urlscan.io logo urlscan.io
SecurityTrails logo

newage.bg Open in urlscan Pro
164.138.217.72  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://aura.newage.bg/
Effective URL: https://newage.bg/
Submission: On June 22 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 3 countries across 5 domains to perform 25 HTTP transactions. The main IP is 164.138.217.72, located in Bulgaria and belongs to SUPERHOSTING_AS, BG. The main domain is newage.bg.
TLS certificate: Issued by cPanel, Inc. Certification Authority on April 29th 2024. Valid for: 3 months.
This is the only time newage.bg was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 23 164.138.217.72 201200 (SUPERHOST...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2001:4860:480... 15169 (GOOGLE)
1 2a03:2880:f08... 32934 (FACEBOOK)
25 4
23    164.138.217.72 (Bulgaria)

ASN201200 (SUPERHOSTING_AS, BG)
PTR: vpsxouaz.superdnsserver.net
aura.newage.bg
newage.bg
cb.valivalcommerce.com
1    2a00:1450:4001:80e::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
1    2a03:2880:f084:105:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
Apex Domain
Subdomains		 Transfer
21 newage.bg
aura.newage.bg
newage.bg
527 KB
2 valivalcommerce.com
cb.valivalcommerce.com
11 KB
1 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 204
59 KB
1 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2355
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 81
100 KB
25 5
Domain Requested by
20 newage.bg newage.bg
2 cb.valivalcommerce.com newage.bg
cb.valivalcommerce.com
1 connect.facebook.net newage.bg
1 region1.google-analytics.com www.googletagmanager.com
1 www.googletagmanager.com newage.bg
1 aura.newage.bg 1 redirects
25 6
Subject Issuer Validity Valid
newage.bg
cPanel, Inc. Certification Authority		 2024-04-29 -
2024-07-28		 3 months crt.sh
cb.valivalcommerce.com
cPanel, Inc. Certification Authority		 2024-05-07 -
2024-08-05		 3 months crt.sh
*.google-analytics.com
WR2		 2024-06-03 -
2024-08-26		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-03-31 -
2024-06-29		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://newage.bg/
Frame ID: 5233617699DAE15122788E539A575844
Requests: 25 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Портал за Новата Епоха

Page URL History Show full URLs

  1. https://aura.newage.bg/ HTTP 301
    https://newage.bg/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Page Statistics

25
Requests

100 %
HTTPS

75 %
IPv6

5
Domains

6
Subdomains

4
IPs

3
Countries

696 kB
Transfer

2024 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://aura.newage.bg/ HTTP 301
    https://newage.bg/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

25 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
newage.bg/
Redirect Chain
  • https://aura.newage.bg/
  • https://newage.bg/
132 KB
37 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://newage.bg/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
164.138.217.72 , Bulgaria, ASN201200 (SUPERHOSTING_AS, BG),
Reverse DNS
vpsxouaz.superdnsserver.net
Software
Apache /
Resource Hash
671a35b8ce720793fbe58e94909eebd4d01644014dfb6eac323cd8efbbbbae50
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'; upgrade-insecure-requests; default-src 'self' https: data: http://adsys.insert.bg; script-src 'self' https: 'unsafe-inline' 'unsafe-eval' data: blob: 'report-sample' www.glami.bg glamipixel.com; script-src-elem 'self' 'unsafe-inline' https: data:; style-src 'self' https: 'unsafe-inline'; img-src * data: blob:; base-uri 'self' www.glami.bg glamipixel.com; object-src 'self' blob:; connect-src 'self' https: wss: http://localhost:8001; report-uri /csp_log.php
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

cache-control
no-store, no-cache, must-revalidate max-age=86400, no-cache, no-store, must-revalidate
content-encoding
gzip
content-length
37241
content-security-policy
frame-ancestors 'self'; upgrade-insecure-requests; default-src 'self' https: data: http://adsys.insert.bg; script-src 'self' https: 'unsafe-inline' 'unsafe-eval' data: blob: 'report-sample' www.glami.bg glamipixel.com; script-src-elem 'self' 'unsafe-inline' https: data:; style-src 'self' https: 'unsafe-inline'; img-src * data: blob:; base-uri 'self' www.glami.bg glamipixel.com; object-src 'self' blob:; connect-src 'self' https: wss: http://localhost:8001; report-uri /csp_log.php
content-type
text/html; charset=UTF-8
date
Sat, 22 Jun 2024 17:05:30 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
permissions-policy
microphone=(), camera=()
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
Apache
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block

