freedomonline.bg Open in urlscan Pro
104.26.3.135 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://freedomonline.bg/
Effective URL:
https://freedomonline.bg/
Submission: On April 10 via manual (April 10th 2020, 7:59:25 am UTC) from BG

Summary HTTP 54 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 19 IPs in 6 countries across 16 domains to perform 54 HTTP transactions. The main IP is 104.26.3.135, located in United States and belongs to CLOUDFLARENET, US. The main domain is freedomonline.bg.
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on January 31st 2020. Valid for: 8 months.

This is the only time freedomonline.bg was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
23	104.26.3.135 104.26.3.135	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:817::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:809::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:85e5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:800::2008	15169 (GOOGLE) (GOOGLE)
4	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2620:1ec:bdf::10 2620:1ec:bdf::10	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	147.75.84.91 147.75.84.91	54825 (PACKET) (PACKET)
1 2	2a00:1450:400... 2a00:1450:400c:c00::9b	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6812:13b7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2a00:1450:400... 2a00:1450:4001:808::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:808::2003	15169 (GOOGLE) (GOOGLE)
1	216.58.206.2 216.58.206.2	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:816::2002	15169 (GOOGLE) (GOOGLE)
3	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2a02:26f0:310... 2a02:26f0:3100:290::25ea	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 2	2a05:f500:10:... 2a05:f500:10:101::b93f:9105	14413 (LINKEDIN) (LINKEDIN)
1 1	2a05:f500:10:... 2a05:f500:10:101::b93f:9101	14413 (LINKEDIN) (LINKEDIN)
6	2a00:1450:400... 2a00:1450:4001:814::2003	15169 (GOOGLE) (GOOGLE)
1	147.75.100.69 147.75.100.69	54825 (PACKET) (PACKET)
54	19

23 104.26.3.135 (United States)

ASN13335 (CLOUDFLARENET, US)

freedomonline.bg	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:817::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:85e5 (United States)

ASN13335 (CLOUDFLARENET, US)

ajax.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f02d:12:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:bdf::10 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

consent.cookiebot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 147.75.84.91 (Parsippany, United States)

ASN54825 (PACKET, US)

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c00::9b (Brussels, Belgium) 1 redirects

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:13b7 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.by.wonderpush.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.206.2 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: fra16s20-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:816::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f12d:83:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3100:290::25ea (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a05:f500:10:101::b93f:9105 (Ireland) 1 redirects

ASN14413 (LINKEDIN, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:f500:10:101::b93f:9101 (Ireland) 1 redirects

ASN14413 (LINKEDIN, US)

www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:814::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 147.75.100.69 (Central, Hong Kong)

ASN54825 (PACKET, US)
PTR: pkt-ams-k2-shared-ingress16

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
23	freedomonline.bg freedomonline.bg	636 KB
6	gstatic.com fonts.gstatic.com	63 KB
4	facebook.net connect.facebook.net	258 KB
3	linkedin.com 2 redirects px.ads.linkedin.com www.linkedin.com	3 KB
3	facebook.com www.facebook.com	363 B
3	doubleclick.net 1 redirects stats.g.doubleclick.net googleads.g.doubleclick.net	17 KB
3	hotjar.com static.hotjar.com script.hotjar.com vars.hotjar.com	72 KB
3	googleapis.com ajax.googleapis.com fonts.googleapis.com	7 KB
2	cookiebot.com consent.cookiebot.com	57 KB
2	googletagmanager.com www.googletagmanager.com	50 KB
1	licdn.com snap.licdn.com	2 KB
1	googleadservices.com www.googleadservices.com	10 KB
1	google.de www.google.de	109 B
1	google.com 1 redirects www.google.com	193 B
1	wonderpush.com cdn.by.wonderpush.com	1 KB
1	cloudflare.com ajax.cloudflare.com	4 KB
54	16

	Domain	Requested by
23	freedomonline.bg	freedomonline.bg ajax.cloudflare.com
6	fonts.gstatic.com	ajax.googleapis.com
4	connect.facebook.net	freedomonline.bg connect.facebook.net
3	www.facebook.com	freedomonline.bg connect.facebook.net
2	px.ads.linkedin.com	1 redirects
2	stats.g.doubleclick.net	1 redirects www.googletagmanager.com
2	consent.cookiebot.com	ajax.cloudflare.com consent.cookiebot.com
2	www.googletagmanager.com	freedomonline.bg ajax.cloudflare.com
2	fonts.googleapis.com	freedomonline.bg ajax.googleapis.com
1	vars.hotjar.com	static.hotjar.com
1	www.linkedin.com	1 redirects
1	snap.licdn.com	freedomonline.bg
1	googleads.g.doubleclick.net	www.googleadservices.com
1	script.hotjar.com	static.hotjar.com
1	www.googleadservices.com	www.googletagmanager.com
1	www.google.de	freedomonline.bg
1	www.google.com	1 redirects
1	cdn.by.wonderpush.com	ajax.cloudflare.com
1	static.hotjar.com	freedomonline.bg
1	ajax.cloudflare.com	freedomonline.bg
1	ajax.googleapis.com	freedomonline.bg
54	21

This site contains links to these domains. Also see Links.

Domain
www.cookiebot.com
www.linkedin.com
policies.google.com
www.hotjar.com
www.facebook.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com CloudFlare Inc ECC CA-2	`2020-01-31` - `2020-10-09`	8 months	crt.sh
upload.video.google.com GTS CA 1O1	`2020-03-24` - `2020-06-16`	3 months	crt.sh
cloudflare.com CloudFlare Inc ECC CA-2	`2020-01-07` - `2020-10-09`	9 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-03-24` - `2020-06-16`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2020-03-01` - `2020-05-30`	3 months	crt.sh
consent.cookiebot.com Go Daddy Secure Certificate Authority - G2	`2019-01-14` - `2021-01-08`	2 years	crt.sh
static.hotjar.com Let's Encrypt Authority X3	`2020-04-04` - `2020-07-03`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-03-24` - `2020-06-16`	3 months	crt.sh
*.by.wonderpush.com Gandi Standard SSL CA 2	`2019-05-27` - `2020-06-21`	a year	crt.sh
www.google.de GTS CA 1O1	`2020-03-24` - `2020-06-16`	3 months	crt.sh
www.googleadservices.com GTS CA 1O1	`2020-03-24` - `2020-06-16`	3 months	crt.sh
script.hotjar.com Let's Encrypt Authority X3	`2020-04-04` - `2020-07-03`	3 months	crt.sh
*.licdn.com DigiCert SHA2 Secure Server CA	`2019-04-01` - `2021-05-07`	2 years	crt.sh
px.ads.linkedin.com DigiCert SHA2 Secure Server CA	`2020-03-04` - `2020-09-04`	6 months	crt.sh
*.gstatic.com GTS CA 1O1	`2020-03-24` - `2020-06-16`	3 months	crt.sh
vars.hotjar.com Let's Encrypt Authority X3	`2020-04-04` - `2020-07-03`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://freedomonline.bg/
Frame ID: 0ED47AD367B9E710B7A75C0A07C9B51E
Requests: 59 HTTP requests in this frame

Frame: https://www.facebook.com/v3.2/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter.php%3Fversion%3D46%23cb%3Df11ae6851b2a3%26domain%3Dfreedomonline.bg%26origin%3Dhttps%253A%252F%252Ffreedomonline.bg%252Ff2ac2f29c2dcfd%26relation%3Dparent.parent&container_width=445&hide_cover=false&href=http%3A%2F%2Fwww.facebook.com%2Ffreedomonline.bg%2F&locale=bg_BG&sdk=joey&show_facepile=false&show_posts=true
Frame ID: 21842C68C18945B3652AA3D64246551F
Requests: 1 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-469cf41adb11dc78be68c1ae7f9457a4.html
Frame ID: 05B32DC7555A1DBB1C983D5EA822AD5E
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://freedomonline.bg/ HTTP 307
https://freedomonline.bg/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

script /\/wp-(?:content|includes)\//i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

script /\/wp-(?:content|includes)\//i

MySQL (Databases) Expand

Overall confidence: 100%
Detected patterns

script /\/wp-(?:content|includes)\//i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
script /googleapis\.com\/.+webfont/i

Page Statistics

54
Requests

100 %
HTTPS

80 %
IPv6

16
Domains

21
Subdomains

19
IPs

6
Countries

1179 kB
Transfer

3419 kB
Size

8
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://www.cookiebot.com/goto/privacy-policy/
Title: Cookiebot

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/legal/privacy-policy
Title: LinkedIn

