tktk02.hidesmes292.workers.dev Open in urlscan Pro
172.67.142.25  Public Scan

63 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 63

• https://csyn-r.cxense.com/?cxsite=1135102062960807737&partnerId=csr&cxckp=cx%3A3hps9bde9uz3u27tx2vixgfa0x%3Abe18oh636jk1 HTTP 302
• https://dmp.adform.net/serving/cookie/match/?party=1077&cid=3hps9bde9uz3u27tx2vixgfa0x HTTP 302
• https://dmp.adform.net/serving/cookie/match/?CC=1&party=1077&cid=3hps9bde9uz3u27tx2vixgfa0x

66 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H3	200	Primary Request / Show response tktk02.hidesmes292.workers.dev/	185 KB 27 KB	429ms 338ms	Document text/html	172.67.142.25 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://tktk02.hidesmes292.workers.dev/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.142.25 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash db431a8026982dc67d98e1298fca7b24ab0137de6f10d414a82602ef7f03224a Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload; Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept, Authorization access-control-allow-methods GET, OPTIONS, POST, PURGE access-control-allow-origin * age 242 alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-edge-cache cache,platform=wordpress cf-ray 89e0b51f6e043654-FRA content-encoding br content-type text/html; charset=UTF-8 date Thu, 04 Jul 2024 17:06:44 GMT link <https://www.promotor.ro/wp-json/>; rel="https://api.w.org/" nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SXBU%2FrhJ1b37Y1ndc83VyOIbm9TsBsi2JfKsS6%2FAvtEr%2FN1xxLR3EcRuUNGJVxsIypgVeNPxxpt8w%2FaZVQ53Re3UX1PIt7fGzgK9z5EYswd2Qh1OX7kLCXOurxB3Fe02kFY%3D"}],"group":"cf-nel","max_age":604800} server cloudflare strict-transport-security max-age=31536000; includeSubDomains; preload; vary Accept-Encoding x-cacheable yf x-served-by web08
GET H3	200	uniqode.sync.min.js Show response ineed2s.ro/promotor.ro/	21 KB 8 KB	69ms 31ms	Script application/javascript	172.67.69.147 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ineed2s.ro/promotor.ro/uniqode.sync.min.js Requested by Host: tktk02.hidesmes292.workers.dev URL: https://tktk02.hidesmes292.workers.dev/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.69.147 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash fba64d3f9574a02409a4c272d4c20c30ebbc1d8afa51f58f4460e588798d4a94 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://tktk02.hidesmes292.workers.dev/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 04 Jul 2024 17:06:44 GMT content-encoding br cf-cache-status HIT last-modified Fri, 31 May 2024 15:19:05 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 2582 vary Accept-Encoding,User-Agent report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LNzYXi8s35z3rUEyOpMQqqBsqzswd%2FPQuaiSEiPJFLvPHLTh1gMHbSB9V682SRwD7BwKWqyt7ttN7miqCwYiqVzHxLh75i72DJBxOtCiAx1yKHVyEyst6Pt%2FWvQ%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=86400 x-turbo-charged-by LiteSpeed cf-ray 89e0b521cc043685-FRA alt-svc h3=":443"; ma=86400
GET H3	200	styles.css detgse56f.tk/wp-content/themes/promotor-nineteen/assets/build/	123 KB 19 KB	627ms 291ms	Stylesheet text/css	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://detgse56f.tk/wp-content/themes/promotor-nineteen/assets/build/styles.css?ver=1707203161 Requested by Host: tktk02.hidesmes292.workers.dev URL: https://tktk02.hidesmes292.workers.dev/ Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d110d4a59eed5e7930b518b3fb1a76c1b7615275be6ebe7d6f0248dea2c0bb29 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload; Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://tktk02.hidesmes292.workers.dev/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 04 Jul 2024 17:06:44 GMT strict-transport-security max-age=31536000; includeSubDomains; preload; content-encoding br cf-cache-status MISS x-cacheable yf nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-polished origSize=125689 alt-svc h3=":443"; ma=86400 cf-bgj minify last-modified Tue, 06 Feb 2024 07:06:02 GMT server cloudflare etag W/"65c1da5a-1eaf9" vary Accept-Encoding access-control-allow-methods GET, OPTIONS, POST, PURGE content-type text/css access-control-allow-origin * report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Njo83oGHUXKLhMClifEYqha1E0Nd%2Ff6%2Bpl684Cp6k70ca%2BsEoWX9XXznLbiQ1KGlB0ij7LV6FXOsEhsix1SGm96a5l29C%2Fhy8pNe1znLPaHNMzK3h%2BMFO343p3qyvVrBg5A%3D"}],"group":"cf-nel","max_age":604800} cache-control public, max-age=31536000 cf-ray 89e0b523af642c02-FRA access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept, Authorization expires Thu, 13 Mar 2025 00:26:42 GMT
GET H3	200	polls-css.css detgse56f.tk/wp-content/plugins/wp-polls/	2 KB 1 KB	625ms 291ms	Stylesheet text/css	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://detgse56f.tk/wp-content/plugins/wp-polls/polls-css.css?ver=2.77.2 Requested by Host: tktk02.hidesmes292.workers.dev URL: https://tktk02.hidesmes292.workers.dev/ Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 31b11a2e634abd7166080ec689881f1152413a31284ab5fdff37ffd2cfac3212 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload; Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://tktk02.hidesmes292.workers.dev/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 04 Jul 2024 17:06:44 GMT strict-transport-security max-age=31536000; includeSubDomains; preload; content-encoding br cf-cache-status MISS x-cacheable yf nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-polished origSize=2708 alt-svc h3=":443"; ma=86400 cf-bgj minify last-modified Mon, 28 Aug 2023 06:18:38 GMT server cloudflare etag W/"64ec3c3e-a94" vary Accept-Encoding access-control-allow-methods GET, OPTIONS, POST, PURGE content-type text/css access-control-allow-origin * report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yfXveswV%2FtZ6jJKyHRSozQnhxXJfxxG1qWHoSU%2BvXYIkN7jqMrXZx9l8lOkNLEOx4d6j4guKUH1lXL3%2F7NXDqsbk6%2FaoM1tZwTcrAqgZA4xnAw3zxiuNv7mojtcc1ga8m20%3D"}],"group":"cf-nel","max_age":604800} cache-control public, max-age=31536000 cf-ray 89e0b523af5f2c02-FRA access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept, Authorization expires Thu, 13 Mar 2025 02:22:41 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/	198 KB 72 KB	115ms 47ms	Script application/javascript	2a00:1450:4001:830::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=UA-1684917-1 Requested by Host: tktk02.hidesmes292.workers.dev URL: https://tktk02.hidesmes292.workers.dev/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 60ebb4c6de483f486c275b6d6d4283e75da6d39d8b1e305ed7a2dc3ec4f849c1 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://tktk02.hidesmes292.workers.dev/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 04 Jul 2024 17:06:44 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 73679 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Thu, 04 Jul 2024 17:06:44 GMT
GET H3	200	promotor-logo.svg detgse56f.tk/wp-content/themes/promotor-nineteen/assets/images/	3 KB 2 KB	208ms 207ms	Image image/svg+xml	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://detgse56f.tk/wp-content/themes/promotor-nineteen/assets/images/promotor-logo.svg Requested by Host: tktk02.hidesmes292.workers.dev URL: https://tktk02.hidesmes292.workers.dev/ Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0c2eb05d46d97e8b48b70dc02f0b9c222de695214bc7f761a4d83635e9f5ee1a Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload; Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://tktk02.hidesmes292.workers.dev/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 04 Jul 2024 17:06:44 GMT strict-transport-security max-age=31536000; includeSubDomains; preload; content-encoding br cf-cache-status MISS x-cacheable yf nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 last-modified Tue, 23 Jul 2019 20:07:14 GMT server cloudflare etag W/"5d3768f2-b56" vary Accept-Encoding access-control-allow-methods GET, OPTIONS, POST, PURGE content-type image/svg+xml access-control-allow-origin * report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZWR6453gz8FpR2aUlQ0SkHp5q382W1ePirNTYuxtjxLBHe%2BCAxO%2F0g%2FAV6ErqOE3gWxFG2aSUjH28GjYbLF8R4kG4CiduDDduh8Bcv6xI4V%2BpxZVsrqy%2BZ8HVmwWlZqJ5T4%3D"}],"group":"cf-nel","max_age":604800} cache-control public, max-age=31536000 cf-ray 89e0b525ca232c02-FRA access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept, Authorization expires Thu, 13 Mar 2025 16:23:23 GMT
GET H3	400	https%3A%2F%2Fdetgse56f.tk%2Fwp-content%2Fuploads%2F2024%2F07%2Fland-rover-prezint-noul-defender-octa-suv-ul-a-primit-un-v8-twin-turbo-cu-635-cp-13-1024x683.jpg media.promotor.ro/u97u9KW8DGlhaBaV4ZPq4nEaJCU=/790x555/smart/filters:contrast(5):format(webp)/	0 585 B	301ms 175ms	Image text/html	188.114.97.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://media.promotor.ro/u97u9KW8DGlhaBaV4ZPq4nEaJCU=/790x555/smart/filters:contrast(5):format(webp)/https%3A%2F%2Fdetgse56f.tk%2Fwp-content%2Fuploads%2F2024%2F07%2Fland-rover-prezint-noul-defender-octa-suv-ul-a-primit-un-v8-twin-turbo-cu-635-cp-13-1024x683.jpg Requested by Host: tktk02.hidesmes292.workers.dev URL: https://tktk02.hidesmes292.workers.dev/ Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload; Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://tktk02.hidesmes292.workers.dev/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 04 Jul 2024 17:06:44 GMT strict-transport-security max-age=31536000; includeSubDomains; preload; cf-cache-status BYPASS x-cacheable yf nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding access-control-allow-methods GET, OPTIONS, POST, PURGE content-type text/html; charset=UTF-8 access-control-allow-origin * report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5hSmbNhZWNSpE6LfJIAiahSxymD8Wlsk%2BNsb%2FZiVj40Iv%2BQfF35zn%2BUqTarfrLJ4HSMldDeFqGY%2BaJovz%2FRAZghnwzlMznsQmIz6z2qV5VBCsET%2FKU%2Bw%2BqF1LLoHzXVFIGaRkg%3D%3D"}],"group":"cf-nel","max_age":604800} cf-ray 89e0b5228de03832-FRA access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept, Authorization alt-svc h3=":443"; ma=86400
