004:c06::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/11678475451283459103/14763004658117789537?w=100&h=100&tw=1&q=75

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6c11bd8b40121ede8f319c93a3d2c05e8734e5727005b5cf0f56415ba7f2e2af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Wed, 29 Jan 2025 22:06:42 GMT
date: Tue, 30 Jan 2024 22:06:42 GMT
x-content-type-options: nosniff
age: 77958
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1673
x-xss-protection: 0
last-modified: Wed, 20 Dec 2023 22:13:34 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H2

200

/
onetag-sys.com/match/ Frame 5DEA
Redirect Chain

https://rtb.mfadsrvr.com/sync?ssp=onetag&ssp_user_id=g72Dh4m_ytTtsMc8Gmnc6yQmgrm8927gFq9HGkR7m4w
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=onetag&ssp_user_id=g72Dh4m_ytTtsMc8Gmnc6yQmgrm8927gFq9HGkR7m4w
https://onetag-sys.com/match/?int_id=160&uid=fce124bc-f65b-476a-a7b8-8a8dc5dbf0e3

0
340 B

34ms
33ms

Image
text/plain

51.222.39.187
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=160&uid=fce124bc-f65b-476a-a7b8-8a8dc5dbf0e3

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=

Protocol

Server

51.222.39.187 , Canada, ASN16276 (OVH, FR),

Reverse DNS

ip187.ip-51-222-39.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location: //onetag-sys.com/match/?int_id=160&uid=fce124bc-f65b-476a-a7b8-8a8dc5dbf0e3
date: Wed, 31 Jan 2024 19:46:00 GMT
cache-control: no-cache, no-store, must-revalidate
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2

200

/
onetag-sys.com/match/ Frame 5DEA
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D0%26gdpr_consent%3D
https://onetag-sys.com/match/?int_id=1&uid=dac465ba-a378-4800-b264-4d4e16313560&gdpr=0&gdpr_consent=

0
340 B

38ms
35ms

Image
text/plain

51.222.39.187
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=1&uid=dac465ba-a378-4800-b264-4d4e16313560&gdpr=0&gdpr_consent=

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=

Protocol

Server

51.222.39.187 , Canada, ASN16276 (OVH, FR),

Reverse DNS

ip187.ip-51-222-39.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Date: Wed, 31 Jan 2024 19:46:00 GMT
Server: MT3 1451 1934b03 master ord ord-pixel-x8 config_version:"1906"
Content-Type: image/gif
Access-Control-Allow-Origin: *
location: https://onetag-sys.com/match/?int_id=1&uid=dac465ba-a378-4800-b264-4d4e16313560&gdpr=0&gdpr_consent=
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 0
Expires: Wed, 31 Jan 2024 19:45:59 GMT

GET
H2

200

/
onetag-sys.com/match/ Frame 5DEA
Redirect Chain

https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag&gdpr=0&gdpr_consent=
https://onetag-sys.com/match/?int_id=2&uid=LS276UUP-24-KT8O&gdpr=0

0
340 B

80ms
29ms

Image
text/plain

51.222.39.187
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=2&uid=LS276UUP-24-KT8O&gdpr=0

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=

Protocol

Server

51.222.39.187 , Canada, ASN16276 (OVH, FR),

Reverse DNS

ip187.ip-51-222-39.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://onetag-sys.com/match/?int_id=2&uid=LS276UUP-24-KT8O&gdpr=0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: ebd4ddb84ea801183e9e4fcb7cec19cd
Expires: 0

GET
H2

200

/
onetag-sys.com/match/ Frame 5DEA
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D0%26gdpr_consent%3D%26uid%3D$UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fonetag-sys.com%252Fmatch%252F%253Fint_id%253D98%2526gdpr%253D0%2526gdpr_consent%253D%2526uid%253D%24UID
https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=4547992079856504676

0
340 B

35ms
34ms

Image
text/plain

51.222.39.187
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=4547992079856504676

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=

Protocol

Server

51.222.39.187 , Canada, ASN16276 (OVH, FR),

Reverse DNS

ip187.ip-51-222-39.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Wed, 31 Jan 2024 19:46:00 GMT
an-x-request-uuid: 14090708-0bce-4d63-87cb-7ce1a60ddb9d
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=4547992079856504676
x-proxy-origin: 96.9.249.36; 96.9.249.36; 567.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

/
onetag-sys.com/match/ Frame 5DEA
Redirect Chain

https://ads.stickyadstv.com/user-matching?id=3679&gdpr=0&gdpr_consent=
https://onetag-sys.com/match/?int_id=3&uid=e643c03e4e8ca4ffc2366ef420a0735a&gdpr_consent=&gdpr=0

0
340 B

28ms
27ms

Image
text/plain

51.222.39.187
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=3&uid=e643c03e4e8ca4ffc2366ef420a0735a&gdpr_consent=&gdpr=0

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=

Protocol

Server

51.222.39.187 , Canada, ASN16276 (OVH, FR),

Reverse DNS

ip187.ip-51-222-39.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Pragma: no-cache
Date: Wed, 31 Jan 2024 19:46:00 GMT
Server: nginx
Access-Control-Allow-Origin: *
Location: https://onetag-sys.com/match/?int_id=3&uid=e643c03e4e8ca4ffc2366ef420a0735a&gdpr_consent=&gdpr=0
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
x-sticky-vk: 1706730360756064-133

GET
H/1.1 200
OK tap.php
pixel.rubiconproject.com/ Frame 5DEA 42 B
955 B 143ms
37ms Image
image/gif 8.43.72.97
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=g72Dh4m_ytTtsMc8Gmnc6yQmgrm8927gFq9HGkR7m4w
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: f1d2dfe1ca3ed0321925c13f4507bd26
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

/
onetag-sys.com/match/ Frame 5DEA
Redirect Chain

https://cs.admanmedia.com/73c1e1bfc3bde354d60b80e601ae3914.gif?puid=[UID]&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D164%26gdpr%3D%24%7BGDPR%7D%26gdpr_consent%3D%24%7BGDPR_STRING%7D%2...
https://onetag-sys.com/match/?int_id=164&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=b4a49eda-4893-4edf-aaee-82bfc1cf327f

0
340 B

27ms
26ms

Image
text/plain

51.222.39.187
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=164&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=b4a49eda-4893-4edf-aaee-82bfc1cf327f

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=

Protocol

Server

51.222.39.187 , Canada, ASN16276 (OVH, FR),

Reverse DNS

ip187.ip-51-222-39.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Pragma: no-cache
Date: Wed, 31 Jan 2024 19:46:00 GMT
Server: nginx
Location: https://onetag-sys.com/match/?int_id=164&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=b4a49eda-4893-4edf-aaee-82bfc1cf327f
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: 0

GET
H2

200

/
onetag-sys.com/match/ Frame 5DEA
Redirect Chain

https://t.adx.opera.com/pub/sync?pubid=pub10101531197440
https://onetag-sys.com/match/?gdpr=&gdpr_consent=%24%7BGDPR_STRING%7D&int_id=168&uid=OPUe552fbe545014cbf9f162d5c6ad3a43d

0
340 B

36ms
35ms

Image
text/plain

51.222.39.187
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?gdpr=&gdpr_consent=%24%7BGDPR_STRING%7D&int_id=168&uid=OPUe552fbe545014cbf9f162d5c6ad3a43d

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=

Protocol

Server

51.222.39.187 , Canada, ASN16276 (OVH, FR),

Reverse DNS

ip187.ip-51-222-39.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Wed, 31 Jan 2024 19:46:00 GMT
server: Tengine
access-control-allow-methods: POST, GET
content-type: text/html; charset=utf-8
access-control-allow-origin: *
location: https://onetag-sys.com/match/?gdpr=&gdpr_consent=%24%7BGDPR_STRING%7D&int_id=168&uid=OPUe552fbe545014cbf9f162d5c6ad3a43d
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
content-length: 155
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 5DEA
Redirect Chain

https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABjWEOjtPF9DWUYHd_Vx5An3xTao0SrzmMdw

170 B
409 B

149ms
50ms

Image
image/png

142.251.167.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABjWEOjtPF9DWUYHd_Vx5An3xTao0SrzmMdw

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=

Protocol

Server

142.251.167.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ww-in-f156.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 31 Jan 2024 19:46:00 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABjWEOjtPF9DWUYHd_Vx5An3xTao0SrzmMdw
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H2

200

/
onetag-sys.com/match/ Frame 5DEA
Redirect Chain

https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D107%26uid%3D[ssb_sync_pid]
https://onetag-sys.com/match/?int_id=107&uid=2007631507573146312

0
340 B

38ms
36ms

Image
text/plain

51.222.39.187
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=107&uid=2007631507573146312

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=

Protocol

Server

51.222.39.187 , Canada, ASN16276 (OVH, FR),

Reverse DNS

ip187.ip-51-222-39.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location: https://onetag-sys.com/match/?int_id=107&uid=2007631507573146312
date: Wed, 31 Jan 2024 19:46:00 GMT
content-length: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 5DEA
Redirect Chain

https://onetag-sys.com/match/?int_id=113&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=g72Dh4m_ytTtsMc8Gmnc6yQmgrm8927gFq9HGkR7m4w

43 B
479 B

151ms
52ms

Image
image/gif

209.54.182.161
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=g72Dh4m_ytTtsMc8Gmnc6yQmgrm8927gFq9HGkR7m4w

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=

Protocol

HTTP/1.1

Server

209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 31 Jan 2024 19:46:00 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: HETZB63WSGMPPS76Q5WA
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=g72Dh4m_ytTtsMc8Gmnc6yQmgrm8927gFq9HGkR7m4w
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H2

200

/
onetag-sys.com/match/ Frame 5DEA
Redirect Chain

https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=0&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26gdpr%3D${GDPR}%26gdpr_consent%3D${GDPR_STRING}%26u...
https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=0&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26gdpr%3D${GDPR}%26gdpr_consent%3D${GDPR_STRING}%26u...
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NEQyRTNDMTktNDk0Mi00RUVFLTlEMkMtRUVCMDFFMUE4OTBC&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=4D2E3C19-4942-4EEE-9D2C-EEB01E1A890B

0
340 B

45ms
42ms

Image
text/plain

51.222.39.187
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=4D2E3C19-4942-4EEE-9D2C-EEB01E1A890B

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=

Protocol

Server

51.222.39.187 , Canada, ASN16276 (OVH, FR),

Reverse DNS

ip187.ip-51-222-39.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location: https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=4D2E3C19-4942-4EEE-9D2C-EEB01E1A890B
date: Wed, 31 Jan 2024 19:46:00 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 157
content-type: text/html; charset=utf-8

GET
H2

200

/
onetag-sys.com/match/ Frame 5DEA
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm
https://onetag-sys.com/match/?int_id=106&google_gid=CAESELSm1C1tlWaIwvIP72qlw-E&google_cver=1

0
340 B

28ms
27ms

Image
text/plain

51.222.39.187
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=106&google_gid=CAESELSm1C1tlWaIwvIP72qlw-E&google_cver=1

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=

Protocol

Server

51.222.39.187 , Canada, ASN16276 (OVH, FR),

Reverse DNS

ip187.ip-51-222-39.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Wed, 31 Jan 2024 19:46:00 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://onetag-sys.com/match/?int_id=106&google_gid=CAESELSm1C1tlWaIwvIP72qlw-E&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 298
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/
onetag-sys.com/match/ Frame 5DEA
Redirect Chain

https://bh.contextweb.com/bh/rtset?pid=562985&ev=1&us_privacy=&rurl=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D149%26gdpr%3D%24%7BGDPR%7D%26gdpr_consent%3D%24%7BGDPR_STRING%7D%26uid%3D%25%2...
https://onetag-sys.com/match/?int_id=149&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=PQsFBDa1KvfJ&ev=1&us_privacy=&pid=562985

0
340 B

35ms
26ms

Image
text/plain

51.222.39.187
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=149&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=PQsFBDa1KvfJ&ev=1&us_privacy=&pid=562985

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=

Protocol

Server

51.222.39.187 , Canada, ASN16276 (OVH, FR),

Reverse DNS

ip187.ip-51-222-39.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

strict-transport-security: max-age=15768000
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server: Jetty(10.0.14)
content-language: en-US
location: https://onetag-sys.com/match/?int_id=149&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=PQsFBDa1KvfJ&ev=1&us_privacy=&pid=562985
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control: private, max-age=0, no-cache, no-store
cw-server: bh-deployment-6658dc8946-qn7lj
expires: -1