Redirect headers

cache-control
no-store, no-cache, must-revalidate max-age=86400, no-cache, no-store, must-revalidate
content-length
0
content-security-policy
frame-ancestors 'self'; upgrade-insecure-requests; default-src 'self' https: data: http://adsys.insert.bg; script-src 'self' https: 'unsafe-inline' 'unsafe-eval' data: blob: 'report-sample' www.glami.bg glamipixel.com; script-src-elem 'self' 'unsafe-inline' https: data:; style-src 'self' https: 'unsafe-inline'; img-src * data: blob:; base-uri 'self' www.glami.bg glamipixel.com; object-src 'self' blob:; connect-src 'self' https: wss: http://localhost:8001; report-uri /csp_log.php
content-type
text/html; charset=UTF-8
date
Sat, 22 Jun 2024 17:05:30 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
location
https://newage.bg/
permissions-policy
microphone=(), camera=()
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
Apache
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
montserrat_latin.woff2
newage.bg/fonts/ 		32 KB
32 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://newage.bg/fonts/montserrat_latin.woff2
Requested by
Host: newage.bg
URL: https://newage.bg/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
164.138.217.72 , Bulgaria, ASN201200 (SUPERHOSTING_AS, BG),
Reverse DNS
vpsxouaz.superdnsserver.net
Software
Apache /
Resource Hash
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'; upgrade-insecure-requests; default-src 'self' https: data: http://adsys.insert.bg; script-src 'self' https: 'unsafe-inline' 'unsafe-eval' data: blob: 'report-sample' www.glami.bg glamipixel.com; script-src-elem 'self' 'unsafe-inline' https: data:; style-src 'self' https: 'unsafe-inline'; img-src * data: blob:; base-uri 'self' www.glami.bg glamipixel.com; object-src 'self' blob:; connect-src 'self' https: wss: http://localhost:8001; report-uri /csp_log.php
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://newage.bg/
Origin
https://newage.bg
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
frame-ancestors 'self'; upgrade-insecure-requests; default-src 'self' https: data: http://adsys.insert.bg; script-src 'self' https: 'unsafe-inline' 'unsafe-eval' data: blob: 'report-sample' www.glami.bg glamipixel.com; script-src-elem 'self' 'unsafe-inline' https: data:; style-src 'self' https: 'unsafe-inline'; img-src * data: blob:; base-uri 'self' www.glami.bg glamipixel.com; object-src 'self' blob:; connect-src 'self' https: wss: http://localhost:8001; report-uri /csp_log.php
x-content-type-options
nosniff
date
Sat, 22 Jun 2024 17:05:30 GMT
content-length
33092
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 21 May 2024 10:45:36 GMT
server
Apache
x-frame-options
SAMEORIGIN
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=604800, public
permissions-policy
microphone=(), camera=()
accept-ranges
bytes
expires
Sat, 29 Jun 2024 17:05:30 GMT
montserrat_cyrillic.woff2
newage.bg/fonts/ 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://newage.bg/fonts/montserrat_cyrillic.woff2
Requested by
Host: newage.bg
URL: https://newage.bg/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
164.138.217.72 , Bulgaria, ASN201200 (SUPERHOSTING_AS, BG),
Reverse DNS
vpsxouaz.superdnsserver.net
Software
Apache /
Resource Hash
637f545351fbed7e7207fdf36e1381b0860f12fffde46a6fa43bdafcc7a05758
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'; upgrade-insecure-requests; default-src 'self' https: data: http://adsys.insert.bg; script-src 'self' https: 'unsafe-inline' 'unsafe-eval' data: blob: 'report-sample' www.glami.bg glamipixel.com; script-src-elem 'self' 'unsafe-inline' https: data:; style-src 'self' https: 'unsafe-inline'; img-src * data: blob:; base-uri 'self' www.glami.bg glamipixel.com; object-src 'self' blob:; connect-src 'self' https: wss: http://localhost:8001; report-uri /csp_log.php
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://newage.bg/
Origin
https://newage.bg
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
frame-ancestors 'self'; upgrade-insecure-requests; default-src 'self' https: data: http://adsys.insert.bg; script-src 'self' https: 'unsafe-inline' 'unsafe-eval' data: blob: 'report-sample' www.glami.bg glamipixel.com; script-src-elem 'self' 'unsafe-inline' https: data:; style-src 'self' https: 'unsafe-inline'; img-src * data: blob:; base-uri 'self' www.glami.bg glamipixel.com; object-src 'self' blob:; connect-src 'self' https: wss: http://localhost:8001; report-uri /csp_log.php
x-content-type-options
nosniff
date
Sat, 22 Jun 2024 17:05:30 GMT
content-length
21288
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 21 May 2024 10:45:36 GMT
server
Apache
x-frame-options
SAMEORIGIN
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=604800, public
permissions-policy
microphone=(), camera=()
accept-ranges
bytes
expires
Sat, 29 Jun 2024 17:05:30 GMT
vendor.464.css
newage.bg/themes/newage/ 		11 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://newage.bg/themes/newage/vendor.464.css
Requested by
Host: newage.bg
URL: https://newage.bg/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
164.138.217.72 , Bulgaria, ASN201200 (SUPERHOSTING_AS, BG),
Reverse DNS
vpsxouaz.superdnsserver.net
Software
Apache /
Resource Hash
688ab61774a2d4aa97e8c6d0cd57275035038ac8913531aca510fc370575b86a
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'; upgrade-insecure-requests; default-src 'self' https: data: http://adsys.insert.bg; script-src 'self' https: 'unsafe-inline' 'unsafe-eval' data: blob: 'report-sample' www.glami.bg glamipixel.com; script-src-elem 'self' 'unsafe-inline' https: data:; style-src 'self' https: 'unsafe-inline'; img-src * data: blob:; base-uri 'self' www.glami.bg glamipixel.com; object-src 'self' blob:; connect-src 'self' https: wss: http://localhost:8001; report-uri /csp_log.php
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://newage.bg/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'; upgrade-insecure-requests; default-src 'self' https: data: http://adsys.insert.bg; script-src 'self' https: 'unsafe-inline' 'unsafe-eval' data: blob: 'report-sample' www.glami.bg glamipixel.com; script-src-elem 'self' 'unsafe-inline' https: data:; style-src 'self' https: 'unsafe-inline'; img-src * data: blob:; base-uri 'self' www.glami.bg glamipixel.com; object-src 'self' blob:; connect-src 'self' https: wss: http://localhost:8001; report-uri /csp_log.php
date
Sat, 22 Jun 2024 17:05:30 GMT
content-length
3518
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 11 Apr 2023 11:48:49 GMT
server
Apache
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
max-age=604800, public
permissions-policy
microphone=(), camera=()
accept-ranges
bytes
expires
Sat, 29 Jun 2024 17:05:30 GMT
main.464.css
newage.bg/themes/newage/ 		495 KB
62 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://newage.bg/themes/newage/main.464.css
Requested by