Search URL Search Domain Scan URL

URL: https://policies.google.com/privacy
Title: Google Tag Manager

Search URL Search Domain Scan URL

URL: https://www.hotjar.com/legal/policies/privacy
Title: Hotjar

Search URL Search Domain Scan URL

URL: https://www.facebook.com/policies/cookies/
Title: Facebook

Search URL Search Domain Scan URL

URL: https://www.cookiebot.com/
Title: Cookiebot

Search URL Search Domain Scan URL

URL: https://www.facebook.com/freedomonline.bg/
Title: Facebook

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://freedomonline.bg/ HTTP 307
https://freedomonline.bg/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 29

https://stats.g.doubleclick.net/r/__utm.gif?utmwv=5.7.2dc&utms=1&utmn=946157282&utmhn=freedomonline.bg&utmcs=UTF-8&utmsr=1600x1200&utmvp=1585x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=%D0%91%D1%8A%D0%BB%D0%B3%D0%B0%D1%80%D1%81%D0%BA%D0%B8%D1%8F%D1%82%20%D1%81%D0%B0%D0%B9%D1%82%20%D0%B7%D0%B0%20%D0%BA%D0%B8%D0%B1%D0%B5%D1%80%D1%81%D0%B8%D0%B3%D1%83%D1%80%D0%BD%D0%BE%D1%81%D1%82%20-%20Freedomonline.bg&utmhid=1979205632&utmr=-&utmp=%2F&utmht=1586505527512&utmac=UA-1314102-6&utmgtm=2wg432TLGTD2K&utmcc=__utma%3D244492754.1868639268.1586505528.1586505528.1586505528.1%3B%2B__utmz%3D244492754.1586505528.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1015934812&utmredir=3&utmu=qmAgAABAAAGBAAAAAgAAAAAE~ HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-1314102-6&cid=1868639268.1586505528&jid=1015934812&_v=5.7.2dc&z=946157282 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-1314102-6&cid=1868639268.1586505528&jid=1015934812&_v=5.7.2dc&z=946157282&slf_rd=1&random=1074330394

Request Chain 40

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=52621&url=https%3A%2F%2Ffreedomonline.bg%2F&time=1586505527766 HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D52621%26url%3Dhttps%253A%252F%252Ffreedomonline.bg%252F%26time%3D1586505527766%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=52621&url=https%3A%2F%2Ffreedomonline.bg%2F&time=1586505527766&liSync=true

54 HTTP transactions
7 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
freedomonline.bg/
Redirect Chain

http://freedomonline.bg/
https://freedomonline.bg/

121 KB
25 KB

138ms
50ms

Document
text/html

104.26.3.135
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://freedomonline.bg/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.3.135 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / W3 Total Cache/0.13.2

Resource Hash

e44a2eafaa05a989875ebebb8ee37c9c15a158ae3ad992e9e7e5f882855f31f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

:method: GET
:authority: freedomonline.bg
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
date: Fri, 10 Apr 2020 07:58:47 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=d78c7f254ac2d9d412bd9d8e5bfd72e711586505527; expires=Sun, 10-May-20 07:58:47 GMT; path=/; domain=.freedomonline.bg; HttpOnly; SameSite=Lax; Secure
last-modified: Fri, 10 Apr 2020 07:58:47 GMT
expires: Fri, 10 Apr 2020 08:58:47 GMT
pragma: public
cache-control: max-age=3600, public
x-powered-by: W3 Total Cache/0.13.2
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-content-type-options: nosniff
server: cloudflare
cf-ray: 581aecb93b1dfa64-AMS
content-encoding: br

Redirect headers

Location: https://freedomonline.bg/
Non-Authoritative-Reason: HSTS

GET
H2 200 freedom-onlinebg-480-v3.png
freedomonline.bg/wp-content/uploads/2017/09/ 8 KB
8 KB 27ms
26ms Image
image/png 104.26.3.135
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://freedomonline.bg/wp-content/uploads/2017/09/freedom-onlinebg-480-v3.png

Requested by

Host: freedomonline.bg
URL: https://freedomonline.bg/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.3.135 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c3996512f1cfb02209614dbf22382e196b969ab502569111afa7bbc05bf936dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://freedomonline.bg/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 10 Apr 2020 07:58:47 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 3456
status: 200
vary: Accept-Encoding
content-length: 8536
last-modified: Tue, 26 Sep 2017 12:14:18 GMT
server: cloudflare
etag: "59ca449a-2158"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 581aecb98bfafa64-AMS

GET
H2 200 fontawesome-webfont.woff2
freedomonline.bg/wp-content/themes/jannah/assets/fonts/fontawesome/ 75 KB
76 KB 32ms
31ms Font
application/octet-stream 104.26.3.135
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://freedomonline.bg/wp-content/themes/jannah/assets/fonts/fontawesome/fontawesome-webfont.woff2

Requested by

Host: freedomonline.bg
URL: https://freedomonline.bg/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.3.135 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://freedomonline.bg/
Origin: https://freedomonline.bg
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 10 Apr 2020 07:58:47 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 3456
status: 200
vary: Accept-Encoding
content-length: 77160
last-modified: Sun, 05 Apr 2020 12:47:57 GMT
server: cloudflare
etag: "5e89d37d-12d68"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/octet-stream
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 581aecb99c04fa64-AMS

GET
H2 200 tiefonticon.woff
freedomonline.bg/wp-content/themes/jannah/assets/fonts/tiefonticon/ 9 KB
5 KB 25ms
24ms Font
application/font-woff 104.26.3.135
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://freedomonline.bg/wp-content/themes/jannah/assets/fonts/tiefonticon/tiefonticon.woff

Requested by

Host: freedomonline.bg
URL: https://freedomonline.bg/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.3.135 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8e3349c36d26f3f07ddc1807ac6312022900cf8130a510a903c51ce07045f379

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://freedomonline.bg/
Origin: https://freedomonline.bg
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 10 Apr 2020 07:58:47 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Sun, 05 Apr 2020 12:47:57 GMT
server: cloudflare
age: 3456
etag: W/"5e89d37d-2320"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/font-woff
status: 200
cache-control: max-age=14400
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 581aecb99c06fa64-AMS

GET
H2 200 webfont.js Show response
ajax.googleapis.com/ajax/libs/webfont/1/ 13 KB
5 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:817::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/webfont/1/webfont.js

Requested by

Host: freedomonline.bg
URL: https://freedomonline.bg/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://freedomonline.bg/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 03 Apr 2020 03:01:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 622608
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 5437
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 03 Apr 2021 03:01:59 GMT

GET
H2 200 684eb.css
freedomonline.bg/wp-content/cache/minify/ 110 KB
16 KB 28ms
27ms Stylesheet
text/css 104.26.3.135
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://freedomonline.bg/wp-content/cache/minify/684eb.css

Requested by

Host: freedomonline.bg
URL: https://freedomonline.bg/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.3.135 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

88c6bef08cd89d750e4be0ead3216d4183da2e3ca66d96fb38109fc519d939c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://freedomonline.bg/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Fri, 10 Apr 2020 07:58:47 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 3456
status: 200
vary: Accept-Encoding
last-modified: Thu, 09 Apr 2020 08:28:27 GMT
server: cloudflare
etag: W/"5e8edcab-1b585"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css
cache-control: max-age=14400
cf-ray: 581aecb99c07fa64-AMS
cf-bgj: minify

GET
H2 200 css
fonts.googleapis.com/ 10 KB
1 KB 39ms
19ms Stylesheet
text/css 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Noto+Serif%3A400%2C400i%2C700%2C700i&ver=4971b2c6c43a6fbe6e967073dc2b9099

Requested by

Host: freedomonline.bg
URL: https://freedomonline.bg/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7e78c502164e5f4af303f1596e393be57199dbf52a7d0baaeb569cc1f4dd99bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://freedomonline.bg/
Origin: https://freedomonline.bg
Sec-Fetch-Dest: style
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 10 Apr 2020 07:58:47 GMT
server: ESF
date: Fri, 10 Apr 2020 07:58:47 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 10 Apr 2020 07:58:47 GMT

GET
H2 200 76a3f.css
freedomonline.bg/wp-content/cache/minify/ 317 KB
62 KB 47ms
47ms Stylesheet
text/css 104.26.3.135
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://freedomonline.bg/wp-content/cache/minify/76a3f.css

Requested by

Host: freedomonline.bg
URL: https://freedomonline.bg/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.3.135 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1598707f719bc50b53478111d3f0a2da8f57c8b447d170ce28da37f3eb542b16