GET
H2

200

/
onetag-sys.com/match/ Frame 5DEA
Redirect Chain

https://prebid-match.dotomi.com/match/bounce/current?version=1&networkId=72582&rurl=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D90%26gdpr%3D0%26gdpr_consent%3D%26uid%3D
https://prebid-match.dotomi.com/match/bounce/current?DotomiTest=5ec5871289f30ff8&is_secure=true&version=1&networkId=72582&rurl=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D90%26gdpr%3D0%26gdp...
https://onetag-sys.com/match/?int_id=90&gdpr=0&gdpr_consent=&uid=AAAGuPX7omvXfgN9A6HDAAAAAAA&expiration=1706816761

0
340 B

81ms
30ms

Image
text/plain

51.222.39.187
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=90&gdpr=0&gdpr_consent=&uid=AAAGuPX7omvXfgN9A6HDAAAAAAA&expiration=1706816761

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=

Protocol

Server

51.222.39.187 , Canada, ASN16276 (OVH, FR),

Reverse DNS

ip187.ip-51-222-39.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Wed, 31 Jan 2024 19:46:01 GMT
server: nginx
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location: https://onetag-sys.com/match/?int_id=90&gdpr=0&gdpr_consent=&uid=AAAGuPX7omvXfgN9A6HDAAAAAAA&expiration=1706816761
cache-control: no-cache, private, max-age=0, no-store
content-length: 0
expires: 0

GET
H2

200

/
onetag-sys.com/match/ Frame 5DEA
Redirect Chain

https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=0&gdpr_consent=
https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=0&gdpr_consent=&verify=true
https://onetag-sys.com/match/?int_id=92&uid=y-vdDhNjRE2uERBp66oyP7uGjn_M5cxK7bLBJXwoA-~A

0
340 B

37ms
29ms

Image
text/plain

51.222.39.187
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=92&uid=y-vdDhNjRE2uERBp66oyP7uGjn_M5cxK7bLBJXwoA-~A

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=

Protocol

Server

51.222.39.187 , Canada, ASN16276 (OVH, FR),

Reverse DNS

ip187.ip-51-222-39.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location: https://onetag-sys.com/match/?int_id=92&uid=y-vdDhNjRE2uERBp66oyP7uGjn_M5cxK7bLBJXwoA-~A
date: Wed, 31 Jan 2024 19:46:01 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.94
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

200

/
onetag-sys.com/match/ Frame 5DEA
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=0&gdpr_consent=
https://onetag-sys.com/match/?int_id=29&uid=6edc52bc-27e4-4f2b-bb90-bad0470989f5&gdpr=0&gdpr_consent=

0
340 B

35ms
35ms

Image
text/plain

51.222.39.187
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=29&uid=6edc52bc-27e4-4f2b-bb90-bad0470989f5&gdpr=0&gdpr_consent=

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=

Protocol

Server

51.222.39.187 , Canada, ASN16276 (OVH, FR),

Reverse DNS

ip187.ip-51-222-39.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location: https://onetag-sys.com/match/?int_id=29&uid=6edc52bc-27e4-4f2b-bb90-bad0470989f5&gdpr=0&gdpr_consent=
date: Wed, 31 Jan 2024 19:46:00 GMT
server: Kestrel
content-length: 233

GET
H2

200

/
onetag-sys.com/match/ Frame 5DEA
Redirect Chain

https://x.bidswitch.net/sync?ssp=onetag&gdpr=0&gdpr_consent=
https://pr-bh.ybp.yahoo.com/sync/iponweb?bidswitch_ssp_id=onetag&ssp_user_id=8607be8d-a986-426e-b314-c983d715e8d8&gdpr=0&gdpr_consent=
https://x.bidswitch.net/sync?dsp_id=74&&user_id=y-7.xAMEtE2plnI5AQENtKOAGzi09qS_C1Bm08Xw--~A&expires=5&ssp=onetag
https://onetag-sys.com/match/?int_id=30&uid=8607be8d-a986-426e-b314-c983d715e8d8&gdpr=&gdpr_consent=&us_privacy=

0
340 B

53ms
35ms

Image
text/plain

51.222.39.187
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=30&uid=8607be8d-a986-426e-b314-c983d715e8d8&gdpr=&gdpr_consent=&us_privacy=

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=

Protocol

Server

51.222.39.187 , Canada, ASN16276 (OVH, FR),

Reverse DNS

ip187.ip-51-222-39.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Location: //onetag-sys.com/match/?int_id=30&uid=8607be8d-a986-426e-b314-c983d715e8d8&gdpr=&gdpr_consent=&us_privacy=
Date: Wed, 31 Jan 2024 19:46:01 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H2

200

sync
ad.mox.tv/delivery/v2/ Frame 5DEA
Redirect Chain

https://ad.mox.tv/delivery/sync?userid=g72Dh4m_ytTtsMc8Gmnc6yQmgrm8927gFq9HGkR7m4w&p_id=5
https://ad.mox.tv/delivery/v2/sync?userid=g72Dh4m_ytTtsMc8Gmnc6yQmgrm8927gFq9HGkR7m4w&p_id=5

0
156 B

111ms
111ms

Image
text/plain

190.2.153.150
WORLDSTREAM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.mox.tv/delivery/v2/sync?userid=g72Dh4m_ytTtsMc8Gmnc6yQmgrm8927gFq9HGkR7m4w&p_id=5
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=
Protocol: H2
Server: 190.2.153.150 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 19:46:01 GMT
content-length: 0
server: nginx/1.14.0 (Ubuntu)

Redirect headers

location: https://ad.mox.tv/delivery/v2/sync?userid=g72Dh4m_ytTtsMc8Gmnc6yQmgrm8927gFq9HGkR7m4w&p_id=5
date: Wed, 31 Jan 2024 19:46:01 GMT
server: nginx/1.14.0 (Ubuntu)
content-length: 194
content-type: text/html

POST
H2 204 ping
pagead2.googlesyndication.com/pagead/ 0
0 97ms
96ms Fetch
text/html 2607:f8b0:4004:c1b::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401250101/show_ads_impl_fy2021.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c1b::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.ghicitul-in-cafea.visele.ro/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
DATA 200
OK truncated
/ Frame 5718 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 339a822be1da0e2d7d5b183562baef30d3716a1dfcab46b43b587937003b9f04

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/png

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
567 B 39ms
39ms Fetch
application/json 51.222.39.187
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: ad.vidverto.io
URL: https://ad.vidverto.io/js/achernar/prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.222.39.187 , Canada, ASN16276 (OVH, FR),

Reverse DNS

ip187.ip-51-222-39.net

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://www.ghicitul-in-cafea.visele.ro/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin: https://www.ghicitul-in-cafea.visele.ro
content-type: application/json
cache-control: no-transform, no-cache
access-control-allow-credentials: true
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900

POST
H/1.1 204
No Content adxprebid.1.2.aspx Show response
inv-nets.admixer.net/ 0
421 B 114ms
33ms Fetch 216.219.92.22
IS-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

https://inv-nets.admixer.net/adxprebid.1.2.aspx

Requested by

Host: ad.vidverto.io
URL: https://ad.vidverto.io/js/achernar/prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

216.219.92.22 , United States, ASN19318 (IS-AS-1, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.ghicitul-in-cafea.visele.ro/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type: text/plain

Response headers

Date: Wed, 31 Jan 2024 19:46:00 GMT
Server: nginx
P3p: CP="NID DSP ALL COR"
Access-Control-Allow-Origin: https://www.ghicitul-in-cafea.visele.ro
Access-Control-Allow-Credentials: true
Connection: keep-alive
Keep-Alive: timeout=25
X-Xss-Protection: 0

GET
H2 200 xgray_jean.png.pagespeed.ic.PsycfWaSFy.png
www.visele.ro/img/patterns/ 7 KB
7 KB 196ms
195ms Image
image/png 188.247.130.221
TIER-DATA-CENTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.visele.ro/img/patterns/xgray_jean.png.pagespeed.ic.PsycfWaSFy.png

Requested by

Host: www.visele.ro
URL: https://www.visele.ro/style-css.php

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.247.130.221 , Romania, ASN50515 (TIER-DATA-CENTER, RO),

Reverse DNS

mail.twoside.ro

Software

nginx/1.20.2 /

Resource Hash

daf45e37e88f3c56e09945b8f41ca1fecfe089a4f5b1503e735736535e127c2e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.visele.ro/style-css.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-page-speed: 1.13.35.2-0
strict-transport-security: max-age=31536000;
date: Fri, 17 Nov 2023 10:35:20 GMT
last-modified: Fri, 17 Nov 2023 10:35:20 GMT
server: nginx/1.20.2
x-original-content-length: 7374
etag: W/"0"
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
link: <https://www.visele.ro/img/patterns/gray_jean.png>; rel="canonical"
content-length: 7242
expires: Sat, 16 Nov 2024 10:35:20 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 5718 16 KB
16 KB 100ms
32ms Font
font/woff2 2607:f8b0:4004:c06::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 27 Jan 2024 16:43:34 GMT
x-content-type-options: nosniff
age: 356546
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 26 Jan 2025 16:43:34 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 5718 15 KB
15 KB 107ms
41ms Font
font/woff2 2607:f8b0:4004:c06::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 17:38:52 GMT
x-content-type-options: nosniff
age: 526028
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 24 Jan 2025 17:38:52 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame A385 436 B
233 B 366ms
362ms Document
text/html 2607:f8b0:4004:c17::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-7658725291548330&output=html&h=600&adk=3582989967&adf=3754241251&pi=t.aa~a.316159829~rp.4&w=165&fwrn=4&fwrnh=100&lmt=1706730360&rafmt=1&to=qs&pwprc=5444177883&format=165x600&url=https%3A%2F%2Fwww.ghicitul-in-cafea.visele.ro%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706730360476&bpp=1&bdt=1714&idt=-M&shv=r20240124&mjsv=m202401250101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9ecc79d0a07ddf8b%3AT%3D1706730359%3ART%3D1706730359%3AS%3DALNI_MZQqIQxzXB2bwqYb69NhQnrdg1q4w&gpic=UID%3D00000dbc69f1bff8%3AT%3D1706730359%3ART%3D1706730359%3AS%3DALNI_MYWCJcbvG93Oc_txDJjoTC_FagjWw&eo_id_str=ID%3D82a3c4e2c9f7663a%3AT%3D1706730359%3ART%3D1706730359%3AS%3DAA-AfjZD6fiDNjWNZPWLZcUrRwNY&prev_fmts=0x0%2C1200x280&nras=3&correlator=885186682325&frm=20&pv=1&ga_vid=1983624473.1706730359&ga_sid=1706730359&ga_hid=262910539&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1367&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320377%2C95320870%2C95320892%2C95323009&oid=2&psts=AOrYGsnR3kK9lqLquOobkBoNhvPwAFHF_cq_mZax47eC7qlja7JIK-0S37mvkJm_XTqT46RExBCCWUZnoYJ1xEVSBxUK7GHw&pvsid=1492829663965137&tmod=1562015107&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=448

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401250101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c17::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fb45e6f3f5dc5ac124bae70f4f1faea008c0f1be3cce225ccbeee6c2b13c6ad0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ghicitul-in-cafea.visele.ro/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 212
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 31 Jan 2024 19:46:01 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 9A84 436 B
234 B 509ms
494ms Document
text/html 2607:f8b0:4004:c17::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-7658725291548330&output=html&h=240&adk=2223558045&adf=261726550&pi=t.aa~a.316154636~rp.4&w=165&fwrn=4&fwrnh=100&lmt=1706730360&rafmt=1&to=qs&pwprc=5444177883&format=165x240&url=https%3A%2F%2Fwww.ghicitul-in-cafea.visele.ro%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706730360476&bpp=1&bdt=1714&idt=-M&shv=r20240124&mjsv=m202401250101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9ecc79d0a07ddf8b%3AT%3D1706730359%3ART%3D1706730359%3AS%3DALNI_MZQqIQxzXB2bwqYb69NhQnrdg1q4w&gpic=UID%3D00000dbc69f1bff8%3AT%3D1706730359%3ART%3D1706730359%3AS%3DALNI_MYWCJcbvG93Oc_txDJjoTC_FagjWw&eo_id_str=ID%3D82a3c4e2c9f7663a%3AT%3D1706730359%3ART%3D1706730359%3AS%3DAA-AfjZD6fiDNjWNZPWLZcUrRwNY&prev_fmts=0x0%2C1200x280%2C165x600&nras=4&correlator=885186682325&frm=20&pv=1&ga_vid=1983624473.1706730359&ga_sid=1706730359&ga_hid=262910539&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=2243&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320377%2C95320870%2C95320892%2C95323009&oid=2&psts=AOrYGsnR3kK9lqLquOobkBoNhvPwAFHF_cq_mZax47eC7qlja7JIK-0S37mvkJm_XTqT46RExBCCWUZnoYJ1xEVSBxUK7GHw&pvsid=1492829663965137&tmod=1562015107&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=458

