novini.dir.bg Open in urlscan Pro
194.145.63.10 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://novini.dir.bg/
Submission Tags: falconsandbox
Submission: On August 15 via api (August 15th 2022, 2:57:01 am UTC) from US — Scanned from DE

Summary HTTP 149 Redirects Links 53 Behaviour Indicators

Summary

This website contacted 30 IPs in 7 countries across 16 domains to perform 149 HTTP transactions. The main IP is 194.145.63.10, located in Sofia, Bulgaria and belongs to DELTA-BG-AS, BG. The main domain is novini.dir.bg.

This is the only time novini.dir.bg was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 5	194.145.63.10 194.145.63.10	197216 (DELTA-BG-AS) (DELTA-BG-AS)
21	194.145.63.18 194.145.63.18	197216 (DELTA-BG-AS) (DELTA-BG-AS)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:2a	20446 (STACKPATH...) (STACKPATH-CDN)
1	2606:4700:20:... 2606:4700:20::681a:fd6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
6	194.145.63.27 194.145.63.27	197216 (DELTA-BG-AS) (DELTA-BG-AS)
20	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
2 3	52.31.22.244 52.31.22.244	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:21f... 2600:9000:21f3:ac00:2:42d9:3100:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
5	142.250.185.162 142.250.185.162	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:802::2001	15169 (GOOGLE) (GOOGLE)
1 4	78.128.6.42 78.128.6.42	31083 (TELEPOINT) (TELEPOINT)
6	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
2	145.239.237.56 145.239.237.56	16276 (OVH) (OVH)
12	2a00:1450:400... 2a00:1450:4001:813::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:806::2004	15169 (GOOGLE) (GOOGLE)
6 8	142.250.184.194 142.250.184.194	15169 (GOOGLE) (GOOGLE)
3 7	104.18.18.126 104.18.18.126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4 6	185.89.210.46 185.89.210.46	29990 (ASN-APPNEX) (ASN-APPNEX)
30	2a00:1450:400... 2a00:1450:4001:831::2006	15169 (GOOGLE) (GOOGLE)
4	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
1 2	34.246.41.28 34.246.41.28	16509 (AMAZON-02) (AMAZON-02)
1	74.125.133.156 74.125.133.156	15169 (GOOGLE) (GOOGLE)
1	2600:9000:21f... 2600:9000:21f3:f200:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
6	2600:1f13:800... 2600:1f13:800:7782:22a8:1ef8:27f2:ceae	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
149	30

5 194.145.63.10 (Sofia, Bulgaria) 1 redirects

ASN197216 (DELTA-BG-AS, BG)
PTR: new.dir.bg

novini.dir.bg	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 194.145.63.18 (Sofia, Bulgaria)

ASN197216 (DELTA-BG-AS, BG)
PTR: i.dirbg.com

i.dir.bg	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:2a (Netherlands)

ASN20446 (STACKPATH-CDN, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:fd6 (United States)

ASN13335 (CLOUDFLARENET, US)

static.dir.bg	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 194.145.63.27 (Sofia, Bulgaria)

ASN197216 (DELTA-BG-AS, BG)
PTR: diri.bg

r.dir.bg	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r5.dir.bg	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.31.22.244 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-31-22-244.eu-west-1.compute.amazonaws.com

secure-it.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:21f3:ac00:2:42d9:3100:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn-gl.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:802::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

bcf79b9b46cd1c6d6f0b39baa0216384.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 78.128.6.42 (Bulgaria) 1 redirects

ASN31083 (TELEPOINT, BG)
PTR: ip-6-42.telehouse.bg

gabg.hit.gemius.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 145.239.237.56 (France)

ASN16276 (OVH, FR)
PTR: ip56.ip-145-239-237.eu

ls.hit.gemius.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:813::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:806::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.250.184.194 (United States) 6 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 104.18.18.126 (None, ) 3 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 185.89.210.46 (Frankfurt am Main, Germany) 4 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

30 2a00:1450:4001:831::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.246.41.28 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-246-41-28.eu-west-1.compute.amazonaws.com

fw.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.125.133.156 (United States)

ASN15169 (GOOGLE, US)
PTR: wo-in-f156.1e100.net

bid.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:21f3:f200:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2600:1f13:800:7782:22a8:1ef8:27f2:ceae (Boardman, United States)

ASN16509 (AMAZON-02, US)

dt.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
35	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 124 bcf79b9b46cd1c6d6f0b39baa0216384.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 160	354 KB
33	dir.bg 1 redirects novini.dir.bg i.dir.bg — Cisco Umbrella Rank: 687121 static.dir.bg — Cisco Umbrella Rank: 382251 r.dir.bg r5.dir.bg	382 KB
30	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 289	996 KB
22	doubleclick.net 6 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 222 googleads.g.doubleclick.net — Cisco Umbrella Rank: 55 cm.g.doubleclick.net — Cisco Umbrella Rank: 208 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 313 bid.g.doubleclick.net — Cisco Umbrella Rank: 473	222 KB
9	adsafeprotected.com 1 redirects fw.adsafeprotected.com — Cisco Umbrella Rank: 801 static.adsafeprotected.com — Cisco Umbrella Rank: 594 dt.adsafeprotected.com — Cisco Umbrella Rank: 538	99 KB
7	casalemedia.com 3 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 530	6 KB
6	adnxs.com 4 redirects ib.adnxs.com — Cisco Umbrella Rank: 238	6 KB
6	gemius.pl 1 redirects gabg.hit.gemius.pl — Cisco Umbrella Rank: 115130 ls.hit.gemius.pl — Cisco Umbrella Rank: 12163	23 KB
5	google.com adservice.google.com — Cisco Umbrella Rank: 98 www.google.com — Cisco Umbrella Rank: 10	1 KB
4	imrworldwide.com 2 redirects secure-it.imrworldwide.com — Cisco Umbrella Rank: 45042 cdn-gl.imrworldwide.com — Cisco Umbrella Rank: 2600	11 KB
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 187	115 KB
2	google.de adservice.google.de — Cisco Umbrella Rank: 8117	914 B
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 52	7 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 231	22 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 862	414 B
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 615	30 KB
149	16

	Domain	Requested by
30	s0.2mdn.net	novini.dir.bg s0.2mdn.net bcf79b9b46cd1c6d6f0b39baa0216384.safeframe.googlesyndication.com
21	i.dir.bg	novini.dir.bg i.dir.bg
20	pagead2.googlesyndication.com	novini.dir.bg pagead2.googlesyndication.com bcf79b9b46cd1c6d6f0b39baa0216384.safeframe.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com fw.adsafeprotected.com www.googletagservices.com s0.2mdn.net securepubads.g.doubleclick.net
12	tpc.googlesyndication.com	bcf79b9b46cd1c6d6f0b39baa0216384.safeframe.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net s0.2mdn.net securepubads.g.doubleclick.net
8	cm.g.doubleclick.net	6 redirects googleads.g.doubleclick.net
7	dsum-sec.casalemedia.com	3 redirects googleads.g.doubleclick.net
6	dt.adsafeprotected.com	bcf79b9b46cd1c6d6f0b39baa0216384.safeframe.googlesyndication.com
6	ib.adnxs.com	4 redirects googleads.g.doubleclick.net
5	googleads.g.doubleclick.net	pagead2.googlesyndication.com bcf79b9b46cd1c6d6f0b39baa0216384.safeframe.googlesyndication.com novini.dir.bg
5	novini.dir.bg	1 redirects novini.dir.bg
4	googleads4.g.doubleclick.net	novini.dir.bg
4	gabg.hit.gemius.pl	1 redirects novini.dir.bg gabg.hit.gemius.pl
4	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net
4	r5.dir.bg	novini.dir.bg
3	www.google.com	bcf79b9b46cd1c6d6f0b39baa0216384.safeframe.googlesyndication.com tpc.googlesyndication.com
3	bcf79b9b46cd1c6d6f0b39baa0216384.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
3	secure-it.imrworldwide.com	2 redirects secure-it.imrworldwide.com
3	www.googletagservices.com	novini.dir.bg bcf79b9b46cd1c6d6f0b39baa0216384.safeframe.googlesyndication.com
2	fw.adsafeprotected.com	1 redirects bcf79b9b46cd1c6d6f0b39baa0216384.safeframe.googlesyndication.com
2	ls.hit.gemius.pl	gabg.hit.gemius.pl ls.hit.gemius.pl
2	adservice.google.com	securepubads.g.doubleclick.net pagead2.googlesyndication.com
2	adservice.google.de	securepubads.g.doubleclick.net pagead2.googlesyndication.com
2	www.google-analytics.com	novini.dir.bg
2	r.dir.bg	novini.dir.bg
1	cdnjs.cloudflare.com	novini.dir.bg
1	static.adsafeprotected.com	bcf79b9b46cd1c6d6f0b39baa0216384.safeframe.googlesyndication.com
1	bid.g.doubleclick.net	bcf79b9b46cd1c6d6f0b39baa0216384.safeframe.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	cdn-gl.imrworldwide.com	novini.dir.bg
1	static.dir.bg	novini.dir.bg
1	code.jquery.com	novini.dir.bg
149	31

This site contains links to these domains. Also see Links.

Domain
dnes.dir.bg
life.dir.bg
corner.dir.bg
business.dir.bg
it.dir.bg
impressio.dir.bg
auto.dir.bg
clubs.dir.bg
zodiac.dir.bg
trip.dir.bg
tv.dir.bg
vremeto.dir.bg
vkusotii.dir.bg
glog.dir.bg
tranzit.dir.bg
dom.dir.bg
urbn.dir.bg
webreport.bg
www.facebook.com
www.linkedin.com
www.instagram.com
twitter.com
www.youtube.com
mail.dir.bg
profile.dir.bg
m.dir.bg
news.dir.bg
dir.bg
video.dir.bg
games.dir.bg
fun.dir.bg
gallery.dir.bg
www.lostbulgaria.com
calendar.dir.bg
greetings.dir.bg
dir.dir.bg
kino.dir.bg
photo.dir.bg
www.vip.dir.bg
direct.dir.bg
banners.dir.bg
pay.dir.bg
vip.dir.bg
catalog.dir.bg

Subject Issuer	Validity	Valid
*.dir.bg Sectigo RSA Domain Validation Secure Server CA	`2021-11-11` - `2022-11-28`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-10-08` - `2022-10-07`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
*.imrworldwide.com DigiCert TLS RSA SHA256 2020 CA1	`2022-01-04` - `2023-02-03`	a year	crt.sh
*.hit.gemius.pl Sectigo ECC Domain Validation Secure Server CA	`2021-09-08` - `2022-09-25`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
fw.adsafeprotected.com Amazon	`2022-04-28` - `2023-05-27`	a year	crt.sh
static.adsafeprotected.com Amazon	`2022-08-06` - `2023-09-04`	a year	crt.sh
dt.adsafeprotected.com Amazon	`2021-11-19` - `2022-12-18`	a year	crt.sh

This page contains 18 frames:

Primary Page: http://novini.dir.bg/
Frame ID: 5E8D8AE1E6E4564CE4DA769857C44EB4
Requests: 54 HTTP requests in this frame

Frame: https://bcf79b9b46cd1c6d6f0b39baa0216384.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: A96A2270884AE9D2BB8497042DC5A029
Requests: 1 HTTP requests in this frame

Frame: https://secure-it.imrworldwide.com/storageframe.html
Frame ID: B1B805259CB7287316E3D3D653178520
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6608147249443972&output=html&h=250&slotname=2398436569&adk=3549003101&adf=2891041743&pi=t.ma~as.2398436569&w=300&lmt=1660502782&url=http%3A%2F%2Fnovini.dir.bg%2F&wgl=1&dt=1660532215788&bpp=10&bdt=869&idt=176&shv=r20220810&mjsv=m202208090101&ptt=5&saldr=sa&abxe=1&correlator=5398087810287&frm=20&pv=2&ga_vid=1837377932.1660532216&ga_sid=1660532216&ga_hid=1383795352&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=871&ady=1146&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31068881&oid=2&pvsid=3074280390157935&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CEe%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=3&uci=a!3&fsb=1&xpc=7kTnEDbVET&p=http%3A//novini.dir.bg&dtd=188
Frame ID: 96FA5FA2C68833ACE829CD89096F6634
Requests: 1 HTTP requests in this frame

Frame: http://ls.hit.gemius.pl/lsget.html
Frame ID: 2CCE0BFAFF313F06C6A538A8B0C086C9
Requests: 1 HTTP requests in this frame

Frame: https://bcf79b9b46cd1c6d6f0b39baa0216384.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 7BA460893F71CC579022F30113D033D9
Requests: 15 HTTP requests in this frame

Frame: https://ls.hit.gemius.pl/lsget.html?mode=new
Frame ID: 008300AA72214A2B8B08A40BA17A5E21
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMX_6gIQ4KTvAhj45_HLATAB&v=APEucNVyJGz3HhZpD389sk1tGQNxqKYcRUCkvoIFnjGKPEtAupN_ssaYisESmfOYE84j8TuCWCUwfnC92p26Knbp1ICJNBFyLDl3jAnyzCNu9cf0Z9e2DPQoS1N1fzmyed06uMLV2WhbNjqIYyjpkSp5O4edvs0QVP-zQviCkQNmsMkJeoRo1eQ
Frame ID: A3FB6A67F3BC9B82FF977AC2883A84E8
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 2DCE20FE41E62F32AC6874B3E395E303
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/14339125302209282048/CBV_XC40_Refresh_DE_970x250/index.html
Frame ID: 31A94CA86868939D1122D2E4138AE3E4
Requests: 8 HTTP requests in this frame

Frame: https://bcf79b9b46cd1c6d6f0b39baa0216384.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: A123C135598253247D36CC91507305DF
Requests: 23 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPn57r0CEJCLzZYDGIz_ys8BMAE&v=APEucNU26r8gSFeDJTUTwOZjjmtlYWHLUGzXrxHrTaFKdb1DFbSz3QmAVb5RVtB-o7pBfDdkPd-5eetIDp9g564-2IE54kO5vI-Th2zXiqKUz_Ssd09nsyasDxEafern6Hv56pbYZeJ72sF9Kp5mzLmht73SYc0dFUHKY_p-XsuseR1A20iYPic
Frame ID: 16CA377632A526F1388213CA4F8A898B
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 7DE8D58C028EABF79A3AD585C512ADDF
Requests: 3 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.12.js
Frame ID: D5171967ECC009F1C10F01B0B0D6689A
Requests: 1 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/8194289394266406912/index.html?e=69&leftOffset=0&topOffset=0&c=DdGXQhpPMZ&t=1&renderingType=2&ev=01_247
Frame ID: 9C502E98D19045C3104C8E70BA9741F7
Requests: 23 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/nFxlsDypB7fADXJag6hgweS-nRuXDEO5nQJQNtw06Bw.js
Frame ID: 670DC93207C142534A2F3B84FA444C62
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: CCF598CC7878D3A0D0C8651974BA7446
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: C2EF6BECFD82C2D416B0F540B759F61A
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Новини

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/pagead/show_ads\.js

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Gemius (Analytics) Expand

Overall confidence: 100%
Detected patterns

hit\.gemius\.pl/xgemius\.js
hit\.gemius\.pl
xgemius\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

149
Requests

72 %
HTTPS

55 %
IPv6

16
Domains

31
Subdomains

30
IPs

7
Countries

2263 kB
Transfer

4526 kB
Size

21
Cookies

53 Outgoing links

These are links going to different origins than the main page.

URL: https://dnes.dir.bg/
Title: Днес

Search URL Search Domain Scan URL

URL: https://life.dir.bg/
Title: Лайф

Search URL Search Domain Scan URL

URL: https://corner.dir.bg/
Title: Корнер

Search URL Search Domain Scan URL

URL: https://business.dir.bg/
Title: Бизнес

Search URL Search Domain Scan URL

URL: https://it.dir.bg/
Title: IT

Search URL Search Domain Scan URL

URL: https://impressio.dir.bg/
Title: Impressio

Search URL Search Domain Scan URL

URL: http://auto.dir.bg/
Title: Авто

Search URL Search Domain Scan URL

URL: http://clubs.dir.bg/
Title: Клубовете

Search URL Search Domain Scan URL

URL: http://zodiac.dir.bg/
Title: Зодиак

Search URL Search Domain Scan URL

URL: http://trip.dir.bg/
Title: Пътуване

Search URL Search Domain Scan URL

URL: http://tv.dir.bg/
Title: ТВ

Search URL Search Domain Scan URL

URL: https://vremeto.dir.bg/
Title: Времето

Search URL Search Domain Scan URL

URL: http://vkusotii.dir.bg/
Title: Вкусотии

Search URL Search Domain Scan URL

URL: http://glog.dir.bg/
Title: Глог

Search URL Search Domain Scan URL

URL: http://tranzit.dir.bg/
Title: Транзит

Search URL Search Domain Scan URL

URL: http://dom.dir.bg/
Title: Дом

Search URL Search Domain Scan URL

URL: https://urbn.dir.bg/
Title: #URBN

Search URL Search Domain Scan URL

URL: https://webreport.bg/
Title: Web Report

Search URL Search Domain Scan URL

URL: https://www.facebook.com/dnesdirbg/

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/dir-bg/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/dir.bg/

Search URL Search Domain Scan URL

URL: https://twitter.com/dirbg

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCX3ADAGeYtU3MKw55fYcs6g

Search URL Search Domain Scan URL

URL: http://mail.dir.bg/
Title: Поща

Search URL Search Domain Scan URL

URL: https://profile.dir.bg/
Title: Профил

Search URL Search Domain Scan URL

URL: https://m.dir.bg/

Search URL Search Domain Scan URL

URL: http://news.dir.bg/

Search URL Search Domain Scan URL

URL: https://dir.bg/

Search URL Search Domain Scan URL

URL: https://video.dir.bg/
Title: DirTV

Search URL Search Domain Scan URL

URL: https://games.dir.bg/
Title: Games

Search URL Search Domain Scan URL

URL: https://dnes.dir.bg/poll
Title: Анкети

Search URL Search Domain Scan URL

URL: http://fun.dir.bg/
Title: Вицове

Search URL Search Domain Scan URL

URL: http://gallery.dir.bg/
Title: Галерия

Search URL Search Domain Scan URL

URL: http://games.dir.bg/
Title: Игри

Search URL Search Domain Scan URL

URL: http://www.lostbulgaria.com/
Title: Изгубената България

Search URL Search Domain Scan URL

URL: http://calendar.dir.bg/
Title: Календар

Search URL Search Domain Scan URL

URL: http://greetings.dir.bg/
Title: Картички

Search URL Search Domain Scan URL

URL: http://dir.dir.bg/
Title: Каталог

Search URL Search Domain Scan URL

URL: http://kino.dir.bg/
Title: Кино

Search URL Search Domain Scan URL

URL: https://photo.dir.bg/
Title: Фото

Search URL Search Domain Scan URL

URL: http://www.vip.dir.bg/kakvo_e_vip.php
Title: VIP Сайт

Search URL Search Domain Scan URL

URL: http://trip.dir.bg/vip.php
Title: VIP Оферта

Search URL Search Domain Scan URL

URL: http://direct.dir.bg/
Title: Direct Реклама

Search URL Search Domain Scan URL

URL: https://dnes.dir.bg/sofia
Title: София

Search URL Search Domain Scan URL

URL: https://dnes.dir.bg/plovdiv
Title: Пловдив

Search URL Search Domain Scan URL

URL: https://dnes.dir.bg/varna
Title: Варна

Search URL Search Domain Scan URL

URL: https://dnes.dir.bg/burgas
Title: Бургас

Search URL Search Domain Scan URL

URL: https://dnes.dir.bg/ruse
Title: Русе

Search URL Search Domain Scan URL

URL: http://banners.dir.bg/
Title: за реклама

Search URL Search Domain Scan URL

URL: http://dnes.dir.bg/news_comments.php?id=18704599
Title: обратна връзка

Search URL Search Domain Scan URL

URL: http://pay.dir.bg/user_agreement.php
Title: потребителско споразумение

Search URL Search Domain Scan URL

URL: http://vip.dir.bg/registration_1.php
Title: добави сайт

Search URL Search Domain Scan URL

URL: http://catalog.dir.bg/whatsnew/whats_new.html
Title: какво ново

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 16

http://novini.dir.bg/img/spacer.gif HTTP 302
http://novini.dir.bg/

Request Chain 26

http://secure-it.imrworldwide.com/v60.js HTTP 301
https://cdn-gl.imrworldwide.com/v60.js

Request Chain 27

http://www.google-analytics.com/urchin.js HTTP 307
https://www.google-analytics.com/urchin.js

Request Chain 42

http://secure-it.imrworldwide.com/storageframe.html HTTP 301
https://secure-it.imrworldwide.com/storageframe.html

Request Chain 44

http://www.google-analytics.com/__utm.gif?utmwv=1.4&utmn=1791128803&utmcs=windows-1251&utmsr=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmcn=1&utmdt=%D0%9D%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8&utmhn=novini.dir.bg&utmhid=1383795352&utmr=-&utmp=/&utmac=UA-436010-11&utmcc=__utma%3D95319433.1791128803.1660532216.1660532216.1660532216.1%3B%2B__utmz%3D95319433.1660532216.1.1.utmccn%3D(direct)%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)%3B%2B HTTP 307
https://www.google-analytics.com/__utm.gif?utmwv=1.4&utmn=1791128803&utmcs=windows-1251&utmsr=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmcn=1&utmdt=%D0%9D%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8&utmhn=novini.dir.bg&utmhid=1383795352&utmr=-&utmp=/&utmac=UA-436010-11&utmcc=__utma%3D95319433.1791128803.1660532216.1660532216.1660532216.1%3B%2B__utmz%3D95319433.1660532216.1.1.utmccn%3D(direct)%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)%3B%2B

Request Chain 62

https://gabg.hit.gemius.pl/_1660532216302/rexdot.js?l=100&id=0nKaqGdw4zKR1fGhh6IWU9U5jw61Q0O7NmyLWD27pZD.e7&et=view&hsrc=1&initsonar=1&extra=&inner=_ver%3D328&eventid=0&fr=1&tz=0&fv=-&href=http%3A%2F%2Fnovini.dir.bg%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=EHclAvWndFmqqs0LispZCufirb4_GiSuFOVSv2Co9kb.J7Cyib6mXmPvQv2GR9R8yiWuttMFOevDbCou4dS2TDGGKjkv/mMCtKTVM2xJoa/&ltime=291&fpdata=tt96ofD_YBZnU849yZCIkZMIhZib7h6j0ywXrOuj.d7.J7&lsadd=&fpcap= HTTP 301
https://gabg.hit.gemius.pl/__/_1660532216302/rexdot.js?l=100&id=0nKaqGdw4zKR1fGhh6IWU9U5jw61Q0O7NmyLWD27pZD.e7&et=view&hsrc=1&initsonar=1&extra=&inner=_ver%3D328&eventid=0&fr=1&tz=0&fv=-&href=http%3A%2F%2Fnovini.dir.bg%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=EHclAvWndFmqqs0LispZCufirb4_GiSuFOVSv2Co9kb.J7Cyib6mXmPvQv2GR9R8yiWuttMFOevDbCou4dS2TDGGKjkv/mMCtKTVM2xJoa/&ltime=291&fpdata=tt96ofD_YBZnU849yZCIkZMIhZib7h6j0ywXrOuj.d7.J7&lsadd=&fpcap=

Request Chain 63

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBihqolPqtbfE8Jlz8T4-wk&google_cver=1

Request Chain 64

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Yvm1.DJqyQgxAGD256kFFgAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBihqolPqtbfE8Jlz8T4-wk&google_cver=1&google_hm=2

Request Chain 65

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEK_I8DyY1u6XJyDCAJFJSqM&google_cver=1 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEK_I8DyY1u6XJyDCAJFJSqM%26google_cver%3D1

Request Chain 66

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzkyOTk2MTAzNTk3NjI5NTg2Nw%3D%3D

Request Chain 88

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBihqolPqtbfE8Jlz8T4-wk&google_cver=1

Request Chain 89

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Yvm1.DJqyQgxAGD256kFFgAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBihqolPqtbfE8Jlz8T4-wk&google_cver=1&google_hm=2

Request Chain 90

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEK_I8DyY1u6XJyDCAJFJSqM&google_cver=1

Request Chain 91

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzEzNTA4MTg2OTQxMjU2MDU3Mg%3D%3D