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://freedomonline.bg/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Fri, 10 Apr 2020 07:58:47 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 3456
cf-polished: origSize=326414
status: 200
vary: Accept-Encoding
last-modified: Thu, 09 Apr 2020 08:32:05 GMT
server: cloudflare
etag: W/"5e8edd85-4fb0e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css
cache-control: max-age=14400
cf-ray: 581aecb99c09fa64-AMS
cf-bgj: minify

GET
H2 200 7aa63.css
freedomonline.bg/wp-content/cache/minify/ 267 KB
44 KB 48ms
47ms Stylesheet
text/css 104.26.3.135
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://freedomonline.bg/wp-content/cache/minify/7aa63.css

Requested by

Host: freedomonline.bg
URL: https://freedomonline.bg/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.3.135 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e4891ff265c02e2078b83c0b6e6c07c71637d5f1fef0fbabbdac0313f7ae4ce7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://freedomonline.bg/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Fri, 10 Apr 2020 07:58:47 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
cf-polished: origSize=275307
status: 200
vary: Accept-Encoding
last-modified: Thu, 09 Apr 2020 08:28:28 GMT
server: cloudflare
etag: W/"5e8edcac-4336b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css
cache-control: max-age=14400
cf-ray: 581aecb99c1bfa64-AMS
cf-bgj: minify

GET
H2 200 rocket-loader.min.js Show response
ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/ 12 KB
4 KB 9ms
7ms Script
application/javascript 2606:4700::6810:85e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Requested by

Host: freedomonline.bg
URL: https://freedomonline.bg/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:85e5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b08cdbc2d30e656a86b20f8342428d5863f70f4b30135b4f4061f754ce932f5e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://freedomonline.bg/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 10 Apr 2020 07:58:47 GMT
content-encoding: gzip
vary: Accept-Encoding
last-modified: Mon, 06 Apr 2020 16:30:08 GMT
server: cloudflare
etag: W/"5e8b5910-3016"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: application/javascript
status: 200
cache-control: max-age=172800, public
strict-transport-security: max-age=15780000; includeSubDomains
cf-ray: 581aecb99f99d70d-FRA
expires: Sun, 12 Apr 2020 07:58:47 GMT

GET
H2 200 helpers.min.css
freedomonline.bg/wp-content/themes/jannah/assets/css/ 46 KB
9 KB 36ms
35ms Stylesheet
text/css 104.26.3.135
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://freedomonline.bg/wp-content/themes/jannah/assets/css/helpers.min.css

Requested by

Host: freedomonline.bg
URL: https://freedomonline.bg/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.3.135 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

21a7e95a391451a776343e4b01669e54e2d6f8b6eb847380eef8cbad96f9e4e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://freedomonline.bg/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Fri, 10 Apr 2020 07:58:47 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Sun, 05 Apr 2020 12:47:57 GMT
server: cloudflare
age: 3456
etag: W/"5e89d37d-b792"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: max-age=14400
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 581aecb9ac37fa64-AMS

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 55 KB
21 KB 18ms
17ms Script
application/javascript 2a00:1450:4001:800::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TLGTD2K

Requested by

Host: freedomonline.bg
URL: https://freedomonline.bg/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

649ed6fb114e744be2b8b019cadfef1fbe808889349483500677d6dd63fb4ba5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://freedomonline.bg/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 10 Apr 2020 07:58:47 GMT
content-encoding: br
status: 200
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 21107
x-xss-protection: 0
last-modified: Fri, 10 Apr 2020 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 10 Apr 2020 07:58:47 GMT

GET
DATA 200
OK truncated
/ 67 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 481ab4fab37c928c8401280085692283260d15523f8f859934bdbc55c95938e6

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 27a965287615f8b4b2e0bad7953e1e5ecda1a4840526bd9faf7439a3466977c8

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 119 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bf2ffbcf4269eac339246b6ef2e37f3abb33a2905decffba0e1cf198190342e8

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 sdk.js Show response
connect.facebook.net/bg_BG/ 3 KB
2 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/bg_BG/sdk.js

Requested by

Host: freedomonline.bg
URL: https://freedomonline.bg/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d53ee34e9a3eafaee93968f7a029e873efdf1b696d04133f21874a8665044fc7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://freedomonline.bg/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: XOSP6DKZfDYdL6I6LcrHeg==
status: 200
date: Fri, 10 Apr 2020 07:58:47 GMT, Fri, 10 Apr 2020 07:58:47 GMT
expires: Fri, 10 Apr 2020 08:13:36 GMT
alt-svc: h3-27=":443"; ma=3600
content-length: 1778
x-fb-debug: XkzBvRN3ACKuWNwsenvV6yRwll0tPnnirCGeSsHWIcs7hdNH+u0qbx7DSdyJsc/adQpMdo8dt4H2fehb+00RZA==
x-fb-trip-id: 1850256238
x-fb-content-md5: e39d390e6ca68fc53d845046f13fd563
etag: "4d3c5052b29f240d0bc320bc7ae0a3fd"
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5

GET
H2 200 1615d.js Show response
freedomonline.bg/wp-content/cache/minify/ 6 KB
2 KB 21ms
21ms Script
application/javascript 104.26.3.135
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://freedomonline.bg/wp-content/cache/minify/1615d.js

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.3.135 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3590a50189b749c071460b4b98b86d4231f3fe83c3bac6b8d35f0bcee14e1aec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://freedomonline.bg/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 10 Apr 2020 07:58:47 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 3456
cf-polished: origSize=6275
status: 200
vary: Accept-Encoding
last-modified: Thu, 09 Apr 2020 08:28:27 GMT
server: cloudflare
etag: W/"5e8edcab-1883"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 581aecba8e9bfa64-AMS
cf-bgj: minify

GET
H2 200 uc.js Show response
consent.cookiebot.com/ 67 KB
22 KB 26ms
12ms Script
application/javascript 2620:1ec:bdf::10
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://consent.cookiebot.com/uc.js
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::10 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 1ef49aa86985d7467181482f198d9b79531bfe67a226f4c24f87dc80b8312156

Request headers

Referer: https://freedomonline.bg/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 10 Apr 2020 07:58:47 GMT
content-encoding: gzip
last-modified: Wed, 01 Apr 2020 15:09:11 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "c98da57f378d61:0"
vary: Accept-Encoding
x-cache: TCP_HIT
content-type: application/javascript
status: 200
cache-control: public,max-age=1200
x-azure-ref: 0NyeQXgAAAABLmwYhELoCS44JTBkRq5TNRlJBRURHRTEwMTcAMzRmYzcyNzUtYmE5My00YmMzLWI3YTUtMjZmYWVhNTkwOTM1
x-azure-ref-originshield: 0TyOQXgAAAAD37LK5by86RpvfRmDS3m8FQU1TRURHRTA0MTMAMzRmYzcyNzUtYmE5My00YmMzLWI3YTUtMjZmYWVhNTkwOTM1
accept-ranges: bytes
content-length: 21965

GET
H2 200 hotjar-1657885.js Show response
static.hotjar.com/c/ 7 KB
3 KB 115ms
85ms Script
application/javascript 147.75.84.91
PACKET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-1657885.js?sv=5

Requested by

Host: freedomonline.bg
URL: https://freedomonline.bg/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

147.75.84.91 Parsippany, United States, ASN54825 (PACKET, US),

Reverse DNS

Software

Resource Hash

68c25d59d81f016ebb76e8296a89e2f69c9212922ea0506c186e66b853b6e568

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://freedomonline.bg/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 10 Apr 2020 07:58:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript
section-io-tag: hotjar
age: 0
status: 200
access-control-max-age: 600
section-io-cache: Miss
content-length: 2572
x-cache-hit: 1
x-frame-options: SAMEORIGIN
etag: W/7e587d31ce7c53d2059c6f2c1c96efd0
vary: Accept-Encoding
section-io-origin-status: 304
access-control-allow-origin: *
cache-control: max-age=60
section-io-origin-time-seconds: 0.070
accept-ranges: bytes
section-io-id: 3e34b5cbfd7ed0742f441de26adffa75
section-origin-responded: true

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 80 KB
30 KB 15ms
15ms Script
application/javascript 2a00:1450:4001:800::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-849494995

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0c7642772f595cb40692525a47595b10ad0ce09de978738706d57b982e022a81

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://freedomonline.bg/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 10 Apr 2020 07:58:47 GMT
content-encoding: br
status: 200
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 30184
x-xss-protection: 0
last-modified: Fri, 10 Apr 2020 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 10 Apr 2020 07:58:47 GMT

GET
H2 200 dc.js Show response
stats.g.doubleclick.net/ 45 KB
17 KB 15ms
15ms Script
text/javascript 2a00:1450:400c:c00::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/dc.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TLGTD2K