Host: newage.bg
URL: https://newage.bg/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
164.138.217.72 , Bulgaria, ASN201200 (SUPERHOSTING_AS, BG),
Reverse DNS
vpsxouaz.superdnsserver.net
Software
Apache /
Resource Hash
a2649e6a04300bb91b2576b1d6c80af63617d9eb9c644437c7500132cc59654a
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'; upgrade-insecure-requests; default-src 'self' https: data: http://adsys.insert.bg; script-src 'self' https: 'unsafe-inline' 'unsafe-eval' data: blob: 'report-sample' www.glami.bg glamipixel.com; script-src-elem 'self' 'unsafe-inline' https: data:; style-src 'self' https: 'unsafe-inline'; img-src * data: blob:; base-uri 'self' www.glami.bg glamipixel.com; object-src 'self' blob:; connect-src 'self' https: wss: http://localhost:8001; report-uri /csp_log.php
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://newage.bg/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'; upgrade-insecure-requests; default-src 'self' https: data: http://adsys.insert.bg; script-src 'self' https: 'unsafe-inline' 'unsafe-eval' data: blob: 'report-sample' www.glami.bg glamipixel.com; script-src-elem 'self' 'unsafe-inline' https: data:; style-src 'self' https: 'unsafe-inline'; img-src * data: blob:; base-uri 'self' www.glami.bg glamipixel.com; object-src 'self' blob:; connect-src 'self' https: wss: http://localhost:8001; report-uri /csp_log.php
date
Sat, 22 Jun 2024 17:05:30 GMT
content-length
63500
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 19 Jun 2024 12:47:20 GMT
server
Apache
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
max-age=604800, public
permissions-policy
microphone=(), camera=()
accept-ranges
bytes
expires
Sat, 29 Jun 2024 17:05:30 GMT
vendor.464.js
newage.bg/themes/newage/ 		127 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://newage.bg/themes/newage/vendor.464.js
Requested by
Host: newage.bg
URL: https://newage.bg/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
164.138.217.72 , Bulgaria, ASN201200 (SUPERHOSTING_AS, BG),
Reverse DNS
vpsxouaz.superdnsserver.net
Software
Apache /
Resource Hash
c926a2de854c064b4bdb086fd9022f8f620bf93f0eefc0a801f5c14daa4ea7cb
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'; upgrade-insecure-requests; default-src 'self' https: data: http://adsys.insert.bg; script-src 'self' https: 'unsafe-inline' 'unsafe-eval' data: blob: 'report-sample' www.glami.bg glamipixel.com; script-src-elem 'self' 'unsafe-inline' https: data:; style-src 'self' https: 'unsafe-inline'; img-src * data: blob:; base-uri 'self' www.glami.bg glamipixel.com; object-src 'self' blob:; connect-src 'self' https: wss: http://localhost:8001; report-uri /csp_log.php
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://newage.bg/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'; upgrade-insecure-requests; default-src 'self' https: data: http://adsys.insert.bg; script-src 'self' https: 'unsafe-inline' 'unsafe-eval' data: blob: 'report-sample' www.glami.bg glamipixel.com; script-src-elem 'self' 'unsafe-inline' https: data:; style-src 'self' https: 'unsafe-inline'; img-src * data: blob:; base-uri 'self' www.glami.bg glamipixel.com; object-src 'self' blob:; connect-src 'self' https: wss: http://localhost:8001; report-uri /csp_log.php
date
Sat, 22 Jun 2024 17:05:30 GMT
content-length
46273
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 11 Apr 2023 11:48:50 GMT
server
Apache
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=604800, public
permissions-policy
microphone=(), camera=()
accept-ranges
bytes
expires
Sat, 29 Jun 2024 17:05:30 GMT
main.464.js
newage.bg/themes/newage/ 		156 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://newage.bg/themes/newage/main.464.js
Requested by
Host: newage.bg
URL: https://newage.bg/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
164.138.217.72 , Bulgaria, ASN201200 (SUPERHOSTING_AS, BG),
Reverse DNS
vpsxouaz.superdnsserver.net
Software
Apache /
Resource Hash
342d52a267270798b405a8fed9d063ded6adff2c234d8f5aa0796a09b7986274
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'; upgrade-insecure-requests; default-src 'self' https: data: http://adsys.insert.bg; script-src 'self' https: 'unsafe-inline' 'unsafe-eval' data: blob: 'report-sample' www.glami.bg glamipixel.com; script-src-elem 'self' 'unsafe-inline' https: data:; style-src 'self' https: 'unsafe-inline'; img-src * data: blob:; base-uri 'self' www.glami.bg glamipixel.com; object-src 'self' blob:; connect-src 'self' https: wss: http://localhost:8001; report-uri /csp_log.php
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://newage.bg/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'; upgrade-insecure-requests; default-src 'self' https: data: http://adsys.insert.bg; script-src 'self' https: 'unsafe-inline' 'unsafe-eval' data: blob: 'report-sample' www.glami.bg glamipixel.com; script-src-elem 'self' 'unsafe-inline' https: data:; style-src 'self' https: 'unsafe-inline'; img-src * data: blob:; base-uri 'self' www.glami.bg glamipixel.com; object-src 'self' blob:; connect-src 'self' https: wss: http://localhost:8001; report-uri /csp_log.php
date
Sat, 22 Jun 2024 17:05:30 GMT
content-length
38127
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 19 Jun 2024 12:47:20 GMT
server
Apache
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=604800, public
permissions-policy
microphone=(), camera=()
accept-ranges
bytes
expires
Sat, 29 Jun 2024 17:05:30 GMT
newage-logo.png
newage.bg/resources/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newage.bg/resources/newage-logo.png
Requested by
Host: newage.bg
URL: https://newage.bg/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
164.138.217.72 , Bulgaria, ASN201200 (SUPERHOSTING_AS, BG),
Reverse DNS
vpsxouaz.superdnsserver.net
Software
Apache /
Resource Hash
2daf2a754c8e9d6c1eacae44a090d3d7d826fd05b34d478784a5ab9e7d427382
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'; upgrade-insecure-requests; default-src 'self' https: data: http://adsys.insert.bg; script-src 'self' https: 'unsafe-inline' 'unsafe-eval' data: blob: 'report-sample' www.glami.bg glamipixel.com; script-src-elem 'self' 'unsafe-inline' https: data:; style-src 'self' https: 'unsafe-inline'; img-src * data: blob:; base-uri 'self' www.glami.bg glamipixel.com; object-src 'self' blob:; connect-src 'self' https: wss: http://localhost:8001; report-uri /csp_log.php
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://newage.bg/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
frame-ancestors 'self'; upgrade-insecure-requests; default-src 'self' https: data: http://adsys.insert.bg; script-src 'self' https: 'unsafe-inline' 'unsafe-eval' data: blob: 'report-sample' www.glami.bg glamipixel.com; script-src-elem 'self' 'unsafe-inline' https: data:; style-src 'self' https: 'unsafe-inline'; img-src * data: blob:; base-uri 'self' www.glami.bg glamipixel.com; object-src 'self' blob:; connect-src 'self' https: wss: http://localhost:8001; report-uri /csp_log.php
