offnews.bg Open in urlscan Pro
109.121.152.10 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://offnews.bg/
Effective URL:
https://offnews.bg/
Submission: On August 16 via manual (August 16th 2018, 1:14:53 pm UTC) from GB

Summary HTTP 91 Redirects Links 13 Behaviour Indicators

Summary

This website contacted 14 IPs in 4 countries across 13 domains to perform 91 HTTP transactions. The main IP is 109.121.152.10, located in Elin Pelin, Bulgaria and belongs to SOFIA-CONNECT-AS, BG. The main domain is offnews.bg.
TLS certificate: Issued by COMODO RSA Domain Validation Secure S... on September 19th 2016. Valid for: 3 years.

This is the only time offnews.bg was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 29	109.121.152.10 109.121.152.10	47872 (SOFIA-CON...) (SOFIA-CONNECT-AS)
1	2a00:1450:400... 2a00:1450:4001:821::200a	15169 (GOOGLE) (GOOGLE - Google LLC)
1 5	2a00:1450:400... 2a00:1450:4001:814::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
14	109.121.152.11 109.121.152.11	47872 (SOFIA-CON...) (SOFIA-CONNECT-AS)
1 1	141.170.25.54 141.170.25.54	33920 (AQL) (AQL)
2 4	2a00:1450:400... 2a00:1450:4001:821::2004	15169 (GOOGLE) (GOOGLE - Google LLC)
2	2a00:1450:400... 2a00:1450:4001:80b::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
1 4	78.128.6.41 78.128.6.41	31083 (TELEPOINT) (TELEPOINT)
1 3	2a00:1450:400... 2a00:1450:4001:821::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
2	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
5	172.217.18.2 172.217.18.2	15169 (GOOGLE) (GOOGLE - Google LLC)
8	2a00:1450:400... 2a00:1450:4001:821::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
1 1	2a00:1450:400... 2a00:1450:400c:c0c::9b	15169 (GOOGLE) (GOOGLE - Google LLC)
13	2a00:1450:400... 2a00:1450:4001:821::2001	15169 (GOOGLE) (GOOGLE - Google LLC)
6	2a00:1450:400... 2a00:1450:4001:815::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
91	14

29 109.121.152.10 (Elin Pelin, Bulgaria) 1 redirects

ASN47872 (SOFIA-CONNECT-AS, BG)
PTR: ip-109-121-152-10.ip.offnews.bg

offnews.bg	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:821::200a (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:814::2002 (Ireland) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 109.121.152.11 (Elin Pelin, Bulgaria)

ASN47872 (SOFIA-CONNECT-AS, BG)
PTR: offnews.bg

i2.offnews.bg	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
id.offmedia.bg	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.170.25.54 (Leeds, United Kingdom) 1 redirects

ASN33920 (AQL, GB)
PTR: unassigned.aql.com

i.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:821::2004 (Ireland) 2 redirects

ASN15169 (GOOGLE - Google LLC, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::2003 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 78.128.6.41 (Bulgaria) 1 redirects

ASN31083 (TELEPOINT, BG)
PTR: ip-6-41.telehouse.bg

gabg.hit.gemius.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:821::200e (Ireland) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::2002 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 172.217.18.2 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s28-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:821::2003 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0c::9b (Ireland) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:821::2001 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:815::2002 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
42	offnews.bg 1 redirects offnews.bg i2.offnews.bg	611 KB
19	googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com	246 KB
10	doubleclick.net 2 redirects googleads.g.doubleclick.net securepubads.g.doubleclick.net stats.g.doubleclick.net	116 KB
8	gstatic.com fonts.gstatic.com	72 KB
5	google.com 2 redirects www.google.com adservice.google.com	778 B
4	gemius.pl 1 redirects gabg.hit.gemius.pl	10 KB
3	google-analytics.com 1 redirects www.google-analytics.com	29 KB
3	google.de www.google.de adservice.google.de	387 B
1	offmedia.bg id.offmedia.bg
1	ctnsnet.com 1 redirects i.ctnsnet.com	665 B
1	googletagservices.com www.googletagservices.com	8 KB
1	googleapis.com fonts.googleapis.com	1 KB
0	Failed function sub() { [native code] }. Failed
91	13

	Domain	Requested by
29	offnews.bg	1 redirects offnews.bg
13	tpc.googlesyndication.com	securepubads.g.doubleclick.net
13	i2.offnews.bg	offnews.bg
8	fonts.gstatic.com	offnews.bg
6	pagead2.googlesyndication.com	securepubads.g.doubleclick.net offnews.bg pagead2.googlesyndication.com
5	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net offnews.bg
4	gabg.hit.gemius.pl	1 redirects offnews.bg gabg.hit.gemius.pl
4	www.google.com	2 redirects securepubads.g.doubleclick.net
4	googleads.g.doubleclick.net	1 redirects pagead2.googlesyndication.com
3	www.google-analytics.com	1 redirects offnews.bg www.google-analytics.com
2	www.google.de	offnews.bg
1	stats.g.doubleclick.net	1 redirects
1	id.offmedia.bg	offnews.bg
1	adservice.google.com	www.googletagservices.com
1	adservice.google.de	www.googletagservices.com
1	i.ctnsnet.com	1 redirects
1	www.googletagservices.com	offnews.bg
1	fonts.googleapis.com	offnews.bg
0	eflcdgjbimnnhfkbgipdofbiofnhnjbc Failed	offnews.bg
91	19

This site contains links to these domains. Also see Links.

Domain
nauka.offnews.bg
auto.offnews.bg
offmedia.bg
m.offnews.bg
id.offmedia.bg
twitter.com
www.facebook.com
offroad-bulgaria.com
werock.bg
mamaninja.bg
www.pimdesign.org

Subject Issuer	Validity	Valid
*.offnews.bg COMODO RSA Domain Validation Secure Server CA	`2016-09-19` - `2019-09-19`	3 years	crt.sh
*.googleapis.com Google Internet Authority G3	`2018-08-07` - `2018-10-16`	2 months	crt.sh
*.g.doubleclick.net Google Internet Authority G3	`2018-08-07` - `2018-10-16`	2 months	crt.sh
www.google.de Google Internet Authority G3	`2018-08-07` - `2018-10-16`	2 months	crt.sh
*.hit.gemius.pl COMODO ECC Domain Validation Secure Server CA	`2017-09-25` - `2019-09-25`	2 years	crt.sh
*.google-analytics.com Google Internet Authority G3	`2018-08-07` - `2018-10-16`	2 months	crt.sh
*.google.com Google Internet Authority G3	`2018-08-07` - `2018-10-16`	2 months	crt.sh
*.offmedia.bg COMODO RSA Domain Validation Secure Server CA	`2017-04-01` - `2019-06-30`	2 years	crt.sh
tpc.googlesyndication.com Google Internet Authority G3	`2018-08-07` - `2018-10-16`	2 months	crt.sh
www.google.com Google Internet Authority G3	`2018-08-07` - `2018-10-16`	2 months	crt.sh

This page contains 13 frames:

Primary Page: https://offnews.bg/
Frame ID: DDEB91124F7984EBD3953984CBC3308C
Requests: 69 HTTP requests in this frame

Frame: https://id.offmedia.bg/gdpr2018/?notpl=ok&successurl=offnews.bg/
Frame ID: CF633FEC1A7B8535F609B32252926987
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20180813/r20110914/abg_lite.js
Frame ID: 24787BB1896099F3FD2E1C790020957B
Requests: 7 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/simgad/16581592750880410023
Frame ID: 7CD71AFDA7D793F5A6A30E8136A6862E
Requests: 7 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/safeframe/1-0-29/html/container.html
Frame ID: 8505BA8A13EF3D7EB1235CAFA4A742D7
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/safeframe/1-0-29/html/container.html
Frame ID: 595EB20A89D1C0EFB86D37D073672E54
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/safeframe/1-0-29/html/container.html
Frame ID: DE3949C10F423FE550D73F015D6EE35E
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/safeframe/1-0-29/html/container.html
Frame ID: 457F0EF864748761E7F7810C221FE668
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20180813/r20180604/zrt_lookup.html
Frame ID: BC1BFD46654B924E1D2922AB58CB0B39
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/r20180813/r20180604/show_ads_impl.js
Frame ID: EF4CA0222F39E0FD890D1F952368A828
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8785447506140681&output=html&h=250&slotname=5938599577&adk=2166029690&adf=2908946590&w=250&lmt=1534425282&guci=1.2.0.0.2.2.0&format=250x250&url=https%3A%2F%2Foffnews.bg%2F&flash=0&wgl=1&adsid=NT&dt=1534425282222&bpp=17&bdt=2296&fdt=19&idt=88&shv=r20180813&cbv=r20180604&saldr=aa&abxe=1&correlator=1742501545065&frm=20&pv=2&ga_vid=1110803035.1534425280&ga_sid=1534425281&ga_hid=434110341&ga_fc=0&iag=0&icsg=2888633936555&dssz=41&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=824&ady=522&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21060853%2C368226400%2C21061319&oid=3&rx=0&eae=0&fc=528&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&ppjl=u&pfx=0&fu=16&bc=7&osw_key=2377092367&ifi=15&fsb=1&xpc=lq4GGKPJjx&p=https%3A//offnews.bg&dtd=107
Frame ID: 7CDB63C9D7C0B8F4CDFE4E46A2979568
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/r20180813/r20180604/show_ads_impl.js
Frame ID: 9E7EFB59EC4F24369A47CF357FCF9132
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8785447506140681&output=html&h=600&slotname=7805232477&adk=1247910337&adf=1511700630&w=300&lmt=1534425282&guci=1.2.0.0.2.2.0&format=300x600&url=https%3A%2F%2Foffnews.bg%2F&flash=0&wgl=1&adsid=NT&dt=1534425282243&bpp=7&bdt=2317&fdt=105&idt=107&shv=r20180813&cbv=r20180604&saldr=aa&abxe=1&prev_fmts=250x250&correlator=1742501545065&frm=20&pv=1&ga_vid=1110803035.1534425280&ga_sid=1534425281&ga_hid=434110341&ga_fc=0&iag=0&icsg=2888633936555&dssz=41&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=799&ady=1163&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21060853%2C368226400%2C21061319&oid=3&rx=0&eae=0&fc=528&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&ppjl=u&pfx=0&fu=16&bc=7&osw_key=2458460729&ifi=16&fsb=1&xpc=1hvQ4oFhWh&p=https%3A//offnews.bg&dtd=112
Frame ID: E8FC79E43C041A539305E466A394B4AA
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://offnews.bg/ HTTP 301
https://offnews.bg/ Page URL

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googletagservices\.com\/tag\/js\/gpt(?:_mobile)?\.js/i

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+font-awesome(?:\.min)?\.css/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i
env /^google_ad_/i
env /^__google_ad_/i
env /^Goog_AdSense_/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|(analytics))\.js/i
env /^gaGlobal$/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

env /^googletag$/i
env /^google_tag_manager$/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery(?:\-|\.)([\d.]*\d)[^\/]*\.js/i
script /jquery.*\.js/i
env /^jQuery$/i

Page Statistics

91
Requests

99 %
HTTPS

67 %
IPv6

13
Domains

19
Subdomains

14
IPs

4
Countries

1092 kB
Transfer

2359 kB
Size

2
Cookies

13 Outgoing links

These are links going to different origins than the main page.

URL: https://nauka.offnews.bg/
Title: Наука

Search URL Search Domain Scan URL

URL: https://auto.offnews.bg/
Title: Авто

Search URL Search Domain Scan URL

URL: http://offmedia.bg/
Title: Реклама

Search URL Search Domain Scan URL

URL: http://m.offnews.bg/
Title: Мобилна версия

Search URL Search Domain Scan URL

URL: https://id.offmedia.bg/terms2018.html
Title: Общи условия

Search URL Search Domain Scan URL

URL: https://id.offmedia.bg/postrules2018.html
Title: Правила за коментиране

Search URL Search Domain Scan URL

URL: https://id.offmedia.bg/privacy.html
Title: Политика за поверителност

Search URL Search Domain Scan URL

URL: https://twitter.com/OFFNewsBG

Search URL Search Domain Scan URL

URL: https://www.facebook.com/OFFNews.bg

Search URL Search Domain Scan URL

URL: http://offroad-bulgaria.com/
Title: OFFRoad-Bulgaria

Search URL Search Domain Scan URL

URL: http://werock.bg/
Title: Werock

Search URL Search Domain Scan URL

URL: http://mamaninja.bg/
Title: Мама Нинджа

Search URL Search Domain Scan URL

URL: http://www.pimdesign.org/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://offnews.bg/ HTTP 301
https://offnews.bg/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 27

https://i.ctnsnet.com/int/integration?pixel=49719177&nid=307000&cont=i HTTP 302
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/958321261/?value=0&guid=ON&script=0 HTTP 302
https://www.google.com/ads/user-lists/958321261/?value=0&guid=ON&script=0&cdct=2&is_vtc=1&random=3331017386 HTTP 302
https://www.google.de/ads/user-lists/958321261/?value=0&guid=ON&script=0&cdct=2&is_vtc=1&random=3331017386&ipr=y&ulfeg=n

Request Chain 59

https://www.google-analytics.com/r/collect?v=1&_v=j68&a=434110341&t=pageview&_s=1&dl=https%3A%2F%2Foffnews.bg%2F&ul=en-us&de=UTF-8&dt=OFFNews.bg&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=IEBAAEABQ~&jid=1829871355&gjid=1407548415&cid=1110803035.1534425280&tid=UA-27974564-1&_gid=795519596.1534425280&_r=1&z=1260981447 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-27974564-1&cid=1110803035.1534425280&jid=1829871355&_gid=795519596.1534425280&gjid=1407548415&_v=j68&z=1260981447 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-27974564-1&cid=1110803035.1534425280&jid=1829871355&_v=j68&z=1260981447 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-27974564-1&cid=1110803035.1534425280&jid=1829871355&_v=j68&z=1260981447&slf_rd=1&random=1955381238

Request Chain 63

https://gabg.hit.gemius.pl/_1534425280619/rexdot.js?l=90&id=.A5FXzg1tSv5cqX7coTCqmYTnJ4BzZhbc5OSH.TPYLH.h7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Foffnews.bg%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&ltime=0&lsdata=-NOTSUP&fpdata=oLMRzhiK0xlDDCc1f2aZMvCneJCFw1nG7I01Okc_cWP.Q7&vis=1 HTTP 301
https://gabg.hit.gemius.pl/__/_1534425280619/rexdot.js?l=90&id=.A5FXzg1tSv5cqX7coTCqmYTnJ4BzZhbc5OSH.TPYLH.h7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Foffnews.bg%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&ltime=0&lsdata=-NOTSUP&fpdata=oLMRzhiK0xlDDCc1f2aZMvCneJCFw1nG7I01Okc_cWP.Q7&vis=1

91 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
offnews.bg/
Redirect Chain

http://offnews.bg/
https://offnews.bg/

151 KB
29 KB

188ms
188ms

Document
text/html

109.121.152.10
SOFIA-CONNECT-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://offnews.bg/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

109.121.152.10 Elin Pelin, Bulgaria, ASN47872 (SOFIA-CONNECT-AS, BG),

Reverse DNS

ip-109-121-152-10.ip.offnews.bg

Software

nginx/1.12.2 /

Resource Hash

8df81f73cebc1957659b43523d3ae93b9a98c60581376407d206b702784e1c8b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:method: GET
:authority: offnews.bg
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
accept-encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id: DDEB91124F7984EBD3953984CBC3308C