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://freedomonline.bg/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 06 Feb 2020 00:21:02 GMT
server: Golfe2
age: 6336
date: Fri, 10 Apr 2020 06:13:11 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 17093
expires: Fri, 10 Apr 2020 08:13:11 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 126 KB
30 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: freedomonline.bg
URL: https://freedomonline.bg/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5a91c6d3e635c0bd1551a53cf0769328132151a7732039170280d500dbcb4685

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://freedomonline.bg/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-27=":443"; ma=3600
content-length: 30466
x-xss-protection: 0
pragma: public
x-fb-debug: 3XpUz5+F3S5yZW0zan9iU0KLwnPBIarb8ITTS0vziflsTJIK7f+ahJkqPo+dBCKM7Rwy7o9mDPkAhqaEHCtcmg==
x-fb-trip-id: 1850256238
date: Fri, 10 Apr 2020 07:58:47 GMT, Fri, 10 Apr 2020 07:58:47 GMT
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 wonderpush-loader.min.js Show response
cdn.by.wonderpush.com/sdk/1.1/ 887 B
1 KB 57ms
13ms Script
application/javascript 2606:4700::6812:13b7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.by.wonderpush.com/sdk/1.1/wonderpush-loader.min.js
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:13b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4e53be5e2978c46cd8becd13ba7e50752088003fcc04405400b9844d27f4ceeb

Request headers

Referer: https://freedomonline.bg/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 10 Apr 2020 07:58:47 GMT
content-encoding: gzip
vary: Accept-Encoding
cf-cache-status: HIT
age: 85099
x-cache: Hit from cloudfront
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
content-length: 497
via: 1.1 78c402b74e65ae12b398b6b957ab229e.cloudfront.net (CloudFront)
last-modified: Tue, 07 Apr 2020 08:20:14 GMT
server: cloudflare
etag: "a223b9e623506d76732d5f47b156c732ed6e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 86400
access-control-allow-methods: HEAD, GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=86400
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
cf-ray: 581aecbacd31d72d-FRA
x-amz-cf-id: oQabZCrwooQP4ewiem1_wK6xUGwl4bBD25yWmIrCniN6SLIEPHr7eA==

GET
H2 200 e6261.js Show response
freedomonline.bg/wp-content/cache/minify/ 152 KB
40 KB 49ms
48ms Script
application/javascript 104.26.3.135
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://freedomonline.bg/wp-content/cache/minify/e6261.js

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.3.135 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d055d2f9aa9e622c6be23bb47d7d781b411b7673ec4fec7b5d38c20f681b8efa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://freedomonline.bg/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 10 Apr 2020 07:58:47 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
cf-polished: origSize=155461
status: 200
vary: Accept-Encoding
last-modified: Thu, 09 Apr 2020 08:28:28 GMT
server: cloudflare
etag: W/"5e8edcac-25f45"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 581aecbaaee6fa64-AMS
cf-bgj: minify

GET
H2 200 8b245.js Show response
freedomonline.bg/wp-content/cache/minify/ 616 B
317 B 21ms
20ms Script
application/javascript 104.26.3.135
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://freedomonline.bg/wp-content/cache/minify/8b245.js

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.3.135 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e4c56f67645de5aac85f1b5a6962f37dd5ac53ae905b6834d7bd4641563244e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://freedomonline.bg/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 10 Apr 2020 07:58:47 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 3456
status: 200
vary: Accept-Encoding
last-modified: Thu, 09 Apr 2020 08:28:28 GMT
server: cloudflare
etag: W/"5e8edcac-268"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 581aecbaaee7fa64-AMS
cf-bgj: minify

GET
H2 200 2fd6a.js Show response
freedomonline.bg/wp-content/cache/minify/ 41 KB
10 KB 30ms
29ms Script
application/javascript 104.26.3.135
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://freedomonline.bg/wp-content/cache/minify/2fd6a.js

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.3.135 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d2ce492a43f25392b00287957b1bb888d1dc34c56492faf8675c783eacde80f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://freedomonline.bg/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 10 Apr 2020 07:58:47 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 3456
cf-polished: origSize=41749
status: 200
vary: Accept-Encoding
last-modified: Thu, 09 Apr 2020 08:28:28 GMT
server: cloudflare
etag: W/"5e8edcac-a315"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 581aecbaaee9fa64-AMS
cf-bgj: minify

GET
H2 200 1bfd5.js Show response
freedomonline.bg/wp-content/cache/minify/ 99 KB
33 KB 36ms
36ms Script
application/javascript 104.26.3.135
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://freedomonline.bg/wp-content/cache/minify/1bfd5.js

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.3.135 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e604334a6a179ec3a727d89150d4f736448bcef77f295534f2646cacbe1ba251

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://freedomonline.bg/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 10 Apr 2020 07:58:47 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 3456
cf-polished: origSize=101018
status: 200
vary: Accept-Encoding
last-modified: Thu, 09 Apr 2020 08:32:05 GMT
server: cloudflare
etag: W/"5e8edd85-18a9a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 581aecbaaeedfa64-AMS
cf-bgj: minify

GET
H2 200 sdk.js Show response
connect.facebook.net/bg_BG/ 389 KB
113 KB 7ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/bg_BG/sdk.js?hash=ddc31bc10f6ed4c7264ee63ee4a76eac&ua=modern_es6

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/bg_BG/sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

2ae25acc7cc244e25be6ea4c62dac371b8a8684fb42b1d4ec0f867453b2495ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://freedomonline.bg/
Origin: https://freedomonline.bg
Sec-Fetch-Dest: script
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: MnaRZXj9R+QVgUX2fynbPA==
status: 200
date: Fri, 10 Apr 2020 07:58:47 GMT, Fri, 10 Apr 2020 07:58:47 GMT
expires: Sat, 10 Apr 2021 07:53:38 GMT
alt-svc: h3-27=":443"; ma=3600
content-length: 115877
x-fb-debug: b9XqCQ1KzjcgoTNPrjTI387U/NQitR8/Sn+GaMms3UCYdyMOxTckf3tXdefAnkQda1KD/GoZ+CF07D5DJ37eNg==
x-fb-trip-id: 1850256238
x-fb-content-md5: e2f3c392c39f3767b7d5ad42fca9d447
etag: "29933609581fb8b8ceb8716073790064"
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5

GET
H2 200 163552408302090 Show response
connect.facebook.net/signals/config/ 447 KB
113 KB 65ms
64ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/163552408302090?v=2.9.15&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c36a9b8929b105aa7a45ceff3087734a159fb8c804fe862d9dca71229eb414f5

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://freedomonline.bg/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-27=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: eD5LPeWxg7Tu7RXf1FiES66j8JK8S/YvtvetIgTsKs2/E5YdFj8NdngpHG55lcEW4l5eJ98EaPhL0eppWNSoXw==
x-fb-trip-id: 1850256238
date: Fri, 10 Apr 2020 07:58:47 GMT, Fri, 10 Apr 2020 07:58:47 GMT
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 cc.js Show response
consent.cookiebot.com/f81a3496-ba08-4a7c-98cd-7b915e4a0c28/ 143 KB
35 KB 98ms
98ms Script
application/x-javascript 2620:1ec:bdf::10
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://consent.cookiebot.com/f81a3496-ba08-4a7c-98cd-7b915e4a0c28/cc.js?renew=false&referer=freedomonline.bg&culture=BG&dnt=false&forceshow=false&cbid=f81a3496-ba08-4a7c-98cd-7b915e4a0c28&whitelabel=false&brandid=Cookiebot&framework=
Requested by: Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::10 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: 5bc131e12d49de7258c366b73b6c89b77b38cf35f3873db0c195b386e97d63d2

Request headers

Referer: https://freedomonline.bg/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 10 Apr 2020 07:58:47 GMT
content-encoding: gzip
x-aspnet-version: 4.0.30319
access-control-allow-origin: *
x-powered-by: ASP.NET
vary: Accept-Encoding
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: application/x-javascript; charset=utf-8
status: 200
cache-control: public, max-age=1
x-azure-ref: 0NyeQXgAAAACf20vE3OmGQIEtf2eQywlrRlJBRURHRTEwMTcAMzRmYzcyNzUtYmE5My00YmMzLWI3YTUtMjZmYWVhNTkwOTM1
access-control-allow-headers: cache-control, expires, Access-Control-Allow-Headers, Origin, Pragma, Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers
content-length: 35124