GET H3	200	jquery.js Show response detgse56f.tk/wp-content/themes/promotor-nineteen/assets/scripts/	95 KB 35 KB	484ms 220ms	Script application/javascript	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://detgse56f.tk/wp-content/themes/promotor-nineteen/assets/scripts/jquery.js?ver=1707203161 Requested by Host: tktk02.hidesmes292.workers.dev URL: https://tktk02.hidesmes292.workers.dev/ Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c7d4c43f68c47e19be7184c316c903223b984fc57c4634fada219f486663cefb Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload; Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://tktk02.hidesmes292.workers.dev/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 04 Jul 2024 17:06:44 GMT strict-transport-security max-age=31536000; includeSubDomains; preload; content-encoding br cf-cache-status MISS x-cacheable yf nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-polished origSize=97174 alt-svc h3=":443"; ma=86400 cf-bgj minify last-modified Fri, 21 Oct 2022 07:06:31 GMT server cloudflare etag W/"635244f7-17b96" vary Accept-Encoding access-control-allow-methods GET, OPTIONS, POST, PURGE content-type application/javascript access-control-allow-origin * report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yih9F55zBqDFWE2FCwoGVtXDzpJAoA2j%2BJ%2BvYVE%2FUB%2Ba7iOLxXK0kEmvSlwlcTPMNS0sCCG2IgQ8BypRqJ0f8H%2FinPVy75xaKKUG13pexPdmzx9OJsPwygkygjI39nbzqQo%3D"}],"group":"cf-nel","max_age":604800} cache-control public, max-age=31536000 cf-ray 89e0b523af542c02-FRA access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept, Authorization expires Thu, 13 Mar 2025 03:18:53 GMT
GET H3	200	pushmenu.js Show response detgse56f.tk/wp-content/themes/promotor-nineteen/assets/scripts/	2 KB 1 KB	205ms 198ms	Script application/javascript	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://detgse56f.tk/wp-content/themes/promotor-nineteen/assets/scripts/pushmenu.js?ver=1707203161 Requested by Host: tktk02.hidesmes292.workers.dev URL: https://tktk02.hidesmes292.workers.dev/ Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c86a504e4ccaa48d0bcfecdc6ade53faaf83334b1c2e7bb0a9b791809e03aa7c Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload; Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://tktk02.hidesmes292.workers.dev/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 04 Jul 2024 17:06:44 GMT strict-transport-security max-age=31536000; includeSubDomains; preload; content-encoding br cf-cache-status MISS x-cacheable yf nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-polished origSize=2948 alt-svc h3=":443"; ma=86400 cf-bgj minify last-modified Fri, 21 Oct 2022 07:06:31 GMT server cloudflare etag W/"635244f7-b84" vary Accept-Encoding access-control-allow-methods GET, OPTIONS, POST, PURGE content-type application/javascript access-control-allow-origin * report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=24DR1vl6fE1sIS7uFwtCNW5eTIIz2CpYBE9g1c4XACAVLn%2Blv%2FAbRI9bnfU6u4j53ZnDGGxdHNbICaWJTHikQGiw4DSxbmu1IvPCOjIrtb9ZnSz8lRlAVrGssiZoeT%2Bb7a0%3D"}],"group":"cf-nel","max_age":604800} cache-control public, max-age=31536000 cf-ray 89e0b523af5b2c02-FRA access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept, Authorization expires Wed, 12 Mar 2025 23:49:44 GMT
GET H3	200	polls-js.js Show response detgse56f.tk/wp-content/plugins/wp-polls/	3 KB 1 KB	193ms 193ms	Script application/javascript	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://detgse56f.tk/wp-content/plugins/wp-polls/polls-js.js?ver=2.77.2 Requested by Host: tktk02.hidesmes292.workers.dev URL: https://tktk02.hidesmes292.workers.dev/ Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 03d87f337bb68d971d9fdb8ed746c0ab6f4008e6060e63ed67057f444a05a6a6 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload; Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://tktk02.hidesmes292.workers.dev/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 04 Jul 2024 17:06:44 GMT strict-transport-security max-age=31536000; includeSubDomains; preload; content-encoding br cf-cache-status MISS x-cacheable yf nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 cf-bgj minify last-modified Mon, 28 Aug 2023 06:18:38 GMT server cloudflare etag W/"64ec3c3e-caa" vary Accept-Encoding access-control-allow-methods GET, OPTIONS, POST, PURGE content-type application/javascript access-control-allow-origin * report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZZ4%2BzeoGfh7kTY33qQMcwfSK9Hu4piLDHWVuk0B10uMELywwXgXrpWos9FSER0X13dnFNfmMBAvEs9EGZ5DbVczch%2BhsUKHW1u7vapBShr%2Bd5ZKqspq144t%2BSoo2azkAXGQ%3D"}],"group":"cf-nel","max_age":604800} cache-control public, max-age=31536000 cf-ray 89e0b524f9012c02-FRA access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept, Authorization expires Wed, 12 Mar 2025 23:49:25 GMT
GET H3	200	async-widgets.js Show response detgse56f.tk/wp-content/themes/promotor-nineteen/strawberry/widgets/resources/	788 B 1008 B	250ms 247ms	Script application/javascript	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://detgse56f.tk/wp-content/themes/promotor-nineteen/strawberry/widgets/resources/async-widgets.js?ver=1.0.0 Requested by Host: tktk02.hidesmes292.workers.dev URL: https://tktk02.hidesmes292.workers.dev/ Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e6c25262e81839b1a1c14ae664f0a46f60e746ed3fdd2b5a530f3ed24f078ab2 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload; Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://tktk02.hidesmes292.workers.dev/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 04 Jul 2024 17:06:44 GMT strict-transport-security max-age=31536000; includeSubDomains; preload; content-encoding br cf-cache-status MISS x-cacheable yf nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-polished origSize=1296 alt-svc h3=":443"; ma=86400 cf-bgj minify last-modified Wed, 29 May 2019 06:35:23 GMT server cloudflare etag W/"5cee282b-510" vary Accept-Encoding access-control-allow-methods GET, OPTIONS, POST, PURGE content-type application/javascript access-control-allow-origin * report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2lvxgmhD3z71AnwRbVllwkZXLHcSw2AMWhhGWfkFHaT9t4YRO%2BELs7WtAu6wo%2FvwpnwX1MKmDYgHBO24gALuii%2BiKbZyn9c9hVbv%2Fa4RhRYxKqS7V8N7IyMdDUwTCNF2PpM%3D"}],"group":"cf-nel","max_age":604800} cache-control public, max-age=31536000 cf-ray 89e0b52579a72c02-FRA access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept, Authorization expires Thu, 13 Mar 2025 06:39:39 GMT
GET H3	200	hb1.6.js Show response ineed2s.ro/promotor.ro/stacks/	22 KB 4 KB	38ms 37ms	Script application/javascript	172.67.69.147 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ineed2s.ro/promotor.ro/stacks/hb1.6.js Requested by Host: ineed2s.ro URL: https://ineed2s.ro/promotor.ro/uniqode.sync.min.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.69.147 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0aa15ee353f04a142560b0ee4a2d2f4ed45fdf269acbe611111a6b9ccdb1699b Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://tktk02.hidesmes292.workers.dev/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 04 Jul 2024 17:06:44 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 265295 cf-polished origSize=31599 alt-svc h3=":443"; ma=86400 cf-bgj minify last-modified Fri, 31 May 2024 15:19:01 GMT server cloudflare vary Accept-Encoding,User-Agent report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0JkwM9Icl3xFv4SrLI936gHGyXWSvdCVl8LWJT18QTevNJcu4R86KkFqvJQzAnZLt3ORfDYlVOo9FoPMrGfg4m8W7NIr%2BPPST2ClBBx3DSZqstnZcILmXBf7um4%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=2678400 x-turbo-charged-by LiteSpeed cf-ray 89e0b525c95f3685-FRA
GET H2	200	KFOmCnqEu92Fr1Mu4mxK.woff2 fonts.gstatic.com/s/roboto/v29/	15 KB 15 KB	280ms 169ms	Font font/woff2	2a00:1450:4001:831::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2 Requested by Host: tktk02.hidesmes292.workers.dev URL: https://tktk02.hidesmes292.workers.dev/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://tktk02.hidesmes292.workers.dev/ Origin https://tktk02.hidesmes292.workers.dev Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 03 Jul 2024 21:14:16 GMT x-content-type-options nosniff age 71549 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15688 x-xss-protection 0 last-modified Wed, 22 Sep 2021 16:13:19 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Thu, 03 Jul 2025 21:14:16 GMT
GET H2	200	KFOlCnqEu92Fr1MmWUlfChc4EsA.woff2 fonts.gstatic.com/s/roboto/v29/	12 KB 12 KB	276ms 165ms	Font font/woff2	2a00:1450:4001:831::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfChc4EsA.woff2 Requested by Host: tktk02.hidesmes292.workers.dev URL: https://tktk02.hidesmes292.workers.dev/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 336bb30461d407ee72236de87aca4fe68d611e1bee0030326778c858a4685b1c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://tktk02.hidesmes292.workers.dev/ Origin https://tktk02.hidesmes292.workers.dev Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 02 Jul 2024 14:57:57 GMT x-content-type-options nosniff age 180528 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 11836 x-xss-protection 0 last-modified Wed, 22 Sep 2021 16:13:22 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 02 Jul 2025 14:57:57 GMT
GET H2	200	KFOlCnqEu92Fr1MmWUlfBBc4.woff2 fonts.gstatic.com/s/roboto/v29/	15 KB 16 KB	227ms 116ms	Font font/woff2	2a00:1450:4001:831::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 Requested by Host: tktk02.hidesmes292.workers.dev URL: https://tktk02.hidesmes292.workers.dev/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://tktk02.hidesmes292.workers.dev/ Origin https://tktk02.hidesmes292.workers.dev Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 04 Jul 2024 01:29:11 GMT x-content-type-options nosniff age 56254 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15828 x-xss-protection 0 last-modified Wed, 22 Sep 2021 16:13:28 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Fri, 04 Jul 2025 01:29:11 GMT
GET H2	200	JTURjIg1_i6t8kCHKm45_dJE3gfD_u50.woff2 fonts.gstatic.com/s/montserrat/v18/	16 KB 17 KB	215ms 104ms	Font font/woff2	2a00:1450:4001:831::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/montserrat/v18/JTURjIg1_i6t8kCHKm45_dJE3gfD_u50.woff2 Requested by Host: tktk02.hidesmes292.workers.dev URL: https://tktk02.hidesmes292.workers.dev/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a0f6078ddaeef5f86b7e6ed74247c6ade57731a4c6ff797dbfa4b3ead20b4392 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://tktk02.hidesmes292.workers.dev/ Origin https://tktk02.hidesmes292.workers.dev Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 04 Jul 2024 02:02:20 GMT x-content-type-options nosniff age 54265 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 16764 x-xss-protection 0 last-modified Tue, 10 Aug 2021 00:21:06 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Fri, 04 Jul 2025 02:02:20 GMT
GET H2	200	JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2 fonts.gstatic.com/s/montserrat/v18/	20 KB 20 KB	276ms 166ms	Font font/woff2	2a00:1450:4001:831::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/montserrat/v18/JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2 Requested by Host: tktk02.hidesmes292.workers.dev URL: https://tktk02.hidesmes292.workers.dev/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash ec7d69015be507ee6045d259f50b6cf8ccb52ec7b41ec1bf50fee681683bea60 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://tktk02.hidesmes292.workers.dev/ Origin https://tktk02.hidesmes292.workers.dev Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 03 Jul 2024 21:14:18 GMT x-content-type-options nosniff age 71547 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 20040 x-xss-protection 0 last-modified Tue, 10 Aug 2021 00:20:44 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Thu, 03 Jul 2025 21:14:18 GMT