Request Chain 102

https://fw.adsafeprotected.com/rfw/bgd/1103447/64557513/xbbe/creative/adj?p=APEucNVk2Y7np6VeL8QDVNQXaUlFHp6hHnYB_w8_36x1Al6kVBg6K4Y&d=CnkAoCZ_4MiuGief8Ci5N3UO7oqI96922TP69S8XJ-qg0SC69hN6ERlSpRexCuZ7iteNGbD-0UgEzWtvrwD6C0hRRwQQMrG0p3HnbLD6DBnLTsl0ZtftRPqf5oL-0mZ5uye573ybQkxvNrxhhNf-VuDqDYHCZO-b_kx4EvkUAKAmf-AlX6qjaaZBIuhvltgsZhi2vhaSzYNmWbfA44UmeNS8f_TXfVIPDXL_OanDArBDNWydedNswnXezfj94BpCQw5uyRXwgAMBM2q1H_EP5SzbJ5rPxoLz8-jA2Oid_1Wlm2Tzmcjyq3bFSJOyCHqmtDO6XsTFGBkV-qViaIvxOBKEbOeCUa8sh9TVzxs9aq5L8P_l56_X121JoSAmJsbafc8dMrJYP1rrotqULfjgAwVPdt4J5eT7GL6THoRAJRt_lUlkh90Svwm081Z8_aO_l_LankywhTJ86a1K6iRqSebejnV92vj8GPZ6xFo7MfCld1upqigv06zZO4eDCtsViUwCpNDchzf5p6o4-fXyyVbi1scIS6Zq-IH8-x2mKkWOaKVE0EVk7KZgHWxRh8M64uSmElUCLJYhe1zzRDjOpdMP2qXEYwqYwih8ItgWP6BFpI6L5HotEMAIepzDgSCYlOTU9aTETGPdt_3wPJCBWsymAuocYT3BISQKGnWiNiOHE32DaV11dgB8kVBtL3M_qnN-5G9tRADMMcaJ9e9a59kqm9hnBTFuFBbVAyW9NrGrrUTVkE7IurAxby1dLMPKKhbwZ0gz9avbSmeIKAwt8Wk_V69h7YlR2BoYw44UuxkBuGUKljoKaQScyxm_fSBVLhVfIYQifTcznzeJMupVY4U5f0TJnbjnHezxNuq6zXVt92F7aZhhO03gMClOhCZ0EUfnpFssBenG9oBB9ZjookpCSaMVOfDwM8ubjOfV7wpeCeIk4PADgb8tF88uJAYAF5KCHqk0NMEMt0Z1ATAm7q-L34tZzLdLCgzELX3EwCkGYIqqzP3XCtFreDemYF5WhT0LY7Xubc7Uo2YIKTSoRGcv9AOAK7ZTf-8wmoCVu2pZjr-oxfUQu6J44nRXHsDcVPzIE5UfUu1Z90yJGUsic1ou0gJCex41D6cCyhzpWMLRxxoGExycVHCxJytRbcLLfakhVoKqeDfwZyI4qt5eeOcgan3jhxa4bl1h-Vr1MOPs3Gyju4LhLlKtrm9VZJoyXCivn_pPC-HZSVkpUnYIuiFX2knAXd-x7-MegElrq3lHN9MMNaMGNUtu68_efPAD67a8yJ1EtMth0v3eqLLUUhU-s0wp_xcsjGWFGvx3FJOR9XsfhiHdX7KEis8oopIGew-9BxP_8U6IrG_pBWqvKuzbT0PjO79xvPyWuasqJlRmtbkvbCb9yJm4jihJG81slbYfgRhp1m_-BE-DkjR_7KsPkpsyyzcrjzyzvi-IdGjyF5wSl7F8YE9hobc9rAUSTYVJiFaBxjXgZ8saWsY0gRUISTL2L6h0NwwVzPp8ccMuNE9Wd5CU5vZIBVEh7RX8tn5NJEJZJfJbndagslyhSRTcYd_XS-xHBN24Yb23sBUXe0Huzk4BQ0yWSuWfU1z5kzf5Usd2gQg_Az75H6IkVYGsA8ddTKlaNZAaj7VdNqkSrC1IYQ6nY3tcn0QH9XKTZJf3RhxaAZGDBNKzlxIUWYDo4lyrke0sesGM5efz3KKg2LGF5_4NCdd3XjaJnrMjx3f_YC123c9x3mEDuLOIK4_NcVHuZqD9znlkSz3OtJl1y_SKNmvA1Y6rFXUyY06mkZDGHwlYARfmoV8KNZhLQNn13YrQlg7sUG3BJ4XSur1Gm0V-ii_KK2Vt_RidZ9WNVTgzHBQ6YlHtvNBU6jYbLCYFEmiVSVFvlQITQqgxdiD8C9jSGGuSVcL3yYqkB94dhskylPNDRJYRv5coPiN7rnPvh0BCutj56983vnkb_8zhHzP3SMQ-x0QNv9RD9TLk82PeBm-VOVjg3uuBaHkFOyQBNNRE0pzG6a3s6EjEIsiYttDQLg5dwYy4IAJAGccnZLIGQbntaQRMevXTdrjc1OAkctdI69vaFjEVcuXxlYqAp0biaYjwC3a1BKQ5dSiFt431P_UgbZ3PbYJj75ppUOayHURaQt1GX4tS33cjlIGLDC4mUZOUs21sNdfvjqaQmfd6UKfGrRjJEiIpwmXNuEczlVQX5q8OP89Bt4-unPEYW95E1SSEteM5Ww0vy1h7Jl1eh8lyx0BgICcHo_Zt0SpmsZWHuIrJYacxshql_UhFMhRj-wWeo4_Es433qw9ykFlWDh-ztKjXTcDYzi4HfdyVH4Vx33okX32AJbjqK9HRFqViunUKflFWXTYIQnDv1rqrLRT-cTDhTuRJPx6c0IDON22enf-GhiIvl26Ysz0Pm_JGzwWSBenq4P-pGxUx1l_5V_ZN8eenYTVIRzQvQEkDh6lmKFiiCm5FMuAbZlYLO3PsdLCGXGKWw4fZTpI9lRY8KNzhEqDog4Aj2fH5rmSKM15GwAvX9FahjSgr-bRxyEEbqkwk1CE53m3MXQFn-dGaRui49lt7uxMB10cMgTXDcvVPe3gx4iaP9UvZ6k3_sohC9cW-GfuLJA6b8RLHImblVwQgAnPMKksZwmfG7bGhkls2TKALn0mHEjbegzEyA12MpwaxLZXxjn7-RnViXlvlpGSxyBEhPXokM6i6vBL4OlTQS24K8nXc6MnS7UXfgr__6UYWdexOCp96OY4wszn3MwUW-U14RxZ3PhLJnoxDSHuU1KnirBZ72B_x2HxeaATlQWbbHcEJc08YN6kNvyUmAOQg7oXo2XDt149Kc8Hc_XFHtrs8V1H14Gx7sW4ynMo0KH0-jK2xCUPy_ZEMgeMRIxvISONkJ-r809wPSFnarQHjLUYvi5sDx4IhgslTgBsM2fOPPXbsfyfWqpgTOqNK6V4zkMbulvBLGJe2-gJ147uNPoN4XJ0ZhjIPuFeiKEMJraE5EPyriWEvu8Dfol19T9ENZO7v80fbXiBBw9iKsL6F2QQJEeYzQagdwHb9TPPbZ8vWxPQMDtxJ8MXtdgRGUH351xyJ6t-BKOSWkE9qw-uDgMz5PezWCE1SyRhTcNiTUMA86CGOvQxfPxN4nwrzmzEAsk02ddf9d8KdtJI0COwOEis91f1NYN4fac9FZ0RB9Qb6nfKPkP1B4SXVeVAXGpYKNN5yW7_rfynp3w9Nj_xyT2HHYldgKmoo23Aab2bbCqrqvnstXICMnE_gXcvgtSaGjfUBoDpd1bitDnynYp-PItm8b09V5PyKnPkFOhhgl7fO8R5XWT9QJ41decA6Ng2KdOrDXya2ItPLZvvncLgZKSCSSIfAqatgOjFuECHfhHU1AzlRwv4Ln5TUYXss8gWlxMADBaamoJ2mNh1S_KrazwodS0JwnIiad-VLtgyNY25lRhevPhlh7Jm8m-3Z0ifR9yue3Wy0lGG1-J80ElA5SOwGXtL1Aeo-97yPLSYHP6XOfmncfGrrqMaih1YjOsrnZE9VJtweTA06rQMSoE9-9TIQhH08M4nne0ZEUqvdqql_AWmzZ1IP5ujEwz06PY-m3eEnH-Tpps0dnBfYxUkWpFkGsrxEVtxHfxV0_3DWXMPIyZZHGL8iDycHUAdSD0fVFrhz9LRcq47Y1oE8F_H0m821GKv_XNwHcWpkq0ZtmTzK3WejMSoMwbTE1MYqtepTFQIWjywdAFERqUKgpUJajA4aKwgAEifkaBR3KKtDgqVrEcQfd0v471RGStVVYCzl_8cgLYGVn64OZCIxDOtgAQ&ias_dspID=3&ias_campId=1008209264&ias_pubId=pub-7013154316454623&ias_chanId=1&ias_placementId=17668708710&bidurl=http://novini.dir.bg/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0iWT_w3hYLU6AiG9iy2m_-T&adsafe_url=http%3A%2F%2Fnovini.dir.bg%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Fbcf79b9b46cd1c6d6f0b39baa0216384.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fbcf79b9b46cd1c6d6f0b39baa0216384.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:92739fff-5b92-636e-a1b7-c32ead3ca8aa,c:lkbkBj,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-94958994c-rv5hs,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:i,cc:NaN.NaN.300.600,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,an:n,oam:0,scm:audiit1,mtim:2,mot:0,app:0,maw:0,fm:texNXn9+11%7C12%7C131%7C141%7C142%7C143%7C15*.1103447-64557513%7C151%7C152,idMap:15*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,tt:rjss,et:19,oid:ecbdb4b8-1c45-11ed-9bfb-0630da5f8fc5,v:19.8.343,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNVk2Y7np6VeL8QDVNQXaUlFHp6hHnYB_w8_36x1Al6kVBg6K4Y&d=CnkAoCZ_4MiuGief8Ci5N3UO7oqI96922TP69S8XJ-qg0SC69hN6ERlSpRexCuZ7iteNGbD-0UgEzWtvrwD6C0hRRwQQMrG0p3HnbLD6DBnLTsl0ZtftRPqf5oL-0mZ5uye573ybQkxvNrxhhNf-VuDqDYHCZO-b_kx4EvkUAKAmf-AlX6qjaaZBIuhvltgsZhi2vhaSzYNmWbfA44UmeNS8f_TXfVIPDXL_OanDArBDNWydedNswnXezfj94BpCQw5uyRXwgAMBM2q1H_EP5SzbJ5rPxoLz8-jA2Oid_1Wlm2Tzmcjyq3bFSJOyCHqmtDO6XsTFGBkV-qViaIvxOBKEbOeCUa8sh9TVzxs9aq5L8P_l56_X121JoSAmJsbafc8dMrJYP1rrotqULfjgAwVPdt4J5eT7GL6THoRAJRt_lUlkh90Svwm081Z8_aO_l_LankywhTJ86a1K6iRqSebejnV92vj8GPZ6xFo7MfCld1upqigv06zZO4eDCtsViUwCpNDchzf5p6o4-fXyyVbi1scIS6Zq-IH8-x2mKkWOaKVE0EVk7KZgHWxRh8M64uSmElUCLJYhe1zzRDjOpdMP2qXEYwqYwih8ItgWP6BFpI6L5HotEMAIepzDgSCYlOTU9aTETGPdt_3wPJCBWsymAuocYT3BISQKGnWiNiOHE32DaV11dgB8kVBtL3M_qnN-5G9tRADMMcaJ9e9a59kqm9hnBTFuFBbVAyW9NrGrrUTVkE7IurAxby1dLMPKKhbwZ0gz9avbSmeIKAwt8Wk_V69h7YlR2BoYw44UuxkBuGUKljoKaQScyxm_fSBVLhVfIYQifTcznzeJMupVY4U5f0TJnbjnHezxNuq6zXVt92F7aZhhO03gMClOhCZ0EUfnpFssBenG9oBB9ZjookpCSaMVOfDwM8ubjOfV7wpeCeIk4PADgb8tF88uJAYAF5KCHqk0NMEMt0Z1ATAm7q-L34tZzLdLCgzELX3EwCkGYIqqzP3XCtFreDemYF5WhT0LY7Xubc7Uo2YIKTSoRGcv9AOAK7ZTf-8wmoCVu2pZjr-oxfUQu6J44nRXHsDcVPzIE5UfUu1Z90yJGUsic1ou0gJCex41D6cCyhzpWMLRxxoGExycVHCxJytRbcLLfakhVoKqeDfwZyI4qt5eeOcgan3jhxa4bl1h-Vr1MOPs3Gyju4LhLlKtrm9VZJoyXCivn_pPC-HZSVkpUnYIuiFX2knAXd-x7-MegElrq3lHN9MMNaMGNUtu68_efPAD67a8yJ1EtMth0v3eqLLUUhU-s0wp_xcsjGWFGvx3FJOR9XsfhiHdX7KEis8oopIGew-9BxP_8U6IrG_pBWqvKuzbT0PjO79xvPyWuasqJlRmtbkvbCb9yJm4jihJG81slbYfgRhp1m_-BE-DkjR_7KsPkpsyyzcrjzyzvi-IdGjyF5wSl7F8YE9hobc9rAUSTYVJiFaBxjXgZ8saWsY0gRUISTL2L6h0NwwVzPp8ccMuNE9Wd5CU5vZIBVEh7RX8tn5NJEJZJfJbndagslyhSRTcYd_XS-xHBN24Yb23sBUXe0Huzk4BQ0yWSuWfU1z5kzf5Usd2gQg_Az75H6IkVYGsA8ddTKlaNZAaj7VdNqkSrC1IYQ6nY3tcn0QH9XKTZJf3RhxaAZGDBNKzlxIUWYDo4lyrke0sesGM5efz3KKg2LGF5_4NCdd3XjaJnrMjx3f_YC123c9x3mEDuLOIK4_NcVHuZqD9znlkSz3OtJl1y_SKNmvA1Y6rFXUyY06mkZDGHwlYARfmoV8KNZhLQNn13YrQlg7sUG3BJ4XSur1Gm0V-ii_KK2Vt_RidZ9WNVTgzHBQ6YlHtvNBU6jYbLCYFEmiVSVFvlQITQqgxdiD8C9jSGGuSVcL3yYqkB94dhskylPNDRJYRv5coPiN7rnPvh0BCutj56983vnkb_8zhHzP3SMQ-x0QNv9RD9TLk82PeBm-VOVjg3uuBaHkFOyQBNNRE0pzG6a3s6EjEIsiYttDQLg5dwYy4IAJAGccnZLIGQbntaQRMevXTdrjc1OAkctdI69vaFjEVcuXxlYqAp0biaYjwC3a1BKQ5dSiFt431P_UgbZ3PbYJj75ppUOayHURaQt1GX4tS33cjlIGLDC4mUZOUs21sNdfvjqaQmfd6UKfGrRjJEiIpwmXNuEczlVQX5q8OP89Bt4-unPEYW95E1SSEteM5Ww0vy1h7Jl1eh8lyx0BgICcHo_Zt0SpmsZWHuIrJYacxshql_UhFMhRj-wWeo4_Es433qw9ykFlWDh-ztKjXTcDYzi4HfdyVH4Vx33okX32AJbjqK9HRFqViunUKflFWXTYIQnDv1rqrLRT-cTDhTuRJPx6c0IDON22enf-GhiIvl26Ysz0Pm_JGzwWSBenq4P-pGxUx1l_5V_ZN8eenYTVIRzQvQEkDh6lmKFiiCm5FMuAbZlYLO3PsdLCGXGKWw4fZTpI9lRY8KNzhEqDog4Aj2fH5rmSKM15GwAvX9FahjSgr-bRxyEEbqkwk1CE53m3MXQFn-dGaRui49lt7uxMB10cMgTXDcvVPe3gx4iaP9UvZ6k3_sohC9cW-GfuLJA6b8RLHImblVwQgAnPMKksZwmfG7bGhkls2TKALn0mHEjbegzEyA12MpwaxLZXxjn7-RnViXlvlpGSxyBEhPXokM6i6vBL4OlTQS24K8nXc6MnS7UXfgr__6UYWdexOCp96OY4wszn3MwUW-U14RxZ3PhLJnoxDSHuU1KnirBZ72B_x2HxeaATlQWbbHcEJc08YN6kNvyUmAOQg7oXo2XDt149Kc8Hc_XFHtrs8V1H14Gx7sW4ynMo0KH0-jK2xCUPy_ZEMgeMRIxvISONkJ-r809wPSFnarQHjLUYvi5sDx4IhgslTgBsM2fOPPXbsfyfWqpgTOqNK6V4zkMbulvBLGJe2-gJ147uNPoN4XJ0ZhjIPuFeiKEMJraE5EPyriWEvu8Dfol19T9ENZO7v80fbXiBBw9iKsL6F2QQJEeYzQagdwHb9TPPbZ8vWxPQMDtxJ8MXtdgRGUH351xyJ6t-BKOSWkE9qw-uDgMz5PezWCE1SyRhTcNiTUMA86CGOvQxfPxN4nwrzmzEAsk02ddf9d8KdtJI0COwOEis91f1NYN4fac9FZ0RB9Qb6nfKPkP1B4SXVeVAXGpYKNN5yW7_rfynp3w9Nj_xyT2HHYldgKmoo23Aab2bbCqrqvnstXICMnE_gXcvgtSaGjfUBoDpd1bitDnynYp-PItm8b09V5PyKnPkFOhhgl7fO8R5XWT9QJ41decA6Ng2KdOrDXya2ItPLZvvncLgZKSCSSIfAqatgOjFuECHfhHU1AzlRwv4Ln5TUYXss8gWlxMADBaamoJ2mNh1S_KrazwodS0JwnIiad-VLtgyNY25lRhevPhlh7Jm8m-3Z0ifR9yue3Wy0lGG1-J80ElA5SOwGXtL1Aeo-97yPLSYHP6XOfmncfGrrqMaih1YjOsrnZE9VJtweTA06rQMSoE9-9TIQhH08M4nne0ZEUqvdqql_AWmzZ1IP5ujEwz06PY-m3eEnH-Tpps0dnBfYxUkWpFkGsrxEVtxHfxV0_3DWXMPIyZZHGL8iDycHUAdSD0fVFrhz9LRcq47Y1oE8F_H0m821GKv_XNwHcWpkq0ZtmTzK3WejMSoMwbTE1MYqtepTFQIWjywdAFERqUKgpUJajA4aKwgAEifkaBR3KKtDgqVrEcQfd0v471RGStVVYCzl_8cgLYGVn64OZCIxDOtgAQ

149 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
novini.dir.bg/ 75 KB
17 KB 112ms
51ms Document
text/html 194.145.63.10
DELTA-BG-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://novini.dir.bg/

Protocol

HTTP/1.1

Server

194.145.63.10 Sofia, Bulgaria, ASN197216 (DELTA-BG-AS, BG),

Reverse DNS

new.dir.bg

Software

nginx/0.8.54 /

Resource Hash

abc3c762bfa56b05bd3ceec35becfa91ee5c06f97829df8eb5166d58a2a5efba

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Content-Encoding: gzip
Content-Type: text/html; charset=windows-1251
Date: Mon, 15 Aug 2022 02:52:31 GMT
ETag: "c040cb834-12ac6-5e637ee8491e6"
Last-Modified: Sun, 14 Aug 2022 18:46:22 GMT
Server: nginx/0.8.54
Transfer-Encoding: chunked
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK styles-v2.css
i.dir.bg/novini/ 14 KB
3 KB 114ms
50ms Stylesheet
text/css 194.145.63.18
DELTA-BG-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://i.dir.bg/novini/styles-v2.css
Requested by: Host: novini.dir.bg
URL: http://novini.dir.bg/
Protocol: HTTP/1.1
Server: 194.145.63.18 Sofia, Bulgaria, ASN197216 (DELTA-BG-AS, BG),
Reverse DNS: i.dirbg.com
Software: nginx/1.2.1 /
Resource Hash: 69b5eb286693fcdfad0a46612becf750a459cae3e4159dcb9ea4b3ed5cd14c3c

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://novini.dir.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Mon, 15 Aug 2022 02:56:55 GMT
Content-Encoding: gzip
Last-Modified: Wed, 27 Apr 2011 14:09:59 GMT
Server: nginx/1.2.1
Transfer-Encoding: chunked
Content-Type: text/css
Cache-Control: max-age=157680000
Connection: keep-alive
Expires: Sat, 14 Aug 2027 02:56:55 GMT

GET
H/1.1 200
OK header-styles.css
i.dir.bg/designs/headers/ 36 KB
6 KB 447ms
52ms Stylesheet
text/css 194.145.63.18
DELTA-BG-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://i.dir.bg/designs/headers/header-styles.css?_=20190626
Requested by: Host: novini.dir.bg
URL: http://novini.dir.bg/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 194.145.63.18 Sofia, Bulgaria, ASN197216 (DELTA-BG-AS, BG),
Reverse DNS: i.dirbg.com
Software: nginx/1.2.1 /
Resource Hash: e5769443389872ca3d8d108e0829b1029d3eb2b7bd76c2bd7a45630ae3671e75

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://novini.dir.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Mon, 15 Aug 2022 02:56:55 GMT
Content-Encoding: gzip
Last-Modified: Wed, 26 Jun 2019 17:48:03 GMT
Server: nginx/1.2.1
Transfer-Encoding: chunked
Content-Type: text/css
Cache-Control: max-age=157680000
Connection: keep-alive
Expires: Sat, 14 Aug 2027 02:56:55 GMT

GET
H/1.1 200
OK ieupdate2.js Show response
i.dir.bg/fix/ 1002 B
812 B 111ms
48ms Script
application/x-javascript 194.145.63.18
DELTA-BG-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://i.dir.bg/fix/ieupdate2.js
Requested by: Host: novini.dir.bg
URL: http://novini.dir.bg/
Protocol: HTTP/1.1
Server: 194.145.63.18 Sofia, Bulgaria, ASN197216 (DELTA-BG-AS, BG),
Reverse DNS: i.dirbg.com
Software: nginx/1.2.1 /
Resource Hash: eb85b6fd385a433bd95d7c6f41221d4b4cfa834d38598a0a851fcd8dc8d6a504

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://novini.dir.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Mon, 15 Aug 2022 02:56:55 GMT
Content-Encoding: gzip
Last-Modified: Fri, 13 Apr 2007 07:43:21 GMT
Server: nginx/1.2.1
Transfer-Encoding: chunked
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=157680000
Connection: keep-alive
Expires: Sat, 14 Aug 2027 02:56:55 GMT

GET
H/1.1 200
OK script.js Show response
i.dir.bg/novini/ 3 KB
1 KB 114ms
51ms Script
application/x-javascript 194.145.63.18
DELTA-BG-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://i.dir.bg/novini/script.js
Requested by: Host: novini.dir.bg
URL: http://novini.dir.bg/
Protocol: HTTP/1.1
Server: 194.145.63.18 Sofia, Bulgaria, ASN197216 (DELTA-BG-AS, BG),
Reverse DNS: i.dirbg.com
Software: nginx/1.2.1 /
Resource Hash: da690d656d1b54b6ebf56c0429761a8c7bc930289caa2ddf1f63581fb741ac42

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://novini.dir.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Mon, 15 Aug 2022 02:56:55 GMT
Content-Encoding: gzip
Last-Modified: Fri, 10 Apr 2009 13:17:25 GMT
Server: nginx/1.2.1
Transfer-Encoding: chunked
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=157680000
Connection: keep-alive
Expires: Sat, 14 Aug 2027 02:56:55 GMT

GET
H/1.1 200
OK jquery.js Show response
i.dir.bg/id5/js/ 56 KB
20 KB 133ms
59ms Script
application/x-javascript 194.145.63.18
DELTA-BG-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://i.dir.bg/id5/js/jquery.js
Requested by: Host: novini.dir.bg
URL: http://novini.dir.bg/
Protocol: HTTP/1.1
Server: 194.145.63.18 Sofia, Bulgaria, ASN197216 (DELTA-BG-AS, BG),
Reverse DNS: i.dirbg.com
Software: nginx/1.2.1 /
Resource Hash: 29133962ccf97017876e2a59a345433a326ea9debced53451c44e39707f36800

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://novini.dir.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Mon, 15 Aug 2022 02:56:55 GMT
Content-Encoding: gzip
Last-Modified: Tue, 30 Jun 2009 17:33:54 GMT
Server: nginx/1.2.1
Transfer-Encoding: chunked
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=157680000
Connection: keep-alive
Expires: Sat, 14 Aug 2027 02:56:55 GMT

GET
H/1.1 200
OK jquery-3.3.1.min.js Show response
code.jquery.com/ 85 KB
30 KB 50ms
23ms Script
application/javascript 2001:4de0:ac18::1:a:2a
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: http://code.jquery.com/jquery-3.3.1.min.js
Requested by: Host: novini.dir.bg
URL: http://novini.dir.bg/
Protocol: HTTP/1.1
Server: 2001:4de0:ac18::1:a:2a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: 160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Request headers

Referer: http://novini.dir.bg/
Origin: http://novini.dir.bg
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Mon, 15 Aug 2022 02:56:54 GMT
Content-Encoding: gzip
Last-Modified: Fri, 20 Aug 2021 17:47:53 GMT
Server: nginx
ETag: W/"611feac9-1538f"
Vary: Accept-Encoding
X-HW: 1660532214.dop219.fr8.t,1660532214.cds057.fr8.c
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 30288

GET
H/1.1 200
OK header-scripts.js Show response
i.dir.bg/designs/headers/ 2 KB
2 KB 497ms
60ms Script
application/x-javascript 194.145.63.18
DELTA-BG-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://i.dir.bg/designs/headers/header-scripts.js
Requested by: Host: novini.dir.bg
URL: http://novini.dir.bg/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 194.145.63.18 Sofia, Bulgaria, ASN197216 (DELTA-BG-AS, BG),
Reverse DNS: i.dirbg.com
Software: nginx/1.2.1 /
Resource Hash: 2e6f7773b0e597e1e6bb442fac602b5e87fc0b4b9a9feffbabc44c3fd5b8578c

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://novini.dir.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Mon, 15 Aug 2022 02:56:55 GMT
Last-Modified: Mon, 13 May 2019 17:00:25 GMT
Server: nginx/1.2.1
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=157680000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1698
Expires: Sat, 14 Aug 2027 02:56:55 GMT

GET
H/1.1 200
OK 2leveltab.js Show response
novini.dir.bg/ 2 KB
2 KB 77ms
50ms Script
application/javascript 194.145.63.10
DELTA-BG-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://novini.dir.bg/2leveltab.js

Requested by

Host: novini.dir.bg
URL: http://novini.dir.bg/

Protocol

HTTP/1.1

Server

194.145.63.10 Sofia, Bulgaria, ASN197216 (DELTA-BG-AS, BG),

Reverse DNS

new.dir.bg

Software

nginx/0.8.54 /

Resource Hash

70ad94a73939674785bd1aeb3ea89a3cf1d71c8ac1beca3e8dffc2c379073629

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://novini.dir.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Mon, 15 Aug 2022 02:54:51 GMT
Last-Modified: Thu, 03 Jun 2021 19:41:25 GMT
Server: nginx/0.8.54
ETag: "c03f01811-7ac-5c3e1c2b587ba"
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 1964
X-XSS-Protection: 1; mode=block

GET
H2 200 logo-cat.svg
static.dir.bg/images/ 2 KB
2 KB 78ms
25ms Image
image/svg+xml 2606:4700:20::681a:fd6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.dir.bg/images/logo-cat.svg?_=1523887642
Requested by: Host: novini.dir.bg
URL: http://novini.dir.bg/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:fd6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 49dd4046728bbc2bf3b18f8ec2b828507163ff7e081a985ab9c97cba3f2f4609

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://novini.dir.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 02:56:55 GMT
content-encoding: br
vary: Accept-Encoding, Origin
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 453773
access-control-allow-methods: GET, POST, OPTIONS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 26 Apr 2022 07:50:08 GMT
server: cloudflare
etag: W/"6267a430-783"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 172800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kpZw12ddNKtBICR7Hl%2FeFJFNesV1JDoYPYYiGj7Q2qbI3IS%2FHLdhc36a5kC0xVK0Obwnhdx4sAnc9JmZmf9K63YLOFogpvEOk77Hf7NEjvl2jlWDo%2FX0zqjz98SVwcNDQGpHREXuMyTwGSg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: true
cf-ray: 73aea8eb0c8a9060-FRA
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires: Thu, 08 Sep 2022 20:44:01 GMT

GET
H/1.1 200
OK logo-cat.svg
i.dir.bg/designs/headers/ 2 KB
2 KB 60ms
60ms Image
image/svg+xml 194.145.63.18
DELTA-BG-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.dir.bg/designs/headers/logo-cat.svg?_=1523887642
Requested by: Host: novini.dir.bg
URL: http://novini.dir.bg/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 194.145.63.18 Sofia, Bulgaria, ASN197216 (DELTA-BG-AS, BG),
Reverse DNS: i.dirbg.com
Software: nginx/1.2.1 /
Resource Hash: 49dd4046728bbc2bf3b18f8ec2b828507163ff7e081a985ab9c97cba3f2f4609

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://novini.dir.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Mon, 15 Aug 2022 02:56:55 GMT
Last-Modified: Mon, 13 May 2019 17:40:02 GMT
Server: nginx/1.2.1
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
Cache-Control: max-age=157680000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1923
Expires: Sat, 14 Aug 2027 02:56:55 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 83 KB
29 KB 91ms
27ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: novini.dir.bg
URL: http://novini.dir.bg/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4aa2889a33babf6c560df179f876ddf5bbf5346d1893d9f3fb9c99055e540d07

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://novini.dir.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 02:56:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28771
x-xss-protection: 0
server: sffe
etag: "1304 / 222 of 1000 / last-modified: 1660341915"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 15 Aug 2022 02:56:55 GMT

GET
H/1.1 200
OK news-logo2.png
i.dir.bg/news/ 13 KB
13 KB 49ms
49ms Image
image/png 194.145.63.18
DELTA-BG-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://i.dir.bg/news/news-logo2.png
Requested by: Host: novini.dir.bg
URL: http://novini.dir.bg/
Protocol: HTTP/1.1
Server: 194.145.63.18 Sofia, Bulgaria, ASN197216 (DELTA-BG-AS, BG),
Reverse DNS: i.dirbg.com
Software: nginx/1.2.1 /
Resource Hash: dc81ed9ef6da3491cfc27234ca59269a48f99de3fe3c8dab373994baf8334ce7

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://novini.dir.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Mon, 15 Aug 2022 02:56:55 GMT
Last-Modified: Fri, 18 May 2012 13:14:46 GMT
Server: nginx/1.2.1
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: max-age=157680000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 13492
Expires: Sat, 14 Aug 2027 02:56:55 GMT

GET
H/1.1 200
OK new_novini_logo.gif
i.dir.bg/novini/img/ 97 B
417 B 60ms
59ms Image
image/gif 194.145.63.18
DELTA-BG-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://i.dir.bg/novini/img/new_novini_logo.gif
Requested by: Host: novini.dir.bg
URL: http://novini.dir.bg/
Protocol: HTTP/1.1
Server: 194.145.63.18 Sofia, Bulgaria, ASN197216 (DELTA-BG-AS, BG),
Reverse DNS: i.dirbg.com
Software: nginx/1.2.1 /
Resource Hash: 81925d72cdde09884261581f54eb6b41501a64d6740846390f8d79a1ec32f1b3

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://novini.dir.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Mon, 15 Aug 2022 02:56:55 GMT
Last-Modified: Fri, 18 May 2012 13:23:54 GMT
Server: nginx/1.2.1
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=157680000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 97
Expires: Sat, 14 Aug 2027 02:56:55 GMT

GET
H/1.1 404
Not Found js.php
r.dir.bg/ 0
0 166ms
50ms Script
text/html 194.145.63.27
DELTA-BG-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://r.dir.bg/js.php?Code=00_novini_all&d=0
Requested by: Host: novini.dir.bg
URL: http://novini.dir.bg/
Protocol: HTTP/1.1
Server: 194.145.63.27 Sofia, Bulgaria, ASN197216 (DELTA-BG-AS, BG),
Reverse DNS: diri.bg
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://novini.dir.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

GET
H/1.1 200
OK dnes_gall.gif
i.dir.bg/novini/img/ 71 B
391 B 48ms
48ms Image
image/gif 194.145.63.18
DELTA-BG-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://i.dir.bg/novini/img/dnes_gall.gif
Requested by: Host: novini.dir.bg
URL: http://novini.dir.bg/
Protocol: HTTP/1.1
Server: 194.145.63.18 Sofia, Bulgaria, ASN197216 (DELTA-BG-AS, BG),
Reverse DNS: i.dirbg.com
Software: nginx/1.2.1 /
Resource Hash: 633166d96fb90e6b7e1f2efb9a27d0492283c0602fedfd4d6717b47d95277df6

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://novini.dir.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Mon, 15 Aug 2022 02:56:55 GMT
Last-Modified: Sat, 25 Nov 2006 07:39:32 GMT
Server: nginx/1.2.1
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=157680000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 71
Expires: Sat, 14 Aug 2027 02:56:55 GMT

GET
H/1.1 404
Not Found js.php
r.dir.bg/ 0
0 188ms
62ms Script
text/html 194.145.63.27
DELTA-BG-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://r.dir.bg/js.php?Code=1_novini_header&d=0
Requested by: Host: novini.dir.bg
URL: http://novini.dir.bg/
Protocol: HTTP/1.1
Server: 194.145.63.27 Sofia, Bulgaria, ASN197216 (DELTA-BG-AS, BG),
Reverse DNS: diri.bg
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://novini.dir.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

GET
H/1.1

200
OK

/
novini.dir.bg/
Redirect Chain

http://novini.dir.bg/img/spacer.gif
http://novini.dir.bg/

55 KB
55 KB

52ms
51ms

Image
text/html

194.145.63.10
DELTA-BG-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://novini.dir.bg/

Requested by

Host: novini.dir.bg
URL: http://novini.dir.bg/

Protocol

HTTP/1.1

Server

194.145.63.10 Sofia, Bulgaria, ASN197216 (DELTA-BG-AS, BG),

Reverse DNS

new.dir.bg

Software

nginx/0.8.54 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://novini.dir.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Mon, 15 Aug 2022 02:55:05 GMT
Content-Encoding: gzip
Last-Modified: Sun, 14 Aug 2022 18:46:22 GMT
Server: nginx/0.8.54
ETag: "c040cb834-12ac6-5e637ee8491e6"
Transfer-Encoding: chunked
Content-Type: text/html; charset=windows-1251
X-XSS-Protection: 1; mode=block

Redirect headers

Location: /
Date: Mon, 15 Aug 2022 02:53:51 GMT
Server: nginx/0.8.54
Content-Length: 0
X-XSS-Protection: 1; mode=block
Content-Type: text/html; charset=windows-1251

GET
H/1.1 200
OK boxover.js Show response
i.dir.bg/novini/ 11 KB
4 KB 62ms
59ms Script
application/x-javascript 194.145.63.18
DELTA-BG-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://i.dir.bg/novini/boxover.js
Requested by: Host: novini.dir.bg
URL: http://novini.dir.bg/
Protocol: HTTP/1.1
Server: 194.145.63.18 Sofia, Bulgaria, ASN197216 (DELTA-BG-AS, BG),
Reverse DNS: i.dirbg.com
Software: nginx/1.2.1 /
Resource Hash: aae77a16a879acaf366741362f161805f84159ad9816c071507655b4945d3c39

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://novini.dir.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Mon, 15 Aug 2022 02:56:55 GMT
Content-Encoding: gzip
Last-Modified: Sat, 25 Nov 2006 07:39:33 GMT
Server: nginx/1.2.1
Transfer-Encoding: chunked
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=157680000
Connection: keep-alive
Expires: Sat, 14 Aug 2027 02:56:55 GMT

GET
H/1.1 200
OK js.php Show response
r5.dir.bg/ 0
504 B 122ms
57ms Script
text/html 194.145.63.27
DELTA-BG-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://r5.dir.bg/js.php?Code=1_novini_pr

Requested by

Host: novini.dir.bg
URL: http://novini.dir.bg/

Protocol

HTTP/1.1

Server

194.145.63.27 Sofia, Bulgaria, ASN197216 (DELTA-BG-AS, BG),

Reverse DNS

diri.bg

Software

Apache/2.2.22 (Debian) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://novini.dir.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 15 Aug 2022 02:53:51 GMT
Server: Apache/2.2.22 (Debian)
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Cache-Control: no-cache, no-store, must-revalidate, max-age=5
Content-Type: text/html; charset=windows-1251
Content-Length: 0
X-XSS-Protection: 1; mode=block
Expires: Mon, 2 Sun 2001 05:00:00 GMT

GET
H/1.1 200
OK spacer.gif
i.dir.bg/dnes.dir.bg/img/ 43 B
363 B 48ms
48ms Image
image/gif 194.145.63.18
DELTA-BG-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://i.dir.bg/dnes.dir.bg/img/spacer.gif
Requested by: Host: novini.dir.bg
URL: http://novini.dir.bg/
Protocol: HTTP/1.1
Server: 194.145.63.18 Sofia, Bulgaria, ASN197216 (DELTA-BG-AS, BG),
Reverse DNS: i.dirbg.com
Software: nginx/1.2.1 /
Resource Hash: 7f68affba3f1c780f877960c7ee3e441309078b41043d35501e2eda8f7fde683

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://novini.dir.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Mon, 15 Aug 2022 02:56:55 GMT
Last-Modified: Sat, 25 Nov 2006 07:39:18 GMT
Server: nginx/1.2.1
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=157680000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Sat, 14 Aug 2027 02:56:55 GMT

GET
H/1.1 200
OK tick_2.gif
i.dir.bg/novini/img/ 56 B
376 B 61ms
59ms Image
image/gif 194.145.63.18
DELTA-BG-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://i.dir.bg/novini/img/tick_2.gif
Requested by: Host: novini.dir.bg
URL: http://novini.dir.bg/
Protocol: HTTP/1.1
Server: 194.145.63.18 Sofia, Bulgaria, ASN197216 (DELTA-BG-AS, BG),
Reverse DNS: i.dirbg.com
Software: nginx/1.2.1 /
Resource Hash: 691c0303ef332f3364c652f729020548be151578a25c19806c3a344fc1192c8d