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://stats.g.doubleclick.net/r/__utm.gif?utmwv=5.7.2dc&utms=1&utmn=946157282&utmhn=freedomonline.bg&utmcs=UTF-8&utmsr=1600x1200&utmvp=1585x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=%D0...
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-1314102-6&cid=1868639268.1586505528&jid=1015934812&_v=5.7.2dc&z=946157282
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-1314102-6&cid=1868639268.1586505528&jid=1015934812&_v=5.7.2dc&z=946157282&slf_rd=1&random=1074330394

42 B
109 B

17ms
16ms

Image
image/gif

2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-1314102-6&cid=1868639268.1586505528&jid=1015934812&_v=5.7.2dc&z=946157282&slf_rd=1&random=1074330394

Requested by

Host: freedomonline.bg
URL: https://freedomonline.bg/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://freedomonline.bg/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Apr 2020 07:58:47 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 10 Apr 2020 07:58:47 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-1314102-6&cid=1868639268.1586505528&jid=1015934812&_v=5.7.2dc&z=946157282&slf_rd=1&random=1074330394
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ 167 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 961c85b50090e564ec3af7501be4d400f6a5f0d7bc7ca294b9b71b8ce24a700e

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 28 KB
10 KB 30ms
29ms Script
text/javascript 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-849494995

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

cafe /

Resource Hash

8af164f3ea30e1ae61711c1c8026b94207e4e2576b5d9c1f6b3b08d85eb2fe38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://freedomonline.bg/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 10 Apr 2020 07:58:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 10600
x-xss-protection: 0
server: cafe
etag: 3240726995048946946
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 10 Apr 2020 07:58:47 GMT

GET
H2 200 modules.55e699e3acb21494688c.js Show response
script.hotjar.com/ 366 KB
69 KB 47ms
16ms Script
application/javascript 147.75.84.91
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.hotjar.com/modules.55e699e3acb21494688c.js
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1657885.js?sv=5
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 147.75.84.91 Parsippany, United States, ASN54825 (PACKET, US),
Reverse DNS
Software: /
Resource Hash: cf0d4ddbda87d7094e0dc9d3be40d24592b30419bfa444f067beae7c7c9abd82

Request headers

Referer: https://freedomonline.bg/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 10 Apr 2020 07:58:47 GMT
content-encoding: br
content-type: application/javascript
age: 55353
status: 200
section-io-cache: Hit
content-length: 70632
last-modified: Thu, 09 Apr 2020 16:33:16 GMT
etag: "156a5fb7944d7f97182a3be6f15d9215"
vary: Accept-Encoding
section-io-origin-status: 200
access-control-allow-origin: *
cache-control: max-age=31536000
section-io-origin-time-seconds: 0.020
accept-ranges: bytes
section-io-id: a9f5f916fb890f955ad234a0bf57f69d
section-origin-responded: true

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/849494995/ 43 B
236 B 17ms
17ms Script
text/javascript 2a00:1450:4001:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/849494995/?random=1586505527562&cv=9&fst=1586505527562&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa432&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Ffreedomonline.bg%2F&tiba=%D0%91%D1%8A%D0%BB%D0%B3%D0%B0%D1%80%D1%81%D0%BA%D0%B8%D1%8F%D1%82%20%D1%81%D0%B0%D0%B9%D1%82%20%D0%B7%D0%B0%20%D0%BA%D0%B8%D0%B1%D0%B5%D1%80%D1%81%D0%B8%D0%B3%D1%83%D1%80%D0%BD%D0%BE%D1%81%D1%82%20-%20Freedomonline.bg&hn=www.googleadservices.com&us_privacy=1YYY&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

77d5fe96defd6c8c1e3b0466b4827cf83dc7e5c727a10177e115d25132fa86f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://freedomonline.bg/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

pragma: no-cache
date: Fri, 10 Apr 2020 07:58:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: text/javascript; charset=UTF-8
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: no-cache, must-revalidate
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 63
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
254 B 6ms
6ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=163552408302090&ev=PageView&dl=https%3A%2F%2Ffreedomonline.bg%2F&rl=&if=false&ts=1586505527578&sw=1600&sh=1200&v=2.9.15&r=stable&ec=0&o=30&fbp=fb.1.1586505527578.767228666&it=1586505527488&coo=false&rqm=GET

Requested by

Host: freedomonline.bg
URL: https://freedomonline.bg/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://freedomonline.bg/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 10 Apr 2020 07:58:47 GMT, Fri, 10 Apr 2020 07:58:47 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-27=":443"; ma=3600
content-length: 44
expires: Fri, 10 Apr 2020 07:58:47 GMT

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4f29b4389a6e08bf3ffcdfb097597d5621b4abac31a74f89c3fa3537dc428e68

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 964 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d47bcf54431b918d4b86953244677a675940b21844a2ac41bee9b690415eb0b1

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 973 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: feeff1b73fc856bbaa909aecd74cd3918a41d2f0642b773831da45ad969317e9

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 3 KB
2 KB 34ms
19ms Script
application/x-javascript 2a02:26f0:3100:290::25ea
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: freedomonline.bg
URL: https://freedomonline.bg/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3100:290::25ea , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: /
Resource Hash: 41dd5e421fe221a7d2921d6fa2b36e8b01a9f2c054aaef5fad866fe896c1d1e0

Request headers

Referer: https://freedomonline.bg/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Fri, 10 Apr 2020 07:58:47 GMT
Content-Encoding: gzip
Last-Modified: Mon, 07 Oct 2019 16:41:31 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=13948
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1576

GET
H2 200 css
fonts.googleapis.com/ 6 KB
791 B 15ms
14ms Stylesheet
text/css 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Merriweather%7CMerriweather:300,700&subset=latin,cyrillic-ext,latin,cyrillic-ext&display=swap

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1/webfont.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fdb4826123dfb256ae81fb8740c60fa500899fd95233047dbc406d98f83049d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://freedomonline.bg/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 10 Apr 2020 07:58:47 GMT
server: ESF
date: Fri, 10 Apr 2020 07:58:47 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 10 Apr 2020 07:58:47 GMT

GET
H2

200

collect
px.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=52621&url=https%3A%2F%2Ffreedomonline.bg%2F&time=1586505527766
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D52621%26url%3Dhttps%253A%252F%252Ffreedomonline.bg%252F%26time%3D1586505527766%26...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=52621&url=https%3A%2F%2Ffreedomonline.bg%2F&time=1586505527766&liSync=true

0
297 B

125ms
125ms

Image
application/javascript

2a05:f500:10:101::b93f:9105
LINKEDIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=52621&url=https%3A%2F%2Ffreedomonline.bg%2F&time=1586505527766&liSync=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:f500:10:101::b93f:9105 , Ireland, ASN14413 (LINKEDIN, US),
Reverse DNS
Software: Play /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://freedomonline.bg/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 10 Apr 2020 07:58:48 GMT
nel: {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
server: Play
linkedin-action: 1
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-fabric: prod-lva1
status: 200
x-li-proto: http/2
x-li-pop: prod-efr5
content-type: application/javascript
content-length: 0
x-li-uuid: jZTURl9mBBaAARmvMCsAAA==

Redirect headers

date: Fri, 10 Apr 2020 07:58:48 GMT
x-content-type-options: nosniff
linkedin-action: 1
status: 302
strict-transport-security: max-age=2592000
content-length: 0
x-li-uuid: CQVWP19mBBZQzAKLoysAAA==
server: Play
pragma: no-cache
x-li-pop: prod-efr5
expect-ct: max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
x-frame-options: sameorigin
x-li-fabric: prod-lva1
location: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=52621&url=https%3A%2F%2Ffreedomonline.bg%2F&time=1586505527766&liSync=true
x-xss-protection: 1; mode=block
cache-control: no-cache, no-store
content-security-policy: default-src *; connect-src 'self' https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com s.c.exp1.licdn.com s.c.exp2.licdn.com m.c.exp1.licdn.com m.c.exp2.licdn.com wss://*.linkedin.com dms.licdn.com https://dpm.demdex.net/id https://lnkd.demdex.net/event blob: static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com media.licdn.com media-exp1.licdn.com media-exp2.licdn.com media-exp3.licdn.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com slideshare.www.linkedin.com https://snap.licdn.com/li.lms-analytics/insight.min.js platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self'
x-li-proto: http/2
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 free-software-780x470.jpg
freedomonline.bg/wp-content/uploads/2020/04/ 54 KB
55 KB 22ms
21ms Image
image/jpeg 104.26.3.135
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://freedomonline.bg/wp-content/uploads/2020/04/free-software-780x470.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.3.135 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aaaa34d8a91177b651fa802511622e304dbd6f3675abb7b20212468b0de41b02