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401250101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c17::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

66911b80517b6538f51b64bfadf6eb348833ec0fe657688a52b92371385047e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ghicitul-in-cafea.visele.ro/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 213
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 31 Jan 2024 19:46:01 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 807D 436 B
233 B 507ms
504ms Document
text/html 2607:f8b0:4004:c17::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-7658725291548330&output=html&h=90&adk=2820297975&adf=1712765404&pi=t.aa~a.1506372498~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1706730360&rafmt=1&to=qs&pwprc=5444177883&format=1200x90&url=https%3A%2F%2Fwww.ghicitul-in-cafea.visele.ro%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706730360476&bpp=1&bdt=1714&idt=-M&shv=r20240124&mjsv=m202401250101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9ecc79d0a07ddf8b%3AT%3D1706730359%3ART%3D1706730359%3AS%3DALNI_MZQqIQxzXB2bwqYb69NhQnrdg1q4w&gpic=UID%3D00000dbc69f1bff8%3AT%3D1706730359%3ART%3D1706730359%3AS%3DALNI_MYWCJcbvG93Oc_txDJjoTC_FagjWw&eo_id_str=ID%3D82a3c4e2c9f7663a%3AT%3D1706730359%3ART%3D1706730359%3AS%3DAA-AfjZD6fiDNjWNZPWLZcUrRwNY&prev_fmts=0x0%2C1200x280%2C165x600%2C165x240&nras=5&correlator=885186682325&frm=20&pv=1&ga_vid=1983624473.1706730359&ga_sid=1706730359&ga_hid=262910539&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3661&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320377%2C95320870%2C95320892%2C95323009&oid=2&psts=AOrYGsnR3kK9lqLquOobkBoNhvPwAFHF_cq_mZax47eC7qlja7JIK-0S37mvkJm_XTqT46RExBCCWUZnoYJ1xEVSBxUK7GHw&pvsid=1492829663965137&tmod=1562015107&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=474

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401250101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c17::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

51e95c728c69aaf3510e1906768f045a2049c748b4e44f36657d31b37ceb7447

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ghicitul-in-cafea.visele.ro/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 212
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 31 Jan 2024 19:46:01 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 0D88 436 B
233 B 326ms
324ms Document
text/html 2607:f8b0:4004:c17::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-7658725291548330&output=html&h=50&adk=1099639076&adf=3066093774&pi=t.aa~a.3940500885~rp.4&w=1140&fwrn=4&fwrnh=100&lmt=1706730360&rafmt=1&to=qs&pwprc=5444177883&format=1140x50&url=https%3A%2F%2Fwww.ghicitul-in-cafea.visele.ro%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706730360476&bpp=1&bdt=1714&idt=0&shv=r20240124&mjsv=m202401250101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9ecc79d0a07ddf8b%3AT%3D1706730359%3ART%3D1706730359%3AS%3DALNI_MZQqIQxzXB2bwqYb69NhQnrdg1q4w&gpic=UID%3D00000dbc69f1bff8%3AT%3D1706730359%3ART%3D1706730359%3AS%3DALNI_MYWCJcbvG93Oc_txDJjoTC_FagjWw&eo_id_str=ID%3D82a3c4e2c9f7663a%3AT%3D1706730359%3ART%3D1706730359%3AS%3DAA-AfjZD6fiDNjWNZPWLZcUrRwNY&prev_fmts=0x0%2C1200x280%2C165x600%2C165x240%2C1200x90&nras=6&correlator=885186682325&frm=20&pv=1&ga_vid=1983624473.1706730359&ga_sid=1706730359&ga_hid=262910539&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=3551&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320377%2C95320870%2C95320892%2C95323009&oid=2&psts=AOrYGsnR3kK9lqLquOobkBoNhvPwAFHF_cq_mZax47eC7qlja7JIK-0S37mvkJm_XTqT46RExBCCWUZnoYJ1xEVSBxUK7GHw&pvsid=1492829663965137&tmod=1562015107&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=4&fsb=1&dtd=489

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401250101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c17::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

68ae04c7629598bd311ad9502851a6f348d6b1a69889f8bf50d8acfc75860c7c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ghicitul-in-cafea.visele.ro/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 212
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 31 Jan 2024 19:46:01 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 AGSKWxXWxhjrg7bSYBmZ5qdbHPzFamxXsu_2YtnldroZzavrMRzBrQp0bg9n31s3G6cdmxY1UpdZFu-7kQPpI7IigicGhU14rA_OS16Vc-4jQ_iD91Q-pY8g32p_qffXnRd1oq27ni1TQw== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 92ms
81ms Script
application/javascript 2607:f8b0:4004:c1b::8b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXWxhjrg7bSYBmZ5qdbHPzFamxXsu_2YtnldroZzavrMRzBrQp0bg9n31s3G6cdmxY1UpdZFu-7kQPpI7IigicGhU14rA_OS16Vc-4jQ_iD91Q-pY8g32p_qffXnRd1oq27ni1TQw==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA2NzMwMzYxLDgwMDAwMDBdLG51bGwsbnVsbCxudWxsLFtudWxsLFs3XV0sImh0dHBzOi8vd3d3LmdoaWNpdHVsLWluLWNhZmVhLnZpc2VsZS5yby8iLG51bGwsW1s4LCJsTUl6ZEFLS0RFWSJdLFs5LCJlbi1VUyJdLFsxOCwiW1tbMF1dXSJdLFsxOSwiMiJdLFsxNywiWzBdIl1dXQ

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.lMIzdAKKDEY.es5.O/am=wA/d=1/rs=AJlcJMzmB6bdT_BMgeeZSzvNF8-3Z93uig/m=kernel_loader,loader_js_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::8b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c6a199b61b997bf3f055a872d73827ebd4012b5dbc418016834fbaf0f90765a6

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-G7YYOrikcpDdXkJsujFUyA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.ghicitul-in-cafea.visele.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 19:46:01 GMT
content-security-policy: script-src 'report-sample' 'nonce-G7YYOrikcpDdXkJsujFUyA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjOsKoxSXF4KUhxXDe6Q7TdSC-qPKU6SYQ1zI8Y2oF4gfhz5heALGBxnMmCyAuyH7OVAHEjH9eMHEC8bsvL5kEvr5kkgBiLSB-J_mK6RsQ7_DxYHkTPp2VL2I66-mC6ayXgZitAsgH4ri66awFQMy3bjqr4frprFvOTGfdA8Qxz6ezpgDxYtYZrKuBeErgDNY5QNwSPYN1GhA7pc9gDQHiz5kzWH8Dcdntc6x1QCzEzfHz2Ku1bAIfPj6TAQAf81kI"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET fontawesome-webfont.woff
www.visele.ro/vendor/fontawesome/fonts/ 0
0

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 5718
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CHbLod6O6ZejQG8WI3rsP0o6S2AO6_vDKdeXjypCQErHR_d8FEAEg--W4DGDJ7o6LwKSMEKABqsDC7inIAQmpAjOWNy3ILrI-qAMByAPLBKoE7AFP0MdGtShS2Odyep2IMfmC6cWoBAsnlw6...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x423b32eec45aedaf0000000000000000%22,%222%22:%220x1ca2d29b94700c8c0000000000000000%22,%223%22:%220x1c7417...

0
0

163ms
95ms

Fetch
text/css

172.253.122.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x423b32eec45aedaf0000000000000000%22,%222%22:%220x1ca2d29b94700c8c0000000000000000%22,%223%22:%220x1c741767503b9f820000000000000000%22,%224%22:%220xa905d8006302c5030000000000000000%22,%225%22:%220x8f5b255ccce41b7b0000000000000000%22},%22debug_key%22:%2213697302216009607348%22,%22debug_reporting%22:true,%22destination%22:%22https://optionish.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211237629994%22],%2222%22:[%22true%22],%224%22:[%2201-31%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2211143779162951045441%22}&andc=true

Requested by

Host: www.ghicitul-in-cafea.visele.ro
URL: https://www.ghicitul-in-cafea.visele.ro/

Protocol

Server

172.253.122.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f156.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 19:46:02 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"1":"0x423b32eec45aedaf0000000000000000","2":"0x1ca2d29b94700c8c0000000000000000","3":"0x1c741767503b9f820000000000000000","4":"0xa905d8006302c5030000000000000000","5":"0x8f5b255ccce41b7b0000000000000000"},"debug_key":"13697302216009607348","debug_reporting":true,"destination":"https://optionish.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11237629994"],"22":["true"],"4":["01-31"],"6":["true"]},"priority":"500","source_event_id":"11143779162951045441"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 31 Jan 2024 19:46:02 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 31 Jan 2024 19:46:01 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0x423b32eec45aedaf0000000000000000","2":"0x1ca2d29b94700c8c0000000000000000","3":"0x1c741767503b9f820000000000000000","4":"0xa905d8006302c5030000000000000000","5":"0x8f5b255ccce41b7b0000000000000000"},"debug_key":"13697302216009607348","debug_reporting":true,"destination":"https://optionish.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11237629994"],"22":["true"],"4":["01-31"],"6":["true"]},"priority":"500","source_event_id":"11143779162951045441"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 i_I7gtk5u389ZGUJiYlLngBTR4no54KgcGkAXYvtCUw.js Show response
pagead2.googlesyndication.com/bg/ Frame 68A5 51 KB
19 KB 50ms
34ms Script
text/javascript 2607:f8b0:4004:c1b::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/i_I7gtk5u389ZGUJiYlLngBTR4no54KgcGkAXYvtCUw.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1b::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8bf23b82d939bb7f3d64650989894b9e00534789e8e782a07069005d8bed094c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 21:51:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 424456
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19704
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 25 Jan 2025 21:51:45 GMT

GET
H2 200 video_playlist.js Show response
ad.vidverto.io/vidverto/player/ui/js/ 112 KB
32 KB 241ms
224ms Script
application/javascript 185.132.133.134
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.vidverto.io/vidverto/player/ui/js/video_playlist.js?v=1698683788
Requested by: Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/player/vidvertoplayer.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.132.133.134 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 185-132-133-134.hosted-by-worldstream.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 1a1d718d37cfe41f443875b0e534554d59fc224d8ea838cfbfcb5d9d426a2a59

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.ghicitul-in-cafea.visele.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 19:46:01 GMT
content-encoding: gzip
last-modified: Mon, 30 Oct 2023 17:37:37 GMT
server: nginx/1.14.0 (Ubuntu)
etag: W/"653fe9e1-1bee3"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=3600, public, max-age=3600
expires: Wed, 31 Jan 2024 20:46:01 GMT

GET
H2 200 video_playlist.css
ad.vidverto.io/vidverto/player/ui/css/ 61 KB
9 KB 132ms
116ms Stylesheet
text/css 185.132.133.134
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.vidverto.io/vidverto/player/ui/css/video_playlist.css?v=1698683788
Requested by: Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/player/vidvertoplayer.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.132.133.134 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 185-132-133-134.hosted-by-worldstream.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 79e5889c36479f99096a96a61cbfa92fc35ecf12d233635e0224b2c415859de1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.ghicitul-in-cafea.visele.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 19:46:01 GMT
content-encoding: gzip
last-modified: Sun, 28 Feb 2021 22:32:40 GMT
server: nginx/1.14.0 (Ubuntu)
etag: W/"603c1a08-f52f"
vary: Accept-Encoding
content-type: text/css

GET
H2 200 bridge3.616.1_en.html Show response
imasdk.googleapis.com/js/core/ Frame F159 755 KB
242 KB 40ms
38ms Document
text/html 2607:f8b0:4004:c06::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.616.1_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7106a90b5b2a07d04bc03d00d85d009856af368266c75ed077a10d69b77a5859

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ghicitul-in-cafea.visele.ro/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 84935
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 247192
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Tue, 30 Jan 2024 20:10:26 GMT
expires: Wed, 29 Jan 2025 20:10:26 GMT
last-modified: Tue, 30 Jan 2024 19:58:37 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ 44 KB
17 KB 160ms
53ms Script
text/javascript 2607:f8b0:4004:c1d::95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::95 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.ghicitul-in-cafea.visele.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 19:46:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16746
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 31 Jan 2024 19:46:01 GMT

GET
DATA 200
OK truncated
/ 71 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 56f90a84ab6429264698fd0480ef391cb63c524b8326fc61cb42e773d4e81e99

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 13C4 40 KB
14 KB 67ms
67ms Script
text/javascript 2607:f8b0:4004:c1b::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1b::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 18:48:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3426
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13893
x-xss-protection: 0
last-modified: Wed, 09 Aug 2023 15:57:08 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
vary: Accept-Encoding
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Wed, 31 Jan 2024 19:48:55 GMT