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 09 Nov 2022 11:50:23 GMT
server
Apache
date
Sat, 22 Jun 2024 17:05:31 GMT
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
max-age=604800, public
permissions-policy
microphone=(), camera=()
accept-ranges
bytes
content-length
3139
x-xss-protection
1; mode=block
expires
Sat, 29 Jun 2024 17:05:31 GMT
transp.png
newage.bg/themes/newage/images/ 		68 B
137 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newage.bg/themes/newage/images/transp.png
Requested by
Host: newage.bg
URL: https://newage.bg/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
164.138.217.72 , Bulgaria, ASN201200 (SUPERHOSTING_AS, BG),
Reverse DNS
vpsxouaz.superdnsserver.net
Software
Apache /
Resource Hash
8a8a6d6325c5391079a56dc9a9185ef79618a784232a529db8b9809d3260e4cb
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'; upgrade-insecure-requests; default-src 'self' https: data: http://adsys.insert.bg; script-src 'self' https: 'unsafe-inline' 'unsafe-eval' data: blob: 'report-sample' www.glami.bg glamipixel.com; script-src-elem 'self' 'unsafe-inline' https: data:; style-src 'self' https: 'unsafe-inline'; img-src * data: blob:; base-uri 'self' www.glami.bg glamipixel.com; object-src 'self' blob:; connect-src 'self' https: wss: http://localhost:8001; report-uri /csp_log.php
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://newage.bg/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
frame-ancestors 'self'; upgrade-insecure-requests; default-src 'self' https: data: http://adsys.insert.bg; script-src 'self' https: 'unsafe-inline' 'unsafe-eval' data: blob: 'report-sample' www.glami.bg glamipixel.com; script-src-elem 'self' 'unsafe-inline' https: data:; style-src 'self' https: 'unsafe-inline'; img-src * data: blob:; base-uri 'self' www.glami.bg glamipixel.com; object-src 'self' blob:; connect-src 'self' https: wss: http://localhost:8001; report-uri /csp_log.php
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 01 Jul 2021 13:22:42 GMT
server
Apache
date
Sat, 22 Jun 2024 17:05:30 GMT
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
max-age=604800, public
permissions-policy
microphone=(), camera=()
accept-ranges
bytes
content-length
68
x-xss-protection
1; mode=block
expires
Sat, 29 Jun 2024 17:05:30 GMT
cb.js
cb.valivalcommerce.com/dist/ 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cb.valivalcommerce.com/dist/cb.js?version=1719075930
Requested by
Host: newage.bg
URL: https://newage.bg/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
164.138.217.72 , Bulgaria, ASN201200 (SUPERHOSTING_AS, BG),
Reverse DNS
vpsxouaz.superdnsserver.net
Software
Apache /
Resource Hash
1e46f9bd40a1b683a6b4ae2d1f77f2c8f08a453bf0afb8e063b10b03585c5a35
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://newage.bg/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 17:05:31 GMT
content-encoding
gzip
last-modified
Fri, 26 Apr 2024 06:53:26 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2160000, private
accept-ranges
bytes
content-length
2282
x-xss-protection
1; mode=block
expires
Mon, 22 Jul 2024 17:05:31 GMT
js
www.googletagmanager.com/gtag/ 		291 KB
100 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-MZB2VJW7ZE
Requested by
Host: newage.bg
URL: https://newage.bg/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
3894324e0bf3b003f1eef58ed5d6d55f1d05a6c9d9eae5a772698cd8b2a6d997
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://newage.bg/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 17:05:31 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
102013
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 22 Jun 2024 17:05:31 GMT
loading.svg
newage.bg/themes/newage/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newage.bg/themes/newage/images/loading.svg
Requested by
Host: newage.bg
URL: https://newage.bg/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
164.138.217.72 , Bulgaria, ASN201200 (SUPERHOSTING_AS, BG),
Reverse DNS
vpsxouaz.superdnsserver.net
Software
Apache /
Resource Hash
3c7603b81a1c197104d62df0bd0e36be7c2b3b68cbd5127b91a9568f3240bd08
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'; upgrade-insecure-requests; default-src 'self' https: data: http://adsys.insert.bg; script-src 'self' https: 'unsafe-inline' 'unsafe-eval' data: blob: 'report-sample' www.glami.bg glamipixel.com; script-src-elem 'self' 'unsafe-inline' https: data:; style-src 'self' https: 'unsafe-inline'; img-src * data: blob:; base-uri 'self' www.glami.bg glamipixel.com; object-src 'self' blob:; connect-src 'self' https: wss: http://localhost:8001; report-uri /csp_log.php
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://newage.bg/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
frame-ancestors 'self'; upgrade-insecure-requests; default-src 'self' https: data: http://adsys.insert.bg; script-src 'self' https: 'unsafe-inline' 'unsafe-eval' data: blob: 'report-sample' www.glami.bg glamipixel.com; script-src-elem 'self' 'unsafe-inline' https: data:; style-src 'self' https: 'unsafe-inline'; img-src * data: blob:; base-uri 'self' www.glami.bg glamipixel.com; object-src 'self' blob:; connect-src 'self' https: wss: http://localhost:8001; report-uri /csp_log.php
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 25 Aug 2021 06:56:08 GMT
server
Apache
date
Sat, 22 Jun 2024 17:05:31 GMT
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
cache-control
max-age=604800, public
permissions-policy
microphone=(), camera=()
accept-ranges
bytes
content-length
4253
x-xss-protection
1; mode=block
expires
Sat, 29 Jun 2024 17:05:31 GMT
cart
newage.bg/ 		799 B
395 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://newage.bg/cart
Requested by
Host: newage.bg
URL: https://newage.bg/themes/newage/vendor.464.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
164.138.217.72 , Bulgaria, ASN201200 (SUPERHOSTING_AS, BG),
Reverse DNS
vpsxouaz.superdnsserver.net
Software
Apache /
Resource Hash
9aeb6526d2db6540501f487c8318557c7aa4f1ffa84a249088b174517216bf75
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'; upgrade-insecure-requests; default-src 'self' https: data: http://adsys.insert.bg; script-src 'self' https: 'unsafe-inline' 'unsafe-eval' data: blob: 'report-sample' www.glami.bg glamipixel.com; script-src-elem 'self' 'unsafe-inline' https: data:; style-src 'self' https: 'unsafe-inline'; img-src * data: blob:; base-uri 'self' www.glami.bg glamipixel.com; object-src 'self' blob:; connect-src 'self' https: wss: http://localhost:8001; report-uri /csp_log.php
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8
Accept
application/json, text/javascript, */*; q=0.01
Referer
https://newage.bg/
X-Requested-With
XMLHttpRequest