GET H2	200	KFOmCnqEu92Fr1Mu7GxKOzY.woff2 fonts.gstatic.com/s/roboto/v29/	12 KB 12 KB	277ms 167ms	Font font/woff2	2a00:1450:4001:831::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu7GxKOzY.woff2 Requested by Host: tktk02.hidesmes292.workers.dev URL: https://tktk02.hidesmes292.workers.dev/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 4e959d9106d846030c0a62de668ec7c5810a3a1282c4f4ca98e1ea0756c75b8e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://tktk02.hidesmes292.workers.dev/ Origin https://tktk02.hidesmes292.workers.dev Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 27 Jun 2024 21:22:45 GMT x-content-type-options nosniff age 589440 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 11860 x-xss-protection 0 last-modified Wed, 22 Sep 2021 16:13:24 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Fri, 27 Jun 2025 21:22:45 GMT
GET H3	400	https%3A%2F%2Fdetgse56f.tk%2Fwp-content%2Fuploads%2F2024%2F07%2Fford-explorer-acum-in-format-pur-electric-noul-suv-a-fost-desenat-de-un-designer-roman-video-48-1024x683.jpg media.promotor.ro/8FPBkafTSV37Oq2yYv00d3hDPiQ=/500x250/smart/filters:contrast(5):format(webp)/	0 541 B	210ms 185ms	Image text/html	188.114.97.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://media.promotor.ro/8FPBkafTSV37Oq2yYv00d3hDPiQ=/500x250/smart/filters:contrast(5):format(webp)/https%3A%2F%2Fdetgse56f.tk%2Fwp-content%2Fuploads%2F2024%2F07%2Fford-explorer-acum-in-format-pur-electric-noul-suv-a-fost-desenat-de-un-designer-roman-video-48-1024x683.jpg Requested by Host: tktk02.hidesmes292.workers.dev URL: https://tktk02.hidesmes292.workers.dev/ Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload; Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://tktk02.hidesmes292.workers.dev/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 04 Jul 2024 17:06:45 GMT strict-transport-security max-age=31536000; includeSubDomains; preload; cf-cache-status BYPASS x-cacheable yf nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding access-control-allow-methods GET, OPTIONS, POST, PURGE content-type text/html; charset=UTF-8 access-control-allow-origin * report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=G0vGHocnVRWag535UEY71sI0yZwD%2FU%2Fcf9qoHDM1fE8QnArx6fy1PZYPVoYKKtyQdJs4yvUp6e8As%2Bel%2BGODzo7xWoLADxA0BD7gypzFlY6VD6kP9DxU3kSI1JZEglBMivChDQ%3D%3D"}],"group":"cf-nel","max_age":604800} cf-ray 89e0b526bc4d3832-FRA access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept, Authorization alt-svc h3=":443"; ma=86400
GET H3	400	https%3A%2F%2Fdetgse56f.tk%2Fwp-content%2Fuploads%2F2024%2F06%2Ftest-drive-renault-captur-facelift-2024-4-1024x768.jpg media.promotor.ro/95k84SBkHDVHJvR6H57AnWWtPMc=/500x250/smart/filters:contrast(5):format(webp)/	0 541 B	275ms 215ms	Image text/html	188.114.97.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://media.promotor.ro/95k84SBkHDVHJvR6H57AnWWtPMc=/500x250/smart/filters:contrast(5):format(webp)/https%3A%2F%2Fdetgse56f.tk%2Fwp-content%2Fuploads%2F2024%2F06%2Ftest-drive-renault-captur-facelift-2024-4-1024x768.jpg Requested by Host: tktk02.hidesmes292.workers.dev URL: https://tktk02.hidesmes292.workers.dev/ Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload; Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://tktk02.hidesmes292.workers.dev/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 04 Jul 2024 17:06:45 GMT strict-transport-security max-age=31536000; includeSubDomains; preload; cf-cache-status BYPASS x-cacheable yf nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding access-control-allow-methods GET, OPTIONS, POST, PURGE content-type text/html; charset=UTF-8 access-control-allow-origin * report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=t%2F6jsQV%2FlB7L3LYSSs60kG2e%2Bqnmm%2BoXYUPIhThnSMmG06qSvdUYLciul0zw47GUtRCWSWCNSnNJAL2mZRgVR6njAsijyu2WEKQkum3pHzZNQWSPElZgpMaiNaFQPpSqBP1U2A%3D%3D"}],"group":"cf-nel","max_age":604800} cf-ray 89e0b526fc9c3832-FRA access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept, Authorization alt-svc h3=":443"; ma=86400
GET H3	400	https%3A%2F%2Fdetgse56f.tk%2Fwp-content%2Fuploads%2F2024%2F06%2Fluci-popa-promotor-tesla-cybertruck-romania-bucuresti-2024-1-1024x680.jpg media.promotor.ro/ESG_iu0EP7vMpzaAh9gmASDq0Sk=/500x250/smart/filters:contrast(5):format(webp)/	0 544 B	217ms 155ms	Image text/html	188.114.97.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://media.promotor.ro/ESG_iu0EP7vMpzaAh9gmASDq0Sk=/500x250/smart/filters:contrast(5):format(webp)/https%3A%2F%2Fdetgse56f.tk%2Fwp-content%2Fuploads%2F2024%2F06%2Fluci-popa-promotor-tesla-cybertruck-romania-bucuresti-2024-1-1024x680.jpg Requested by Host: tktk02.hidesmes292.workers.dev URL: https://tktk02.hidesmes292.workers.dev/ Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload; Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://tktk02.hidesmes292.workers.dev/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 04 Jul 2024 17:06:45 GMT strict-transport-security max-age=31536000; includeSubDomains; preload; cf-cache-status BYPASS x-cacheable yf nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding access-control-allow-methods GET, OPTIONS, POST, PURGE content-type text/html; charset=UTF-8 access-control-allow-origin * report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CcugY0TH8bvJBsbP4PZwHNgORVJo37ySo3TRfKIiIqNNjnlRk1nfwBfPeaHQae6E7gsJN1fhnUDV4qmty%2FXI8%2B4%2BEm1hbm73lYHYehjZ%2BW5kV%2Fcl%2B1PJ2xftbpjuMS%2FF6NrtSQ%3D%3D"}],"group":"cf-nel","max_age":604800} cf-ray 89e0b526fca03832-FRA access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept, Authorization alt-svc h3=":443"; ma=86400
GET H3	400	https%3A%2F%2Fdetgse56f.tk%2Fwp-content%2Fuploads%2F2024%2F07%2Fpeste-50-de-masini-au-fost-gasite-abandonate-intr-o-pestera-modele-clasice-volkswagen-uitate-de-timp-video-4-1024x572.png media.promotor.ro/ANtl7-esa88L3NevzqMRPwSwd2M=/250x150/smart/filters:contrast(5):format(webp)/	0 540 B	239ms 175ms	Image text/html	188.114.97.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://media.promotor.ro/ANtl7-esa88L3NevzqMRPwSwd2M=/250x150/smart/filters:contrast(5):format(webp)/https%3A%2F%2Fdetgse56f.tk%2Fwp-content%2Fuploads%2F2024%2F07%2Fpeste-50-de-masini-au-fost-gasite-abandonate-intr-o-pestera-modele-clasice-volkswagen-uitate-de-timp-video-4-1024x572.png Requested by Host: tktk02.hidesmes292.workers.dev URL: https://tktk02.hidesmes292.workers.dev/ Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload; Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://tktk02.hidesmes292.workers.dev/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 04 Jul 2024 17:06:45 GMT strict-transport-security max-age=31536000; includeSubDomains; preload; cf-cache-status BYPASS x-cacheable yf nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding access-control-allow-methods GET, OPTIONS, POST, PURGE content-type text/html; charset=UTF-8 access-control-allow-origin * report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bbhNXKExUwIYNA6yQqcG9JYF9CGLP%2F1Rh%2BMEB6IvWax8V78wxF9Dj4z7wqAbRguInBvZ5F1csulHbo49dME96esCgaOtLbcjUPUiWlPG8sZT7MSzSWyHDd4gkxEMjySEBFH0Dg%3D%3D"}],"group":"cf-nel","max_age":604800} cf-ray 89e0b526fca33832-FRA access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept, Authorization alt-svc h3=":443"; ma=86400
GET H3	400	https%3A%2F%2Fdetgse56f.tk%2Fwp-content%2Fuploads%2F2024%2F07%2Fmini-john-cooper-works-va-debuta-anul-acesta-la-goodwood-primele-imagini-cu-noua-versiune-de-performanta-8-1024x683.jpg media.promotor.ro/-uD3SnEMv_nbJYtCTPgIBLImtgU=/250x150/smart/filters:contrast(5):format(webp)/	0 538 B	312ms 249ms	Image text/html	188.114.97.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://media.promotor.ro/-uD3SnEMv_nbJYtCTPgIBLImtgU=/250x150/smart/filters:contrast(5):format(webp)/https%3A%2F%2Fdetgse56f.tk%2Fwp-content%2Fuploads%2F2024%2F07%2Fmini-john-cooper-works-va-debuta-anul-acesta-la-goodwood-primele-imagini-cu-noua-versiune-de-performanta-8-1024x683.jpg Requested by Host: tktk02.hidesmes292.workers.dev URL: https://tktk02.hidesmes292.workers.dev/ Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload; Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://tktk02.hidesmes292.workers.dev/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 04 Jul 2024 17:06:45 GMT strict-transport-security max-age=31536000; includeSubDomains; preload; cf-cache-status BYPASS x-cacheable yf nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding access-control-allow-methods GET, OPTIONS, POST, PURGE content-type text/html; charset=UTF-8 access-control-allow-origin * report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VDJhdxU%2BflOn06dFTaCXi7Q4bxgykC%2BhrNKqNNK8V64S5mV1Ifc3CbBSgNPBAVpt3GjS%2Fi8OmiUc%2FQ7jQOaBE5tbpc9hPq0ie1Rjj0j9ty2p7419hwtgJcoktXg766Y3Olasiw%3D%3D"}],"group":"cf-nel","max_age":604800} cf-ray 89e0b5273cee3832-FRA access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept, Authorization alt-svc h3=":443"; ma=86400
GET H3	400	https%3A%2F%2Fdetgse56f.tk%2Fwp-content%2Fuploads%2F2024%2F07%2Fnoul-audi-q8-facelift-varful-lantului-trofic-in-ecosistemul-suv-urilor-din-ingolstadt-video-3-1024x576.jpg media.promotor.ro/Ongu6dLyT-faWKB_OJBCOOLGlBo=/250x150/smart/filters:contrast(5):format(webp)/	0 542 B	273ms 232ms	Image text/html	188.114.97.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://media.promotor.ro/Ongu6dLyT-faWKB_OJBCOOLGlBo=/250x150/smart/filters:contrast(5):format(webp)/https%3A%2F%2Fdetgse56f.tk%2Fwp-content%2Fuploads%2F2024%2F07%2Fnoul-audi-q8-facelift-varful-lantului-trofic-in-ecosistemul-suv-urilor-din-ingolstadt-video-3-1024x576.jpg Requested by Host: tktk02.hidesmes292.workers.dev URL: https://tktk02.hidesmes292.workers.dev/ Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload; Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://tktk02.hidesmes292.workers.dev/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 04 Jul 2024 17:06:45 GMT strict-transport-security max-age=31536000; includeSubDomains; preload; cf-cache-status BYPASS x-cacheable yf nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding access-control-allow-methods GET, OPTIONS, POST, PURGE content-type text/html; charset=UTF-8 access-control-allow-origin * report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=w0Xa4Rh7ovbMG4kvtE8RBtz6sZs3EFqGfRgJbNOTx%2F6VjsMRAuYsOr2aMzusilcGJjDQmD%2BjZ5JnTzraljQQ3kacgSV%2BlRZ%2BMkzYIKTafTgHT7L4YbzS75vyWDuqD3zH11kWxw%3D%3D"}],"group":"cf-nel","max_age":604800} cf-ray 89e0b5273cf23832-FRA access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept, Authorization alt-svc h3=":443"; ma=86400