Response headers

status: 200
server: nginx/1.12.2
date: Thu, 16 Aug 2018 13:14:39 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
set-cookie: PHPSESSID=q7edglrt6jldcoc6h9om7bti24; path=/ UA_bf486f3aba4c432632bded0f99a7bd42=false; expires=Fri, 16-Aug-2019 13:14:39 GMT; Max-Age=31536000; path=/; domain=offnews.bg; HttpOnly UA_bf486f3aba4c432632bded0f99a7bd42=false; expires=Fri, 16-Aug-2019 13:14:39 GMT; Max-Age=31536000; path=/; domain=offnews.bg; HttpOnly UA_bf486f3aba4c432632bded0f99a7bd42=false; expires=Fri, 16-Aug-2019 13:14:39 GMT; Max-Age=31536000; path=/; domain=offnews.bg; HttpOnly offmedia_id=4efcf5b9981b52b4d0aef6b792026b6d9c61cf27; expires=Fri, 21-Jul-2023 13:14:39 GMT; Max-Age=155520000; path=/; domain=.offnews.bg UA_bf486f3aba4c432632bded0f99a7bd42=false; expires=Fri, 16-Aug-2019 13:14:39 GMT; Max-Age=31536000; path=/; domain=offnews.bg; HttpOnly UA_bf486f3aba4c432632bded0f99a7bd42=false; expires=Fri, 16-Aug-2019 13:14:39 GMT; Max-Age=31536000; path=/; domain=offnews.bg; HttpOnly
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
strict-transport-security: max-age=31536000
content-encoding: gzip

Redirect headers

Server: nginx/1.12.2
Date: Thu, 16 Aug 2018 13:14:39 GMT
Content-Type: text/html
Content-Length: 185
Connection: keep-alive
Location: https://offnews.bg/

GET
H2 200 style.css
offnews.bg/design/ 97 KB
15 KB 83ms
79ms Stylesheet
text/css 109.121.152.10
SOFIA-CONNECT-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://offnews.bg/design/style.css?1530786249

Requested by

Host: offnews.bg
URL: https://offnews.bg/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

109.121.152.10 Elin Pelin, Bulgaria, ASN47872 (SOFIA-CONNECT-AS, BG),

Reverse DNS

ip-109-121-152-10.ip.offnews.bg

Software

nginx/1.12.2 /

Resource Hash

3023daaaeec5b5162e5a500688f82bb4074882240c0dfb2e196843c6c14c8217

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /design/style.css?1530786249
pragma: no-cache
cookie: PHPSESSID=q7edglrt6jldcoc6h9om7bti24; UA_bf486f3aba4c432632bded0f99a7bd42=false; offmedia_id=4efcf5b9981b52b4d0aef6b792026b6d9c61cf27
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/css,*/*;q=0.1
cache-control: no-cache
:authority: offnews.bg
referer: https://offnews.bg/
:scheme: https
:method: GET
Referer: https://offnews.bg/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 16 Aug 2018 13:14:39 GMT
content-encoding: gzip
last-modified: Thu, 05 Jul 2018 10:24:09 GMT
server: nginx/1.12.2
etag: W/"5b3df1c9-185ed"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: max-age=315360000
strict-transport-security: max-age=31536000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 fancybox.css
offnews.bg/design/fancybox/ 6 KB
1 KB 85ms
81ms Stylesheet
text/css 109.121.152.10
SOFIA-CONNECT-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://offnews.bg/design/fancybox/fancybox.css

Requested by

Host: offnews.bg
URL: https://offnews.bg/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

109.121.152.10 Elin Pelin, Bulgaria, ASN47872 (SOFIA-CONNECT-AS, BG),

Reverse DNS

ip-109-121-152-10.ip.offnews.bg

Software

nginx/1.12.2 /

Resource Hash

527a1fb388b386a55c877be6827dc0fbac291a9f28b208c77739bb4bdb07246b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /design/fancybox/fancybox.css
pragma: no-cache
cookie: PHPSESSID=q7edglrt6jldcoc6h9om7bti24; UA_bf486f3aba4c432632bded0f99a7bd42=false; offmedia_id=4efcf5b9981b52b4d0aef6b792026b6d9c61cf27
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/css,*/*;q=0.1
cache-control: no-cache
:authority: offnews.bg
referer: https://offnews.bg/
:scheme: https
:method: GET
Referer: https://offnews.bg/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 16 Aug 2018 13:14:39 GMT
content-encoding: gzip
last-modified: Tue, 25 Apr 2017 19:08:36 GMT
server: nginx/1.12.2
etag: W/"58ff9eb4-1644"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: max-age=315360000
strict-transport-security: max-age=31536000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 font-awesome.min.css
offnews.bg/design/font-awesome/css/ 30 KB
7 KB 86ms
82ms Stylesheet
text/css 109.121.152.10
SOFIA-CONNECT-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://offnews.bg/design/font-awesome/css/font-awesome.min.css

Requested by

Host: offnews.bg
URL: https://offnews.bg/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

109.121.152.10 Elin Pelin, Bulgaria, ASN47872 (SOFIA-CONNECT-AS, BG),

Reverse DNS

ip-109-121-152-10.ip.offnews.bg

Software

nginx/1.12.2 /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /design/font-awesome/css/font-awesome.min.css
pragma: no-cache
cookie: PHPSESSID=q7edglrt6jldcoc6h9om7bti24; UA_bf486f3aba4c432632bded0f99a7bd42=false; offmedia_id=4efcf5b9981b52b4d0aef6b792026b6d9c61cf27
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/css,*/*;q=0.1
cache-control: no-cache
:authority: offnews.bg
referer: https://offnews.bg/
:scheme: https
:method: GET
Referer: https://offnews.bg/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 16 Aug 2018 13:14:39 GMT
content-encoding: gzip
last-modified: Tue, 25 Apr 2017 19:08:37 GMT
server: nginx/1.12.2
etag: W/"58ff9eb5-7918"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: max-age=315360000
strict-transport-security: max-age=31536000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 featherlight.min.css
offnews.bg/design/featherlight-1.7.1/release/ 2 KB
934 B 87ms
83ms Stylesheet
text/css 109.121.152.10
SOFIA-CONNECT-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://offnews.bg/design/featherlight-1.7.1/release/featherlight.min.css

Requested by

Host: offnews.bg
URL: https://offnews.bg/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

109.121.152.10 Elin Pelin, Bulgaria, ASN47872 (SOFIA-CONNECT-AS, BG),

Reverse DNS

ip-109-121-152-10.ip.offnews.bg

Software

nginx/1.12.2 /

Resource Hash

e09027f694d22ec32281bfe932c408b15b9954122eccace8bd4ea87c5e4745c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /design/featherlight-1.7.1/release/featherlight.min.css
pragma: no-cache
cookie: PHPSESSID=q7edglrt6jldcoc6h9om7bti24; UA_bf486f3aba4c432632bded0f99a7bd42=false; offmedia_id=4efcf5b9981b52b4d0aef6b792026b6d9c61cf27
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/css,*/*;q=0.1
cache-control: no-cache
:authority: offnews.bg
referer: https://offnews.bg/
:scheme: https
:method: GET
Referer: https://offnews.bg/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 16 Aug 2018 13:14:39 GMT
content-encoding: gzip
last-modified: Tue, 25 Apr 2017 19:08:37 GMT
server: nginx/1.12.2
etag: W/"58ff9eb5-678"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: max-age=315360000
strict-transport-security: max-age=31536000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
S 200 css
fonts.googleapis.com/ 12 KB
1 KB 19ms
15ms Stylesheet
text/css 2a00:1450:4001:821::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto+Slab:300,400,700|Roboto:400,700

Requested by

Host: offnews.bg
URL: https://offnews.bg/

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:821::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

a631d0708a2b6548658cb17dab51c7f19d3bafe852b8dc86f9d88171e682ff2d

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://offnews.bg/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=3600
content-encoding: gzip
last-modified: Thu, 16 Aug 2018 13:14:39 GMT
server: ESF
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
status: 200
date: Thu, 16 Aug 2018 13:14:39 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
x-xss-protection: 1; mode=block
expires: Thu, 16 Aug 2018 13:14:39 GMT

GET
H2 200 jquery.2.1.1.js Show response
offnews.bg/design/js/ 88 KB
30 KB 153ms
150ms Script
application/javascript 109.121.152.10
SOFIA-CONNECT-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://offnews.bg/design/js/jquery.2.1.1.js

Requested by

Host: offnews.bg
URL: https://offnews.bg/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

109.121.152.10 Elin Pelin, Bulgaria, ASN47872 (SOFIA-CONNECT-AS, BG),

Reverse DNS

ip-109-121-152-10.ip.offnews.bg

Software

nginx/1.12.2 /

Resource Hash

e87e3df82839e09de6f4ce0833f50d7eb1214bbe64bf698861b320ce967e0eb1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /design/js/jquery.2.1.1.js
pragma: no-cache
cookie: PHPSESSID=q7edglrt6jldcoc6h9om7bti24; UA_bf486f3aba4c432632bded0f99a7bd42=false; offmedia_id=4efcf5b9981b52b4d0aef6b792026b6d9c61cf27
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: offnews.bg
referer: https://offnews.bg/
:scheme: https
:method: GET
Referer: https://offnews.bg/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 16 Aug 2018 13:14:39 GMT
content-encoding: gzip
last-modified: Mon, 24 Apr 2017 16:08:00 GMT
server: nginx/1.12.2
etag: W/"58fe22e0-15e02"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=315360000
strict-transport-security: max-age=31536000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 common.js Show response
offnews.bg/design/js/ 25 KB
7 KB 156ms
153ms Script
application/javascript 109.121.152.10
SOFIA-CONNECT-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://offnews.bg/design/js/common.js?1532703065

Requested by

Host: offnews.bg
URL: https://offnews.bg/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

109.121.152.10 Elin Pelin, Bulgaria, ASN47872 (SOFIA-CONNECT-AS, BG),

Reverse DNS

ip-109-121-152-10.ip.offnews.bg

Software

nginx/1.12.2 /

Resource Hash

ba5d4d5d32752dd9cc53fe1a2a61bd881e9866d1330972c408d83f71e4632d76

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /design/js/common.js?1532703065
pragma: no-cache
cookie: PHPSESSID=q7edglrt6jldcoc6h9om7bti24; UA_bf486f3aba4c432632bded0f99a7bd42=false; offmedia_id=4efcf5b9981b52b4d0aef6b792026b6d9c61cf27
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: offnews.bg
referer: https://offnews.bg/
:scheme: https
:method: GET
Referer: https://offnews.bg/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 16 Aug 2018 13:14:39 GMT
content-encoding: gzip
last-modified: Fri, 27 Jul 2018 14:51:05 GMT
server: nginx/1.12.2
etag: W/"5b5b3159-6575"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=315360000
strict-transport-security: max-age=31536000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery.unveil.js Show response
offnews.bg/design/js/ 1 KB
856 B 156ms
153ms Script
application/javascript 109.121.152.10
SOFIA-CONNECT-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://offnews.bg/design/js/jquery.unveil.js

Requested by

Host: offnews.bg
URL: https://offnews.bg/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

109.121.152.10 Elin Pelin, Bulgaria, ASN47872 (SOFIA-CONNECT-AS, BG),

Reverse DNS

ip-109-121-152-10.ip.offnews.bg

Software

nginx/1.12.2 /

Resource Hash

374e498dcfc4d2676a65f4eaf6b6308f4a25f0f452c758272259fe121045d872

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /design/js/jquery.unveil.js
pragma: no-cache
cookie: PHPSESSID=q7edglrt6jldcoc6h9om7bti24; UA_bf486f3aba4c432632bded0f99a7bd42=false; offmedia_id=4efcf5b9981b52b4d0aef6b792026b6d9c61cf27
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: offnews.bg
referer: https://offnews.bg/
:scheme: https
:method: GET
Referer: https://offnews.bg/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 16 Aug 2018 13:14:39 GMT
content-encoding: gzip
last-modified: Wed, 31 May 2017 06:01:03 GMT
server: nginx/1.12.2
etag: W/"592e5c1f-533"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=315360000
strict-transport-security: max-age=31536000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery.inview.min.js Show response
offnews.bg/design/js/ 1 KB
985 B 156ms
154ms Script
application/javascript 109.121.152.10
SOFIA-CONNECT-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://offnews.bg/design/js/jquery.inview.min.js

Requested by

Host: offnews.bg
URL: https://offnews.bg/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

109.121.152.10 Elin Pelin, Bulgaria, ASN47872 (SOFIA-CONNECT-AS, BG),

Reverse DNS

ip-109-121-152-10.ip.offnews.bg

Software

nginx/1.12.2 /

Resource Hash

2fb896d59ab96b495498601fb1a0b126b53057ac7583e9ad13b319a3e532a943

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /design/js/jquery.inview.min.js
pragma: no-cache
cookie: PHPSESSID=q7edglrt6jldcoc6h9om7bti24; UA_bf486f3aba4c432632bded0f99a7bd42=false; offmedia_id=4efcf5b9981b52b4d0aef6b792026b6d9c61cf27
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: offnews.bg
referer: https://offnews.bg/
:scheme: https
:method: GET
Referer: https://offnews.bg/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 16 Aug 2018 13:14:39 GMT
content-encoding: gzip
last-modified: Wed, 31 May 2017 06:01:03 GMT
server: nginx/1.12.2
etag: W/"592e5c1f-590"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=315360000
strict-transport-security: max-age=31536000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery.fancybox.js Show response
offnews.bg/design/js/ 27 KB
7 KB 156ms
154ms Script
application/javascript 109.121.152.10
SOFIA-CONNECT-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://offnews.bg/design/js/jquery.fancybox.js

Requested by

Host: offnews.bg
URL: https://offnews.bg/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

109.121.152.10 Elin Pelin, Bulgaria, ASN47872 (SOFIA-CONNECT-AS, BG),

Reverse DNS

ip-109-121-152-10.ip.offnews.bg

Software

nginx/1.12.2 /

Resource Hash

4818fe5365ab985f60eae5f78159fabccd1fd2cf21e9261e5df59cd5cdc1bf0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /design/js/jquery.fancybox.js
pragma: no-cache
cookie: PHPSESSID=q7edglrt6jldcoc6h9om7bti24; UA_bf486f3aba4c432632bded0f99a7bd42=false; offmedia_id=4efcf5b9981b52b4d0aef6b792026b6d9c61cf27
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: offnews.bg
referer: https://offnews.bg/
:scheme: https
:method: GET
Referer: https://offnews.bg/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 16 Aug 2018 13:14:39 GMT
content-encoding: gzip
last-modified: Tue, 25 Apr 2017 19:08:36 GMT
server: nginx/1.12.2
etag: W/"58ff9eb4-6d83"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=315360000
strict-transport-security: max-age=31536000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 notify.min.js Show response
offnews.bg/design/js/ 13 KB
7 KB 157ms
154ms Script
application/javascript 109.121.152.10
SOFIA-CONNECT-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://offnews.bg/design/js/notify.min.js

Requested by

Host: offnews.bg
URL: https://offnews.bg/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