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'; upgrade-insecure-requests; default-src 'self' https: data: http://adsys.insert.bg; script-src 'self' https: 'unsafe-inline' 'unsafe-eval' data: blob: 'report-sample' www.glami.bg glamipixel.com; script-src-elem 'self' 'unsafe-inline' https: data:; style-src 'self' https: 'unsafe-inline'; img-src * data: blob:; base-uri 'self' www.glami.bg glamipixel.com; object-src 'self' blob:; connect-src 'self' https: wss: http://localhost:8001; report-uri /csp_log.php
date
Sat, 22 Jun 2024 17:05:31 GMT
content-length
354
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
Apache
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
cache-control
no-store, no-cache, must-revalidate, max-age=86400, no-cache, no-store, must-revalidate
permissions-policy
microphone=(), camera=()
expires
Thu, 19 Nov 1981 08:52:00 GMT
getDOM
newage.bg/action/ 		87 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://newage.bg/action/getDOM
Requested by
Host: newage.bg
URL: https://newage.bg/themes/newage/vendor.464.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
164.138.217.72 , Bulgaria, ASN201200 (SUPERHOSTING_AS, BG),
Reverse DNS
vpsxouaz.superdnsserver.net
Software
Apache /
Resource Hash
28e3ea00e21b29b9d1a255b404e149a35a592b28bfed02b9223c99db30181e91
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'; upgrade-insecure-requests; default-src 'self' https: data: http://adsys.insert.bg; script-src 'self' https: 'unsafe-inline' 'unsafe-eval' data: blob: 'report-sample' www.glami.bg glamipixel.com; script-src-elem 'self' 'unsafe-inline' https: data:; style-src 'self' https: 'unsafe-inline'; img-src * data: blob:; base-uri 'self' www.glami.bg glamipixel.com; object-src 'self' blob:; connect-src 'self' https: wss: http://localhost:8001; report-uri /csp_log.php
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8
Accept
*/*
Referer
https://newage.bg/
X-Requested-With
XMLHttpRequest
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'; upgrade-insecure-requests; default-src 'self' https: data: http://adsys.insert.bg; script-src 'self' https: 'unsafe-inline' 'unsafe-eval' data: blob: 'report-sample' www.glami.bg glamipixel.com; script-src-elem 'self' 'unsafe-inline' https: data:; style-src 'self' https: 'unsafe-inline'; img-src * data: blob:; base-uri 'self' www.glami.bg glamipixel.com; object-src 'self' blob:; connect-src 'self' https: wss: http://localhost:8001; report-uri /csp_log.php
date
Sat, 22 Jun 2024 17:05:31 GMT
content-length
4416
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
Apache
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
cache-control
no-store, no-cache, must-revalidate, max-age=86400, no-cache, no-store, must-revalidate
permissions-policy
microphone=(), camera=()
expires
Thu, 19 Nov 1981 08:52:00 GMT
getDOM
newage.bg/action/ 		96 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://newage.bg/action/getDOM
Requested by
Host: newage.bg
URL: https://newage.bg/themes/newage/vendor.464.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
164.138.217.72 , Bulgaria, ASN201200 (SUPERHOSTING_AS, BG),
Reverse DNS
vpsxouaz.superdnsserver.net
Software
Apache /
Resource Hash
33d9f4be93f61a306d97e55fba8a8aceaf0dd4edb4795bd4bb71b0f6e9fa3960
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'; upgrade-insecure-requests; default-src 'self' https: data: http://adsys.insert.bg; script-src 'self' https: 'unsafe-inline' 'unsafe-eval' data: blob: 'report-sample' www.glami.bg glamipixel.com; script-src-elem 'self' 'unsafe-inline' https: data:; style-src 'self' https: 'unsafe-inline'; img-src * data: blob:; base-uri 'self' www.glami.bg glamipixel.com; object-src 'self' blob:; connect-src 'self' https: wss: http://localhost:8001; report-uri /csp_log.php
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8
Accept
*/*
Referer
https://newage.bg/
X-Requested-With
XMLHttpRequest
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'; upgrade-insecure-requests; default-src 'self' https: data: http://adsys.insert.bg; script-src 'self' https: 'unsafe-inline' 'unsafe-eval' data: blob: 'report-sample' www.glami.bg glamipixel.com; script-src-elem 'self' 'unsafe-inline' https: data:; style-src 'self' https: 'unsafe-inline'; img-src * data: blob:; base-uri 'self' www.glami.bg glamipixel.com; object-src 'self' blob:; connect-src 'self' https: wss: http://localhost:8001; report-uri /csp_log.php
date
Sat, 22 Jun 2024 17:05:31 GMT
content-length
4674
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
Apache
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
cache-control
no-store, no-cache, must-revalidate, max-age=86400, no-cache, no-store, must-revalidate
permissions-policy
microphone=(), camera=()
expires
Thu, 19 Nov 1981 08:52:00 GMT
/
cb.valivalcommerce.com/cookies/consent/ 		70 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cb.valivalcommerce.com/cookies/consent/?projectID=MXZwYzlpSmVTUWkyaE9maW8xQ2ZlUT09&language=bg&jsonp=vvCookiebotDraw
Requested by
Host: cb.valivalcommerce.com
URL: https://cb.valivalcommerce.com/dist/cb.js?version=1719075930
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
164.138.217.72 , Bulgaria, ASN201200 (SUPERHOSTING_AS, BG),
Reverse DNS
vpsxouaz.superdnsserver.net
Software
Apache /
Resource Hash
a5fa5e9a86a34d9f2213f688e0102332167a9a7b66861fdc438cb13c9c4dc8a0
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://newage.bg/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 22 Jun 2024 17:05:31 GMT
content-encoding
gzip
server
Apache
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=600, private, must-revalidate, post-check=0, pre-check=0, no-store
content-length
8487
x-xss-protection
1; mode=block
expires
Thu, 19 Nov 1981 08:52:00 GMT
collect
region1.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-MZB2VJW7ZE&_ng=1&gtm=45je46j0v9126683484za200&_p=1719075931187&gcs=G100&gcd=13p3p3p2p5&npa=1&dma_cps=-&dma=1&tag_exp=0&cid=678469467.1719075931&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.114%7CGoogle%2520Chrome%3B126.0.6478.114&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=denied&_s=1&sid=1719075931&sct=1&seg=0&dl=https%3A%2F%2Fnewage.bg%2F&dt=%D0%9F%D0%BE%D1%80%D1%82%D0%B0%D0%BB%20%D0%B7%D0%B0%20%D0%9D%D0%BE%D0%B2%D0%B0%D1%82%D0%B0%20%D0%95%D0%BF%D0%BE%D1%85%D0%B0&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&epn.google_ng=1&tfd=1418&_z=fetch
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-MZB2VJW7ZE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://newage.bg/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 22 Jun 2024 17:05:31 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://newage.bg
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
accent-min.jpg
newage.bg/resources/ 		119 KB
119 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newage.bg/resources/accent-min.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