GET
H/1.1 206
Partial Content 480_650.mp4
cdn.vidverto.io/secured2/9mxIwkrPaa6FvndIkrmR9g:1706733959/1327/video/1817/ 32 KB
0 783ms
108ms Media
video/mp4 185.165.240.123
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.vidverto.io/secured2/9mxIwkrPaa6FvndIkrmR9g:1706733959/1327/video/1817/480_650.mp4
Requested by: Host: www.ghicitul-in-cafea.visele.ro
URL: https://www.ghicitul-in-cafea.visele.ro/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.165.240.123 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 185-165-240-123.hosted-by-worldstream.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash

Request headers

Referer: https://www.ghicitul-in-cafea.visele.ro/
Accept-Encoding: identity;q=1, *;q=0
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Range: bytes=0-

Response headers

Date: Wed, 31 Jan 2024 19:46:01 GMT
Last-Modified: Thu, 02 Sep 2021 16:35:10 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "6130fd3e-7b4088"
Content-Type: video/mp4
Access-Control-Allow-Origin: *
Content-Range: bytes 0-8077447/8077448
Connection: keep-alive
Content-Length: 8077448

GET
H3 200 AGSKWxUazftgQrc4tPZV8EinxFc3bKGcXj741ZK2caI_B3Is7X1yBgoTdD33MlmoXcqoDxBBXOBL9km2eiA2bejnUbN8bP24vH4CFtMMo9Mz4tvU6v-pR7W4Dl2Q4VYV9gZFWF1_R5Xe9Q== Show response
fundingchoicesmessages.google.com/f/ 10 KB
5 KB 113ms
82ms Script
application/javascript 2607:f8b0:4004:c1b::8b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxUazftgQrc4tPZV8EinxFc3bKGcXj741ZK2caI_B3Is7X1yBgoTdD33MlmoXcqoDxBBXOBL9km2eiA2bejnUbN8bP24vH4CFtMMo9Mz4tvU6v-pR7W4Dl2Q4VYV9gZFWF1_R5Xe9Q==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA2NzMwMzYxLDI2NDAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOV0sbnVsbCwyLG51bGwsInJvIl0sImh0dHBzOi8vd3d3LmdoaWNpdHVsLWluLWNhZmVhLnZpc2VsZS5yby8iLG51bGwsW1s4LCJsTUl6ZEFLS0RFWSJdLFs5LCJlbi1VUyJdLFsxOCwiW1tbMF1dXSJdLFsxOSwiMiJdLFsxNywiWzBdIl1dXQ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1b::8b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4ded9449c7be7705443f53978d9a54055ce9d7bf55e1a952aa64e433824f81f7

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-aZVBMXG_RoURnaiWPuwSMw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.ghicitul-in-cafea.visele.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 19:46:01 GMT
content-security-policy: script-src 'report-sample' 'nonce-aZVBMXG_RoURnaiWPuwSMw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjOsKoxSXFEKwhxXDe6Q7TdSC-qPKU6SYQ1zI8Y2oF4gfhz5heALGBxnMmCyAuyH7OVAHEjH9eMHEC8bsvL5kEvr5kkgBiLSB-J_mK6RsQ7_DxYHkTPp2VL2I66-mC6ayXgZitAsgH4ri66awFQMy3bjqr4frprFvOTGfdA8Qxz6ezpgDxYtYZrKuBeErgDNY5QNwSPYN1GhA7pc9gDQHiz5kzWH8Dcdntc6x1QCzEw_Hz2Ku1bAI3vi9dyAgAgC5ZRQ"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 563ms
97ms Preflight
text/html 172.253.122.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.122.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f156.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Wed, 31 Jan 2024 19:46:01 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v12/ 18 KB
18 KB 41ms
40ms Font
font/woff2 2607:f8b0:4004:c06::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v12/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/player/ui/css/video_playlist.css?v=1698683788

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4ab7918478793ceb022d3f5449e401b44b78d87bc4429058ebb8b64163640da2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad.vidverto.io/
Origin: https://www.ghicitul-in-cafea.visele.ro
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 17:56:49 GMT
x-content-type-options: nosniff
age: 524952
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18684
x-xss-protection: 0
last-modified: Tue, 07 Nov 2017 15:24:32 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 24 Jan 2025 17:56:49 GMT

GET
H2 200 JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2
fonts.gstatic.com/s/montserrat/v12/ 19 KB
19 KB 55ms
54ms Font
font/woff2 2607:f8b0:4004:c06::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v12/JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2

Requested by

Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/player/ui/css/video_playlist.css?v=1698683788

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

746589ecfb4406519933a6aea5f1149224afcba81e3c3ef0541e7ad6c8111b7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad.vidverto.io/
Origin: https://www.ghicitul-in-cafea.visele.ro
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 17:36:27 GMT
x-content-type-options: nosniff
age: 526174
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18956
x-xss-protection: 0
last-modified: Tue, 07 Nov 2017 15:27:08 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 24 Jan 2025 17:36:27 GMT

GET
H2 200 logo.svg
ad.vidverto.io/vidverto/player/ 414 B
551 B 114ms
113ms Image
image/svg+xml 185.132.133.134
WORLDSTREAM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.vidverto.io/vidverto/player/logo.svg
Requested by: Host: www.ghicitul-in-cafea.visele.ro
URL: https://www.ghicitul-in-cafea.visele.ro/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.132.133.134 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 185-132-133-134.hosted-by-worldstream.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 8d5d4d2769bdb28802f4309747ef6a358007eeb37daadc66a78ba0ca81cd4bce

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.ghicitul-in-cafea.visele.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 19:46:01 GMT
last-modified: Wed, 04 May 2022 14:39:21 GMT
server: nginx/1.14.0 (Ubuntu)
accept-ranges: bytes
etag: "62729019-19e"
content-length: 414
content-type: image/svg+xml

GET fontawesome-webfont.ttf
www.visele.ro/vendor/fontawesome/fonts/ 0
0

GET
H/1.1 206
Partial Content 480_650.mp4
cdn.vidverto.io/secured2/9mxIwkrPaa6FvndIkrmR9g:1706733959/1327/video/1817/ 64 KB
0 334ms
115ms Media
video/mp4 185.165.240.123
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.vidverto.io/secured2/9mxIwkrPaa6FvndIkrmR9g:1706733959/1327/video/1817/480_650.mp4
Requested by: Host: www.ghicitul-in-cafea.visele.ro
URL: https://www.ghicitul-in-cafea.visele.ro/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.165.240.123 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 185-165-240-123.hosted-by-worldstream.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash

Request headers

Referer: https://www.ghicitul-in-cafea.visele.ro/
Accept-Encoding: identity;q=1, *;q=0
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Range: bytes=0-

Response headers

Date: Wed, 31 Jan 2024 19:46:02 GMT
Last-Modified: Thu, 02 Sep 2021 16:35:10 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "6130fd3e-7b4088"
Content-Type: video/mp4
Access-Control-Allow-Origin: *
Content-Range: bytes 0-8077447/8077448
Connection: keep-alive
Content-Length: 8077448

GET
H3 200 bridge3.616.1_en.html Show response
imasdk.googleapis.com/js/core/ Frame 606E 755 KB
241 KB 39ms
35ms Document
text/html 2607:f8b0:4004:c06::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.616.1_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7106a90b5b2a07d04bc03d00d85d009856af368266c75ed077a10d69b77a5859

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ghicitul-in-cafea.visele.ro/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 84935
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 247192
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Tue, 30 Jan 2024 20:10:26 GMT
expires: Wed, 29 Jan 2025 20:10:26 GMT
last-modified: Tue, 30 Jan 2024 19:58:37 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 9C37 40 KB
14 KB 41ms
40ms Script
text/javascript 2607:f8b0:4004:c1b::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1b::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 18:48:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3426
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13893
x-xss-protection: 0
last-modified: Wed, 09 Aug 2023 15:57:08 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
vary: Accept-Encoding
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Wed, 31 Jan 2024 19:48:55 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 5718 42 B
64 B 97ms
95ms Fetch
image/gif 2607:f8b0:4004:c1b::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuArqCklrdp7F_sgwqQNevZsdZO0LWHGpaNwJ-RY4HM2r4Q9PpzQMKOhhImn_JIw_6_k2qWLtZqT0020EAJ-MgC2YdNp1M87j2zqujrESonwyqQqKkzX7y-uLAul9clwmGpmOefL42ui6ImK_cTUs5hNg3-&sai=AMfl-YTBm4hLEi40L-b5RuKV6fOiMuM3zCCsEKjfyvuh4X7gZD8UbDVAgBgF_HTVVIVtu9FcqmlSvYLQFSXmVgY502pyvAv8sNpCrCFc7LBqzmmtu2xm0c1vTX6ZPlOYl3qECQBTMcbZZSPTl_FwrDgfWA&sig=Cg0ArKJSzDJHItOCWCTgEAE&cid=CAQSTwAvHhf_fb_yYn4Q2a-BSC3Thn6K3plncXgDDMNj0unFdSashQXDhQsWkHuxTBGMJFEnIGUupb7D-rbbU6mw4m9-IMTrG9r1brVgy60wLuUYAQ&id=lidar2&mcvt=1011&p=0,0,280,1200&mtos=1011,1011,1011,1011,1011&tos=1011,0,0,0,0&v=20240130&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1213588912&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=266316000&rst=1706730359409&rpt=1709&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1b::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 31 Jan 2024 19:46:02 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 206
Partial Content 480_650.mp4
cdn.vidverto.io/secured2/9mxIwkrPaa6FvndIkrmR9g:1706733959/1327/video/1817/ 80 KB
80 KB 322ms
107ms Media
video/mp4 185.165.240.123
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.vidverto.io/secured2/9mxIwkrPaa6FvndIkrmR9g:1706733959/1327/video/1817/480_650.mp4
Requested by: Host: www.ghicitul-in-cafea.visele.ro
URL: https://www.ghicitul-in-cafea.visele.ro/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.165.240.123 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 185-165-240-123.hosted-by-worldstream.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 80e691513d819191e33c0c51892c4ac816b21178dc89b5fcc06bc0cb60e932aa

Request headers

Referer: https://www.ghicitul-in-cafea.visele.ro/
Accept-Encoding: identity;q=1, *;q=0
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Range: bytes=7995392-

Response headers

Date: Wed, 31 Jan 2024 19:46:02 GMT
Last-Modified: Thu, 02 Sep 2021 16:35:10 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "6130fd3e-7b4088"
Content-Type: video/mp4
Access-Control-Allow-Origin: *
Content-Range: bytes 7995392-8077447/8077448
Connection: keep-alive
Content-Length: 82056

GET
H3 200 ad. Show response
fundingchoicesmessages.google.com/f/AGSKWxVkag3T9gjv9cKmJCOykpSzgrXRPEEFpQkdEHaiet9etqBdJQ3WivnFiJXv5sZP9900XxsRjvsfZdC5kh_2BsAMcof7m5B1M2q3ev4vfpF9OQWSW5TuTuMj4ct7Xay8ikeT4vc5kwn8kQVKwwYJIfazaljEc... 54 B
109 B 56ms
55ms Script
application/javascript 2607:f8b0:4004:c1b::8b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxVkag3T9gjv9cKmJCOykpSzgrXRPEEFpQkdEHaiet9etqBdJQ3WivnFiJXv5sZP9900XxsRjvsfZdC5kh_2BsAMcof7m5B1M2q3ev4vfpF9OQWSW5TuTuMj4ct7Xay8ikeT4vc5kwn8kQVKwwYJIfazaljEcFFdj4lFZqf7csmmecIsZ4BIwfsE_Wut/_/adviewer./flatad.-468_60./rassets1/ads-/inc/ad.