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://novini.dir.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Mon, 15 Aug 2022 02:56:55 GMT
Last-Modified: Sat, 25 Nov 2006 07:39:32 GMT
Server: nginx/1.2.1
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=157680000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 56
Expires: Sat, 14 Aug 2027 02:56:55 GMT

GET
H/1.1 200
OK wz_tooltip.js Show response
i.dir.bg/novini/ 16 KB
6 KB 51ms
49ms Script
application/x-javascript 194.145.63.18
DELTA-BG-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://i.dir.bg/novini/wz_tooltip.js
Requested by: Host: novini.dir.bg
URL: http://novini.dir.bg/
Protocol: HTTP/1.1
Server: 194.145.63.18 Sofia, Bulgaria, ASN197216 (DELTA-BG-AS, BG),
Reverse DNS: i.dirbg.com
Software: nginx/1.2.1 /
Resource Hash: 8e76388dceb4677e885d6ad8e1230e8eeeebd306ee673dd11aaf6038bf857697

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://novini.dir.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Mon, 15 Aug 2022 02:56:55 GMT
Content-Encoding: gzip
Last-Modified: Sat, 25 Nov 2006 07:39:31 GMT
Server: nginx/1.2.1
Transfer-Encoding: chunked
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=157680000
Connection: keep-alive
Expires: Sat, 14 Aug 2027 02:56:55 GMT

GET
H/1.1 200
OK newssearch-butt.png
i.dir.bg/novini/img/ 784 B
1 KB 65ms
48ms Image
image/png 194.145.63.18
DELTA-BG-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://i.dir.bg/novini/img/newssearch-butt.png
Requested by: Host: novini.dir.bg
URL: http://novini.dir.bg/
Protocol: HTTP/1.1
Server: 194.145.63.18 Sofia, Bulgaria, ASN197216 (DELTA-BG-AS, BG),
Reverse DNS: i.dirbg.com
Software: nginx/1.2.1 /
Resource Hash: d557c9fec1d5e4c7903330663576213c96b46257dc6582d446b3a2be998e538e

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://novini.dir.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Mon, 15 Aug 2022 02:56:55 GMT
Last-Modified: Fri, 28 Nov 2008 13:44:27 GMT
Server: nginx/1.2.1
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: max-age=157680000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 784
Expires: Sat, 14 Aug 2027 02:56:55 GMT

GET
H/1.1 200
OK js.php Show response
r5.dir.bg/ 0
504 B 146ms
70ms Script
text/html 194.145.63.27
DELTA-BG-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://r5.dir.bg/js.php?Code=1_novini_textlink

Requested by

Host: novini.dir.bg
URL: http://novini.dir.bg/

Protocol

HTTP/1.1

Server

194.145.63.27 Sofia, Bulgaria, ASN197216 (DELTA-BG-AS, BG),

Reverse DNS

diri.bg

Software

Apache/2.2.16 (Debian) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://novini.dir.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 15 Aug 2022 02:54:52 GMT
Server: Apache/2.2.16 (Debian)
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Cache-Control: no-cache, no-store, must-revalidate, max-age=5
Content-Type: text/html; charset=windows-1251
Content-Length: 0
X-XSS-Protection: 1; mode=block
Expires: Mon, 2 Sun 2001 05:00:00 GMT

GET
H/1.1 200
OK spacer.gif
i.dir.bg/novini/img/ 43 B
363 B 58ms
49ms Image
image/gif 194.145.63.18
DELTA-BG-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://i.dir.bg/novini/img/spacer.gif
Requested by: Host: novini.dir.bg
URL: http://novini.dir.bg/
Protocol: HTTP/1.1
Server: 194.145.63.18 Sofia, Bulgaria, ASN197216 (DELTA-BG-AS, BG),
Reverse DNS: i.dirbg.com
Software: nginx/1.2.1 /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://novini.dir.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Mon, 15 Aug 2022 02:56:55 GMT
Last-Modified: Sat, 25 Nov 2006 07:39:32 GMT
Server: nginx/1.2.1
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=157680000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Sat, 14 Aug 2027 02:56:55 GMT

GET
H/1.1 200
OK show_ads.js Show response
pagead2.googlesyndication.com/pagead/ 123 KB
40 KB 63ms
39ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: novini.dir.bg
URL: http://novini.dir.bg/

Protocol

HTTP/1.1

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

366c03ac27a2b82e779934027b4332266f53fbcf40a7fd76110f0accc92d3706

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://novini.dir.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Timing-Allow-Origin: *
Date: Mon, 15 Aug 2022 02:56:55 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: cafe
ETag: 13981742072294876767
Vary: Accept-Encoding
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: private, max-age=3600
Cross-Origin-Resource-Policy: cross-origin
Content-Disposition: attachment; filename="f.txt"
Content-Type: text/javascript; charset=UTF-8
Content-Length: 40705
X-XSS-Protection: 0
Expires: Mon, 15 Aug 2022 02:56:55 GMT

GET
H2

200

v60.js Show response
cdn-gl.imrworldwide.com/
Redirect Chain

http://secure-it.imrworldwide.com/v60.js
https://cdn-gl.imrworldwide.com/v60.js

21 KB
7 KB

128ms
20ms

Script
application/javascript

2600:9000:21f3:ac00:2:42d9:3100:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-gl.imrworldwide.com/v60.js
Requested by: Host: novini.dir.bg
URL: http://novini.dir.bg/
Protocol: H2
Server: 2600:9000:21f3:ac00:2:42d9:3100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 117ed873640b992e38f34a0a761dd3e1cda6b3c24c9507bb3adc0323039f8ff1

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://novini.dir.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-amz-version-id: PmT0ztgo6pW7kPCi5f5AnKDRXRQLwscI
content-encoding: gzip
etag: W/"3bad78b036ef952c6ace672b2251b459"
last-modified: Mon, 25 Jul 2022 13:33:52 GMT
server: AmazonS3
age: 7903
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 56fad5a50ef67bd961b9722ed0931838.cloudfront.net (CloudFront)
cache-control: max-age=86400
date: Mon, 15 Aug 2022 00:45:13 GMT
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: LPHURNAv3ZPUbnon6C6LfefL6jrZkekrSTXHJaJ0mmOb5pCGRWlOOg==

Redirect headers

Location: https://cdn-gl.imrworldwide.com:443/v60.js
Date: Mon, 15 Aug 2022 02:56:55 GMT
Server: awselb/2.0
Connection: keep-alive
Content-Length: 134
Content-Type: text/html

GET
H2

200

urchin.js Show response
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/urchin.js
https://www.google-analytics.com/urchin.js

22 KB
7 KB

86ms
21ms

Script
text/javascript

2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/urchin.js

Requested by

Host: novini.dir.bg
URL: http://novini.dir.bg/

Protocol

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

65b488811bd504ecd9037c0aee94c56a7bcd0870c2ae8818f6cf60cb3ba51621

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://novini.dir.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 22:21:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 16550
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=1209600
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6847
expires: Sun, 28 Aug 2022 22:21:05 GMT

Redirect headers

Location: https://www.google-analytics.com/urchin.js
Non-Authoritative-Reason: HSTS
Cross-Origin-Resource-Policy: Cross-Origin

GET
H/1.1 200
OK Repo-Medium.otf
i.dir.bg/designs/headers/fonts/ 226 KB
226 KB 438ms
96ms Font
application/octet-stream 194.145.63.18
DELTA-BG-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://i.dir.bg/designs/headers/fonts/Repo-Medium.otf
Requested by: Host: i.dir.bg
URL: https://i.dir.bg/designs/headers/header-styles.css?_=20190626
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 194.145.63.18 Sofia, Bulgaria, ASN197216 (DELTA-BG-AS, BG),
Reverse DNS: i.dirbg.com
Software: nginx/1.2.1 /
Resource Hash: 86edd662c7d34ed546d32bdf03b5b0bf17841d112d1f9934230b5944b60e827c

Request headers

Referer: https://i.dir.bg/designs/headers/header-styles.css?_=20190626
Origin: http://novini.dir.bg
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Mon, 15 Aug 2022 02:56:55 GMT
Last-Modified: Mon, 13 May 2019 17:28:56 GMT
Server: nginx/1.2.1
Content-Type: application/octet-stream
Access-Control-Allow-Origin: *
Cache-Control: max-age=157680000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 231200
Expires: Sat, 14 Aug 2027 02:56:55 GMT

GET
H/1.1 200
OK icomoon.ttf
i.dir.bg/designs/headers/fonts/ 9 KB
9 KB 420ms
49ms Font
application/octet-stream 194.145.63.18
DELTA-BG-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://i.dir.bg/designs/headers/fonts/icomoon.ttf?ku8zm4
Requested by: Host: i.dir.bg
URL: https://i.dir.bg/designs/headers/header-styles.css?_=20190626
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 194.145.63.18 Sofia, Bulgaria, ASN197216 (DELTA-BG-AS, BG),
Reverse DNS: i.dirbg.com
Software: nginx/1.2.1 /
Resource Hash: 17ce5c80d4ad847acca2bd620035e685787f9018c910c9d13751cefdff7f2fb9

Request headers

Referer: https://i.dir.bg/designs/headers/header-styles.css?_=20190626
Origin: http://novini.dir.bg
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Mon, 15 Aug 2022 02:56:55 GMT
Last-Modified: Wed, 24 Apr 2019 15:32:31 GMT
Server: nginx/1.2.1
Content-Type: application/octet-stream
Access-Control-Allow-Origin: *
Cache-Control: max-age=157680000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 9088
Expires: Sat, 14 Aug 2027 02:56:55 GMT

GET
H2 200 pubads_impl_2022080901.js Show response
securepubads.g.doubleclick.net/gpt/ 385 KB
132 KB 84ms
21ms Script
text/javascript 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080901.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

sffe /

Resource Hash

e618a577f0277d37fa43eaa36bcde1a98e6698356705294205887f6ace5134d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://novini.dir.bg/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Sun, 14 Aug 2022 15:55:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 39683
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 134589
x-xss-protection: 0
last-modified: Tue, 09 Aug 2022 08:35:28 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 14 Aug 2023 15:55:32 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 291 B
786 B 89ms
28ms XHR
application/json 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=novini.dir.bg

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

c69c1c3e4e923e6c3b431e918a42d1c2b1cfe238eb817f8655e81dc5f5b795c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://novini.dir.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 15 Aug 2022 02:56:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 149
x-xss-protection: 0
expires: Mon, 15 Aug 2022 02:56:55 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 154ms
31ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=novini.dir.bg

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://novini.dir.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 15 Aug 2022 02:56:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 92ms
30ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=novini.dir.bg

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://novini.dir.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 15 Aug 2022 02:56:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 15 KB
8 KB 400ms
400ms XHR
text/plain 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3074280390157935&correlator=386419598843975&eid=31068923%2C31068925%2C44761478&output=ldjh&gdfp_req=1&vrg=2022080901&ptt=17&impl=fif&iu_parts=118570770%2CNews_Header&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x90%7C970x250%7C980x175%7C728x90%7C980x250&ifi=1&adks=2799138310&sfv=1-0-38&fsapi=false&cust_params=defaultp%3Dyes%26defaults%3Dyes%26site%3DNews&sc=0&cookie_enabled=1&abxe=1&dt=1660532215736&lmt=1660502782&dlt=1660532214919&idt=789&adxs=310&adys=110&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&bc=23&nvt=1&url=http%3A%2F%2Fnovini.dir.bg%2F&frm=20&vis=1&psz=980x0&msz=980x0&fws=0&ohw=0&ga_vid=1837377932.1660532216&ga_sid=1660532216&ga_hid=1383795352&ga_fc=false

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

ccc05b4870a5d79b00dbdb39a16109630e20f46829896da80502f9b546794260

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://novini.dir.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 02:56:56 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8073
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: http://novini.dir.bg
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
bcf79b9b46cd1c6d6f0b39baa0216384.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame A96A 6 KB
4 KB 147ms
28ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bcf79b9b46cd1c6d6f0b39baa0216384.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://novini.dir.bg/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 15 Aug 2022 02:56:55 GMT
expires: Tue, 15 Aug 2023 02:56:55 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK header_bgr_2.gif
i.dir.bg/novini/img/ 45 B
365 B 49ms
49ms Image
image/gif 194.145.63.18
DELTA-BG-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://i.dir.bg/novini/img/header_bgr_2.gif
Requested by: Host: i.dir.bg
URL: http://i.dir.bg/novini/styles-v2.css
Protocol: HTTP/1.1
Server: 194.145.63.18 Sofia, Bulgaria, ASN197216 (DELTA-BG-AS, BG),
Reverse DNS: i.dirbg.com
Software: nginx/1.2.1 /
Resource Hash: 8cca4552506edd533a271290c898e0d17c765c9b102f566bfb9dbb5aec2bccf8

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://i.dir.bg/novini/styles-v2.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Mon, 15 Aug 2022 02:56:55 GMT
Last-Modified: Sat, 25 Nov 2006 07:39:31 GMT
Server: nginx/1.2.1
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=157680000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 45
Expires: Sat, 14 Aug 2027 02:56:55 GMT

GET
H/1.1 200
OK 5_0jemr4.jpg
i.dir.bg/CMS/2022/07/13/0/ 3 KB
3 KB 60ms
60ms Image
image/jpeg 194.145.63.18
DELTA-BG-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.dir.bg/CMS/2022/07/13/0/5_0jemr4.jpg
Requested by: Host: novini.dir.bg
URL: http://novini.dir.bg/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 194.145.63.18 Sofia, Bulgaria, ASN197216 (DELTA-BG-AS, BG),
Reverse DNS: i.dirbg.com
Software: nginx/1.2.1 /
Resource Hash: 365bd29e061e224f7635cd974c0e6d3a7744a1c9b00af80288692023c03a1da4

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://novini.dir.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Mon, 15 Aug 2022 02:56:55 GMT
Last-Modified: Sun, 17 Jul 2022 03:46:26 GMT
Server: nginx/1.2.1
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=157680000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2677
Expires: Sat, 14 Aug 2027 02:56:55 GMT

GET
H/1.1 200
OK newssearchbackgr.png
i.dir.bg/novini/img/ 328 B
649 B 48ms
48ms Image
image/png 194.145.63.18
DELTA-BG-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://i.dir.bg/novini/img/newssearchbackgr.png
Requested by: Host: i.dir.bg
URL: http://i.dir.bg/novini/styles-v2.css
Protocol: HTTP/1.1
Server: 194.145.63.18 Sofia, Bulgaria, ASN197216 (DELTA-BG-AS, BG),
Reverse DNS: i.dirbg.com
Software: nginx/1.2.1 /
Resource Hash: c490d148077ee3acf386e1066a13c90083cf4f1277f11f69b37c2a37622fe068

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://i.dir.bg/novini/styles-v2.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Mon, 15 Aug 2022 02:56:55 GMT
Last-Modified: Fri, 28 Nov 2008 13:44:27 GMT
Server: nginx/1.2.1
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: max-age=157680000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 328
Expires: Sat, 14 Aug 2027 02:56:55 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 26 KB
11 KB 824ms
824ms XHR
text/plain 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3074280390157935&correlator=386419598843975&eid=31068923%2C31068925%2C44761478&output=ldjh&gdfp_req=1&vrg=2022080901&ptt=17&impl=fif&iu_parts=118570770%2CNews_Top&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x600%7C300x250&ifi=2&adks=2299044918&sfv=1-0-38&fsapi=false&cust_params=defaultp%3Dyes%26defaults%3Dyes%26site%3DNews&sc=0&cookie_enabled=1&abxe=1&dt=1660532215785&lmt=1660502782&dlt=1660532214919&idt=789&adxs=876&adys=357&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&bc=23&nvt=1&url=http%3A%2F%2Fnovini.dir.bg%2F&frm=20&vis=1&psz=310x0&msz=310x0&fws=0&ohw=0&ga_vid=1837377932.1660532216&ga_sid=1660532216&ga_hid=1383795352&ga_fc=false

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

ad45cb175e638f1adea4ad5b9a6ea0f148eb42e3d3841d9136304c98ab8c5b8f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://novini.dir.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 02:56:56 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10876
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: http://novini.dir.bg
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK right.html Show response
novini.dir.bg/ 8 KB
2 KB 60ms
59ms XHR
text/html 194.145.63.10
DELTA-BG-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://novini.dir.bg/right.html?1660532215787

Requested by

Host: novini.dir.bg
URL: http://novini.dir.bg/

Protocol

HTTP/1.1

Server

194.145.63.10 Sofia, Bulgaria, ASN197216 (DELTA-BG-AS, BG),

Reverse DNS

new.dir.bg

Software

nginx/0.8.54 /

Resource Hash

bb4e9bbba05309d23158ab07c432a305eac3d4342b96c7ecffda09b3df7f7476

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://novini.dir.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Mon, 15 Aug 2022 02:54:52 GMT
Content-Encoding: gzip
Last-Modified: Sun, 14 Aug 2022 18:45:26 GMT
Server: nginx/0.8.54
ETag: "c2af27409-1e6f-5e637eb2e2b55"
Transfer-Encoding: chunked
Content-Type: text/html; charset=windows-1251
X-XSS-Protection: 1; mode=block

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208090101/ 340 KB
121 KB 103ms
48ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6608147249443972&plah=novini.dir.bg

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d81f42c68afe5817619165de86e7fdd6ba8a67716798c2112fffa30162f08fda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://novini.dir.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 02:56:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 122753
x-xss-protection: 0
server: cafe
etag: 488620963171871103
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 15 Aug 2022 02:56:55 GMT

GET
H2

200

storageframe.html Show response
secure-it.imrworldwide.com/ Frame B1B8
Redirect Chain

http://secure-it.imrworldwide.com/storageframe.html
https://secure-it.imrworldwide.com/storageframe.html

11 KB
4 KB

139ms
46ms

Document
text/html

52.31.22.244
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure-it.imrworldwide.com/storageframe.html
Requested by: Host: secure-it.imrworldwide.com
URL: http://secure-it.imrworldwide.com/v60.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.31.22.244 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-31-22-244.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: c6107c1c1f1588cac73cb68d83222515b12c5dbf7f988fd0c39b4ff16414d3bc

Request headers

Referer: http://novini.dir.bg/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-methods: POST, OPTIONS
access-control-allow-origin: *
content-encoding: gzip
content-length: 3489
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Mon, 15 Aug 2022 02:56:55 GMT
etag: "62f143e3-da1"
last-modified: Mon, 08 Aug 2022 17:12:03 GMT
server: nginx

Redirect headers

Connection: keep-alive
Content-Length: 134
Content-Type: text/html
Date: Mon, 15 Aug 2022 02:56:55 GMT
Location: https://secure-it.imrworldwide.com:443/storageframe.html
Server: awselb/2.0

GET
H/1.1 200
OK xgemius.js Show response
gabg.hit.gemius.pl/ 57 KB
15 KB 105ms
49ms Script
application/x-javascript 78.128.6.42
TELEPOINT

General

Check archive.org

Show headers Download Go to

Full URL: http://gabg.hit.gemius.pl/xgemius.js
Requested by: Host: novini.dir.bg
URL: http://novini.dir.bg/
Protocol: HTTP/1.1
Server: 78.128.6.42 , Bulgaria, ASN31083 (TELEPOINT, BG),
Reverse DNS: ip-6-42.telehouse.bg
Software: GHC /
Resource Hash: 30f61d8d3d5c77ea172cf6f6ff996f2f46519e8a44b9c37e6a53609b84e58e78

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://novini.dir.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Mon, 15 Aug 2022 02:56:55 GMT
Content-Encoding: gzip
Last-Modified: Mon, 25 Jul 2022 11:52:01 GMT
Server: GHC
Vary: Accept-Encoding,Origin
P3P: CP="NOI DSP COR NID PSAo OUR IND"
Cache-Control: max-age=43200
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Accept-Ranges: none
Content-Type: application/x-javascript
Keep-Alive: timeout=10
Content-Length: 15187
Expires: Mon, 15 Aug 2022 14:56:55 GMT

GET
H3

200

__utm.gif
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/__utm.gif?utmwv=1.4&utmn=1791128803&utmcs=windows-1251&utmsr=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmcn=1&utmdt=%D0%9D%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8&ut...
https://www.google-analytics.com/__utm.gif?utmwv=1.4&utmn=1791128803&utmcs=windows-1251&utmsr=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmcn=1&utmdt=%D0%9D%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8&u...

35 B
55 B

64ms
22ms

Image
image/gif

2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/__utm.gif?utmwv=1.4&utmn=1791128803&utmcs=windows-1251&utmsr=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmcn=1&utmdt=%D0%9D%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8&utmhn=novini.dir.bg&utmhid=1383795352&utmr=-&utmp=/&utmac=UA-436010-11&utmcc=__utma%3D95319433.1791128803.1660532216.1660532216.1660532216.1%3B%2B__utmz%3D95319433.1660532216.1.1.utmccn%3D(direct)%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)%3B%2B

Requested by

Host: novini.dir.bg
URL: http://novini.dir.bg/

Protocol

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://novini.dir.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Aug 2022 18:22:27 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 30868
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://www.google-analytics.com/__utm.gif?utmwv=1.4&utmn=1791128803&utmcs=windows-1251&utmsr=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmcn=1&utmdt=%D0%9D%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8&utmhn=novini.dir.bg&utmhid=1383795352&utmr=-&utmp=/&utmac=UA-436010-11&utmcc=__utma%3D95319433.1791128803.1660532216.1660532216.1660532216.1%3B%2B__utmz%3D95319433.1660532216.1.1.utmccn%3D(direct)%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)%3B%2B
Non-Authoritative-Reason: HSTS
Cross-Origin-Resource-Policy: Cross-Origin

GET
H/1.1 200
OK utb.php Show response
r5.dir.bg/ 102 B
826 B 71ms
70ms Script
text/javascript 194.145.63.27
DELTA-BG-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://r5.dir.bg/utb.php?rnd=32565

Requested by

Host: novini.dir.bg
URL: http://novini.dir.bg/

Protocol

HTTP/1.1

Server

194.145.63.27 Sofia, Bulgaria, ASN197216 (DELTA-BG-AS, BG),

Reverse DNS

diri.bg

Software

Apache/2.2.22 (Debian) /

Resource Hash

06523ca77a82f4f39bee10b324c3e472e32f296cda5146dd04d222dde9e05a7b

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://novini.dir.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 15 Aug 2022 02:53:52 GMT
Server: Apache/2.2.22 (Debian)
Content-Type: text/javascript; charset=utf-8
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Content-Length: 102
X-XSS-Protection: 1; mode=block
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 200
OK passimg.php
r5.dir.bg/ 43 B
653 B 73ms
73ms Image
image/gif 194.145.63.27
DELTA-BG-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://r5.dir.bg/passimg.php?laststep=1&gcat=32

Requested by

Host: novini.dir.bg
URL: http://novini.dir.bg/

Protocol

HTTP/1.1

Server

194.145.63.27 Sofia, Bulgaria, ASN197216 (DELTA-BG-AS, BG),

Reverse DNS

diri.bg

Software

Apache/2.2.22 (Debian) /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://novini.dir.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 15 Aug 2022 02:52:32 GMT
Server: Apache/2.2.22 (Debian)
Content-Type: image/gif
Cache-Control: max-age=2592000
Content-Length: 43
X-XSS-Protection: 1; mode=block
Expires: Wed, 14 Sep 2022 05:52:32 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 210 B
414 B 29ms
28ms Script
text/javascript 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=novini.dir.bg&callback=_gfp_s_&client=ca-pub-6608147249443972

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6608147249443972&plah=novini.dir.bg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

27a4a77cde11ec2b7bdfb1211c9745a6c5b207049e0c92ef1a8b1d3c76c1145d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://novini.dir.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 02:56:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 198
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 81ms
30ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=novini.dir.bg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://novini.dir.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 15 Aug 2022 02:56:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 73ms
30ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=novini.dir.bg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://novini.dir.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 15 Aug 2022 02:56:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 96FA 430 B
790 B 164ms
114ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6608147249443972&output=html&h=250&slotname=2398436569&adk=3549003101&adf=2891041743&pi=t.ma~as.2398436569&w=300&lmt=1660502782&url=http%3A%2F%2Fnovini.dir.bg%2F&wgl=1&dt=1660532215788&bpp=10&bdt=869&idt=176&shv=r20220810&mjsv=m202208090101&ptt=5&saldr=sa&abxe=1&correlator=5398087810287&frm=20&pv=2&ga_vid=1837377932.1660532216&ga_sid=1660532216&ga_hid=1383795352&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=871&ady=1146&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31068881&oid=2&pvsid=3074280390157935&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CEe%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=3&uci=a!3&fsb=1&xpc=7kTnEDbVET&p=http%3A//novini.dir.bg&dtd=188

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e8836718d624d00a0569066b8973ed299b992a74fd366170dfdd45e65c9d0528

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://novini.dir.bg/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 209
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 15 Aug 2022 02:56:56 GMT
expires: Mon, 15 Aug 2022 02:56:56 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 fpdata.js Show response
gabg.hit.gemius.pl/ 275 B
506 B 206ms
96ms Script
application/x-javascript 78.128.6.42
TELEPOINT

General

Check archive.org

Show headers Download Go to

Full URL: https://gabg.hit.gemius.pl/fpdata.js?href=novini.dir.bg
Requested by: Host: gabg.hit.gemius.pl
URL: http://gabg.hit.gemius.pl/xgemius.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 78.128.6.42 , Bulgaria, ASN31083 (TELEPOINT, BG),
Reverse DNS: ip-6-42.telehouse.bg
Software: GHC /
Resource Hash: 7178afdbb71acc320499337edadc680181aa9d69f4e0f9688bc9b7f39ab74d83

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://novini.dir.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 02:56:56 GMT
last-modified: Mon, 16 Jul 2012 10:03:40 GMT
server: GHC
etag: PRIVATE7520710249
p3p: CP="NOI DSP COR NID PSAo OUR IND"
cache-control: private, max-age=2592000
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-type: application/x-javascript
content-length: 275
expires: Wed, 14 Sep 2022 02:56:56 GMT

GET
H/1.1 200
OK lsget.html Show response
ls.hit.gemius.pl/ Frame 2CCE 5 KB
3 KB 116ms
40ms Document
text/html 145.239.237.56
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://ls.hit.gemius.pl/lsget.html
Requested by: Host: gabg.hit.gemius.pl
URL: http://gabg.hit.gemius.pl/xgemius.js
Protocol: HTTP/1.1
Server: 145.239.237.56 , France, ASN16276 (OVH, FR),
Reverse DNS: ip56.ip-145-239-237.eu
Software: GHC /
Resource Hash: ea9eb08c5a34699d928c935c01324f6fd761b40aa8388e9b7901fc0bdda7d51b

Request headers

Referer: http://novini.dir.bg/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: none
Cache-Control: private, max-age=2592000
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 2722
Content-Type: text/html;charset=utf-8
Cross-Origin-Resource-Policy: cross-origin
Date: Mon, 15 Aug 2022 02:56:56 GMT
ETag: PRIVATE7520710249
Expires: Wed, 14 Sep 2022 02:56:56 GMT
Keep-Alive: timeout=10
Last-Modified: Mon, 16 Jul 2012 10:03:40 GMT
P3P: CP="NOI DSP COR NID PSAo OUR IND"
Server: GHC
Vary: Accept-Encoding,Origin,User-Agent

GET
H3 200 container.html Show response
bcf79b9b46cd1c6d6f0b39baa0216384.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 7BA4 6 KB
3 KB 73ms
29ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bcf79b9b46cd1c6d6f0b39baa0216384.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://novini.dir.bg/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 15 Aug 2022 02:56:56 GMT
expires: Tue, 15 Aug 2023 02:56:56 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 lsget.html Show response
ls.hit.gemius.pl/ Frame 0083 5 KB
3 KB 111ms
36ms Document
text/html 145.239.237.56
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://ls.hit.gemius.pl/lsget.html?mode=new
Requested by: Host: ls.hit.gemius.pl
URL: http://ls.hit.gemius.pl/lsget.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 145.239.237.56 , France, ASN16276 (OVH, FR),
Reverse DNS: ip56.ip-145-239-237.eu
Software: GHC /
Resource Hash: ca200290da168626c17e1a5b04998d202eeb8ce8d68d140a06c211053bd5ac17

Request headers

Referer: http://ls.hit.gemius.pl/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: none
cache-control: private, max-age=2592000
content-encoding: gzip
content-length: 2714
content-type: text/html;charset=utf-8
cross-origin-resource-policy: cross-origin
date: Mon, 15 Aug 2022 02:56:56 GMT
etag: PRIVATE7520710249
expires: Wed, 14 Sep 2022 02:56:56 GMT
last-modified: Mon, 16 Jul 2012 10:03:40 GMT
p3p: CP="NOI DSP COR NID PSAo OUR IND"
server: GHC
vary: Accept-Encoding,Origin,User-Agent

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame A3FB 624 B
300 B 74ms
30ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CMX_6gIQ4KTvAhj45_HLATAB&v=APEucNVyJGz3HhZpD389sk1tGQNxqKYcRUCkvoIFnjGKPEtAupN_ssaYisESmfOYE84j8TuCWCUwfnC92p26Knbp1ICJNBFyLDl3jAnyzCNu9cf0Z9e2DPQoS1N1fzmyed06uMLV2WhbNjqIYyjpkSp5O4edvs0QVP-zQviCkQNmsMkJeoRo1eQ