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://freedomonline.bg/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 10 Apr 2020 07:58:47 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1516
status: 200
vary: Accept-Encoding
content-length: 55689
last-modified: Mon, 06 Apr 2020 14:40:32 GMT
server: cloudflare
etag: "5e8b3f60-d989"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 581aecbccc43fa64-AMS

GET
H2 200 zoom--780x470.jpg
freedomonline.bg/wp-content/uploads/2020/04/ 28 KB
28 KB 23ms
23ms Image
image/jpeg 104.26.3.135
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://freedomonline.bg/wp-content/uploads/2020/04/zoom--780x470.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.3.135 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7d425cc3a63072d4beb5d47476d932757c7b90f1eeec8202bef429005b19dc80

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://freedomonline.bg/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 10 Apr 2020 07:58:47 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1516
status: 200
vary: Accept-Encoding
content-length: 28584
last-modified: Sat, 04 Apr 2020 13:50:28 GMT
server: cloudflare
etag: "5e8890a4-6fa8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 581aecbccc45fa64-AMS

GET
H2 200 covi-780x470.jpg
freedomonline.bg/wp-content/uploads/2020/04/ 49 KB
49 KB 24ms
24ms Image
image/jpeg 104.26.3.135
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://freedomonline.bg/wp-content/uploads/2020/04/covi-780x470.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.3.135 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

abb5b7549583f545685fac67b7742009574206f2e44c4bc3c5eaa8e9fb881169

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://freedomonline.bg/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 10 Apr 2020 07:58:47 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1516
status: 200
vary: Accept-Encoding
content-length: 49833
last-modified: Thu, 02 Apr 2020 10:45:00 GMT
server: cloudflare
etag: "5e85c22c-c2a9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 581aecbccc47fa64-AMS

GET
H2 200 page.php
www.facebook.com/v3.2/plugins/ Frame 2184 0
0 342ms
341ms Document
text/html 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/v3.2/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter.php%3Fversion%3D46%23cb%3Df11ae6851b2a3%26domain%3Dfreedomonline.bg%26origin%3Dhttps%253A%252F%252Ffreedomonline.bg%252Ff2ac2f29c2dcfd%26relation%3Dparent.parent&container_width=445&hide_cover=false&href=http%3A%2F%2Fwww.facebook.com%2Ffreedomonline.bg%2F&locale=bg_BG&sdk=joey&show_facepile=false&show_posts=true

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/bg_BG/sdk.js?hash=ddc31bc10f6ed4c7264ee63ee4a76eac&ua=modern_es6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.facebook.com
:scheme: https
:path: /v3.2/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter.php%3Fversion%3D46%23cb%3Df11ae6851b2a3%26domain%3Dfreedomonline.bg%26origin%3Dhttps%253A%252F%252Ffreedomonline.bg%252Ff2ac2f29c2dcfd%26relation%3Dparent.parent&container_width=445&hide_cover=false&href=http%3A%2F%2Fwww.facebook.com%2Ffreedomonline.bg%2F&locale=bg_BG&sdk=joey&show_facepile=false&show_posts=true
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://freedomonline.bg/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: fr=097mRDX3QBpvdnkqt..BekCc3...1.0.BekCc3.
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://freedomonline.bg/

Response headers

status: 200
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
pragma: no-cache
strict-transport-security: max-age=15552000; preload
content-encoding: br
timing-allow-origin: *
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
vary: Accept-Encoding
x-content-type-options: nosniff
facebook-api-version: v3.2
x-xss-protection: 0
content-type: text/html; charset="utf-8"
x-fb-debug: MHGJvuRkpaa2ZyA6AOOAQUYTC4qTREz1k4GS/e11hwSQCPFe0x6Z2qTNB/kaKONOHURzSccFxIFgKgUsS1ZC6g==
date: Fri, 10 Apr 2020 07:58:48 GMT Fri, 10 Apr 2020 07:58:48 GMT
alt-svc: h3-27=":443"; ma=3600

GET
H2 200 u-440qyriQwlOrhSvowK_l5-fCZMdeX3rg.woff2
fonts.gstatic.com/s/merriweather/v21/ 12 KB
12 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:814::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/merriweather/v21/u-440qyriQwlOrhSvowK_l5-fCZMdeX3rg.woff2

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1/webfont.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e4fa437e044d3f739bd5e4aa2d1bd94e3952e888baec655763cd7969576001da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/css?family=Merriweather%7CMerriweather:300,700&subset=latin,cyrillic-ext,latin,cyrillic-ext&display=swap
Origin: https://freedomonline.bg
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 28 Mar 2020 11:38:05 GMT
x-content-type-options: nosniff
last-modified: Mon, 22 Jul 2019 19:18:46 GMT
server: sffe
age: 1110042
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 12256
x-xss-protection: 0
expires: Sun, 28 Mar 2021 11:38:05 GMT

GET
H2 200 u-4n0qyriQwlOrhSvowK_l521wRZWMf6hPvhPQ.woff2
fonts.gstatic.com/s/merriweather/v21/ 12 KB
12 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:814::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/merriweather/v21/u-4n0qyriQwlOrhSvowK_l521wRZWMf6hPvhPQ.woff2

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1/webfont.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1866533cfaaab8f46695c9eb600c6cefe4079badc7f14de3ca1be142fc39b718

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/css?family=Merriweather%7CMerriweather:300,700&subset=latin,cyrillic-ext,latin,cyrillic-ext&display=swap
Origin: https://freedomonline.bg
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 09 Apr 2020 03:32:43 GMT
x-content-type-options: nosniff
last-modified: Mon, 22 Jul 2019 19:19:32 GMT
server: sffe
age: 102364
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 12000
x-xss-protection: 0
expires: Fri, 09 Apr 2021 03:32:43 GMT

GET
H2 200 u-4n0qyriQwlOrhSvowK_l52xwNZWMf6hPvhPQ.woff2
fonts.gstatic.com/s/merriweather/v21/ 12 KB
12 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:814::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/merriweather/v21/u-4n0qyriQwlOrhSvowK_l52xwNZWMf6hPvhPQ.woff2

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1/webfont.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b986fbc59b4f9794ff0d1bd475093053df31b2b79b545daf4125f0abf912716b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/css?family=Merriweather%7CMerriweather:300,700&subset=latin,cyrillic-ext,latin,cyrillic-ext&display=swap
Origin: https://freedomonline.bg
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 28 Mar 2020 13:29:23 GMT
x-content-type-options: nosniff
last-modified: Mon, 22 Jul 2019 19:18:58 GMT
server: sffe
age: 1103364
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 12192
x-xss-protection: 0
expires: Sun, 28 Mar 2021 13:29:23 GMT

GET
H2 200 u-4n0qyriQwlOrhSvowK_l52xwNZXMf6hPvhPUWH.woff2
fonts.gstatic.com/s/merriweather/v21/ 9 KB
9 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:814::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/merriweather/v21/u-4n0qyriQwlOrhSvowK_l52xwNZXMf6hPvhPUWH.woff2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0d66a1370af864dbcba984a23b2b4cac6147bc6e8d3e2831af7be53a6b8f624c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/css?family=Merriweather%7CMerriweather:300,700&subset=latin,cyrillic-ext,latin,cyrillic-ext&display=swap
Origin: https://freedomonline.bg
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 28 Mar 2020 00:34:37 GMT
x-content-type-options: nosniff
last-modified: Mon, 22 Jul 2019 19:19:00 GMT
server: sffe
age: 1149850
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 9048
x-xss-protection: 0
expires: Sun, 28 Mar 2021 00:34:37 GMT

GET
H2 200 u-4n0qyriQwlOrhSvowK_l521wRZXMf6hPvhPUWH.woff2
fonts.gstatic.com/s/merriweather/v21/ 9 KB
9 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:814::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/merriweather/v21/u-4n0qyriQwlOrhSvowK_l521wRZXMf6hPvhPUWH.woff2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

486f923f20b5faa5f947d01fe5af0149cb5b5e9e12f221bac2faefda42fb0228

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/css?family=Merriweather%7CMerriweather:300,700&subset=latin,cyrillic-ext,latin,cyrillic-ext&display=swap
Origin: https://freedomonline.bg
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 28 Mar 2020 05:50:42 GMT
x-content-type-options: nosniff
last-modified: Mon, 22 Jul 2019 19:19:29 GMT
server: sffe
age: 1130885
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 8808
x-xss-protection: 0
expires: Sun, 28 Mar 2021 05:50:42 GMT