GET H3	400	https%3A%2F%2Fdetgse56f.tk%2Fwp-content%2Fuploads%2F2024%2F07%2Fhappy-young-couple-chooses-and-buying-a-new-car-fo-2023-11-27-05-35-34-utc-1024x594.jpg media.promotor.ro/kwNGwNCLTrOJiw3xiEiQUFvJuCU=/250x150/smart/filters:contrast(5):format(webp)/	0 543 B	305ms 264ms	Image text/html	188.114.97.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://media.promotor.ro/kwNGwNCLTrOJiw3xiEiQUFvJuCU=/250x150/smart/filters:contrast(5):format(webp)/https%3A%2F%2Fdetgse56f.tk%2Fwp-content%2Fuploads%2F2024%2F07%2Fhappy-young-couple-chooses-and-buying-a-new-car-fo-2023-11-27-05-35-34-utc-1024x594.jpg Requested by Host: tktk02.hidesmes292.workers.dev URL: https://tktk02.hidesmes292.workers.dev/ Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload; Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://tktk02.hidesmes292.workers.dev/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 04 Jul 2024 17:06:45 GMT strict-transport-security max-age=31536000; includeSubDomains; preload; cf-cache-status BYPASS x-cacheable yf nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding access-control-allow-methods GET, OPTIONS, POST, PURGE content-type text/html; charset=UTF-8 access-control-allow-origin * report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WFnPxHWU39nrZtPf0vY2UsgZx2CzEYtKVMKwA2FG0l9pzqH1YpFq9mNyHdThrugNelnZYKr%2FTMIUXoH20NKaZvvmQ%2BfZ%2F6dZEIbU%2FWE4FpzRO8xoaVv%2F2tD5y2Quo2ZdDnk72g%3D%3D"}],"group":"cf-nel","max_age":604800} cf-ray 89e0b5273cf43832-FRA access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept, Authorization alt-svc h3=":443"; ma=86400
GET H3	400	f57f1b69563fb9112c290c630ccf80ea-o.jpg media.promotor.ro/4hhktnIcAYSN8W1kv36j278cymw=/220x124/smart/filters:contrast(5):format(webp):quality(80)/https://detgse56f.tk/wp-content/uploads/sfm/2024/07/1571297645/	0 541 B	148ms 123ms	Image text/html	188.114.97.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://media.promotor.ro/4hhktnIcAYSN8W1kv36j278cymw=/220x124/smart/filters:contrast(5):format(webp):quality(80)/https://detgse56f.tk/wp-content/uploads/sfm/2024/07/1571297645/f57f1b69563fb9112c290c630ccf80ea-o.jpg Requested by Host: tktk02.hidesmes292.workers.dev URL: https://tktk02.hidesmes292.workers.dev/ Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload; Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://tktk02.hidesmes292.workers.dev/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 04 Jul 2024 17:06:45 GMT strict-transport-security max-age=31536000; includeSubDomains; preload; cf-cache-status BYPASS x-cacheable yf nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding access-control-allow-methods GET, OPTIONS, POST, PURGE content-type text/html; charset=UTF-8 access-control-allow-origin * report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4yFKbHAs5hMoWuaQ5jub4cblI5QTuPuyQxhywhFZCcGW9piZEtg9%2Fva2mKImMJrVQj7rSpCHrOgTj1KnT2%2FM0SMYMYxAZrx6tS2iI5gohAREZz%2Bet3SHZ84%2FL2XCTFmEyabOLg%3D%3D"}],"group":"cf-nel","max_age":604800} cf-ray 89e0b5271cbd3832-FRA access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept, Authorization alt-svc h3=":443"; ma=86400
GET H3	400	5ead12386c4e095f5c953e624b5c0a46-o.png media.promotor.ro/4iRMV6HV72er5y0izPjUn67mbkc=/220x124/smart/filters:contrast(5):format(webp):quality(80)/https://detgse56f.tk/wp-content/uploads/sfm/2024/07/1571297657/	0 533 B	242ms 217ms	Image text/html	188.114.97.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://media.promotor.ro/4iRMV6HV72er5y0izPjUn67mbkc=/220x124/smart/filters:contrast(5):format(webp):quality(80)/https://detgse56f.tk/wp-content/uploads/sfm/2024/07/1571297657/5ead12386c4e095f5c953e624b5c0a46-o.png Requested by Host: tktk02.hidesmes292.workers.dev URL: https://tktk02.hidesmes292.workers.dev/ Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload; Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://tktk02.hidesmes292.workers.dev/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 04 Jul 2024 17:06:45 GMT strict-transport-security max-age=31536000; includeSubDomains; preload; cf-cache-status BYPASS x-cacheable yf nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding access-control-allow-methods GET, OPTIONS, POST, PURGE content-type text/html; charset=UTF-8 access-control-allow-origin * report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cUktxep20hutg5kQjif7wgYMDf2xReD5tvzzOHaLLxuaz7Mzy1jztIn4HYQ1XygYHPdnlFxIsjwUWxIReGF1Thm1CEEqtP5gr11NKbto1CVKfzoueoreQnbmqg8lCP8cNPqHWg%3D%3D"}],"group":"cf-nel","max_age":604800} cf-ray 89e0b5271cc13832-FRA access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept, Authorization alt-svc h3=":443"; ma=86400
GET H3	400	e3485911a7ccc52e127150372acaf35d-o.jpg media.promotor.ro/xg_0HPFWd4GwkIKI4EWT7twSqbo=/220x124/smart/filters:contrast(5):format(webp):quality(80)/https://detgse56f.tk/wp-content/uploads/sfm/2024/07/1571380236/	0 542 B	257ms 234ms	Image text/html	188.114.97.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://media.promotor.ro/xg_0HPFWd4GwkIKI4EWT7twSqbo=/220x124/smart/filters:contrast(5):format(webp):quality(80)/https://detgse56f.tk/wp-content/uploads/sfm/2024/07/1571380236/e3485911a7ccc52e127150372acaf35d-o.jpg Requested by Host: tktk02.hidesmes292.workers.dev URL: https://tktk02.hidesmes292.workers.dev/ Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload; Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://tktk02.hidesmes292.workers.dev/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 04 Jul 2024 17:06:45 GMT strict-transport-security max-age=31536000; includeSubDomains; preload; cf-cache-status BYPASS x-cacheable yf nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding access-control-allow-methods GET, OPTIONS, POST, PURGE content-type text/html; charset=UTF-8 access-control-allow-origin * report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2pFRAIfTCqRNVIyPEVJehzbK4wcCQWORIzX8cqWjNChqtShYnkNwPNexeQNmT3qLVZrTzsRjt4gCCfSCoZ16sbwzmm4SNAp6qjWIVyWMkZN3R%2BSBqjR6QBP7g%2Ffhs7nDdsc%2FUA%3D%3D"}],"group":"cf-nel","max_age":604800} cf-ray 89e0b5276d233832-FRA access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept, Authorization alt-svc h3=":443"; ma=86400
GET H3	400	1ffe2bb6f95fb816cd1eee38aae847b5-o.jpg media.promotor.ro/XwbQIDDgUz_RTgPVO6_E29_7LQk=/220x124/smart/filters:contrast(5):format(webp):quality(80)/https://detgse56f.tk/wp-content/uploads/sfm/2024/01/1571380247/	0 538 B	259ms 234ms	Image text/html	188.114.97.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://media.promotor.ro/XwbQIDDgUz_RTgPVO6_E29_7LQk=/220x124/smart/filters:contrast(5):format(webp):quality(80)/https://detgse56f.tk/wp-content/uploads/sfm/2024/01/1571380247/1ffe2bb6f95fb816cd1eee38aae847b5-o.jpg Requested by Host: tktk02.hidesmes292.workers.dev URL: https://tktk02.hidesmes292.workers.dev/ Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload; Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://tktk02.hidesmes292.workers.dev/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 04 Jul 2024 17:06:45 GMT strict-transport-security max-age=31536000; includeSubDomains; preload; cf-cache-status BYPASS x-cacheable yf nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding access-control-allow-methods GET, OPTIONS, POST, PURGE content-type text/html; charset=UTF-8 access-control-allow-origin * report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zcnDeyU5fMkYJBgo0oz1d2nQhwQ3v%2Fz9H1CUhdos6A6qvpggofoS6sGPTKa70GVH84akGyN4UF4niEiQatyrGFupt%2B6aJ0QdjCCehwgaA%2Fv8EIveYJhI%2FiLwJo0Ph3h3RKhxKg%3D%3D"}],"group":"cf-nel","max_age":604800} cf-ray 89e0b5276d253832-FRA access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept, Authorization alt-svc h3=":443"; ma=86400
GET H3	400	https%3A%2F%2Fdetgse56f.tk%2Fwp-content%2Fuploads%2F2024%2F07%2Fchinezii-de-la-geely-spun-ca-au-creat-bateria-care-rezista-un-milion-de-kilometri-2-1024x649.jpg media.promotor.ro/ddypLNgfbx56rENatRFLX1-X7-Y=/250x150/smart/filters:contrast(5):format(webp)/	0 545 B	230ms 205ms	Image text/html	188.114.97.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://media.promotor.ro/ddypLNgfbx56rENatRFLX1-X7-Y=/250x150/smart/filters:contrast(5):format(webp)/https%3A%2F%2Fdetgse56f.tk%2Fwp-content%2Fuploads%2F2024%2F07%2Fchinezii-de-la-geely-spun-ca-au-creat-bateria-care-rezista-un-milion-de-kilometri-2-1024x649.jpg Requested by Host: tktk02.hidesmes292.workers.dev URL: https://tktk02.hidesmes292.workers.dev/ Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload; Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://tktk02.hidesmes292.workers.dev/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 04 Jul 2024 17:06:45 GMT strict-transport-security max-age=31536000; includeSubDomains; preload; cf-cache-status BYPASS x-cacheable yf nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding access-control-allow-methods GET, OPTIONS, POST, PURGE content-type text/html; charset=UTF-8 access-control-allow-origin * report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Vd6qtkuqBnBDXbMd%2B7UkHatmxpWKzc5jUINTE0hfDmYCwcYWOMacTvi0MTngvSwqJkSO1P%2FBFS%2B0yOvRIw9%2B23qC%2Futdwg31MTvr24DODIMi2ERVym7NOczOk%2FX16745kJIAjA%3D%3D"}],"group":"cf-nel","max_age":604800} cf-ray 89e0b5276d263832-FRA access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept, Authorization alt-svc h3=":443"; ma=86400
GET H3	400	https%3A%2F%2Fdetgse56f.tk%2Fwp-content%2Fuploads%2F2023%2F07%2F2023-care-e-limita-de-alcoolemie-pentru-soferi-si-cand-face-politia-wdosar-penal-1024x644.jpg media.promotor.ro/5DYFR7KYs2Mh41N8F7W_nJxWpPU=/250x150/smart/filters:contrast(5):format(webp)/	0 539 B	250ms 225ms	Image text/html	188.114.97.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://media.promotor.ro/5DYFR7KYs2Mh41N8F7W_nJxWpPU=/250x150/smart/filters:contrast(5):format(webp)/https%3A%2F%2Fdetgse56f.tk%2Fwp-content%2Fuploads%2F2023%2F07%2F2023-care-e-limita-de-alcoolemie-pentru-soferi-si-cand-face-politia-wdosar-penal-1024x644.jpg Requested by Host: tktk02.hidesmes292.workers.dev URL: https://tktk02.hidesmes292.workers.dev/ Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload; Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://tktk02.hidesmes292.workers.dev/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 04 Jul 2024 17:06:45 GMT strict-transport-security max-age=31536000; includeSubDomains; preload; cf-cache-status BYPASS x-cacheable yf nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding access-control-allow-methods GET, OPTIONS, POST, PURGE content-type text/html; charset=UTF-8 access-control-allow-origin * report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8LndV3Cowt7%2Fu2jslkO1a2%2B9szKSkh07wl05YankjqjSZDcBkemZd4KMQq%2FOO2bhY%2FlOuObnfu1byba1rtqLmupB0KXNcpU2u3pIToSI0jf8hC9OGMNKbNDuOgDOM03gDt7LMw%3D%3D"}],"group":"cf-nel","max_age":604800} cf-ray 89e0b5276d273832-FRA access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept, Authorization alt-svc h3=":443"; ma=86400