Requested by

Host: bcf79b9b46cd1c6d6f0b39baa0216384.safeframe.googlesyndication.com
URL: https://bcf79b9b46cd1c6d6f0b39baa0216384.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bcf79b9b46cd1c6d6f0b39baa0216384.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 276
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 15 Aug 2022 02:56:56 GMT
expires: Mon, 15 Aug 2022 02:56:56 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 7BA4 81 KB
34 KB 94ms
52ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-ARb8FeDCf6emzxymhqifr6KRw_Zhn42H4uFwcODk5y25pyTne2u7J9tIwyrlw_lr2nY_T-_VRT60waHEkou7hGY_QJsw&cry=1&dbm_d=AKAmf-AzDC-vDm9AmAUt1HkiMj2OI8h7fr2vNYjIvIHKY7nopcNB5z-cEskCn3prgz9Q9Fl1KoB-uuhP_3dgyGmpRrpCu9vxAOXp7h6qmYeRki0AAdzWxlUuVv4X0J3G4ig47rfcmE_2e8b2X5kuaBmzDZeTX85nRqRjmhh6YSWHfGuVqzPws1-zGYPQ1aNMZ65tdxefpi1_WlADXNs3jFN_eUGEBCInBT7xxHUMXaU-G-X62zXiBWD9jUigaM9DPC39GBUoUUNtD8hHoTYL-_naLsBj0ZAblP0oPCO4m3k0FKdQadhQshBGgB3nNgUh1Hi4XPm60apvBn8v_A3r0Z1f4A2cQ7SKO5opxEDRfPOQVfSEF9M3byviKW7u3FgxLSfTx7E__ffgsgVUz_kNPnpcVOEsvrgL3CspN-qvt_G-tIzAdqYYlUkhnNz7gTDisUPT7Ik-le2apKeOTAwVWq1q4KgQBFvHaDYj3GTouPGCexicre_dWTNaLRThxqkJaC3p6jsQhwOqEfkHNTlUNjODB8J2hzRc4z1DWiNs5IhlVgeD-e_RpchPK4ttbaQueSbShshTzMhItKPFWgj43Ib4ENahI1fBc-OhymGsl2MPAw_YNhs-jP5ff3bW3lL_EtEDBrI8kyFN4b4UvZ2grIfCI1dsIOIFlvL-cqCSe8x1I6jajZPJSkxduOBrdeJgrMSAfvUzlDTgnvCwxAPPZMv68syK4MhIB_zpFOIYkvSSwl9xeEfVvFN-BupZuVp7OSPgBgoIUDZ7fxG_JghVdO6SgFX92AaAOwwi1NgDYbXNZnT6T2ClVcemQbzy2azoCvTQISN3T64Bf18okIXwU2dSFZyfwc3oBHYKAbeJqh5rho4TUXKX0opH3mA4ZcpIUmbTcgGHeM_c9K04rcwO1pVlFi_dt4Oe8QWiIgHLWPMrlnybjFRXsFBB76BqdcF788BIK--OlZF0MK7UxPQSv32PqRnYx3ER5qk_6QcW8kXhfNIm5V7Tz_yE8shfRAnA-BqmFydCToTXnYSW3YuBxrIuvQWmKvBlPrS56OBAsce4hU1EPSZVxSixEs8Ij1TmEmJHcHPaKhE54tOhEowI4Bfi-E567_asgi8esAu2Xdkyog0CANUZul0ArEC4ic5-Fdoo-gCYohmeC3HbpUu5Z28QZpGgCQxn-DcGYDM2jzNNe9idz4Au8C7D_mpD9mRgKEox8Fh-WE7p5J1ij479-NhdVM39DJg0DHayHE0C0u6AkzoXwfOz6Dwm8arJ0Q-gud23b2Ow3kFaRiv5diD4ESWVI4KZVkdCcRgTYmbiQRGMaXBEqE_EC2qcoi4XTvq1vs_VmbVYJR3venQsL8n0_DEbvTRAiX8kGDj2D4QTRD50TLBq_BLnnyT7hS6vCmsyf-FVi7-NLET9ZPR_2Xu_QqiBC2DF-gerQyCOCyAL5Km9ECDCBcY7q96r1KimvPy8ZSKbOMzINmmw1ljSCelKVikr_H0XDKhwMK7a6Gl0R0pUN5Y89P5_xLn9kohAhIluXUK_ME6rynj2HEqTQFbNPTESY1A5ThEJs9OvPq8kA-uwPQtRO5M9frG2YjjZtY0o3kvntorpwYapTKP6faQVw23QLz4rrprNTzmiCM6EdN_wbmXO1CDMDVfk4_zQLgKNX-EwR0jL7RUop9QiskshFR0nSCbIXGePQ6R2_i39B5s8t7FDyyZ_sOPwwKsdsaTEz6osB_99tzcapBV-kYWFR0ac4Uq_0hBL_tJB-oWxtJLSh1yUKyqFVEFhzK7zBXRsLjJ5UzmO9LdV8ClEe-66ygIXM2Y7oYNNdHsJ6EEbOnyp7oLGmUR4coHbMjiZqa2YctedbwrKrso72CNcVnPicwgtw4jCONh5WjVj2MdHMBEs0Rqeyvsvkkh_YMOhm7AuGOu_Y-W7zh7pqgOCYxzkylweZ5YwjyPu2qoTC5C0T8m6TPC2LduWy3kp0xO_Ua49XP6pZC2aJYP-yt-jmh5taIgRQMumrzNOS_nlIT045fBFJgJqOThA4wK43uouivGdp-fV9jhwb50Jqr1JQfjL_BjZt3xFzhImouJfvCbd6qVo84NM48w343YA1ggxRSylXfr5tVrA1VY-Kn2QPa7uA9borCRebJDxONCTD7D5l8wYgY-FxYs3q9gVxVluKwhszcZyVi5MZVMbFbhFTPjl6JeGnzNZcmCHsn64tLwuE7xHJhqD4nZzRw0e08OVb3HMQnQ9jGF1Rbl39Eu6FfxEV8R8Lis0phHv7wWZiJzEeiiKMoDU_oW_Q-f7LlKQ6Bzs2kmTmmsC0Y1VkB6nHb01xRNb7_Wc-8LRE7IcGbKKUXJKn_NL8hpd_mdHTsZojL0TQKGIuJc5OK5wblk96G0gE_8CSYo8tcl80z9Fg7G1K6NkHJZx8J7C_uNvqxgWNUiKndYx8oe_F222dQtXoWSkOX3LAHeOu7SsfnjVBjTJpdDSXO36YOMCpkftVGaBtZg6PVUBJACNzFGJSUkLlwJluVzWwtX7saujV4t9WExPBMkj3DXTg_rqIyUiKwVXd4DjenfIVAs_HHg1xN0zWihBBYdNN9lNHLUrEzSf2pEcbAvqbjrztvnIphjpA8lBJThRANrQCUnuxKduJ4uf2nDpsAk07ahcLGR1gWzt6Lwg5ilwjUf9Mh6j1_SmMohIojhggbHC8YEhcElx38Njg--IrAbC689KMFArpZnzQf9yazVqqUtCyA0Q39syKHT8QU8G-ojPBGRN7WtjBVCs_r3sRZxQrMQ-t7h0gElMqIKcWAhfrDbIP9Hl5le2zZrkL_810yMOKylQFsUMYEhNjks4rb-maW3Pf3dmzVyL8CNaS5KAs33uVEO1xv2APoZF2do3YspiDL2DfstwqgmI1Zi9--JHIB2dbuL7oMRAMjKAGi6v18genW11rULQ1hQ13v0Ts_tpCQIOettmmVo5grQHnHIJbRH96w4ybhLyIj98rR0i743phJQx3Gvamq7Ukg1YsXJlh7uubfK2X1C3V6VjKu7WF5RbumOW2AdO36mb1BFp7KMGn98JYNjsJe6jYsuWUekFmHVTnr6NQ1SBgmSY2WccMB9qYAMFOgKevbdY8dQ-C7if-ISle-6Cci36rRH6Jnd4E4IrwScIOlqIi1RRxX1JmpSRiA060BxUIw4B2WGJVLVVX9ffyRfZcAJkvacuzL2dKa2sVN6fj0ztJNJbyi_a8kSxh72O_KVg3XFaxK3Hl9HFkgi4xLJSFYKUZWhk36PYQPv14KCKncZzW2oehVDhAAiYaSCwiUFpxF3ArzQ1v6TurCSOKSzSgRZrXqoJWwf-oF4sk9ZOKZIt-wCVk4uJSMbAejMlyvaPTNmZRjCN2v8zoAWY4oFom2ggwAhz0LZ2CVX3Wdrh&cid=CAASKORoYs6pfephkucYPkUXkkGxuqxxqZgu4rhbOe48k59z7Rz00grKRZw&rfl=1%2Chttp%253A%252F%252Fnovini.dir.bg%252F%240

Requested by

Host: novini.dir.bg
URL: http://novini.dir.bg/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

030ee6e8fad35b2d5e8fe8c85f0105966fbb9b78d3b3cdcaf0527f1228acd47c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bcf79b9b46cd1c6d6f0b39baa0216384.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Aug 2022 02:56:56 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34346
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7BA4 42 B
63 B 97ms
55ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DR9QFwyLjLINOwgkKmtMN4aYFvFViV0cc-BHOyetJWPzWDEPCtDVpj9tpS9MxIuxb_i63HigwHRTgKHEnMLVPwGBnksvhkc9GiUNp8IV87-KplaY8

Requested by

Host: bcf79b9b46cd1c6d6f0b39baa0216384.safeframe.googlesyndication.com
URL: https://bcf79b9b46cd1c6d6f0b39baa0216384.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bcf79b9b46cd1c6d6f0b39baa0216384.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Aug 2022 02:56:56 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220810/r20110914/client/ Frame 7BA4 3 KB
1 KB 73ms
21ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220810/r20110914/client/window_focus_fy2021.js

Requested by

Host: bcf79b9b46cd1c6d6f0b39baa0216384.safeframe.googlesyndication.com
URL: https://bcf79b9b46cd1c6d6f0b39baa0216384.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bcf79b9b46cd1c6d6f0b39baa0216384.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 02:52:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 293
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 29 Aug 2022 02:52:03 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220810/r20110914/client/ Frame 7BA4 17 KB
8 KB 71ms
20ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220810/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: bcf79b9b46cd1c6d6f0b39baa0216384.safeframe.googlesyndication.com
URL: https://bcf79b9b46cd1c6d6f0b39baa0216384.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bcf79b9b46cd1c6d6f0b39baa0216384.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 02:54:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 162
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7599
x-xss-protection: 0
server: cafe
etag: 9215437806027971270
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 29 Aug 2022 02:54:14 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 7BA4 0
0 81ms
30ms Image
text/html 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSW7HzcjZkQRinnB7zuMaCEgqpDsScsTxCPW8ge9RAtGu6aQERKPmtzXtufgEW-jii-PzO-Rpb4qpOe0iJN_cL980sYCQ
Requested by: Host: bcf79b9b46cd1c6d6f0b39baa0216384.safeframe.googlesyndication.com
URL: https://bcf79b9b46cd1c6d6f0b39baa0216384.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bcf79b9b46cd1c6d6f0b39baa0216384.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7BA4 140 KB
43 KB 106ms
63ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: bcf79b9b46cd1c6d6f0b39baa0216384.safeframe.googlesyndication.com
URL: https://bcf79b9b46cd1c6d6f0b39baa0216384.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

75bf5c0112a41f871dc47c5e98deef6dc7db8e94178bf0c853f3a09415f6d338

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bcf79b9b46cd1c6d6f0b39baa0216384.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 02:56:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44015
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1660137096112928"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 15 Aug 2022 02:56:56 GMT

GET
H2

200

rexdot.js Show response
gabg.hit.gemius.pl/__/_1660532216302/
Redirect Chain

https://gabg.hit.gemius.pl/_1660532216302/rexdot.js?l=100&id=0nKaqGdw4zKR1fGhh6IWU9U5jw61Q0O7NmyLWD27pZD.e7&et=view&hsrc=1&initsonar=1&extra=&inner=_ver%3D328&eventid=0&fr=1&tz=0&fv=-&href=http%3A%...
https://gabg.hit.gemius.pl/__/_1660532216302/rexdot.js?l=100&id=0nKaqGdw4zKR1fGhh6IWU9U5jw61Q0O7NmyLWD27pZD.e7&et=view&hsrc=1&initsonar=1&extra=&inner=_ver%3D328&eventid=0&fr=1&tz=0&fv=-&href=http%...

452 B
707 B

118ms
117ms

Script
application/x-javascript

78.128.6.42
TELEPOINT

General

Check archive.org

Show headers Download Go to

Full URL: https://gabg.hit.gemius.pl/__/_1660532216302/rexdot.js?l=100&id=0nKaqGdw4zKR1fGhh6IWU9U5jw61Q0O7NmyLWD27pZD.e7&et=view&hsrc=1&initsonar=1&extra=&inner=_ver%3D328&eventid=0&fr=1&tz=0&fv=-&href=http%3A%2F%2Fnovini.dir.bg%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=EHclAvWndFmqqs0LispZCufirb4_GiSuFOVSv2Co9kb.J7Cyib6mXmPvQv2GR9R8yiWuttMFOevDbCou4dS2TDGGKjkv/mMCtKTVM2xJoa/&ltime=291&fpdata=tt96ofD_YBZnU849yZCIkZMIhZib7h6j0ywXrOuj.d7.J7&lsadd=&fpcap=
Requested by: Host: novini.dir.bg
URL: http://novini.dir.bg/
Protocol: H2
Server: 78.128.6.42 , Bulgaria, ASN31083 (TELEPOINT, BG),
Reverse DNS: ip-6-42.telehouse.bg
Software: GHC /
Resource Hash: 764a1bf9b1c821de452d57dc4a1db00315b9a11e3c358c3124700901610a38fd

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://novini.dir.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Aug 2022 02:56:56 GMT
server: GHC
p3p: CP="NOI DSP COR NID PSAo OUR IND"
cache-control: no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-type: application/x-javascript
content-length: 452
expires: Sun, 14 Aug 2022 02:56:56 GMT

Redirect headers

pragma: no-cache
date: Mon, 15 Aug 2022 02:56:56 GMT
server: GHC
p3p: CP="NOI DSP COR NID PSAo OUR IND"
location: /__/_1660532216302/rexdot.js?l=100&id=0nKaqGdw4zKR1fGhh6IWU9U5jw61Q0O7NmyLWD27pZD.e7&et=view&hsrc=1&initsonar=1&extra=&inner=_ver%3D328&eventid=0&fr=1&tz=0&fv=-&href=http%3A%2F%2Fnovini.dir.bg%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=EHclAvWndFmqqs0LispZCufirb4_GiSuFOVSv2Co9kb.J7Cyib6mXmPvQv2GR9R8yiWuttMFOevDbCou4dS2TDGGKjkv/mMCtKTVM2xJoa/&ltime=291&fpdata=tt96ofD_YBZnU849yZCIkZMIhZib7h6j0ywXrOuj.d7.J7&lsadd=&fpcap=
cache-control: no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-length: 0
expires: Sun, 14 Aug 2022 02:56:56 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame A3FB
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBihqolPqtbfE8Jlz8T4-wk&google_cver=1

43 B
907 B

72ms
44ms

Image
image/gif

104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBihqolPqtbfE8Jlz8T4-wk&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMX_6gIQ4KTvAhj45_HLATAB&v=APEucNVyJGz3HhZpD389sk1tGQNxqKYcRUCkvoIFnjGKPEtAupN_ssaYisESmfOYE84j8TuCWCUwfnC92p26Knbp1ICJNBFyLDl3jAnyzCNu9cf0Z9e2DPQoS1N1fzmyed06uMLV2WhbNjqIYyjpkSp5O4edvs0QVP-zQviCkQNmsMkJeoRo1eQ
Protocol: H3
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

cf-ray: 73aea8f148e16955-FRA
pragma: no-cache
date: Mon, 15 Aug 2022 02:56:56 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0ngjntlHW7Bm9EdA31TczRAB5jwoVQ83gJjkTw7E%2BS7sBhmrDA1s4JaDnVzwq8SqKqW7cEEMD5brcql1TrYkXdL1DDyvoUiReE1exSDBPL1xbVC25FBmWzMjKdYqRHVOVfZrJjoAcKF0oQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 15 Aug 2022 02:56:56 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBihqolPqtbfE8Jlz8T4-wk&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame A3FB
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Yvm1.DJqyQgxAGD256kFFgAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBihqolPqtbfE8Jlz8T4-wk&google_cver=1&google_hm=2

43 B
910 B

40ms
39ms

Image
image/gif

104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBihqolPqtbfE8Jlz8T4-wk&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMX_6gIQ4KTvAhj45_HLATAB&v=APEucNVyJGz3HhZpD389sk1tGQNxqKYcRUCkvoIFnjGKPEtAupN_ssaYisESmfOYE84j8TuCWCUwfnC92p26Knbp1ICJNBFyLDl3jAnyzCNu9cf0Z9e2DPQoS1N1fzmyed06uMLV2WhbNjqIYyjpkSp5O4edvs0QVP-zQviCkQNmsMkJeoRo1eQ
Protocol: H3
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

cf-ray: 73aea8f229726955-FRA
pragma: no-cache
date: Mon, 15 Aug 2022 02:56:56 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YaFFx2YH0SRrg7SPYKcMG2Js2OhLQtiyw5pCnvCeblASVQliqiuQ6pQoyZQaNnKCnERvqvYGRCUdgc8%2BX3wZk7neQzxBL2jr0%2FA5q1qTadqqPQuNUbDEZtQt8eq9P6f%2BS8JRDYnMZpr47Q%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 15 Aug 2022 02:56:56 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBihqolPqtbfE8Jlz8T4-wk&google_cver=1&google_hm=2
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

bounce
ib.adnxs.com/ Frame A3FB
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEK_I8DyY1u6XJyDCAJFJSqM&google_cver=1
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEK_I8DyY1u6XJyDCAJFJSqM%26google_cver%3D1

43 B
1 KB

37ms
27ms

Image
image/gif

185.89.210.46
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEK_I8DyY1u6XJyDCAJFJSqM%26google_cver%3D1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMX_6gIQ4KTvAhj45_HLATAB&v=APEucNVyJGz3HhZpD389sk1tGQNxqKYcRUCkvoIFnjGKPEtAupN_ssaYisESmfOYE84j8TuCWCUwfnC92p26Knbp1ICJNBFyLDl3jAnyzCNu9cf0Z9e2DPQoS1N1fzmyed06uMLV2WhbNjqIYyjpkSp5O4edvs0QVP-zQviCkQNmsMkJeoRo1eQ

Protocol

HTTP/1.1

Server

185.89.210.46 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 15 Aug 2022 02:56:56 GMT
X-Proxy-Origin: 84.19.175.183; 84.19.175.183; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: af57724e-74a8-4245-9b0e-251eb86c0b5e
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 15 Aug 2022 02:56:56 GMT
X-Proxy-Origin: 84.19.175.183; 84.19.175.183; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 827fd924-a592-4ed7-b689-73df89c421ea
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEK_I8DyY1u6XJyDCAJFJSqM%26google_cver%3D1
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame A3FB
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzkyOTk2MTAzNTk3NjI5NTg2Nw%3D%3D

170 B
188 B

76ms
34ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzkyOTk2MTAzNTk3NjI5NTg2Nw%3D%3D

Requested by

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Aug 2022 02:56:56 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 15 Aug 2022 02:56:56 GMT
X-Proxy-Origin: 84.19.175.183; 84.19.175.183; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: d78ac224-3233-4192-8247-b575d5a4705d
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzkyOTk2MTAzNTk3NjI5NTg2Nw%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame 7BA4 106 KB
38 KB 120ms
20ms Script
text/javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Requested by

Host: novini.dir.bg
URL: http://novini.dir.bg/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bcf79b9b46cd1c6d6f0b39baa0216384.safeframe.googlesyndication.com/
Origin: https://bcf79b9b46cd1c6d6f0b39baa0216384.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 09:05:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 64289
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37872
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 15 Aug 2022 09:05:27 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220810/r20110914/elements/html/ Frame 7BA4 8 KB
3 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220810/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-ARb8FeDCf6emzxymhqifr6KRw_Zhn42H4uFwcODk5y25pyTne2u7J9tIwyrlw_lr2nY_T-_VRT60waHEkou7hGY_QJsw&cry=1&dbm_d=AKAmf-AzDC-vDm9AmAUt1HkiMj2OI8h7fr2vNYjIvIHKY7nopcNB5z-cEskCn3prgz9Q9Fl1KoB-uuhP_3dgyGmpRrpCu9vxAOXp7h6qmYeRki0AAdzWxlUuVv4X0J3G4ig47rfcmE_2e8b2X5kuaBmzDZeTX85nRqRjmhh6YSWHfGuVqzPws1-zGYPQ1aNMZ65tdxefpi1_WlADXNs3jFN_eUGEBCInBT7xxHUMXaU-G-X62zXiBWD9jUigaM9DPC39GBUoUUNtD8hHoTYL-_naLsBj0ZAblP0oPCO4m3k0FKdQadhQshBGgB3nNgUh1Hi4XPm60apvBn8v_A3r0Z1f4A2cQ7SKO5opxEDRfPOQVfSEF9M3byviKW7u3FgxLSfTx7E__ffgsgVUz_kNPnpcVOEsvrgL3CspN-qvt_G-tIzAdqYYlUkhnNz7gTDisUPT7Ik-le2apKeOTAwVWq1q4KgQBFvHaDYj3GTouPGCexicre_dWTNaLRThxqkJaC3p6jsQhwOqEfkHNTlUNjODB8J2hzRc4z1DWiNs5IhlVgeD-e_RpchPK4ttbaQueSbShshTzMhItKPFWgj43Ib4ENahI1fBc-OhymGsl2MPAw_YNhs-jP5ff3bW3lL_EtEDBrI8kyFN4b4UvZ2grIfCI1dsIOIFlvL-cqCSe8x1I6jajZPJSkxduOBrdeJgrMSAfvUzlDTgnvCwxAPPZMv68syK4MhIB_zpFOIYkvSSwl9xeEfVvFN-BupZuVp7OSPgBgoIUDZ7fxG_JghVdO6SgFX92AaAOwwi1NgDYbXNZnT6T2ClVcemQbzy2azoCvTQISN3T64Bf18okIXwU2dSFZyfwc3oBHYKAbeJqh5rho4TUXKX0opH3mA4ZcpIUmbTcgGHeM_c9K04rcwO1pVlFi_dt4Oe8QWiIgHLWPMrlnybjFRXsFBB76BqdcF788BIK--OlZF0MK7UxPQSv32PqRnYx3ER5qk_6QcW8kXhfNIm5V7Tz_yE8shfRAnA-BqmFydCToTXnYSW3YuBxrIuvQWmKvBlPrS56OBAsce4hU1EPSZVxSixEs8Ij1TmEmJHcHPaKhE54tOhEowI4Bfi-E567_asgi8esAu2Xdkyog0CANUZul0ArEC4ic5-Fdoo-gCYohmeC3HbpUu5Z28QZpGgCQxn-DcGYDM2jzNNe9idz4Au8C7D_mpD9mRgKEox8Fh-WE7p5J1ij479-NhdVM39DJg0DHayHE0C0u6AkzoXwfOz6Dwm8arJ0Q-gud23b2Ow3kFaRiv5diD4ESWVI4KZVkdCcRgTYmbiQRGMaXBEqE_EC2qcoi4XTvq1vs_VmbVYJR3venQsL8n0_DEbvTRAiX8kGDj2D4QTRD50TLBq_BLnnyT7hS6vCmsyf-FVi7-NLET9ZPR_2Xu_QqiBC2DF-gerQyCOCyAL5Km9ECDCBcY7q96r1KimvPy8ZSKbOMzINmmw1ljSCelKVikr_H0XDKhwMK7a6Gl0R0pUN5Y89P5_xLn9kohAhIluXUK_ME6rynj2HEqTQFbNPTESY1A5ThEJs9OvPq8kA-uwPQtRO5M9frG2YjjZtY0o3kvntorpwYapTKP6faQVw23QLz4rrprNTzmiCM6EdN_wbmXO1CDMDVfk4_zQLgKNX-EwR0jL7RUop9QiskshFR0nSCbIXGePQ6R2_i39B5s8t7FDyyZ_sOPwwKsdsaTEz6osB_99tzcapBV-kYWFR0ac4Uq_0hBL_tJB-oWxtJLSh1yUKyqFVEFhzK7zBXRsLjJ5UzmO9LdV8ClEe-66ygIXM2Y7oYNNdHsJ6EEbOnyp7oLGmUR4coHbMjiZqa2YctedbwrKrso72CNcVnPicwgtw4jCONh5WjVj2MdHMBEs0Rqeyvsvkkh_YMOhm7AuGOu_Y-W7zh7pqgOCYxzkylweZ5YwjyPu2qoTC5C0T8m6TPC2LduWy3kp0xO_Ua49XP6pZC2aJYP-yt-jmh5taIgRQMumrzNOS_nlIT045fBFJgJqOThA4wK43uouivGdp-fV9jhwb50Jqr1JQfjL_BjZt3xFzhImouJfvCbd6qVo84NM48w343YA1ggxRSylXfr5tVrA1VY-Kn2QPa7uA9borCRebJDxONCTD7D5l8wYgY-FxYs3q9gVxVluKwhszcZyVi5MZVMbFbhFTPjl6JeGnzNZcmCHsn64tLwuE7xHJhqD4nZzRw0e08OVb3HMQnQ9jGF1Rbl39Eu6FfxEV8R8Lis0phHv7wWZiJzEeiiKMoDU_oW_Q-f7LlKQ6Bzs2kmTmmsC0Y1VkB6nHb01xRNb7_Wc-8LRE7IcGbKKUXJKn_NL8hpd_mdHTsZojL0TQKGIuJc5OK5wblk96G0gE_8CSYo8tcl80z9Fg7G1K6NkHJZx8J7C_uNvqxgWNUiKndYx8oe_F222dQtXoWSkOX3LAHeOu7SsfnjVBjTJpdDSXO36YOMCpkftVGaBtZg6PVUBJACNzFGJSUkLlwJluVzWwtX7saujV4t9WExPBMkj3DXTg_rqIyUiKwVXd4DjenfIVAs_HHg1xN0zWihBBYdNN9lNHLUrEzSf2pEcbAvqbjrztvnIphjpA8lBJThRANrQCUnuxKduJ4uf2nDpsAk07ahcLGR1gWzt6Lwg5ilwjUf9Mh6j1_SmMohIojhggbHC8YEhcElx38Njg--IrAbC689KMFArpZnzQf9yazVqqUtCyA0Q39syKHT8QU8G-ojPBGRN7WtjBVCs_r3sRZxQrMQ-t7h0gElMqIKcWAhfrDbIP9Hl5le2zZrkL_810yMOKylQFsUMYEhNjks4rb-maW3Pf3dmzVyL8CNaS5KAs33uVEO1xv2APoZF2do3YspiDL2DfstwqgmI1Zi9--JHIB2dbuL7oMRAMjKAGi6v18genW11rULQ1hQ13v0Ts_tpCQIOettmmVo5grQHnHIJbRH96w4ybhLyIj98rR0i743phJQx3Gvamq7Ukg1YsXJlh7uubfK2X1C3V6VjKu7WF5RbumOW2AdO36mb1BFp7KMGn98JYNjsJe6jYsuWUekFmHVTnr6NQ1SBgmSY2WccMB9qYAMFOgKevbdY8dQ-C7if-ISle-6Cci36rRH6Jnd4E4IrwScIOlqIi1RRxX1JmpSRiA060BxUIw4B2WGJVLVVX9ffyRfZcAJkvacuzL2dKa2sVN6fj0ztJNJbyi_a8kSxh72O_KVg3XFaxK3Hl9HFkgi4xLJSFYKUZWhk36PYQPv14KCKncZzW2oehVDhAAiYaSCwiUFpxF3ArzQ1v6TurCSOKSzSgRZrXqoJWwf-oF4sk9ZOKZIt-wCVk4uJSMbAejMlyvaPTNmZRjCN2v8zoAWY4oFom2ggwAhz0LZ2CVX3Wdrh&cid=CAASKORoYs6pfephkucYPkUXkkGxuqxxqZgu4rhbOe48k59z7Rz00grKRZw&rfl=1%2Chttp%253A%252F%252Fnovini.dir.bg%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c9499ea51a2956fd2c1600591ae117fe9ad81065d625b1b2c593c7720e5b228f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bcf79b9b46cd1c6d6f0b39baa0216384.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 02:56:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 45
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3181
x-xss-protection: 0
server: cafe
etag: 18418590997839133011
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 29 Aug 2022 02:56:11 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220810/r20110914/ Frame 7BA4 30 KB
12 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220810/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c0d0b5ecf5aa2cd5475929aefcb44d67c5d5cc8cbcdb3991e45f0944f0344619

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bcf79b9b46cd1c6d6f0b39baa0216384.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 02:42:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 874
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11819
x-xss-protection: 0
server: cafe
etag: 10563440404697844360
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 29 Aug 2022 02:42:22 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 7BA4 41 KB
15 KB 64ms
21ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: bcf79b9b46cd1c6d6f0b39baa0216384.safeframe.googlesyndication.com
URL: https://bcf79b9b46cd1c6d6f0b39baa0216384.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bcf79b9b46cd1c6d6f0b39baa0216384.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 17:19:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 293871
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 11 Aug 2023 17:19:05 GMT

GET
DATA 200
OK truncated
/ Frame 7BA4 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 41f55b6be1f68a0a6bd62bdeeeefc28e637f8fd63052c0d7ff393391c1f6b415

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 2DCE 22 KB
8 KB 21ms
20ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bcf79b9b46cd1c6d6f0b39baa0216384.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 293870
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 11 Aug 2022 17:19:06 GMT
expires: Fri, 11 Aug 2023 17:19:06 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/14339125302209282048/CBV_XC40_Refresh_DE_970x250/ Frame 31A9 101 KB
25 KB 68ms
22ms Document
text/html 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/14339125302209282048/CBV_XC40_Refresh_DE_970x250/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6e69ec8f9a7c99835a937757ad1e9b4c7d08ef7ed97320c6c5787d35b128d0c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bcf79b9b46cd1c6d6f0b39baa0216384.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 306005
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 25115
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Thu, 11 Aug 2022 13:56:51 GMT
expires: Fri, 11 Aug 2023 13:56:51 GMT
last-modified: Wed, 01 Jun 2022 12:49:24 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 7BA4 0
622 B 160ms
69ms Ping
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu-uS0OqK1loRAPGSD0J-adgzmexgiYXnJz_xFkeqVs9NLdz_Fltt78yLXhIofdRBGSBKM0l3k7UkIiVs0X18NCiMVZTefcxgAYFQVapjezHZ_AIG-P2lQ40BrMndRUXI3nyhNi54MDNdAE8aLp8RuV5RXq9AqKSL9tJUmWmcPFw7RYqeySfuaw3rANBeuP68XQ9CySQQ7H9xQM57uaSllxI1NecuBeNF7ZvZAcslMLH6hHaZVZdz4SW2Xv5k1LPl6Nay11bNlzuUjqSVH2U8vmCI7MWO4njQPU9rY7T1sXO911sXqpKaMuG41L2HFRZxjMVkcauN21dOLIBjja_NA0mkfUQLZri2mjhcIXWEoJgdZx1wpv2nxQsGqDJm4XrjPCPPl9x9yMOUzJvVaDDxulTDbkXMDh9vmCJBmRXhmLn70E7uGvL9V8YycT9g5_v_Wien-3quPZlq8pWvuVmv-gASESxKGB0JA8AD39RIhpG3bmonZt-MvU9x8gr_4YkdgGCzw2ny6eGtX_8gtxAolm7qjOPiPw3eqUnHWY5Wh8FdqJCpJgyzSmXN4dVZYXWICr4l7KV72MwXXv-fcaTsoLtfQgquQPlVMzlA1EmRrT55xolhdqgOJ7lBokQvDhoaD8m9FYXoQflme6mqHIXQK-M3pXpDbnw4NobYTdOnllqyFZgFnkyKaJ08TUUKD3wXGlTfOBQeFoLTRLuVld8prnOMU5uQViSt4KmkfcaP-8ZN1HaF_KetZzqUrqbgIFqA5hkKmwe7UEwMRXGsBWLT21jqxhLbgLAzfe3SduRbFxn9jiIbMMCoKNJd8j9vR3MnZlDbE7CL0Q7y9zytEHTnqjAIKvg6RWiLsoKYqp-N17kCKbLJ-_blTpNaGp1eZQ1mUKYkQwdmy2hMooLBddvjjNXsq63Geoqs6KAOVFuGs0ahkVr_vFrT38EyXeFkWXLbSbJWiIFSdX1o4hfJMasz6uSya70DK_hcnqTQCEVt8at6LReSyAi5YyW9IHRvZ3UrqrCgF6kJf1r9RfYoOjEbTE61Og3wXDUBO-qyFxxSs-pmCe25h4iPM-FgAXhAB-MDLLHd_8BpuBYLEtsnK8hthw4qImcN2oTc96-LuuTrd2jLMuISPjNNQMawE2MSqN8FQ82CFltJ9NXo6oDRnQj4TFNgKH9LKOKe7929_Hr0fJeKa2H4-jVhd_8buzGpykPHjDDOW8bZBnnprewEkpsNRnO3AWIZDj&sai=AMfl-YTVZ-B-VyLULnv_G_roLGeQkzlSQW_es86RlL7bPlvjLd82KGF8ARmxcwZMlswlbWM8kAa87IiCzf0DUYGW_xW3dRyejexfKUL7_aSh0CaTnF-bAn2TmjAiYVvd4Pa5pFzWtNixYhhdrZxl952thSYgx-176TIu3CUesdOlqN3Il_PWDfnqdo_r7MsP4lqgbbEUnDIidRtrbYwb8xcSnKFIEWTabpL1fA&sig=Cg0ArKJSzJeBjMdkDRuhEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=153&cbvp=1&cstd=150&cisv=r20220810.83027&adurl=