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.lMIzdAKKDEY.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMwUwk8S3lvqCRjdd4FHf7_IJcArdw/m=ad_blocking_detection_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1b::8b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6d8dbe76f98a29eba04d1c2d6427911945769e402cb0da2723ce99c7281fbeca

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-JqNdsQyCUlQoDy5fulEj9g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.ghicitul-in-cafea.visele.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 19:46:02 GMT
content-security-policy: script-src 'report-sample' 'nonce-JqNdsQyCUlQoDy5fulEj9g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjOsOoxSXFEKghxXDi1m2mC0B83ukO03UgvqjylOkmENcyPGNqBeIH4c-YXgCxgcZzJgsgLsh-zlQBxIx_XjBxAvG7Ly-ZBL6-ZJIAYi0gfif5iukbEO_w8WB5Ez6dlS9iOuvpgumsl4GYrQLIB-K4uumsBUDMt246q-H66axbzkxn3QPEMc-ns6YA8WLWGayrgXhK4AzWOUDcEj2DdRoQO6XPYA0B4s-ZM1h_A3HZ7XOsdUAsxMPx69irtWwCJ_7ceMEIAKPQXsE"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 show_companion_ad.js Show response
pagead2.googlesyndication.com/pagead/ 30 KB
11 KB 34ms
33ms Script
text/javascript 2607:f8b0:4004:c1b::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_companion_ad.js?fcd=true

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1b::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f58309f6361e67c1bfc3f0cd9fe217c931c95911b21129dbafb364e2a8902c19

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.ghicitul-in-cafea.visele.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 19:34:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 706
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11399
x-xss-protection: 0
server: cafe
etag: 11747613320577944511
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Wed, 31 Jan 2024 20:34:16 GMT

POST
H3 204 AGSKWxUD4DREN1uW53rOwVsQ_0Yn3IMAsCaqiWaXHZ2f5vgc7znOc9lt_c7IsjkB7yqZ2ufecxEc8bqG41FEpJpw2DlgPTdrhpSmysU-JwbqO5vgfKBq05qNuxgwrMJjXje8CjfUgVlCWg== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 119ms
53ms XHR
text/html 2607:f8b0:4004:c1b::8b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUD4DREN1uW53rOwVsQ_0Yn3IMAsCaqiWaXHZ2f5vgc7znOc9lt_c7IsjkB7yqZ2ufecxEc8bqG41FEpJpw2DlgPTdrhpSmysU-JwbqO5vgfKBq05qNuxgwrMJjXje8CjfUgVlCWg==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1b::8b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-6ig1Ny6Yta5NOnhlZUVSBw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.ghicitul-in-cafea.visele.ro/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 31 Jan 2024 19:46:02 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-6ig1Ny6Yta5NOnhlZUVSBw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjctHikmLw1JBiqGV4xtQKxAXZz5kqgJjxzwsmTiB-J_mK6RsQ7_DxYJkSOIN1DhA7pc9gDQHistvnWOuAWIiH49exV2vZBHb0r-xkAgDwaSCm"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.ghicitul-in-cafea.visele.ro
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxUD4DREN1uW53rOwVsQ_0Yn3IMAsCaqiWaXHZ2f5vgc7znOc9lt_c7IsjkB7yqZ2ufecxEc8bqG41FEpJpw2DlgPTdrhpSmysU-JwbqO5vgfKBq05qNuxgwrMJjXje8CjfUgVlCWg== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 77ms
53ms XHR
text/html 2607:f8b0:4004:c1b::8b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUD4DREN1uW53rOwVsQ_0Yn3IMAsCaqiWaXHZ2f5vgc7znOc9lt_c7IsjkB7yqZ2ufecxEc8bqG41FEpJpw2DlgPTdrhpSmysU-JwbqO5vgfKBq05qNuxgwrMJjXje8CjfUgVlCWg==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1b::8b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-C_zAH_NvyYhaKO-n5XWZLw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.ghicitul-in-cafea.visele.ro/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 31 Jan 2024 19:46:02 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-C_zAH_NvyYhaKO-n5XWZLw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjctHikmLw05BiqGV4xtQKxAXZz5kqgJjxzwsmTiB-J_mK6RsQ7_DxYJkSOIN1DhA7pc9gDQHistvnWOuAWIiH49exV2vZBBa86-lkAgDynCDV"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://www.ghicitul-in-cafea.visele.ro
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxUD4DREN1uW53rOwVsQ_0Yn3IMAsCaqiWaXHZ2f5vgc7znOc9lt_c7IsjkB7yqZ2ufecxEc8bqG41FEpJpw2DlgPTdrhpSmysU-JwbqO5vgfKBq05qNuxgwrMJjXje8CjfUgVlCWg== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 61ms
52ms XHR
text/html 2607:f8b0:4004:c1b::8b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUD4DREN1uW53rOwVsQ_0Yn3IMAsCaqiWaXHZ2f5vgc7znOc9lt_c7IsjkB7yqZ2ufecxEc8bqG41FEpJpw2DlgPTdrhpSmysU-JwbqO5vgfKBq05qNuxgwrMJjXje8CjfUgVlCWg==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1b::8b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-ZTRvytAql6CdgcrMPMtLcg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.ghicitul-in-cafea.visele.ro/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 31 Jan 2024 19:46:02 GMT
content-security-policy: script-src 'report-sample' 'nonce-ZTRvytAql6CdgcrMPMtLcg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjctHikmLw05BiqGV4xtQKxAXZz5kqgJjxzwsmTiB-J_mK6RsQ7_DxYJkSOIN1DhA7pc9gDQHistvnWOuAWIiH49exV2vZBBbMv9zBBADyMyDM"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://www.ghicitul-in-cafea.visele.ro
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxUD4DREN1uW53rOwVsQ_0Yn3IMAsCaqiWaXHZ2f5vgc7znOc9lt_c7IsjkB7yqZ2ufecxEc8bqG41FEpJpw2DlgPTdrhpSmysU-JwbqO5vgfKBq05qNuxgwrMJjXje8CjfUgVlCWg== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 58ms
50ms XHR
text/html 2607:f8b0:4004:c1b::8b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUD4DREN1uW53rOwVsQ_0Yn3IMAsCaqiWaXHZ2f5vgc7znOc9lt_c7IsjkB7yqZ2ufecxEc8bqG41FEpJpw2DlgPTdrhpSmysU-JwbqO5vgfKBq05qNuxgwrMJjXje8CjfUgVlCWg==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1b::8b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-ht-ipjbEhv6r9lBjPiIXgQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.ghicitul-in-cafea.visele.ro/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 31 Jan 2024 19:46:02 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-ht-ipjbEhv6r9lBjPiIXgQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjctHikmJw1JBiqGV4xtQKxAXZz5kqgJjxzwsmTiB-J_mK6RsQ7_DxYJkSOIN1DhA7pc9gDQHistvnWOuAWIiH49exV2vZBFYs2NnOBADuGSCt"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://www.ghicitul-in-cafea.visele.ro
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxVKP-HP3-x5S0TvwxdWeC30lc8BO0-v90S7ArdICb7aKst-IK0kh_KD3kvr5GVW8fJBFtfbXEH0QvowLxEfl5TqauoO1k9o5dc6ALLWxIIqauUw2OkMzBZnV_wL15TWScHhjAYKOg== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 65ms
65ms Script
application/javascript 2607:f8b0:4004:c1b::8b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxVKP-HP3-x5S0TvwxdWeC30lc8BO0-v90S7ArdICb7aKst-IK0kh_KD3kvr5GVW8fJBFtfbXEH0QvowLxEfl5TqauoO1k9o5dc6ALLWxIIqauUw2OkMzBZnV_wL15TWScHhjAYKOg==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA2NzMwMzYyLDUxNTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOSw2XSxudWxsLDIsbnVsbCwicm8iLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly93d3cuZ2hpY2l0dWwtaW4tY2FmZWEudmlzZWxlLnJvLyIsbnVsbCxbWzgsImxNSXpkQUtLREVZIl0sWzksImVuLVVTIl0sWzE4LCJbW1swXV1dIl0sWzE5LCIyIl0sWzE3LCJbMF0iXV1d

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1b::8b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a29a2d172013dd6361fd8271b12cb1e4383064ff008746f0da78cac350c2d270

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-qXW2Gul13VW2Ffnxwi_S3A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.ghicitul-in-cafea.visele.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 19:46:02 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-qXW2Gul13VW2Ffnxwi_S3A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJwNxz0IQWEUBuDr5AhJMmE23ExsZpNiUYoik5Isd5KFDCxm-b7BZhQWg8EoC5EMEoOFi2TxM2DwDs_wWCcGn9WjRFSPsgztaQMr75G2UFZOVIdD4kRn8Ks6BUEr6FQCw-9MFrg_L-R4XcgFPri7r_SGUTRsvCUE25OCZ5rgNZhKOGQqgjWw9wUHBoKHc8FjSOuCs9BhyV1oxiS3oZaS3IJQTnIcHnnJXyjuFlwBp838mV57Jkd1V2_QH3cUWJQ"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxWKUEv2bg3YwCyTi1WB-xG_NLqNW4wOieJe8XoWSxts_x_ezwef9ng2jgqtVDvGRFlbrMZti-TwFohR01eaIAsYumHGU2YrCxK1GGfxgdyzUjhx9Lho-NIseEYHKkltUOoTV4fHCg== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 58ms
57ms XHR
text/html 2607:f8b0:4004:c1b::8b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWKUEv2bg3YwCyTi1WB-xG_NLqNW4wOieJe8XoWSxts_x_ezwef9ng2jgqtVDvGRFlbrMZti-TwFohR01eaIAsYumHGU2YrCxK1GGfxgdyzUjhx9Lho-NIseEYHKkltUOoTV4fHCg==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1b::8b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-AtBSJvbH6B6QJqOl_P7yrQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.ghicitul-in-cafea.visele.ro/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 31 Jan 2024 19:46:02 GMT
content-security-policy: script-src 'report-sample' 'nonce-AtBSJvbH6B6QJqOl_P7yrQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjctHikmII1JBiqGV4xtQKxAXZz5kqgJjxzwsmTiB-J_mK6RsQ7_DxYJkSOIN1DhA7pc9gDQHistvnWOuAWIiH49exV2vZBC4c3r2MCQD0kSEp"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.ghicitul-in-cafea.visele.ro
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxUD4DREN1uW53rOwVsQ_0Yn3IMAsCaqiWaXHZ2f5vgc7znOc9lt_c7IsjkB7yqZ2ufecxEc8bqG41FEpJpw2DlgPTdrhpSmysU-JwbqO5vgfKBq05qNuxgwrMJjXje8CjfUgVlCWg== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 59ms
58ms XHR
text/html 2607:f8b0:4004:c1b::8b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUD4DREN1uW53rOwVsQ_0Yn3IMAsCaqiWaXHZ2f5vgc7znOc9lt_c7IsjkB7yqZ2ufecxEc8bqG41FEpJpw2DlgPTdrhpSmysU-JwbqO5vgfKBq05qNuxgwrMJjXje8CjfUgVlCWg==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1b::8b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Ol0QIpvMNDa2AAOi2EhY_Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.ghicitul-in-cafea.visele.ro/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 31 Jan 2024 19:46:02 GMT
content-security-policy: script-src 'report-sample' 'nonce-Ol0QIpvMNDa2AAOi2EhY_Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjctHikmLw05BiqGV4xtQKxAXZz5kqgJjxzwsmTiB-J_mK6RsQ7_DxYJkSOIN1DhA7pc9gDQHistvnWOuAWIiH49exV2vZBF5sfLSCCQD0UCFV"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://www.ghicitul-in-cafea.visele.ro
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 64ms
63ms XHR
application/json 2607:f8b0:4004:c1b::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240124&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401250101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1b::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

258a2a7dd5451bc663be8ec1b5545219310576a627bceab2b90ad5dfd54a1000

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.ghicitul-in-cafea.visele.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 19:46:03 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12385
x-xss-protection: 0

POST
H2 204 mod_pagespeed_beacon Show response
www.ghicitul-in-cafea.visele.ro/ 0
104 B 150ms
149ms XHR
text/plain 188.247.130.221
TIER-DATA-CENTER

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ghicitul-in-cafea.visele.ro/mod_pagespeed_beacon?url=http%3A%2F%2Fwww.ghicitul-in-cafea.visele.ro%2F

Requested by

Host: www.ghicitul-in-cafea.visele.ro
URL: https://www.ghicitul-in-cafea.visele.ro/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.247.130.221 , Romania, ASN50515 (TIER-DATA-CENTER, RO),

Reverse DNS

mail.twoside.ro

Software

nginx/1.20.2 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Referer: https://www.ghicitul-in-cafea.visele.ro/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 31 Jan 2024 19:46:03 GMT
cache-control: max-age=0, no-cache
strict-transport-security: max-age=31536000;
server: nginx/1.20.2

POST
H2 204 ngx_pagespeed_beacon Show response
www.ghicitul-in-cafea.visele.ro/ 0
104 B 143ms
142ms XHR
text/plain 188.247.130.221
TIER-DATA-CENTER

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ghicitul-in-cafea.visele.ro/ngx_pagespeed_beacon?url=https%3A%2F%2Fwww.ghicitul-in-cafea.visele.ro%2F

Requested by

Host: www.ghicitul-in-cafea.visele.ro
URL: https://www.ghicitul-in-cafea.visele.ro/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.247.130.221 , Romania, ASN50515 (TIER-DATA-CENTER, RO),

Reverse DNS

mail.twoside.ro

Software

nginx/1.20.2 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Referer: https://www.ghicitul-in-cafea.visele.ro/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 31 Jan 2024 19:46:03 GMT
cache-control: max-age=0, no-cache
strict-transport-security: max-age=31536000;
server: nginx/1.20.2