GET
H2 200 u-440qyriQwlOrhSvowK_l5-eCZMdeX3rsHo.woff2
fonts.gstatic.com/s/merriweather/v21/ 9 KB
9 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:814::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/merriweather/v21/u-440qyriQwlOrhSvowK_l5-eCZMdeX3rsHo.woff2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

073735ce7c71ec8eb74b226035abd64e31ba4103df67602d50f751ae7ed84751

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/css?family=Merriweather%7CMerriweather:300,700&subset=latin,cyrillic-ext,latin,cyrillic-ext&display=swap
Origin: https://freedomonline.bg
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 09 Apr 2020 01:04:26 GMT
x-content-type-options: nosniff
last-modified: Mon, 22 Jul 2019 19:18:46 GMT
server: sffe
age: 111261
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 9076
x-xss-protection: 0
expires: Fri, 09 Apr 2021 01:04:26 GMT

GET
H2 200 box-469cf41adb11dc78be68c1ae7f9457a4.html
vars.hotjar.com/ Frame 05B3 0
0 46ms
14ms Document
text/html 147.75.100.69
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://vars.hotjar.com/box-469cf41adb11dc78be68c1ae7f9457a4.html
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1657885.js?sv=5
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 147.75.100.69 Central, Hong Kong, ASN54825 (PACKET, US),
Reverse DNS: pkt-ams-k2-shared-ingress16
Software: /
Resource Hash

Request headers

:method: GET
:authority: vars.hotjar.com
:scheme: https
:path: /box-469cf41adb11dc78be68c1ae7f9457a4.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://freedomonline.bg/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://freedomonline.bg/

Response headers

status: 200
date: Fri, 10 Apr 2020 07:58:47 GMT
content-type: text/html
content-length: 851
last-modified: Wed, 25 Mar 2020 15:18:29 GMT
etag: "d594f1d4c3e5dbd6b556c60d34e0daea"
cache-control: max-age=31536000
content-encoding: br
section-io-origin-status: 200
section-io-origin-time-seconds: 0.092
section-origin-responded: true
age: 1304916
vary: Accept-Encoding
section-io-cache: Hit
accept-ranges: bytes
section-io-id: 7845a7516d5f383751d3ee9cbad63611

GET
H2 200 free-software-780x470.jpg
freedomonline.bg/wp-content/uploads/2020/04/ 54 KB
55 KB 22ms
20ms Image
image/jpeg 104.26.3.135
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://freedomonline.bg/wp-content/uploads/2020/04/free-software-780x470.jpg

Requested by

Host: freedomonline.bg
URL: https://freedomonline.bg/wp-content/cache/minify/1bfd5.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.3.135 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aaaa34d8a91177b651fa802511622e304dbd6f3675abb7b20212468b0de41b02

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://freedomonline.bg/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 10 Apr 2020 07:58:47 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1516
status: 200
vary: Accept-Encoding
content-length: 55689
last-modified: Mon, 06 Apr 2020 14:40:32 GMT
server: cloudflare
etag: "5e8b3f60-d989"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 581aecbdae64fa64-AMS

GET
H2 200 zoom--780x470.jpg
freedomonline.bg/wp-content/uploads/2020/04/ 13 KB
13 KB 25ms
24ms Image
image/webp 104.26.3.135
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://freedomonline.bg/wp-content/uploads/2020/04/zoom--780x470.jpg

Requested by

Host: freedomonline.bg
URL: https://freedomonline.bg/wp-content/cache/minify/1bfd5.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.3.135 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1aa1f0ebbc6350f5b6f5af9ff0d1dc2bea9f42488f161f56cdab5161f74eaec6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://freedomonline.bg/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 10 Apr 2020 07:58:47 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1516
cf-polished: qual=85, origFmt=jpeg, origSize=28584
status: 200
content-disposition: inline; filename="zoom--780x470.webp"
vary: Accept
content-length: 12964
last-modified: Sat, 04 Apr 2020 13:50:28 GMT
server: cloudflare
etag: "5e8890a4-6fa8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/webp
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 581aecbdae7ffa64-AMS
cf-bgj: imgq:85

GET
H2 200 covi-780x470.jpg
freedomonline.bg/wp-content/uploads/2020/04/ 39 KB
39 KB 22ms
21ms Image
image/webp 104.26.3.135
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://freedomonline.bg/wp-content/uploads/2020/04/covi-780x470.jpg

Requested by

Host: freedomonline.bg
URL: https://freedomonline.bg/wp-content/cache/minify/1bfd5.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.3.135 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6b839899479054141133dd1554b5f889e1e38498923274a7845b241d4b149c96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://freedomonline.bg/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 10 Apr 2020 07:58:47 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1516
cf-polished: qual=85, origFmt=jpeg, origSize=49833
status: 200
content-disposition: inline; filename="covi-780x470.webp"
vary: Accept
content-length: 40164
last-modified: Thu, 02 Apr 2020 10:45:00 GMT
server: cloudflare
etag: "5e85c22c-c2a9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/webp
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 581aecbdbe96fa64-AMS
cf-bgj: imgq:85

GET
H2 200 freedom-onlinebg-480-v3.png
freedomonline.bg/wp-content/uploads/2017/09/ 5 KB
5 KB 23ms
22ms Image
image/webp 104.26.3.135
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://freedomonline.bg/wp-content/uploads/2017/09/freedom-onlinebg-480-v3.png

Requested by

Host: freedomonline.bg
URL: https://freedomonline.bg/wp-content/cache/minify/e6261.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.3.135 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

952c115acf12dfccbd3206199389b5bbc49ea15fbdc08cb6653aa8de7f84ea29

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://freedomonline.bg/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 10 Apr 2020 07:58:48 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 3457
cf-polished: origFmt=png, origSize=8536
status: 200
content-disposition: inline; filename="freedom-onlinebg-480-v3.webp"
vary: Accept
content-length: 5046
last-modified: Tue, 26 Sep 2017 12:14:18 GMT
server: cloudflare
etag: "59ca449a-2158"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/webp
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 581aecbe792bfa64-AMS
cf-bgj: imgq:85

GET
H2 200 android-trojan-390x220.jpg
freedomonline.bg/wp-content/uploads/2020/04/ 25 KB
25 KB 29ms
29ms Image
image/jpeg 104.26.3.135
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://freedomonline.bg/wp-content/uploads/2020/04/android-trojan-390x220.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.3.135 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9f6273118f39f5e742d806d8f49fffcdf4577f17d838dd1e0c6db48f0dea464e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://freedomonline.bg/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 10 Apr 2020 07:58:48 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1517
status: 200
vary: Accept-Encoding
content-length: 25606
last-modified: Thu, 09 Apr 2020 12:47:00 GMT
server: cloudflare
etag: "5e8f1944-6406"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 581aecbe7932fa64-AMS

GET
H2 200 skimmer-390x220.jpg
freedomonline.bg/wp-content/uploads/2020/04/ 16 KB
17 KB 51ms
50ms Image
image/jpeg 104.26.3.135
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://freedomonline.bg/wp-content/uploads/2020/04/skimmer-390x220.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.3.135 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6b36ef28ab42d534b69708e9618eb4195dc722c1b775cd6f1362cf0b609110a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://freedomonline.bg/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 10 Apr 2020 07:58:48 GMT
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
last-modified: Thu, 09 Apr 2020 12:41:50 GMT
server: cloudflare
etag: "5e8f180e-41db"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
status: 200
cache-control: max-age=14400
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ranges: bytes
cf-ray: 581aecbe7942fa64-AMS
content-length: 16859

GET
H2 200 win32k-390x220.jpg
freedomonline.bg/wp-content/uploads/2020/04/ 20 KB
20 KB 62ms
62ms Image
image/jpeg 104.26.3.135
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://freedomonline.bg/wp-content/uploads/2020/04/win32k-390x220.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.3.135 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b8fd247f6f85f205f59df02e97f7eacfd275f68026fa56373c06a6a77d2eba95

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://freedomonline.bg/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 10 Apr 2020 07:58:48 GMT
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
last-modified: Thu, 09 Apr 2020 12:31:32 GMT
server: cloudflare
etag: "5e8f15a4-4f12"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
status: 200
cache-control: max-age=14400
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ranges: bytes
cf-ray: 581aecbe8943fa64-AMS
content-length: 20242

POST
H2 200 /
www.facebook.com/tr/ 0
109 B 6ms
6ms Other
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://freedomonline.bg/
Origin: https://freedomonline.bg
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryp5NkLPUfUMz5ii7Y

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
server: proxygen-bolt
access-control-allow-origin: https://freedomonline.bg
date: Fri, 10 Apr 2020 07:58:48 GMT
content-type: text/plain
status: 200
access-control-allow-credentials: true
alt-svc: h3-27=":443"; ma=3600
content-length: 0