Requested by

Host: novini.dir.bg
URL: http://novini.dir.bg/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bcf79b9b46cd1c6d6f0b39baa0216384.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date: Mon, 15 Aug 2022 02:56:56 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 nFxlsDypB7fADXJag6hgweS-nRuXDEO5nQJQNtw06Bw.js Show response
pagead2.googlesyndication.com/bg/ Frame 2DCE 36 KB
14 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/nFxlsDypB7fADXJag6hgweS-nRuXDEO5nQJQNtw06Bw.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9c5c65b03ca907b7c00d725a83a860c1e4be9d1b970c43b99d025036dc34e81c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 07:40:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 501374
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14139
x-xss-protection: 0
last-modified: Mon, 08 Aug 2022 16:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 09 Aug 2023 07:40:42 GMT

GET
H3 200 container.html Show response
bcf79b9b46cd1c6d6f0b39baa0216384.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame A123 6 KB
3 KB 22ms
21ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bcf79b9b46cd1c6d6f0b39baa0216384.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://novini.dir.bg/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 15 Aug 2022 02:56:56 GMT
expires: Tue, 15 Aug 2023 02:56:56 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 DcmEnabler_01_247.js Show response
s0.2mdn.net/879366/ Frame 31A9 29 KB
10 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/DcmEnabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14339125302209282048/CBV_XC40_Refresh_DE_970x250/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/14339125302209282048/CBV_XC40_Refresh_DE_970x250/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 21:22:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 20044
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10136
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 15 Aug 2022 21:22:52 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 16CA 624 B
299 B 30ms
30ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CPn57r0CEJCLzZYDGIz_ys8BMAE&v=APEucNU26r8gSFeDJTUTwOZjjmtlYWHLUGzXrxHrTaFKdb1DFbSz3QmAVb5RVtB-o7pBfDdkPd-5eetIDp9g564-2IE54kO5vI-Th2zXiqKUz_Ssd09nsyasDxEafern6Hv56pbYZeJ72sF9Kp5mzLmht73SYc0dFUHKY_p-XsuseR1A20iYPic

Requested by

Host: bcf79b9b46cd1c6d6f0b39baa0216384.safeframe.googlesyndication.com
URL: https://bcf79b9b46cd1c6d6f0b39baa0216384.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bcf79b9b46cd1c6d6f0b39baa0216384.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 276
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 15 Aug 2022 02:56:56 GMT
expires: Mon, 15 Aug 2022 02:56:56 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame A123 15 KB
11 KB 50ms
50ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D3pwt509MguSFLbNg20W40BEYt1xM2qljLYgJTIXp7xbqQFXHrWpEWNcYZrHqe0Fu6YRQg4VI2kyzHJBg9XsyYi0Rt_WQmSp5Uxc24J_2__ntq67L33piw6pZJOcHQur1PVxKW1EPkGnmwxG6PdYkrD-DERw&cry=1&dbm_d=AKAmf-B_iHOR9Slho_N-DMMKR08wnfWGvDsCrGO1K57NFTcBxAIu4apB_J6yiRtK4OxiJAt8u3K8BzTOkhGRWYugJ8-4gwr0ryc4wLrWei3xI7VNw4KnGfDCsLRqJcCb3rumG7jsDf9JGLyj38bV8NuQg5dwA2x9aGwZXxnuna7AFizCTAVxTnFNZ2ZYIo_hlgQDmj-4dWP5IB9h1QKNYyCe0zhyWwUXgagyEZB1f_NrXglwOfgH8GGeBnaek_0EmddF_hVHcI7V8KP7tUm8HfyM7ja2X2mANlEkp146t-ulBGkjc4z5Hmg4t54Y6Pf8XtATpq_Msy9h6DRbb8O-oFyPFWCBxHAf8ycjZciShrJoHaqoFNboZFkWiHTMFkGzzRoYHD8L0AasL8gG5P-XUhdrHRUS4kzwTFEZoSQeiSWPX163W-feB7DLEm6M1j3D6GJsVSZLzA5cEqN9NyC54h7vTYGI9jpfoHxJJRkzkrh3ADUh3xyYP0EszjdQBbjt52P_NKUQcCdK_vv9-9VeNEObP4oVVUu3xdtFGc-WoFrDyIMLlJv2qcnubf_7dxGnym0DJV_WUHyz9Kl9zPqMwv-f86EC3KZl4hOJORoJQf033LPbhI8EPvj4UKmCUvtju2cVSH8PTL99JjqUhn8-WY-R6CfMtdmmJ4oEYXcRFJqrglpuv5zAh26MsuKAaIJ8FbIRiobEiKm_LK22dv3ETjSH_tY8inaeU61dOaLqiya5zPVEl8yP5PojrK7ElKVLGD-tnkop6Ksu40bhxf0c_hE0zwXaZyZwJvXcNTYl_a-T5joPqfPCfZoes1SVtWESOGCeogXfM2_m4iJHO-GoaM4a2thcjosabMUSLbiO4LFbtepc97PEMI5_0r04nrjGP-Q0RZuyJKTCg7yHNyvcqsuGrHE8SN0wQ0BQiAXBPUg5z6z4G3ZzIHuqF96-voc89BfdZSGUGt8zGWKW0qz_a80IPAHB9k3rcDkdtDdRDTmE4dCHq0-fguyc05qwwXoAdNLGuRovPDQpnCDToHrvZJF6yL-UFUh0VpZ5D4svbA0AM7OpZD9wiuA0RPCjERH0frY6IZoquyYCNP1EXPToms-mpQiPeXRyoe1kbZi9aKxWkTilDvN0_LkGX-J2QO2w0JLxKZsINbE2F0mR7UeGtlC27OTuVTWUEZ5qzFrQEFOhiLnBEY2sF-Ta6B5SuwygSvnAdaarRJrMjGZeJOf-NDBK7KpwkuzSpDfzmzULGeJVhujCOjJNEloAX--Gs0s3Nkd-NaLlUPaH5GgqYSZEUoH3bAQ01QzugocxG09l_UP7fSeQdBfgub6WHoAA38uoJYZr6C967stutyPRYbgJPhZ1QqFKEXaEPGGBlDu4FUOQmiul_S-PnfrccQWuxuzPMV7q3N0HHmvrDKWnvTYT50IjceHBtLQKdevGNk764SS6SIFLNTIDcJfYPm4nQ9tGgYmo6tNU6BE6q_0BZr8h5EGAD7b-UT3OcDMmkUkO30wOsY_UAltyv7spTwhHWmpSIuzrEdvPT2Sv5t0Dfx6dK5vHQGNK9h-BE9hrX3BfynFbZpe6gRQMmtyYkbPhBKv-2Xz19KgJmgCEzwVAEqV6_68H0lzF9rNeLKg9xHGa2DxXxjsBwPPgWOeJ9bzsS-xYcdzw4BH8frm3ju3GWbRjL1HjcVKarJDH52BlNrRzvG0Y_AmczTTb2g5mL0gn6gWcSH9Io2t8xcybih0aR0TRl6eEJmTuwfe9IPcUUQnmcrDGexU17H3DnUyacK3ODlanrCfu4bqs_YBd7AUGpAzf4WgbLZyBlIVpA1jW5bLYwZPRMg6N7ujUVmZbPrnaFuSYT4Oy4kj_qqT2RRLmBw29SmVEaj-mAWrXf7NvyA7pe9Bb2URJjC7k4tJQPTbFGHfKW8zQyKTIbtu1l78Z3gAHj4B_S0kTR_chy2Gp6dSoNoKTuh3DugPxYtDM7yhSo8Xoj3-CDKX_961uH1cxIEkQX_gS1J8ylVqoR8HCLMQYjg3LG7JodA3we5EIkRlWgnqSejcq5m_1wn6OqKVOQley1EMWi1_6QqCh_5zB20WdWJ2xBpHQR3jNq5NHoV07ods1jLvPeijU5TQIttJn1qxgdoPEyjK42Ufym721ERZwqjN8EfmW2q0j30jzSbSTkQ_KBKlq3v_KCR_YETC3L6GT07F2x191dIxhiNIUr8-9IjVKY3xx-_ojT3jrz_qdzZpS3jeHTZqcR6q20tDJyRAO6Y8GXPNPoYmEMBqsGtlvSRdO8hS0Ifnaud0ZGKj_ewrOQiEaeh1EmkNWPutgz6l5Ww1MPVcE0UUQa4R6LeSbjCa0rLpAcqqTYutEQTMzufewUbUk7dYYJ__XcZ6V8sqjmfdWVmEW1RUMIgyUr0b5EPKIrv7jzs2XuP_N9VctP-Rd9ephqHp00rJPiOfsYvjOIvQoSPpGF5U09D7PIAflN-AQ__nfPSDipFuXWG8Ns_AxvREMXx3iI4YolAbW52TL-3A7NEXL7SJhq6eioE3ZULzgFP-OjAtdTkkYmKKlMk1lGWICMYX99OpckF81TocNJQvg04oZ7zIb6CCxYc_T07szp-ULbKuhp1EgiEFSTu8z6KX8LE9IQ8-RYjmrpG86OV7X5gzAYS6rpTCMWQaiZtBoJnLXZlhGilZ0jnlWAsdePYh9sQ_oxu2FLWdAxNJztJ9a5W_MSmMfcg&cid=CAASJ-RoFHcoq0OCpWsRxB93S_jvVEZK1VVgLOX_xyAtgZWfrg5kIjEM6w&rfl=1%2Chttp%253A%252F%252Fnovini.dir.bg%252F%240

Requested by

Host: novini.dir.bg
URL: http://novini.dir.bg/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0748c94ab78e40f01e595af5f2f2d7d4aa1a988cad1a17578565cb07e307c054

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bcf79b9b46cd1c6d6f0b39baa0216384.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Aug 2022 02:56:56 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11259
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame A123 42 B
63 B 54ms
54ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BVGzScxM_htSNzprk8HHkDhvWZV4r2mWs8t95pOWEgxZE-gr6kyVun1ukPQ2BsM2bWsg9TmwRNouEwuwB3DhG2OKj5qNVWBnEqJ1rm-Zcwh9jj-mU

Requested by

Host: bcf79b9b46cd1c6d6f0b39baa0216384.safeframe.googlesyndication.com
URL: https://bcf79b9b46cd1c6d6f0b39baa0216384.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bcf79b9b46cd1c6d6f0b39baa0216384.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Aug 2022 02:56:56 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adj Show response
fw.adsafeprotected.com/rjss/bgd/1103447/64557513/xbbe/creative/ Frame A123 243 KB
73 KB 206ms
48ms Script
application/javascript 34.246.41.28
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fw.adsafeprotected.com/rjss/bgd/1103447/64557513/xbbe/creative/adj?p=APEucNVk2Y7np6VeL8QDVNQXaUlFHp6hHnYB_w8_36x1Al6kVBg6K4Y&d=CnkAoCZ_4MiuGief8Ci5N3UO7oqI96922TP69S8XJ-qg0SC69hN6ERlSpRexCuZ7iteNGbD-0UgEzWtvrwD6C0hRRwQQMrG0p3HnbLD6DBnLTsl0ZtftRPqf5oL-0mZ5uye573ybQkxvNrxhhNf-VuDqDYHCZO-b_kx4EvkUAKAmf-AlX6qjaaZBIuhvltgsZhi2vhaSzYNmWbfA44UmeNS8f_TXfVIPDXL_OanDArBDNWydedNswnXezfj94BpCQw5uyRXwgAMBM2q1H_EP5SzbJ5rPxoLz8-jA2Oid_1Wlm2Tzmcjyq3bFSJOyCHqmtDO6XsTFGBkV-qViaIvxOBKEbOeCUa8sh9TVzxs9aq5L8P_l56_X121JoSAmJsbafc8dMrJYP1rrotqULfjgAwVPdt4J5eT7GL6THoRAJRt_lUlkh90Svwm081Z8_aO_l_LankywhTJ86a1K6iRqSebejnV92vj8GPZ6xFo7MfCld1upqigv06zZO4eDCtsViUwCpNDchzf5p6o4-fXyyVbi1scIS6Zq-IH8-x2mKkWOaKVE0EVk7KZgHWxRh8M64uSmElUCLJYhe1zzRDjOpdMP2qXEYwqYwih8ItgWP6BFpI6L5HotEMAIepzDgSCYlOTU9aTETGPdt_3wPJCBWsymAuocYT3BISQKGnWiNiOHE32DaV11dgB8kVBtL3M_qnN-5G9tRADMMcaJ9e9a59kqm9hnBTFuFBbVAyW9NrGrrUTVkE7IurAxby1dLMPKKhbwZ0gz9avbSmeIKAwt8Wk_V69h7YlR2BoYw44UuxkBuGUKljoKaQScyxm_fSBVLhVfIYQifTcznzeJMupVY4U5f0TJnbjnHezxNuq6zXVt92F7aZhhO03gMClOhCZ0EUfnpFssBenG9oBB9ZjookpCSaMVOfDwM8ubjOfV7wpeCeIk4PADgb8tF88uJAYAF5KCHqk0NMEMt0Z1ATAm7q-L34tZzLdLCgzELX3EwCkGYIqqzP3XCtFreDemYF5WhT0LY7Xubc7Uo2YIKTSoRGcv9AOAK7ZTf-8wmoCVu2pZjr-oxfUQu6J44nRXHsDcVPzIE5UfUu1Z90yJGUsic1ou0gJCex41D6cCyhzpWMLRxxoGExycVHCxJytRbcLLfakhVoKqeDfwZyI4qt5eeOcgan3jhxa4bl1h-Vr1MOPs3Gyju4LhLlKtrm9VZJoyXCivn_pPC-HZSVkpUnYIuiFX2knAXd-x7-MegElrq3lHN9MMNaMGNUtu68_efPAD67a8yJ1EtMth0v3eqLLUUhU-s0wp_xcsjGWFGvx3FJOR9XsfhiHdX7KEis8oopIGew-9BxP_8U6IrG_pBWqvKuzbT0PjO79xvPyWuasqJlRmtbkvbCb9yJm4jihJG81slbYfgRhp1m_-BE-DkjR_7KsPkpsyyzcrjzyzvi-IdGjyF5wSl7F8YE9hobc9rAUSTYVJiFaBxjXgZ8saWsY0gRUISTL2L6h0NwwVzPp8ccMuNE9Wd5CU5vZIBVEh7RX8tn5NJEJZJfJbndagslyhSRTcYd_XS-xHBN24Yb23sBUXe0Huzk4BQ0yWSuWfU1z5kzf5Usd2gQg_Az75H6IkVYGsA8ddTKlaNZAaj7VdNqkSrC1IYQ6nY3tcn0QH9XKTZJf3RhxaAZGDBNKzlxIUWYDo4lyrke0sesGM5efz3KKg2LGF5_4NCdd3XjaJnrMjx3f_YC123c9x3mEDuLOIK4_NcVHuZqD9znlkSz3OtJl1y_SKNmvA1Y6rFXUyY06mkZDGHwlYARfmoV8KNZhLQNn13YrQlg7sUG3BJ4XSur1Gm0V-ii_KK2Vt_RidZ9WNVTgzHBQ6YlHtvNBU6jYbLCYFEmiVSVFvlQITQqgxdiD8C9jSGGuSVcL3yYqkB94dhskylPNDRJYRv5coPiN7rnPvh0BCutj56983vnkb_8zhHzP3SMQ-x0QNv9RD9TLk82PeBm-VOVjg3uuBaHkFOyQBNNRE0pzG6a3s6EjEIsiYttDQLg5dwYy4IAJAGccnZLIGQbntaQRMevXTdrjc1OAkctdI69vaFjEVcuXxlYqAp0biaYjwC3a1BKQ5dSiFt431P_UgbZ3PbYJj75ppUOayHURaQt1GX4tS33cjlIGLDC4mUZOUs21sNdfvjqaQmfd6UKfGrRjJEiIpwmXNuEczlVQX5q8OP89Bt4-unPEYW95E1SSEteM5Ww0vy1h7Jl1eh8lyx0BgICcHo_Zt0SpmsZWHuIrJYacxshql_UhFMhRj-wWeo4_Es433qw9ykFlWDh-ztKjXTcDYzi4HfdyVH4Vx33okX32AJbjqK9HRFqViunUKflFWXTYIQnDv1rqrLRT-cTDhTuRJPx6c0IDON22enf-GhiIvl26Ysz0Pm_JGzwWSBenq4P-pGxUx1l_5V_ZN8eenYTVIRzQvQEkDh6lmKFiiCm5FMuAbZlYLO3PsdLCGXGKWw4fZTpI9lRY8KNzhEqDog4Aj2fH5rmSKM15GwAvX9FahjSgr-bRxyEEbqkwk1CE53m3MXQFn-dGaRui49lt7uxMB10cMgTXDcvVPe3gx4iaP9UvZ6k3_sohC9cW-GfuLJA6b8RLHImblVwQgAnPMKksZwmfG7bGhkls2TKALn0mHEjbegzEyA12MpwaxLZXxjn7-RnViXlvlpGSxyBEhPXokM6i6vBL4OlTQS24K8nXc6MnS7UXfgr__6UYWdexOCp96OY4wszn3MwUW-U14RxZ3PhLJnoxDSHuU1KnirBZ72B_x2HxeaATlQWbbHcEJc08YN6kNvyUmAOQg7oXo2XDt149Kc8Hc_XFHtrs8V1H14Gx7sW4ynMo0KH0-jK2xCUPy_ZEMgeMRIxvISONkJ-r809wPSFnarQHjLUYvi5sDx4IhgslTgBsM2fOPPXbsfyfWqpgTOqNK6V4zkMbulvBLGJe2-gJ147uNPoN4XJ0ZhjIPuFeiKEMJraE5EPyriWEvu8Dfol19T9ENZO7v80fbXiBBw9iKsL6F2QQJEeYzQagdwHb9TPPbZ8vWxPQMDtxJ8MXtdgRGUH351xyJ6t-BKOSWkE9qw-uDgMz5PezWCE1SyRhTcNiTUMA86CGOvQxfPxN4nwrzmzEAsk02ddf9d8KdtJI0COwOEis91f1NYN4fac9FZ0RB9Qb6nfKPkP1B4SXVeVAXGpYKNN5yW7_rfynp3w9Nj_xyT2HHYldgKmoo23Aab2bbCqrqvnstXICMnE_gXcvgtSaGjfUBoDpd1bitDnynYp-PItm8b09V5PyKnPkFOhhgl7fO8R5XWT9QJ41decA6Ng2KdOrDXya2ItPLZvvncLgZKSCSSIfAqatgOjFuECHfhHU1AzlRwv4Ln5TUYXss8gWlxMADBaamoJ2mNh1S_KrazwodS0JwnIiad-VLtgyNY25lRhevPhlh7Jm8m-3Z0ifR9yue3Wy0lGG1-J80ElA5SOwGXtL1Aeo-97yPLSYHP6XOfmncfGrrqMaih1YjOsrnZE9VJtweTA06rQMSoE9-9TIQhH08M4nne0ZEUqvdqql_AWmzZ1IP5ujEwz06PY-m3eEnH-Tpps0dnBfYxUkWpFkGsrxEVtxHfxV0_3DWXMPIyZZHGL8iDycHUAdSD0fVFrhz9LRcq47Y1oE8F_H0m821GKv_XNwHcWpkq0ZtmTzK3WejMSoMwbTE1MYqtepTFQIWjywdAFERqUKgpUJajA4aKwgAEifkaBR3KKtDgqVrEcQfd0v471RGStVVYCzl_8cgLYGVn64OZCIxDOtgAQ&ias_dspID=3&ias_campId=1008209264&ias_pubId=pub-7013154316454623&ias_chanId=1&ias_placementId=17668708710&bidurl=http://novini.dir.bg/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0iWT_w3hYLU6AiG9iy2m_-T
Requested by: Host: bcf79b9b46cd1c6d6f0b39baa0216384.safeframe.googlesyndication.com
URL: https://bcf79b9b46cd1c6d6f0b39baa0216384.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.246.41.28 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-246-41-28.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 97f46c0126b578b854e290755b08776efa874ef02c0bbbdd93b994340de98015

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bcf79b9b46cd1c6d6f0b39baa0216384.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Aug 2022 02:56:56 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: fw.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220810/r20110914/client/ Frame A123 3 KB
1 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220810/r20110914/client/window_focus_fy2021.js

Requested by

Host: bcf79b9b46cd1c6d6f0b39baa0216384.safeframe.googlesyndication.com
URL: https://bcf79b9b46cd1c6d6f0b39baa0216384.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bcf79b9b46cd1c6d6f0b39baa0216384.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 02:52:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 293
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 29 Aug 2022 02:52:03 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A123 140 KB
43 KB 33ms
32ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: bcf79b9b46cd1c6d6f0b39baa0216384.safeframe.googlesyndication.com
URL: https://bcf79b9b46cd1c6d6f0b39baa0216384.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

75bf5c0112a41f871dc47c5e98deef6dc7db8e94178bf0c853f3a09415f6d338

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bcf79b9b46cd1c6d6f0b39baa0216384.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 02:56:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44015
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1660137096112928"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 15 Aug 2022 02:56:56 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220810/r20110914/client/ Frame A123 17 KB
7 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220810/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: bcf79b9b46cd1c6d6f0b39baa0216384.safeframe.googlesyndication.com
URL: https://bcf79b9b46cd1c6d6f0b39baa0216384.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bcf79b9b46cd1c6d6f0b39baa0216384.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 02:54:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 162
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7599
x-xss-protection: 0
server: cafe
etag: 9215437806027971270
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 29 Aug 2022 02:54:14 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame A123 0
0 73ms
28ms Image
text/html 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRSki-ouT5Dd0Ivk8Hk105Z75dk19h8Lz_nRU2rk7-vxBIhB8ZXHeQZXOYres96fxKHwXJXi9GLUbuv5jY7hrvS0ndl6Q
Requested by: Host: bcf79b9b46cd1c6d6f0b39baa0216384.safeframe.googlesyndication.com
URL: https://bcf79b9b46cd1c6d6f0b39baa0216384.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bcf79b9b46cd1c6d6f0b39baa0216384.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

GET
H3 200 VolvoNovum-Medium.woff2
s0.2mdn.net/sadbundle/14339125302209282048/CBV_XC40_Refresh_DE_970x250/ Frame 31A9 38 KB
38 KB 22ms
22ms Font
font/woff2 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/14339125302209282048/CBV_XC40_Refresh_DE_970x250/VolvoNovum-Medium.woff2

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14339125302209282048/CBV_XC40_Refresh_DE_970x250/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2675ab1d1852f1aa30e272d7c2b1b9616e1f4771a94860e0d92bc7fca6c3c48a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/14339125302209282048/CBV_XC40_Refresh_DE_970x250/index.html
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 13:56:51 GMT
x-content-type-options: nosniff
age: 306005
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39068
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 12:49:24 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 11 Aug 2023 13:56:51 GMT

GET
H3 200 VolvoNovum-Regular.woff2
s0.2mdn.net/sadbundle/14339125302209282048/CBV_XC40_Refresh_DE_970x250/ Frame 31A9 38 KB
38 KB 30ms
30ms Font
font/woff2 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/14339125302209282048/CBV_XC40_Refresh_DE_970x250/VolvoNovum-Regular.woff2

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14339125302209282048/CBV_XC40_Refresh_DE_970x250/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6e5f1317cc82513c64ed99253fb671fcc6d6b8c5078776a38d7f89da22e75d2d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/14339125302209282048/CBV_XC40_Refresh_DE_970x250/index.html
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 13:56:51 GMT
x-content-type-options: nosniff
age: 306005
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39156
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 12:49:24 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 11 Aug 2023 13:56:51 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 16CA
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBihqolPqtbfE8Jlz8T4-wk&google_cver=1

43 B
907 B

39ms
39ms

Image
image/gif

104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBihqolPqtbfE8Jlz8T4-wk&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPn57r0CEJCLzZYDGIz_ys8BMAE&v=APEucNU26r8gSFeDJTUTwOZjjmtlYWHLUGzXrxHrTaFKdb1DFbSz3QmAVb5RVtB-o7pBfDdkPd-5eetIDp9g564-2IE54kO5vI-Th2zXiqKUz_Ssd09nsyasDxEafern6Hv56pbYZeJ72sF9Kp5mzLmht73SYc0dFUHKY_p-XsuseR1A20iYPic
Protocol: H3
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

cf-ray: 73aea8f2c9d66955-FRA
pragma: no-cache
date: Mon, 15 Aug 2022 02:56:56 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NcbjuUoto4U4T0LgVi%2F%2FCGSIUnJAavw0iGSkqBIP6Ceff1vSK5EG6HYv93TbRDHhRcQrSqQtdCdfmoWp0pkDhbHKPk3CUmwLjATVD036zMC3JtCrsvT4NKPInE0TScWkeDX19YjCpYn0Vw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 15 Aug 2022 02:56:56 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBihqolPqtbfE8Jlz8T4-wk&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 16CA
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Yvm1.DJqyQgxAGD256kFFgAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBihqolPqtbfE8Jlz8T4-wk&google_cver=1&google_hm=2

43 B
915 B

43ms
43ms

Image
image/gif

104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBihqolPqtbfE8Jlz8T4-wk&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPn57r0CEJCLzZYDGIz_ys8BMAE&v=APEucNU26r8gSFeDJTUTwOZjjmtlYWHLUGzXrxHrTaFKdb1DFbSz3QmAVb5RVtB-o7pBfDdkPd-5eetIDp9g564-2IE54kO5vI-Th2zXiqKUz_Ssd09nsyasDxEafern6Hv56pbYZeJ72sF9Kp5mzLmht73SYc0dFUHKY_p-XsuseR1A20iYPic
Protocol: H3
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

cf-ray: 73aea8f309fa6955-FRA
pragma: no-cache
date: Mon, 15 Aug 2022 02:56:56 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U9ua85dbNeu%2FOoc7%2BH%2FAYy5gq6i8LmgPfCVj%2F01WVPSZ%2FW0t2PIEit6KB5AZMfVkxlhXULgtMGxcwgX%2FnltK75KT2xIyjo%2BjZcIRZ5F3xPpiDArv1WBG6pAhs6Vb5VbvXff4M6NnZHsbqQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 15 Aug 2022 02:56:56 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBihqolPqtbfE8Jlz8T4-wk&google_cver=1&google_hm=2
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 16CA
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEK_I8DyY1u6XJyDCAJFJSqM&google_cver=1

43 B
1016 B

28ms
28ms

Image
image/gif

185.89.210.46
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEK_I8DyY1u6XJyDCAJFJSqM&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPn57r0CEJCLzZYDGIz_ys8BMAE&v=APEucNU26r8gSFeDJTUTwOZjjmtlYWHLUGzXrxHrTaFKdb1DFbSz3QmAVb5RVtB-o7pBfDdkPd-5eetIDp9g564-2IE54kO5vI-Th2zXiqKUz_Ssd09nsyasDxEafern6Hv56pbYZeJ72sF9Kp5mzLmht73SYc0dFUHKY_p-XsuseR1A20iYPic

Protocol

HTTP/1.1

Server

185.89.210.46 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 15 Aug 2022 02:56:56 GMT
X-Proxy-Origin: 84.19.175.183; 84.19.175.183; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 89ba62f3-7458-4d98-9061-e6ac68e74c67
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 15 Aug 2022 02:56:56 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEK_I8DyY1u6XJyDCAJFJSqM&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 16CA
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzEzNTA4MTg2OTQxMjU2MDU3Mg%3D%3D

170 B
188 B

32ms
31ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzEzNTA4MTg2OTQxMjU2MDU3Mg%3D%3D