164.138.217.72 , Bulgaria, ASN201200 (SUPERHOSTING_AS, BG),
Reverse DNS
vpsxouaz.superdnsserver.net
Software
Apache /
Resource Hash
ab8a245db21108265c37bcb9f50b4373599071a2a7fc0a36c13889108c6fbec2
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'; upgrade-insecure-requests; default-src 'self' https: data: http://adsys.insert.bg; script-src 'self' https: 'unsafe-inline' 'unsafe-eval' data: blob: 'report-sample' www.glami.bg glamipixel.com; script-src-elem 'self' 'unsafe-inline' https: data:; style-src 'self' https: 'unsafe-inline'; img-src * data: blob:; base-uri 'self' www.glami.bg glamipixel.com; object-src 'self' blob:; connect-src 'self' https: wss: http://localhost:8001; report-uri /csp_log.php
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://newage.bg/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
frame-ancestors 'self'; upgrade-insecure-requests; default-src 'self' https: data: http://adsys.insert.bg; script-src 'self' https: 'unsafe-inline' 'unsafe-eval' data: blob: 'report-sample' www.glami.bg glamipixel.com; script-src-elem 'self' 'unsafe-inline' https: data:; style-src 'self' https: 'unsafe-inline'; img-src * data: blob:; base-uri 'self' www.glami.bg glamipixel.com; object-src 'self' blob:; connect-src 'self' https: wss: http://localhost:8001; report-uri /csp_log.php
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 28 Jun 2021 13:23:49 GMT
server
Apache
date
Sat, 22 Jun 2024 17:05:31 GMT
x-frame-options
SAMEORIGIN
content-type
image/jpeg
cache-control
max-age=604800, public
permissions-policy
microphone=(), camera=()
accept-ranges
bytes
content-length
121977
x-xss-protection
1; mode=block
expires
Sat, 29 Jun 2024 17:05:31 GMT
13-accent-05-min.jpg
newage.bg/resources/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newage.bg/resources/13-accent-05-min.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
164.138.217.72 , Bulgaria, ASN201200 (SUPERHOSTING_AS, BG),
Reverse DNS
vpsxouaz.superdnsserver.net
Software
Apache /
Resource Hash
3b703d4405092604227b74db6731679b7318fee0d59fea923f6f3188a7fd5b14
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'; upgrade-insecure-requests; default-src 'self' https: data: http://adsys.insert.bg; script-src 'self' https: 'unsafe-inline' 'unsafe-eval' data: blob: 'report-sample' www.glami.bg glamipixel.com; script-src-elem 'self' 'unsafe-inline' https: data:; style-src 'self' https: 'unsafe-inline'; img-src * data: blob:; base-uri 'self' www.glami.bg glamipixel.com; object-src 'self' blob:; connect-src 'self' https: wss: http://localhost:8001; report-uri /csp_log.php
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://newage.bg/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
frame-ancestors 'self'; upgrade-insecure-requests; default-src 'self' https: data: http://adsys.insert.bg; script-src 'self' https: 'unsafe-inline' 'unsafe-eval' data: blob: 'report-sample' www.glami.bg glamipixel.com; script-src-elem 'self' 'unsafe-inline' https: data:; style-src 'self' https: 'unsafe-inline'; img-src * data: blob:; base-uri 'self' www.glami.bg glamipixel.com; object-src 'self' blob:; connect-src 'self' https: wss: http://localhost:8001; report-uri /csp_log.php
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 28 Jun 2021 13:24:15 GMT
server
Apache
date
Sat, 22 Jun 2024 17:05:31 GMT
x-frame-options
SAMEORIGIN
content-type
image/jpeg
cache-control
max-age=604800, public
permissions-policy
microphone=(), camera=()
accept-ranges
bytes
content-length
26737
x-xss-protection
1; mode=block
expires
Sat, 29 Jun 2024 17:05:31 GMT
13-accent-06-min.jpg
newage.bg/resources/ 		69 KB
69 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newage.bg/resources/13-accent-06-min.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
164.138.217.72 , Bulgaria, ASN201200 (SUPERHOSTING_AS, BG),
Reverse DNS
vpsxouaz.superdnsserver.net
Software
Apache /
Resource Hash
3dc8a4211a3996eac23b69209f32ab25ecff4b4ceba750f48e464fc644e3f6d0
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'; upgrade-insecure-requests; default-src 'self' https: data: http://adsys.insert.bg; script-src 'self' https: 'unsafe-inline' 'unsafe-eval' data: blob: 'report-sample' www.glami.bg glamipixel.com; script-src-elem 'self' 'unsafe-inline' https: data:; style-src 'self' https: 'unsafe-inline'; img-src * data: blob:; base-uri 'self' www.glami.bg glamipixel.com; object-src 'self' blob:; connect-src 'self' https: wss: http://localhost:8001; report-uri /csp_log.php
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://newage.bg/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
frame-ancestors 'self'; upgrade-insecure-requests; default-src 'self' https: data: http://adsys.insert.bg; script-src 'self' https: 'unsafe-inline' 'unsafe-eval' data: blob: 'report-sample' www.glami.bg glamipixel.com; script-src-elem 'self' 'unsafe-inline' https: data:; style-src 'self' https: 'unsafe-inline'; img-src * data: blob:; base-uri 'self' www.glami.bg glamipixel.com; object-src 'self' blob:; connect-src 'self' https: wss: http://localhost:8001; report-uri /csp_log.php
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 28 Jun 2021 13:24:09 GMT
server
Apache
date
Sat, 22 Jun 2024 17:05:31 GMT
x-frame-options
SAMEORIGIN
content-type
image/jpeg
cache-control
max-age=604800, public
permissions-policy
microphone=(), camera=()
accept-ranges
bytes
content-length
70848
x-xss-protection
1; mode=block
expires
Sat, 29 Jun 2024 17:05:31 GMT
13-accent-07-min.jpg
newage.bg/resources/ 		53 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newage.bg/resources/13-accent-07-min.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
164.138.217.72 , Bulgaria, ASN201200 (SUPERHOSTING_AS, BG),
Reverse DNS
vpsxouaz.superdnsserver.net
Software
Apache /
Resource Hash
f7d60459780208c11f24d04d833bfeebe603a2f2240d7c058202c135cfe2b681
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'; upgrade-insecure-requests; default-src 'self' https: data: http://adsys.insert.bg; script-src 'self' https: 'unsafe-inline' 'unsafe-eval' data: blob: 'report-sample' www.glami.bg glamipixel.com; script-src-elem 'self' 'unsafe-inline' https: data:; style-src 'self' https: 'unsafe-inline'; img-src * data: blob:; base-uri 'self' www.glami.bg glamipixel.com; object-src 'self' blob:; connect-src 'self' https: wss: http://localhost:8001; report-uri /csp_log.php
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://newage.bg/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
frame-ancestors 'self'; upgrade-insecure-requests; default-src 'self' https: data: http://adsys.insert.bg; script-src 'self' https: 'unsafe-inline' 'unsafe-eval' data: blob: 'report-sample' www.glami.bg glamipixel.com; script-src-elem 'self' 'unsafe-inline' https: data:; style-src 'self' https: 'unsafe-inline'; img-src * data: blob:; base-uri 'self' www.glami.bg glamipixel.com; object-src 'self' blob:; connect-src 'self' https: wss: http://localhost:8001; report-uri /csp_log.php