109.121.152.10 Elin Pelin, Bulgaria, ASN47872 (SOFIA-CONNECT-AS, BG),

Reverse DNS

ip-109-121-152-10.ip.offnews.bg

Software

nginx/1.12.2 /

Resource Hash

cab70fcfac170819a95b4cb8cdd87d33ea685910b9fc746855fe4c9d9de57e58

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /design/js/notify.min.js
pragma: no-cache
cookie: PHPSESSID=q7edglrt6jldcoc6h9om7bti24; UA_bf486f3aba4c432632bded0f99a7bd42=false; offmedia_id=4efcf5b9981b52b4d0aef6b792026b6d9c61cf27
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: offnews.bg
referer: https://offnews.bg/
:scheme: https
:method: GET
Referer: https://offnews.bg/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 16 Aug 2018 13:14:39 GMT
content-encoding: gzip
last-modified: Tue, 25 Apr 2017 19:08:36 GMT
server: nginx/1.12.2
etag: W/"58ff9eb4-3562"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=315360000
strict-transport-security: max-age=31536000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 featherlight.min.js Show response
offnews.bg/design/featherlight-1.7.1/release/ 8 KB
4 KB 157ms
155ms Script
application/javascript 109.121.152.10
SOFIA-CONNECT-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://offnews.bg/design/featherlight-1.7.1/release/featherlight.min.js

Requested by

Host: offnews.bg
URL: https://offnews.bg/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

109.121.152.10 Elin Pelin, Bulgaria, ASN47872 (SOFIA-CONNECT-AS, BG),

Reverse DNS

ip-109-121-152-10.ip.offnews.bg

Software

nginx/1.12.2 /

Resource Hash

929784212a0b115fcf4ef00a70f62b62c50c1ebf1e2e13dc83c517d063fc68a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /design/featherlight-1.7.1/release/featherlight.min.js
pragma: no-cache
cookie: PHPSESSID=q7edglrt6jldcoc6h9om7bti24; UA_bf486f3aba4c432632bded0f99a7bd42=false; offmedia_id=4efcf5b9981b52b4d0aef6b792026b6d9c61cf27
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: offnews.bg
referer: https://offnews.bg/
:scheme: https
:method: GET
Referer: https://offnews.bg/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 16 Aug 2018 13:14:39 GMT
content-encoding: gzip
last-modified: Tue, 25 Apr 2017 19:08:37 GMT
server: nginx/1.12.2
etag: W/"58ff9eb5-21c0"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=315360000
strict-transport-security: max-age=31536000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
S 200 gpt.js Show response
www.googletagservices.com/tag/js/ 20 KB
8 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:814::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: offnews.bg
URL: https://offnews.bg/

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:814::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

83531670b74a6155f431440f721d975333927d4607c31ebf9ff0ce88785815ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://offnews.bg/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 16 Aug 2018 13:14:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "8 / 577 of 1000 / last-modified: 1534364331"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 7814
x-xss-protection: 1; mode=block
expires: Thu, 16 Aug 2018 13:14:40 GMT

GET
H2 200 coffee.css
offnews.bg/design/ 3 KB
1 KB 154ms
152ms Stylesheet
text/css 109.121.152.10
SOFIA-CONNECT-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://offnews.bg/design/coffee.css

Requested by

Host: offnews.bg
URL: https://offnews.bg/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

109.121.152.10 Elin Pelin, Bulgaria, ASN47872 (SOFIA-CONNECT-AS, BG),

Reverse DNS

ip-109-121-152-10.ip.offnews.bg

Software

nginx/1.12.2 /

Resource Hash

4d436738d4ad28c1f8f6eb1af82429c8850c7aeadce9bbef2175afad628fdec4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /design/coffee.css
pragma: no-cache
cookie: PHPSESSID=q7edglrt6jldcoc6h9om7bti24; UA_bf486f3aba4c432632bded0f99a7bd42=false; offmedia_id=4efcf5b9981b52b4d0aef6b792026b6d9c61cf27
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/css,*/*;q=0.1
cache-control: no-cache
:authority: offnews.bg
referer: https://offnews.bg/
:scheme: https
:method: GET
Referer: https://offnews.bg/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 16 Aug 2018 13:14:39 GMT
content-encoding: gzip
last-modified: Fri, 11 May 2018 05:10:10 GMT
server: nginx/1.12.2
etag: W/"5af525b2-dfb"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: max-age=315360000
strict-transport-security: max-age=31536000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 icon-vreme-02.png
offnews.bg/design/include/coffee/ 7 KB
7 KB 75ms
74ms Image
image/png 109.121.152.10
SOFIA-CONNECT-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://offnews.bg/design/include/coffee/icon-vreme-02.png

Requested by

Host: offnews.bg
URL: https://offnews.bg/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

109.121.152.10 Elin Pelin, Bulgaria, ASN47872 (SOFIA-CONNECT-AS, BG),

Reverse DNS

ip-109-121-152-10.ip.offnews.bg

Software

nginx/1.12.2 /

Resource Hash

fcc42bf7dc475811434e9b52f225a6a03e5205a76ec237357d481268e65b14ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /design/include/coffee/icon-vreme-02.png
pragma: no-cache
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: offnews.bg
referer: https://offnews.bg/
:scheme: https
:method: GET
Referer: https://offnews.bg/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 16 Aug 2018 13:14:40 GMT
last-modified: Mon, 02 Apr 2018 16:40:04 GMT
server: nginx/1.12.2
etag: "5ac25ce4-1c26"
strict-transport-security: max-age=31536000
content-type: image/png
status: 200
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 7206
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 icon-zodiak.png
offnews.bg/design/include/coffee/ 9 KB
9 KB 75ms
74ms Image
image/png 109.121.152.10
SOFIA-CONNECT-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://offnews.bg/design/include/coffee/icon-zodiak.png

Requested by

Host: offnews.bg
URL: https://offnews.bg/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

109.121.152.10 Elin Pelin, Bulgaria, ASN47872 (SOFIA-CONNECT-AS, BG),

Reverse DNS

ip-109-121-152-10.ip.offnews.bg

Software

nginx/1.12.2 /

Resource Hash

8867e218a418a8c389c0dc2291c72ea117ecd6c3e27b54297052581c7a878c20

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /design/include/coffee/icon-zodiak.png
pragma: no-cache
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: offnews.bg
referer: https://offnews.bg/
:scheme: https
:method: GET
Referer: https://offnews.bg/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 16 Aug 2018 13:14:40 GMT
last-modified: Mon, 02 Apr 2018 16:40:04 GMT
server: nginx/1.12.2
etag: "5ac25ce4-2510"
strict-transport-security: max-age=31536000
content-type: image/png
status: 200
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 9488
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 icon-atention.png
offnews.bg/design/include/coffee/ 7 KB
7 KB 76ms
75ms Image
image/png 109.121.152.10
SOFIA-CONNECT-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://offnews.bg/design/include/coffee/icon-atention.png

Requested by

Host: offnews.bg
URL: https://offnews.bg/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

109.121.152.10 Elin Pelin, Bulgaria, ASN47872 (SOFIA-CONNECT-AS, BG),

Reverse DNS

ip-109-121-152-10.ip.offnews.bg

Software

nginx/1.12.2 /

Resource Hash

832e2941d281b6901a48f6daaac7ada761563a8acab03b765b399c6b8a4eab18

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /design/include/coffee/icon-atention.png
pragma: no-cache
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: offnews.bg
referer: https://offnews.bg/
:scheme: https
:method: GET
Referer: https://offnews.bg/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 16 Aug 2018 13:14:40 GMT
last-modified: Mon, 02 Apr 2018 16:40:04 GMT
server: nginx/1.12.2
etag: "5ac25ce4-1b0b"
strict-transport-security: max-age=31536000
content-type: image/png
status: 200
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 6923
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 icon-culture-02.png
offnews.bg/design/include/coffee/ 8 KB
8 KB 76ms
75ms Image
image/png 109.121.152.10
SOFIA-CONNECT-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://offnews.bg/design/include/coffee/icon-culture-02.png

Requested by

Host: offnews.bg
URL: https://offnews.bg/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

109.121.152.10 Elin Pelin, Bulgaria, ASN47872 (SOFIA-CONNECT-AS, BG),

Reverse DNS

ip-109-121-152-10.ip.offnews.bg

Software

nginx/1.12.2 /

Resource Hash

7ff293380173d4c1c189cf533a4bcc1ed610f5147172a0b1173a4f105ede7aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /design/include/coffee/icon-culture-02.png
pragma: no-cache
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: offnews.bg
referer: https://offnews.bg/
:scheme: https
:method: GET
Referer: https://offnews.bg/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 16 Aug 2018 13:14:40 GMT
last-modified: Mon, 02 Apr 2018 16:40:04 GMT
server: nginx/1.12.2
etag: "5ac25ce4-1e74"
strict-transport-security: max-age=31536000
content-type: image/png
status: 200
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 7796
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK phpwhsplr_559x345.jpg
i2.offnews.bg/events/2018/08/16/686398/ 22 KB
22 KB 152ms
151ms Image
image/jpeg 109.121.152.11
SOFIA-CONNECT-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i2.offnews.bg/events/2018/08/16/686398/phpwhsplr_559x345.jpg
Requested by: Host: offnews.bg
URL: https://offnews.bg/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 109.121.152.11 Elin Pelin, Bulgaria, ASN47872 (SOFIA-CONNECT-AS, BG),
Reverse DNS: offnews.bg
Software: nginx/1.2.1 /
Resource Hash: ab8fe6c661b1123415c3022aa78a912401126248822c1a7a0fc8239bb8174734

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: i2.offnews.bg
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: https://offnews.bg/
Connection: keep-alive
Cache-Control: no-cache
Referer: https://offnews.bg/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: public
Date: Thu, 16 Aug 2018 13:14:40 GMT
Last-Modified: Thu, 16 Aug 2018 11:20:58 GMT
Server: nginx/1.2.1
Content-Type: image/jpeg
Cache-Control: max-age=315360000,public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 22540
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK phpctaqsg_559x345.jpg
i2.offnews.bg/events/2018/08/16/686393/ 19 KB
20 KB 371ms
370ms Image
image/jpeg 109.121.152.11
SOFIA-CONNECT-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i2.offnews.bg/events/2018/08/16/686393/phpctaqsg_559x345.jpg
Requested by: Host: offnews.bg
URL: https://offnews.bg/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 109.121.152.11 Elin Pelin, Bulgaria, ASN47872 (SOFIA-CONNECT-AS, BG),
Reverse DNS: offnews.bg
Software: nginx/1.2.1 /
Resource Hash: 809082c3b6bbfbee289825469e6bc7b3442b26cc98060ff0a1a38c723b59f472

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: i2.offnews.bg
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: https://offnews.bg/
Connection: keep-alive
Cache-Control: no-cache
Referer: https://offnews.bg/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: public
Date: Thu, 16 Aug 2018 13:14:40 GMT
Last-Modified: Thu, 16 Aug 2018 10:37:55 GMT
Server: nginx/1.2.1
Content-Type: image/jpeg
Cache-Control: max-age=315360000,public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 19965
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK phpsjg9jt_559x345.jpg
i2.offnews.bg/events/2018/08/16/686408/ 28 KB
29 KB 223ms
222ms Image
image/jpeg 109.121.152.11
SOFIA-CONNECT-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i2.offnews.bg/events/2018/08/16/686408/phpsjg9jt_559x345.jpg
Requested by: Host: offnews.bg
URL: https://offnews.bg/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 109.121.152.11 Elin Pelin, Bulgaria, ASN47872 (SOFIA-CONNECT-AS, BG),
Reverse DNS: offnews.bg
Software: nginx/1.2.1 /
Resource Hash: feb22d44d71a7471fffd98bcf85a96267fa5a6442ff6b9f243012c4a57c1a4fd

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: i2.offnews.bg
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: https://offnews.bg/
Connection: keep-alive
Cache-Control: no-cache
Referer: https://offnews.bg/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: public
Date: Thu, 16 Aug 2018 13:14:40 GMT
Last-Modified: Thu, 16 Aug 2018 12:49:58 GMT
Server: nginx/1.2.1
Content-Type: image/jpeg
Cache-Control: max-age=315360000,public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 29052
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK php4vfnqm_559x345.jpg
i2.offnews.bg/events/2018/08/16/686397/ 39 KB
39 KB 151ms
150ms Image
image/jpeg 109.121.152.11
SOFIA-CONNECT-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i2.offnews.bg/events/2018/08/16/686397/php4vfnqm_559x345.jpg
Requested by: Host: offnews.bg
URL: https://offnews.bg/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 109.121.152.11 Elin Pelin, Bulgaria, ASN47872 (SOFIA-CONNECT-AS, BG),
Reverse DNS: offnews.bg
Software: nginx/1.2.1 /
Resource Hash: 2fc19d62cde8d16a5a60919fbd004182502e39c76e8b21c6ec6c4ec02f854b53

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: i2.offnews.bg
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: https://offnews.bg/
Connection: keep-alive
Cache-Control: no-cache
Referer: https://offnews.bg/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: public
Date: Thu, 16 Aug 2018 13:14:40 GMT
Last-Modified: Thu, 16 Aug 2018 10:57:58 GMT
Server: nginx/1.2.1
Content-Type: image/jpeg
Cache-Control: max-age=315360000,public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 40037
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK php4eabuh_559x345.jpg
i2.offnews.bg/events/2018/08/16/686386/ 26 KB
26 KB 148ms
148ms Image
image/jpeg 109.121.152.11
SOFIA-CONNECT-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i2.offnews.bg/events/2018/08/16/686386/php4eabuh_559x345.jpg
Requested by: Host: offnews.bg
URL: https://offnews.bg/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 109.121.152.11 Elin Pelin, Bulgaria, ASN47872 (SOFIA-CONNECT-AS, BG),
Reverse DNS: offnews.bg
Software: nginx/1.2.1 /
Resource Hash: 8ceab223924e4dfbe712434291242b747382f08f523d341ef39b8bfad7858d6d

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: i2.offnews.bg
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: https://offnews.bg/
Connection: keep-alive
Cache-Control: no-cache
Referer: https://offnews.bg/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: public
Date: Thu, 16 Aug 2018 13:14:40 GMT
Last-Modified: Thu, 16 Aug 2018 09:52:27 GMT
Server: nginx/1.2.1
Content-Type: image/jpeg
Cache-Control: max-age=315360000,public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 26637
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK php1bwiqy_559x345.jpg
i2.offnews.bg/events/2018/08/16/686383/ 30 KB
30 KB 148ms
148ms Image
image/jpeg 109.121.152.11
SOFIA-CONNECT-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i2.offnews.bg/events/2018/08/16/686383/php1bwiqy_559x345.jpg
Requested by: Host: offnews.bg
URL: https://offnews.bg/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 109.121.152.11 Elin Pelin, Bulgaria, ASN47872 (SOFIA-CONNECT-AS, BG),
Reverse DNS: offnews.bg
Software: nginx/1.2.1 /
Resource Hash: 009bf476b7eb626675d70bbbe08d16f2eea573985b28855185d73a9a71bd33f4