Requested by

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Aug 2022 02:56:56 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 15 Aug 2022 02:56:56 GMT
X-Proxy-Origin: 84.19.175.183; 84.19.175.183; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: db22649a-db64-4d59-a139-c4b60cb02823
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzEzNTA4MTg2OTQxMjU2MDU3Mg%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame A123 41 KB
15 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D3pwt509MguSFLbNg20W40BEYt1xM2qljLYgJTIXp7xbqQFXHrWpEWNcYZrHqe0Fu6YRQg4VI2kyzHJBg9XsyYi0Rt_WQmSp5Uxc24J_2__ntq67L33piw6pZJOcHQur1PVxKW1EPkGnmwxG6PdYkrD-DERw&cry=1&dbm_d=AKAmf-B_iHOR9Slho_N-DMMKR08wnfWGvDsCrGO1K57NFTcBxAIu4apB_J6yiRtK4OxiJAt8u3K8BzTOkhGRWYugJ8-4gwr0ryc4wLrWei3xI7VNw4KnGfDCsLRqJcCb3rumG7jsDf9JGLyj38bV8NuQg5dwA2x9aGwZXxnuna7AFizCTAVxTnFNZ2ZYIo_hlgQDmj-4dWP5IB9h1QKNYyCe0zhyWwUXgagyEZB1f_NrXglwOfgH8GGeBnaek_0EmddF_hVHcI7V8KP7tUm8HfyM7ja2X2mANlEkp146t-ulBGkjc4z5Hmg4t54Y6Pf8XtATpq_Msy9h6DRbb8O-oFyPFWCBxHAf8ycjZciShrJoHaqoFNboZFkWiHTMFkGzzRoYHD8L0AasL8gG5P-XUhdrHRUS4kzwTFEZoSQeiSWPX163W-feB7DLEm6M1j3D6GJsVSZLzA5cEqN9NyC54h7vTYGI9jpfoHxJJRkzkrh3ADUh3xyYP0EszjdQBbjt52P_NKUQcCdK_vv9-9VeNEObP4oVVUu3xdtFGc-WoFrDyIMLlJv2qcnubf_7dxGnym0DJV_WUHyz9Kl9zPqMwv-f86EC3KZl4hOJORoJQf033LPbhI8EPvj4UKmCUvtju2cVSH8PTL99JjqUhn8-WY-R6CfMtdmmJ4oEYXcRFJqrglpuv5zAh26MsuKAaIJ8FbIRiobEiKm_LK22dv3ETjSH_tY8inaeU61dOaLqiya5zPVEl8yP5PojrK7ElKVLGD-tnkop6Ksu40bhxf0c_hE0zwXaZyZwJvXcNTYl_a-T5joPqfPCfZoes1SVtWESOGCeogXfM2_m4iJHO-GoaM4a2thcjosabMUSLbiO4LFbtepc97PEMI5_0r04nrjGP-Q0RZuyJKTCg7yHNyvcqsuGrHE8SN0wQ0BQiAXBPUg5z6z4G3ZzIHuqF96-voc89BfdZSGUGt8zGWKW0qz_a80IPAHB9k3rcDkdtDdRDTmE4dCHq0-fguyc05qwwXoAdNLGuRovPDQpnCDToHrvZJF6yL-UFUh0VpZ5D4svbA0AM7OpZD9wiuA0RPCjERH0frY6IZoquyYCNP1EXPToms-mpQiPeXRyoe1kbZi9aKxWkTilDvN0_LkGX-J2QO2w0JLxKZsINbE2F0mR7UeGtlC27OTuVTWUEZ5qzFrQEFOhiLnBEY2sF-Ta6B5SuwygSvnAdaarRJrMjGZeJOf-NDBK7KpwkuzSpDfzmzULGeJVhujCOjJNEloAX--Gs0s3Nkd-NaLlUPaH5GgqYSZEUoH3bAQ01QzugocxG09l_UP7fSeQdBfgub6WHoAA38uoJYZr6C967stutyPRYbgJPhZ1QqFKEXaEPGGBlDu4FUOQmiul_S-PnfrccQWuxuzPMV7q3N0HHmvrDKWnvTYT50IjceHBtLQKdevGNk764SS6SIFLNTIDcJfYPm4nQ9tGgYmo6tNU6BE6q_0BZr8h5EGAD7b-UT3OcDMmkUkO30wOsY_UAltyv7spTwhHWmpSIuzrEdvPT2Sv5t0Dfx6dK5vHQGNK9h-BE9hrX3BfynFbZpe6gRQMmtyYkbPhBKv-2Xz19KgJmgCEzwVAEqV6_68H0lzF9rNeLKg9xHGa2DxXxjsBwPPgWOeJ9bzsS-xYcdzw4BH8frm3ju3GWbRjL1HjcVKarJDH52BlNrRzvG0Y_AmczTTb2g5mL0gn6gWcSH9Io2t8xcybih0aR0TRl6eEJmTuwfe9IPcUUQnmcrDGexU17H3DnUyacK3ODlanrCfu4bqs_YBd7AUGpAzf4WgbLZyBlIVpA1jW5bLYwZPRMg6N7ujUVmZbPrnaFuSYT4Oy4kj_qqT2RRLmBw29SmVEaj-mAWrXf7NvyA7pe9Bb2URJjC7k4tJQPTbFGHfKW8zQyKTIbtu1l78Z3gAHj4B_S0kTR_chy2Gp6dSoNoKTuh3DugPxYtDM7yhSo8Xoj3-CDKX_961uH1cxIEkQX_gS1J8ylVqoR8HCLMQYjg3LG7JodA3we5EIkRlWgnqSejcq5m_1wn6OqKVOQley1EMWi1_6QqCh_5zB20WdWJ2xBpHQR3jNq5NHoV07ods1jLvPeijU5TQIttJn1qxgdoPEyjK42Ufym721ERZwqjN8EfmW2q0j30jzSbSTkQ_KBKlq3v_KCR_YETC3L6GT07F2x191dIxhiNIUr8-9IjVKY3xx-_ojT3jrz_qdzZpS3jeHTZqcR6q20tDJyRAO6Y8GXPNPoYmEMBqsGtlvSRdO8hS0Ifnaud0ZGKj_ewrOQiEaeh1EmkNWPutgz6l5Ww1MPVcE0UUQa4R6LeSbjCa0rLpAcqqTYutEQTMzufewUbUk7dYYJ__XcZ6V8sqjmfdWVmEW1RUMIgyUr0b5EPKIrv7jzs2XuP_N9VctP-Rd9ephqHp00rJPiOfsYvjOIvQoSPpGF5U09D7PIAflN-AQ__nfPSDipFuXWG8Ns_AxvREMXx3iI4YolAbW52TL-3A7NEXL7SJhq6eioE3ZULzgFP-OjAtdTkkYmKKlMk1lGWICMYX99OpckF81TocNJQvg04oZ7zIb6CCxYc_T07szp-ULbKuhp1EgiEFSTu8z6KX8LE9IQ8-RYjmrpG86OV7X5gzAYS6rpTCMWQaiZtBoJnLXZlhGilZ0jnlWAsdePYh9sQ_oxu2FLWdAxNJztJ9a5W_MSmMfcg&cid=CAASJ-RoFHcoq0OCpWsRxB93S_jvVEZK1VVgLOX_xyAtgZWfrg5kIjEM6w&rfl=1%2Chttp%253A%252F%252Fnovini.dir.bg%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bcf79b9b46cd1c6d6f0b39baa0216384.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 17:19:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 293871
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 11 Aug 2023 17:19:05 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 7BA4 0
26 B 105ms
59ms Ping
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: novini.dir.bg
URL: http://novini.dir.bg/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bcf79b9b46cd1c6d6f0b39baa0216384.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 15 Aug 2022 02:56:56 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 7DE8 22 KB
8 KB 20ms
20ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bcf79b9b46cd1c6d6f0b39baa0216384.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 293870
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 11 Aug 2022 17:19:06 GMT
expires: Fri, 11 Aug 2023 17:19:06 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2DCE 0
20 B 56ms
56ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bk57W-LX5YruZE5SB9u8Pzbyu0AIAAAAAOAHgBAI&bg=!0dKl0pbNAAa4hXTbmIU7ACkAdvg8Wtf03tAV6Z6-Nm3Q1xKs6vdH9zQTMuFntzZq7hUmmFltxhv7kAIAAACHUgAAAAJoAQcKAEygEToBBGcqiIMIKhljfgwACcBm2xXmDaBYd0LqVxR5bLRInS5JGuK435CyInbmhQ5YlaK27AzcL7Rj2RozQFX9XNJAvdiEess4SDMfmQMkefmJWLNR9PUIS_cI0U75kH94wAk8OoumyMBb9ON1U4GQtnP_OIUNb9iYo1x4l6d9XFtOURtCzRUALIojpjAXSz9H9tR5dqoJs5MGormTnNXroiV-WYJlQymBszsWUUoq09NwaErL9XzKLwFqJ_Aem19ezA9J3i0YFrkSdvnRYejgYMUbaLJcnJQZfUnaTQwp0gmH0tQLxv5g69Z1tq4wmAw-RX2niJldp8a-m3DepM04tF8SgZMFSnG7dv_XNgHqCFYgXy6lEXKNx9qTq8ZwXNZvRH2u2XtoiKGPlgBgK-0XnD4wu-ZoUrC9AHtzJ2MjfJUOpJFEYs9E_JZibBAhIwV3I6HyCQHKzi18zHKq14bX-s4EbbMxh4aZz7IBSx_qakzhl9aWyHff8mQOyU9dcKwE9KOaB4YWdcUs8BmhWsqV1aL8TJHOWFcvO2G4LqDS6nj-mjKTBYV-oIQ0EKOpFjpXlydQb0PxdklK1M65fjKdxlcsi7aICi1IgTdG7BTrpwY-8OKxQ-Wqst59oP8Y0LhAf528tXIrUeIkrZQx3yrLPnhqDzSaGgFZVTX2kdBtV0_GUpeIKftMuOWUNg3L8hefiFERIIwLbzszrY059O-65XfxSLFOTsS64DAKFNJWThJQxq7cBRofoypEpSxfV60jQM2K4hgnR5iJEeM3c1GE2-iOj5o0wS4A4WEzggIIEA3V61TiEG4-XlPVGMJn9QRB0jt8StdjSObXHu2b_Hd-3DHt4IG7IoFHJg3_mEnn6yJAoZN1t9pLPDQWbSQW1A4-dEuyOpuDDDJ9fsgJmLR1EAxSdIl-Doi-7UpoqfcssTr1Dd5Z2CU8WgEFL5FBNPMcI3eOk_Eb1HEUXw3TDurz6IkAohF3b83RHCNFH2QrghGa4xrFrNS0gAocMowWInbtpbmUjhmklySjQ6fLAHEI-IxJ5cY6NOD6H6A3Urzebc6I5wDyJc40adW6hAC_aTelJYidXPt-GyJHNfHlf0DZFS-adUeKJEPOCQw68iXnfqTRWbLH-VCoo3l_JS4DqRY9N4q3DNTtyfs0nx7jfo8YeDYK

Requested by

Host: novini.dir.bg
URL: http://novini.dir.bg/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Aug 2022 02:56:56 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 nFxlsDypB7fADXJag6hgweS-nRuXDEO5nQJQNtw06Bw.js Show response
pagead2.googlesyndication.com/bg/ Frame 7DE8 36 KB
14 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/nFxlsDypB7fADXJag6hgweS-nRuXDEO5nQJQNtw06Bw.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9c5c65b03ca907b7c00d725a83a860c1e4be9d1b970c43b99d025036dc34e81c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 07:40:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 501374
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14139
x-xss-protection: 0
last-modified: Mon, 08 Aug 2022 16:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 09 Aug 2023 07:40:42 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7DE8 0
20 B 57ms
57ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BMFZm-LX5YrmKKpGvgQeF5aOQDgAAAAA4AeAEAg&bg=!RUalRgLNAAa4hXTbmIU7ACkAdvg8WrsmOgUT-k0lQKM6JFgyGTVvyJB5eIYaOKFQZH2_yUUyeIiwdgIAAABhUgAAAAFoAQeZA0TWCp38tT-oPLVdECgdN7D0U0_GnDuCA4bBuPRHzB-VNrQ67MXKKzGE_UcngmOf0r0Uu4c9A_dtcNC7ehi0wYbvfMYujrtPitZOqqidCZVIqDbCgDIVFUEIrEg8l8_chYBiAeVxhNRNn6qr-amqQvzsK6LDDIlSupatPR2HxOoquEBIlZ9-8nrx61vHA26lwTiolyXNkx8JDgb9ejRRKs4lmpwZWXEaI-NXM8Llk9l7GDzK7etFXz2NGu-hxq1lOGXc7YMTdwCKAeNDpHc4CvUWDdZi3mXx97Fi75EgL_vpNflsrw7zm96mrVs53i4NxDCNb4uTUPOvIvGWUs2F59cQcoqY4Ae9o1Rj4vGSv3eROSeiTTleecwws2N6cBXRhQh5d71SRugjnLXr5jmm1JJm67JLjct12Qph62C8G41zuUnbdYBNpzehB0gfR8CU5InwFK0bB_BUVno4ZmkdmiU7N5rEk0TQIUFG4oaZytCaP7jrpDBvG5VeSFIWC3AYwxqVwJcBSci-4AoJzJkD0NTH17Kjj6DSIbYntazeX5oBc6B8s7BLfC8AmDmFYl0b-wVsia1U6qLGoTXdY9-uNg5jzd574E4RzQ8crueeAdXOKwnGHucwmLAqAGatpi5ZZprAgxIUCgYBFI_2LFLyjMeOVKuMiYukQ-OUtwAnsLCXxc-HPd40D_xNU-cUXNemlKKjoHymOFr3_2f-QyJUrHVxoFMWWyHhPup4063wxVK-aaxXMm_vuiXpvxnr8zjqNeqenOqE2qWWvkF0Xctz8HYZmgF9dUJhK00wGbu1i_ltvDEDd1f6YYuhfbKlcSxst7izxMZLERVpSofpQ2_0wlmsKWcITiH_0qxiGXSWPjOi9zKe86V0KMFfsqRwG5ztMdV61NIKnWbwGYWnGGmUUTQS5IG6vV0u0VB7ec_sZXayW8nRbx7tetPl4cepmBl7T0-HzVcMMgEY5z_mRl-b-V4rHH6RlLYawPzmWUpuRb7uPHgZfIkq2QH1FFtqnVFmRn3YFxcPlPihdI4fJGd2kosNHy7NF_yLqFpEXz8WX8htBxVloEX64p34bqvYHj4ImATLF5pIQFPFX6S71QdLHgXH5Hxlfg

Requested by

Host: bcf79b9b46cd1c6d6f0b39baa0216384.safeframe.googlesyndication.com
URL: https://bcf79b9b46cd1c6d6f0b39baa0216384.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Aug 2022 02:56:56 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 replay.png
s0.2mdn.net/sadbundle/14339125302209282048/CBV_XC40_Refresh_DE_970x250/ Frame 31A9 2 KB
2 KB 22ms
22ms Image
image/png 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/14339125302209282048/CBV_XC40_Refresh_DE_970x250/replay.png

Requested by

Host: novini.dir.bg
URL: http://novini.dir.bg/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6358c05506dcb56aac552b0fe6b46032c308e108e22b832e5df1f4f3487c40d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/14339125302209282048/CBV_XC40_Refresh_DE_970x250/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 13:56:51 GMT
x-content-type-options: nosniff
age: 306005
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1857
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 12:49:24 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 11 Aug 2023 13:56:51 GMT

GET
H3 200 Volvo_White.png
s0.2mdn.net/sadbundle/14339125302209282048/CBV_XC40_Refresh_DE_970x250/ Frame 31A9 4 KB
4 KB 23ms
22ms Image
image/png 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/14339125302209282048/CBV_XC40_Refresh_DE_970x250/Volvo_White.png

Requested by

Host: novini.dir.bg
URL: http://novini.dir.bg/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1dbb113405cd6745c0a638621883ac3952d4a049bf0a45dc0dea6a0baf1d925c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/14339125302209282048/CBV_XC40_Refresh_DE_970x250/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 13:56:51 GMT
x-content-type-options: nosniff
age: 306005
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4426
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 12:49:24 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 11 Aug 2023 13:56:51 GMT

GET
H3 200 970x250_bg.jpg
s0.2mdn.net/sadbundle/14339125302209282048/CBV_XC40_Refresh_DE_970x250/ Frame 31A9 76 KB
76 KB 24ms
23ms Image
image/jpeg 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/14339125302209282048/CBV_XC40_Refresh_DE_970x250/970x250_bg.jpg

Requested by

Host: novini.dir.bg
URL: http://novini.dir.bg/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9c649782210be9ba4a220f1a4d38de62aded96f5f27b34023b310c5c0c4d2625

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/14339125302209282048/CBV_XC40_Refresh_DE_970x250/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 13:56:51 GMT
x-content-type-options: nosniff
age: 306005
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 77962
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 12:49:24 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 11 Aug 2023 13:56:51 GMT

GET
H3 200 970x250.jpg
s0.2mdn.net/sadbundle/14339125302209282048/CBV_XC40_Refresh_DE_970x250/ Frame 31A9 361 KB
361 KB 28ms
27ms Image
image/jpeg 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/14339125302209282048/CBV_XC40_Refresh_DE_970x250/970x250.jpg

Requested by

Host: novini.dir.bg
URL: http://novini.dir.bg/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a1ec586c9c199818e9d6485f143f9066769853a4eea52cc2575c396c21b010ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/14339125302209282048/CBV_XC40_Refresh_DE_970x250/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 13:56:51 GMT
x-content-type-options: nosniff
age: 306005
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 369209
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 12:49:24 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 11 Aug 2023 13:56:51 GMT

GET
H2

200

adj Show response
bid.g.doubleclick.net/xbbe/creative/ Frame A123
Redirect Chain

https://fw.adsafeprotected.com/rfw/bgd/1103447/64557513/xbbe/creative/adj?p=APEucNVk2Y7np6VeL8QDVNQXaUlFHp6hHnYB_w8_36x1Al6kVBg6K4Y&d=CnkAoCZ_4MiuGief8Ci5N3UO7oqI96922TP69S8XJ-qg0SC69hN6ERlSpRexCuZ...
https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNVk2Y7np6VeL8QDVNQXaUlFHp6hHnYB_w8_36x1Al6kVBg6K4Y&d=CnkAoCZ_4MiuGief8Ci5N3UO7oqI96922TP69S8XJ-qg0SC69hN6ERlSpRexCuZ7iteNGbD-0UgEzWtvrwD6C0hRR...

65 KB
23 KB

215ms
76ms

Script
text/javascript

74.125.133.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNVk2Y7np6VeL8QDVNQXaUlFHp6hHnYB_w8_36x1Al6kVBg6K4Y&d=CnkAoCZ_4MiuGief8Ci5N3UO7oqI96922TP69S8XJ-qg0SC69hN6ERlSpRexCuZ7iteNGbD-0UgEzWtvrwD6C0hRRwQQMrG0p3HnbLD6DBnLTsl0ZtftRPqf5oL-0mZ5uye573ybQkxvNrxhhNf-VuDqDYHCZO-b_kx4EvkUAKAmf-AlX6qjaaZBIuhvltgsZhi2vhaSzYNmWbfA44UmeNS8f_TXfVIPDXL_OanDArBDNWydedNswnXezfj94BpCQw5uyRXwgAMBM2q1H_EP5SzbJ5rPxoLz8-jA2Oid_1Wlm2Tzmcjyq3bFSJOyCHqmtDO6XsTFGBkV-qViaIvxOBKEbOeCUa8sh9TVzxs9aq5L8P_l56_X121JoSAmJsbafc8dMrJYP1rrotqULfjgAwVPdt4J5eT7GL6THoRAJRt_lUlkh90Svwm081Z8_aO_l_LankywhTJ86a1K6iRqSebejnV92vj8GPZ6xFo7MfCld1upqigv06zZO4eDCtsViUwCpNDchzf5p6o4-fXyyVbi1scIS6Zq-IH8-x2mKkWOaKVE0EVk7KZgHWxRh8M64uSmElUCLJYhe1zzRDjOpdMP2qXEYwqYwih8ItgWP6BFpI6L5HotEMAIepzDgSCYlOTU9aTETGPdt_3wPJCBWsymAuocYT3BISQKGnWiNiOHE32DaV11dgB8kVBtL3M_qnN-5G9tRADMMcaJ9e9a59kqm9hnBTFuFBbVAyW9NrGrrUTVkE7IurAxby1dLMPKKhbwZ0gz9avbSmeIKAwt8Wk_V69h7YlR2BoYw44UuxkBuGUKljoKaQScyxm_fSBVLhVfIYQifTcznzeJMupVY4U5f0TJnbjnHezxNuq6zXVt92F7aZhhO03gMClOhCZ0EUfnpFssBenG9oBB9ZjookpCSaMVOfDwM8ubjOfV7wpeCeIk4PADgb8tF88uJAYAF5KCHqk0NMEMt0Z1ATAm7q-L34tZzLdLCgzELX3EwCkGYIqqzP3XCtFreDemYF5WhT0LY7Xubc7Uo2YIKTSoRGcv9AOAK7ZTf-8wmoCVu2pZjr-oxfUQu6J44nRXHsDcVPzIE5UfUu1Z90yJGUsic1ou0gJCex41D6cCyhzpWMLRxxoGExycVHCxJytRbcLLfakhVoKqeDfwZyI4qt5eeOcgan3jhxa4bl1h-Vr1MOPs3Gyju4LhLlKtrm9VZJoyXCivn_pPC-HZSVkpUnYIuiFX2knAXd-x7-MegElrq3lHN9MMNaMGNUtu68_efPAD67a8yJ1EtMth0v3eqLLUUhU-s0wp_xcsjGWFGvx3FJOR9XsfhiHdX7KEis8oopIGew-9BxP_8U6IrG_pBWqvKuzbT0PjO79xvPyWuasqJlRmtbkvbCb9yJm4jihJG81slbYfgRhp1m_-BE-DkjR_7KsPkpsyyzcrjzyzvi-IdGjyF5wSl7F8YE9hobc9rAUSTYVJiFaBxjXgZ8saWsY0gRUISTL2L6h0NwwVzPp8ccMuNE9Wd5CU5vZIBVEh7RX8tn5NJEJZJfJbndagslyhSRTcYd_XS-xHBN24Yb23sBUXe0Huzk4BQ0yWSuWfU1z5kzf5Usd2gQg_Az75H6IkVYGsA8ddTKlaNZAaj7VdNqkSrC1IYQ6nY3tcn0QH9XKTZJf3RhxaAZGDBNKzlxIUWYDo4lyrke0sesGM5efz3KKg2LGF5_4NCdd3XjaJnrMjx3f_YC123c9x3mEDuLOIK4_NcVHuZqD9znlkSz3OtJl1y_SKNmvA1Y6rFXUyY06mkZDGHwlYARfmoV8KNZhLQNn13YrQlg7sUG3BJ4XSur1Gm0V-ii_KK2Vt_RidZ9WNVTgzHBQ6YlHtvNBU6jYbLCYFEmiVSVFvlQITQqgxdiD8C9jSGGuSVcL3yYqkB94dhskylPNDRJYRv5coPiN7rnPvh0BCutj56983vnkb_8zhHzP3SMQ-x0QNv9RD9TLk82PeBm-VOVjg3uuBaHkFOyQBNNRE0pzG6a3s6EjEIsiYttDQLg5dwYy4IAJAGccnZLIGQbntaQRMevXTdrjc1OAkctdI69vaFjEVcuXxlYqAp0biaYjwC3a1BKQ5dSiFt431P_UgbZ3PbYJj75ppUOayHURaQt1GX4tS33cjlIGLDC4mUZOUs21sNdfvjqaQmfd6UKfGrRjJEiIpwmXNuEczlVQX5q8OP89Bt4-unPEYW95E1SSEteM5Ww0vy1h7Jl1eh8lyx0BgICcHo_Zt0SpmsZWHuIrJYacxshql_UhFMhRj-wWeo4_Es433qw9ykFlWDh-ztKjXTcDYzi4HfdyVH4Vx33okX32AJbjqK9HRFqViunUKflFWXTYIQnDv1rqrLRT-cTDhTuRJPx6c0IDON22enf-GhiIvl26Ysz0Pm_JGzwWSBenq4P-pGxUx1l_5V_ZN8eenYTVIRzQvQEkDh6lmKFiiCm5FMuAbZlYLO3PsdLCGXGKWw4fZTpI9lRY8KNzhEqDog4Aj2fH5rmSKM15GwAvX9FahjSgr-bRxyEEbqkwk1CE53m3MXQFn-dGaRui49lt7uxMB10cMgTXDcvVPe3gx4iaP9UvZ6k3_sohC9cW-GfuLJA6b8RLHImblVwQgAnPMKksZwmfG7bGhkls2TKALn0mHEjbegzEyA12MpwaxLZXxjn7-RnViXlvlpGSxyBEhPXokM6i6vBL4OlTQS24K8nXc6MnS7UXfgr__6UYWdexOCp96OY4wszn3MwUW-U14RxZ3PhLJnoxDSHuU1KnirBZ72B_x2HxeaATlQWbbHcEJc08YN6kNvyUmAOQg7oXo2XDt149Kc8Hc_XFHtrs8V1H14Gx7sW4ynMo0KH0-jK2xCUPy_ZEMgeMRIxvISONkJ-r809wPSFnarQHjLUYvi5sDx4IhgslTgBsM2fOPPXbsfyfWqpgTOqNK6V4zkMbulvBLGJe2-gJ147uNPoN4XJ0ZhjIPuFeiKEMJraE5EPyriWEvu8Dfol19T9ENZO7v80fbXiBBw9iKsL6F2QQJEeYzQagdwHb9TPPbZ8vWxPQMDtxJ8MXtdgRGUH351xyJ6t-BKOSWkE9qw-uDgMz5PezWCE1SyRhTcNiTUMA86CGOvQxfPxN4nwrzmzEAsk02ddf9d8KdtJI0COwOEis91f1NYN4fac9FZ0RB9Qb6nfKPkP1B4SXVeVAXGpYKNN5yW7_rfynp3w9Nj_xyT2HHYldgKmoo23Aab2bbCqrqvnstXICMnE_gXcvgtSaGjfUBoDpd1bitDnynYp-PItm8b09V5PyKnPkFOhhgl7fO8R5XWT9QJ41decA6Ng2KdOrDXya2ItPLZvvncLgZKSCSSIfAqatgOjFuECHfhHU1AzlRwv4Ln5TUYXss8gWlxMADBaamoJ2mNh1S_KrazwodS0JwnIiad-VLtgyNY25lRhevPhlh7Jm8m-3Z0ifR9yue3Wy0lGG1-J80ElA5SOwGXtL1Aeo-97yPLSYHP6XOfmncfGrrqMaih1YjOsrnZE9VJtweTA06rQMSoE9-9TIQhH08M4nne0ZEUqvdqql_AWmzZ1IP5ujEwz06PY-m3eEnH-Tpps0dnBfYxUkWpFkGsrxEVtxHfxV0_3DWXMPIyZZHGL8iDycHUAdSD0fVFrhz9LRcq47Y1oE8F_H0m821GKv_XNwHcWpkq0ZtmTzK3WejMSoMwbTE1MYqtepTFQIWjywdAFERqUKgpUJajA4aKwgAEifkaBR3KKtDgqVrEcQfd0v471RGStVVYCzl_8cgLYGVn64OZCIxDOtgAQ

Requested by

Host: bcf79b9b46cd1c6d6f0b39baa0216384.safeframe.googlesyndication.com
URL: https://bcf79b9b46cd1c6d6f0b39baa0216384.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

74.125.133.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wo-in-f156.1e100.net

Software

cafe /

Resource Hash

6f379fc7adfec6484c51253705520caf60d459b2ddc490cfb32f1a81d60f65b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bcf79b9b46cd1c6d6f0b39baa0216384.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Aug 2022 02:56:57 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22956
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 15 Aug 2022 02:56:57 GMT
x-server-name: app03.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNVk2Y7np6VeL8QDVNQXaUlFHp6hHnYB_w8_36x1Al6kVBg6K4Y&d=CnkAoCZ_4MiuGief8Ci5N3UO7oqI96922TP69S8XJ-qg0SC69hN6ERlSpRexCuZ7iteNGbD-0UgEzWtvrwD6C0hRRwQQMrG0p3HnbLD6DBnLTsl0ZtftRPqf5oL-0mZ5uye573ybQkxvNrxhhNf-VuDqDYHCZO-b_kx4EvkUAKAmf-AlX6qjaaZBIuhvltgsZhi2vhaSzYNmWbfA44UmeNS8f_TXfVIPDXL_OanDArBDNWydedNswnXezfj94BpCQw5uyRXwgAMBM2q1H_EP5SzbJ5rPxoLz8-jA2Oid_1Wlm2Tzmcjyq3bFSJOyCHqmtDO6XsTFGBkV-qViaIvxOBKEbOeCUa8sh9TVzxs9aq5L8P_l56_X121JoSAmJsbafc8dMrJYP1rrotqULfjgAwVPdt4J5eT7GL6THoRAJRt_lUlkh90Svwm081Z8_aO_l_LankywhTJ86a1K6iRqSebejnV92vj8GPZ6xFo7MfCld1upqigv06zZO4eDCtsViUwCpNDchzf5p6o4-fXyyVbi1scIS6Zq-IH8-x2mKkWOaKVE0EVk7KZgHWxRh8M64uSmElUCLJYhe1zzRDjOpdMP2qXEYwqYwih8ItgWP6BFpI6L5HotEMAIepzDgSCYlOTU9aTETGPdt_3wPJCBWsymAuocYT3BISQKGnWiNiOHE32DaV11dgB8kVBtL3M_qnN-5G9tRADMMcaJ9e9a59kqm9hnBTFuFBbVAyW9NrGrrUTVkE7IurAxby1dLMPKKhbwZ0gz9avbSmeIKAwt8Wk_V69h7YlR2BoYw44UuxkBuGUKljoKaQScyxm_fSBVLhVfIYQifTcznzeJMupVY4U5f0TJnbjnHezxNuq6zXVt92F7aZhhO03gMClOhCZ0EUfnpFssBenG9oBB9ZjookpCSaMVOfDwM8ubjOfV7wpeCeIk4PADgb8tF88uJAYAF5KCHqk0NMEMt0Z1ATAm7q-L34tZzLdLCgzELX3EwCkGYIqqzP3XCtFreDemYF5WhT0LY7Xubc7Uo2YIKTSoRGcv9AOAK7ZTf-8wmoCVu2pZjr-oxfUQu6J44nRXHsDcVPzIE5UfUu1Z90yJGUsic1ou0gJCex41D6cCyhzpWMLRxxoGExycVHCxJytRbcLLfakhVoKqeDfwZyI4qt5eeOcgan3jhxa4bl1h-Vr1MOPs3Gyju4LhLlKtrm9VZJoyXCivn_pPC-HZSVkpUnYIuiFX2knAXd-x7-MegElrq3lHN9MMNaMGNUtu68_efPAD67a8yJ1EtMth0v3eqLLUUhU-s0wp_xcsjGWFGvx3FJOR9XsfhiHdX7KEis8oopIGew-9BxP_8U6IrG_pBWqvKuzbT0PjO79xvPyWuasqJlRmtbkvbCb9yJm4jihJG81slbYfgRhp1m_-BE-DkjR_7KsPkpsyyzcrjzyzvi-IdGjyF5wSl7F8YE9hobc9rAUSTYVJiFaBxjXgZ8saWsY0gRUISTL2L6h0NwwVzPp8ccMuNE9Wd5CU5vZIBVEh7RX8tn5NJEJZJfJbndagslyhSRTcYd_XS-xHBN24Yb23sBUXe0Huzk4BQ0yWSuWfU1z5kzf5Usd2gQg_Az75H6IkVYGsA8ddTKlaNZAaj7VdNqkSrC1IYQ6nY3tcn0QH9XKTZJf3RhxaAZGDBNKzlxIUWYDo4lyrke0sesGM5efz3KKg2LGF5_4NCdd3XjaJnrMjx3f_YC123c9x3mEDuLOIK4_NcVHuZqD9znlkSz3OtJl1y_SKNmvA1Y6rFXUyY06mkZDGHwlYARfmoV8KNZhLQNn13YrQlg7sUG3BJ4XSur1Gm0V-ii_KK2Vt_RidZ9WNVTgzHBQ6YlHtvNBU6jYbLCYFEmiVSVFvlQITQqgxdiD8C9jSGGuSVcL3yYqkB94dhskylPNDRJYRv5coPiN7rnPvh0BCutj56983vnkb_8zhHzP3SMQ-x0QNv9RD9TLk82PeBm-VOVjg3uuBaHkFOyQBNNRE0pzG6a3s6EjEIsiYttDQLg5dwYy4IAJAGccnZLIGQbntaQRMevXTdrjc1OAkctdI69vaFjEVcuXxlYqAp0biaYjwC3a1BKQ5dSiFt431P_UgbZ3PbYJj75ppUOayHURaQt1GX4tS33cjlIGLDC4mUZOUs21sNdfvjqaQmfd6UKfGrRjJEiIpwmXNuEczlVQX5q8OP89Bt4-unPEYW95E1SSEteM5Ww0vy1h7Jl1eh8lyx0BgICcHo_Zt0SpmsZWHuIrJYacxshql_UhFMhRj-wWeo4_Es433qw9ykFlWDh-ztKjXTcDYzi4HfdyVH4Vx33okX32AJbjqK9HRFqViunUKflFWXTYIQnDv1rqrLRT-cTDhTuRJPx6c0IDON22enf-GhiIvl26Ysz0Pm_JGzwWSBenq4P-pGxUx1l_5V_ZN8eenYTVIRzQvQEkDh6lmKFiiCm5FMuAbZlYLO3PsdLCGXGKWw4fZTpI9lRY8KNzhEqDog4Aj2fH5rmSKM15GwAvX9FahjSgr-bRxyEEbqkwk1CE53m3MXQFn-dGaRui49lt7uxMB10cMgTXDcvVPe3gx4iaP9UvZ6k3_sohC9cW-GfuLJA6b8RLHImblVwQgAnPMKksZwmfG7bGhkls2TKALn0mHEjbegzEyA12MpwaxLZXxjn7-RnViXlvlpGSxyBEhPXokM6i6vBL4OlTQS24K8nXc6MnS7UXfgr__6UYWdexOCp96OY4wszn3MwUW-U14RxZ3PhLJnoxDSHuU1KnirBZ72B_x2HxeaATlQWbbHcEJc08YN6kNvyUmAOQg7oXo2XDt149Kc8Hc_XFHtrs8V1H14Gx7sW4ynMo0KH0-jK2xCUPy_ZEMgeMRIxvISONkJ-r809wPSFnarQHjLUYvi5sDx4IhgslTgBsM2fOPPXbsfyfWqpgTOqNK6V4zkMbulvBLGJe2-gJ147uNPoN4XJ0ZhjIPuFeiKEMJraE5EPyriWEvu8Dfol19T9ENZO7v80fbXiBBw9iKsL6F2QQJEeYzQagdwHb9TPPbZ8vWxPQMDtxJ8MXtdgRGUH351xyJ6t-BKOSWkE9qw-uDgMz5PezWCE1SyRhTcNiTUMA86CGOvQxfPxN4nwrzmzEAsk02ddf9d8KdtJI0COwOEis91f1NYN4fac9FZ0RB9Qb6nfKPkP1B4SXVeVAXGpYKNN5yW7_rfynp3w9Nj_xyT2HHYldgKmoo23Aab2bbCqrqvnstXICMnE_gXcvgtSaGjfUBoDpd1bitDnynYp-PItm8b09V5PyKnPkFOhhgl7fO8R5XWT9QJ41decA6Ng2KdOrDXya2ItPLZvvncLgZKSCSSIfAqatgOjFuECHfhHU1AzlRwv4Ln5TUYXss8gWlxMADBaamoJ2mNh1S_KrazwodS0JwnIiad-VLtgyNY25lRhevPhlh7Jm8m-3Z0ifR9yue3Wy0lGG1-J80ElA5SOwGXtL1Aeo-97yPLSYHP6XOfmncfGrrqMaih1YjOsrnZE9VJtweTA06rQMSoE9-9TIQhH08M4nne0ZEUqvdqql_AWmzZ1IP5ujEwz06PY-m3eEnH-Tpps0dnBfYxUkWpFkGsrxEVtxHfxV0_3DWXMPIyZZHGL8iDycHUAdSD0fVFrhz9LRcq47Y1oE8F_H0m821GKv_XNwHcWpkq0ZtmTzK3WejMSoMwbTE1MYqtepTFQIWjywdAFERqUKgpUJajA4aKwgAEifkaBR3KKtDgqVrEcQfd0v471RGStVVYCzl_8cgLYGVn64OZCIxDOtgAQ
cache-control: no-cache
content-length: 0
server: nginx