GET H3	400	https%3A%2F%2Fdetgse56f.tk%2Fwp-content%2Fuploads%2F2023%2F10%2Fpistol-radar-politia-rutiera-e1720012489297.jpg media.promotor.ro/zpnX3qttYpj0w1621mEYO6mGHaU=/250x150/smart/filters:contrast(5):format(webp)/	0 548 B	251ms 226ms	Image text/html	188.114.97.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://media.promotor.ro/zpnX3qttYpj0w1621mEYO6mGHaU=/250x150/smart/filters:contrast(5):format(webp)/https%3A%2F%2Fdetgse56f.tk%2Fwp-content%2Fuploads%2F2023%2F10%2Fpistol-radar-politia-rutiera-e1720012489297.jpg Requested by Host: tktk02.hidesmes292.workers.dev URL: https://tktk02.hidesmes292.workers.dev/ Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload; Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://tktk02.hidesmes292.workers.dev/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 04 Jul 2024 17:06:45 GMT strict-transport-security max-age=31536000; includeSubDomains; preload; cf-cache-status BYPASS x-cacheable yf nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding access-control-allow-methods GET, OPTIONS, POST, PURGE content-type text/html; charset=UTF-8 access-control-allow-origin * report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sIHXqXSGgI55gVLtdqqQks1VBPC9HTFPYxqW4mRTzi0rF%2BI%2Bf3VupZ1Xv0bApaJB9%2FjHUJndQEFMjoDKWvLxhn6n6aPHuza%2BMkT%2B0%2BMUPIqKPqVU4u5%2FsZTOLuj0k%2B2diJVs0w%3D%3D"}],"group":"cf-nel","max_age":604800} cf-ray 89e0b5276d283832-FRA access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept, Authorization alt-svc h3=":443"; ma=86400
GET H3	400	https%3A%2F%2Fdetgse56f.tk%2Fwp-content%2Fuploads%2F2024%2F04%2Fnoul-renault-symbioz-10-1024x683.jpg media.promotor.ro/1mHJ6kE2zt5a7vYMlQ3GMujPykI=/250x150/smart/filters:contrast(5):format(webp)/	0 539 B	233ms 208ms	Image text/html	188.114.97.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://media.promotor.ro/1mHJ6kE2zt5a7vYMlQ3GMujPykI=/250x150/smart/filters:contrast(5):format(webp)/https%3A%2F%2Fdetgse56f.tk%2Fwp-content%2Fuploads%2F2024%2F04%2Fnoul-renault-symbioz-10-1024x683.jpg Requested by Host: tktk02.hidesmes292.workers.dev URL: https://tktk02.hidesmes292.workers.dev/ Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload; Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://tktk02.hidesmes292.workers.dev/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 04 Jul 2024 17:06:45 GMT strict-transport-security max-age=31536000; includeSubDomains; preload; cf-cache-status BYPASS x-cacheable yf nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding access-control-allow-methods GET, OPTIONS, POST, PURGE content-type text/html; charset=UTF-8 access-control-allow-origin * report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LgNTiUn8zgs%2Fsdm6IhWlfr90bFUn7KczpPN8SSTmMPFXylICTOJycezTkLRL%2FjLIIqAPnkq2rjUhRXSdT4FNL2e4i6KoCOp54XWIzGpxEM4jvUfdnkcX7Z3Q29gK0KzVSt85zg%3D%3D"}],"group":"cf-nel","max_age":604800} cf-ray 89e0b5276d293832-FRA access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept, Authorization alt-svc h3=":443"; ma=86400
GET H3	400	fa067ee52e85f057173ee7c9729a3270-o.jpg media.promotor.ro/7lyGY18zrF378k2u5C3vv2t8BaE=/220x124/smart/filters:contrast(5):format(webp):quality(80)/https://detgse56f.tk/wp-content/uploads/sfm/2024/07/1571297693/	0 542 B	231ms 206ms	Image text/html	188.114.97.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://media.promotor.ro/7lyGY18zrF378k2u5C3vv2t8BaE=/220x124/smart/filters:contrast(5):format(webp):quality(80)/https://detgse56f.tk/wp-content/uploads/sfm/2024/07/1571297693/fa067ee52e85f057173ee7c9729a3270-o.jpg Requested by Host: tktk02.hidesmes292.workers.dev URL: https://tktk02.hidesmes292.workers.dev/ Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload; Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://tktk02.hidesmes292.workers.dev/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 04 Jul 2024 17:06:45 GMT strict-transport-security max-age=31536000; includeSubDomains; preload; cf-cache-status BYPASS x-cacheable yf nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding access-control-allow-methods GET, OPTIONS, POST, PURGE content-type text/html; charset=UTF-8 access-control-allow-origin * report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=543MOGr75HNe9LHADw7GH1FBodxvFxsvHDz2pu4JufQyWB%2FeevwlLhXQe0w9a1lhP33TzNywbLDpjs1v%2BRC%2FvLjIgi9%2F6VY6Uj4kTUZIzsHRauc%2FVnRuhjXDz9Pqoz825P5Rtg%3D%3D"}],"group":"cf-nel","max_age":604800} cf-ray 89e0b5276d2b3832-FRA access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept, Authorization alt-svc h3=":443"; ma=86400
GET H3	400	6bd92dfec0e38eaeb61fd491624304ef-o.png media.promotor.ro/ShzJHSIpNEsgs7dRPdQhW6EUXeo=/220x124/smart/filters:contrast(5):format(webp):quality(80)/https://detgse56f.tk/wp-content/uploads/sfm/2024/07/1586957941/	0 541 B	214ms 189ms	Image text/html	188.114.97.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://media.promotor.ro/ShzJHSIpNEsgs7dRPdQhW6EUXeo=/220x124/smart/filters:contrast(5):format(webp):quality(80)/https://detgse56f.tk/wp-content/uploads/sfm/2024/07/1586957941/6bd92dfec0e38eaeb61fd491624304ef-o.png Requested by Host: tktk02.hidesmes292.workers.dev URL: https://tktk02.hidesmes292.workers.dev/ Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload; Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://tktk02.hidesmes292.workers.dev/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 04 Jul 2024 17:06:45 GMT strict-transport-security max-age=31536000; includeSubDomains; preload; cf-cache-status BYPASS x-cacheable yf nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding access-control-allow-methods GET, OPTIONS, POST, PURGE content-type text/html; charset=UTF-8 access-control-allow-origin * report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JSqGY03W9icvjTQ5oHol6q3JIQ8ApMnpD%2Bzdgk1W8kn%2BW0tQ43lupU68wGs3622x4wolrzP0ViL09fy8%2BxCl9o%2FhzP0sW54c1dP%2BWJL5osRxRhxO6xO61nX3hS6h%2BmaOfmlz7Q%3D%3D"}],"group":"cf-nel","max_age":604800} cf-ray 89e0b5276d2c3832-FRA access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept, Authorization alt-svc h3=":443"; ma=86400
GET H2	200	otSDKStub.js Show response cookie-cdn.cookiepro.com/scripttemplates/	21 KB 7 KB	410ms 74ms	Script application/javascript	2606:4700:4400::ac40:936c CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cookie-cdn.cookiepro.com/scripttemplates/otSDKStub.js Requested by Host: ineed2s.ro URL: https://ineed2s.ro/promotor.ro/uniqode.sync.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::ac40:936c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 022e2f39deba7f332eabe69b27b31d98d4d5f2535116745957a691d1b1ec4cc5 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://tktk02.hidesmes292.workers.dev/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-ms-blob-type BlockBlob date Thu, 04 Jul 2024 17:06:45 GMT content-encoding gzip cf-cache-status HIT content-md5 ceCldLDyZN6bSQL6yyKLMg== age 78231 strict-transport-security max-age=31536000; includeSubDomains; preload content-length 6882 x-ms-lease-status unlocked last-modified Thu, 20 Jun 2024 01:04:40 GMT server cloudflare etag 0x8DC90C4F6528ECF vary Accept-Encoding content-type application/javascript access-control-allow-origin * x-ms-request-id c7772069-a01e-0067-1eaf-c23b40000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control public, max-age=86400 x-ms-version 2009-09-19 accept-ranges bytes cf-ray 89e0b5293a35bba1-FRA expires Fri, 05 Jul 2024 17:06:45 GMT
GET H/1.1	200 OK	sati_init.js Show response code3.adtlgc.com/js/	34 KB 10 KB	229ms 34ms	Script application/javascript	23.56.205.200 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://code3.adtlgc.com/js/sati_init.js Requested by Host: ineed2s.ro URL: https://ineed2s.ro/promotor.ro/uniqode.sync.min.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 23.56.205.200 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-56-205-200.deploy.static.akamaitechnologies.com Software AmazonS3 / Resource Hash a8aee7e35496ace2f69eb41e1fb692223c4cd7fc00536cac6050a62d1d4980a0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://tktk02.hidesmes292.workers.dev/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Thu, 04 Jul 2024 17:06:45 GMT Content-Encoding gzip Last-Modified Fri, 31 May 2024 20:59:34 GMT Server AmazonS3 X-Amz-Cf-Pop FRA60-P5 ETag W/"ffecee0fd3874a1092c334e17a2b9099" Vary Accept-Encoding Content-Type application/javascript Cache-Control max-age=60236 Connection keep-alive X-Amz-Cf-Id B-7iOlE1rdDL3WmqSfeYQ8BOdmTtND9Of3hvvinJ31UqRuwMDpPZIQ== Content-Length 10087 Expires Fri, 05 Jul 2024 09:50:41 GMT
GET H/1.1	200 OK	cx.js Show response cdn.cxense.com/	113 KB 37 KB	240ms 151ms	Script application/x-javascript	2a02:26f0:7100:997::268b AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://cdn.cxense.com/cx.js Requested by Host: ineed2s.ro URL: https://ineed2s.ro/promotor.ro/uniqode.sync.min.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:7100:997::268b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software AkamaiNetStorage / Resource Hash a1cc40fdfa7530f77cdfd0765b7c38aa06c8ff787721717dabe8db47089f03cf Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://tktk02.hidesmes292.workers.dev/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Thu, 04 Jul 2024 17:06:45 GMT Content-Encoding gzip Last-Modified Mon, 01 Jul 2024 13:22:51 GMT Server AkamaiNetStorage Vary Accept-Encoding Content-Type application/x-javascript Access-Control-Allow-Origin * Cache-Control max-age=3600 Connection keep-alive Accept-Ranges bytes Content-Length 37544 Expires Thu, 04 Jul 2024 18:06:45 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/	289 KB 98 KB	59ms 58ms	Script application/javascript	2a00:1450:4001:830::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-WBWT7L8BYX&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=UA-1684917-1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash cb184ce15efd331d90148a654db2a06848e3f62deecc8a118879f473a771a2a2 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://tktk02.hidesmes292.workers.dev/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 04 Jul 2024 17:06:45 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 100372 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Thu, 04 Jul 2024 17:06:45 GMT