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 28 Jun 2021 13:23:59 GMT
server
Apache
date
Sat, 22 Jun 2024 17:05:31 GMT
x-frame-options
SAMEORIGIN
content-type
image/jpeg
cache-control
max-age=604800, public
permissions-policy
microphone=(), camera=()
accept-ranges
bytes
content-length
54775
x-xss-protection
1; mode=block
expires
Sat, 29 Jun 2024 17:05:31 GMT
favicon.ico
newage.bg/resources/ 		1 KB
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://newage.bg/resources/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
164.138.217.72 , Bulgaria, ASN201200 (SUPERHOSTING_AS, BG),
Reverse DNS
vpsxouaz.superdnsserver.net
Software
Apache /
Resource Hash
5882bcb44008491cf94a56db82bf90c02d052bef3cb1fa113178b203eaeac397
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'; upgrade-insecure-requests; default-src 'self' https: data: http://adsys.insert.bg; script-src 'self' https: 'unsafe-inline' 'unsafe-eval' data: blob: 'report-sample' www.glami.bg glamipixel.com; script-src-elem 'self' 'unsafe-inline' https: data:; style-src 'self' https: 'unsafe-inline'; img-src * data: blob:; base-uri 'self' www.glami.bg glamipixel.com; object-src 'self' blob:; connect-src 'self' https: wss: http://localhost:8001; report-uri /csp_log.php
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://newage.bg/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
frame-ancestors 'self'; upgrade-insecure-requests; default-src 'self' https: data: http://adsys.insert.bg; script-src 'self' https: 'unsafe-inline' 'unsafe-eval' data: blob: 'report-sample' www.glami.bg glamipixel.com; script-src-elem 'self' 'unsafe-inline' https: data:; style-src 'self' https: 'unsafe-inline'; img-src * data: blob:; base-uri 'self' www.glami.bg glamipixel.com; object-src 'self' blob:; connect-src 'self' https: wss: http://localhost:8001; report-uri /csp_log.php
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 26 Nov 2020 13:21:09 GMT
server
Apache
date
Sat, 22 Jun 2024 17:05:31 GMT
x-frame-options
SAMEORIGIN
content-type
image/x-icon
cache-control
max-age=604800, public
permissions-policy
microphone=(), camera=()
accept-ranges
bytes
content-length
1150
x-xss-protection
1; mode=block
expires
Sat, 29 Jun 2024 17:05:31 GMT
product.svg
newage.bg/themes/newage/images/ 		617 B
702 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newage.bg/themes/newage/images/product.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
164.138.217.72 , Bulgaria, ASN201200 (SUPERHOSTING_AS, BG),
Reverse DNS
vpsxouaz.superdnsserver.net
Software
Apache /
Resource Hash
1ec0da990ff72542011d055e215383ec337362c2b8182619bb2d97dcd40fb49b
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'; upgrade-insecure-requests; default-src 'self' https: data: http://adsys.insert.bg; script-src 'self' https: 'unsafe-inline' 'unsafe-eval' data: blob: 'report-sample' www.glami.bg glamipixel.com; script-src-elem 'self' 'unsafe-inline' https: data:; style-src 'self' https: 'unsafe-inline'; img-src * data: blob:; base-uri 'self' www.glami.bg glamipixel.com; object-src 'self' blob:; connect-src 'self' https: wss: http://localhost:8001; report-uri /csp_log.php
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://newage.bg/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
frame-ancestors 'self'; upgrade-insecure-requests; default-src 'self' https: data: http://adsys.insert.bg; script-src 'self' https: 'unsafe-inline' 'unsafe-eval' data: blob: 'report-sample' www.glami.bg glamipixel.com; script-src-elem 'self' 'unsafe-inline' https: data:; style-src 'self' https: 'unsafe-inline'; img-src * data: blob:; base-uri 'self' www.glami.bg glamipixel.com; object-src 'self' blob:; connect-src 'self' https: wss: http://localhost:8001; report-uri /csp_log.php
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 01 Jul 2021 13:22:42 GMT
server
Apache
date
Sat, 22 Jun 2024 17:05:33 GMT
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
cache-control
max-age=604800, public
permissions-policy
microphone=(), camera=()
accept-ranges
bytes
content-length
617
x-xss-protection
1; mode=block
expires
Sat, 29 Jun 2024 17:05:33 GMT
product.svg
newage.bg/themes/newage/images/ 		617 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newage.bg/themes/newage/images/product.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
164.138.217.72 , Bulgaria, ASN201200 (SUPERHOSTING_AS, BG),
Reverse DNS
vpsxouaz.superdnsserver.net
Software
Apache /
Resource Hash
1ec0da990ff72542011d055e215383ec337362c2b8182619bb2d97dcd40fb49b
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'; upgrade-insecure-requests; default-src 'self' https: data: http://adsys.insert.bg; script-src 'self' https: 'unsafe-inline' 'unsafe-eval' data: blob: 'report-sample' www.glami.bg glamipixel.com; script-src-elem 'self' 'unsafe-inline' https: data:; style-src 'self' https: 'unsafe-inline'; img-src * data: blob:; base-uri 'self' www.glami.bg glamipixel.com; object-src 'self' blob:; connect-src 'self' https: wss: http://localhost:8001; report-uri /csp_log.php
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://newage.bg/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
frame-ancestors 'self'; upgrade-insecure-requests; default-src 'self' https: data: http://adsys.insert.bg; script-src 'self' https: 'unsafe-inline' 'unsafe-eval' data: blob: 'report-sample' www.glami.bg glamipixel.com; script-src-elem 'self' 'unsafe-inline' https: data:; style-src 'self' https: 'unsafe-inline'; img-src * data: blob:; base-uri 'self' www.glami.bg glamipixel.com; object-src 'self' blob:; connect-src 'self' https: wss: http://localhost:8001; report-uri /csp_log.php
date
Sat, 22 Jun 2024 17:05:33 GMT
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 01 Jul 2021 13:22:42 GMT
server
Apache
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
cache-control
max-age=604800, public
permissions-policy
microphone=(), camera=()
accept-ranges
bytes
content-length
617
x-xss-protection
1; mode=block
expires
Sat, 29 Jun 2024 17:05:33 GMT
fbevents.js
connect.facebook.net/en_US/ 		219 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: newage.bg
URL: https://newage.bg/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
0313b0d078dfe6c7ab517c11404b0c01458469006fbf1a0d4d4c5e90517e54f8
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://newage.bg/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sat, 22 Jun 2024 17:05:34 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
58024
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=39, rtx=0, c=12, mss=1297, tbw=2784, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma
public
x-fb-debug
RmmddudFVKmXDkxQk0UEPY2Kj2qgDdwnVsDhd+qmRr0O/IcBMpXOOl/to3QYz+ZLXALehor+T+wUwsEiLMGKZQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