GET
H/1.1 206
Partial Content 480_650.mp4
cdn.vidverto.io/secured2/9mxIwkrPaa6FvndIkrmR9g:1706733959/1327/video/1817/ 168 KB
0 108ms
107ms Media
video/mp4 185.165.240.123
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.vidverto.io/secured2/9mxIwkrPaa6FvndIkrmR9g:1706733959/1327/video/1817/480_650.mp4
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.165.240.123 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 185-165-240-123.hosted-by-worldstream.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash

Request headers

Referer: https://www.ghicitul-in-cafea.visele.ro/
Accept-Encoding: identity;q=1, *;q=0
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Range: bytes=32768-

Response headers

Date: Wed, 31 Jan 2024 19:46:03 GMT
Last-Modified: Thu, 02 Sep 2021 16:35:10 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "6130fd3e-7b4088"
Content-Type: video/mp4
Access-Control-Allow-Origin: *
Content-Range: bytes 32768-8077447/8077448
Connection: keep-alive
Content-Length: 8044680

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 34ms
33ms Script
text/javascript 2607:f8b0:4004:c06::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401250101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.ghicitul-in-cafea.visele.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 19:46:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 31 Jan 2024 19:46:03 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 2853 13 KB
5 KB 33ms
32ms Document
text/html 2607:f8b0:4004:c06::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ghicitul-in-cafea.visele.ro/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 12782
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 31 Jan 2024 16:13:01 GMT
expires: Thu, 30 Jan 2025 16:13:01 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 4153 829 B
1 KB 114ms
47ms Document
text/html 2607:f8b0:4004:c1d::63
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::63 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

ce9c74aa5319d28592fb4c45a0597e075aaf12a0e2b92d364478a805d823ca12

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-5ZmMkJAvD3pM-9DPBkpUSQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ghicitul-in-cafea.visele.ro/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-5ZmMkJAvD3pM-9DPBkpUSQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 31 Jan 2024 19:46:03 GMT
expires: Wed, 31 Jan 2024 19:46:03 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js Show response
pagead2.googlesyndication.com/bg/ Frame 2853 39 KB
15 KB 33ms
32ms Script
text/javascript 2607:f8b0:4004:c1b::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1b::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 06:58:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 218872
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15219
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 28 Jan 2025 06:58:11 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 4153 0
0 114ms
112ms Image
text/html 2607:f8b0:4004:c1b::9d
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20240124&jk=1492829663965137&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4004:c1b::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 2853 0
10 B 33ms
32ms Image
text/plain 2607:f8b0:4004:c06::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?7xgdnA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4004:c06::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 19:46:03 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 96ms
95ms Image
text/html 2607:f8b0:4004:c1b::9d
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240124&jk=1492829663965137&bg=!7-yl7KPNAAa8BdJLnAU7ADQBe5WfOF2IP7XiUMGryvKXuPGniEHbmT5DDymPB2OzPMXbs05oLgYrD37DUcyBReOpj4bhAgAAAHdSAAAACWgBBwoAVUtVdHmR8nH5htmGbIPRQjWAc3NuyQ0Dqxt9y7oL8Mp_uRqsy3SXBKkXIatjGnnVvNwnrVAkraBKCsYMcdTaQRixE0ZOIbvh9J6E1Bb6QWmvY8xlcxiZAsN1rjnK7i20B38kUqKHlXdXHWo4cLAZqs-D84BI7UdSk4anUtI5VZuUGZdvR0drXKrbq9UFJvS5nJmrSjh8nHhGtshtb0GGo707M77swcOK93_sGJ9EkvSDQMvkdO8dvMwHMTMtaNkiXpVjU3MZUTYaQ7RKgQi8mWsbtpNhpB9j_rZpN8-dNItByHADHKonihPHyY-HUtuSXJOx9Vg8b5ZGzBoVcfp4vcDv4Ok5ruGBxRndQY7Y0iaBPW342GRI6_JslfX-hKyDoW9W7yzXL49mcvCIdFDkiSRp8IpHu7CU1t9XGKX0Qp18iKFBLon-aqumKNP4qcxvDC2Xz0CGXQADpoN3ZWF4XM_CfxMjVrBJ_fRgDx4JOGn-HUm4WXQC4DEOhIakdJxon5yD6dABVKRqGal4g_oiiVPEdv1J1ddv4NH67UcfD5cuXJiv7_gYic8jJcwYlYx_bidQeL0KJ7hRHov-fZypmAdBJDysh4OUGrq1ODjoZIkGS5qOrlFvWA9-7gJo6e0iLJ7Ql_sXOyV4JGP6M_CZBnpW0cuhSMGw4DvxLdp7uwaDiGjrn2idAp3d05FiJq-3Y8gdfYkmPY05HcmQaOjYw8eymv4u1T-2SKt6b81vr40nxq8W-H1v6caWZ8eA6plD-urFZvdI7GHmyB5myS_RM-RmDxXqJ2U6i24n2qRZPpO1ee_jpsnjUfv4CaPEOsw0XiBTMNV24KPsBr2ut24QOZsXv4RERep070yHvtH61WWEbspzSSQ6p_Q8lSLEoGJznWFqKGIO2PVpX7BdC82EOYyEIYt3KNPXoOl1jXP3kgKudAUboA4otOgWDPfSN4mftR2ZvOI2_XZXCqmfea_05gHpZMUCjvED0_Nx_vUFSWzA1fufPHKgV08pPFWdg5GmV4fOrJgUpURRMU6BpFn59MjHwmB7HsoAbR-Pcg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4004:c1b::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.ghicitul-in-cafea.visele.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

GET
H2 200 / Show response
onetag-sys.com/usync/ Frame 10A7 4 KB
2 KB 32ms
31ms Document
text/html 51.222.39.187
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?cb=1706730361209

Requested by

Host: ad.vidverto.io
URL: https://ad.vidverto.io/js/achernar/prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.222.39.187 , Canada, ASN16276 (OVH, FR),

Reverse DNS

ip187.ip-51-222-39.net

Software

Resource Hash

015710403ed0616abf19add172f4b597fad7e97df302bb64bad9c269404e8066

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://www.ghicitul-in-cafea.visele.ro/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control: no-transform, no-cache
content-encoding: gzip
content-length: 1395
content-type: text/html
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security: max-age=15552000

GET
H2

200

/
onetag-sys.com/match/ Frame 10A7
Redirect Chain

https://ads.stickyadstv.com/user-matching?id=3679&gdpr=1&gdpr_consent=
https://onetag-sys.com/match/?int_id=3&uid=e643c03e4e8ca4ffc2366ef420a0735a&gdpr_consent=&gdpr=1

0
340 B

31ms
30ms

Image
text/plain

51.222.39.187
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=3&uid=e643c03e4e8ca4ffc2366ef420a0735a&gdpr_consent=&gdpr=1

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1706730361209

Protocol

Server

51.222.39.187 , Canada, ASN16276 (OVH, FR),

Reverse DNS

ip187.ip-51-222-39.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Pragma: no-cache
Date: Wed, 31 Jan 2024 19:46:04 GMT
Server: nginx
Access-Control-Allow-Origin: *
Location: https://onetag-sys.com/match/?int_id=3&uid=e643c03e4e8ca4ffc2366ef420a0735a&gdpr_consent=&gdpr=1
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
x-sticky-vk: 1706730364267078-289

GET
H/1.1 200
OK tap.php
pixel.rubiconproject.com/ Frame 10A7 42 B
936 B 37ms
32ms Image
image/gif 8.43.72.97
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=g72Dh4m_ytTtsMc8Gmnc6yQmgrm8927gFq9HGkR7m4w
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1706730361209
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: f1d2dfe1ca3ed0321925c13f4507bd26
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

/
onetag-sys.com/match/ Frame 10A7
Redirect Chain

https://cs.admanmedia.com/73c1e1bfc3bde354d60b80e601ae3914.gif?puid=[UID]&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D164%26gdpr%3D%24%7BGDPR%7D%26gdpr_consent%3D%24%7BGDPR_STRING%7D%2...
https://onetag-sys.com/match/?int_id=164&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=b4a49eda-4893-4edf-aaee-82bfc1cf327f

0
340 B

32ms
31ms

Image
text/plain

51.222.39.187
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=164&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=b4a49eda-4893-4edf-aaee-82bfc1cf327f

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1706730361209

Protocol

Server

51.222.39.187 , Canada, ASN16276 (OVH, FR),

Reverse DNS

ip187.ip-51-222-39.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Pragma: no-cache
Date: Wed, 31 Jan 2024 19:46:04 GMT
Server: nginx
Location: https://onetag-sys.com/match/?int_id=164&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=b4a49eda-4893-4edf-aaee-82bfc1cf327f
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: 0

GET
H2

200

/
onetag-sys.com/match/ Frame 10A7
Redirect Chain

https://t.adx.opera.com/pub/sync?pubid=pub10101531197440
https://onetag-sys.com/match/?gdpr=&gdpr_consent=%24%7BGDPR_STRING%7D&int_id=168&uid=OPUe552fbe545014cbf9f162d5c6ad3a43d

0
340 B

27ms
27ms

Image
text/plain

51.222.39.187
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?gdpr=&gdpr_consent=%24%7BGDPR_STRING%7D&int_id=168&uid=OPUe552fbe545014cbf9f162d5c6ad3a43d

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1706730361209

Protocol

Server

51.222.39.187 , Canada, ASN16276 (OVH, FR),

Reverse DNS

ip187.ip-51-222-39.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Wed, 31 Jan 2024 19:46:04 GMT
server: Tengine
access-control-allow-methods: POST, GET
content-type: text/html; charset=utf-8
access-control-allow-origin: *
location: https://onetag-sys.com/match/?gdpr=&gdpr_consent=%24%7BGDPR_STRING%7D&int_id=168&uid=OPUe552fbe545014cbf9f162d5c6ad3a43d
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
content-length: 155
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 10A7
Redirect Chain

https://onetag-sys.com/match/?int_id=113&gdpr=1&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=xOWtfEUx-oFpzf-jnYIvRCdO56gQs_VZe79lBmEAo8M

43 B
479 B

45ms
44ms

Image
image/gif

209.54.182.161
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=xOWtfEUx-oFpzf-jnYIvRCdO56gQs_VZe79lBmEAo8M

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1706730361209

Protocol

HTTP/1.1

Server

209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 31 Jan 2024 19:46:04 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 13SV1ATVZAH454MK65ZE
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=xOWtfEUx-oFpzf-jnYIvRCdO56gQs_VZe79lBmEAo8M
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H2

200

/
onetag-sys.com/match/ Frame 10A7
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm
https://onetag-sys.com/match/?int_id=106&google_gid=CAESELSm1C1tlWaIwvIP72qlw-E&google_cver=1

0
340 B

28ms
27ms

Image
text/plain

51.222.39.187
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=106&google_gid=CAESELSm1C1tlWaIwvIP72qlw-E&google_cver=1

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1706730361209

Protocol

Server

51.222.39.187 , Canada, ASN16276 (OVH, FR),

Reverse DNS

ip187.ip-51-222-39.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Wed, 31 Jan 2024 19:46:04 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://onetag-sys.com/match/?int_id=106&google_gid=CAESELSm1C1tlWaIwvIP72qlw-E&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 298
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/
onetag-sys.com/match/ Frame 10A7
Redirect Chain

https://bh.contextweb.com/bh/rtset?pid=562985&ev=1&us_privacy=&rurl=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D149%26gdpr%3D%24%7BGDPR%7D%26gdpr_consent%3D%24%7BGDPR_STRING%7D%26uid%3D%25%2...
https://onetag-sys.com/match/?int_id=149&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=PQsFBDa1KvfJ&ev=1&us_privacy=&pid=562985

0
340 B

28ms
27ms

Image
text/plain

51.222.39.187
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=149&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=PQsFBDa1KvfJ&ev=1&us_privacy=&pid=562985

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1706730361209

Protocol

Server

51.222.39.187 , Canada, ASN16276 (OVH, FR),

Reverse DNS

ip187.ip-51-222-39.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

strict-transport-security: max-age=15768000
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server: Jetty(10.0.14)
content-language: en-US
location: https://onetag-sys.com/match/?int_id=149&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=PQsFBDa1KvfJ&ev=1&us_privacy=&pid=562985
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control: private, max-age=0, no-cache, no-store
cw-server: bh-deployment-6658dc8946-qn7lj
expires: -1

GET
H2

200

/
onetag-sys.com/match/ Frame 10A7
Redirect Chain

https://prebid-match.dotomi.com/match/bounce/current?version=1&networkId=72582&rurl=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D90%26gdpr%3D0%26gdpr_consent%3D%26uid%3D
https://prebid-match.dotomi.com/match/bounce/current?DotomiTest=1dd9cd931eb51557&is_secure=true&version=1&networkId=72582&rurl=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D90%26gdpr%3D0%26gdp...
https://onetag-sys.com/match/?int_id=90&gdpr=0&gdpr_consent=&uid=AAAGuPX7omvX8ANF-OWoAAAAAAA&expiration=1706816764