GET H2	200	analytics.js Show response www.google-analytics.com/	52 KB 21 KB	449ms 44ms	Script text/javascript	2a00:1450:4001:828::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=UA-1684917-1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://tktk02.hidesmes292.workers.dev/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers strict-transport-security max-age=31536000; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff date Thu, 04 Jul 2024 16:29:07 GMT last-modified Tue, 12 Dec 2023 18:09:08 GMT server Golfe2 age 2258 vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 20994 expires Thu, 04 Jul 2024 18:29:07 GMT
GET H2	200	JTURjIg1_i6t8kCHKm45_dJE3gbD_u50.woff2 fonts.gstatic.com/s/montserrat/v18/	7 KB 7 KB	357ms 356ms	Font font/woff2	2a00:1450:4001:831::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/montserrat/v18/JTURjIg1_i6t8kCHKm45_dJE3gbD_u50.woff2 Requested by Host: tktk02.hidesmes292.workers.dev URL: https://tktk02.hidesmes292.workers.dev/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a49e67ec1d9199fe4b0093def42da878674848cdcb044628bde09f888d5d2d72 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://tktk02.hidesmes292.workers.dev/ Origin https://tktk02.hidesmes292.workers.dev Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 04 Jul 2024 16:26:26 GMT x-content-type-options nosniff age 2419 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 6748 x-xss-protection 0 last-modified Tue, 10 Aug 2021 00:20:57 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Fri, 04 Jul 2025 16:26:26 GMT
GET H2	200	KFOlCnqEu92Fr1MmWUlfCxc4EsA.woff2 fonts.gstatic.com/s/roboto/v29/	5 KB 6 KB	270ms 270ms	Font font/woff2	2a00:1450:4001:831::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfCxc4EsA.woff2 Requested by Host: tktk02.hidesmes292.workers.dev URL: https://tktk02.hidesmes292.workers.dev/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 6ac62ad133b177d67c52cfd6b1fa821b3566637b15c3637335036aae03cf972a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://tktk02.hidesmes292.workers.dev/ Origin https://tktk02.hidesmes292.workers.dev Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 27 Jun 2024 17:46:10 GMT x-content-type-options nosniff age 602435 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 5524 x-xss-protection 0 last-modified Wed, 22 Sep 2021 16:13:23 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Fri, 27 Jun 2025 17:46:10 GMT
GET H2	200	KFOmCnqEu92Fr1Mu7WxKOzY.woff2 fonts.gstatic.com/s/roboto/v29/	5 KB 6 KB	268ms 268ms	Font font/woff2	2a00:1450:4001:831::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu7WxKOzY.woff2 Requested by Host: tktk02.hidesmes292.workers.dev URL: https://tktk02.hidesmes292.workers.dev/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash fb56f0e08adb026eb4e4b28c2fc33b35ce3ddf30a075f9906ec14caff095fa3c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://tktk02.hidesmes292.workers.dev/ Origin https://tktk02.hidesmes292.workers.dev Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 02 Jul 2024 15:06:56 GMT x-content-type-options nosniff age 179989 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 5540 x-xss-protection 0 last-modified Wed, 22 Sep 2021 16:13:19 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 02 Jul 2025 15:06:56 GMT
POST H2	204	collect region1.analytics.google.com/g/	0 0	339ms 21ms	Fetch text/plain	2001:4860:4802:34::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.analytics.google.com/g/collect?v=2&tid=G-WBWT7L8BYX&gtm=45je4730v870048749za200&_p=1720112804756&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&tag_exp=0&cid=2068510463.1720112805&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AAAI&_s=1&sid=1720112805&sct=1&seg=0&dl=https%3A%2F%2Ftktk02.hidesmes292.workers.dev%2F&dt=%C8%98tiri%20despre%20industria%20auto%20%7C%20Nout%C4%83%C8%9Bi%20pentru%20pasiona%C8%9Bi%20%C8%99i%20teste%20auto%20%7C%20Promotor.ro&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1760&_z=fetch Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-WBWT7L8BYX&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://tktk02.hidesmes292.workers.dev/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Thu, 04 Jul 2024 17:06:45 GMT server Golfe2 content-type text/plain access-control-allow-origin https://tktk02.hidesmes292.workers.dev cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	204	collect stats.g.doubleclick.net/g/	0 265 B	116ms 37ms	Ping text/plain	2a00:1450:400c:c1d::9c GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/g/collect?v=2&tid=G-WBWT7L8BYX&cid=2068510463.1720112805&gtm=45je4730v870048749za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&frm=0 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-WBWT7L8BYX&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400c:c1d::9c Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://tktk02.hidesmes292.workers.dev/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Thu, 04 Jul 2024 17:06:45 GMT server Golfe2 content-type text/plain access-control-allow-origin https://tktk02.hidesmes292.workers.dev cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	ga-audiences www.google.de/ads/	42 B 63 B	383ms 40ms	Image image/gif	172.217.18.3 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-WBWT7L8BYX&cid=2068510463.1720112805&gtm=45je4730v870048749za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&frm=0&z=1046383531 Requested by Host: tktk02.hidesmes292.workers.dev URL: https://tktk02.hidesmes292.workers.dev/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.217.18.3 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra02s19-in-f3.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://tktk02.hidesmes292.workers.dev/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Thu, 04 Jul 2024 17:06:45 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	segment Show response api.cxense.com/profile/user/	62 B 570 B	73ms 6ms	Script text/javascript	167.235.124.23 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://api.cxense.com/profile/user/segment?callback=cXJsonpCB1&persisted=c16c6848f3c96a765ca4118721400c749565ca30&json=%7B%22identities%22%3A%5B%7B%22id%22%3A%22ly7ir31wea0fyltr%22%2C%22type%22%3A%22cx%22%7D%5D%7D Requested by Host: cdn.cxense.com URL: https://cdn.cxense.com/cx.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 167.235.124.23 Bühl, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS nue0001.cxense.com Software Jetty(9.4.28.v20200408) / Resource Hash ca11b298f778bc9674f60d265c6b71dfcc42723d64cef1ecb6c7056c3088c6e6 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://tktk02.hidesmes292.workers.dev/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Thu, 04 Jul 2024 17:06:45 GMT strict-transport-security max-age=31536000 x-content-type-options nosniff server Jetty(9.4.28.v20200408) content-type text/javascript;charset=utf-8 p3p policyref="http://www.cxense.com/w3c/p3p.xml", CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" cache-control no-store, no-cache, must-revalidate content-length 62 expires Mon, 26 Jul 1997 05:00:00 GMT
GET H/1.1	200 OK	sp1.html cdn.cxense.com/ Frame 1A97	0 0	64ms 15ms	Document text/html	2a02:26f0:7100:997::268b AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://cdn.cxense.com/sp1.html Requested by Host: cdn.cxense.com URL: https://cdn.cxense.com/cx.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:7100:997::268b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software AkamaiNetStorage / Resource Hash Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://tktk02.hidesmes292.workers.dev/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers Accept-Ranges bytes Access-Control-Allow-Origin * Cache-Control max-age=864000 Connection keep-alive Content-Encoding gzip Content-Length 289 Content-Type text/html Date Thu, 04 Jul 2024 17:06:45 GMT Expires Sun, 14 Jul 2024 17:06:45 GMT Last-Modified Thu, 30 Nov 2023 11:55:50 GMT Server AkamaiNetStorage Vary Accept-Encoding
GET H/1.1	200 OK	push Show response comcluster.cxense.com/dmp/	49 B 618 B	50ms 5ms	Script text/javascript	167.235.124.60 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://comcluster.cxense.com/dmp/push?callback=cXJsonpCB2&ver=2.8.65&persisted=fcadb0c22bec63a3e94af5a65644fc6b869880e0&glb=&json=%7B%22events%22%3A%5B%7B%22type%22%3A%22adBlockerDetection%22%2C%22rnd%22%3A%22ly7ir33j4ahezxlb%22%2C%22siteId%22%3A%221135102062960807737%22%2C%22prnd%22%3A%22ly7ir31wt5q3tegw%22%2C%22userIds%22%3A%5B%7B%22id%22%3A%22ly7ir31wea0fyltr%22%2C%22type%22%3A%22cx%22%7D%5D%2C%22origin%22%3A%22brt-adblock%22%2C%22customParameters%22%3A%5B%7B%22group%22%3A%22adBlockerDetected%22%2C%22item%22%3A%22No%22%2C%22type%22%3A%22string%22%7D%5D%7D%5D%7D Requested by Host: cdn.cxense.com URL: https://cdn.cxense.com/cx.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 167.235.124.60 Bühl, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS nue0038.cxense.com Software Jetty(9.4.28.v20200408) / Resource Hash 7068cb9a82af5118aa2f010a371d78ffc9ad3973f213dd670e6609d12e9cb0f0 Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://tktk02.hidesmes292.workers.dev/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Thu, 04 Jul 2024 17:06:45 GMT x-content-type-options nosniff server Jetty(9.4.28.v20200408) p3p policyref="http://www.cxense.com/w3c/p3p.xml", CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" content-type text/javascript;charset=utf-8 cache-control no-store, no-cache, must-revalidate content-length 49 expires Mon, 26 Jul 1997 05:00:00 GMT