GET
H2 200 sca.17.5.12.js Show response
static.adsafeprotected.com/ Frame D517 80 KB
21 KB 106ms
25ms Script
application/javascript 2600:9000:21f3:f200:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.5.12.js
Requested by: Host: bcf79b9b46cd1c6d6f0b39baa0216384.safeframe.googlesyndication.com
URL: https://bcf79b9b46cd1c6d6f0b39baa0216384.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:f200:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bcf79b9b46cd1c6d6f0b39baa0216384.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 16 May 2022 08:34:34 GMT
content-encoding: gzip
age: 7842144
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Thu, 19 Aug 2021 16:31:24 GMT
server: AmazonS3
etag: W/"9304f57298c3834ff107ea7ccb547996"
vary: Accept-Encoding
x-amz-version-id: 9YodSBhG3Q8HTUbQ_WDUpcPK09tSZ5ja
via: 1.1 f99b5b46e77cfe9c3413f99dc8a4088c.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: FRA2-C2
content-type: application/javascript
x-amz-cf-id: 2qUycM1nU2cU7Qvgsme82_mj-PaM6XyfwGriqBlglE-_x55SFh7FEQ==

GET
H2 200 dt
dt.adsafeprotected.com/ Frame A123 43 B
216 B 577ms
174ms Image
image/gif 2600:1f13:800:7782:22a8:1ef8:27f2:ceae
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1103447&asId=92739fff-5b92-636e-a1b7-c32ead3ca8aa&tv=%7Bc:lkbkBL,pingTime:-3,time:46,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:600,t:18%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:46,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:18,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:i,cc:NaN.NaN.300.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B41~0%5D,as:%5B41~300.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:texNXn9+11%7C12%7C131%7C141%7C142%7C143%7C15*.1103447-64557513%7C151%7C152,idMap:15*,rmeas:1,rend:0,renddet:IMG.us%7D&br=c
Requested by: Host: bcf79b9b46cd1c6d6f0b39baa0216384.safeframe.googlesyndication.com
URL: https://bcf79b9b46cd1c6d6f0b39baa0216384.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:22a8:1ef8:27f2:ceae Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bcf79b9b46cd1c6d6f0b39baa0216384.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Aug 2022 02:56:57 GMT
x-server-name: dt12.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ Frame A123 43 B
215 B 572ms
175ms Image
image/gif 2600:1f13:800:7782:22a8:1ef8:27f2:ceae
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1103447&asId=92739fff-5b92-636e-a1b7-c32ead3ca8aa&tv=%7Bc:lkbkBO,pingTime:-6,time:49,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:49,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:18,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:i,cc:NaN.NaN.300.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B44~0%5D,as:%5B44~300.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:texNXn9+11%7C12%7C131%7C141%7C142%7C143%7C15*.1103447-64557513%7C151%7C152,idMap:15*,rmeas:1,rend:0,renddet:IMG.us%7D&tpiLookup=ao:novini.dir.bg&br=c
Requested by: Host: bcf79b9b46cd1c6d6f0b39baa0216384.safeframe.googlesyndication.com
URL: https://bcf79b9b46cd1c6d6f0b39baa0216384.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:22a8:1ef8:27f2:ceae Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bcf79b9b46cd1c6d6f0b39baa0216384.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Aug 2022 02:56:57 GMT
x-server-name: dt13.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ Frame A123 43 B
215 B 570ms
175ms Image
image/gif 2600:1f13:800:7782:22a8:1ef8:27f2:ceae
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1103447&asId=92739fff-5b92-636e-a1b7-c32ead3ca8aa&tv=%7Bc:lkbkBT,pingTime:-2,time:54,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:344,beZ:345,mfA:346,cmA:348,inA:348,inZ:352,prA:352,prZ:357,si:363,poA:365,poZ:385,cmZ:385,mfZ:385,loA:393,loZ:397,ltA:398,ltZ:398%7D%7D,sca:%7Bdfp:%7Bdf:0%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:600,t:18%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:54,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:18,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:i,cc:NaN.NaN.300.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B48~0%5D,as:%5B48~300.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:texNXn9+11%7C12%7C131%7C141%7C142%7C143%7C15*.1103447-64557513%7C151%7C152,idMap:15*,pd:0YtC.internal-nacl-plugin,rmeas:1,rend:0,renddet:IMG.us,sinceFw:33,readyFired:false%7D&br=c
Requested by: Host: bcf79b9b46cd1c6d6f0b39baa0216384.safeframe.googlesyndication.com
URL: https://bcf79b9b46cd1c6d6f0b39baa0216384.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:22a8:1ef8:27f2:ceae Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bcf79b9b46cd1c6d6f0b39baa0216384.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Aug 2022 02:56:57 GMT
x-server-name: dt14.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H3 200 html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame A123 170 KB
59 KB 67ms
21ms Script
text/javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Requested by

Host: novini.dir.bg
URL: http://novini.dir.bg/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bcf79b9b46cd1c6d6f0b39baa0216384.safeframe.googlesyndication.com/
Origin: https://bcf79b9b46cd1c6d6f0b39baa0216384.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 17:52:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 32662
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 60311
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:25 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 15 Aug 2022 17:52:35 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220810/r20110914/elements/html/ Frame A123 8 KB
3 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220810/r20110914/elements/html/omrhp.js

Requested by

Host: fw.adsafeprotected.com
URL: https://fw.adsafeprotected.com/rfw/bgd/1103447/64557513/xbbe/creative/adj?p=APEucNVk2Y7np6VeL8QDVNQXaUlFHp6hHnYB_w8_36x1Al6kVBg6K4Y&d=CnkAoCZ_4MiuGief8Ci5N3UO7oqI96922TP69S8XJ-qg0SC69hN6ERlSpRexCuZ7iteNGbD-0UgEzWtvrwD6C0hRRwQQMrG0p3HnbLD6DBnLTsl0ZtftRPqf5oL-0mZ5uye573ybQkxvNrxhhNf-VuDqDYHCZO-b_kx4EvkUAKAmf-AlX6qjaaZBIuhvltgsZhi2vhaSzYNmWbfA44UmeNS8f_TXfVIPDXL_OanDArBDNWydedNswnXezfj94BpCQw5uyRXwgAMBM2q1H_EP5SzbJ5rPxoLz8-jA2Oid_1Wlm2Tzmcjyq3bFSJOyCHqmtDO6XsTFGBkV-qViaIvxOBKEbOeCUa8sh9TVzxs9aq5L8P_l56_X121JoSAmJsbafc8dMrJYP1rrotqULfjgAwVPdt4J5eT7GL6THoRAJRt_lUlkh90Svwm081Z8_aO_l_LankywhTJ86a1K6iRqSebejnV92vj8GPZ6xFo7MfCld1upqigv06zZO4eDCtsViUwCpNDchzf5p6o4-fXyyVbi1scIS6Zq-IH8-x2mKkWOaKVE0EVk7KZgHWxRh8M64uSmElUCLJYhe1zzRDjOpdMP2qXEYwqYwih8ItgWP6BFpI6L5HotEMAIepzDgSCYlOTU9aTETGPdt_3wPJCBWsymAuocYT3BISQKGnWiNiOHE32DaV11dgB8kVBtL3M_qnN-5G9tRADMMcaJ9e9a59kqm9hnBTFuFBbVAyW9NrGrrUTVkE7IurAxby1dLMPKKhbwZ0gz9avbSmeIKAwt8Wk_V69h7YlR2BoYw44UuxkBuGUKljoKaQScyxm_fSBVLhVfIYQifTcznzeJMupVY4U5f0TJnbjnHezxNuq6zXVt92F7aZhhO03gMClOhCZ0EUfnpFssBenG9oBB9ZjookpCSaMVOfDwM8ubjOfV7wpeCeIk4PADgb8tF88uJAYAF5KCHqk0NMEMt0Z1ATAm7q-L34tZzLdLCgzELX3EwCkGYIqqzP3XCtFreDemYF5WhT0LY7Xubc7Uo2YIKTSoRGcv9AOAK7ZTf-8wmoCVu2pZjr-oxfUQu6J44nRXHsDcVPzIE5UfUu1Z90yJGUsic1ou0gJCex41D6cCyhzpWMLRxxoGExycVHCxJytRbcLLfakhVoKqeDfwZyI4qt5eeOcgan3jhxa4bl1h-Vr1MOPs3Gyju4LhLlKtrm9VZJoyXCivn_pPC-HZSVkpUnYIuiFX2knAXd-x7-MegElrq3lHN9MMNaMGNUtu68_efPAD67a8yJ1EtMth0v3eqLLUUhU-s0wp_xcsjGWFGvx3FJOR9XsfhiHdX7KEis8oopIGew-9BxP_8U6IrG_pBWqvKuzbT0PjO79xvPyWuasqJlRmtbkvbCb9yJm4jihJG81slbYfgRhp1m_-BE-DkjR_7KsPkpsyyzcrjzyzvi-IdGjyF5wSl7F8YE9hobc9rAUSTYVJiFaBxjXgZ8saWsY0gRUISTL2L6h0NwwVzPp8ccMuNE9Wd5CU5vZIBVEh7RX8tn5NJEJZJfJbndagslyhSRTcYd_XS-xHBN24Yb23sBUXe0Huzk4BQ0yWSuWfU1z5kzf5Usd2gQg_Az75H6IkVYGsA8ddTKlaNZAaj7VdNqkSrC1IYQ6nY3tcn0QH9XKTZJf3RhxaAZGDBNKzlxIUWYDo4lyrke0sesGM5efz3KKg2LGF5_4NCdd3XjaJnrMjx3f_YC123c9x3mEDuLOIK4_NcVHuZqD9znlkSz3OtJl1y_SKNmvA1Y6rFXUyY06mkZDGHwlYARfmoV8KNZhLQNn13YrQlg7sUG3BJ4XSur1Gm0V-ii_KK2Vt_RidZ9WNVTgzHBQ6YlHtvNBU6jYbLCYFEmiVSVFvlQITQqgxdiD8C9jSGGuSVcL3yYqkB94dhskylPNDRJYRv5coPiN7rnPvh0BCutj56983vnkb_8zhHzP3SMQ-x0QNv9RD9TLk82PeBm-VOVjg3uuBaHkFOyQBNNRE0pzG6a3s6EjEIsiYttDQLg5dwYy4IAJAGccnZLIGQbntaQRMevXTdrjc1OAkctdI69vaFjEVcuXxlYqAp0biaYjwC3a1BKQ5dSiFt431P_UgbZ3PbYJj75ppUOayHURaQt1GX4tS33cjlIGLDC4mUZOUs21sNdfvjqaQmfd6UKfGrRjJEiIpwmXNuEczlVQX5q8OP89Bt4-unPEYW95E1SSEteM5Ww0vy1h7Jl1eh8lyx0BgICcHo_Zt0SpmsZWHuIrJYacxshql_UhFMhRj-wWeo4_Es433qw9ykFlWDh-ztKjXTcDYzi4HfdyVH4Vx33okX32AJbjqK9HRFqViunUKflFWXTYIQnDv1rqrLRT-cTDhTuRJPx6c0IDON22enf-GhiIvl26Ysz0Pm_JGzwWSBenq4P-pGxUx1l_5V_ZN8eenYTVIRzQvQEkDh6lmKFiiCm5FMuAbZlYLO3PsdLCGXGKWw4fZTpI9lRY8KNzhEqDog4Aj2fH5rmSKM15GwAvX9FahjSgr-bRxyEEbqkwk1CE53m3MXQFn-dGaRui49lt7uxMB10cMgTXDcvVPe3gx4iaP9UvZ6k3_sohC9cW-GfuLJA6b8RLHImblVwQgAnPMKksZwmfG7bGhkls2TKALn0mHEjbegzEyA12MpwaxLZXxjn7-RnViXlvlpGSxyBEhPXokM6i6vBL4OlTQS24K8nXc6MnS7UXfgr__6UYWdexOCp96OY4wszn3MwUW-U14RxZ3PhLJnoxDSHuU1KnirBZ72B_x2HxeaATlQWbbHcEJc08YN6kNvyUmAOQg7oXo2XDt149Kc8Hc_XFHtrs8V1H14Gx7sW4ynMo0KH0-jK2xCUPy_ZEMgeMRIxvISONkJ-r809wPSFnarQHjLUYvi5sDx4IhgslTgBsM2fOPPXbsfyfWqpgTOqNK6V4zkMbulvBLGJe2-gJ147uNPoN4XJ0ZhjIPuFeiKEMJraE5EPyriWEvu8Dfol19T9ENZO7v80fbXiBBw9iKsL6F2QQJEeYzQagdwHb9TPPbZ8vWxPQMDtxJ8MXtdgRGUH351xyJ6t-BKOSWkE9qw-uDgMz5PezWCE1SyRhTcNiTUMA86CGOvQxfPxN4nwrzmzEAsk02ddf9d8KdtJI0COwOEis91f1NYN4fac9FZ0RB9Qb6nfKPkP1B4SXVeVAXGpYKNN5yW7_rfynp3w9Nj_xyT2HHYldgKmoo23Aab2bbCqrqvnstXICMnE_gXcvgtSaGjfUBoDpd1bitDnynYp-PItm8b09V5PyKnPkFOhhgl7fO8R5XWT9QJ41decA6Ng2KdOrDXya2ItPLZvvncLgZKSCSSIfAqatgOjFuECHfhHU1AzlRwv4Ln5TUYXss8gWlxMADBaamoJ2mNh1S_KrazwodS0JwnIiad-VLtgyNY25lRhevPhlh7Jm8m-3Z0ifR9yue3Wy0lGG1-J80ElA5SOwGXtL1Aeo-97yPLSYHP6XOfmncfGrrqMaih1YjOsrnZE9VJtweTA06rQMSoE9-9TIQhH08M4nne0ZEUqvdqql_AWmzZ1IP5ujEwz06PY-m3eEnH-Tpps0dnBfYxUkWpFkGsrxEVtxHfxV0_3DWXMPIyZZHGL8iDycHUAdSD0fVFrhz9LRcq47Y1oE8F_H0m821GKv_XNwHcWpkq0ZtmTzK3WejMSoMwbTE1MYqtepTFQIWjywdAFERqUKgpUJajA4aKwgAEifkaBR3KKtDgqVrEcQfd0v471RGStVVYCzl_8cgLYGVn64OZCIxDOtgAQ&ias_dspID=3&ias_campId=1008209264&ias_pubId=pub-7013154316454623&ias_chanId=1&ias_placementId=17668708710&bidurl=http://novini.dir.bg/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0iWT_w3hYLU6AiG9iy2m_-T&adsafe_url=http%3A%2F%2Fnovini.dir.bg%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Fbcf79b9b46cd1c6d6f0b39baa0216384.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fbcf79b9b46cd1c6d6f0b39baa0216384.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:92739fff-5b92-636e-a1b7-c32ead3ca8aa,c:lkbkBj,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-94958994c-rv5hs,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:i,cc:NaN.NaN.300.600,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,an:n,oam:0,scm:audiit1,mtim:2,mot:0,app:0,maw:0,fm:texNXn9+11%7C12%7C131%7C141%7C142%7C143%7C15*.1103447-64557513%7C151%7C152,idMap:15*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,tt:rjss,et:19,oid:ecbdb4b8-1c45-11ed-9bfb-0630da5f8fc5,v:19.8.343,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c9499ea51a2956fd2c1600591ae117fe9ad81065d625b1b2c593c7720e5b228f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bcf79b9b46cd1c6d6f0b39baa0216384.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 02:56:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 46
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3181
x-xss-protection: 0
server: cafe
etag: 18418590997839133011
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 29 Aug 2022 02:56:11 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220810/r20110914/ Frame A123 30 KB
12 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220810/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c0d0b5ecf5aa2cd5475929aefcb44d67c5d5cc8cbcdb3991e45f0944f0344619

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bcf79b9b46cd1c6d6f0b39baa0216384.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 02:42:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 875
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11819
x-xss-protection: 0
server: cafe
etag: 10563440404697844360
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 29 Aug 2022 02:42:22 GMT

GET
DATA 200
OK truncated
/ Frame A123 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f613a3577db46010feef2f5dcbb31aef733e8c267408ef296fb4bf22548e1fea

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 dt
dt.adsafeprotected.com/ Frame A123 43 B
215 B 175ms
175ms Image
image/gif 2600:1f13:800:7782:22a8:1ef8:27f2:ceae
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1103447&asId=92739fff-5b92-636e-a1b7-c32ead3ca8aa&tv=%7Bc:lkbkIz,pingTime:-10,time:468,type:s,mvn:ZnNjPTEyLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNS4xMnYxMjAwfHwxNjAwfHwxfHwxfHwyNHx8MTIwMHx8MHx8MHx8MXx8bGFuZHNjYXBlLXByaW1hcnl8fDI0fHw0LzN8fDQvM3x8MHx8MTYwMA--,no:MTcuNS4xMnZNb3ppbGxhfHxOZXRzY2FwZXx8bnx8bnx8MHx8bnx8V2luMzJ8fEdlY2tvfHwyMDAzMDEwN3x8MHx8TW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzEwNC4wLjUxMTIuNzkgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.5.12v220002022000220000002002220000022220200000222200022020002022022022222202002220222022222022222000000200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022020000000020000000000000000000020220202220000022200202202220022000200222022200200022202220020222202000220000222202222202222000002002002222222202220022202200022002220202202,asp:1660532217442%7C%7C8b0253d17fbee9c66c3caaf38824ee9c%7C%7Cb4bf91f622d70e9512a166bc36c81122%7C%7C1076489fa62a73f9d6f317007969c92c%7C%7C3644b5b60021dfae8a95018743b385f4%7C%7C6862f5050106a0528dc89acb6ab88fd2%7C%7C881512923defae488efadb878d4ad554%7C%7Cbdbf6b19e792162a48fc74cc98152ac4%7C%7C1629390669%7D
Requested by: Host: bcf79b9b46cd1c6d6f0b39baa0216384.safeframe.googlesyndication.com
URL: https://bcf79b9b46cd1c6d6f0b39baa0216384.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:22a8:1ef8:27f2:ceae Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bcf79b9b46cd1c6d6f0b39baa0216384.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Aug 2022 02:56:57 GMT
x-server-name: dt08.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/8194289394266406912/ Frame 9C50 3 KB
1005 B 30ms
30ms Document
text/html 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/8194289394266406912/index.html?e=69&leftOffset=0&topOffset=0&c=DdGXQhpPMZ&t=1&renderingType=2&ev=01_247

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2b4446b088b671a0551c227061dc3556c5919661d0b217a1f90c0ac5ec03fdf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bcf79b9b46cd1c6d6f0b39baa0216384.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 977
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Mon, 15 Aug 2022 02:56:57 GMT
expires: Tue, 15 Aug 2023 02:56:57 GMT
last-modified: Tue, 30 Nov 2021 23:17:14 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame A123 0
26 B 59ms
59ms Ping
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssv8kn0zIJFgyRP1_VhDYpM73z2u38fXRNwkubK9dS2lPoOUgZnC4zkHs0Zsu7C1cbR2RZBRS-sqvONXFA1EOfkm8GuAZzZN8dFs2K2VJsAgYldkLCnGhgRIm0yN4MYjVyfJdWDgKlOnKk&sai=AMfl-YRxhV_obINWYXF9XTT09zgdPNM2lQQkdyvfuaYF3KfQz70SyTDWFRd1JcMx_AjrHHFLT409llA_QDdGO_g5YO8pHCMBTaf1u1L-9w2W5Z93AMmJXrU2cohmyH84DYU&sig=Cg0ArKJSzA1J9ZA3DGNSEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=103&cbvp=1&cstd=98&cisv=r20220810.83438&adurl=

Requested by

Host: novini.dir.bg
URL: http://novini.dir.bg/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bcf79b9b46cd1c6d6f0b39baa0216384.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 15 Aug 2022 02:56:57 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 7BA4 42 B
64 B 105ms
61ms Fetch
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuMuB9uTNDftjGsg2Mke0gz27x_P6h09wFkNKmXBK2WFoOCv2GgAYkUK-_vIColz_4a1Udf2fxi42R-QX6rZ6ZHRhJf8PFUKBeXSBaINOoNhiH0PTZ7H-ml1cHyzlTD0ZTNxgnyFH8vxCLTyQ&sai=AMfl-YRDzmYA1lnWtXkXaTMAfkAZ1_-Lf0eAaRkpSJ5RNel0qpe1oOU42ovtpBg3x6NfaBZvKgZr-aMnqx3sFegJzWMWT2Lns3uqg9pAC-1agYwrn1j6Xu34kovmXla94q29&sig=Cg0ArKJSzG7fFz5c7U_cEAE&cid=CAASKORoYs6pfephkucYPkUXkkGxuqxxqZgu4rhbOe48k59z7Rz00grKRZw&id=lidar2&mcvt=1009&p=110,315,360,1285&mtos=1009,1009,1009,1009,1009&tos=1009,0,0,0,0&v=20220810&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2799138310&rs=4&la=1&cr=0&vs=4&r=v&rst=1660532216167&rpt=289&isd=0&lsd=0&met=ce&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bcf79b9b46cd1c6d6f0b39baa0216384.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Aug 2022 02:56:57 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 style.css
s0.2mdn.net/sadbundle/8194289394266406912/ Frame 9C50 478 B
304 B 23ms
22ms Stylesheet
text/css 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/8194289394266406912/style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8194289394266406912/index.html?e=69&leftOffset=0&topOffset=0&c=DdGXQhpPMZ&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e5625d5bcd517d85dd87fa8cae8d149220802b7c1697bf5f8a9bb551de92cde7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8194289394266406912/index.html?e=69&leftOffset=0&topOffset=0&c=DdGXQhpPMZ&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 00:28:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 268117
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 275
x-xss-protection: 0
last-modified: Tue, 30 Nov 2021 23:17:14 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 12 Aug 2023 00:28:20 GMT

GET
H3 200 Enabler_01_247.js Show response
s0.2mdn.net/879366/ Frame 9C50 118 KB
40 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8194289394266406912/index.html?e=69&leftOffset=0&topOffset=0&c=DdGXQhpPMZ&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8194289394266406912/index.html?e=69&leftOffset=0&topOffset=0&c=DdGXQhpPMZ&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 07:12:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 71049
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41099
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 15 Aug 2022 07:12:48 GMT

GET
H3 200 dynamicBuilder.min.js Show response
s0.2mdn.net/creatives/assets/1951882/ Frame 9C50 9 KB
1 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/1951882/dynamicBuilder.min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8194289394266406912/index.html?e=69&leftOffset=0&topOffset=0&c=DdGXQhpPMZ&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d585510ebf6dccd5790b2083b5e4425473fa2277aef2dc2be1fcba2d04f47e33

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8194289394266406912/index.html?e=69&leftOffset=0&topOffset=0&c=DdGXQhpPMZ&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 02:43:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 788
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1400
x-xss-protection: 0
last-modified: Wed, 04 Apr 2018 17:00:48 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 15 Aug 2022 02:58:49 GMT

GET
H3 200 gsap_3.5.1_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 9C50 60 KB
24 KB 30ms
30ms Script
text/javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.5.1_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8194289394266406912/index.html?e=69&leftOffset=0&topOffset=0&c=DdGXQhpPMZ&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8194289394266406912/index.html?e=69&leftOffset=0&topOffset=0&c=DdGXQhpPMZ&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 02:56:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24155
x-xss-protection: 0
last-modified: Mon, 31 Aug 2020 21:23:17 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 15 Aug 2022 02:56:57 GMT

GET
H3 200 logic.js Show response
s0.2mdn.net/sadbundle/8194289394266406912/ Frame 9C50 2 KB
842 B 24ms
24ms Script
application/x-javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/8194289394266406912/logic.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8194289394266406912/index.html?e=69&leftOffset=0&topOffset=0&c=DdGXQhpPMZ&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5b93375608ccdd64e2d47f13e20fe34c7eb801b4658b111d0fa173112340a2e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8194289394266406912/index.html?e=69&leftOffset=0&topOffset=0&c=DdGXQhpPMZ&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 10 Aug 2022 12:06:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 399041
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 813
x-xss-protection: 0
last-modified: Tue, 30 Nov 2021 23:17:14 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 10 Aug 2023 12:06:16 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame A123 43 B
215 B 245ms
244ms Image
image/gif 2600:1f13:800:7782:22a8:1ef8:27f2:ceae
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1103447&asId=92739fff-5b92-636e-a1b7-c32ead3ca8aa&tv=%7Bc:lkbkJV,time:552,type:e,im:%7Bpci:%7Btdr:505%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:552,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:18,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:i,cc:NaN.NaN.300.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B546~0%5D,as:%5B546~300.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:texNXn9+11%7C12%7C131%7C141%7C142%7C143%7C15*.1103447-64557513%7C151%7C152,idMap:15*,rmeas:1,rend:1,renddet:DIV.qs.sn%7D&br=c
Requested by: Host: bcf79b9b46cd1c6d6f0b39baa0216384.safeframe.googlesyndication.com
URL: https://bcf79b9b46cd1c6d6f0b39baa0216384.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:22a8:1ef8:27f2:ceae Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bcf79b9b46cd1c6d6f0b39baa0216384.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Aug 2022 02:56:57 GMT
x-server-name: dt02.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame A123 0
26 B 60ms
60ms Ping
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: novini.dir.bg
URL: http://novini.dir.bg/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bcf79b9b46cd1c6d6f0b39baa0216384.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 15 Aug 2022 02:56:57 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 263175629188549255.json Show response
s0.2mdn.net/creatives/assets/3543456/ Frame 9C50 19 KB
6 KB 22ms
22ms XHR
application/json 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/3543456/263175629188549255.json

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8194289394266406912/logic.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cba8b10409c5c4fa6052e0395c960a61fb0017dc08fb3e7973d5fb48ef4c7daa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8194289394266406912/index.html?e=69&leftOffset=0&topOffset=0&c=DdGXQhpPMZ&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 02:43:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 781
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6329
x-xss-protection: 0
last-modified: Mon, 18 Jul 2022 09:51:53 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 15 Aug 2022 02:58:56 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 9C50 7 KB
5 KB 33ms
32ms XHR
application/json 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

29fb62d85a43d29553164f541e7fee71ff77a0060e7675031b24f2f44244661f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 15 Aug 2022 02:56:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5560
x-xss-protection: 0

GET
H3 200 logo.svg
s0.2mdn.net/creatives/assets/3543456/ Frame 9C50 148 KB
41 KB 22ms
22ms Image
image/svg+xml 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/3543456/logo.svg

Requested by

Host: bcf79b9b46cd1c6d6f0b39baa0216384.safeframe.googlesyndication.com
URL: https://bcf79b9b46cd1c6d6f0b39baa0216384.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3599acd69a74bf92c8d05f4ddf3d0af3d7da2b1967c2ce76b7da00e281626b1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8194289394266406912/index.html?e=69&leftOffset=0&topOffset=0&c=DdGXQhpPMZ&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 02:53:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 217
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41539
x-xss-protection: 0
last-modified: Thu, 28 Oct 2021 13:50:43 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 15 Aug 2022 03:08:20 GMT

GET
H3 200 b10f5fae283f34a74e232ef229f6330d.jpg
s0.2mdn.net/creatives/assets/3543456/ Frame 9C50 60 KB
60 KB 22ms
21ms Image
image/jpeg 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/3543456/b10f5fae283f34a74e232ef229f6330d.jpg

Requested by

Host: bcf79b9b46cd1c6d6f0b39baa0216384.safeframe.googlesyndication.com
URL: https://bcf79b9b46cd1c6d6f0b39baa0216384.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

956cde7966e9c20d669af9e9e052058da4a9afbbfa30392750cea1f04f8628b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8194289394266406912/index.html?e=69&leftOffset=0&topOffset=0&c=DdGXQhpPMZ&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 02:53:44 GMT
x-content-type-options: nosniff
age: 193
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61051
x-xss-protection: 0
last-modified: Tue, 09 Nov 2021 14:48:59 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 15 Aug 2022 03:08:44 GMT

GET
H3 200 6287f3b21ed6f4775c7ce1a88be8c183.png
s0.2mdn.net/creatives/assets/3543456/ Frame 9C50 68 B
100 B 24ms
22ms Image
image/png 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/3543456/6287f3b21ed6f4775c7ce1a88be8c183.png

Requested by

Host: bcf79b9b46cd1c6d6f0b39baa0216384.safeframe.googlesyndication.com
URL: https://bcf79b9b46cd1c6d6f0b39baa0216384.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

93ae7d494fad0fb30cbf3ae746a39c4bc7a0f8bbf87fbb587a3f3c01f3c5ce20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8194289394266406912/index.html?e=69&leftOffset=0&topOffset=0&c=DdGXQhpPMZ&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 02:50:40 GMT
x-content-type-options: nosniff
age: 377
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 68
x-xss-protection: 0
last-modified: Tue, 09 Nov 2021 14:45:26 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 15 Aug 2022 03:05:40 GMT

GET
H3 200 NewsGothforPorscheWTT-Reg.woff
s0.2mdn.net/creatives/assets/3543456/ Frame 9C50 37 KB
37 KB 23ms
22ms Font
font/woff 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/3543456/NewsGothforPorscheWTT-Reg.woff