0
340 B

28ms
27ms

Image
text/plain

51.222.39.187
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=90&gdpr=0&gdpr_consent=&uid=AAAGuPX7omvX8ANF-OWoAAAAAAA&expiration=1706816764

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1706730361209

Protocol

Server

51.222.39.187 , Canada, ASN16276 (OVH, FR),

Reverse DNS

ip187.ip-51-222-39.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Wed, 31 Jan 2024 19:46:04 GMT
server: nginx
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location: https://onetag-sys.com/match/?int_id=90&gdpr=0&gdpr_consent=&uid=AAAGuPX7omvX8ANF-OWoAAAAAAA&expiration=1706816764
cache-control: no-cache, private, max-age=0, no-store
content-length: 0
expires: 0

GET
H2 204 occ
ups.analytics.yahoo.com/ups/58488/ Frame 10A7 0
38 B 47ms
45ms Image
text/plain 3.225.218.10
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=1&gdpr_consent=

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1706730361209

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.225.218.10 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-225-218-10.compute-1.amazonaws.com

Software

ATS/9.1.10.94 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 19:46:04 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.94
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

200

/
onetag-sys.com/match/ Frame 10A7
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=1&gdpr_consent=
https://onetag-sys.com/match/?int_id=29&uid=6edc52bc-27e4-4f2b-bb90-bad0470989f5&gdpr=0&gdpr_consent=

0
340 B

32ms
26ms

Image
text/plain

51.222.39.187
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=29&uid=6edc52bc-27e4-4f2b-bb90-bad0470989f5&gdpr=0&gdpr_consent=

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1706730361209

Protocol

Server

51.222.39.187 , Canada, ASN16276 (OVH, FR),

Reverse DNS

ip187.ip-51-222-39.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location: https://onetag-sys.com/match/?int_id=29&uid=6edc52bc-27e4-4f2b-bb90-bad0470989f5&gdpr=0&gdpr_consent=
date: Wed, 31 Jan 2024 19:46:04 GMT
server: Kestrel
content-length: 233

GET
H/1.1 200
OK sync
x.bidswitch.net/ Frame 10A7 43 B
235 B 45ms
44ms Image
image/gif 35.211.178.172
GOOGLE-2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=onetag&gdpr=1&gdpr_consent=
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1706730361209
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.211.178.172 North Charleston, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 172.178.211.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: en-US,en;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Wed, 31 Jan 2024 19:46:04 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

POST
H2 204 collect
analytics.google.com/g/ 0
54 B 41ms
40ms Ping
text/plain 2001:4860:4802:34::181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-XNG1RRT3E2&gtm=45je41t0v886641045&_p=1706730358803&gcd=11l1l1l1l1&npa=0&dma=0&cid=1983624473.1706730359&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_eu=AEI&_s=2&sid=1706730359&sct=1&seg=0&dl=https%3A%2F%2Fwww.ghicitul-in-cafea.visele.ro%2F&dt=Ghicitul%20in%20cafea%20-%20tehnici%20si%20invataturi&en=ad_impression&ep.query_id=CKjotYayiIQDFUWEdwEdUocEOw&_et=1551&tfd=8508
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-XNG1RRT3E2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.ghicitul-in-cafea.visele.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 31 Jan 2024 19:46:05 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.ghicitul-in-cafea.visele.ro
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.visele.ro
URL: https://www.visele.ro/vendor/fontawesome/fonts/fontawesome-webfont.woff?v=4.2.0

Domain: www.visele.ro
URL: https://www.visele.ro/vendor/fontawesome/fonts/fontawesome-webfont.ttf?v=4.2.0

Verdicts & Comments Add Verdict or Comment

115 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

62 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.ghicitul-in-cafea.visele.ro/	1969-12-31 23:59:59	Name: PHPSESSID Value: e9ccalgv67m9rc5al33cmtl3c1
.visele.ro/	1970-01-21 03:41:30	Name: _ga Value: GA1.1.1983624473.1706730359
ad.vidverto.io/	1970-01-21 02:49:39	Name: moxuuid Value: beffed39-db5a-4edb-b646-5c26ad1ccdbb
ad.vidverto.io/	1970-01-20 18:06:56	Name: _mwayss_zone_imp[6931][count] Value: 0
ad.vidverto.io/	1970-01-20 18:06:56	Name: _mwayss_zone_imp[6931][frequencyPeriodEnd] Value: 1706816759
ad.vidverto.io/	1970-01-20 18:06:56	Name: _mwayss_imp[23133][count] Value: 0
ad.vidverto.io/	1970-01-20 18:06:56	Name: _mwayss_imp[23133][frequencyPeriodEnd] Value: 1706816759
ad.vidverto.io/	1970-01-20 18:06:56	Name: _mwayss_camp_imp[10351][count] Value: 0
ad.vidverto.io/	1970-01-20 18:06:56	Name: _mwayss_camp_imp[10351][frequencyPeriodEnd] Value: 1706816759
ad.vidverto.io/	1970-01-20 18:06:56	Name: _mwayss_imp[23305][count] Value: 0
ad.vidverto.io/	1970-01-20 18:06:56	Name: _mwayss_imp[23305][frequencyPeriodEnd] Value: 1706816759
ad.vidverto.io/	1970-01-20 18:06:56	Name: _mwayss_imp[23239][count] Value: 0
ad.vidverto.io/	1970-01-20 18:06:56	Name: _mwayss_imp[23239][frequencyPeriodEnd] Value: 1706816759
ad.vidverto.io/	1970-01-20 18:06:56	Name: _mwayss_camp_imp[10384][count] Value: 0
ad.vidverto.io/	1970-01-20 18:06:56	Name: _mwayss_camp_imp[10384][frequencyPeriodEnd] Value: 1706816759
.bidswitch.net/	1970-01-21 02:51:06	Name: tuuid Value: 8607be8d-a986-426e-b314-c983d715e8d8
.bidswitch.net/	1970-01-21 02:51:06	Name: c Value: 1706730360
.bidswitch.net/	1970-01-21 02:51:06	Name: tuuid_lu Value: 1706730360
.tapad.com/	1970-01-20 19:31:54	Name: TapAd_TS Value: 1706730360539
.tapad.com/	1970-01-20 19:31:54	Name: TapAd_DID Value: 726b09a9-fd15-4a94-a4cb-e58865ac3ccb
.smartadserver.com/	1970-01-21 03:35:44	Name: pid Value: 2007631507573146312
.pubmatic.com/	1970-01-20 18:06:56	Name: KTPCACOOKIE Value: YES
.rubiconproject.com/	1970-01-20 20:15:06	Name: receive-cookie-deprecation Value: 1
.mathtag.com/	1970-01-21 03:31:25	Name: uuid Value: dac465ba-a378-4800-b264-4d4e16313560
.adnxs.com/	1970-01-20 20:15:06	Name: XANDR_PANID Value: Toy9JDtxdTylNiqolEdtDq2GD_NeKtxt5SY-nyfDAWkKNiw30Wi9yZ5tDffTmrO20bU6uT36LRGFi933tA96Nr3Bq_WWw7v2SJKqL476p58.
.adnxs.com/	1970-01-21 03:41:30	Name: receive-cookie-deprecation Value: 1
.adnxs.com/	1970-01-20 20:15:06	Name: uuid2 Value: 4547992079856504676
.mfadsrvr.com/	1970-01-21 03:41:30	Name: tuuid Value: fce124bc-f65b-476a-a7b8-8a8dc5dbf0e3
.mfadsrvr.com/	1970-01-21 03:41:30	Name: c Value: 1706730360
.mfadsrvr.com/	1970-01-21 03:41:30	Name: tuuid_lu Value: 1706730360
.visele.ro/	1970-01-21 03:27:06	Name: __gads Value: ID=9ecc79d0a07ddf8b:T=1706730359:RT=1706730359:S=ALNI_MZQqIQxzXB2bwqYb69NhQnrdg1q4w
.visele.ro/	1970-01-21 03:27:06	Name: __gpi Value: UID=00000dbc69f1bff8:T=1706730359:RT=1706730359:S=ALNI_MYWCJcbvG93Oc_txDJjoTC_FagjWw
.visele.ro/	1970-01-20 22:24:42	Name: __eoi Value: ID=82a3c4e2c9f7663a:T=1706730359:RT=1706730359:S=AA-AfjZD6fiDNjWNZPWLZcUrRwNY
.admanmedia.com/	1970-01-20 18:25:38	Name: admtr Value: b4a49eda-4893-4edf-aaee-82bfc1cf327f
.admanmedia.com/	1970-01-20 18:25:38	Name: ac_r Value: CS253
.doubleclick.net/	1970-01-21 03:41:30	Name: IDE Value: AHWqTUmnEJQz47pmZUJAAG7QlPOv6s-c3gANtPNwAQ6SHZGxvX0rNo-tk99TwEY1HFY
.pubmatic.com/	1970-01-20 20:15:06	Name: SyncRTB3 Value: 1707868800%3A220
.pubmatic.com/	1970-01-21 02:51:06	Name: KADUSERCOOKIE Value: 4D2E3C19-4942-4EEE-9D2C-EEB01E1A890B
.mfadsrvr.com/	1970-01-21 03:41:30	Name: ssh Value: !onetag,1706730360
.admixer.net/	1970-01-20 20:15:06	Name: am-uid Value: 78c3f3f355af432d9324f77b72e16d11
.ads.stickyadstv.com/	1970-01-20 18:48:42	Name: UID Value: e643c03e4e8ca4ffc2366ef420a0735a
.adsrvr.org/	1970-01-21 02:52:32	Name: TDID Value: 6edc52bc-27e4-4f2b-bb90-bad0470989f5
.visele.ro/	1970-01-21 03:41:30	Name: _ga_XNG1RRT3E2 Value: GS1.1.1706730359.1.0.1706730360.59.0.0
.adx.opera.com/	1970-01-21 02:51:06	Name: UID Value: OPUe552fbe545014cbf9f162d5c6ad3a43d
.contextweb.com/	1970-01-21 02:43:54	Name: V Value: PQsFBDa1KvfJ
bh.contextweb.com/	1969-12-31 23:59:59	Name: INGRESSCOOKIE Value: a9c48fc331c6f239
a4p.adpartner.pro/	1970-01-20 19:31:54	Name: apuid Value: 674c798d-6a7b-4efb-ba01-ac54e9995205
.yahoo.com/	1970-01-21 02:51:27	Name: A3 Value: d=AQABBHijumUCEOufPm2mCAMd3TSgP46vrvkFEgEBAQH0u2XEZdxH0iMA_eMAAA&S=AQAAAjG38scy0BAQDJAOYsFIczQ
.pubmatic.com/	1970-01-20 18:06:56	Name: pi Value: 159706:3
.pubmatic.com/	1970-01-20 20:15:06	Name: chkChromeAb67Sec Value: 2
.rubiconproject.com/	1970-01-21 02:51:06	Name: khaos Value: LS276UUP-24-KT8O
.analytics.yahoo.com/	1970-01-21 02:51:06	Name: IDSYNC Value: 194o~2ghv
.tapad.com/	1970-01-20 19:31:54	Name: TapAd_3WAY_SYNCS Value: 1!763
ad.vidverto.io/	1970-01-21 02:49:39	Name: adpartner Value: 674c798d-6a7b-4efb-ba01-ac54e9995205
ad.mox.tv/	1970-01-21 02:49:39	Name: onetag Value: g72Dh4m_ytTtsMc8Gmnc6yQmgrm8927gFq9HGkR7m4w
ad.vidver.to/	1970-01-21 02:49:39	Name: bidswitch_com Value: 8607be8d-a986-426e-b314-c983d715e8d8
.googleadservices.com/	1970-01-20 20:15:06	Name: ar_debug Value: 1
.visele.ro/	1970-01-21 02:51:06	Name: FCNEC Value: %5B%5B%22AKsRol9R3tp3bpJnDln0xbW5JHMMjByUxaA5-mrJxkPK2671MMxp0mwfT_c1W1Pczbrs1K9wMb8BjKmeMEF11OmuXBzLFQ4z9xNmhyNEXPud5VmAIykJA4OXNv5yMHBxmkAqnKsytCG2s0J1J3BFem9uAhwMr7gFtQ%3D%3D%22%5D%5D
.onetag-sys.com/	1970-01-21 03:35:17	Name: OTP Value: xOWtfEUx-oFpzf-jnYIvRCdO56gQs_VZe79lBmEAo8M
.rubiconproject.com/	1970-01-21 02:51:06	Name: audit Value: 1\|YzGXEkjOLSKC622Ds2z0tmu21G7R/eYY7/36s1BndADhj9K5Ghav9akq/ZgKbP1zDYFiPk4L6w8kEa5N2k7U1SEEFoCDRlfY5yJVyavxcLjGOj3eOeYthuXJgMYu/vVdaPPeOixKWnurfEyPMKyhoUkpxrTgiz1lpmvllXEtYN4=
.adsrvr.org/	1970-01-21 02:52:32	Name: TDCPM Value: CAESFAoFdGFwYWQSCwia2tCN6afRPBAFGAEgASgCMgsIuKrI2_-n0TwQBTgBWgd2dzZpeXJuYAI.
.dotomi.com/	1970-01-20 18:05:30	Name: DotomiTest Value: 1dd9cd931eb51557