POST H2	200	collect Show response www.google-analytics.com/j/	1 B 217 B	21ms 19ms	XHR text/plain	2a00:1450:4001:828::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1558982987&t=pageview&_s=1&dl=https%3A%2F%2Ftktk02.hidesmes292.workers.dev%2F&ul=de-de&de=UTF-8&dt=%C8%98tiri%20despre%20industria%20auto%20%7C%20Nout%C4%83%C8%9Bi%20pentru%20pasiona%C8%9Bi%20%C8%99i%20teste%20auto%20%7C%20Promotor.ro&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=1700806259&gjid=1828041642&cid=2068510463.1720112805&tid=UA-1684917-1&_gid=176499307.1720112806&_r=1&gtm=457e4730za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&tag_exp=0&jsscut=1&npa=1&z=1075123372 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" sec-ch-ua-platform "Win32" Referer https://tktk02.hidesmes292.workers.dev/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Thu, 04 Jul 2024 17:06:45 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://tktk02.hidesmes292.workers.dev cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	eb985273-ea6a-4044-a19f-de4ed6231a79.json Show response cookie-cdn.cookiepro.com/consent/eb985273-ea6a-4044-a19f-de4ed6231a79/	4 KB 2 KB	138ms 116ms	XHR application/x-javascript	2606:4700:4400::ac40:936c CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cookie-cdn.cookiepro.com/consent/eb985273-ea6a-4044-a19f-de4ed6231a79/eb985273-ea6a-4044-a19f-de4ed6231a79.json Requested by Host: cookie-cdn.cookiepro.com URL: https://cookie-cdn.cookiepro.com/scripttemplates/otSDKStub.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::ac40:936c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 789c81fca74ce864cf3ea9319c9124dec213070a1d16bd82b6a384123ab75b87 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://tktk02.hidesmes292.workers.dev/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-ms-blob-type BlockBlob date Thu, 04 Jul 2024 17:06:45 GMT content-encoding gzip cf-cache-status HIT strict-transport-security max-age=31536000; includeSubDomains; preload content-md5 TetGqSLuIFby8TSKhGDsrQ== content-length 1546 x-ms-lease-status unlocked last-modified Wed, 20 Mar 2024 08:45:19 GMT server cloudflare etag 0x8DC48BA12A0D54E vary Accept-Encoding content-type application/x-javascript access-control-allow-origin * x-ms-request-id ef0c71a4-101e-004d-2eea-cde450000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control public, max-age=86400 x-ms-version 2009-09-19 accept-ranges bytes cf-ray 89e0b52b1e1092a7-FRA
GET H/1.1	200 OK	id Show response id.cxense.com/public/user/	102 B 690 B	46ms 8ms	Script text/javascript	167.235.124.60 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://id.cxense.com/public/user/id?json=%7B%22identities%22%3A%5B%7B%22type%22%3A%22ckp%22%2C%22id%22%3A%22ly7ir31wea0fyltr%22%7D%2C%7B%22type%22%3A%22lst%22%2C%22id%22%3A%2235i4hia1btzfm2jlrcfbvmgfaz%22%7D%2C%7B%22type%22%3A%22cst%22%2C%22id%22%3A%2235i4hia1btzfm2jlrcfbvmgfaz%22%7D%5D%2C%22siteId%22%3A%221135102062960807737%22%2C%22location%22%3A%22https%3A%2F%2Ftktk02.hidesmes292.workers.dev%2F%22%7D&callback=cXJsonpCB3 Requested by Host: cdn.cxense.com URL: https://cdn.cxense.com/cx.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 167.235.124.60 Bühl, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS nue0038.cxense.com Software Jetty(9.4.28.v20200408) / Resource Hash af5d3e02cb9bda777f36f99705810f117a1c567ebdbf64e426f1deaa3659b990 Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://tktk02.hidesmes292.workers.dev/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Thu, 04 Jul 2024 17:06:45 GMT x-content-type-options nosniff server Jetty(9.4.28.v20200408) content-type text/javascript;charset=utf-8 p3p policyref="http://www.cxense.com/w3c/p3p.xml", CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" cache-control no-store, no-cache, must-revalidate content-length 102 expires Mon, 26 Jul 1997 05:00:00 GMT
GET H2	200	otBannerSdk.js Show response cookie-cdn.cookiepro.com/scripttemplates/202312.1.0/	429 KB 104 KB	32ms 32ms	Script application/javascript	2606:4700:4400::ac40:936c CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cookie-cdn.cookiepro.com/scripttemplates/202312.1.0/otBannerSdk.js Requested by Host: cookie-cdn.cookiepro.com URL: https://cookie-cdn.cookiepro.com/scripttemplates/otSDKStub.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::ac40:936c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 68a8ca1ebf10a53e893706799708e1f5978ad07ca9e2ae7c2fb22da7d09891a3 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://tktk02.hidesmes292.workers.dev/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-ms-blob-type BlockBlob date Thu, 04 Jul 2024 17:06:45 GMT content-encoding gzip cf-cache-status HIT content-md5 XKJEbi7L7XNGND1Y8WkfuQ== age 44079 strict-transport-security max-age=31536000; includeSubDomains; preload content-length 106388 x-ms-lease-status unlocked last-modified Thu, 07 Mar 2024 09:03:26 GMT server cloudflare etag 0x8DC3E8573481A02 vary Accept-Encoding content-type application/javascript access-control-allow-origin * x-ms-request-id 3e212734-101e-003f-037b-75e31f000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control public, max-age=86400 x-ms-version 2009-09-19 accept-ranges bytes cf-ray 89e0b52bff92bba1-FRA expires Fri, 05 Jul 2024 17:06:45 GMT
GET H3	200	collect www.google-analytics.com/	35 B 55 B	16ms 15ms	Image image/gif	142.250.186.78 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google-analytics.com/collect?v=1&_v=j101&a=1558982987&t=event&ni=1&_s=2&dl=https%3A%2F%2Ftktk02.hidesmes292.workers.dev%2F&ul=de-de&de=UTF-8&dt=%C8%98tiri%20despre%20industria%20auto%20%7C%20Nout%C4%83%C8%9Bi%20pentru%20pasiona%C8%9Bi%20%C8%99i%20teste%20auto%20%7C%20Promotor.ro&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=NTG%20adblock&ea=whitelisted&el=https%3A%2F%2Ftktk02.hidesmes292.workers.dev%2F&_u=aADAAUABAAAAACAAI~&jid=&gjid=&cid=2068510463.1720112805&tid=UA-1684917-1&_gid=176499307.1720112806&gtm=457e4730za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&tag_exp=0&jsscut=1&tcfd=10001&npa=1&z=594695649 Requested by Host: tktk02.hidesmes292.workers.dev URL: https://tktk02.hidesmes292.workers.dev/ Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.78 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s05-in-f14.1e100.net Software Golfe2 / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://tktk02.hidesmes292.workers.dev/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Thu, 04 Jul 2024 12:46:00 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 age 15645 content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 35 expires Mon, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	user Show response admp-tc-sati.adtlgc.com/	63 B 315 B	201ms 36ms	Script application/javascript	34.243.178.126 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://admp-tc-sati.adtlgc.com/user?nw=0&cm=1&sg=1&callback=adapt_dataRequest_sati_admp.campaignCallback&cb=1720112805989&evid=&v=2.39 Requested by Host: code3.adtlgc.com URL: https://code3.adtlgc.com/js/sati_init.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.243.178.126 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-34-243-178-126.eu-west-1.compute.amazonaws.com Software / Resource Hash baee049272b23bef0a1a5f69bec303a844dc431d25607426aba9f49161e69be5 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://tktk02.hidesmes292.workers.dev/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers P3P policyref="http://code.adtlgc.com/w3c/p3p.xml",CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND COM NAV INT" Date Thu, 04 Jul 2024 17:06:46 GMT Connection keep-alive Content-Length 63 Content-Type application/javascript
GET H2	200	ro.json Show response cookie-cdn.cookiepro.com/consent/eb985273-ea6a-4044-a19f-de4ed6231a79/018e0a1e-684f-7cd6-ace2-5551777c82e7/	211 KB 43 KB	103ms 102ms	Fetch application/x-javascript	2606:4700:4400::ac40:936c CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cookie-cdn.cookiepro.com/consent/eb985273-ea6a-4044-a19f-de4ed6231a79/018e0a1e-684f-7cd6-ace2-5551777c82e7/ro.json Requested by Host: cookie-cdn.cookiepro.com URL: https://cookie-cdn.cookiepro.com/scripttemplates/202312.1.0/otBannerSdk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::ac40:936c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash cca163c9402575adaa73f1877a3e7d2814dba211d52d33ce06b81dd0d05982ff Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://tktk02.hidesmes292.workers.dev/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-ms-blob-type BlockBlob date Thu, 04 Jul 2024 17:06:46 GMT content-encoding gzip cf-cache-status HIT strict-transport-security max-age=31536000; includeSubDomains; preload content-md5 X9toEDrJlsWEaTLr5tGSag== content-length 43466 x-ms-lease-status unlocked last-modified Wed, 20 Mar 2024 08:45:29 GMT server cloudflare etag 0x8DC48BA18A32F5F vary Accept-Encoding content-type application/x-javascript access-control-allow-origin * x-ms-request-id f23af6b5-601e-000a-63ea-cd8f0b000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control public, max-age=86400 x-ms-version 2009-09-19 accept-ranges bytes cf-ray 89e0b52dc96492a7-FRA
GET H2	200	iab2V2Data.json Show response cookie-cdn.cookiepro.com/vendorlist/	579 KB 74 KB	74ms 73ms	Fetch application/x-javascript	2606:4700:4400::ac40:936c CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cookie-cdn.cookiepro.com/vendorlist/iab2V2Data.json Requested by Host: cookie-cdn.cookiepro.com URL: https://cookie-cdn.cookiepro.com/scripttemplates/202312.1.0/otBannerSdk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::ac40:936c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 828aaa27fcc5b3e4dbc4129a9d74e5bbcc7a24309095a503707ce8cd0e305b7f Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://tktk02.hidesmes292.workers.dev/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-ms-blob-type BlockBlob date Thu, 04 Jul 2024 17:06:46 GMT content-encoding gzip cf-cache-status HIT content-md5 bqT5YwmnG4n0Vw2nG1SEYw== strict-transport-security max-age=31536000; includeSubDomains; preload content-length 75619 x-ms-lease-status unlocked last-modified Thu, 04 Jul 2024 03:29:08 GMT server cloudflare etag 0x8DC9BD977321DC7 vary Accept-Encoding content-type application/x-javascript access-control-allow-origin * x-ms-request-id 0bfa76bc-301e-0038-6bea-cd8f7c000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control public, max-age=86400 x-ms-version 2009-09-19 accept-ranges bytes cf-ray 89e0b52dc96692a7-FRA expires Fri, 05 Jul 2024 17:06:46 GMT
GET H2	200	otTCF.js Show response cookie-cdn.cookiepro.com/scripttemplates/202312.1.0/	39 KB 12 KB	45ms 45ms	Script application/javascript	2606:4700:4400::ac40:936c CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cookie-cdn.cookiepro.com/scripttemplates/202312.1.0/otTCF.js Requested by Host: cookie-cdn.cookiepro.com URL: https://cookie-cdn.cookiepro.com/scripttemplates/202312.1.0/otBannerSdk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::ac40:936c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b225b553da329022367ef9806c9820cbb60051aede8489749a879cfc3bed0677 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://tktk02.hidesmes292.workers.dev/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-ms-blob-type BlockBlob date Thu, 04 Jul 2024 17:06:46 GMT content-encoding gzip cf-cache-status HIT content-md5 rSal8vWedsIrEPr6rJUMAA== age 23924 strict-transport-security max-age=31536000; includeSubDomains; preload content-length 11706 x-ms-lease-status unlocked last-modified Thu, 07 Mar 2024 09:03:23 GMT server cloudflare etag 0x8DC3E85717D4CDD vary Accept-Encoding content-type application/javascript access-control-allow-origin * x-ms-request-id 79df0235-801e-002d-6b65-7598cf000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control public, max-age=86400 x-ms-version 2009-09-19 accept-ranges bytes cf-ray 89e0b52dcb0ebba1-FRA expires Fri, 05 Jul 2024 17:06:46 GMT