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: i2.offnews.bg
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: https://offnews.bg/
Connection: keep-alive
Cache-Control: no-cache
Referer: https://offnews.bg/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: public
Date: Thu, 16 Aug 2018 13:14:40 GMT
Last-Modified: Thu, 16 Aug 2018 09:53:16 GMT
Server: nginx/1.2.1
Content-Type: image/jpeg
Cache-Control: max-age=315360000,public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 30707
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK phphks7of_559x345.jpg
i2.offnews.bg/events/2018/08/16/686380/ 23 KB
23 KB 174ms
148ms Image
image/jpeg 109.121.152.11
SOFIA-CONNECT-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i2.offnews.bg/events/2018/08/16/686380/phphks7of_559x345.jpg
Requested by: Host: offnews.bg
URL: https://offnews.bg/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 109.121.152.11 Elin Pelin, Bulgaria, ASN47872 (SOFIA-CONNECT-AS, BG),
Reverse DNS: offnews.bg
Software: nginx/1.2.1 /
Resource Hash: cbad2a87102d6c4f6f9e44fb8ced8a3d0f864f39c6879f68ef7c6e3895bc49df

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: i2.offnews.bg
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: https://offnews.bg/
Connection: keep-alive
Cache-Control: no-cache
Referer: https://offnews.bg/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: public
Date: Thu, 16 Aug 2018 13:14:40 GMT
Last-Modified: Thu, 16 Aug 2018 08:25:52 GMT
Server: nginx/1.2.1
Content-Type: image/jpeg
Cache-Control: max-age=315360000,public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 23679
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK preload0.gif
i2.offnews.bg/design/ 106 B
492 B 138ms
74ms Image
image/gif 109.121.152.11
SOFIA-CONNECT-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i2.offnews.bg/design/preload0.gif
Requested by: Host: offnews.bg
URL: https://offnews.bg/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 109.121.152.11 Elin Pelin, Bulgaria, ASN47872 (SOFIA-CONNECT-AS, BG),
Reverse DNS: offnews.bg
Software: nginx/1.2.1 /
Resource Hash: ffeed1b224c05b3f48fab6d4a094604c43c10d999c5ee575608a8e57de2435fc

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: i2.offnews.bg
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: https://offnews.bg/
Connection: keep-alive
Cache-Control: no-cache
Referer: https://offnews.bg/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: public
Date: Thu, 16 Aug 2018 13:14:40 GMT
Last-Modified: Sun, 28 May 2017 19:42:56 GMT
Server: nginx/1.2.1
Content-Type: image/gif
Cache-Control: max-age=315360000 max-age=315360000,public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 106
Expires: Thu, 31 Dec 2037 23:55:55 GMT Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 gdpr.js Show response
offnews.bg/design/js/ 2 KB
1 KB 74ms
73ms Script
application/javascript 109.121.152.10
SOFIA-CONNECT-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://offnews.bg/design/js/gdpr.js?v8

Requested by

Host: offnews.bg
URL: https://offnews.bg/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

109.121.152.10 Elin Pelin, Bulgaria, ASN47872 (SOFIA-CONNECT-AS, BG),

Reverse DNS

ip-109-121-152-10.ip.offnews.bg

Software

nginx/1.12.2 /

Resource Hash

64d880920a84657acdd9b6b19cd4ec61b0ecae5e72b99755078b670c2ee9ba9e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /design/js/gdpr.js?v8
pragma: no-cache
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: offnews.bg
referer: https://offnews.bg/
:scheme: https
:method: GET
Referer: https://offnews.bg/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 16 Aug 2018 13:14:40 GMT
content-encoding: gzip
last-modified: Wed, 30 May 2018 19:33:44 GMT
server: nginx/1.12.2
etag: W/"5b0efc98-717"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=315360000
strict-transport-security: max-age=31536000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
S

200

/
www.google.de/ads/user-lists/958321261/
Redirect Chain

https://i.ctnsnet.com/int/integration?pixel=49719177&nid=307000&cont=i
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/958321261/?value=0&guid=ON&script=0
https://www.google.com/ads/user-lists/958321261/?value=0&guid=ON&script=0&cdct=2&is_vtc=1&random=3331017386
https://www.google.de/ads/user-lists/958321261/?value=0&guid=ON&script=0&cdct=2&is_vtc=1&random=3331017386&ipr=y&ulfeg=n

42 B
107 B

18ms
15ms

Image
image/gif

2a00:1450:4001:80b::2003
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/user-lists/958321261/?value=0&guid=ON&script=0&cdct=2&is_vtc=1&random=3331017386&ipr=y&ulfeg=n

Requested by

Host: offnews.bg
URL: https://offnews.bg/

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:80b::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

adclick_server /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://offnews.bg/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Aug 2018 13:14:40 GMT
x-content-type-options: nosniff
server: adclick_server
content-type: image/gif
status: 200
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 42
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Thu, 16 Aug 2018 13:14:40 GMT
x-content-type-options: nosniff
server: adclick_server
status: 302
content-type: text/html; charset=UTF-8
location: https://www.google.de/ads/user-lists/958321261/?value=0&guid=ON&script=0&cdct=2&is_vtc=1&random=3331017386&ipr=y&ulfeg=n
cache-control: private, max-age=43200
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 345
x-xss-protection: 1; mode=block
expires: Thu, 16 Aug 2018 13:14:40 GMT

GET
S 200 xgemius.js Show response
gabg.hit.gemius.pl/ 32 KB
9 KB 34ms
30ms Script
application/x-javascript 78.128.6.41
TELEPOINT

General

Check archive.org

Show headers Download Go to

Full URL: https://gabg.hit.gemius.pl/xgemius.js
Requested by: Host: offnews.bg
URL: https://offnews.bg/
Protocol: SPDY
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 78.128.6.41 , Bulgaria, ASN31083 (TELEPOINT, BG),
Reverse DNS: ip-6-41.telehouse.bg
Software: GHC /
Resource Hash: 6207023c7d3e70ab48eba012958119c8bea8e524579519aaf38b3d29e71f3162

Request headers

Referer: https://offnews.bg/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 16 Aug 2018 13:14:40 GMT
content-encoding: gzip
last-modified: Thu, 09 Aug 2018 07:19:20 GMT
server: GHC
vary: Accept-Encoding,Origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
status: 200
cache-control: max-age=43200
accept-ranges: none
content-type: application/x-javascript
content-length: 8870
expires: Fri, 17 Aug 2018 01:14:40 GMT

GET
S 200 analytics.js Show response
www.google-analytics.com/ 34 KB
14 KB 9ms
5ms Script
text/javascript 2a00:1450:4001:821::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: offnews.bg
URL: https://offnews.bg/

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:821::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

3fab1c883847e4b5a02f3749a9f4d9eab15cd4765873d3b2904a1a4c8755fba3

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://offnews.bg/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 18 May 2018 01:10:24 GMT
server: Golfe2
age: 3731
date: Thu, 16 Aug 2018 12:12:29 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 14386
expires: Thu, 16 Aug 2018 14:12:29 GMT

GET
S 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
171 B 31ms
30ms Script
application/javascript 2a00:1450:4001:806::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=offnews.bg

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:806::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://offnews.bg/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 16 Aug 2018 13:14:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 104
x-xss-protection: 1; mode=block

GET
S 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
171 B 31ms
31ms Script
application/javascript 2a00:1450:4001:806::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=offnews.bg

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:806::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://offnews.bg/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 16 Aug 2018 13:14:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 104
x-xss-protection: 1; mode=block

GET
S 200 pubads_impl_239.js Show response
securepubads.g.doubleclick.net/gpt/ 181 KB
62 KB 42ms
38ms Script
text/javascript 172.217.18.2
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_239.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

172.217.18.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

sffe /

Resource Hash

9cce1684b725dd214b8305f2b3355d7d9d788fe2d552acc0bbecfc48630cfcfa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://offnews.bg/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 16 Aug 2018 13:14:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 10 Aug 2018 12:31:48 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 63811
x-xss-protection: 1; mode=block
expires: Thu, 16 Aug 2018 13:14:40 GMT

GET
H2 200 pimdesign.gif
offnews.bg/design/ 4 KB
4 KB 73ms
73ms Image
image/gif 109.121.152.10
SOFIA-CONNECT-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://offnews.bg/design/pimdesign.gif

Requested by

Host: offnews.bg
URL: https://offnews.bg/design/js/jquery.2.1.1.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

109.121.152.10 Elin Pelin, Bulgaria, ASN47872 (SOFIA-CONNECT-AS, BG),

Reverse DNS

ip-109-121-152-10.ip.offnews.bg

Software

nginx/1.12.2 /

Resource Hash

1f6c32db6992f728c58d373816280c9f0b1d5151a002749800ff57897fea5f37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /design/pimdesign.gif
pragma: no-cache
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: offnews.bg
referer: https://offnews.bg/design/style.css?1530786249
:scheme: https
:method: GET
Referer: https://offnews.bg/design/style.css?1530786249
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 16 Aug 2018 13:14:40 GMT
last-modified: Tue, 25 Apr 2017 19:08:35 GMT
server: nginx/1.12.2
etag: "58ff9eb3-110c"
strict-transport-security: max-age=31536000
content-type: image/gif
status: 200
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 4364
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 offnews-logo-footer.png
offnews.bg/design/ 4 KB
4 KB 73ms
73ms Image
image/png 109.121.152.10
SOFIA-CONNECT-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://offnews.bg/design/offnews-logo-footer.png

Requested by

Host: offnews.bg
URL: https://offnews.bg/design/js/jquery.2.1.1.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

109.121.152.10 Elin Pelin, Bulgaria, ASN47872 (SOFIA-CONNECT-AS, BG),

Reverse DNS

ip-109-121-152-10.ip.offnews.bg

Software

nginx/1.12.2 /

Resource Hash

6b4e71b7bcd2c5ce73209688a7e93cd29899e00d3d8f52393c378e15c460211b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /design/offnews-logo-footer.png
pragma: no-cache
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: offnews.bg
referer: https://offnews.bg/design/style.css?1530786249
:scheme: https
:method: GET
Referer: https://offnews.bg/design/style.css?1530786249
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 16 Aug 2018 13:14:40 GMT
last-modified: Tue, 25 Apr 2017 19:08:35 GMT
server: nginx/1.12.2
etag: "58ff9eb3-e31"
strict-transport-security: max-age=31536000
content-type: image/png
status: 200
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 3633
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 icon-coffee.gif
offnews.bg/design/include/coffee/ 3 KB
3 KB 73ms
73ms Image
image/gif 109.121.152.10
SOFIA-CONNECT-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://offnews.bg/design/include/coffee/icon-coffee.gif

Requested by

Host: offnews.bg
URL: https://offnews.bg/design/js/jquery.2.1.1.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

109.121.152.10 Elin Pelin, Bulgaria, ASN47872 (SOFIA-CONNECT-AS, BG),

Reverse DNS

ip-109-121-152-10.ip.offnews.bg

Software

nginx/1.12.2 /

Resource Hash

396f05f21a5bb5d84a40811b2f60d67f609659636efcf1f33fa21b99331cc486

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /design/include/coffee/icon-coffee.gif
pragma: no-cache
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: offnews.bg
referer: https://offnews.bg/design/coffee.css
:scheme: https
:method: GET
Referer: https://offnews.bg/design/coffee.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 16 Aug 2018 13:14:40 GMT
last-modified: Tue, 25 Jul 2017 11:34:54 GMT
server: nginx/1.12.2
etag: "59772cde-c62"
strict-transport-security: max-age=31536000
content-type: image/gif
status: 200
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 3170
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 offnews-logo.png
offnews.bg/design/ 7 KB
7 KB 73ms
73ms Image
image/png 109.121.152.10
SOFIA-CONNECT-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://offnews.bg/design/offnews-logo.png

Requested by

Host: offnews.bg
URL: https://offnews.bg/design/js/jquery.2.1.1.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

109.121.152.10 Elin Pelin, Bulgaria, ASN47872 (SOFIA-CONNECT-AS, BG),

Reverse DNS

ip-109-121-152-10.ip.offnews.bg

Software

nginx/1.12.2 /

Resource Hash

ce1a716b733c114157c17ecec1fea868939f54f9730771be41286436050e45bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /design/offnews-logo.png
pragma: no-cache
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: offnews.bg
referer: https://offnews.bg/design/style.css?1530786249
:scheme: https
:method: GET
Referer: https://offnews.bg/design/style.css?1530786249
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 16 Aug 2018 13:14:40 GMT
last-modified: Wed, 31 May 2017 06:01:03 GMT
server: nginx/1.12.2
etag: "592e5c1f-1b83"
strict-transport-security: max-age=31536000
content-type: image/png
status: 200
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 7043
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 fontawesome-webfont.woff2
offnews.bg/design/font-awesome/fonts/ 75 KB
76 KB 74ms
73ms Font
application/octet-stream 109.121.152.10
SOFIA-CONNECT-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://offnews.bg/design/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: offnews.bg
URL: https://offnews.bg/design/js/jquery.2.1.1.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

109.121.152.10 Elin Pelin, Bulgaria, ASN47872 (SOFIA-CONNECT-AS, BG),

Reverse DNS

ip-109-121-152-10.ip.offnews.bg

Software

nginx/1.12.2 /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /design/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0
pragma: no-cache
origin: https://offnews.bg
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: offnews.bg
referer: https://offnews.bg/design/font-awesome/css/font-awesome.min.css
:scheme: https
:method: GET
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://offnews.bg/design/font-awesome/css/font-awesome.min.css
Origin: https://offnews.bg

Response headers

date: Thu, 16 Aug 2018 13:14:40 GMT
last-modified: Tue, 25 Apr 2017 19:08:37 GMT
server: nginx/1.12.2
etag: "58ff9eb5-12d68"
strict-transport-security: max-age=31536000
content-type: application/octet-stream
status: 200
accept-ranges: bytes
content-length: 77160

GET
S 200 BngRUXZYTXPIvIBgJJSb6u92w7CGwR2oefDo.woff2
fonts.gstatic.com/s/robotoslab/v7/ 11 KB
11 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:821::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotoslab/v7/BngRUXZYTXPIvIBgJJSb6u92w7CGwR2oefDo.woff2

Requested by

Host: offnews.bg
URL: https://offnews.bg/design/js/jquery.2.1.1.js

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:821::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

8c055f4fc89b73bc480ac07d607782cb3482fc98cbec6f89135ff76ce5512280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Roboto+Slab:300,400,700|Roboto:400,700
Origin: https://offnews.bg

Response headers

date: Sat, 14 Jul 2018 06:24:01 GMT
x-content-type-options: nosniff
last-modified: Wed, 11 Oct 2017 18:32:29 GMT
server: sffe
age: 2875839
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 11096
x-xss-protection: 1; mode=block
expires: Sun, 14 Jul 2019 06:24:01 GMT

GET
S 200 KFOmCnqEu92Fr1Mu5mxKKTU1Kvnz.woff2
fonts.gstatic.com/s/roboto/v18/ 7 KB
7 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:821::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu5mxKKTU1Kvnz.woff2

Requested by

Host: offnews.bg
URL: https://offnews.bg/design/js/jquery.2.1.1.js

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:821::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

41720926981ffb6dc229f06fc0bbf0f43e45ba032d126726ebee481c2a6559e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Roboto+Slab:300,400,700|Roboto:400,700
Origin: https://offnews.bg

Response headers

date: Tue, 07 Aug 2018 01:27:38 GMT
x-content-type-options: nosniff
last-modified: Mon, 16 Oct 2017 17:32:50 GMT
server: sffe
age: 820022
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 6728
x-xss-protection: 1; mode=block
expires: Wed, 07 Aug 2019 01:27:38 GMT

GET
S 200 KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v18/ 10 KB
11 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:821::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2