110 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

undefined| event object| fence object| sharedStorage object| curr object| lang function| tns object| bodyScrollLock function| $ function| jQuery function| lazyload function| LazyLoad boolean| vvCookiebotPending function| gtag object| dataLayer object| gtag_pixel object| eventManager string| dir string| uri number| ww string| theme string| layout object| sliders object| menu object| search object| busy object| checkoutAgreementToggler boolean| resized boolean| fullscreen object| lazy object| ajax object| modalConfig string| urlbase string| fb_app_id function| hideArrowOnInit function| lazyLoadSlides function| hideArrowOnChange function| calcAnimatedSearchDistance function| load_search function| load_rate function| address_tolatlong function| oauth function| facebookLogin function| popupwindow function| compare function| compare_scroll function| getURLParameter function| notif function| ad_flags function| emoticon function| load_tipster function| countdown function| price_rate function| load_lazy function| loadMobileMainmenu function| lazyLoadVideo function| lazyLoadDOM function| intersectLazyDOM function| prepareMediaBlocks function| escapeRegExp function| load_selects function| load_sliders function| resizeSubCategoryHeader function| loadGalleryControlsAnimation function| loadGalleryZoom function| loadImage function| modifiersCombinationsSetter function| getOverrideShippingParams function| sendEcommerce function| load_dropzone function| pageBuilderCategoryWrapper function| toggleAjaxLoader function| ltrim function| getHref function| respond number| width object| $accents function| personalizationsProcess function| personalizationsErrors function| personalizationsPrices object| initialX boolean| galleryLoaded object| galleryImagesLoaded object| cart_scrolled object| lazyContentObserver object| accents function| eventPageViewJobs function| eventForgotPasswordJobs function| eventRegisterJobs function| eventContactJobs function| eventSubscribeJobs function| eventUnsubscribeJobs function| eventViewContentJobs function| eventAddToCartJobs function| eventModifyCartJobs function| eventAddToWishlistJobs function| eventInitiateCheckoutJobs function| eventPurchaseJobs function| eventOpenGalleryJobs function| eventAddCommentJobs function| vvCookiebotDraw function| vvCookiebotSave object| google_tag_manager object| google_tag_data object| gaGlobal object| elementsArr number| tnsId boolean| facebook_conversions_api function| fbq function| _fbq object| facebook_pixel

3 Cookies

Domain/Path Name / Value
aura.newage.bg/ Name: newage
Value: 2697274aff36975aa5014506a4541aa3
newage.bg/ Name: newage
Value: 61609180c8a01eb899208d21b2238c63
.newage.bg/ Name: user_guid_id
Value: 198305

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors 'self'; upgrade-insecure-requests; default-src 'self' https: data: http://adsys.insert.bg; script-src 'self' https: 'unsafe-inline' 'unsafe-eval' data: blob: 'report-sample' www.glami.bg glamipixel.com; script-src-elem 'self' 'unsafe-inline' https: data:; style-src 'self' https: 'unsafe-inline'; img-src * data: blob:; base-uri 'self' www.glami.bg glamipixel.com; object-src 'self' blob:; connect-src 'self' https: wss: http://localhost:8001; report-uri /csp_log.php
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aura.newage.bg
cb.valivalcommerce.com
connect.facebook.net
newage.bg
region1.google-analytics.com
www.googletagmanager.com
164.138.217.72
2001:4860:4802:34::36
2a00:1450:4001:80e::2008
2a03:2880:f084:105:face:b00c:0:3
0313b0d078dfe6c7ab517c11404b0c01458469006fbf1a0d4d4c5e90517e54f8
1e46f9bd40a1b683a6b4ae2d1f77f2c8f08a453bf0afb8e063b10b03585c5a35
1ec0da990ff72542011d055e215383ec337362c2b8182619bb2d97dcd40fb49b
28e3ea00e21b29b9d1a255b404e149a35a592b28bfed02b9223c99db30181e91
2daf2a754c8e9d6c1eacae44a090d3d7d826fd05b34d478784a5ab9e7d427382
33d9f4be93f61a306d97e55fba8a8aceaf0dd4edb4795bd4bb71b0f6e9fa3960
342d52a267270798b405a8fed9d063ded6adff2c234d8f5aa0796a09b7986274
3894324e0bf3b003f1eef58ed5d6d55f1d05a6c9d9eae5a772698cd8b2a6d997
3b703d4405092604227b74db6731679b7318fee0d59fea923f6f3188a7fd5b14
3c7603b81a1c197104d62df0bd0e36be7c2b3b68cbd5127b91a9568f3240bd08
3dc8a4211a3996eac23b69209f32ab25ecff4b4ceba750f48e464fc644e3f6d0
5882bcb44008491cf94a56db82bf90c02d052bef3cb1fa113178b203eaeac397
637f545351fbed7e7207fdf36e1381b0860f12fffde46a6fa43bdafcc7a05758
671a35b8ce720793fbe58e94909eebd4d01644014dfb6eac323cd8efbbbbae50
688ab61774a2d4aa97e8c6d0cd57275035038ac8913531aca510fc370575b86a
8a8a6d6325c5391079a56dc9a9185ef79618a784232a529db8b9809d3260e4cb
9aeb6526d2db6540501f487c8318557c7aa4f1ffa84a249088b174517216bf75
a2649e6a04300bb91b2576b1d6c80af63617d9eb9c644437c7500132cc59654a
a5fa5e9a86a34d9f2213f688e0102332167a9a7b66861fdc438cb13c9c4dc8a0
ab8a245db21108265c37bcb9f50b4373599071a2a7fc0a36c13889108c6fbec2
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
c926a2de854c064b4bdb086fd9022f8f620bf93f0eefc0a801f5c14daa4ea7cb
f7d60459780208c11f24d04d833bfeebe603a2f2240d7c058202c135cfe2b681