17 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://www.ghicitul-in-cafea.visele.ro/media/xinel-in-cafea.png.pagespeed.ic.6B_zeKizZf.webp Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.ghicitul-in-cafea.visele.ro/media/xcaine-in-cafea.png.pagespeed.ic.q21kTR6bYp.webp Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.ghicitul-in-cafea.visele.ro/media/xcal-in-cafea.png.pagespeed.ic.Op-2gPI0Be.webp Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.ghicitul-in-cafea.visele.ro/media/xanimale-in-cafea.png.pagespeed.ic.FSXPZn0POd.webp Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.ghicitul-in-cafea.visele.ro/media/xlitere-in-cafea.png.pagespeed.ic.TeXAkL8Ou5.webp Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.ghicitul-in-cafea.visele.ro/media/xsarpe-in-cafea.png.pagespeed.ic.NIvOAzAMuQ.webp Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.ghicitul-in-cafea.visele.ro/img/xghicitul-in-cafea.jpg.pagespeed.ic.vionf38GLc.webp Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.ghicitul-in-cafea.visele.ro/img/xibric.jpg.pagespeed.ic.0wMMA3mUYE.webp Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.ghicitul-in-cafea.visele.ro/img/xghicit-in-cafea-detalii1.jpg.pagespeed.ic.ejMp0NSpfu.webp Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.ghicitul-in-cafea.visele.ro/img/xceasca-de-cafea.jpg.pagespeed.ic.juH4pAiuVS.webp Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.ghicitul-in-cafea.visele.ro/img/xghicit-in-cafea-detalii2.jpg.pagespeed.ic.vAUVNM87Z7.webp Message: Failed to load resource: the server responded with a status of 404 ()
security	warning	URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js(Line 507) Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
javascript	error	URL: https://www.ghicitul-in-cafea.visele.ro/ Message: Access to font at 'https://www.visele.ro/vendor/fontawesome/fonts/fontawesome-webfont.woff?v=4.2.0' from origin 'https://www.ghicitul-in-cafea.visele.ro' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www.visele.ro/vendor/fontawesome/fonts/fontawesome-webfont.woff?v=4.2.0 Message: Failed to load resource: net::ERR_FAILED
security	warning	URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js(Line 507) Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
javascript	error	URL: https://www.ghicitul-in-cafea.visele.ro/ Message: Access to font at 'https://www.visele.ro/vendor/fontawesome/fonts/fontawesome-webfont.ttf?v=4.2.0' from origin 'https://www.ghicitul-in-cafea.visele.ro' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www.visele.ro/vendor/fontawesome/fonts/fontawesome-webfont.ttf?v=4.2.0 Message: Failed to load resource: net::ERR_FAILED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000;

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a4p.adpartner.pro
ad.mox.tv
ad.vidver.to
ad.vidverto.io
ads.stickyadstv.com
analytics.google.com
bh.contextweb.com
cdn.vidverto.io
cm.g.doubleclick.net
cs.admanmedia.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
ib.adnxs.com
image2.pubmatic.com
image8.pubmatic.com
imasdk.googleapis.com
inv-nets.admixer.net
match.adsrvr.org
onetag-sys.com
pagead2.googlesyndication.com
pixel-eu.rubiconproject.com
pixel.rubiconproject.com
pixel.tapad.com
pr-bh.ybp.yahoo.com
prebid-match.dotomi.com
rtb.mfadsrvr.com
s.amazon-adsystem.com
s0.2mdn.net
ssbsync-global.smartadserver.com
stats.g.doubleclick.net
sync.mathtag.com
t.adx.opera.com
tpc.googlesyndication.com
ups.analytics.yahoo.com
www.ghicitul-in-cafea.visele.ro
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
www.visele.ro
x.bidswitch.net
www.visele.ro
142.251.167.156
162.248.18.32
162.248.18.37
172.253.122.156
185.132.133.134
185.165.240.123
188.247.130.221
190.2.153.150
198.148.27.131
2001:4860:4802:34::181
209.54.182.161
212.8.243.91
213.19.162.80
216.200.232.253
216.219.92.22
216.22.16.68
2600:1f18:4e9:5a07:acdb:313c:b151:6999
2606:ae80:1451:22::730
2607:f8b0:4004:c06::5e
2607:f8b0:4004:c06::5f
2607:f8b0:4004:c06::84
2607:f8b0:4004:c0b::5e
2607:f8b0:4004:c17::61
2607:f8b0:4004:c17::9a
2607:f8b0:4004:c1b::8b
2607:f8b0:4004:c1b::9d
2607:f8b0:4004:c1d::63
2607:f8b0:4004:c1d::95
2607:f8b0:4004:c1d::9c
3.225.218.10
3.33.220.150
34.111.113.62
35.207.24.140
35.211.178.172
51.222.39.187
54.38.197.123
63.251.28.234
68.67.160.26
8.43.72.97
80.77.87.166
82.145.213.8
015710403ed0616abf19add172f4b597fad7e97df302bb64bad9c269404e8066
04b8f1b2e2effb63dbf7702fa503d2515c210d7e284c83c8771d4081cc22bfbf
0899097f526aab0c82c4332c8dd24d4041cb5fbde0638d98e883e159ecbe2a64
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0e386ec40a4551f6ee228dfd09918c8c07ba780f2ee6fc72ba1432e81f479df6
1a1d718d37cfe41f443875b0e534554d59fc224d8ea838cfbfcb5d9d426a2a59
2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e
2086ddf0b4f0f30fc0795169fc46523a34ae53796b6d7579340c2d89212e66f8
258a2a7dd5451bc663be8ec1b5545219310576a627bceab2b90ad5dfd54a1000
2ebcdc45625d8bd6eb8cea62780c1128df28c86ef0e10a6369ec23c97d61d92c
2efd5b088456b5b350cdd2afd4e91b4bb44217e2c212a5d150f96ffa185752f5
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
331b0f9d5396d01d39991550efc3d00e2a9ac074cda6a6fbe061319e0b7d71da
339a822be1da0e2d7d5b183562baef30d3716a1dfcab46b43b587937003b9f04
3b89ecb06b2a8c769d46141b38046fe5f8d827a9b958194466e942534c55c1c6
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
42fe10d8382d3fb7f84308b95ae83c5959838f0aeff2cb1733bab9d394c5a2d7
4ab7918478793ceb022d3f5449e401b44b78d87bc4429058ebb8b64163640da2
4ded9449c7be7705443f53978d9a54055ce9d7bf55e1a952aa64e433824f81f7
51e95c728c69aaf3510e1906768f045a2049c748b4e44f36657d31b37ceb7447
54090d5321bc8e3a05531aacf2ef2b7769f24e94b14f4a0687587375fffa2523
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54a799b7db34d6464ca37bfcb0869c8f3672dab3e0c4880b8ed0bb246546e6bd
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56f90a84ab6429264698fd0480ef391cb63c524b8326fc61cb42e773d4e81e99
5774904b98820aea68f7e83928abf56698af5a7e22f40b43da5bdafd9ce52a10
60f74110267d386c033ca330fc5bbd7d2472c972b63b33fa8000e87c8f815de6
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
66911b80517b6538f51b64bfadf6eb348833ec0fe657688a52b92371385047e3
680a11e8d8d61e7731d3f814dbed1503792180638f22ef3e79d958194152c8e9
68ae04c7629598bd311ad9502851a6f348d6b1a69889f8bf50d8acfc75860c7c
6c11bd8b40121ede8f319c93a3d2c05e8734e5727005b5cf0f56415ba7f2e2af
6d8dbe76f98a29eba04d1c2d6427911945769e402cb0da2723ce99c7281fbeca
7106a90b5b2a07d04bc03d00d85d009856af368266c75ed077a10d69b77a5859
746589ecfb4406519933a6aea5f1149224afcba81e3c3ef0541e7ad6c8111b7e
786c7be1974ccce2bd33de1579abfd3bf4343ea99da16780ffa18c27b4cb6ee2
79e5889c36479f99096a96a61cbfa92fc35ecf12d233635e0224b2c415859de1
7f83ea973e4739eb4a3d39bf8bac90016fa95d0167c45d3b883d34f39868e132
80e691513d819191e33c0c51892c4ac816b21178dc89b5fcc06bc0cb60e932aa
8a52fae2b15c66cfcc9e1d3fe3582ba6a50f8882bd09b91019c680ebae508c58
8bf23b82d939bb7f3d64650989894b9e00534789e8e782a07069005d8bed094c
8d09ba63299c10a51481a27989f5f569d39d64fbc56b7c533bc35d234209e4dd
8d5d4d2769bdb28802f4309747ef6a358007eeb37daadc66a78ba0ca81cd4bce
8f4b97e0c22b9d9f3103f6783faf0f2a124fcd2670e0d7fac1f8a9b732987c9d
9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589
9e0d9305d9b6d1180d688dd067a1d2d7bd7a36fa061727e9dcf1e13db5b47a66
a29a2d172013dd6361fd8271b12cb1e4383064ff008746f0da78cac350c2d270
a61d8ed19b5bba32c11ba948036fe83489cc0a85662a9031e9db1707518ccd61
a8b0bd4804c08d24d0cab495b8c4f6d83fda775e0d4a611a2532e10ad6c2153f
aabd2e53566a21b49f0dc6fd10e0ab3f28e73e8e90ddf32f296effe5e8d828b1
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b0af5b7f3b096e4e8bb873c4f3d3252124418166f1b4860acb3445e1117c9b73
ba5d4fc1d1dc37bfde9eac8ffe03de2066530a9f50aa7e54d0e4530daee440d2
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c39dd8bf2426c71724231c135407c7c314b9cce470cb1aa3a7dc2d6cc5d64b37
c4d0100bb6be2451e26336757493faa7dbcf58c215bc90af0dabf74dddac25c6
c6a199b61b997bf3f055a872d73827ebd4012b5dbc418016834fbaf0f90765a6
c6ba6ad1f8cf24f36fb0d67b4380e1a1d1377d07ee19db4ebf991005c8f89dd5
ca962fe02babaef3519f848a2bba993f41bb8f2cc7043baa3ee798cd940f8800
ce9c74aa5319d28592fb4c45a0597e075aaf12a0e2b92d364478a805d823ca12
cf79004d2054ab221bcce5da558da6829d6896f8d20607de3ecc2b91121d074d
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d2e197bda04e6aaec9f13eb411887b6a3815e754a63102aebb91b5d6c5fb724b
d2f4fe6f3e6f68a3846aa62cfa2bb7da0aed6695d7b70a18108d1d2f93003897
d6f328f7cc5f46e438c1b810c0bff08043c5dbb6d9f3b2608b7a95d5767074f0
daf45e37e88f3c56e09945b8f41ca1fecfe089a4f5b1503e735736535e127c2e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f58309f6361e67c1bfc3f0cd9fe217c931c95911b21129dbafb364e2a8902c19
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f72ebdef3ae3cd5438701d4879bd2022afcd556e3e7a8b96ba9ef06d6e466c3f
f8238cdd1cc6032f1c34cf7e559b55a936097f78cc8839628e5cc39a6fc3f390
facbe5d25cb610fd4917bccf6811729a08ff1c9a6cc5fc538df3193452811917
fb45e6f3f5dc5ac124bae70f4f1faea008c0f1be3cce225ccbeee6c2b13c6ad0

www.ghicitul-in-cafea.visele.ro Open in urlscan Pro 188.247.130.221 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

135 Requests

77 %HTTPS

34 %IPv6

31 Domains

43 Subdomains

26 IPs

7 Countries

1811 kBTransfer

5455 kBSize

62 Cookies

51 Outgoing links

Redirected requests

135 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.ghicitul-in-cafea.visele.ro Open in urlscan Pro
188.247.130.221 Public Scan

Screenshot
Live screenshot

Full Image

135
Requests

77 %
HTTPS

34 %
IPv6

31
Domains

43
Subdomains

26
IPs

7
Countries

1811 kB
Transfer

5455 kB
Size

62
Cookies

135 HTTP transactions
4 data transactions