Requested by

Host: offnews.bg
URL: https://offnews.bg/design/js/jquery.2.1.1.js

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:821::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

4352380f92ce7f9a4a4a23306b992bed10055dbfffe90987cc72083e583fc280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Roboto+Slab:300,400,700|Roboto:400,700
Origin: https://offnews.bg

Response headers

date: Wed, 08 Aug 2018 21:35:26 GMT
x-content-type-options: nosniff
last-modified: Mon, 16 Oct 2017 17:32:51 GMT
server: sffe
age: 661154
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 10748
x-xss-protection: 1; mode=block
expires: Thu, 08 Aug 2019 21:35:26 GMT

GET
S 200 KFOlCnqEu92Fr1MmWUlfABc4AMP6lbBP.woff2
fonts.gstatic.com/s/roboto/v18/ 7 KB
7 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:821::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmWUlfABc4AMP6lbBP.woff2

Requested by

Host: offnews.bg
URL: https://offnews.bg/design/js/jquery.2.1.1.js

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:821::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

6082aa2f5aab855120cd58f560f58975579097c484d23cc7854977a529f91bc4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Roboto+Slab:300,400,700|Roboto:400,700
Origin: https://offnews.bg

Response headers

date: Wed, 11 Jul 2018 21:01:52 GMT
x-content-type-options: nosniff
last-modified: Mon, 16 Oct 2017 17:32:57 GMT
server: sffe
age: 3082368
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 6876
x-xss-protection: 1; mode=block
expires: Thu, 11 Jul 2019 21:01:52 GMT

GET
H2 200 article-bg.jpg
offnews.bg/design/ 18 KB
18 KB 74ms
73ms Image
image/jpeg 109.121.152.10
SOFIA-CONNECT-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://offnews.bg/design/article-bg.jpg

Requested by

Host: offnews.bg
URL: https://offnews.bg/design/js/jquery.2.1.1.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

109.121.152.10 Elin Pelin, Bulgaria, ASN47872 (SOFIA-CONNECT-AS, BG),

Reverse DNS

ip-109-121-152-10.ip.offnews.bg

Software

nginx/1.12.2 /

Resource Hash

acf2bba212d8b8e80e26d785306f376b5fd56568bf56d9e58b92a6c39cebb0b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /design/article-bg.jpg
pragma: no-cache
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: offnews.bg
referer: https://offnews.bg/design/style.css?1530786249
:scheme: https
:method: GET
Referer: https://offnews.bg/design/style.css?1530786249
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 16 Aug 2018 13:14:40 GMT
last-modified: Tue, 25 Apr 2017 19:08:36 GMT
server: nginx/1.12.2
etag: "58ff9eb4-4847"
strict-transport-security: max-age=31536000
content-type: image/jpeg
status: 200
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 18503
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
S 200 BngMUXZYTXPIvIBgJJSb6ufJ5qWr4xCCQ_k.woff2
fonts.gstatic.com/s/robotoslab/v7/ 8 KB
8 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:821::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotoslab/v7/BngMUXZYTXPIvIBgJJSb6ufJ5qWr4xCCQ_k.woff2

Requested by

Host: offnews.bg
URL: https://offnews.bg/design/js/jquery.2.1.1.js

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:821::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

d9ad3cfa8e5cd50af70f20a98ac62bc882cc1bebc7eea2cfdcfafdd3b2f72a19

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Roboto+Slab:300,400,700|Roboto:400,700
Origin: https://offnews.bg

Response headers

date: Fri, 13 Jul 2018 06:18:03 GMT
x-content-type-options: nosniff
last-modified: Wed, 11 Oct 2017 18:27:06 GMT
server: sffe
age: 2962597
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 7736
x-xss-protection: 1; mode=block
expires: Sat, 13 Jul 2019 06:18:03 GMT

GET
S 200 BngMUXZYTXPIvIBgJJSb6ufN5qWr4xCC.woff2
fonts.gstatic.com/s/robotoslab/v7/ 11 KB
11 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:821::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotoslab/v7/BngMUXZYTXPIvIBgJJSb6ufN5qWr4xCC.woff2

Requested by

Host: offnews.bg
URL: https://offnews.bg/design/js/jquery.2.1.1.js

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:821::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

11f18af740f9727666190b83a8999d30ade3421e0148bf1b1586eaaad25dd781

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Roboto+Slab:300,400,700|Roboto:400,700
Origin: https://offnews.bg

Response headers

date: Fri, 13 Jul 2018 06:20:37 GMT
x-content-type-options: nosniff
last-modified: Wed, 11 Oct 2017 18:31:41 GMT
server: sffe
age: 2962443
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 10988
x-xss-protection: 1; mode=block
expires: Sat, 13 Jul 2019 06:20:37 GMT

GET
S 200 KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v18/ 11 KB
11 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:821::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2

Requested by

Host: offnews.bg
URL: https://offnews.bg/design/js/jquery.2.1.1.js

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:821::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

1be216dbc059d96e288b0c1f399a1a80ee8c65e4c1272dbc4574bd6d23cf45d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Roboto+Slab:300,400,700|Roboto:400,700
Origin: https://offnews.bg

Response headers

date: Wed, 08 Aug 2018 21:35:35 GMT
x-content-type-options: nosniff
last-modified: Mon, 16 Oct 2017 17:33:03 GMT
server: sffe
age: 661145
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 10764
x-xss-protection: 1; mode=block
expires: Thu, 08 Aug 2019 21:35:35 GMT

GET
H2 200 play_photo.png
offnews.bg/design/ 5 KB
5 KB 73ms
73ms Image
image/png 109.121.152.10
SOFIA-CONNECT-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://offnews.bg/design/play_photo.png

Requested by

Host: offnews.bg
URL: https://offnews.bg/design/js/jquery.2.1.1.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

109.121.152.10 Elin Pelin, Bulgaria, ASN47872 (SOFIA-CONNECT-AS, BG),

Reverse DNS

ip-109-121-152-10.ip.offnews.bg

Software

nginx/1.12.2 /

Resource Hash

b5a038e9538a31956b6d4a02bcc4ecfd670a3361c45fda7da6579fd503b194d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /design/play_photo.png
pragma: no-cache
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: offnews.bg
referer: https://offnews.bg/design/style.css?1530786249
:scheme: https
:method: GET
Referer: https://offnews.bg/design/style.css?1530786249
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 16 Aug 2018 13:14:40 GMT
last-modified: Tue, 25 Apr 2017 19:08:36 GMT
server: nginx/1.12.2
etag: "58ff9eb4-12b4"
strict-transport-security: max-age=31536000
content-type: image/png
status: 200
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 4788
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 play_video.png
offnews.bg/design/ 3 KB
3 KB 75ms
74ms Image
image/png 109.121.152.10
SOFIA-CONNECT-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://offnews.bg/design/play_video.png

Requested by

Host: offnews.bg
URL: https://offnews.bg/design/js/jquery.2.1.1.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

109.121.152.10 Elin Pelin, Bulgaria, ASN47872 (SOFIA-CONNECT-AS, BG),

Reverse DNS

ip-109-121-152-10.ip.offnews.bg

Software

nginx/1.12.2 /

Resource Hash

b36e6d0857df7b31d9789ab733956b6f74f14d2588430a56ab14673989a708e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /design/play_video.png
pragma: no-cache
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: offnews.bg
referer: https://offnews.bg/design/style.css?1530786249
:scheme: https
:method: GET
Referer: https://offnews.bg/design/style.css?1530786249
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 16 Aug 2018 13:14:40 GMT
last-modified: Tue, 25 Apr 2017 19:08:36 GMT
server: nginx/1.12.2
etag: "58ff9eb4-b79"
strict-transport-security: max-age=31536000
content-type: image/png
status: 200
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 2937
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
S 200 BngRUXZYTXPIvIBgJJSb6u92w7CCwR2oefDofMY.woff2
fonts.gstatic.com/s/robotoslab/v7/ 8 KB
8 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:821::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotoslab/v7/BngRUXZYTXPIvIBgJJSb6u92w7CCwR2oefDofMY.woff2

Requested by

Host: offnews.bg
URL: https://offnews.bg/design/js/jquery.2.1.1.js

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:821::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

809442bfcd244fe53f489b5b16621f6093070fd1224ff5bccf0ae341463cc1c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Roboto+Slab:300,400,700|Roboto:400,700
Origin: https://offnews.bg

Response headers

date: Thu, 12 Jul 2018 23:55:19 GMT
x-content-type-options: nosniff
last-modified: Wed, 11 Oct 2017 18:27:01 GMT
server: sffe
age: 2985561
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 8096
x-xss-protection: 1; mode=block
expires: Fri, 12 Jul 2019 23:55:19 GMT

GET
H2 200 gdpr.css
offnews.bg/design/js/ 839 B
1 KB 74ms
73ms Stylesheet
text/css 109.121.152.10
SOFIA-CONNECT-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://offnews.bg/design/js/gdpr.css?

Requested by

Host: offnews.bg
URL: https://offnews.bg/design/js/jquery.2.1.1.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

109.121.152.10 Elin Pelin, Bulgaria, ASN47872 (SOFIA-CONNECT-AS, BG),

Reverse DNS

ip-109-121-152-10.ip.offnews.bg

Software

nginx/1.12.2 /

Resource Hash

1035a0a3f4b531c4e421fe1eb817a86871a2338465319066d8f48ea597f3b716

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /design/js/gdpr.css?
pragma: no-cache
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/css,*/*;q=0.1
cache-control: no-cache
:authority: offnews.bg
referer: https://offnews.bg/
:scheme: https
:method: GET
Referer: https://offnews.bg/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 16 Aug 2018 13:14:40 GMT
last-modified: Tue, 29 May 2018 05:00:12 GMT
server: nginx/1.12.2
etag: "5b0cde5c-347"
strict-transport-security: max-age=31536000
content-type: text/css
status: 200
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 839
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK Cookie set /
id.offmedia.bg/gdpr2018/ Frame CF63 0
0 84ms
83ms Document
text/html 109.121.152.11
SOFIA-CONNECT-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://id.offmedia.bg/gdpr2018/?notpl=ok&successurl=offnews.bg/
Requested by: Host: offnews.bg
URL: https://offnews.bg/design/js/jquery.2.1.1.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 109.121.152.11 Elin Pelin, Bulgaria, ASN47872 (SOFIA-CONNECT-AS, BG),
Reverse DNS: offnews.bg
Software: nginx/1.2.1 / PHP/5.4.45-0+deb7u5
Resource Hash

Request headers

Host: id.offmedia.bg
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: https://offnews.bg/
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id: DDEB91124F7984EBD3953984CBC3308C
Referer: https://offnews.bg/

Response headers

Server: nginx/1.2.1
Date: Thu, 16 Aug 2018 13:14:40 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/5.4.45-0+deb7u5
Set-Cookie: PHPSESSID=e7ispnkpqvug47cpdj6kd6oo94; path=/ offmedia_hash=3bd876242dc1afecc4b95114b762a2519997b8e5; expires=Fri, 16-Aug-2019 13:14:40 GMT; path=/; domain=.offmedia.bg
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Encoding: gzip

GET
H/1.1 200
OK phpgghorq_559x345.jpg
i2.offnews.bg/events/2018/08/16/686363/ 31 KB
31 KB 75ms
74ms Image
image/jpeg 109.121.152.11
SOFIA-CONNECT-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i2.offnews.bg/events/2018/08/16/686363/phpgghorq_559x345.jpg
Requested by: Host: offnews.bg
URL: https://offnews.bg/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 109.121.152.11 Elin Pelin, Bulgaria, ASN47872 (SOFIA-CONNECT-AS, BG),
Reverse DNS: offnews.bg
Software: nginx/1.2.1 /
Resource Hash: eee7e3d22e7a73a9b511baf11c3af960110eab78a54f09bd246205546b9b659a

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: i2.offnews.bg
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: https://offnews.bg/
Connection: keep-alive
Cache-Control: no-cache
Referer: https://offnews.bg/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: public
Date: Thu, 16 Aug 2018 13:14:40 GMT
Last-Modified: Thu, 16 Aug 2018 06:09:12 GMT
Server: nginx/1.2.1
Content-Type: image/jpeg
Cache-Control: max-age=315360000,public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 31285
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK php64e1lv_559x345.jpg
i2.offnews.bg/events/2019/08/16/681740/ 31 KB
31 KB 74ms
74ms Image
image/jpeg 109.121.152.11
SOFIA-CONNECT-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i2.offnews.bg/events/2019/08/16/681740/php64e1lv_559x345.jpg
Requested by: Host: offnews.bg
URL: https://offnews.bg/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 109.121.152.11 Elin Pelin, Bulgaria, ASN47872 (SOFIA-CONNECT-AS, BG),
Reverse DNS: offnews.bg
Software: nginx/1.2.1 /
Resource Hash: 27cb03c797ed23db1a1480a0facb4d77d49fb43f94bbfa1b0d9fa82e8ada7a12

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: i2.offnews.bg
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: https://offnews.bg/
Connection: keep-alive
Cache-Control: no-cache
Referer: https://offnews.bg/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: public
Date: Thu, 16 Aug 2018 13:14:40 GMT
Last-Modified: Wed, 15 Aug 2018 12:35:58 GMT
Server: nginx/1.2.1
Content-Type: image/jpeg
Cache-Control: max-age=315360000,public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 31554
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK php5cj4qi_559x345.jpg
i2.offnews.bg/events/2018/08/15/686336/ 14 KB
14 KB 74ms
74ms Image
image/jpeg 109.121.152.11
SOFIA-CONNECT-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i2.offnews.bg/events/2018/08/15/686336/php5cj4qi_559x345.jpg
Requested by: Host: offnews.bg
URL: https://offnews.bg/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 109.121.152.11 Elin Pelin, Bulgaria, ASN47872 (SOFIA-CONNECT-AS, BG),
Reverse DNS: offnews.bg
Software: nginx/1.2.1 /
Resource Hash: d8a6e560cb52fab208ffc0efd5bd164e490d749c2d1bb2484ce4f0dfd23a22c3

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: i2.offnews.bg
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: https://offnews.bg/
Cookie: _ga=GA1.2.1110803035.1534425280; _gid=GA1.2.795519596.1534425280; _gat=1
Connection: keep-alive
Cache-Control: no-cache
Referer: https://offnews.bg/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: public
Date: Thu, 16 Aug 2018 13:14:40 GMT
Last-Modified: Wed, 15 Aug 2018 13:09:37 GMT
Server: nginx/1.2.1
Content-Type: image/jpeg
Cache-Control: max-age=315360000,public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 14471
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK phpig9eih_559x345.jpg
i2.offnews.bg/events/2018/08/15/686327/ 43 KB
44 KB 295ms
295ms Image
image/jpeg 109.121.152.11
SOFIA-CONNECT-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i2.offnews.bg/events/2018/08/15/686327/phpig9eih_559x345.jpg
Requested by: Host: offnews.bg
URL: https://offnews.bg/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 109.121.152.11 Elin Pelin, Bulgaria, ASN47872 (SOFIA-CONNECT-AS, BG),
Reverse DNS: offnews.bg
Software: nginx/1.2.1 /
Resource Hash: d5d5d3554d02a39bbb4aedb0c58cdd33f5223a13999a176d79d428de7c8cf335

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: i2.offnews.bg
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: https://offnews.bg/
Cookie: _ga=GA1.2.1110803035.1534425280; _gid=GA1.2.795519596.1534425280; _gat=1
Connection: keep-alive
Cache-Control: no-cache
Referer: https://offnews.bg/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: public
Date: Thu, 16 Aug 2018 13:14:40 GMT
Last-Modified: Wed, 15 Aug 2018 11:15:23 GMT
Server: nginx/1.2.1
Content-Type: image/jpeg
Cache-Control: max-age=315360000,public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 44496
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK phpseekii_559x345.jpg
i2.offnews.bg/events/2018/08/16/686401/ 33 KB
33 KB 74ms
74ms Image
image/jpeg 109.121.152.11
SOFIA-CONNECT-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i2.offnews.bg/events/2018/08/16/686401/phpseekii_559x345.jpg
Requested by: Host: offnews.bg
URL: https://offnews.bg/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 109.121.152.11 Elin Pelin, Bulgaria, ASN47872 (SOFIA-CONNECT-AS, BG),
Reverse DNS: offnews.bg
Software: nginx/1.2.1 /
Resource Hash: 48a8dfcf73591fb7c90fd3a947e42548180e5b13209464f074a03dbaedccee09

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: i2.offnews.bg
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: https://offnews.bg/
Cookie: _ga=GA1.2.1110803035.1534425280; _gid=GA1.2.795519596.1534425280; _gat=1
Connection: keep-alive
Cache-Control: no-cache
Referer: https://offnews.bg/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: public
Date: Thu, 16 Aug 2018 13:14:40 GMT
Last-Modified: Thu, 16 Aug 2018 12:15:04 GMT
Server: nginx/1.2.1
Content-Type: image/jpeg
Cache-Control: max-age=315360000,public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 33736
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET icon48.png
eflcdgjbimnnhfkbgipdofbiofnhnjbc/ 0
0

GET
S 200 fpdata.js Show response
gabg.hit.gemius.pl/ 268 B
340 B 32ms
31ms Script
application/x-javascript 78.128.6.41
TELEPOINT

General

Check archive.org

Show headers Download Go to

Full URL: https://gabg.hit.gemius.pl/fpdata.js?href=offnews.bg
Requested by: Host: gabg.hit.gemius.pl
URL: https://gabg.hit.gemius.pl/xgemius.js
Protocol: SPDY
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 78.128.6.41 , Bulgaria, ASN31083 (TELEPOINT, BG),
Reverse DNS: ip-6-41.telehouse.bg
Software: GHC /
Resource Hash: f954227521309bfe4a93dd90b2536d4e6903a792d3480cfa9096a3db377396f2

Request headers

Referer: https://offnews.bg/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 16 Aug 2018 13:14:40 GMT
last-modified: Mon, 16 Jul 2012 10:03:40 GMT
server: GHC
etag: PRIVATE7520710249
p3p: CP="NOI DSP COR NID PSAo OUR IND"
status: 200
cache-control: private, max-age=2592000
accept-ranges: none
content-type: application/x-javascript
content-length: 268
expires: Sat, 15 Sep 2018 13:14:40 GMT

GET
S 200 js Show response
www.google-analytics.com/gtm/ 36 KB
14 KB 17ms
16ms Script
application/javascript 2a00:1450:4001:821::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/js?id=GTM-NPC96BM&cid=1110803035.1534425280

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:821::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Google Tag Manager (scaffolding) /

Resource Hash

efffb0666b31072c8e25feeff74e7938121e2be919f74c6f7fe0a4fd83b2cc13

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://offnews.bg/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 16 Aug 2018 13:14:40 GMT
content-encoding: gzip
server: Google Tag Manager (scaffolding)
access-control-allow-headers: Cache-Control
status: 200
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: http://www.googletagmanager.com
cache-control: private, max-age=900
access-control-allow-credentials: true
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 14466
x-xss-protection: 1; mode=block
expires: Thu, 16 Aug 2018 13:14:40 GMT

GET
S

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j68&a=434110341&t=pageview&_s=1&dl=https%3A%2F%2Foffnews.bg%2F&ul=en-us&de=UTF-8&dt=OFFNews.bg&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=IEBAAEAB...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-27974564-1&cid=1110803035.1534425280&jid=1829871355&_gid=795519596.1534425280&gjid=1407548415&_v=j68&z=1260981447
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-27974564-1&cid=1110803035.1534425280&jid=1829871355&_v=j68&z=1260981447
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-27974564-1&cid=1110803035.1534425280&jid=1829871355&_v=j68&z=1260981447&slf_rd=1&random=1955381238

42 B
109 B

16ms
16ms

Image
image/gif

2a00:1450:4001:80b::2003
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-27974564-1&cid=1110803035.1534425280&jid=1829871355&_v=j68&z=1260981447&slf_rd=1&random=1955381238

Requested by

Host: offnews.bg
URL: https://offnews.bg/

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:80b::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://offnews.bg/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Aug 2018 13:14:40 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 42
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 16 Aug 2018 13:14:40 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
content-type: text/html; charset=UTF-8
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-27974564-1&cid=1110803035.1534425280&jid=1829871355&_v=j68&z=1260981447&slf_rd=1&random=1955381238
cache-control: no-cache, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
S 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 151 KB
37 KB 305ms
304ms XHR
text/javascript 172.217.18.2
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1365566043370815&correlator=455813562711370&output=json_html&callback=googletag.impl.pubads.callbackProxy1&impl=fifs&adsid=NT&json_a=1&eid=21061645&vrg=239&guci=1.2.0.0.2.2.0&sc=1&sfv=1-0-29&iu_parts=150116058%2COFFNews_bg%2COfcoffee_300x250%2COfcoffee_300x50%2COfcoffee_300x50_L%2COfcoffee_300x250_L%2C300x250forGame%2CHome_300x250_premium%2CHome_300x600_3rd_SPORT%2CHome_300x600_5th_CULTURE%2CHome_300x600_6th_Lifestyle%2CHome_300x600_premium%2CHome_728x_premium%2CHome_960x%2CHome_960x3rd&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F3%2C%2F0%2F1%2F4%2C%2F0%2F1%2F5%2C%2F0%2F1%2F6%2C%2F0%2F1%2F7%2C%2F0%2F1%2F8%2C%2F0%2F1%2F9%2C%2F0%2F1%2F10%2C%2F0%2F1%2F11%2C%2F0%2F1%2F12%2C%2F0%2F1%2F13%2C%2F0%2F1%2F14&prev_iu_szs=300x250%2C300x50%2C300x50%2C300x250%2C300x250%2C300x250%2C300x600%2C300x600%2C300x600%2C300x600%2C728x90%7C960x100%7C960x200%7C960x300%2C960x100%7C960x200%2C960x100%7C960x200&cust_params=dfp_section%3Dhome&cookie_enabled=1&bc=7&abxe=1&lmt=1534425280&dt=1534425280568&dlt=1534425279926&idt=569&frm=20&biw=1585&bih=1200&oid=3&adxs=1586%2C1586%2C1896%2C1896%2C-9%2C799%2C1112%2C1112%2C799%2C799%2C429%2C313%2C313&adys=325%2C95%2C95%2C145%2C-9%2C612%2C3399%2C4819%2C5784%2C1253%2C87%2C4674%2C2594&adks=1698599047%2C1503795003%2C2855653737%2C391593381%2C638539305%2C1375476851%2C3485545828%2C3988219069%2C3855781118%2C1057193925%2C3709905042%2C550146224%2C2637392979&gut=v2&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Foffnews.bg%2F&dssz=37&icsg=150994603&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=310x-1%7C300x-1%7C300x-1%7C300x-1%7C0x0%7C300x250%7C300x600%7C300x600%7C300x600%7C300x600%7C1240x90%7C1240x100%7C1240x100&msz=300x-1%7C300x-1%7C300x-1%7C300x-1%7C0x0%7C72x250%7C300x-1%7C300x-1%7C300x-1%7C300x-1%7C1240x90%7C1240x100%7C1240x100&ga_vid=1110803035.1534425280&ga_sid=1534425281&ga_hid=434110341&fws=0%2C0%2C4%2C4%2C2%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_239.js

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

172.217.18.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

cafe /

Resource Hash

61cabe0eafec5a1bd36a2788cc4125f8c0c397a05e2db1173e12a3ea6bc2a8a1

Security Headers

Name	Value
Content-Security-Policy	child-src 'self' 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3%26dns%3Doff$/12385535853774859582/body.html;frame-src 'self' 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3%26dns%3Doff$/12385535853774859582/body.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CNyuqc7T8dwCFSkx0wodXVUPXQ&gqi=&layout=/sadbundle/%24csp%253Der3%2526dns%253Doff%24/12385535853774859582/body.html
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://offnews.bg/
Origin: https://offnews.bg

Response headers

content-security-policy: child-src 'self' 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3%26dns%3Doff$/12385535853774859582/body.html;frame-src 'self' 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3%26dns%3Doff$/12385535853774859582/body.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CNyuqc7T8dwCFSkx0wodXVUPXQ&gqi=&layout=/sadbundle/%24csp%253Der3%2526dns%253Doff%24/12385535853774859582/body.html
content-encoding: gzip
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2
google-creative-id: -2,138232132452,138233252068,-2,-2,-1,138231881999,-2,138231881714,-1,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 37152
x-xss-protection: 1; mode=block
google-lineitem-id: -2,4660770469,4673103241,-2,-2,-1,4656408389,-2,4656555735,-1,-2,-2,-2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
date: Thu, 16 Aug 2018 13:14:40 GMT
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: https://offnews.bg
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
S 200 pubads_impl_rendering_239.js Show response
securepubads.g.doubleclick.net/gpt/ 43 KB
16 KB 39ms
39ms Script
text/javascript 172.217.18.2
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_239.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_239.js

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

172.217.18.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

sffe /

Resource Hash

361855a771b05b569b3306a96db9d5872601e3c099c7150ccaa8331be4ab9b3a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://offnews.bg/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 16 Aug 2018 13:14:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 10 Aug 2018 12:31:48 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 16544
x-xss-protection: 1; mode=block
expires: Thu, 16 Aug 2018 13:14:40 GMT

GET
S 200 container.html
tpc.googlesyndication.com/safeframe/1-0-29/html/ 0
0 6ms
5ms Other
text/html 2a00:1450:4001:821::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-29/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_239.js
Protocol: SPDY
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a00:1450:4001:821::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Purpose: prefetch
Referer: https://offnews.bg/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

expires: Fri, 02 Aug 2019 15:00:09 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Mon, 11 Jun 2018 14:38:59 GMT
content-type: text/html

GET
S

200

rexdot.js Show response
gabg.hit.gemius.pl/__/_1534425280619/
Redirect Chain

https://gabg.hit.gemius.pl/_1534425280619/rexdot.js?l=90&id=.A5FXzg1tSv5cqX7coTCqmYTnJ4BzZhbc5OSH.TPYLH.h7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Foffnews.bg%2...
https://gabg.hit.gemius.pl/__/_1534425280619/rexdot.js?l=90&id=.A5FXzg1tSv5cqX7coTCqmYTnJ4BzZhbc5OSH.TPYLH.h7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Foffnews.b...

169 B
392 B

87ms
85ms

Script
application/x-javascript

78.128.6.41
TELEPOINT

General

Check archive.org

Show headers Download Go to

Full URL: https://gabg.hit.gemius.pl/__/_1534425280619/rexdot.js?l=90&id=.A5FXzg1tSv5cqX7coTCqmYTnJ4BzZhbc5OSH.TPYLH.h7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Foffnews.bg%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&ltime=0&lsdata=-NOTSUP&fpdata=oLMRzhiK0xlDDCc1f2aZMvCneJCFw1nG7I01Okc_cWP.Q7&vis=1
Requested by: Host: offnews.bg
URL: https://offnews.bg/
Protocol: SPDY
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 78.128.6.41 , Bulgaria, ASN31083 (TELEPOINT, BG),
Reverse DNS: ip-6-41.telehouse.bg
Software: GHC /
Resource Hash: bfdbe97c3304ea95b28cc38b04f62f437166b5d991ffaa0105fb7582b48f76fb

Request headers

Referer: https://offnews.bg/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Aug 2018 13:14:40 GMT
server: GHC
p3p: CP="NOI DSP COR NID PSAo OUR IND"
status: 200
cache-control: no-store, no-cache, must-revalidate, max-age=0
accept-ranges: none
content-type: application/x-javascript
content-length: 169
expires: Wed, 15 Aug 2018 13:14:40 GMT

Redirect headers

pragma: no-cache
date: Thu, 16 Aug 2018 13:14:40 GMT
server: GHC
status: 301
p3p: CP="NOI DSP COR NID PSAo OUR IND"
location: /__/_1534425280619/rexdot.js?l=90&id=.A5FXzg1tSv5cqX7coTCqmYTnJ4BzZhbc5OSH.TPYLH.h7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Foffnews.bg%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&ltime=0&lsdata=-NOTSUP&fpdata=oLMRzhiK0xlDDCc1f2aZMvCneJCFw1nG7I01Okc_cWP.Q7&vis=1
cache-control: no-store, no-cache, must-revalidate, max-age=0
accept-ranges: none
content-length: 0
expires: Wed, 15 Aug 2018 13:14:40 GMT

GET
S 200 abg_lite.js Show response
tpc.googlesyndication.com/pagead/js/r20180813/r20110914/ Frame 2478 35 KB
13 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:821::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20180813/r20110914/abg_lite.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_239.js

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:821::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

7ede0e916fe87a66892d2c8289f66abcdb66d4e31260bd4c4e604c43242b6b9e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://offnews.bg/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 14 Aug 2018 02:14:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 212392
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 13155
x-xss-protection: 1; mode=block
server: cafe
etag: 14050636121138805801
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 28 Aug 2018 02:14:48 GMT

GET
S 200 m_window_focus_non_hydra.js Show response
tpc.googlesyndication.com/pagead/js/r20180813/r20110914/client/ext/ Frame 2478 3 KB
1 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:821::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20180813/r20110914/client/ext/m_window_focus_non_hydra.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_239.js

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:821::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

907b2a46e4b41d621d52f707ac59fc7485e0e5986f6fa68cc367549639896777

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://offnews.bg/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 14 Aug 2018 02:14:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 212392
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 1349
x-xss-protection: 1; mode=block
server: cafe
etag: 15302377081181678529
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 28 Aug 2018 02:14:48 GMT

GET
S 200 osd_listener.js Show response
tpc.googlesyndication.com/pagead/js/r20180813/r20110914/activeview/ Frame 2478 71 KB
26 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:821::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20180813/r20110914/activeview/osd_listener.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_239.js

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:821::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

51112a361ca8ad55cffb797d4fcfa06911877578b57cb7bf36cbd28d7cccb4a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://offnews.bg/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 14 Aug 2018 02:26:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 211675
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 26378
x-xss-protection: 1; mode=block
server: cafe
etag: 5757054909246809680
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 28 Aug 2018 02:26:45 GMT

GET
S 204 l
www.google.com/ads/measurement/ Frame 2478 0
58 B 15ms
14ms Image
text/html 2a00:1450:4001:821::2004
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRZx0-YeOeWqcSoLhZ3VgSiJzMf7e3vKY8kO5YvRyYG-dNbi7-BtGjLb65_5PJy-5zXE2RYFkwJqr1dGqs9Fn6XBFMhKQ
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_239.js
Protocol: SPDY
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2a00:1450:4001:821::2004 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://offnews.bg/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

content-type: text/html; charset=UTF-8

GET
S 200 16581592750880410023
tpc.googlesyndication.com/simgad/ Frame 2478 8 KB
8 KB 9ms
8ms Image
image/jpeg 2a00:1450:4001:821::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/16581592750880410023

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_239.js

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:821::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

99714cc376cacfc97478a8322621fb041d2abc0b8998e162f0b2e333c1ec550a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://offnews.bg/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 13 Jul 2018 13:19:57 GMT
x-content-type-options: nosniff
age: 2937283
x-dns-prefetch-control: off
status: 200
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 7760
x-xss-protection: 1; mode=block
last-modified: Wed, 02 May 2018 07:57:04 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 13 Jul 2019 13:19:57 GMT

GET
S 200 osd.js Show response
pagead2.googlesyndication.com/pagead/ 70 KB
26 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:815::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/osd.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_239.js

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:815::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

f3e5c6c3d307b1bb799847224aaa58828b9299bb9e52eb7bd12e6f1d97cdae32

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://offnews.bg/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 16 Aug 2018 13:09:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 335
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 26276
x-xss-protection: 1; mode=block
server: cafe
etag: 4293973632661985836
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Thu, 16 Aug 2018 14:09:05 GMT

GET
S 200 16581592750880410023
tpc.googlesyndication.com/simgad/ Frame 7CD7 8 KB
8 KB 5ms
5ms Image
image/jpeg 2a00:1450:4001:821::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/16581592750880410023

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_239.js

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:821::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

99714cc376cacfc97478a8322621fb041d2abc0b8998e162f0b2e333c1ec550a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://offnews.bg/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 13 Jul 2018 13:19:57 GMT
x-content-type-options: nosniff
age: 2937283
x-dns-prefetch-control: off
status: 200
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 7760
x-xss-protection: 1; mode=block
last-modified: Wed, 02 May 2018 07:57:04 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 13 Jul 2019 13:19:57 GMT

GET
S 200 abg_lite.js Show response
tpc.googlesyndication.com/pagead/js/r20180813/r20110914/ Frame 7CD7 35 KB
13 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:821::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20180813/r20110914/abg_lite.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_239.js

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:821::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

7ede0e916fe87a66892d2c8289f66abcdb66d4e31260bd4c4e604c43242b6b9e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://offnews.bg/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 14 Aug 2018 02:14:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 212392
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 13155
x-xss-protection: 1; mode=block
server: cafe
etag: 14050636121138805801
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 28 Aug 2018 02:14:48 GMT

GET
S 200 m_window_focus_non_hydra.js Show response
tpc.googlesyndication.com/pagead/js/r20180813/r20110914/client/ext/ Frame 7CD7 3 KB
1 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:821::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20180813/r20110914/client/ext/m_window_focus_non_hydra.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_239.js

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:821::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

907b2a46e4b41d621d52f707ac59fc7485e0e5986f6fa68cc367549639896777

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://offnews.bg/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 14 Aug 2018 02:14:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 212392
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 1349
x-xss-protection: 1; mode=block
server: cafe
etag: 15302377081181678529
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 28 Aug 2018 02:14:48 GMT

GET
S 200 osd_listener.js Show response
tpc.googlesyndication.com/pagead/js/r20180813/r20110914/activeview/ Frame 7CD7 71 KB
26 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:821::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20180813/r20110914/activeview/osd_listener.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_239.js

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:821::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

51112a361ca8ad55cffb797d4fcfa06911877578b57cb7bf36cbd28d7cccb4a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://offnews.bg/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 14 Aug 2018 02:26:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 211675
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 26378
x-xss-protection: 1; mode=block
server: cafe
etag: 5757054909246809680
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 28 Aug 2018 02:26:45 GMT

GET
S 204 l
www.google.com/ads/measurement/ Frame 7CD7 0
58 B 15ms
14ms Image
text/html 2a00:1450:4001:821::2004
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTBWLdHGWdxD5M_P88WD91p6TmEOt2XtgJvbI5wqerpiAFw5OQRyNk5OfdVv87Po4p1dIonTzzN40MqYWo_BRLSZmzybg
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_239.js
Protocol: SPDY
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2a00:1450:4001:821::2004 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://offnews.bg/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

content-type: text/html; charset=UTF-8

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-29/html/ Frame 8505 0
0 6ms
6ms Document
text/html 2a00:1450:4001:821::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-29/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_239.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:821::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-29/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: https://offnews.bg/
accept-encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id: DDEB91124F7984EBD3953984CBC3308C
Referer: https://offnews.bg/

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
timing-allow-origin: *
content-length: 1479
date: Thu, 02 Aug 2018 15:00:09 GMT
expires: Fri, 02 Aug 2019 15:00:09 GMT
last-modified: Mon, 11 Jun 2018 14:38:59 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 1; mode=block
cache-control: public, immutable, max-age=31536000
age: 1203271
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-29/html/ Frame 595E 0
0 7ms
5ms Document
text/html 2a00:1450:4001:821::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-29/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_239.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:821::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-29/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: https://offnews.bg/
accept-encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id: DDEB91124F7984EBD3953984CBC3308C
Referer: https://offnews.bg/

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
timing-allow-origin: *
content-length: 1479
date: Thu, 02 Aug 2018 15:00:09 GMT
expires: Fri, 02 Aug 2019 15:00:09 GMT
last-modified: Mon, 11 Jun 2018 14:38:59 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 1; mode=block
cache-control: public, immutable, max-age=31536000
age: 1203271
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-29/html/ Frame DE39 0
0 6ms
5ms Document
text/html 2a00:1450:4001:821::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-29/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_239.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:821::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-29/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: https://offnews.bg/
accept-encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id: DDEB91124F7984EBD3953984CBC3308C
Referer: https://offnews.bg/

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
timing-allow-origin: *
content-length: 1479
date: Thu, 02 Aug 2018 15:00:09 GMT
expires: Fri, 02 Aug 2019 15:00:09 GMT
last-modified: Mon, 11 Jun 2018 14:38:59 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 1; mode=block
cache-control: public, immutable, max-age=31536000
age: 1203271
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-29/html/ Frame 457F 0
0 7ms
6ms Document
text/html 2a00:1450:4001:821::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-29/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_239.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:821::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-29/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: https://offnews.bg/
accept-encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id: DDEB91124F7984EBD3953984CBC3308C
Referer: https://offnews.bg/

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
timing-allow-origin: *
content-length: 1479
date: Thu, 02 Aug 2018 15:00:09 GMT
expires: Fri, 02 Aug 2019 15:00:09 GMT
last-modified: Mon, 11 Jun 2018 14:38:59 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 1; mode=block
cache-control: public, immutable, max-age=31536000
age: 1203271
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"

GET
S 200 view
securepubads.g.doubleclick.net/pcs/ Frame 2478 0
47 B 45ms
42ms Image
text/html 172.217.18.2
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvIH7Iabja2_NSuG-rmkdmvjkbCA7nSPqal4_XSinp5tavebkzC1MoGq3da5yOyFN0eB5G2NbZxEoKSj9jqZ8yjgYPy344P3ZdH4mAsFE2WZX0Pw-Bhjlmt7I8X83GASdQu67Ff794UeXyGloUwa2SpWEeg_K8DQHLmKb8L2c-BBjKwnJ1SUv9lmA8jEcVwUqfFNfBSPSzpziA_5edHATQxXgO289W8uk-oKp9O1bwfOsJPPkPyEjsyeuaeHQwuSHZ-MrUw&sai=AMfl-YSCnmDPArdoRHemXVLBe2tHz138AafiUg8zerRIIqUjZsTysXkoFjkzD3zRtnrmE85_tcHqRDrEcba_i6DMFKIqZ3Ur0UluKaRi5-2VVYUTeVVKL6AekydTyDfi&sig=Cg0ArKJSzGoIoJrg_4d3EAE&adurl=
Requested by: Host: offnews.bg
URL: https://offnews.bg/
Protocol: SPDY
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.217.18.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: fra15s28-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://offnews.bg/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

cache-control: private
content-type: text/html; charset=UTF-8

GET
S 200 view
securepubads.g.doubleclick.net/pcs/ Frame 7CD7 0
47 B 45ms
42ms Image
text/html 172.217.18.2
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuLwdY2vUm-J3snCmVOJPLsbdlphZ6UX8PJauStZVSHfQS981X39ox6G2Jh2DNBcnGPavLByVudBbBYBh6Eo_HCwnckMtkfJKWyHUU3u7-dpNyJKJrbqIisHwg3gp6H8g_ENI7sNzvkwFjybtQ5nzruht6pJheUZWAfjYM-O2UsJNHKKCjYjezM-e0fZv9I_3UPQGzgN-F5eO6DFNMiWwPo8U95ag4IZweeptQBQjIfFa65J04FAmnI1z26LkmBVd4YCliyLGk&sai=AMfl-YTjW2gJ9xrKur30nfiT_bMo2kvKPjgnjbuKOQ0LweK9minxqfN5RUb9atzbWjExhPpedRBxrUbrE6Bxz1pM66WnZ0KcthCNaQETbohP6yOcGRXX01PlpGzYI0Lf&sig=Cg0ArKJSzFYlGCs8LHZiEAE&adurl=
Requested by: Host: offnews.bg
URL: https://offnews.bg/
Protocol: SPDY
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.217.18.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: fra15s28-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://offnews.bg/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

cache-control: private
content-type: text/html; charset=UTF-8

GET
DATA 200
OK truncated
/ Frame 2478 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d03f08f9f336dada487ebe6fea9b0c7bfc3091412ca495356b473ef28995d792

Request headers

Response headers

Access-Control-Allow-Origin: *
Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 7CD7 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7545c214e345e93037ba6ec786ca8e721c19c4a02160ababcad5a2d9e52443c0

Request headers

Response headers

Access-Control-Allow-Origin: *
Content-Type: image/png

GET
S 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 74 KB
27 KB 31ms
31ms Script
text/javascript 2a00:1450:4001:815::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?_=1534425280104

Requested by

Host: offnews.bg
URL: https://offnews.bg/design/js/jquery.2.1.1.js

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:815::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0c358c47158e1c40e08ca8109b2552a4a1d10ff154bd5f374689cf833c90a77d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://offnews.bg/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 16 Aug 2018 13:14:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 27577
x-xss-protection: 1; mode=block
server: cafe
etag: 16056773057698266875
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 16 Aug 2018 13:14:42 GMT

GET
S 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 74 KB
27 KB 31ms
31ms Script
text/javascript 2a00:1450:4001:815::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?_=1534425280105

Requested by

Host: offnews.bg
URL: https://offnews.bg/design/js/jquery.2.1.1.js

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:815::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0c358c47158e1c40e08ca8109b2552a4a1d10ff154bd5f374689cf833c90a77d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://offnews.bg/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 16 Aug 2018 13:14:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 27577
x-xss-protection: 1; mode=block
server: cafe
etag: 16056773057698266875
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 16 Aug 2018 13:14:42 GMT

GET
S 200 ca-pub-8785447506140681.js Show response
pagead2.googlesyndication.com/pub-config/r20160913/ 133 B
277 B 7ms
6ms Script
text/javascript 2a00:1450:4001:815::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pub-config/r20160913/ca-pub-8785447506140681.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?_=1534425280105

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:815::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

7e7fa886d5d75c745d95be4fc3c5bfb4c988019b3f643c669734612345e1b8c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://offnews.bg/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 16 Aug 2018 08:50:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 16 Aug 2018 06:24:30 GMT
server: sffe
age: 15858
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=43200
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 125
x-xss-protection: 1; mode=block
expires: Thu, 16 Aug 2018 20:50:24 GMT

GET
H2 200 zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20180813/r20180604/ Frame BC1B 0
0 6ms
5ms Document
text/html 2a00:1450:4001:814::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20180813/r20180604/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?_=1534425280105

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:814::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20180813/r20180604/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: https://offnews.bg/
accept-encoding: gzip, deflate
cookie: IDE=AHWqTUl9KbWGHmirAL0qXTDEkx7ubUOOV2IsE9Dy3d8_YGBZgzgpOU-yMTJka9IG; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id: DDEB91124F7984EBD3953984CBC3308C
Referer: https://offnews.bg/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
vary: Accept-Encoding
date: Tue, 14 Aug 2018 07:53:19 GMT
expires: Tue, 28 Aug 2018 07:53:19 GMT
content-type: text/html; charset=UTF-8
etag: 15840095812326030575
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 6941
x-xss-protection: 1; mode=block
cache-control: public, max-age=1209600
age: 192083
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"

GET
S 200 show_ads_impl.js Show response
pagead2.googlesyndication.com/pagead/js/r20180813/r20180604/ Frame EF4C 190 KB
70 KB 37ms
35ms Script
text/javascript 2a00:1450:4001:815::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20180813/r20180604/show_ads_impl.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?_=1534425280105

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:815::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

596e20e3b38ab9c67193ab2550586089c09492f06aa24e94ef96af7a0bd24569

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://offnews.bg/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 16 Aug 2018 13:14:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 72004
x-xss-protection: 1; mode=block
server: cafe
etag: 11886928678254875196
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 16 Aug 2018 13:14:42 GMT

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame 7CDB 0
0 168ms
167ms Document
text/html 2a00:1450:4001:814::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8785447506140681&output=html&h=250&slotname=5938599577&adk=2166029690&adf=2908946590&w=250&lmt=1534425282&guci=1.2.0.0.2.2.0&format=250x250&url=https%3A%2F%2Foffnews.bg%2F&flash=0&wgl=1&adsid=NT&dt=1534425282222&bpp=17&bdt=2296&fdt=19&idt=88&shv=r20180813&cbv=r20180604&saldr=aa&abxe=1&correlator=1742501545065&frm=20&pv=2&ga_vid=1110803035.1534425280&ga_sid=1534425281&ga_hid=434110341&ga_fc=0&iag=0&icsg=2888633936555&dssz=41&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=824&ady=522&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21060853%2C368226400%2C21061319&oid=3&rx=0&eae=0&fc=528&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&ppjl=u&pfx=0&fu=16&bc=7&osw_key=2377092367&ifi=15&fsb=1&xpc=lq4GGKPJjx&p=https%3A//offnews.bg&dtd=107

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20180813/r20180604/show_ads_impl.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:814::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-8785447506140681&output=html&h=250&slotname=5938599577&adk=2166029690&adf=2908946590&w=250&lmt=1534425282&guci=1.2.0.0.2.2.0&format=250x250&url=https%3A%2F%2Foffnews.bg%2F&flash=0&wgl=1&adsid=NT&dt=1534425282222&bpp=17&bdt=2296&fdt=19&idt=88&shv=r20180813&cbv=r20180604&saldr=aa&abxe=1&correlator=1742501545065&frm=20&pv=2&ga_vid=1110803035.1534425280&ga_sid=1534425281&ga_hid=434110341&ga_fc=0&iag=0&icsg=2888633936555&dssz=41&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=824&ady=522&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21060853%2C368226400%2C21061319&oid=3&rx=0&eae=0&fc=528&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&ppjl=u&pfx=0&fu=16&bc=7&osw_key=2377092367&ifi=15&fsb=1&xpc=lq4GGKPJjx&p=https%3A//offnews.bg&dtd=107
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: https://offnews.bg/
accept-encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id: DDEB91124F7984EBD3953984CBC3308C
Referer: https://offnews.bg/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Thu, 16 Aug 2018 13:14:42 GMT
server: cafe
cache-control: private
content-length: 3429
x-xss-protection: 1; mode=block
set-cookie: test_cookie=CheckForPermission; expires=Thu, 16-Aug-2018 13:29:42 GMT; path=/; domain=.doubleclick.net
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
expires: Thu, 16 Aug 2018 13:14:42 GMT