Requested by

Host: bcf79b9b46cd1c6d6f0b39baa0216384.safeframe.googlesyndication.com
URL: https://bcf79b9b46cd1c6d6f0b39baa0216384.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2c1da68f52aa196ea14a82cd7529c76f11f766e65f773096921d7ccc1713846b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/8194289394266406912/index.html?e=69&leftOffset=0&topOffset=0&c=DdGXQhpPMZ&t=1&renderingType=2&ev=01_247
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 02:50:41 GMT
x-content-type-options: nosniff
age: 376
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38192
x-xss-protection: 0
last-modified: Fri, 08 Nov 2019 14:28:51 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 15 Aug 2022 03:05:41 GMT

GET
H2 200 gsap.min.js Show response
cdnjs.cloudflare.com/ajax/libs/gsap/3.4.2/ Frame 9C50 59 KB
22 KB 71ms
26ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/gsap/3.4.2/gsap.min.js

Requested by

Host: novini.dir.bg
URL: http://novini.dir.bg/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a3c5ff7e114ffe32212ee07123f9dc6aa19c09072e44fe64649c9cc747040cab

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 02:56:57 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 2183059
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 21678
timing-allow-origin: *
last-modified: Tue, 21 Jul 2020 23:12:03 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5f177643-eca3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u2NpFEzi2lRsXVHSXk0bptqgN0d4kgf%2BSe8uLesp2FMOQCw1yZnvf58BsPm1ZdPEoSwQxgNVKGtFchOscl21%2BV%2FdNF%2BGIG8%2FbCornF4p7quLcB7qjJJNjmkY%2FC%2BLRVisj7J0CdCdszBDhevFmzu%2FYYqv"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 73aea8f85849910a-FRA
expires: Sat, 05 Aug 2023 02:56:57 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 9C50 17 KB
6 KB 36ms
35ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 02:56:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 15 Aug 2022 02:56:57 GMT

GET
H3 200 63e0334143ce3853f86e47f6c63263a8.png
s0.2mdn.net/creatives/assets/3543456/ Frame 9C50 15 KB
15 KB 22ms
21ms Image
image/png 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/3543456/63e0334143ce3853f86e47f6c63263a8.png

Requested by

Host: bcf79b9b46cd1c6d6f0b39baa0216384.safeframe.googlesyndication.com
URL: https://bcf79b9b46cd1c6d6f0b39baa0216384.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

16de06fe6fa400a8301610279e26648ca4dcbf8637be36a1440aa18c435c3492

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8194289394266406912/index.html?e=69&leftOffset=0&topOffset=0&c=DdGXQhpPMZ&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 02:53:44 GMT
x-content-type-options: nosniff
age: 193
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15357
x-xss-protection: 0
last-modified: Mon, 18 Jul 2022 09:51:54 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 15 Aug 2022 03:08:44 GMT

GET
H3 200 e2e76600622ac39b2db6f7e0c9468647.png
s0.2mdn.net/creatives/assets/3543456/ Frame 9C50 16 KB
16 KB 24ms
23ms Image
image/png 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/3543456/e2e76600622ac39b2db6f7e0c9468647.png

Requested by

Host: bcf79b9b46cd1c6d6f0b39baa0216384.safeframe.googlesyndication.com
URL: https://bcf79b9b46cd1c6d6f0b39baa0216384.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

991018d7dc531712bf0a3f814e49b878f7dfd7401705ae41242e8e51a63a141a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8194289394266406912/index.html?e=69&leftOffset=0&topOffset=0&c=DdGXQhpPMZ&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 02:53:44 GMT
x-content-type-options: nosniff
age: 193
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16315
x-xss-protection: 0
last-modified: Mon, 18 Jul 2022 09:53:39 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 15 Aug 2022 03:08:44 GMT

GET
H3 200 ef1cf8fe61593dd6defcd740eb598631.png
s0.2mdn.net/creatives/assets/3543456/ Frame 9C50 14 KB
14 KB 25ms
24ms Image
image/png 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/3543456/ef1cf8fe61593dd6defcd740eb598631.png

Requested by

Host: bcf79b9b46cd1c6d6f0b39baa0216384.safeframe.googlesyndication.com
URL: https://bcf79b9b46cd1c6d6f0b39baa0216384.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f16e31d0089e0403b95c078217872abd11e9f930e7a7759aec7a5387fee7a418

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8194289394266406912/index.html?e=69&leftOffset=0&topOffset=0&c=DdGXQhpPMZ&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 02:53:44 GMT
x-content-type-options: nosniff
age: 193
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13947
x-xss-protection: 0
last-modified: Mon, 18 Jul 2022 09:53:38 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 15 Aug 2022 03:08:44 GMT

GET
H3 200 e3b6a78b9bf15ac3ed44f2d5470f073a.png
s0.2mdn.net/creatives/assets/3543456/ Frame 9C50 14 KB
14 KB 24ms
23ms Image
image/png 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/3543456/e3b6a78b9bf15ac3ed44f2d5470f073a.png

Requested by

Host: bcf79b9b46cd1c6d6f0b39baa0216384.safeframe.googlesyndication.com
URL: https://bcf79b9b46cd1c6d6f0b39baa0216384.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d4a6a058823e1941fb9dadac766ca12b03b0dbd6db856adfeb19bab11bfb53cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8194289394266406912/index.html?e=69&leftOffset=0&topOffset=0&c=DdGXQhpPMZ&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 02:53:44 GMT
x-content-type-options: nosniff
age: 193
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13996
x-xss-protection: 0
last-modified: Mon, 18 Jul 2022 09:53:38 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 15 Aug 2022 03:08:44 GMT

GET
H3 200 12a037491e737e30df7c46121ccd27c9.png
s0.2mdn.net/creatives/assets/3543456/ Frame 9C50 18 KB
18 KB 27ms
26ms Image
image/png 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/3543456/12a037491e737e30df7c46121ccd27c9.png

Requested by

Host: bcf79b9b46cd1c6d6f0b39baa0216384.safeframe.googlesyndication.com
URL: https://bcf79b9b46cd1c6d6f0b39baa0216384.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

946226d61cf1a4bede27df1560a5db69f5a71c8d4fe238cbe4c6b771cc022f07

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8194289394266406912/index.html?e=69&leftOffset=0&topOffset=0&c=DdGXQhpPMZ&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 02:53:44 GMT
x-content-type-options: nosniff
age: 193
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18167
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 11:04:09 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 15 Aug 2022 03:08:44 GMT

GET
H3 200 7597acb361e1555c15497436f113bc31.png
s0.2mdn.net/creatives/assets/3543456/ Frame 9C50 14 KB
14 KB 28ms
27ms Image
image/png 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/3543456/7597acb361e1555c15497436f113bc31.png

Requested by

Host: bcf79b9b46cd1c6d6f0b39baa0216384.safeframe.googlesyndication.com
URL: https://bcf79b9b46cd1c6d6f0b39baa0216384.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

002a803dcfb8277a457c082b711c5b421228c403cc814eaf91263619dc254ef5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8194289394266406912/index.html?e=69&leftOffset=0&topOffset=0&c=DdGXQhpPMZ&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 02:49:02 GMT
x-content-type-options: nosniff
age: 475
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13979
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 11:04:09 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 15 Aug 2022 03:04:02 GMT

GET
H3 200 31c87b0801df194094291696f4219185.png
s0.2mdn.net/creatives/assets/3543456/ Frame 9C50 16 KB
16 KB 26ms
25ms Image
image/png 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/3543456/31c87b0801df194094291696f4219185.png

Requested by

Host: bcf79b9b46cd1c6d6f0b39baa0216384.safeframe.googlesyndication.com
URL: https://bcf79b9b46cd1c6d6f0b39baa0216384.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

557811357338530599a2c8e521f644b0d1a0e0fcb0c15d0875a7ffae38b151de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8194289394266406912/index.html?e=69&leftOffset=0&topOffset=0&c=DdGXQhpPMZ&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 02:49:02 GMT
x-content-type-options: nosniff
age: 475
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15918
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 11:04:08 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 15 Aug 2022 03:04:02 GMT

GET
H3 200 27125d2419b34f778ee336c704478350.png
s0.2mdn.net/creatives/assets/3543456/ Frame 9C50 15 KB
15 KB 27ms
26ms Image
image/png 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/3543456/27125d2419b34f778ee336c704478350.png

Requested by

Host: bcf79b9b46cd1c6d6f0b39baa0216384.safeframe.googlesyndication.com
URL: https://bcf79b9b46cd1c6d6f0b39baa0216384.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bfc0cb7e95a5d1ab3b6370474546916b96392167fbe192a25aaad121e4c19912

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8194289394266406912/index.html?e=69&leftOffset=0&topOffset=0&c=DdGXQhpPMZ&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 02:53:20 GMT
x-content-type-options: nosniff
age: 217
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15271
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 11:04:07 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 15 Aug 2022 03:08:20 GMT

GET
H3 200 d55e04c5ea8494561d43de20f83a1a7e.png
s0.2mdn.net/creatives/assets/3543456/ Frame 9C50 14 KB
14 KB 25ms
24ms Image
image/png 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/3543456/d55e04c5ea8494561d43de20f83a1a7e.png

Requested by

Host: bcf79b9b46cd1c6d6f0b39baa0216384.safeframe.googlesyndication.com
URL: https://bcf79b9b46cd1c6d6f0b39baa0216384.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

966b455649872dd789acc786aa043c38a8f8a922926762d2dfc063baa5e6874d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8194289394266406912/index.html?e=69&leftOffset=0&topOffset=0&c=DdGXQhpPMZ&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 02:49:02 GMT
x-content-type-options: nosniff
age: 475
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13949
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 11:06:27 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 15 Aug 2022 03:04:02 GMT

GET
H3 200 nFxlsDypB7fADXJag6hgweS-nRuXDEO5nQJQNtw06Bw.js Show response
pagead2.googlesyndication.com/bg/ Frame 670D 36 KB
14 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/nFxlsDypB7fADXJag6hgweS-nRuXDEO5nQJQNtw06Bw.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9c5c65b03ca907b7c00d725a83a860c1e4be9d1b970c43b99d025036dc34e81c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 07:40:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 501375
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14139
x-xss-protection: 0
last-modified: Mon, 08 Aug 2022 16:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 09 Aug 2023 07:40:42 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 37ms
36ms XHR
application/json 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022080901&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d02f29f6eb5a71316531c9d83b34736618fdedff2e42e6a215979d8dbf5f4b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://novini.dir.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 15 Aug 2022 02:56:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10954
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://novini.dir.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 02:56:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 15 Aug 2022 02:56:57 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame CCF5 13 KB
5 KB 20ms
20ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://novini.dir.bg/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 28494
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 14 Aug 2022 19:02:03 GMT
expires: Mon, 14 Aug 2023 19:02:03 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame C2EF 783 B
536 B 30ms
29ms Document
text/html 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

5230771c874c29acd06fd7b7824e46fdf397e057a95008ea743d90c9dc534947

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-xK9N3c9ESOXSuGYtsDI2TQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://novini.dir.bg/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 514
content-security-policy: script-src 'report-sample' 'nonce-xK9N3c9ESOXSuGYtsDI2TQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 15 Aug 2022 02:56:57 GMT
expires: Mon, 15 Aug 2022 02:56:57 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 nFxlsDypB7fADXJag6hgweS-nRuXDEO5nQJQNtw06Bw.js Show response
pagead2.googlesyndication.com/bg/ Frame CCF5 36 KB
14 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/nFxlsDypB7fADXJag6hgweS-nRuXDEO5nQJQNtw06Bw.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9c5c65b03ca907b7c00d725a83a860c1e4be9d1b970c43b99d025036dc34e81c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 07:40:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 501375
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14139
x-xss-protection: 0
last-modified: Mon, 08 Aug 2022 16:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 09 Aug 2023 07:40:42 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame C2EF 0
0 54ms
54ms Image
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022080901&jk=3074280390157935&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame CCF5 0
10 B 20ms
20ms Image
text/plain 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?qHbrwA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 02:56:57 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame A123 42 B
64 B 61ms
60ms Fetch
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuzfVQ67jr-zMHUd-UxiMci_TlQ44U8SDok4uoJrwxJ1LIHGs41sTViaBGgWUozDa8i4y4whfq8boInwnhK1oZupg0eCHqL7c8ANSpAHyIzXEStO8ZkZK9iPSLd3pnOA5zIWW2N9_IBRKvm_g&sai=AMfl-YSWIspxh0BEl7FQOAwli4sBYHThWoLwdLdtGHeMrWKcTqD0BVGr5CIn19h6f_EIlN2KG4qtPthummfts8x4lWOP5wuUaE7Uj9qTpBlFBGU5a05hUdIq1MCyp6WctrY&sig=Cg0ArKJSzFZxRwK2naITEAE&cid=CAASJ-RoFHcoq0OCpWsRxB93S_jvVEZK1VVgLOX_xyAtgZWfrg5kIjEM6w&id=lidar2&mcvt=1000&p=617,1135,657,1176&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220810&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2299044918&rs=4&la=0&cr=0&vs=4&r=v&rst=1660532216631&rpt=794&isd=0&lsd=0&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bcf79b9b46cd1c6d6f0b39baa0216384.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Aug 2022 02:56:58 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 59ms
57ms Image
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022080901&jk=3074280390157935&bg=!BwSlBEDNAAa4hXTbmIU7ACkAdvg8WoO_4i4dfX6MnRjqX4jSVLhMrfiqhSN33f64k9j0xks0TN6I_QIAAABKUgAAAAtoAQcKABjcRSLxuED04Z6vRTQKQdgpr-SbR7GmCzWZAuZuxmlS0ZljUpdfu_Cb6SHREudL7i_Ef0-otgwToY14SvorNhqpUcAGkvFQ5JAC7ZV7u2_m6-UEfKc6SPn3oTHNfPqOu8uv3h7srMzfvojzZhde08H-o1gKdYSRQwjsbfc2NQvF8b8k6KBQeJtsXBdKmaYYBHcmeX6APNCCoVlzciNnknj_wVgfpcd04OMoaHwekMhAp73LcSPrR-LaSuJjzWYbwk3uZ5mE3ytJisi7CkiK_Yf58VXu2-hr9og8xnT2VzqNcZc-YrtmniDlg4E5K7zryIc0J2jryYtbS9sbtYRjRFFaKdsOKY4PoY8VoWvxUTzdFT2y2NFmNEIeC1zIVw6LSk59IORLXgYelYxW92-4nlex1K9tEcAOJTLjFRDJX-vqdauQz0_x4o7DMbLQELYmw5I5nNel6OYVeNu59iK8XUIJJ9pi-Tu7E3VJDZF-29VQfhKmxR7B38w8BBgBM0dCduEwJwNZpg8xwaQY3R3ShVOQCR6gNu8gRl8vNlbYPY1ABS4WolQooZLa6cXyg6YEUjP4X-pzKSWGtMeUdj3XG066MpklmJEFL4Xqt6GvnOlxy2OT2dp9i09iF1WiuP2m-0uaR_ZG9fgi3ZOcvX-HQNB45-P7zIP_4W7mJzoNW2zMOv9jp2AvGJ4l6pMpnKt8VjpRoQksicxuLSWXvgV3k4R3ZFgNjPvdo43kS3ahWoYN99ZvQ5GHH7M07iPGhY7vvEw1q6ZVVdDOm889hJ_6BkfNmELp4aX1PtmIsTeeuCBAbkJw3Fj3T94Cp3XpG_Jdrv5GfP_zSQvn9B7RquNXKh1gI7Ta0SxSGEisRDQ0Rpa_0Fc96DGJAauJK-pEuRd3TgzbjB2FGWfdcquk4rXqQwKzVz5qoZwfuJbz-DJh4-WKS8TL818iTxjG-6ej3_OBt4QRoil8usUnbbLMwz9bcEePCJiodUh7zllx1zkCiQmVz8NaZZWmm7XHbHGB9OtLt_Ub
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://novini.dir.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

GET
H2 200 dt
dt.adsafeprotected.com/ Frame A123 43 B
215 B 175ms
174ms Image
image/gif 2600:1f13:800:7782:22a8:1ef8:27f2:ceae
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1103447&asId=92739fff-5b92-636e-a1b7-c32ead3ca8aa&tv=%7Bc:lkbl21,pingTime:1,time:1674,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:600,t:18%7D,%7Bpiv:97,vs:i,r:,t:575%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:1099,o:575,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:18,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:i,cc:NaN.NaN.300.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B569~0%5D,as:%5B569~300.600%5D%7D%7D,%7Bsl:i,t:575,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:i,cc:NaN.NaN.300.600,piv:97,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1100~75%5D,as:%5B1100~300.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:249,fm:texNXn9+11%7C12%7C131%7C141%7C142%7C143%7C15*.1103447-64557513%7C151%7C152,idMap:15*,rmeas:1,rend:1,renddet:DIV.qs.sn%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:22a8:1ef8:27f2:ceae Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bcf79b9b46cd1c6d6f0b39baa0216384.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Aug 2022 02:56:58 GMT
x-server-name: dt03.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

Verdicts & Comments Add Verdict or Comment

524 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

21 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.dir.bg/	1970-01-20 14:01:08	Name: nsadsid Value: 69306450-4003-67b4-0d0f-0c471e8ee601
.dir.bg/	1970-01-20 14:51:32	Name: __utma Value: 95319433.1791128803.1660532216.1660532216.1660532216.1
.dir.bg/	1970-01-20 05:15:34	Name: __utmb Value: 95319433
.dir.bg/	1969-12-31 23:59:59	Name: __utmc Value: 95319433
.dir.bg/	1970-01-20 09:38:20	Name: __utmz Value: 95319433.1660532216.1.1.utmccn=(direct)\|utmcsr=(direct)\|utmcmd=(none)
r5.dir.bg/	1969-12-31 23:59:59	Name: GDirId Value: db8b326a67eaaef47b971c7d1906a637
.dir.bg/	1970-01-20 05:15:34	Name: s_gcc Value: 1
.dir.bg/	1970-01-20 14:01:08	Name: GDirId Value: db8b326a67eaaef47b971c7d1906a637
.dir.bg/	1970-01-20 14:01:08	Name: db8b326a67eaaef47b971c7d1906a637 Value: ip3vnfmFu0yUtmLvhOBgTQ%3D%3D
.dir.bg/	1970-01-20 14:51:32	Name: YDUIDP Value: 62f9b4f0000284fd
.dir.bg/	1970-01-20 14:44:20	Name: __gfp_64b Value: tt96ofD_YBZnU849yZCIkZMIhZib7h6j0ywXrOuj.d7.J7\|1660532216
.doubleclick.net/	1970-01-20 14:37:08	Name: IDE Value: AHWqTUnVqSKjQed590y027OKEPJIJDzHLQ4jv5oq0cwzkbTrX6WpCBox2a0CnGc0wDk
.hit.gemius.pl/	1970-01-20 05:25:37	Name: Gtest Value: KlGTPRXGQMGGeA3GlXnWeT2issGMXP8c25nSGDTX3EnIXBG.
.casalemedia.com/	1970-01-20 14:01:08	Name: CMID Value: Yvm1.DJqyQgxAGD256kFFgAA
.casalemedia.com/	1970-01-20 07:25:08	Name: CMPS Value: 1203
.casalemedia.com/	1970-01-20 07:25:08	Name: CMPRO Value: 1203
.hit.gemius.pl/	1970-01-20 14:44:20	Name: Gdyn Value: KlxW6RXGQMGGeA3GlXnWeT2issGMXP8c25nSGDTX3EnIFRxSG7RrGS6Gk9aBFlMQYH8W8jBGqSRxSG8.
.adnxs.com/	1970-01-20 07:25:08	Name: anj Value: dTM7k!M41.D>6NRF']wIg2In2vYyS*!]tbPl1M>e)ZlrFUfJ+tGXxoebZlLZE^eg9AgOpUQrO4JVtfV(^NC7Rhdj%C3If)y3KL9D3I?+anB4pc
.adnxs.com/	1970-01-20 07:25:08	Name: uuid2 Value: 3135081869412560572
.dir.bg/	1970-01-20 14:37:08	Name: __gads Value: ID=3ee98a0b26d0990f-2242d03df2cd005e:T=1660532215:S=ALNI_MZ_otrMpVADrEmlV-zOrKWX7ev-5g
.casalemedia.com/	1970-01-20 07:25:08	Name: CMTS Value: 1144

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://www.googletagservices.com/tag/js/gpt.js(Line 9) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080901.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://www.googletagservices.com/tag/js/gpt.js(Line 9) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080901.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network	error	URL: http://r.dir.bg/js.php?Code=00_novini_all&d=0 Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://r.dir.bg/js.php?Code=1_novini_header&d=0 Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
bcf79b9b46cd1c6d6f0b39baa0216384.safeframe.googlesyndication.com
bid.g.doubleclick.net
cdn-gl.imrworldwide.com
cdnjs.cloudflare.com
cm.g.doubleclick.net
code.jquery.com
dsum-sec.casalemedia.com
dt.adsafeprotected.com
fw.adsafeprotected.com
gabg.hit.gemius.pl
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
i.dir.bg
ib.adnxs.com
ls.hit.gemius.pl
novini.dir.bg
pagead2.googlesyndication.com
partner.googleadservices.com
r.dir.bg
r5.dir.bg
s0.2mdn.net
secure-it.imrworldwide.com
securepubads.g.doubleclick.net
static.adsafeprotected.com
static.dir.bg
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagservices.com
104.18.18.126
142.250.184.194
142.250.185.162
142.250.185.66
145.239.237.56
185.89.210.46
194.145.63.10
194.145.63.18
194.145.63.27
2001:4de0:ac18::1:a:2a
2600:1f13:800:7782:22a8:1ef8:27f2:ceae
2600:9000:21f3:ac00:2:42d9:3100:93a1
2600:9000:21f3:f200:8:48e:53c0:93a1
2606:4700:20::681a:fd6
2606:4700::6811:190e
2a00:1450:4001:802::2001
2a00:1450:4001:806::2004
2a00:1450:4001:808::2002
2a00:1450:4001:80f::2002
2a00:1450:4001:813::2001
2a00:1450:4001:827::2002
2a00:1450:4001:828::2002
2a00:1450:4001:82b::2002
2a00:1450:4001:830::200e
2a00:1450:4001:831::2006
34.246.41.28
52.31.22.244
74.125.133.156
78.128.6.42
002a803dcfb8277a457c082b711c5b421228c403cc814eaf91263619dc254ef5
030ee6e8fad35b2d5e8fe8c85f0105966fbb9b78d3b3cdcaf0527f1228acd47c
06523ca77a82f4f39bee10b324c3e472e32f296cda5146dd04d222dde9e05a7b
0748c94ab78e40f01e595af5f2f2d7d4aa1a988cad1a17578565cb07e307c054
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
117ed873640b992e38f34a0a761dd3e1cda6b3c24c9507bb3adc0323039f8ff1
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
16de06fe6fa400a8301610279e26648ca4dcbf8637be36a1440aa18c435c3492
17ce5c80d4ad847acca2bd620035e685787f9018c910c9d13751cefdff7f2fb9
1dbb113405cd6745c0a638621883ac3952d4a049bf0a45dc0dea6a0baf1d925c
233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285
2675ab1d1852f1aa30e272d7c2b1b9616e1f4771a94860e0d92bc7fca6c3c48a
27a4a77cde11ec2b7bdfb1211c9745a6c5b207049e0c92ef1a8b1d3c76c1145d
29133962ccf97017876e2a59a345433a326ea9debced53451c44e39707f36800
29fb62d85a43d29553164f541e7fee71ff77a0060e7675031b24f2f44244661f
2c1da68f52aa196ea14a82cd7529c76f11f766e65f773096921d7ccc1713846b
2e6f7773b0e597e1e6bb442fac602b5e87fc0b4b9a9feffbabc44c3fd5b8578c
30f61d8d3d5c77ea172cf6f6ff996f2f46519e8a44b9c37e6a53609b84e58e78
341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f
3599acd69a74bf92c8d05f4ddf3d0af3d7da2b1967c2ce76b7da00e281626b1f
365bd29e061e224f7635cd974c0e6d3a7744a1c9b00af80288692023c03a1da4
366c03ac27a2b82e779934027b4332266f53fbcf40a7fd76110f0accc92d3706
41f55b6be1f68a0a6bd62bdeeeefc28e637f8fd63052c0d7ff393391c1f6b415
467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30
49dd4046728bbc2bf3b18f8ec2b828507163ff7e081a985ab9c97cba3f2f4609
4aa2889a33babf6c560df179f876ddf5bbf5346d1893d9f3fb9c99055e540d07
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
5230771c874c29acd06fd7b7824e46fdf397e057a95008ea743d90c9dc534947
557811357338530599a2c8e521f644b0d1a0e0fcb0c15d0875a7ffae38b151de
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621
5b93375608ccdd64e2d47f13e20fe34c7eb801b4658b111d0fa173112340a2e1
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
633166d96fb90e6b7e1f2efb9a27d0492283c0602fedfd4d6717b47d95277df6
6358c05506dcb56aac552b0fe6b46032c308e108e22b832e5df1f4f3487c40d3
65b488811bd504ecd9037c0aee94c56a7bcd0870c2ae8818f6cf60cb3ba51621
691c0303ef332f3364c652f729020548be151578a25c19806c3a344fc1192c8d
69b5eb286693fcdfad0a46612becf750a459cae3e4159dcb9ea4b3ed5cd14c3c
6e5f1317cc82513c64ed99253fb671fcc6d6b8c5078776a38d7f89da22e75d2d
6e69ec8f9a7c99835a937757ad1e9b4c7d08ef7ed97320c6c5787d35b128d0c4
6f379fc7adfec6484c51253705520caf60d459b2ddc490cfb32f1a81d60f65b1
70ad94a73939674785bd1aeb3ea89a3cf1d71c8ac1beca3e8dffc2c379073629
7178afdbb71acc320499337edadc680181aa9d69f4e0f9688bc9b7f39ab74d83
75bf5c0112a41f871dc47c5e98deef6dc7db8e94178bf0c853f3a09415f6d338
764a1bf9b1c821de452d57dc4a1db00315b9a11e3c358c3124700901610a38fd
7f68affba3f1c780f877960c7ee3e441309078b41043d35501e2eda8f7fde683
81925d72cdde09884261581f54eb6b41501a64d6740846390f8d79a1ec32f1b3
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
86edd662c7d34ed546d32bdf03b5b0bf17841d112d1f9934230b5944b60e827c
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8cca4552506edd533a271290c898e0d17c765c9b102f566bfb9dbb5aec2bccf8
8d02f29f6eb5a71316531c9d83b34736618fdedff2e42e6a215979d8dbf5f4b5
8e76388dceb4677e885d6ad8e1230e8eeeebd306ee673dd11aaf6038bf857697
93ae7d494fad0fb30cbf3ae746a39c4bc7a0f8bbf87fbb587a3f3c01f3c5ce20
946226d61cf1a4bede27df1560a5db69f5a71c8d4fe238cbe4c6b771cc022f07
956cde7966e9c20d669af9e9e052058da4a9afbbfa30392750cea1f04f8628b8
966b455649872dd789acc786aa043c38a8f8a922926762d2dfc063baa5e6874d
96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9
97f46c0126b578b854e290755b08776efa874ef02c0bbbdd93b994340de98015
991018d7dc531712bf0a3f814e49b878f7dfd7401705ae41242e8e51a63a141a
9c5c65b03ca907b7c00d725a83a860c1e4be9d1b970c43b99d025036dc34e81c
9c649782210be9ba4a220f1a4d38de62aded96f5f27b34023b310c5c0c4d2625
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a1ec586c9c199818e9d6485f143f9066769853a4eea52cc2575c396c21b010ce
a3c5ff7e114ffe32212ee07123f9dc6aa19c09072e44fe64649c9cc747040cab
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
aae77a16a879acaf366741362f161805f84159ad9816c071507655b4945d3c39
abc3c762bfa56b05bd3ceec35becfa91ee5c06f97829df8eb5166d58a2a5efba
ad45cb175e638f1adea4ad5b9a6ea0f148eb42e3d3841d9136304c98ab8c5b8f
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
bb4e9bbba05309d23158ab07c432a305eac3d4342b96c7ecffda09b3df7f7476
bfc0cb7e95a5d1ab3b6370474546916b96392167fbe192a25aaad121e4c19912
c0d0b5ecf5aa2cd5475929aefcb44d67c5d5cc8cbcdb3991e45f0944f0344619
c490d148077ee3acf386e1066a13c90083cf4f1277f11f69b37c2a37622fe068
c6107c1c1f1588cac73cb68d83222515b12c5dbf7f988fd0c39b4ff16414d3bc
c69c1c3e4e923e6c3b431e918a42d1c2b1cfe238eb817f8655e81dc5f5b795c6
c9499ea51a2956fd2c1600591ae117fe9ad81065d625b1b2c593c7720e5b228f
ca200290da168626c17e1a5b04998d202eeb8ce8d68d140a06c211053bd5ac17
cba8b10409c5c4fa6052e0395c960a61fb0017dc08fb3e7973d5fb48ef4c7daa
ccc05b4870a5d79b00dbdb39a16109630e20f46829896da80502f9b546794260
d4a6a058823e1941fb9dadac766ca12b03b0dbd6db856adfeb19bab11bfb53cd
d557c9fec1d5e4c7903330663576213c96b46257dc6582d446b3a2be998e538e
d585510ebf6dccd5790b2083b5e4425473fa2277aef2dc2be1fcba2d04f47e33
d81f42c68afe5817619165de86e7fdd6ba8a67716798c2112fffa30162f08fda
da690d656d1b54b6ebf56c0429761a8c7bc930289caa2ddf1f63581fb741ac42
dc81ed9ef6da3491cfc27234ca59269a48f99de3fe3c8dab373994baf8334ce7
e2b4446b088b671a0551c227061dc3556c5919661d0b217a1f90c0ac5ec03fdf
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
e5625d5bcd517d85dd87fa8cae8d149220802b7c1697bf5f8a9bb551de92cde7
e5769443389872ca3d8d108e0829b1029d3eb2b7bd76c2bd7a45630ae3671e75
e618a577f0277d37fa43eaa36bcde1a98e6698356705294205887f6ace5134d7
e8836718d624d00a0569066b8973ed299b992a74fd366170dfdd45e65c9d0528
ea9eb08c5a34699d928c935c01324f6fd761b40aa8388e9b7901fc0bdda7d51b
eb85b6fd385a433bd95d7c6f41221d4b4cfa834d38598a0a851fcd8dc8d6a504
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f16e31d0089e0403b95c078217872abd11e9f930e7a7759aec7a5387fee7a418
f613a3577db46010feef2f5dcbb31aef733e8c267408ef296fb4bf22548e1fea

novini.dir.bg Open in urlscan Pro 194.145.63.10 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

149 Requests

72 %HTTPS

55 %IPv6

16 Domains

31 Subdomains

30 IPs

7 Countries

2263 kBTransfer

4526 kBSize

21 Cookies

53 Outgoing links

Redirected requests

149 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

novini.dir.bg Open in urlscan Pro
194.145.63.10 Public Scan

Screenshot
Live screenshot

Full Image

149
Requests

72 %
HTTPS

55 %
IPv6

16
Domains

31
Subdomains

30
IPs

7
Countries

2263 kB
Transfer

4526 kB
Size

21
Cookies

149 HTTP transactions
2 data transactions