Verdicts & Comments Add Verdict or Comment

89 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.freedomonline.bg/	1970-01-19 08:41:47	Name: __utmb Value: 244492754.1.10.1586505528
.freedomonline.bg/	1970-01-19 10:51:21	Name: _fbp Value: fb.1.1586505527578.767228666
.freedomonline.bg/	1970-01-19 08:41:46	Name: __utmt_UA-1314102-6 Value: 1
.freedomonline.bg/	1970-01-19 17:14:23	Name: _hjid Value: 30a5b10f-e9a7-430e-ab8a-940135e6ffe3
.freedomonline.bg/	1970-01-19 09:24:57	Name: __cfduid Value: d78c7f254ac2d9d412bd9d8e5bfd72e711586505527
.freedomonline.bg/	1970-01-19 13:04:33	Name: __utmz Value: 244492754.1586505528.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none)
.freedomonline.bg/	1970-01-20 02:12:57	Name: __utma Value: 244492754.1868639268.1586505528.1586505528.1586505528.1
.freedomonline.bg/	1969-12-31 23:59:59	Name: __utmc Value: 244492754

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	(Line 1) Message: Style tie-css-styles
console-api	log	(Line 1) Message: Style tie-css-shortcodes
console-api	log	(Line 1) Message: Style tie-css-widgets
console-api	log	(Line 1) Message: Style tie-css-helpers

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.cloudflare.com
ajax.googleapis.com
cdn.by.wonderpush.com
connect.facebook.net
consent.cookiebot.com
fonts.googleapis.com
fonts.gstatic.com
freedomonline.bg
googleads.g.doubleclick.net
px.ads.linkedin.com
script.hotjar.com
snap.licdn.com
static.hotjar.com
stats.g.doubleclick.net
vars.hotjar.com
www.facebook.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.linkedin.com
104.26.3.135
147.75.100.69
147.75.84.91
216.58.206.2
2606:4700::6810:85e5
2606:4700::6812:13b7
2620:1ec:bdf::10
2a00:1450:4001:800::2008
2a00:1450:4001:808::2003
2a00:1450:4001:808::2004
2a00:1450:4001:809::200a
2a00:1450:4001:814::2003
2a00:1450:4001:816::2002
2a00:1450:4001:817::200a
2a00:1450:400c:c00::9b
2a02:26f0:3100:290::25ea
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
2a05:f500:10:101::b93f:9101
2a05:f500:10:101::b93f:9105
073735ce7c71ec8eb74b226035abd64e31ba4103df67602d50f751ae7ed84751
0c7642772f595cb40692525a47595b10ad0ce09de978738706d57b982e022a81
0d66a1370af864dbcba984a23b2b4cac6147bc6e8d3e2831af7be53a6b8f624c
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1598707f719bc50b53478111d3f0a2da8f57c8b447d170ce28da37f3eb542b16
1866533cfaaab8f46695c9eb600c6cefe4079badc7f14de3ca1be142fc39b718
1aa1f0ebbc6350f5b6f5af9ff0d1dc2bea9f42488f161f56cdab5161f74eaec6
1ef49aa86985d7467181482f198d9b79531bfe67a226f4c24f87dc80b8312156
21a7e95a391451a776343e4b01669e54e2d6f8b6eb847380eef8cbad96f9e4e8
27a965287615f8b4b2e0bad7953e1e5ecda1a4840526bd9faf7439a3466977c8
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2ae25acc7cc244e25be6ea4c62dac371b8a8684fb42b1d4ec0f867453b2495ea
3590a50189b749c071460b4b98b86d4231f3fe83c3bac6b8d35f0bcee14e1aec
41dd5e421fe221a7d2921d6fa2b36e8b01a9f2c054aaef5fad866fe896c1d1e0
481ab4fab37c928c8401280085692283260d15523f8f859934bdbc55c95938e6
486f923f20b5faa5f947d01fe5af0149cb5b5e9e12f221bac2faefda42fb0228
4e53be5e2978c46cd8becd13ba7e50752088003fcc04405400b9844d27f4ceeb
4f29b4389a6e08bf3ffcdfb097597d5621b4abac31a74f89c3fa3537dc428e68
5a91c6d3e635c0bd1551a53cf0769328132151a7732039170280d500dbcb4685
5bc131e12d49de7258c366b73b6c89b77b38cf35f3873db0c195b386e97d63d2
6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8
649ed6fb114e744be2b8b019cadfef1fbe808889349483500677d6dd63fb4ba5
68c25d59d81f016ebb76e8296a89e2f69c9212922ea0506c186e66b853b6e568
6b36ef28ab42d534b69708e9618eb4195dc722c1b775cd6f1362cf0b609110a7
6b839899479054141133dd1554b5f889e1e38498923274a7845b241d4b149c96
77d5fe96defd6c8c1e3b0466b4827cf83dc7e5c727a10177e115d25132fa86f6
7d425cc3a63072d4beb5d47476d932757c7b90f1eeec8202bef429005b19dc80
7e78c502164e5f4af303f1596e393be57199dbf52a7d0baaeb569cc1f4dd99bb
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
88c6bef08cd89d750e4be0ead3216d4183da2e3ca66d96fb38109fc519d939c7
8af164f3ea30e1ae61711c1c8026b94207e4e2576b5d9c1f6b3b08d85eb2fe38
8e3349c36d26f3f07ddc1807ac6312022900cf8130a510a903c51ce07045f379
952c115acf12dfccbd3206199389b5bbc49ea15fbdc08cb6653aa8de7f84ea29
961c85b50090e564ec3af7501be4d400f6a5f0d7bc7ca294b9b71b8ce24a700e
9f6273118f39f5e742d806d8f49fffcdf4577f17d838dd1e0c6db48f0dea464e
aaaa34d8a91177b651fa802511622e304dbd6f3675abb7b20212468b0de41b02
abb5b7549583f545685fac67b7742009574206f2e44c4bc3c5eaa8e9fb881169
b08cdbc2d30e656a86b20f8342428d5863f70f4b30135b4f4061f754ce932f5e
b8fd247f6f85f205f59df02e97f7eacfd275f68026fa56373c06a6a77d2eba95
b986fbc59b4f9794ff0d1bd475093053df31b2b79b545daf4125f0abf912716b
bf2ffbcf4269eac339246b6ef2e37f3abb33a2905decffba0e1cf198190342e8
c36a9b8929b105aa7a45ceff3087734a159fb8c804fe862d9dca71229eb414f5
c3996512f1cfb02209614dbf22382e196b969ab502569111afa7bbc05bf936dd
cf0d4ddbda87d7094e0dc9d3be40d24592b30419bfa444f067beae7c7c9abd82
d055d2f9aa9e622c6be23bb47d7d781b411b7673ec4fec7b5d38c20f681b8efa
d2ce492a43f25392b00287957b1bb888d1dc34c56492faf8675c783eacde80f0
d47bcf54431b918d4b86953244677a675940b21844a2ac41bee9b690415eb0b1
d53ee34e9a3eafaee93968f7a029e873efdf1b696d04133f21874a8665044fc7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e44a2eafaa05a989875ebebb8ee37c9c15a158ae3ad992e9e7e5f882855f31f0
e4891ff265c02e2078b83c0b6e6c07c71637d5f1fef0fbabbdac0313f7ae4ce7
e4c56f67645de5aac85f1b5a6962f37dd5ac53ae905b6834d7bd4641563244e7
e4fa437e044d3f739bd5e4aa2d1bd94e3952e888baec655763cd7969576001da
e604334a6a179ec3a727d89150d4f736448bcef77f295534f2646cacbe1ba251
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fdb4826123dfb256ae81fb8740c60fa500899fd95233047dbc406d98f83049d0
feeff1b73fc856bbaa909aecd74cd3918a41d2f0642b773831da45ad969317e9

freedomonline.bg Open in urlscan Pro 104.26.3.135 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

54 Requests

100 %HTTPS

80 %IPv6

16 Domains

21 Subdomains

19 IPs

6 Countries

1179 kBTransfer

3419 kBSize

8 Cookies

7 Outgoing links

Page URL History

Redirected requests

54 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 7 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

freedomonline.bg Open in urlscan Pro
104.26.3.135 Public Scan

Screenshot
Live screenshot

Full Image

54
Requests

100 %
HTTPS

80 %
IPv6

16
Domains

21
Subdomains

19
IPs

6
Countries

1179 kB
Transfer

3419 kB
Size

8
Cookies

54 HTTP transactions
7 data transactions