GET
S 200 show_ads_impl.js Show response
pagead2.googlesyndication.com/pagead/js/r20180813/r20180604/ Frame 9E7E 190 KB
0 37ms
35ms Script
text/javascript 2a00:1450:4001:815::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20180813/r20180604/show_ads_impl.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?_=1534425280105

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:815::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

596e20e3b38ab9c67193ab2550586089c09492f06aa24e94ef96af7a0bd24569

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Response headers

date: Thu, 16 Aug 2018 13:14:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 72004
x-xss-protection: 1; mode=block
server: cafe
etag: 11886928678254875196
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 16 Aug 2018 13:14:42 GMT

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame E8FC 0
0 174ms
173ms Document
text/html 2a00:1450:4001:814::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8785447506140681&output=html&h=600&slotname=7805232477&adk=1247910337&adf=1511700630&w=300&lmt=1534425282&guci=1.2.0.0.2.2.0&format=300x600&url=https%3A%2F%2Foffnews.bg%2F&flash=0&wgl=1&adsid=NT&dt=1534425282243&bpp=7&bdt=2317&fdt=105&idt=107&shv=r20180813&cbv=r20180604&saldr=aa&abxe=1&prev_fmts=250x250&correlator=1742501545065&frm=20&pv=1&ga_vid=1110803035.1534425280&ga_sid=1534425281&ga_hid=434110341&ga_fc=0&iag=0&icsg=2888633936555&dssz=41&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=799&ady=1163&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21060853%2C368226400%2C21061319&oid=3&rx=0&eae=0&fc=528&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&ppjl=u&pfx=0&fu=16&bc=7&osw_key=2458460729&ifi=16&fsb=1&xpc=1hvQ4oFhWh&p=https%3A//offnews.bg&dtd=112

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20180813/r20180604/show_ads_impl.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:814::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-8785447506140681&output=html&h=600&slotname=7805232477&adk=1247910337&adf=1511700630&w=300&lmt=1534425282&guci=1.2.0.0.2.2.0&format=300x600&url=https%3A%2F%2Foffnews.bg%2F&flash=0&wgl=1&adsid=NT&dt=1534425282243&bpp=7&bdt=2317&fdt=105&idt=107&shv=r20180813&cbv=r20180604&saldr=aa&abxe=1&prev_fmts=250x250&correlator=1742501545065&frm=20&pv=1&ga_vid=1110803035.1534425280&ga_sid=1534425281&ga_hid=434110341&ga_fc=0&iag=0&icsg=2888633936555&dssz=41&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=799&ady=1163&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21060853%2C368226400%2C21061319&oid=3&rx=0&eae=0&fc=528&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&ppjl=u&pfx=0&fu=16&bc=7&osw_key=2458460729&ifi=16&fsb=1&xpc=1hvQ4oFhWh&p=https%3A//offnews.bg&dtd=112
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: https://offnews.bg/
accept-encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id: DDEB91124F7984EBD3953984CBC3308C
Referer: https://offnews.bg/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Thu, 16 Aug 2018 13:14:42 GMT
server: cafe
cache-control: private
content-length: 15757
x-xss-protection: 1; mode=block
set-cookie: test_cookie=CheckForPermission; expires=Thu, 16-Aug-2018 13:29:42 GMT; path=/; domain=.doubleclick.net
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
expires: Thu, 16 Aug 2018 13:14:42 GMT

GET
H2 200 notify Show response
offnews.bg/ajax/ 382 B
1 KB 87ms
87ms XHR
text/html 109.121.152.10
SOFIA-CONNECT-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://offnews.bg/ajax/notify

Requested by

Host: offnews.bg
URL: https://offnews.bg/design/js/jquery.2.1.1.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

109.121.152.10 Elin Pelin, Bulgaria, ASN47872 (SOFIA-CONNECT-AS, BG),

Reverse DNS

ip-109-121-152-10.ip.offnews.bg

Software

nginx/1.12.2 /

Resource Hash

35ad731fc229d48a3b77069787ecf87ae24cb923f194679ffd1ec31008cbd1dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /ajax/notify
pragma: no-cache
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: offnews.bg
x-requested-with: XMLHttpRequest
:scheme: https
referer: https://offnews.bg/
:method: GET
Accept: */*
Referer: https://offnews.bg/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Aug 2018 13:14:45 GMT
content-encoding: gzip
vary: Accept-Encoding
server: nginx/1.12.2
strict-transport-security: max-age=31536000
content-type: text/html; charset=utf-8
status: 200
cache-control: no-store, no-cache, must-revalidate
set-cookie: PHPSESSID=45almuaif8tpjne5ggkctjilh1; path=/ UA_bf486f3aba4c432632bded0f99a7bd42=false; expires=Fri, 16-Aug-2019 13:14:45 GMT; Max-Age=31536000; path=/; domain=offnews.bg; HttpOnly UA_bf486f3aba4c432632bded0f99a7bd42=false; expires=Fri, 16-Aug-2019 13:14:45 GMT; Max-Age=31536000; path=/; domain=offnews.bg; HttpOnly UA_bf486f3aba4c432632bded0f99a7bd42=false; expires=Fri, 16-Aug-2019 13:14:45 GMT; Max-Age=31536000; path=/; domain=offnews.bg; HttpOnly offmedia_id=6820ebb081797e4d0cd53eb02b4550439428fb4b; expires=Fri, 21-Jul-2023 13:14:45 GMT; Max-Age=155520000; path=/; domain=.offnews.bg UA_bf486f3aba4c432632bded0f99a7bd42=false; expires=Fri, 16-Aug-2019 13:14:45 GMT; Max-Age=31536000; path=/; domain=offnews.bg; HttpOnly UA_bf486f3aba4c432632bded0f99a7bd42=false; expires=Fri, 16-Aug-2019 13:14:45 GMT; Max-Age=31536000; path=/; domain=offnews.bg; HttpOnly
x-robots-tag: noindex,nofollow
expires: Thu, 19 Nov 1981 08:52:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: eflcdgjbimnnhfkbgipdofbiofnhnjbc
URL: chrome-extension://eflcdgjbimnnhfkbgipdofbiofnhnjbc/icon48.png

Verdicts & Comments Add Verdict or Comment

88 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.rtb-cdn.net/	1970-01-22 09:54:04	Name: c_imp Value: m940bmu-pdk24i-7lyux
			.doubleclick.net/	1970-01-19 03:35:21	Name: IDE Value: AHWqTUnhJLyUzx2Dj3SqsvLlF54SRX1jSs52CJU3KE6U0v__bITZfFgHqjLUt1sb

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
eflcdgjbimnnhfkbgipdofbiofnhnjbc
fonts.googleapis.com
fonts.gstatic.com
gabg.hit.gemius.pl
googleads.g.doubleclick.net
i.ctnsnet.com
i2.offnews.bg
id.offmedia.bg
offnews.bg
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
stats.g.doubleclick.net
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagservices.com
eflcdgjbimnnhfkbgipdofbiofnhnjbc
109.121.152.10
109.121.152.11
141.170.25.54
172.217.18.2
2a00:1450:4001:806::2002
2a00:1450:4001:80b::2003
2a00:1450:4001:814::2002
2a00:1450:4001:815::2002
2a00:1450:4001:821::2001
2a00:1450:4001:821::2003
2a00:1450:4001:821::2004
2a00:1450:4001:821::200a
2a00:1450:4001:821::200e
2a00:1450:400c:c0c::9b
78.128.6.41
009bf476b7eb626675d70bbbe08d16f2eea573985b28855185d73a9a71bd33f4
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
0c358c47158e1c40e08ca8109b2552a4a1d10ff154bd5f374689cf833c90a77d
1035a0a3f4b531c4e421fe1eb817a86871a2338465319066d8f48ea597f3b716
11f18af740f9727666190b83a8999d30ade3421e0148bf1b1586eaaad25dd781
1be216dbc059d96e288b0c1f399a1a80ee8c65e4c1272dbc4574bd6d23cf45d9
1f6c32db6992f728c58d373816280c9f0b1d5151a002749800ff57897fea5f37
27cb03c797ed23db1a1480a0facb4d77d49fb43f94bbfa1b0d9fa82e8ada7a12
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2fb896d59ab96b495498601fb1a0b126b53057ac7583e9ad13b319a3e532a943
2fc19d62cde8d16a5a60919fbd004182502e39c76e8b21c6ec6c4ec02f854b53
3023daaaeec5b5162e5a500688f82bb4074882240c0dfb2e196843c6c14c8217
35ad731fc229d48a3b77069787ecf87ae24cb923f194679ffd1ec31008cbd1dd
361855a771b05b569b3306a96db9d5872601e3c099c7150ccaa8331be4ab9b3a
374e498dcfc4d2676a65f4eaf6b6308f4a25f0f452c758272259fe121045d872
396f05f21a5bb5d84a40811b2f60d67f609659636efcf1f33fa21b99331cc486
3fab1c883847e4b5a02f3749a9f4d9eab15cd4765873d3b2904a1a4c8755fba3
41720926981ffb6dc229f06fc0bbf0f43e45ba032d126726ebee481c2a6559e2
4352380f92ce7f9a4a4a23306b992bed10055dbfffe90987cc72083e583fc280
4818fe5365ab985f60eae5f78159fabccd1fd2cf21e9261e5df59cd5cdc1bf0a
48a8dfcf73591fb7c90fd3a947e42548180e5b13209464f074a03dbaedccee09
4d436738d4ad28c1f8f6eb1af82429c8850c7aeadce9bbef2175afad628fdec4
51112a361ca8ad55cffb797d4fcfa06911877578b57cb7bf36cbd28d7cccb4a9
527a1fb388b386a55c877be6827dc0fbac291a9f28b208c77739bb4bdb07246b
596e20e3b38ab9c67193ab2550586089c09492f06aa24e94ef96af7a0bd24569
6082aa2f5aab855120cd58f560f58975579097c484d23cc7854977a529f91bc4
61cabe0eafec5a1bd36a2788cc4125f8c0c397a05e2db1173e12a3ea6bc2a8a1
6207023c7d3e70ab48eba012958119c8bea8e524579519aaf38b3d29e71f3162
64d880920a84657acdd9b6b19cd4ec61b0ecae5e72b99755078b670c2ee9ba9e
6b4e71b7bcd2c5ce73209688a7e93cd29899e00d3d8f52393c378e15c460211b
7545c214e345e93037ba6ec786ca8e721c19c4a02160ababcad5a2d9e52443c0
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7e7fa886d5d75c745d95be4fc3c5bfb4c988019b3f643c669734612345e1b8c8
7ede0e916fe87a66892d2c8289f66abcdb66d4e31260bd4c4e604c43242b6b9e
7ff293380173d4c1c189cf533a4bcc1ed610f5147172a0b1173a4f105ede7aa4
809082c3b6bbfbee289825469e6bc7b3442b26cc98060ff0a1a38c723b59f472
809442bfcd244fe53f489b5b16621f6093070fd1224ff5bccf0ae341463cc1c6
832e2941d281b6901a48f6daaac7ada761563a8acab03b765b399c6b8a4eab18
83531670b74a6155f431440f721d975333927d4607c31ebf9ff0ce88785815ca
8867e218a418a8c389c0dc2291c72ea117ecd6c3e27b54297052581c7a878c20
8c055f4fc89b73bc480ac07d607782cb3482fc98cbec6f89135ff76ce5512280
8ceab223924e4dfbe712434291242b747382f08f523d341ef39b8bfad7858d6d
8df81f73cebc1957659b43523d3ae93b9a98c60581376407d206b702784e1c8b
907b2a46e4b41d621d52f707ac59fc7485e0e5986f6fa68cc367549639896777
929784212a0b115fcf4ef00a70f62b62c50c1ebf1e2e13dc83c517d063fc68a0
99714cc376cacfc97478a8322621fb041d2abc0b8998e162f0b2e333c1ec550a
9cce1684b725dd214b8305f2b3355d7d9d788fe2d552acc0bbecfc48630cfcfa
a631d0708a2b6548658cb17dab51c7f19d3bafe852b8dc86f9d88171e682ff2d
ab8fe6c661b1123415c3022aa78a912401126248822c1a7a0fc8239bb8174734
acf2bba212d8b8e80e26d785306f376b5fd56568bf56d9e58b92a6c39cebb0b9
b36e6d0857df7b31d9789ab733956b6f74f14d2588430a56ab14673989a708e7
b5a038e9538a31956b6d4a02bcc4ecfd670a3361c45fda7da6579fd503b194d7
ba5d4d5d32752dd9cc53fe1a2a61bd881e9866d1330972c408d83f71e4632d76
bfdbe97c3304ea95b28cc38b04f62f437166b5d991ffaa0105fb7582b48f76fb
cab70fcfac170819a95b4cb8cdd87d33ea685910b9fc746855fe4c9d9de57e58
cbad2a87102d6c4f6f9e44fb8ced8a3d0f864f39c6879f68ef7c6e3895bc49df
ce1a716b733c114157c17ecec1fea868939f54f9730771be41286436050e45bf
d03f08f9f336dada487ebe6fea9b0c7bfc3091412ca495356b473ef28995d792
d5d5d3554d02a39bbb4aedb0c58cdd33f5223a13999a176d79d428de7c8cf335
d8a6e560cb52fab208ffc0efd5bd164e490d749c2d1bb2484ce4f0dfd23a22c3
d9ad3cfa8e5cd50af70f20a98ac62bc882cc1bebc7eea2cfdcfafdd3b2f72a19
e09027f694d22ec32281bfe932c408b15b9954122eccace8bd4ea87c5e4745c2
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e87e3df82839e09de6f4ce0833f50d7eb1214bbe64bf698861b320ce967e0eb1
eee7e3d22e7a73a9b511baf11c3af960110eab78a54f09bd246205546b9b659a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efffb0666b31072c8e25feeff74e7938121e2be919f74c6f7fe0a4fd83b2cc13
f3e5c6c3d307b1bb799847224aaa58828b9299bb9e52eb7bd12e6f1d97cdae32
f954227521309bfe4a93dd90b2536d4e6903a792d3480cfa9096a3db377396f2
fcc42bf7dc475811434e9b52f225a6a03e5205a76ec237357d481268e65b14ef
feb22d44d71a7471fffd98bcf85a96267fa5a6442ff6b9f243012c4a57c1a4fd
ffeed1b224c05b3f48fab6d4a094604c43c10d999c5ee575608a8e57de2435fc

offnews.bg Open in urlscan Pro 109.121.152.10 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

91 Requests

99 %HTTPS

67 %IPv6

13 Domains

19 Subdomains

14 IPs

4 Countries

1092 kBTransfer

2359 kBSize

2 Cookies

13 Outgoing links

Page URL History

Redirected requests

91 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

offnews.bg Open in urlscan Pro
109.121.152.10 Public Scan

Screenshot
Live screenshot

Full Image

91
Requests

99 %
HTTPS

67 %
IPv6

13
Domains

19
Subdomains

14
IPs

4
Countries

1092 kB
Transfer

2359 kB
Size

2
Cookies

91 HTTP transactions
2 data transactions