GET H2	200	otFlat.json Show response cookie-cdn.cookiepro.com/scripttemplates/202312.1.0/assets/	13 KB 3 KB	40ms 39ms	Fetch application/json	2606:4700:4400::ac40:936c CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cookie-cdn.cookiepro.com/scripttemplates/202312.1.0/assets/otFlat.json Requested by Host: cookie-cdn.cookiepro.com URL: https://cookie-cdn.cookiepro.com/scripttemplates/202312.1.0/otBannerSdk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::ac40:936c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ea5db5581e262d77d1a43fbb3f0fa3661b51d097b40ca38f584b4943f47cf2e0 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://tktk02.hidesmes292.workers.dev/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-ms-blob-type BlockBlob date Thu, 04 Jul 2024 17:06:46 GMT content-encoding gzip cf-cache-status HIT content-md5 BTZbeL2C0rgC8oY0plS4zQ== strict-transport-security max-age=31536000; includeSubDomains; preload content-length 3017 x-ms-lease-status unlocked last-modified Thu, 07 Mar 2024 09:03:14 GMT server cloudflare etag 0x8DC3E856BD1B1D8 vary Accept-Encoding content-type application/json access-control-allow-origin * x-ms-request-id b3543605-a01e-003a-1eea-cd31c4000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control public, max-age=86400 x-ms-version 2009-09-19 accept-ranges bytes cf-ray 89e0b52f4b0592a7-FRA expires Fri, 05 Jul 2024 17:06:46 GMT
GET H2	200	otCommonStyles.css Show response cookie-cdn.cookiepro.com/scripttemplates/202312.1.0/assets/	21 KB 4 KB	47ms 46ms	Fetch text/css	2606:4700:4400::ac40:936c CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cookie-cdn.cookiepro.com/scripttemplates/202312.1.0/assets/otCommonStyles.css Requested by Host: cookie-cdn.cookiepro.com URL: https://cookie-cdn.cookiepro.com/scripttemplates/202312.1.0/otBannerSdk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::ac40:936c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d3f7b0ec4de079928a999641e781e80f33597a392a561bc460276dfb4efb6eec Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://tktk02.hidesmes292.workers.dev/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-ms-blob-type BlockBlob date Thu, 04 Jul 2024 17:06:46 GMT strict-transport-security max-age=31536000; includeSubDomains; preload content-encoding br cf-cache-status HIT content-md5 c7xAZ9MSGAobGaTYg/Qtag== x-ms-lease-status unlocked last-modified Thu, 07 Mar 2024 09:03:32 GMT server cloudflare vary Accept-Encoding content-type text/css access-control-allow-origin * x-ms-request-id d2f707c3-b01e-0009-73ea-cd6e6f000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control public, max-age=86400 x-ms-version 2009-09-19 cf-ray 89e0b52f4b0992a7-FRA expires Fri, 05 Jul 2024 17:06:46 GMT
GET H/1.1	200 OK	user Show response admp-tc-sati.adtlgc.com/	97 B 555 B	35ms 33ms	Script application/javascript	34.243.178.126 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://admp-tc-sati.adtlgc.com/user?nw=1&cm=0&sg=0&callback=adapt_dataRequest_sati_admp.validateCallback&cb=1720112806309&evid=cx:3hps9bde9uz3u27tx2vixgfa0x:be18oh636jk1&v=2.39 Requested by Host: code3.adtlgc.com URL: https://code3.adtlgc.com/js/sati_init.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.243.178.126 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-34-243-178-126.eu-west-1.compute.amazonaws.com Software / Resource Hash 184905fd2ca17a214b8e6b460b6b781a253370e31734991b372c321194ff25e5 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://tktk02.hidesmes292.workers.dev/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers P3P policyref="http://code.adtlgc.com/w3c/p3p.xml",CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND COM NAV INT" Date Thu, 04 Jul 2024 17:06:46 GMT Connection keep-alive transfer-encoding chunked Content-Type application/javascript
GET H/1.1	200 OK	pagestat Show response admp-tc-sati.adtlgc.com/event/v3/	0 293 B	142ms 34ms	XHR image/jpeg	34.243.178.126 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://admp-tc-sati.adtlgc.com/event/v3/pagestat?location=https%3A%2F%2Ftktk02.hidesmes292.workers.dev%2F&cb=1720112806351&evid=cx:3hps9bde9uz3u27tx2vixgfa0x:be18oh636jk1&v=2.39 Requested by Host: code3.adtlgc.com URL: https://code3.adtlgc.com/js/sati_init.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.243.178.126 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-34-243-178-126.eu-west-1.compute.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://tktk02.hidesmes292.workers.dev/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Thu, 04 Jul 2024 17:06:46 GMT XDomainRequestAllowed 1 Access-Control-Allow-Methods * Content-Type image/jpeg Access-Control-Allow-Origin https://tktk02.hidesmes292.workers.dev Access-Control-Allow-Credentials true Connection keep-alive Content-Length 0
GET H2	200	segment Show response api.cxense.com/profile/user/	62 B 585 B	39ms 37ms	Script text/javascript	167.235.124.23 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://api.cxense.com/profile/user/segment?callback=cXJsonpCB4&persisted=993f7e91f41899181a61f3b6fa338bd436cdd1b7&json=%7B%22identities%22%3A%5B%7B%22id%22%3A%22ly7ir31wea0fyltr%22%2C%22type%22%3A%22cx%22%7D%5D%7D Requested by Host: cdn.cxense.com URL: https://cdn.cxense.com/cx.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 167.235.124.23 Bühl, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS nue0001.cxense.com Software Jetty(9.4.28.v20200408) / Resource Hash 16d2282ccdc7581daaae579c54629a373033afe1cbc1384525566922062b680e Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://tktk02.hidesmes292.workers.dev/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Thu, 04 Jul 2024 17:06:46 GMT strict-transport-security max-age=31536000 x-content-type-options nosniff server Jetty(9.4.28.v20200408) content-type text/javascript;charset=utf-8 p3p policyref="http://www.cxense.com/w3c/p3p.xml", CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" cache-control no-store, no-cache, must-revalidate content-length 62 expires Mon, 26 Jul 1997 05:00:00 GMT
GET H3	200	icon-promotor.png detgse56f.tk/wp-content/themes/promotor-nineteen/assets/images/	335 B 922 B	169ms 169ms	Other image/png	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://detgse56f.tk/wp-content/themes/promotor-nineteen/assets/images/icon-promotor.png Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c68595924710e007f23d934a98215252511f5f8aac04b2b9e533a9b55ccebdbb Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload; Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://tktk02.hidesmes292.workers.dev/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 04 Jul 2024 17:06:46 GMT strict-transport-security max-age=31536000; includeSubDomains; preload; cf-cache-status MISS x-cacheable yf nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 last-modified Wed, 19 Oct 2022 06:19:12 GMT server cloudflare etag W/"634f96e0-14f" vary Accept-Encoding access-control-allow-methods GET, OPTIONS, POST, PURGE content-type image/png access-control-allow-origin * report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OkMwBa%2Be6gMDbIWUiQGAUj2qf3mQkFu45i0o%2BG0LwcKsUC5tsGbQm3w9MzdCCwcUTnEtNUBVI%2BkvZSpBOItvUucGwUJcVSa7h1GLUUt%2BizmQyPZj55eRuzEYD%2Buyo5lsyvY%3D"}],"group":"cf-nel","max_age":604800} cache-control public, max-age=31536000 cf-ray 89e0b53029922c02-FRA access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept, Authorization expires Sat, 22 Mar 2025 19:02:19 GMT
GET H2	200	/ dmp.adform.net/serving/cookie/match/ Redirect Chain https://csyn-r.cxense.com/?cxsite=1135102062960807737&partnerId=csr&cxckp=cx%3A3hps9bde9uz3u27tx2vixgfa0x%3Abe18oh636jk1 https://dmp.adform.net/serving/cookie/match/?party=1077&cid=3hps9bde9uz3u27tx2vixgfa0x https://dmp.adform.net/serving/cookie/match/?CC=1&party=1077&cid=3hps9bde9uz3u27tx2vixgfa0x	35 B 601 B	37ms 37ms	Image image/gif	37.157.4.29 ADFORM
General Check archive.org Show headers Download Go to Show image Full URL https://dmp.adform.net/serving/cookie/match/?CC=1&party=1077&cid=3hps9bde9uz3u27tx2vixgfa0x Protocol H2 Server 37.157.4.29 , Denmark, ASN198622 (ADFORM, DK), Reverse DNS Software nginx / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://tktk02.hidesmes292.workers.dev/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers pragma no-cache date Thu, 04 Jul 2024 17:06:46 GMT strict-transport-security max-age=31536000; includeSubDomains server nginx accept-ch Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version access-control-max-age 86400 access-control-allow-methods GET content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate, no-transform access-control-allow-credentials true access-control-allow-headers Content-Type,Cache-Control,Accept-Encoding,X-Requested-With expires -1 Redirect headers pragma no-cache date Thu, 04 Jul 2024 17:06:46 GMT strict-transport-security max-age=31536000; includeSubDomains server nginx accept-ch Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version access-control-max-age 86400 access-control-allow-methods GET location https://dmp.adform.net/serving/cookie/match/?CC=1&party=1077&cid=3hps9bde9uz3u27tx2vixgfa0x access-control-allow-origin * cache-control no-cache, no-store, must-revalidate, no-transform access-control-allow-credentials true access-control-allow-headers Content-Type,Cache-Control,Accept-Encoding,X-Requested-With content-length 0 expires -1
POST H2	204	collect region1.analytics.google.com/g/	0 0	20ms 19ms	Fetch text/plain	2001:4860:4802:34::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.analytics.google.com/g/collect?v=2&tid=G-WBWT7L8BYX&gtm=45je4730v870048749za200&_p=1720112804756&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&tcfd=10001&tag_exp=0&cid=2068510463.1720112805&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AAAI&_s=2&sid=1720112805&sct=1&seg=0&dl=https%3A%2F%2Ftktk02.hidesmes292.workers.dev%2F&dt=%C8%98tiri%20despre%20industria%20auto%20%7C%20Nout%C4%83%C8%9Bi%20pentru%20pasiona%C8%9Bi%20%C8%99i%20teste%20auto%20%7C%20Promotor.ro&en=whitelisted&_ee=1&ep.event_category=NTG%20adblock&ep.event_label=https%3A%2F%2Ftktk02.hidesmes292.workers.dev%2F&ep.non_interaction=true&_et=506&tfd=7270&_z=fetch Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-WBWT7L8BYX&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://tktk02.hidesmes292.workers.dev/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Thu, 04 Jul 2024 17:06:50 GMT server Golfe2 content-type text/plain access-control-allow-origin https://tktk02.hidesmes292.workers.dev cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT