www.abv.bg Open in urlscan Pro
194.153.145.104 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://abv.bg/
Effective URL:
https://www.abv.bg/
Submission: On February 02 via manual (February 2nd 2024, 11:29:29 pm UTC) from BG — Scanned from DE

Summary HTTP 154 Redirects Links 72 Behaviour Indicators

Summary

This website contacted 42 IPs in 10 countries across 35 domains to perform 154 HTTP transactions. The main IP is 194.153.145.104, located in Bulgaria and belongs to NETINFO 12 Emil Bersinski Str, BG. The main domain is www.abv.bg. The Cisco Umbrella rank of the primary domain is 350615.
TLS certificate: Issued by RapidSSL Global TLS RSA4096 SHA256 20... on February 27th 2023. Valid for: a year.

This is the only time www.abv.bg was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 42	194.153.145.104 194.153.145.104	13147 (NETINFO 1...) (NETINFO 12 Emil Bersinski Str)
11	84.238.194.241 84.238.194.241	205132 (BTC-SEC-AS) (BTC-SEC-AS)
2	84.238.193.153 84.238.193.153	205132 (BTC-SEC-AS) (BTC-SEC-AS)
1 4	78.128.6.44 78.128.6.44	31083 (TELEPOINT) (TELEPOINT)
1	146.59.30.100 146.59.30.100	16276 (OVH) (OVH)
8	2606:4700:20:... 2606:4700:20::681a:f0a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
4	108.138.6.136 108.138.6.136	16509 (AMAZON-02) (AMAZON-02)
4	2606:4700::68... 2606:4700::6810:5514	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:81c::2001	15169 (GOOGLE) (GOOGLE)
13	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:830::2008	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:800::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:812::2004	15169 (GOOGLE) (GOOGLE)
3	2600:9000:225... 2600:9000:2251:d000:5:b7cc:d3c0:93a1	16509 (AMAZON-02) (AMAZON-02)
3 9	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
3 5	172.64.151.101 172.64.151.101	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3 4	185.89.210.212 185.89.210.212	29990 (ASN-APPNEX) (ASN-APPNEX)
2	194.153.145.88 194.153.145.88	13147 (NETINFO 1...) (NETINFO 12 Emil Bersinski Str)
4	46.19.11.36 46.19.11.36	51790 (SIEL) (SIEL)
1	142.250.185.102 142.250.185.102	15169 (GOOGLE) (GOOGLE)
4	88.99.219.174 88.99.219.174	24940 (HETZNER-AS) (HETZNER-AS)
1 4	138.201.63.150 138.201.63.150	24940 (HETZNER-AS) (HETZNER-AS)
1	84.238.193.148 84.238.193.148	205132 (BTC-SEC-AS) (BTC-SEC-AS)
2	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
1	2a0b:4d07:102::1 2a0b:4d07:102::1	44239 (PROINITY ...) (PROINITY PROINITY)
2	91.121.248.44 91.121.248.44	16276 (OVH) (OVH)
1 2	2a01:4f8:d0a:... 2a01:4f8:d0a:2321::2	24940 (HETZNER-AS) (HETZNER-AS)
1	49.12.22.42 49.12.22.42	24940 (HETZNER-AS) (HETZNER-AS)
1	18.171.29.178 18.171.29.178	16509 (AMAZON-02) (AMAZON-02)
1 1	151.101.194.49 151.101.194.49	54113 (FASTLY) (FASTLY)
1 1	34.91.62.186 34.91.62.186	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
1 1	85.114.159.93 85.114.159.93	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
1	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2 2	13.248.245.213 13.248.245.213	16509 (AMAZON-02) (AMAZON-02)
1	159.203.145.121 159.203.145.121	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
2 2	37.157.2.230 37.157.2.230	198622 (ADFORM) (ADFORM)
1	46.19.9.32 46.19.9.32	51790 (SIEL) (SIEL)
1	18.239.255.3 18.239.255.3	16509 (AMAZON-02) (AMAZON-02)
1	99.86.4.36 99.86.4.36	16509 (AMAZON-02) (AMAZON-02)
2	52.56.219.216 52.56.219.216	16509 (AMAZON-02) (AMAZON-02)
154	42

42 194.153.145.104 (Bulgaria) 1 redirects

ASN13147 (NETINFO 12 Emil Bersinski Str, BG)
PTR: abv.bg

abv.bg	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.abv.bg	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
img.abv.bg	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
rimg.abv.bg	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 84.238.194.241 (Bulgaria)

ASN205132 (BTC-SEC-AS, BG)
PTR: bimg.abv.bg

bimg.abv.bg	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
a.abv.bg	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 84.238.193.153 (Bulgaria)

ASN205132 (BTC-SEC-AS, BG)
PTR: m.netinfo.bg

m.netinfo.bg	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 78.128.6.44 (Bulgaria) 1 redirects

ASN31083 (TELEPOINT, BG)
PTR: ip-6-44.telehouse.bg

gabg.hit.gemius.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.59.30.100 (Poland)

ASN16276 (OVH, FR)
PTR: ip100.ip-146-59-30.eu

ls.hit.gemius.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2606:4700:20::681a:f0a (United States)

ASN13335 (CLOUDFLARENET, US)

lib.wtg-ads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 108.138.6.136 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-6-136.fra56.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6810:5514 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81c::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

d53e39e13c61f683f3b844fec1036e9d.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:800::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:2251:d000:5:b7cc:d3c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

sdk.privacy-center.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 142.250.186.66 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 172.64.151.101 (United States) 3 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.89.210.212 (Frankfurt am Main, Germany) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 194.153.145.88 (Bulgaria)

ASN13147 (NETINFO 12 Emil Bersinski Str, BG)
PTR: dmp.adwise.bg

dmp.adwise.bg	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 46.19.11.36 (Slovenia)

ASN51790 (SIEL, SI)
PTR: ilog.vsn.si

analytics.contentexchange.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
match.contentexchange.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.102 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 88.99.219.174 (Lutzingen, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.174.219.99.88.clients.your-server.de

hal9000.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 138.201.63.150 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.150.63.201.138.clients.your-server.de

hal90008.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 84.238.193.148 (Bulgaria)

ASN205132 (BTC-SEC-AS, BG)
PTR: blog.netinfocompany.bg

blog.netinfocompany.bg	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a0b:4d07:102::1 (Switzerland)

ASN44239 (PROINITY PROINITY, CH)

adv.office-partner.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 91.121.248.44 (Paris, France)

ASN16276 (OVH, FR)
PTR: ip44.ip-91-121-248.eu

pv.medialead.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a01:4f8:d0a:2321::2 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)

cdn.retailads.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 49.12.22.42 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: lb-3.futalis.de

futalis.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.171.29.178 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-171-29-178.eu-west-2.compute.amazonaws.com

track.webgains.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.194.49 (United States) 1 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.91.62.186 (Groningen, Netherlands) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 186.62.91.34.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 15.197.193.217 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.114.159.93 (Germany) 1 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.248.245.213 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 159.203.145.121 (Clifton, United States)

ASN14061 (DIGITALOCEAN-ASN, US)

cs.chocolateplatform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.2.230 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

dmp.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.19.9.32 (Slovenia)

ASN51790 (SIEL, SI)
PTR: trfx.serv.si

collector_sr.contentexchange.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.239.255.3 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-239-255-3.bud50.r.cloudfront.net

analytics.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.4.36 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-36.fra6.r.cloudfront.net

cdn.track.production.webgains.team	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.56.219.216 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-56-219-216.eu-west-2.compute.amazonaws.com

api.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
53	abv.bg 1 redirects abv.bg — Cisco Umbrella Rank: 99392 www.abv.bg — Cisco Umbrella Rank: 350615 bimg.abv.bg — Cisco Umbrella Rank: 179088 img.abv.bg — Cisco Umbrella Rank: 326278 rimg.abv.bg — Cisco Umbrella Rank: 296118 a.abv.bg — Cisco Umbrella Rank: 230466	920 KB
22	googlesyndication.com d53e39e13c61f683f3b844fec1036e9d.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 110 tpc.googlesyndication.com — Cisco Umbrella Rank: 157	192 KB
18	doubleclick.net 3 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 209 pubads.g.doubleclick.net — Cisco Umbrella Rank: 415 googleads.g.doubleclick.net — Cisco Umbrella Rank: 38 cm.g.doubleclick.net — Cisco Umbrella Rank: 260 ad.doubleclick.net — Cisco Umbrella Rank: 163	168 KB
8	redintelligence.net 1 redirects hal9000.redintelligence.net — Cisco Umbrella Rank: 38309 hal90008.redintelligence.net — Cisco Umbrella Rank: 190734	38 KB
8	wtg-ads.com lib.wtg-ads.com — Cisco Umbrella Rank: 48221	143 KB
5	contentexchange.me analytics.contentexchange.me — Cisco Umbrella Rank: 102921 match.contentexchange.me — Cisco Umbrella Rank: 28504 collector_sr.contentexchange.me	18 KB
5	casalemedia.com 3 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 622	3 KB
5	gemius.pl 1 redirects gabg.hit.gemius.pl — Cisco Umbrella Rank: 115599 ls.hit.gemius.pl — Cisco Umbrella Rank: 16016	24 KB
4	adnxs.com 3 redirects ib.adnxs.com — Cisco Umbrella Rank: 253	4 KB
4	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 324	5 KB
4	amazon-adsystem.com c.amazon-adsystem.com — Cisco Umbrella Rank: 314	12 KB
3	webgains.io analytics.webgains.io — Cisco Umbrella Rank: 28599 api.webgains.io — Cisco Umbrella Rank: 69568	19 KB
3	privacy-center.org sdk.privacy-center.org — Cisco Umbrella Rank: 4441	174 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 37	248 KB
2	adform.net 2 redirects dmp.adform.net — Cisco Umbrella Rank: 3041	1 KB
2	3lift.com 2 redirects eb2.3lift.com — Cisco Umbrella Rank: 412	958 B
2	retailads.net 1 redirects cdn.retailads.net — Cisco Umbrella Rank: 193090	6 KB
2	medialead.de pv.medialead.de — Cisco Umbrella Rank: 41332	687 B
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	21 KB
2	adwise.bg dmp.adwise.bg — Cisco Umbrella Rank: 254515	451 B
2	google.com www.google.com — Cisco Umbrella Rank: 2	1 KB
2	netinfo.bg m.netinfo.bg — Cisco Umbrella Rank: 235253	7 KB
1	webgains.team cdn.track.production.webgains.team — Cisco Umbrella Rank: 69384	3 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 28	843 B
1	chocolateplatform.com cs.chocolateplatform.com — Cisco Umbrella Rank: 4928	134 B
1	pubmatic.com image6.pubmatic.com — Cisco Umbrella Rank: 805	166 B
1	adition.com 1 redirects dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1552	584 B
1	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 357	149 B
1	simpli.fi 1 redirects um.simpli.fi — Cisco Umbrella Rank: 856	715 B
1	everesttech.net 1 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 716	542 B
1	webgains.com track.webgains.com — Cisco Umbrella Rank: 55633	2 KB
1	futalis.de futalis.de — Cisco Umbrella Rank: 336285	401 B
1	office-partner.de adv.office-partner.de — Cisco Umbrella Rank: 148117	923 B
1	netinfocompany.bg blog.netinfocompany.bg — Cisco Umbrella Rank: 912681	195 KB
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 230	29 KB
154	35

	Domain	Requested by
20	img.abv.bg	www.abv.bg rimg.abv.bg
16	www.abv.bg	www.abv.bg rimg.abv.bg
13	pagead2.googlesyndication.com	securepubads.g.doubleclick.net www.abv.bg pagead2.googlesyndication.com tpc.googlesyndication.com d53e39e13c61f683f3b844fec1036e9d.safeframe.googlesyndication.com
9	cm.g.doubleclick.net	3 redirects googleads.g.doubleclick.net d53e39e13c61f683f3b844fec1036e9d.safeframe.googlesyndication.com
8	lib.wtg-ads.com	rimg.abv.bg lib.wtg-ads.com
7	tpc.googlesyndication.com	www.abv.bg securepubads.g.doubleclick.net tpc.googlesyndication.com googleads.g.doubleclick.net
6	bimg.abv.bg	www.abv.bg
5	dsum-sec.casalemedia.com	3 redirects googleads.g.doubleclick.net
5	a.abv.bg	www.abv.bg
5	rimg.abv.bg	bimg.abv.bg
4	hal90008.redintelligence.net	1 redirects d53e39e13c61f683f3b844fec1036e9d.safeframe.googlesyndication.com hal90008.redintelligence.net
4	hal9000.redintelligence.net	d53e39e13c61f683f3b844fec1036e9d.safeframe.googlesyndication.com hal90008.redintelligence.net
4	ib.adnxs.com	3 redirects googleads.g.doubleclick.net
4	pubads.g.doubleclick.net	www.abv.bg
4	cdn.jsdelivr.net	lib.wtg-ads.com
4	c.amazon-adsystem.com	img.abv.bg
4	gabg.hit.gemius.pl	1 redirects img.abv.bg gabg.hit.gemius.pl
3	sdk.privacy-center.org	www.abv.bg sdk.privacy-center.org
3	www.googletagmanager.com	img.abv.bg adv.office-partner.de www.googletagmanager.com
2	api.webgains.io	analytics.webgains.io
2	match.contentexchange.me
2	dmp.adform.net	2 redirects
2	eb2.3lift.com	2 redirects
2	cdn.retailads.net	1 redirects futalis.de
2	pv.medialead.de	hal90008.redintelligence.net d53e39e13c61f683f3b844fec1036e9d.safeframe.googlesyndication.com
2	www.google-analytics.com	www.googletagmanager.com
2	analytics.contentexchange.me	www.googletagmanager.com analytics.contentexchange.me
2	dmp.adwise.bg	www.abv.bg
2	www.google.com	www.abv.bg tpc.googlesyndication.com
2	googleads.g.doubleclick.net	www.abv.bg pagead2.googlesyndication.com
2	d53e39e13c61f683f3b844fec1036e9d.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net
2	m.netinfo.bg	www.abv.bg
1	cdn.track.production.webgains.team	d53e39e13c61f683f3b844fec1036e9d.safeframe.googlesyndication.com
1	analytics.webgains.io	track.webgains.com
1	collector_sr.contentexchange.me
1	fonts.googleapis.com	hal90008.redintelligence.net
1	cs.chocolateplatform.com	d53e39e13c61f683f3b844fec1036e9d.safeframe.googlesyndication.com
1	image6.pubmatic.com	d53e39e13c61f683f3b844fec1036e9d.safeframe.googlesyndication.com
1	dsp.adfarm1.adition.com	1 redirects
1	match.adsrvr.org	d53e39e13c61f683f3b844fec1036e9d.safeframe.googlesyndication.com
1	um.simpli.fi	1 redirects
1	sync-tm.everesttech.net	1 redirects
1	track.webgains.com	www.abv.bg
1	futalis.de	hal90008.redintelligence.net
1	adv.office-partner.de	hal90008.redintelligence.net
1	blog.netinfocompany.bg	www.abv.bg
1	ad.doubleclick.net	d53e39e13c61f683f3b844fec1036e9d.safeframe.googlesyndication.com
1	www.googletagservices.com	rimg.abv.bg
1	ls.hit.gemius.pl	gabg.hit.gemius.pl
1	abv.bg	1 redirects
154	51

This site contains links to these domains. Also see Links.

Domain
chrome.google.com
abv.bg
dox.abv.bg
apps.abv.bg
passport.abv.bg
mobile.abv.bg
blog.abv.bg
nova.bg
vesti.bg
www.vesti.bg
gong.bg
vbox7.com
telegraph.bg
www.sinoptik.bg
www.edna.bg
www.pariteni.bg
gbg.bg
carmarket.bg
grabo.bg
opoznai.bg
vgames.bg
vmusic.bg
vcards.bg
pariteni.bg
sinoptik.bg
edna.bg
ohnamama.bg
dogsandcats.bg
www.netinfocompany.bg
www.adwise.bg
help.abv.bg
united.group

Subject Issuer	Validity	Valid
*.abv.bg RapidSSL Global TLS RSA4096 SHA256 2022 CA1	`2023-02-27` - `2024-03-13`	a year	crt.sh
*.netinfo.bg RapidSSL TLS RSA CA G1	`2023-10-16` - `2024-10-28`	a year	crt.sh
*.hit.gemius.pl Sectigo ECC Domain Validation Secure Server CA	`2023-09-14` - `2024-09-25`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-04-29` - `2024-04-28`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
c.amazon-adsystem.com Amazon RSA 2048 M01	`2023-12-30` - `2024-12-04`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
www.google.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
*.privacy-center.org Amazon RSA 2048 M02	`2023-03-25` - `2024-04-22`	a year	crt.sh
*.adwise.bg RapidSSL Global TLS RSA4096 SHA256 2022 CA1	`2023-02-02` - `2024-02-11`	a year	crt.sh
*.contentexchange.me Sectigo RSA Domain Validation Secure Server CA	`2023-05-29` - `2024-06-04`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
redintelligence.net R3	`2023-12-13` - `2024-03-12`	3 months	crt.sh
blog.netinfocompany.bg R3	`2024-01-08` - `2024-04-07`	3 months	crt.sh
adv.office-partner.de R3	`2023-12-27` - `2024-03-26`	3 months	crt.sh
pv.medialead.de R3	`2023-12-04` - `2024-03-03`	3 months	crt.sh
*.futalis.de R3	`2023-12-12` - `2024-03-11`	3 months	crt.sh
*.webgains.com Amazon RSA 2048 M01	`2023-05-15` - `2024-06-13`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2023-04-20` - `2024-05-20`	a year	crt.sh
*.chocolateplatform.com ZeroSSL RSA Domain Secure Site CA	`2023-04-03` - `2024-04-02`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
cdn.retailads.net Encryption Everywhere DV TLS CA - G2	`2023-05-18` - `2024-05-17`	a year	crt.sh
*.webgains.io Amazon RSA 2048 M01	`2023-07-24` - `2024-08-22`	a year	crt.sh
cdn.track.production.webgains.team Amazon RSA 2048 M03	`2023-08-30` - `2024-09-27`	a year	crt.sh

This page contains 28 frames:

Primary Page: https://www.abv.bg/
Frame ID: F7FB1029B82EEF0EB115B917FB28F7C0
Requests: 24 HTTP requests in this frame

Frame: https://img.abv.bg/e/s/counters.html?v=1.0
Frame ID: 28665D3B2F30BDF869963994A495A869
Requests: 4 HTTP requests in this frame

Frame: https://bimg.abv.bg/a/r.html?p=10&dom=www.abv.bg&cb=1706916563854
Frame ID: 5351A1BB21921C9BD5F3E99736FE4987
Requests: 2 HTTP requests in this frame

Frame: https://bimg.abv.bg/a/r.html?p=12
Frame ID: AFB04FE890F70E55CF2603AB30C9DB44
Requests: 2 HTTP requests in this frame

Frame: https://bimg.abv.bg/a/r.html?p=122
Frame ID: 4C6FFCE88C9572061DAD0B2A85191AAA
Requests: 2 HTTP requests in this frame

Frame: https://bimg.abv.bg/a/r.html?p=11
Frame ID: B584D2F70B7EE3BFC1DFB40C2EBDDD40
Requests: 2 HTTP requests in this frame

Frame: https://bimg.abv.bg/a/r.html?p=112
Frame ID: 596238B169302E47DD45F2CF8BE2C6F5
Requests: 2 HTTP requests in this frame

Frame: https://rimg.abv.bg/gm/z/abv-r.html?pos=index&act=home&time=1706916564140
Frame ID: 7F03CBCA7FAB2996E32FE96F8ECC8D2C
Requests: 9 HTTP requests in this frame

Frame: https://rimg.abv.bg/gm/z/home_rich.html?pos=rich&act=home&time=1706916564166
Frame ID: 58C0358A9C81686514F3D15F257ADECD
Requests: 8 HTTP requests in this frame

Frame: https://rimg.abv.bg/gm/z/abv-r.html?pos=native&act=home&time=1706916564188
Frame ID: 3DF45C8AEA5FF43B8D88343A91384F64
Requests: 9 HTTP requests in this frame

Frame: https://ls.hit.gemius.pl/lsget.html
Frame ID: 68E3F31BA5EB09DA5B788A66CD2D54AC
Requests: 1 HTTP requests in this frame

Frame: https://rimg.abv.bg/gm/z/abv-r.html?pos=gong&act=home&time=1706916564196
Frame ID: 36B964805AE37D2A69DB7543F0439D6A
Requests: 9 HTTP requests in this frame

Frame: https://rimg.abv.bg/gm/z/abv-r.html?pos=hidden&act=home&time=1706916564199
Frame ID: 4041598A1B071E5906599835A4A71E0F
Requests: 9 HTTP requests in this frame

Frame: https://d53e39e13c61f683f3b844fec1036e9d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Frame ID: 58084421B5B94B080EB517440F87B54F
Requests: 1 HTTP requests in this frame

Frame: https://www.abv.bg/abv_gdpr.html?t=1706916563764
Frame ID: B1BD4281AFA989C3432E326C9E4D765E
Requests: 7 HTTP requests in this frame

Frame: https://img.abv.bg/e/s/gtm.html?t=1706916564941
Frame ID: 893D013283A791B9E10B9E31D1765672
Requests: 9 HTTP requests in this frame

Frame: https://d53e39e13c61f683f3b844fec1036e9d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Frame ID: 1523302718F69EBE5044737AB25A7D2A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj-rbvGATAB&v=APEucNXpR4bzN8ajPeYYLRybRumoBMD5nUOjJqLZeH6TykTVSBGDMdXEYlJkB73F2a7K_R0s-9lHUopKrA6ixgzr3KZ8VAMCt1OvMfqfZbnjO6PdA8CvG4vBoSGZuBhOnExXfAJUUSRgfv94BmFCB9c_Czx7Prt4_k7puFb3FaaI0fOo0dGU33ugFHuG7wFfD0mJrfDbLy4K
Frame ID: 2ABF075CFF2E03E6EFE77E7F6085E520
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: 7C7A9D0B161B589ADB61EF66830F1250
Requests: 19 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 3955AF0D18B3F0BFFD697C0B2388E62B
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 3AEEBB5EA214BECA5A850DD05E610864
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: B5ABA3A0B82EDF270D6EA442FA337A91
Requests: 3 HTTP requests in this frame

Frame: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Frame ID: 7F2AB90BDA96E4B62FC3232F02A40273
Requests: 3 HTTP requests in this frame

Frame: https://pv.medialead.de/trck/epv/e99aace94e6e5873e27022e22519b6a9?subid=12614700002615704444550012589008&t=htlp&gdpr=1&consent=1&gdpr_consent=
Frame ID: 5C507B56BC31855601A577CE5A421F65
Requests: 1 HTTP requests in this frame

Frame: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=3508217906
Frame ID: D6E37E576E77577DED3B76600FCC5182
Requests: 2 HTTP requests in this frame

Frame: https://hal90008.redintelligence.net/request_content.php?s=12614700002615704444550012589008&a=c9e47829
Frame ID: 96D84EA6E803F22330161B3F3A725655
Requests: 6 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: D820C033E1F9004445717F4133F6C795
Requests: 9 HTTP requests in this frame

Frame: https://analytics.contentexchange.me/bex/storage.html
Frame ID: D9D3F6C7E2D68E3F3E483C9F35014215
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

АБВ ПощаNova.bg

Page URL History Show full URLs

http://abv.bg/ HTTP 301
https://www.abv.bg/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Didomi (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

sdk\.privacy-center\.org/.*/loader\.js

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Gemius (Analytics) Expand

Overall confidence: 100%
Detected patterns

hit\.gemius\.pl/xgemius\.js
hit\.gemius\.pl
xgemius\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Webgains (Affiliate programs) Expand

Overall confidence: 100%
Detected patterns

analytics\.webgains\.io

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

154
Requests

93 %
HTTPS

35 %
IPv6

35
Domains

51
Subdomains

42
IPs

10
Countries

2226 kB
Transfer

6932 kB
Size

39
Cookies

72 Outgoing links

These are links going to different origins than the main page.

URL: https://chrome.google.com/webstore/detail/abv-notifier/glkfpmcniebkbeakjdpobddpjghbapec
Title: АБВ добавка за Google Chrome, Edge 83+, Opera - Бъдете в час с писмата си!

Search URL Search Domain Scan URL

URL: https://abv.bg/

Search URL Search Domain Scan URL

URL: https://dox.abv.bg/
Title: DOX

Search URL Search Domain Scan URL

URL: https://apps.abv.bg/
Title: АБВ на твой домейн

Search URL Search Domain Scan URL

URL: https://passport.abv.bg/app/profiles/registration
Title: Регистрация в АБВ

Search URL Search Domain Scan URL

URL: https://passport.abv.bg/app/profiles/login
Title: АБВ профил

Search URL Search Domain Scan URL

URL: https://mobile.abv.bg/
Title: Мобилниприложения

Search URL Search Domain Scan URL

URL: https://passport.abv.bg/app/profiles/lostpass
Title: Забравена парола

Search URL Search Domain Scan URL

URL: https://blog.abv.bg/gdpr-upravlenie-na-danni

Search URL Search Domain Scan URL

URL: https://nova.bg/
Title: Nova.bg NOVA

Search URL Search Domain Scan URL

URL: https://nova.bg/news
Title: Още новини

Search URL Search Domain Scan URL

URL: https://nova.bg/news/view/2024/02/02/443372/%D1%81%D0%B0%D1%89-%D0%B7%D0%B0%D0%BF%D0%BE%D1%87%D0%BD%D0%B0%D1%85%D0%B0-%D0%B2%D1%8A%D0%B7%D0%B4%D1%83%D1%88%D0%BD%D0%B8-%D1%83%D0%B4%D0%B0%D1%80%D0%B8-%D1%81%D1%80%D0%B5%D1%89%D1%83-%D0%BF%D0%BE%D0%B4%D0%BA%D1%80%D0%B5%D0%BF%D1%8F%D0%BD%D0%B8-%D0%BE%D1%82-%D0%B8%D1%80%D0%B0%D0%BD-%D0%B3%D1%80%D1%83%D0%BF%D0%B8%D1%80%D0%BE%D0%B2%D0%BA%D0%B8-%D0%B2-%D1%81%D0%B8%D1%80%D0%B8%D1%8F-%D0%B8-%D0%B8%D1%80%D0%B0%D0%BA/

Search URL Search Domain Scan URL

URL: https://nova.bg/news/view/2024/02/02/443368/%D1%82%D1%80%D0%B8-%D0%BA%D0%BE%D0%BB%D0%B8-%D1%81%D0%B5-%D1%83%D0%B4%D0%B0%D1%80%D0%B8%D1%85%D0%B0-%D0%B2-%D0%BB%D1%8E%D0%BB%D0%B8%D0%BD-%D0%B8%D0%BC%D0%B0-%D0%BF%D0%BE%D1%81%D1%82%D1%80%D0%B0%D0%B4%D0%B0%D0%BB%D0%B8/

Search URL Search Domain Scan URL

URL: https://nova.bg/news/view/2024/02/02/440546/%D0%BB%D1%8E%D0%B1%D0%BE%D0%BF%D0%B8%D1%82%D0%BD%D0%B8-%D1%84%D0%B0%D0%BA%D1%82%D0%B8-%D0%BE%D1%82-%D0%BF%D0%BE%D0%BF%D1%83%D0%BB%D1%8F%D1%80%D0%BD%D0%B8-%D1%84%D0%B8%D0%BB%D0%BC%D0%B8-%D0%BA%D0%BE%D0%B8%D1%82%D0%BE-%D1%83%D0%B1%D1%8F%D0%B3%D0%BD%D0%B0%D1%85%D0%B0-%D0%BD%D0%B0-%D0%B7%D1%80%D0%B8%D1%82%D0%B5%D0%BB%D0%B8%D1%82%D0%B5-%D0%B3%D0%B0%D0%BB%D0%B5%D1%80%D0%B8%D1%8F/

Search URL Search Domain Scan URL

URL: https://nova.bg/news/view/2024/02/02/443327/%D0%B7%D0%B0%D0%B3%D0%B8%D0%BD%D0%B0%D0%BB%D0%B8-%D0%B8-%D1%80%D0%B0%D0%BD%D0%B5%D0%BD%D0%B8-%D0%BF%D1%80%D0%B8-%D1%87%D0%B5%D0%BB%D0%BD%D0%B0-%D0%BA%D0%B0%D1%82%D0%B0%D1%81%D1%82%D1%80%D0%BE%D1%84%D0%B0-%D0%B2-%D0%BF%D0%BB%D0%BE%D0%B2%D0%B4%D0%B8%D0%B2%D1%81%D0%BA%D0%BE/

Search URL Search Domain Scan URL

URL: https://vesti.bg/
Title: VESTI

Search URL Search Domain Scan URL

URL: https://www.vesti.bg/sviat/eksperimentalno-oryzhie-v-ukrajna-razkri-ogromen-propusk-na-sasht-6190398

Search URL Search Domain Scan URL

URL: https://www.vesti.bg/sviat/pochina-legendata-ot-roki-karl-uedyrs-6190408
Title: Почина легендата от „Роки“ Карл Уедърс

Search URL Search Domain Scan URL

URL: https://www.vesti.bg/sviat/siriia-izrael-udari-damask-6190387
Title: Сирия: Израел удари Дамаск

Search URL Search Domain Scan URL

URL: https://www.vesti.bg/sviat/podlo-i-nedostojno-makron-s-ostri-kritiki-kym-moskva-6190366
Title: "Подло и недостойно": Макрон с остри критики към Москва

Search URL Search Domain Scan URL

URL: https://gong.bg/
Title: Gong

Search URL Search Domain Scan URL

URL: https://gong.bg/football-sviat/drugi/multimedia/gallery/yellow/banskite-na-kristi-edva-udyrzhaha-golemiia-i-biust-775560

Search URL Search Domain Scan URL

URL: https://gong.bg/bg-football/efbet-liga/multimedia/video/levski-s-mnogo-prestizhen-uspeh-v-turciia-udari-ukrainski-grand-775527
Title: Левски с много престижен успех в Турция, удари украински гранд

Search URL Search Domain Scan URL

URL: https://gong.bg/bg-football/efbet-liga/multimedia/video/stana-iasno-bydeshteto-na-liuboslav-penev-775534
Title: Стана ясно бъдещето на Любослав Пенев

Search URL Search Domain Scan URL

URL: https://gong.bg/tenis/multimedia/video/grigor-dimitrov-otkazal-da-igrae-za-bylgariia-775513
Title: Григор Димитров отказал да играе за България

Search URL Search Domain Scan URL

URL: https://www.vesti.bg/vicove
Title: Вицове

Search URL Search Domain Scan URL

URL: https://vbox7.com/
Title: Vbox7

Search URL Search Domain Scan URL

URL: https://telegraph.bg/
Title: Телеграф

Search URL Search Domain Scan URL

URL: https://telegraph.bg/svetski/novini/bomba-razdeliha-li-se-emiliia-i-zhorzh-bashur-syprugyt-na-popfolk-zvezdata-izchegyrta-vsichkite-si-spomeni-v-mrezhata-403568
Title: БОМБА! Разделиха ли се Емилия и Жорж Башур?!

Search URL Search Domain Scan URL

URL: https://www.sinoptik.bg/
Title: Sinoptik

Search URL Search Domain Scan URL

URL: https://www.sinoptik.bg/sofia-bulgaria-100727011/10-days
Title: 14-дневна прогноза

Search URL Search Domain Scan URL

URL: https://www.sinoptik.bg/sofia-bulgaria-100727011
Title: В момента1°CУсеща се:-3°Ясно

Search URL Search Domain Scan URL

URL: https://www.sinoptik.bg/sofia-bulgaria-100727011/hourly
Title: Днес-2°|9°Променлива облачност

Search URL Search Domain Scan URL

URL: https://www.sinoptik.bg/sofia-bulgaria-100727011/5-days/2
Title: Утре4°|11°Предимно облачно

Search URL Search Domain Scan URL

URL: https://www.edna.bg/
Title: Edna

Search URL Search Domain Scan URL

URL: https://www.edna.bg/kolonkata-na/ot-pyrvo-lice-5-bezumni-zhenski-svalki-4658769

Search URL Search Domain Scan URL

URL: https://www.edna.bg/izvestni/trima-priiateli-v-edin-skandalen-holivudski-triygylnik-4662170
Title: Трима приятели в един скандален холивудски триъгълник

Search URL Search Domain Scan URL

URL: https://www.edna.bg/izvestni/majkata-na-merilin-monro-diagnosticirana-s-shizofreniia-otrechena-i-obrechena-na-samota-4665038
Title: Майката на Мерилин Монро: диагностицирана с шизофрения, отречена и обречена на самота

Search URL Search Domain Scan URL

URL: https://www.edna.bg/izvestni/bezsledno-izcheznalata-dyshteria-na-al-bano-i-romina-4674507
Title: Безследно изчезналата дъщеря на Ал Бано и Ромина

Search URL Search Domain Scan URL

URL: https://www.pariteni.bg/
Title: Pariteni

Search URL Search Domain Scan URL

URL: https://www.pariteni.bg/novini/pensionirane/predlagat-promiana-v-kupuvaneto-na-stazh-za-pensiia-248529
Title: Предлагат промяна в купуването на стаж за пенсия

Search URL Search Domain Scan URL

URL: https://www.pariteni.bg/novini/uslugi/mahat-stikera-za-grazhdanska-otgovornost-248530
Title: Махат стикера за „Гражданска отговорност“

Search URL Search Domain Scan URL

URL: https://www.pariteni.bg/novini/imoti/drastichna-razlika-v-cenite-na-imotite-v-razlichnite-kvartali-na-sofiia-248531
Title: Драстична разлика в цените на имотите в различните квартали на София

Search URL Search Domain Scan URL

URL: https://www.pariteni.bg/novini/transport/izticha-validnostta-na-blizo-500-hil.-e-vinetki-prez-fevruari-248534
Title: Изтича валидността на близо 500 хил. е-винетки през февруари

Search URL Search Domain Scan URL

URL: https://www.edna.bg/horoskopi
Title: Хороскопи

Search URL Search Domain Scan URL

URL: https://www.edna.bg/horoskopi/vodolei/mesechen
Title: Месечен

Search URL Search Domain Scan URL

URL: https://www.edna.bg/horoskopi/vodolei/dneven

Search URL Search Domain Scan URL

URL: https://gbg.bg/
Title: Гювеч

Search URL Search Domain Scan URL

URL: https://carmarket.bg/
Title: Автомобили

Search URL Search Domain Scan URL

URL: https://grabo.bg/
Title: Грабо

Search URL Search Domain Scan URL

URL: https://opoznai.bg/
Title: Опознай.bg

Search URL Search Domain Scan URL

URL: https://vgames.bg/
Title: Игри

Search URL Search Domain Scan URL

URL: https://vmusic.bg/
Title: Музика

Search URL Search Domain Scan URL

URL: https://vcards.bg/
Title: Картички

Search URL Search Domain Scan URL

URL: https://pariteni.bg/
Title: Пари

Search URL Search Domain Scan URL

URL: https://sinoptik.bg/
Title: Времето

Search URL Search Domain Scan URL

URL: https://edna.bg/
Title: За жените

Search URL Search Domain Scan URL

URL: https://ohnamama.bg/
Title: За родители

Search URL Search Domain Scan URL

URL: https://dogsandcats.bg/
Title: За кучета и котки

Search URL Search Domain Scan URL

URL: https://www.netinfocompany.bg/media-kit/abvbg-69
Title: За реклама

Search URL Search Domain Scan URL

URL: https://www.adwise.bg/
Title: Adwise реклама

Search URL Search Domain Scan URL

URL: https://www.netinfocompany.bg/about-company
Title: За нас

Search URL Search Domain Scan URL

URL: https://www.netinfocompany.bg/portfolio
Title: Портфолио

Search URL Search Domain Scan URL

URL: https://passport.abv.bg/app/profiles/sendtosupport/form?from=abv.bg
Title: Пишете ни

Search URL Search Domain Scan URL

URL: https://help.abv.bg/
Title: Помощ

Search URL Search Domain Scan URL

URL: https://blog.abv.bg/
Title: Блог

Search URL Search Domain Scan URL

URL: https://passport.abv.bg/app/profiles/resources/terms/terms.html
Title: Общи условия

Search URL Search Domain Scan URL

URL: https://passport.abv.bg/app/profiles/resources/terms/policy.html
Title: Поверителност

Search URL Search Domain Scan URL

URL: https://www.netinfocompany.bg/gdpr/
Title: GDPR инфо

Search URL Search Domain Scan URL

URL: https://www.netinfocompany.bg/privacy
Title: Всички права запазени.

Search URL Search Domain Scan URL

URL: https://www.netinfocompany.bg/

Search URL Search Domain Scan URL

URL: https://united.group/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://abv.bg/ HTTP 301
https://www.abv.bg/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 94

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEF-0MBrjEHhMqJRft93P0fI&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEF-0MBrjEHhMqJRft93P0fI&google_cver=1&C=1

Request Chain 95

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Zb161dvwJ8kCROwJnePorQAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEF-0MBrjEHhMqJRft93P0fI&google_cver=1

Request Chain 96

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEAU9Eext3S309nPbdytxrb8&google_cver=1 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEAU9Eext3S309nPbdytxrb8%26google_cver%3D1

Request Chain 97

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mzg1Njk3ODg4ODgzNDg4MTQ3OA%3D%3D

Request Chain 103

https://gabg.hit.gemius.pl/_1706916565204/rexdot.js?l=106&sendf=24&id=pyM6ETuay1axb8mosdTjz6R..KfGoHBcgod0mxirr8X.07&et=view&hsrc=2&initsonar=1&extra=&eventid=0&tz=-60&fv=-&href=https%3A%2F%2Fimg.abv.bg%2Fe%2Fs%2Fcounters.html%3Fv%3D1.0&screen=1600x1200r1000&col=24&window=1x1&vis=1&lsdata=JRwayq.birU03FBwYjhfKpC7YskvpJcJ7B.kG6xw7D3.G7BcWQMYJYe7V45ByP133JYHKUsXvuYQTmcfi44ieRrAoyYu/rw5JhCabKinCn/&fpdata=Bzm7zkyWuFneSePKuCpIVyuQ2p_SFEvR_qcTmXmowMb.Y7&ltime=240&fr=3&tr=1&ref=https%3A%2F%2Fwww.abv.bg&inner=_ver%3D347%7C_ch_mobile%3D0%7C_ch_wow64%3D0%7C_ch_brands%3D&exid=65bd7ad40b706647&brts=1706916565&fpcap= HTTP 301
https://gabg.hit.gemius.pl/__/_1706916565204/rexdot.js?l=106&sendf=24&id=pyM6ETuay1axb8mosdTjz6R..KfGoHBcgod0mxirr8X.07&et=view&hsrc=2&initsonar=1&extra=&eventid=0&tz=-60&fv=-&href=https%3A%2F%2Fimg.abv.bg%2Fe%2Fs%2Fcounters.html%3Fv%3D1.0&screen=1600x1200r1000&col=24&window=1x1&vis=1&lsdata=JRwayq.birU03FBwYjhfKpC7YskvpJcJ7B.kG6xw7D3.G7BcWQMYJYe7V45ByP133JYHKUsXvuYQTmcfi44ieRrAoyYu/rw5JhCabKinCn/&fpdata=Bzm7zkyWuFneSePKuCpIVyuQ2p_SFEvR_qcTmXmowMb.Y7&ltime=240&fr=3&tr=1&ref=https%3A%2F%2Fwww.abv.bg&inner=_ver%3D347%7C_ch_mobile%3D0%7C_ch_wow64%3D0%7C_ch_brands%3D&exid=65bd7ad40b706647&brts=1706916565&fpcap=

Request Chain 114

https://hal90008.redintelligence.net/request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=3b244e0690&subid=&uid=076e6e14bcc3b622&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCmD4s1Hq9ZdrTLbmqjuwPsouFyAmm5b2gaYWVnKfJD_AuEAEg8KqHIWCVgoCAmAfIAQmpAr3QS9cwGLI-qAMByAObBKoE3AFP0CdXwN9GQiys25Ylx8juXyeuO2OQOnBJ-ohvHBKcLAWNi3MpV4p_Mcnae1Pd7dXmrEEUSSYEtrfnHkP-LrxlO6Pn3SunCb7-019OnoElRUcm4lI1n1BbQUA6k26fjGmp0mzOf0EidBVZRn_48Bh6fYQuFjub_wH12w423v4UXb8aVHbADAExhIPApTPX-A0GuHXLagzvnvqwjJxG54iSw3lZhc2zaob4FqXtBEwIX7QizHxAtC8XeXK6catfjfmvMp8dW6bylH1wm_blaDSRnMDPGY83BwPDa8NCwATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCCUIgOGAEBABGB0yAqoCOgiAQICAhICABEi9_cE6WOjXgdznjYQDgAoDmAsByAsBgAwBqg0CREXiDRMI7ouC3OeNhAMVOZWDBx2yRQGZsBOH77EV0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSPAAvHhf_xRZn3QbHvDD3Z6sscQfOspH4mrGF8di0XQeaw4_iEKlxN0CuEBtPHtoyfpDf-g2ej2XztV4B6xgB%26sig%3DAOD64_3E0qHEzfSm7iEFGJU9HzFdw6zlXQ%26client%3Dca-pub-9699434551737642%26dbm_c%3DAKAmf-A1DI6bPXy8vief0yBvR-WNC7n_UDV3XIExRgQlnlsrbsrGCqJ56paIDXNNGDQ1PcPxy90qtDKQsm0wUnBBCM2oX_9czbstc9HQeRCRGATri4B7rD7ARu9smYEkasf7zNdM6z12T0EMeC_4QTJRKUVflOr2jLbKx5zhZjzxZqGFWT6tqTs%26cry%3D1%26dbm_d%3DAKAmf-AXvVRaYsJKZgZt8-7WqQqDbl9aZfv9exuxUbq5RgCvtbJWfAxk6FCwabkDVx-ic7Xcpl6kPQFur1zEPde1geRan5CcCXDmBBZtl2GF90VpgncStkF1Z0HgGM5vFXsPnXwyWKDdd7VAuGKuzossqq9Vvpq3I93bymplsIWZjJfJergPTsoeuhFLGRhgr6q89kLjf83xNltsJMvMJcSs4ZfRXolUon1JeHgPN6doLyE8074t8UowYu_YjAh8aMH_WLnQc5VQ2-y5JtFtl8IjdBfWS_Bo5tyayHf7RuuTPCzAktcCwACZ3ByslGqCREycXRIk5nkAO18gGGJk_saLDjRddcoeJTd1WJiJmycRFjFX8tC3tf8L_hDJOC4-ec9irmp5JXA9ypaV2HPSVAIfSi-YuF1nJrHxLeZSTaFfLsrlUcBs7FMftDL8-a3IYYBPRMityKd6PJpmEt-247pH0Hhx-PQlKKH0Km83WFVGcrJpaxFH9OC3CMjXLKRWzI3XraqvbTY2-nnLwmWP0RlVeZ5t4EVoAMzxZe94hXRbQX3Ser1SF0-c41EwoJJ2DPc3kKBm2KRfIA9Ri5azZ_vmhZ9kfK6UlBFV9mhUfwet0n4MznuzH0G7QglE7nTrXfH1Y3Me8uQC%26adurl%3D&documentReferer=https%3A%2F%2Fd53e39e13c61f683f3b844fec1036e9d.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html%3Fn%3D2&ancestorOrigins=https%3A%2F%2Fd53e39e13c61f683f3b844fec1036e9d.safeframe.googlesyndication.com%2Chttps%3A%2F%2Frimg.abv.bg%2Chttps%3A%2F%2Fbimg.abv.bg%2Chttps%3A%2F%2Fwww.abv.bg&random=7051435369361&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0 HTTP 302
https://hal90008.redintelligence.net/request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=3b244e0690&subid=&uid=076e6e14bcc3b622&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCmD4s1Hq9ZdrTLbmqjuwPsouFyAmm5b2gaYWVnKfJD_AuEAEg8KqHIWCVgoCAmAfIAQmpAr3QS9cwGLI-qAMByAObBKoE3AFP0CdXwN9GQiys25Ylx8juXyeuO2OQOnBJ-ohvHBKcLAWNi3MpV4p_Mcnae1Pd7dXmrEEUSSYEtrfnHkP-LrxlO6Pn3SunCb7-019OnoElRUcm4lI1n1BbQUA6k26fjGmp0mzOf0EidBVZRn_48Bh6fYQuFjub_wH12w423v4UXb8aVHbADAExhIPApTPX-A0GuHXLagzvnvqwjJxG54iSw3lZhc2zaob4FqXtBEwIX7QizHxAtC8XeXK6catfjfmvMp8dW6bylH1wm_blaDSRnMDPGY83BwPDa8NCwATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCCUIgOGAEBABGB0yAqoCOgiAQICAhICABEi9_cE6WOjXgdznjYQDgAoDmAsByAsBgAwBqg0CREXiDRMI7ouC3OeNhAMVOZWDBx2yRQGZsBOH77EV0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSPAAvHhf_xRZn3QbHvDD3Z6sscQfOspH4mrGF8di0XQeaw4_iEKlxN0CuEBtPHtoyfpDf-g2ej2XztV4B6xgB%26sig%3DAOD64_3E0qHEzfSm7iEFGJU9HzFdw6zlXQ%26client%3Dca-pub-9699434551737642%26dbm_c%3DAKAmf-A1DI6bPXy8vief0yBvR-WNC7n_UDV3XIExRgQlnlsrbsrGCqJ56paIDXNNGDQ1PcPxy90qtDKQsm0wUnBBCM2oX_9czbstc9HQeRCRGATri4B7rD7ARu9smYEkasf7zNdM6z12T0EMeC_4QTJRKUVflOr2jLbKx5zhZjzxZqGFWT6tqTs%26cry%3D1%26dbm_d%3DAKAmf-AXvVRaYsJKZgZt8-7WqQqDbl9aZfv9exuxUbq5RgCvtbJWfAxk6FCwabkDVx-ic7Xcpl6kPQFur1zEPde1geRan5CcCXDmBBZtl2GF90VpgncStkF1Z0HgGM5vFXsPnXwyWKDdd7VAuGKuzossqq9Vvpq3I93bymplsIWZjJfJergPTsoeuhFLGRhgr6q89kLjf83xNltsJMvMJcSs4ZfRXolUon1JeHgPN6doLyE8074t8UowYu_YjAh8aMH_WLnQc5VQ2-y5JtFtl8IjdBfWS_Bo5tyayHf7RuuTPCzAktcCwACZ3ByslGqCREycXRIk5nkAO18gGGJk_saLDjRddcoeJTd1WJiJmycRFjFX8tC3tf8L_hDJOC4-ec9irmp5JXA9ypaV2HPSVAIfSi-YuF1nJrHxLeZSTaFfLsrlUcBs7FMftDL8-a3IYYBPRMityKd6PJpmEt-247pH0Hhx-PQlKKH0Km83WFVGcrJpaxFH9OC3CMjXLKRWzI3XraqvbTY2-nnLwmWP0RlVeZ5t4EVoAMzxZe94hXRbQX3Ser1SF0-c41EwoJJ2DPc3kKBm2KRfIA9Ri5azZ_vmhZ9kfK6UlBFV9mhUfwet0n4MznuzH0G7QglE7nTrXfH1Y3Me8uQC%26adurl%3D&documentReferer=https%3A%2F%2Fd53e39e13c61f683f3b844fec1036e9d.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html%3Fn%3D2&ancestorOrigins=https%3A%2F%2Fd53e39e13c61f683f3b844fec1036e9d.safeframe.googlesyndication.com%2Chttps%3A%2F%2Frimg.abv.bg%2Chttps%3A%2F%2Fbimg.abv.bg%2Chttps%3A%2F%2Fwww.abv.bg&random=7051435369361&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0&uidRedirect=1

Request Chain 124

https://cdn.retailads.net/tb.php?t=150337V2172132532M&subid=12614700002615704444550012589008&ra_cnt_active=1&ra_cnt=1 HTTP 302
https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=3508217906

Request Chain 129

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEPVHn3FpYcInkj5LUjQ2oyE&google_cver=1&google_push=AXcoOmTOxkhGLQ56GK0xaHns5VC31P4qPmZ4o64C_DhNAFuLuEyAt3Ynyq9EwHk0rCJkGAfcpEsQCOrdruUnN7Sc5aG8po7AMgyu HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEPVHn3FpYcInkj5LUjQ2oyE&google_push=AXcoOmTOxkhGLQ56GK0xaHns5VC31P4qPmZ4o64C_DhNAFuLuEyAt3Ynyq9EwHk0rCJkGAfcpEsQCOrdruUnN7Sc5aG8po7AMgyu

Request Chain 130

https://um.simpli.fi/gp_match?google_gid=CAESEPuHaC2NLxHeuKjkLPeyoU0&google_cver=1&google_push=AXcoOmSs454v7-6JqIjp70mtIRKfbFB9CkPh14eyvrfmHS78rWjUWSlCj6jnHVz1QLDDtifEEHapTgm7RGNbS6HUNwffuISV5Adm HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=D9BAFA67ADEE4716BEA5A02694A5CAF1&google_push=AXcoOmSs454v7-6JqIjp70mtIRKfbFB9CkPh14eyvrfmHS78rWjUWSlCj6jnHVz1QLDDtifEEHapTgm7RGNbS6HUNwffuISV5Adm

Request Chain 132

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEB6i7wGep8mQLv_B7tjswjo&google_cver=1&google_push=AXcoOmS6dwZeDpspyrRRUiudC5fIXIunpgryI2kM6Q1yFsvZno5BxqZ0BAkLnNq-AsXtmNiBiyA85HR9obo4c1joiUQ016vDGCJD HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMzMTE1MDgyMzY4ODk2MDE0MA%3D%3D&google_push=AXcoOmS6dwZeDpspyrRRUiudC5fIXIunpgryI2kM6Q1yFsvZno5BxqZ0BAkLnNq-AsXtmNiBiyA85HR9obo4c1joiUQ016vDGCJD

Request Chain 134

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEA5nFkclGW2iAuKCb8-T1j4&google_cver=1&google_push=AXcoOmTDNl66qp8mZE9fSM-3GQ3O5bRSB5kmXLCUEK4ARfQ4FWy4yRWsqrVOk2EzCbrTY9mw6JsKEi0kvST5GZVbVdrkoaT2R8bd HTTP 302
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AXcoOmTDNl66qp8mZE9fSM-3GQ3O5bRSB5kmXLCUEK4ARfQ4FWy4yRWsqrVOk2EzCbrTY9mw6JsKEi0kvST5GZVbVdrkoaT2R8bd&google_gid=CAESEA5nFkclGW2iAuKCb8-T1j4 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjMzNTI4NjYwNTA0OTUyMDEyMDkwNA%3D%3D&google_push=AXcoOmTDNl66qp8mZE9fSM-3GQ3O5bRSB5kmXLCUEK4ARfQ4FWy4yRWsqrVOk2EzCbrTY9mw6JsKEi0kvST5GZVbVdrkoaT2R8bd

Request Chain 146

https://dmp.adform.net/serving/cookie/match?party=1219&cid=65bd7ad5d16c2e2a9131d3b8&redirect=https://match.contentexchange.me/adform/__ADFUID__ HTTP 302
https://dmp.adform.net/serving/cookie/match?CC=1&party=1219&cid=65bd7ad5d16c2e2a9131d3b8&redirect=https://match.contentexchange.me/adform/__ADFUID__ HTTP 302
https://match.contentexchange.me/adform/3923349716448940480

154 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.abv.bg/
Redirect Chain

http://abv.bg/
https://www.abv.bg/

31 KB
14 KB

262ms
89ms

Document
text/html

194.153.145.104
NETINFO 12 Emil B...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.abv.bg/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

194.153.145.104 , Bulgaria, ASN13147 (NETINFO 12 Emil Bersinski Str, BG),

Reverse DNS

abv.bg

Software

nginx /

Resource Hash

f2257f0573956fd0fa5e79f64039d9ae2386a1b104c40e5daf7162e182589d78

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache
content-encoding: gzip
content-language: de-DE
content-type: text/html;charset=UTF-8
date: Fri, 02 Feb 2024 23:29:23 GMT
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
x-frame-options: SAMEORIGIN

Redirect headers

Connection: keep-alive
Content-Length: 162
Content-Type: text/html
Date: Fri, 02 Feb 2024 23:29:23 GMT
Location: https://www.abv.bg/
Server: nginx

GET
H2 200 main.min.css
www.abv.bg/css/ 27 KB
7 KB 47ms
46ms Stylesheet
text/css 194.153.145.104
NETINFO 12 Emil B...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.abv.bg/css/main.min.css?v=1

Requested by

Host: www.abv.bg
URL: https://www.abv.bg/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

194.153.145.104 , Bulgaria, ASN13147 (NETINFO 12 Emil Bersinski Str, BG),

Reverse DNS

abv.bg

Software

nginx /

Resource Hash

ac48e308a1e61943f695a2768599fc91e20c47373a2c33a0f6e6d16c2d88ace1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.abv.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Feb 2024 23:29:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
last-modified: Mon, 15 Jan 2024 14:17:07 GMT
server: nginx
etag: W/"65a53e63-6cdc"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: no-cache

GET
H2 200 jquery.min.js Show response
www.abv.bg/js/ 87 KB
36 KB 49ms
48ms Script
application/javascript 194.153.145.104
NETINFO 12 Emil B...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.abv.bg/js/jquery.min.js

Requested by

Host: www.abv.bg
URL: https://www.abv.bg/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

194.153.145.104 , Bulgaria, ASN13147 (NETINFO 12 Emil Bersinski Str, BG),

Reverse DNS

abv.bg

Software

nginx /

Resource Hash

4cf207f5a1d0e43e3fbf2b2fd34dff5103a186001d20d9b93538b76e3654e9e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.abv.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Feb 2024 23:29:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
last-modified: Thu, 03 Sep 2020 11:24:37 GMT
server: nginx
etag: W/"5f50d275-15daf"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: no-cache

GET
H2 200 main.min.js Show response
www.abv.bg/js/ 106 KB
39 KB 93ms
93ms Script
application/javascript 194.153.145.104
NETINFO 12 Emil B...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.abv.bg/js/main.min.js?v=1

Requested by

Host: www.abv.bg
URL: https://www.abv.bg/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

194.153.145.104 , Bulgaria, ASN13147 (NETINFO 12 Emil Bersinski Str, BG),

Reverse DNS

abv.bg

Software

nginx /

Resource Hash

d39d031d2a49b20da5a435532544ac6813211b2b3b8976345da213a6962d52c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.abv.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Feb 2024 23:29:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
last-modified: Tue, 30 Jan 2024 07:40:59 GMT
server: nginx
etag: W/"65b8a80b-1a6eb"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: no-cache

GET
DATA 200
OK truncated
/ 5 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fd08bfaf5c3c7b88caab0088d3e061f2103480e637c8534a7cf4d330bcf26d3c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 abv-logo.svg
www.abv.bg/i/ 10 KB
10 KB 87ms
86ms Image
image/svg+xml 194.153.145.104
NETINFO 12 Emil B...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.abv.bg/i/abv-logo.svg

Requested by

Host: www.abv.bg
URL: https://www.abv.bg/css/main.min.css?v=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

194.153.145.104 , Bulgaria, ASN13147 (NETINFO 12 Emil Bersinski Str, BG),

Reverse DNS

abv.bg

Software

nginx /

Resource Hash

3fea5307e5bd6f3b8fb4e95dd6ecb6f4db4131c77e69a3dce1d35368f166aec9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.abv.bg/css/main.min.css?v=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Feb 2024 23:29:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Thu, 03 Sep 2020 11:24:37 GMT
server: nginx
etag: "5f50d275-274f"
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
cache-control: no-cache
accept-ranges: bytes
content-length: 10063

GET
H2 200 powGoogle.svg
www.abv.bg/i/ 2 KB
2 KB 87ms
86ms Image
image/svg+xml 194.153.145.104
NETINFO 12 Emil B...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.abv.bg/i/powGoogle.svg

Requested by

Host: www.abv.bg
URL: https://www.abv.bg/css/main.min.css?v=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

194.153.145.104 , Bulgaria, ASN13147 (NETINFO 12 Emil Bersinski Str, BG),

Reverse DNS

abv.bg

Software

nginx /

Resource Hash

9be4a520b9b64e9d8ffeba19b72dba95ef65c43720fec41bb3678a27d336c13c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.abv.bg/css/main.min.css?v=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Feb 2024 23:29:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Thu, 03 Sep 2020 11:24:37 GMT
server: nginx
etag: "5f50d275-65b"
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
cache-control: no-cache
accept-ranges: bytes
content-length: 1627

GET
H2 200 segoe_ui.woff
bimg.abv.bg/fonts/ 19 KB
20 KB 264ms
54ms Font
font/woff 84.238.194.241
BTC-SEC-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://bimg.abv.bg/fonts/segoe_ui.woff

Requested by

Host: www.abv.bg
URL: https://www.abv.bg/css/main.min.css?v=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

84.238.194.241 , Bulgaria, ASN205132 (BTC-SEC-AS, BG),

Reverse DNS

bimg.abv.bg

Software

nginx /

Resource Hash

f424915a692bc5a458d6e7d9c99e4fe0cf5cb8883bd3516b01d4fef5da8d3663

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.abv.bg/
Origin: https://www.abv.bg
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 23:29:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
last-modified: Wed, 27 May 2020 18:58:39 GMT
server: nginx
etag: "5eceb85f-4dc0"
content-type: font/woff
access-control-allow-origin: *
accept-ranges: bytes
content-length: 19904
x-xss-protection: 1; mode=block

GET
H2 200 netinfo_footer.svg
www.abv.bg/i/ 2 KB
2 KB 85ms
84ms Image
image/svg+xml 194.153.145.104
NETINFO 12 Emil B...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.abv.bg/i/netinfo_footer.svg

Requested by

Host: www.abv.bg
URL: https://www.abv.bg/css/main.min.css?v=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

194.153.145.104 , Bulgaria, ASN13147 (NETINFO 12 Emil Bersinski Str, BG),

Reverse DNS

abv.bg

Software

nginx /

Resource Hash

38ea4265f6c1a87bb5183b1f2b85b3aab917aab7a540cd0c07065fd4d7e6ad0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.abv.bg/css/main.min.css?v=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Feb 2024 23:29:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Thu, 03 Sep 2020 11:24:37 GMT
server: nginx
etag: "5f50d275-87d"
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
cache-control: no-cache
accept-ranges: bytes
content-length: 2173

GET
H2 200 ugroup.svg
www.abv.bg/i/ 3 KB
4 KB 85ms
84ms Image
image/svg+xml 194.153.145.104
NETINFO 12 Emil B...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.abv.bg/i/ugroup.svg

Requested by

Host: www.abv.bg
URL: https://www.abv.bg/css/main.min.css?v=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

194.153.145.104 , Bulgaria, ASN13147 (NETINFO 12 Emil Bersinski Str, BG),

Reverse DNS

abv.bg

Software

nginx /

Resource Hash

583c0b3461cfb179912a538d901284de007723cf6e94a31c138880588b90794a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.abv.bg/css/main.min.css?v=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Feb 2024 23:29:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Thu, 18 Mar 2021 15:47:57 GMT
server: nginx
etag: "6053762d-d60"
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
cache-control: no-cache
accept-ranges: bytes
content-length: 3424

GET
H2 200 getdata Show response
www.abv.bg/home/ 20 KB
20 KB 51ms
51ms XHR
application/json 194.153.145.104
NETINFO 12 Emil B...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.abv.bg/home/getdata

Requested by

Host: www.abv.bg
URL: https://www.abv.bg/js/jquery.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

194.153.145.104 , Bulgaria, ASN13147 (NETINFO 12 Emil Bersinski Str, BG),

Reverse DNS

abv.bg

Software

nginx /

Resource Hash

977c1c119b0131a5f84ab03347ee844fbeaa6d1a0e9ecea4d16a17c55bbe58f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.abv.bg/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Feb 2024 23:29:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-cache
server: nginx
x-frame-options: SAMEORIGIN
content-type: application/json;charset=UTF-8

GET
H2 200 counters.html Show response
img.abv.bg/e/s/ Frame 2866 2 KB
1 KB 83ms
47ms Document
text/html 194.153.145.104
NETINFO 12 Emil B...

General

Check archive.org

Show headers Download Go to

Full URL: https://img.abv.bg/e/s/counters.html?v=1.0
Requested by: Host: www.abv.bg
URL: https://www.abv.bg/js/main.min.js?v=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 194.153.145.104 , Bulgaria, ASN13147 (NETINFO 12 Emil Bersinski Str, BG),
Reverse DNS: abv.bg
Software: nginx /
Resource Hash: d50365d1d11ecb9455378d6cac9ab8fc2f79b1507f2a8568a0a39f4a334af270

Request headers

Referer: https://www.abv.bg/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html
date: Fri, 02 Feb 2024 23:29:23 GMT
etag: W/"6554c99d-87c"
last-modified: Wed, 15 Nov 2023 13:37:33 GMT
server: nginx
vary: Accept-Encoding

GET
H2 200 chrome.png
img.abv.bg/images/ 2 KB
2 KB 69ms
48ms Image
image/png 194.153.145.104
NETINFO 12 Emil B...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.abv.bg/images/chrome.png
Requested by: Host: www.abv.bg
URL: https://www.abv.bg/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 194.153.145.104 , Bulgaria, ASN13147 (NETINFO 12 Emil Bersinski Str, BG),
Reverse DNS: abv.bg
Software: nginx /
Resource Hash: 4fe14aa50a67932c19bd971db85ab116e5dfe22b50c1f9f9296c0ac8d169f9b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.abv.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 23:29:23 GMT
last-modified: Thu, 06 Jul 2023 10:19:03 GMT
server: nginx
etag: "64a69517-754"
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 1876
expires: Fri, 09 Feb 2024 23:29:23 GMT

GET
H2 200 305x250-9.png
img.abv.bg/images/ 39 KB
39 KB 67ms
48ms Image
image/png 194.153.145.104
NETINFO 12 Emil B...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.abv.bg/images/305x250-9.png
Requested by: Host: www.abv.bg
URL: https://www.abv.bg/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 194.153.145.104 , Bulgaria, ASN13147 (NETINFO 12 Emil Bersinski Str, BG),
Reverse DNS: abv.bg
Software: nginx /
Resource Hash: 2569d17d561e662fdb33495851bbc297d02ffb0902a86eb39f5795ea83f3565f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.abv.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 23:29:23 GMT
last-modified: Fri, 11 Sep 2020 09:20:19 GMT
server: nginx
etag: "5f5b4153-9c40"
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 40000
expires: Fri, 09 Feb 2024 23:29:23 GMT

GET
DATA 200
OK truncated
/ 37 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 t8f0f24372983bb35e6f02ce5248fa960.jpg
img.abv.bg/home/ 9 KB
9 KB 44ms
44ms Image
image/jpeg 194.153.145.104
NETINFO 12 Emil B...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.abv.bg/home/t8f0f24372983bb35e6f02ce5248fa960.jpg
Requested by: Host: www.abv.bg
URL: https://www.abv.bg/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 194.153.145.104 , Bulgaria, ASN13147 (NETINFO 12 Emil Bersinski Str, BG),
Reverse DNS: abv.bg
Software: nginx /
Resource Hash: e1fba56aa54e3d947aaab10b5da61cd1eecce9e569ad61ac8715f679da473a06

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.abv.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 23:29:23 GMT
last-modified: Fri, 02 Feb 2024 23:26:59 GMT
server: nginx
etag: "65bd7a43-228f"
content-type: image/jpeg
cache-control: max-age=604800
accept-ranges: bytes
content-length: 8847
expires: Fri, 09 Feb 2024 23:29:23 GMT

GET
H2 200 r.html Show response
bimg.abv.bg/a/ Frame 5351 52 KB
16 KB 155ms
49ms Document
text/html 84.238.194.241
BTC-SEC-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://bimg.abv.bg/a/r.html?p=10&dom=www.abv.bg&cb=1706916563854

Requested by

Host: www.abv.bg
URL: https://www.abv.bg/js/jquery.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

84.238.194.241 , Bulgaria, ASN205132 (BTC-SEC-AS, BG),

Reverse DNS

bimg.abv.bg

Software

nginx /

Resource Hash

33bd24b7fa3f836621f5c9891bd0734668171624d559fa66d8f726481ae357be

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.abv.bg/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
cache-control: no-cache
content-encoding: gzip
content-type: text/html
date: Fri, 02 Feb 2024 23:29:23 GMT
etag: W/"654e18fe-ce62"
expires: Fri, 02 Feb 2024 23:29:22 GMT
last-modified: Fri, 10 Nov 2023 11:50:22 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 r.html Show response
bimg.abv.bg/a/ Frame AFB0 52 KB
16 KB 253ms
153ms Document
text/html 84.238.194.241
BTC-SEC-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://bimg.abv.bg/a/r.html?p=12

Requested by

Host: www.abv.bg
URL: https://www.abv.bg/js/jquery.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

84.238.194.241 , Bulgaria, ASN205132 (BTC-SEC-AS, BG),

Reverse DNS

bimg.abv.bg

Software

nginx /

Resource Hash

33bd24b7fa3f836621f5c9891bd0734668171624d559fa66d8f726481ae357be

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.abv.bg/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
cache-control: no-cache
content-encoding: gzip
content-type: text/html
date: Fri, 02 Feb 2024 23:29:23 GMT
etag: W/"654e18fe-ce62"
expires: Fri, 02 Feb 2024 23:29:22 GMT
last-modified: Fri, 10 Nov 2023 11:50:22 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 r.html Show response
bimg.abv.bg/a/ Frame 4C6F 52 KB
16 KB 203ms
103ms Document
text/html 84.238.194.241
BTC-SEC-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://bimg.abv.bg/a/r.html?p=122

Requested by

Host: www.abv.bg
URL: https://www.abv.bg/js/jquery.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

84.238.194.241 , Bulgaria, ASN205132 (BTC-SEC-AS, BG),

Reverse DNS

bimg.abv.bg

Software

nginx /

Resource Hash

33bd24b7fa3f836621f5c9891bd0734668171624d559fa66d8f726481ae357be

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.abv.bg/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
cache-control: no-cache
content-encoding: gzip
content-type: text/html
date: Fri, 02 Feb 2024 23:29:23 GMT
etag: W/"654e18fe-ce62"
expires: Fri, 02 Feb 2024 23:29:22 GMT
last-modified: Fri, 10 Nov 2023 11:50:22 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 r.html Show response
bimg.abv.bg/a/ Frame B584 52 KB
16 KB 248ms
151ms Document
text/html 84.238.194.241
BTC-SEC-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://bimg.abv.bg/a/r.html?p=11

Requested by

Host: www.abv.bg
URL: https://www.abv.bg/js/jquery.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

84.238.194.241 , Bulgaria, ASN205132 (BTC-SEC-AS, BG),

Reverse DNS

bimg.abv.bg

Software

nginx /

Resource Hash

33bd24b7fa3f836621f5c9891bd0734668171624d559fa66d8f726481ae357be

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.abv.bg/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
cache-control: no-cache
content-encoding: gzip
content-type: text/html
date: Fri, 02 Feb 2024 23:29:23 GMT
etag: W/"654e18fe-ce62"
expires: Fri, 02 Feb 2024 23:29:22 GMT
last-modified: Fri, 10 Nov 2023 11:50:22 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 r.html Show response
bimg.abv.bg/a/ Frame 5962 52 KB
16 KB 249ms
152ms Document
text/html 84.238.194.241
BTC-SEC-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://bimg.abv.bg/a/r.html?p=112

Requested by

Host: www.abv.bg
URL: https://www.abv.bg/js/jquery.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

84.238.194.241 , Bulgaria, ASN205132 (BTC-SEC-AS, BG),

Reverse DNS

bimg.abv.bg

Software

nginx /

Resource Hash

33bd24b7fa3f836621f5c9891bd0734668171624d559fa66d8f726481ae357be

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.abv.bg/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
cache-control: no-cache
content-encoding: gzip
content-type: text/html
date: Fri, 02 Feb 2024 23:29:23 GMT
etag: W/"654e18fe-ce62"
expires: Fri, 02 Feb 2024 23:29:22 GMT
last-modified: Fri, 10 Nov 2023 11:50:22 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 n63a7d5cd8638aefcf1e9a39c982f7840.jpg
img.abv.bg/home/ 5 KB
5 KB 46ms
44ms Image
image/jpeg 194.153.145.104
NETINFO 12 Emil B...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.abv.bg/home/n63a7d5cd8638aefcf1e9a39c982f7840.jpg
Requested by: Host: www.abv.bg
URL: https://www.abv.bg/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 194.153.145.104 , Bulgaria, ASN13147 (NETINFO 12 Emil Bersinski Str, BG),
Reverse DNS: abv.bg
Software: nginx /
Resource Hash: f2aa795c5d1d0e7044da1a6e8f9355228da1cfc90ceeaf3a8306535ce61713a9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.abv.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 23:29:23 GMT
last-modified: Fri, 02 Feb 2024 21:43:47 GMT
server: nginx
etag: "65bd6213-14b5"
content-type: image/jpeg
cache-control: max-age=604800
accept-ranges: bytes
content-length: 5301
expires: Fri, 09 Feb 2024 23:29:23 GMT

GET
H2 200 n1341d9e9d45eed31a4ddacd62f079677.jpg
img.abv.bg/home/ 6 KB
6 KB 47ms
44ms Image
image/jpeg 194.153.145.104
NETINFO 12 Emil B...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.abv.bg/home/n1341d9e9d45eed31a4ddacd62f079677.jpg
Requested by: Host: www.abv.bg
URL: https://www.abv.bg/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 194.153.145.104 , Bulgaria, ASN13147 (NETINFO 12 Emil Bersinski Str, BG),
Reverse DNS: abv.bg
Software: nginx /
Resource Hash: d52e42dc09316f5470b72b1dc231a802ff2a8bb2a7a7219196c8e048c62603c6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.abv.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 23:29:23 GMT
last-modified: Fri, 02 Feb 2024 21:43:47 GMT
server: nginx
etag: "65bd6213-18c1"
content-type: image/jpeg
cache-control: max-age=604800
accept-ranges: bytes
content-length: 6337
expires: Fri, 09 Feb 2024 23:29:23 GMT

GET
H2 200 n37ceab1635fde5ebaafb685d72c1c43e.jpg
img.abv.bg/home/ 7 KB
7 KB 47ms
45ms Image
image/jpeg 194.153.145.104
NETINFO 12 Emil B...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.abv.bg/home/n37ceab1635fde5ebaafb685d72c1c43e.jpg
Requested by: Host: www.abv.bg
URL: https://www.abv.bg/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 194.153.145.104 , Bulgaria, ASN13147 (NETINFO 12 Emil Bersinski Str, BG),
Reverse DNS: abv.bg
Software: nginx /
Resource Hash: d52ae375f84984c7870583ffa3ce8ec32a180c55fc498d8fd8f69d6d2e9b0405

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.abv.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 23:29:23 GMT
last-modified: Fri, 02 Feb 2024 21:43:47 GMT
server: nginx
etag: "65bd6213-1afa"
content-type: image/jpeg
cache-control: max-age=604800
accept-ranges: bytes
content-length: 6906
expires: Fri, 09 Feb 2024 23:29:23 GMT

GET
H2 200 ne1d7908868536e31963521778bc12c6c.jpg
img.abv.bg/home/ 6 KB
7 KB 48ms
45ms Image
image/jpeg 194.153.145.104
NETINFO 12 Emil B...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.abv.bg/home/ne1d7908868536e31963521778bc12c6c.jpg
Requested by: Host: www.abv.bg
URL: https://www.abv.bg/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 194.153.145.104 , Bulgaria, ASN13147 (NETINFO 12 Emil Bersinski Str, BG),
Reverse DNS: abv.bg
Software: nginx /
Resource Hash: 1576b32be2f1b8db625ed80898082b5c425cc4d750f0fb850a3ec3f724a0741c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.abv.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 23:29:23 GMT
last-modified: Fri, 02 Feb 2024 21:43:48 GMT
server: nginx
etag: "65bd6214-1994"
content-type: image/jpeg
cache-control: max-age=604800
accept-ranges: bytes
content-length: 6548
expires: Fri, 09 Feb 2024 23:29:23 GMT

GET
H2 200 ve6567b8b8d9f3261fda4421af33491698.jpg
img.abv.bg/home/ 10 KB
10 KB 48ms
46ms Image
image/jpeg 194.153.145.104
NETINFO 12 Emil B...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.abv.bg/home/ve6567b8b8d9f3261fda4421af33491698.jpg
Requested by: Host: www.abv.bg
URL: https://www.abv.bg/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 194.153.145.104 , Bulgaria, ASN13147 (NETINFO 12 Emil Bersinski Str, BG),
Reverse DNS: abv.bg
Software: nginx /
Resource Hash: 9e607953d68a18e2620c706051f4e73b9fe1d7ee7c6a24adab56d0a6b37a17bc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.abv.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 23:29:23 GMT
last-modified: Fri, 02 Feb 2024 21:55:41 GMT
server: nginx
etag: "65bd64dd-2848"
content-type: image/jpeg
cache-control: max-age=604800
accept-ranges: bytes
content-length: 10312
expires: Fri, 09 Feb 2024 23:29:23 GMT

GET
H2 200 g24edcc4ff9f50ef533260d7ee99c9cb3.jpg
img.abv.bg/home/ 8 KB
8 KB 47ms
47ms Image
image/jpeg 194.153.145.104
NETINFO 12 Emil B...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.abv.bg/home/g24edcc4ff9f50ef533260d7ee99c9cb3.jpg
Requested by: Host: www.abv.bg
URL: https://www.abv.bg/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 194.153.145.104 , Bulgaria, ASN13147 (NETINFO 12 Emil Bersinski Str, BG),
Reverse DNS: abv.bg
Software: nginx /
Resource Hash: a0f1e9d61dfa9dcddec8a560e3c4e8f6fe9cc28a56f04242d450e4087f4d3628

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.abv.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 23:29:23 GMT
last-modified: Fri, 02 Feb 2024 23:26:55 GMT
server: nginx
etag: "65bd7a3f-1ec7"
content-type: image/jpeg
cache-control: max-age=604800
accept-ranges: bytes
content-length: 7879
expires: Fri, 09 Feb 2024 23:29:23 GMT

GET
H2 200 n000.png
img.abv.bg/n/i/wh/sinoptikpng/ 12 KB
13 KB 47ms
47ms Image
image/png 194.153.145.104
NETINFO 12 Emil B...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.abv.bg/n/i/wh/sinoptikpng/n000.png
Requested by: Host: www.abv.bg
URL: https://www.abv.bg/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 194.153.145.104 , Bulgaria, ASN13147 (NETINFO 12 Emil Bersinski Str, BG),
Reverse DNS: abv.bg
Software: nginx /
Resource Hash: 25c64fcb450e450c49acaa2175a3df2e9f48939d4cd9696e3ff8c0a6f8455502

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.abv.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 23:29:23 GMT
last-modified: Mon, 24 Oct 2011 08:06:55 GMT
server: nginx
etag: "4ea51c9f-3171"
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 12657
expires: Fri, 09 Feb 2024 23:29:23 GMT

GET
H2 200 d200.png
m.netinfo.bg/sinoptik/icons/small/ 4 KB
4 KB 286ms
46ms Image
image/png 84.238.193.153
BTC-SEC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://m.netinfo.bg/sinoptik/icons/small/d200.png
Requested by: Host: www.abv.bg
URL: https://www.abv.bg/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 84.238.193.153 , Bulgaria, ASN205132 (BTC-SEC-AS, BG),
Reverse DNS: m.netinfo.bg
Software: nginx /
Resource Hash: 8aff15171a8b4ec0d859310e87cf2df9434e6f6540f1414a7605bc4e3cf264a0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.abv.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 23:29:24 GMT
last-modified: Wed, 06 Dec 2017 13:56:22 GMT
server: nginx
etag: "5a27f706-f4f"
content-type: image/png
cache-control: max-age=7776000
accept-ranges: bytes
content-length: 3919
expires: Thu, 02 May 2024 23:29:24 GMT

GET
H2 200 d300.png
m.netinfo.bg/sinoptik/icons/small/ 3 KB
3 KB 286ms
47ms Image
image/png 84.238.193.153
BTC-SEC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://m.netinfo.bg/sinoptik/icons/small/d300.png
Requested by: Host: www.abv.bg
URL: https://www.abv.bg/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 84.238.193.153 , Bulgaria, ASN205132 (BTC-SEC-AS, BG),
Reverse DNS: m.netinfo.bg
Software: nginx /
Resource Hash: 0b1d1923acbb8b348e4a9f7aa29fdde2b58fb2ce39312c77c009abb1f6ba3d7f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.abv.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 23:29:24 GMT
last-modified: Wed, 06 Dec 2017 13:56:22 GMT
server: nginx
etag: "5a27f706-baa"
content-type: image/png
cache-control: max-age=7776000
accept-ranges: bytes
content-length: 2986
expires: Thu, 02 May 2024 23:29:24 GMT

GET
H2 200 xgemius.js Show response
gabg.hit.gemius.pl/ Frame 2866 68 KB
19 KB 196ms
47ms Script
application/x-javascript 78.128.6.44
TELEPOINT

General

Check archive.org

Show headers Download Go to

Full URL: https://gabg.hit.gemius.pl/xgemius.js
Requested by: Host: img.abv.bg
URL: https://img.abv.bg/e/s/counters.html?v=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 78.128.6.44 , Bulgaria, ASN31083 (TELEPOINT, BG),
Reverse DNS: ip-6-44.telehouse.bg
Software: GHC /
Resource Hash: 91efa3ec9b68793d9d8114ec0dde9359391dc8f4789c9d80ca80c44950937df6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://img.abv.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 23:29:24 GMT
content-encoding: gzip
last-modified: Fri, 15 Dec 2023 12:14:58 GMT
server: GHC
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
vary: Accept-Encoding,Origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
content-type: application/x-javascript
cache-control: max-age=43200
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-length: 19528
expires: Sat, 03 Feb 2024 11:29:24 GMT

GET
H2 200 abv-r.html Show response
rimg.abv.bg/gm/z/ Frame 7F03 50 KB
16 KB 118ms
46ms Document
text/html 194.153.145.104
NETINFO 12 Emil B...

General

Check archive.org

Show headers Download Go to

Full URL: https://rimg.abv.bg/gm/z/abv-r.html?pos=index&act=home&time=1706916564140
Requested by: Host: bimg.abv.bg
URL: https://bimg.abv.bg/a/r.html?p=10&dom=www.abv.bg&cb=1706916563854
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 194.153.145.104 , Bulgaria, ASN13147 (NETINFO 12 Emil Bersinski Str, BG),
Reverse DNS: abv.bg
Software: nginx /
Resource Hash: 261155e87501a2929307a51614849feb31d5a5291249cb00ddb24b37a0ba21fd

Request headers

Referer: https://bimg.abv.bg/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html
date: Fri, 02 Feb 2024 23:29:24 GMT
etag: W/"65bb559d-c7c2"
last-modified: Thu, 01 Feb 2024 08:26:05 GMT
server: nginx
vary: Accept-Encoding

GET
H2 200 lg.php
a.abv.bg/www/delivery/ Frame 5351 43 B
341 B 152ms
72ms Image
image/gif 84.238.194.241
BTC-SEC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://a.abv.bg/www/delivery/lg.php?bannerid=177794&campaignid=5246&zoneid=63&tid=1706916564139

Requested by

Host: www.abv.bg
URL: https://www.abv.bg/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

84.238.194.241 , Bulgaria, ASN205132 (BTC-SEC-AS, BG),

Reverse DNS

bimg.abv.bg

Software

nginx /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bimg.abv.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Feb 2024 23:29:24 GMT
server: nginx
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: *
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
x-xss-protection: 1; mode=block
expires: 0

GET
H2 200 home_rich.html Show response
rimg.abv.bg/gm/z/ Frame 58C0 10 KB
3 KB 105ms
57ms Document
text/html 194.153.145.104
NETINFO 12 Emil B...

General

Check archive.org

Show headers Download Go to

Full URL: https://rimg.abv.bg/gm/z/home_rich.html?pos=rich&act=home&time=1706916564166
Requested by: Host: bimg.abv.bg
URL: https://bimg.abv.bg/a/r.html?p=122
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 194.153.145.104 , Bulgaria, ASN13147 (NETINFO 12 Emil Bersinski Str, BG),
Reverse DNS: abv.bg
Software: nginx /
Resource Hash: 4f13bea2ee58769f2deef4e0ee11616840baaddb5159423dfee389d7e0be5488

Request headers

Referer: https://bimg.abv.bg/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html
date: Fri, 02 Feb 2024 23:29:24 GMT
etag: W/"650027af-2959"
last-modified: Tue, 12 Sep 2023 08:56:15 GMT
server: nginx
vary: Accept-Encoding

GET
H2 200 lg.php
a.abv.bg/www/delivery/ Frame 4C6F 43 B
341 B 130ms
75ms Image
image/gif 84.238.194.241
BTC-SEC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://a.abv.bg/www/delivery/lg.php?bannerid=177794&campaignid=5246&zoneid=63&tid=1706916564165

Requested by

Host: www.abv.bg
URL: https://www.abv.bg/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

84.238.194.241 , Bulgaria, ASN205132 (BTC-SEC-AS, BG),

Reverse DNS

bimg.abv.bg

Software

nginx /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bimg.abv.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Feb 2024 23:29:24 GMT
server: nginx
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: *
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
x-xss-protection: 1; mode=block
expires: 0

GET
H2 200 abv-r.html Show response
rimg.abv.bg/gm/z/ Frame 3DF4 50 KB
16 KB 75ms
48ms Document
text/html 194.153.145.104
NETINFO 12 Emil B...

General

Check archive.org

Show headers Download Go to

Full URL: https://rimg.abv.bg/gm/z/abv-r.html?pos=native&act=home&time=1706916564188
Requested by: Host: bimg.abv.bg
URL: https://bimg.abv.bg/a/r.html?p=11
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 194.153.145.104 , Bulgaria, ASN13147 (NETINFO 12 Emil Bersinski Str, BG),
Reverse DNS: abv.bg
Software: nginx /
Resource Hash: 261155e87501a2929307a51614849feb31d5a5291249cb00ddb24b37a0ba21fd

Request headers

Referer: https://bimg.abv.bg/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html
date: Fri, 02 Feb 2024 23:29:24 GMT
etag: W/"65bb559d-c7c2"
last-modified: Thu, 01 Feb 2024 08:26:05 GMT
server: nginx
vary: Accept-Encoding

GET
H2 200 lg.php
a.abv.bg/www/delivery/ Frame B584 43 B
342 B 119ms
86ms Image
image/gif 84.238.194.241
BTC-SEC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://a.abv.bg/www/delivery/lg.php?bannerid=177794&campaignid=5246&zoneid=63&tid=1706916564187

Requested by

Host: www.abv.bg
URL: https://www.abv.bg/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

84.238.194.241 , Bulgaria, ASN205132 (BTC-SEC-AS, BG),

Reverse DNS

bimg.abv.bg

Software

nginx /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bimg.abv.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Feb 2024 23:29:24 GMT
server: nginx
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: *
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
x-xss-protection: 1; mode=block
expires: 0

GET
H2 200 fpdata.js Show response
gabg.hit.gemius.pl/ Frame 2866 275 B
390 B 44ms
44ms Script
application/x-javascript 78.128.6.44
TELEPOINT

General

Check archive.org

Show headers Download Go to

Full URL: https://gabg.hit.gemius.pl/fpdata.js?href=img.abv.bg
Requested by: Host: gabg.hit.gemius.pl
URL: https://gabg.hit.gemius.pl/xgemius.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 78.128.6.44 , Bulgaria, ASN31083 (TELEPOINT, BG),
Reverse DNS: ip-6-44.telehouse.bg
Software: GHC /
Resource Hash: 803dc25c206420b0781f530c4b533eb59ac0a5e721f829c399ada82cbf0dd367

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://img.abv.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 23:29:24 GMT
last-modified: Mon, 16 Jul 2012 10:03:40 GMT
server: GHC
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
etag: PRIVATE7520710249
p3p: CP="NOI DSP COR NID PSAo OUR IND"
content-type: application/x-javascript
cache-control: private, max-age=2592000
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-length: 275
expires: Sun, 03 Mar 2024 23:29:24 GMT

GET
H2 200 lsget.html Show response
ls.hit.gemius.pl/ Frame 68E3 5 KB
3 KB 162ms
34ms Document
text/html 146.59.30.100
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://ls.hit.gemius.pl/lsget.html
Requested by: Host: gabg.hit.gemius.pl
URL: https://gabg.hit.gemius.pl/xgemius.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 146.59.30.100 , Poland, ASN16276 (OVH, FR),
Reverse DNS: ip100.ip-146-59-30.eu
Software: GHC /
Resource Hash: 9ddcbbf0db592955aab01d89fce48b3e29abbdb279ea5b1b0022a01947c6f4af

Request headers

Referer: https://img.abv.bg/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
accept-ranges: none
cache-control: private, max-age=2592000
content-encoding: gzip
content-length: 2718
content-type: text/html;charset=utf-8
cross-origin-resource-policy: cross-origin
date: Fri, 02 Feb 2024 23:29:24 GMT
etag: PRIVATE7520710249
expires: Sun, 03 Mar 2024 23:29:24 GMT
last-modified: Mon, 16 Jul 2012 10:03:40 GMT
p3p: CP="NOI DSP COR NID PSAo OUR IND"
server: GHC
vary: Accept-Encoding,Origin,User-Agent

GET
H2 200 abv-r.html Show response
rimg.abv.bg/gm/z/ Frame 36B9 50 KB
16 KB 113ms
95ms Document
text/html 194.153.145.104
NETINFO 12 Emil B...

General

Check archive.org

Show headers Download Go to

Full URL: https://rimg.abv.bg/gm/z/abv-r.html?pos=gong&act=home&time=1706916564196
Requested by: Host: bimg.abv.bg
URL: https://bimg.abv.bg/a/r.html?p=112
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 194.153.145.104 , Bulgaria, ASN13147 (NETINFO 12 Emil Bersinski Str, BG),
Reverse DNS: abv.bg
Software: nginx /
Resource Hash: 261155e87501a2929307a51614849feb31d5a5291249cb00ddb24b37a0ba21fd

Request headers

Referer: https://bimg.abv.bg/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html
date: Fri, 02 Feb 2024 23:29:24 GMT
etag: W/"65bb559d-c7c2"
last-modified: Thu, 01 Feb 2024 08:26:05 GMT
server: nginx
vary: Accept-Encoding

GET
H2 200 lg.php
a.abv.bg/www/delivery/ Frame 5962 43 B
342 B 109ms
83ms Image
image/gif 84.238.194.241
BTC-SEC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://a.abv.bg/www/delivery/lg.php?bannerid=177794&campaignid=5246&zoneid=63&tid=1706916564196

Requested by

Host: www.abv.bg
URL: https://www.abv.bg/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

84.238.194.241 , Bulgaria, ASN205132 (BTC-SEC-AS, BG),

Reverse DNS

bimg.abv.bg

Software

nginx /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bimg.abv.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Feb 2024 23:29:24 GMT
server: nginx
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: *
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
x-xss-protection: 1; mode=block
expires: 0

GET
H2 200 abv-r.html Show response
rimg.abv.bg/gm/z/ Frame 4041 50 KB
16 KB 67ms
51ms Document
text/html 194.153.145.104
NETINFO 12 Emil B...

General

Check archive.org

Show headers Download Go to

Full URL: https://rimg.abv.bg/gm/z/abv-r.html?pos=hidden&act=home&time=1706916564199
Requested by: Host: bimg.abv.bg
URL: https://bimg.abv.bg/a/r.html?p=12
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 194.153.145.104 , Bulgaria, ASN13147 (NETINFO 12 Emil Bersinski Str, BG),
Reverse DNS: abv.bg
Software: nginx /
Resource Hash: 261155e87501a2929307a51614849feb31d5a5291249cb00ddb24b37a0ba21fd

Request headers

Referer: https://bimg.abv.bg/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html
date: Fri, 02 Feb 2024 23:29:24 GMT
etag: W/"65bb559d-c7c2"
last-modified: Thu, 01 Feb 2024 08:26:05 GMT
server: nginx
vary: Accept-Encoding

GET
H2 200 lg.php
a.abv.bg/www/delivery/ Frame AFB0 43 B
342 B 94ms
71ms Image
image/gif 84.238.194.241
BTC-SEC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://a.abv.bg/www/delivery/lg.php?bannerid=177794&campaignid=5246&zoneid=63&tid=1706916564198

Requested by

Host: www.abv.bg
URL: https://www.abv.bg/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

84.238.194.241 , Bulgaria, ASN205132 (BTC-SEC-AS, BG),

Reverse DNS

bimg.abv.bg

Software

nginx /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bimg.abv.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Feb 2024 23:29:24 GMT
server: nginx
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: *
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
x-xss-protection: 1; mode=block
expires: 0

GET
H2 200 z_codes.js Show response
img.abv.bg/gm/z/ Frame 7F03 12 KB
5 KB 83ms
38ms Script
application/javascript 194.153.145.104
NETINFO 12 Emil B...

General

Check archive.org

Show headers Download Go to

Full URL: https://img.abv.bg/gm/z/z_codes.js?v=1.4.1
Requested by: Host: rimg.abv.bg
URL: https://rimg.abv.bg/gm/z/abv-r.html?pos=index&act=home&time=1706916564140
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 194.153.145.104 , Bulgaria, ASN13147 (NETINFO 12 Emil Bersinski Str, BG),
Reverse DNS: abv.bg
Software: nginx /
Resource Hash: e08e42fe80954eb5a68e69acecbea9755917507ec80f2c73a2f47cea4e327f26

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rimg.abv.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 23:29:24 GMT
content-encoding: gzip
last-modified: Fri, 19 Jan 2024 11:29:58 GMT
server: nginx
etag: W/"65aa5d36-31e6"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
expires: Fri, 09 Feb 2024 23:29:24 GMT

GET
H2 200 lib.min.js Show response
lib.wtg-ads.com/ Frame 7F03 104 KB
26 KB 123ms
27ms Script
application/javascript 2606:4700:20::681a:f0a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://lib.wtg-ads.com/lib.min.js?v=1.7

Requested by

Host: rimg.abv.bg
URL: https://rimg.abv.bg/gm/z/abv-r.html?pos=index&act=home&time=1706916564140

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:f0a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4f4d7bb85250d85ecb70b6b5a7ec31ad662712f66910251a2563e04c2b814279

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rimg.abv.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 23:29:24 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 140591
x-visitor-country: DE
last-modified: Thu, 21 Dec 2023 05:55:43 GMT
server: cloudflare
etag: W/"6583d35f-19f7b"
access-control-max-age: 1728000
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rbgEQibtexL3GYuitLs7Gk4GHe7iEsnIs5aAPScQPaA63Lixkw5qC4F00q6Z%2BB%2BGJ5D1CIVFX5%2B4pyc6KbpjjmlVyDZfLqlbSTSpVkGgYqofaav6xKAePTsJr%2F8dxk9ZUQzU7Ut0MlLF0vpEhQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=10800
access-control-allow-credentials: true
vary: Accept-Encoding
cf-ray: 84f6374f6f58bb89-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires: Thu, 01 Feb 2024 11:26:13 GMT

GET
H2 200 apstag_new.js Show response
img.abv.bg/gm/z/ Frame 7F03 449 KB
100 KB 52ms
52ms Script
application/javascript 194.153.145.104
NETINFO 12 Emil B...

General

Check archive.org

Show headers Download Go to

Full URL: https://img.abv.bg/gm/z/apstag_new.js?v=1.3
Requested by: Host: rimg.abv.bg
URL: https://rimg.abv.bg/gm/z/abv-r.html?pos=index&act=home&time=1706916564140
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 194.153.145.104 , Bulgaria, ASN13147 (NETINFO 12 Emil Bersinski Str, BG),
Reverse DNS: abv.bg
Software: nginx /
Resource Hash: 248450afda9996def331626c679c944b434621b28211762808bac1de455bdef7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rimg.abv.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 23:29:24 GMT
content-encoding: gzip
last-modified: Fri, 19 Jan 2024 11:35:50 GMT
server: nginx
etag: W/"65aa5e96-7036c"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
expires: Fri, 09 Feb 2024 23:29:24 GMT

GET
H2 200 abv-logo.svg
www.abv.bg/i/ Frame 7F03 10 KB
10 KB 84ms
41ms Image
image/svg+xml 194.153.145.104
NETINFO 12 Emil B...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.abv.bg/i/abv-logo.svg

Requested by

Host: rimg.abv.bg
URL: https://rimg.abv.bg/gm/z/abv-r.html?pos=index&act=home&time=1706916564140

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

194.153.145.104 , Bulgaria, ASN13147 (NETINFO 12 Emil Bersinski Str, BG),

Reverse DNS

abv.bg

Software

nginx /

Resource Hash

3fea5307e5bd6f3b8fb4e95dd6ecb6f4db4131c77e69a3dce1d35368f166aec9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rimg.abv.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Feb 2024 23:29:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Thu, 03 Sep 2020 11:24:37 GMT
server: nginx
etag: "5f50d275-274f"
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
cache-control: no-cache
accept-ranges: bytes
content-length: 10063

GET
H2 200 z_codes.js Show response
img.abv.bg/gm/z/ Frame 3DF4 12 KB
5 KB 75ms
40ms Script
application/javascript 194.153.145.104
NETINFO 12 Emil B...

General

Check archive.org

Show headers Download Go to

Full URL: https://img.abv.bg/gm/z/z_codes.js?v=1.4.1
Requested by: Host: rimg.abv.bg
URL: https://rimg.abv.bg/gm/z/abv-r.html?pos=native&act=home&time=1706916564188
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 194.153.145.104 , Bulgaria, ASN13147 (NETINFO 12 Emil Bersinski Str, BG),
Reverse DNS: abv.bg
Software: nginx /
Resource Hash: e08e42fe80954eb5a68e69acecbea9755917507ec80f2c73a2f47cea4e327f26

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rimg.abv.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 23:29:24 GMT
content-encoding: gzip
last-modified: Fri, 19 Jan 2024 11:29:58 GMT
server: nginx
etag: W/"65aa5d36-31e6"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
expires: Fri, 09 Feb 2024 23:29:24 GMT

GET
H2 200 lib.min.js Show response
lib.wtg-ads.com/ Frame 3DF4 104 KB
25 KB 116ms
29ms Script
application/javascript 2606:4700:20::681a:f0a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://lib.wtg-ads.com/lib.min.js?v=1.7

Requested by

Host: rimg.abv.bg
URL: https://rimg.abv.bg/gm/z/abv-r.html?pos=native&act=home&time=1706916564188

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:f0a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4f4d7bb85250d85ecb70b6b5a7ec31ad662712f66910251a2563e04c2b814279

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rimg.abv.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 23:29:24 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 140591
x-visitor-country: DE
last-modified: Thu, 21 Dec 2023 05:55:43 GMT
server: cloudflare
etag: W/"6583d35f-19f7b"
access-control-max-age: 1728000
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rczb6EgLvR4lXSNMEnpJ3Z%2FIvPhxvAHzbprTI%2BeS26h4MRqdAa0ZwVJObnTBLppPqgFBWfSDZhpUXlcybz8hzNW%2FzmA%2FiFdeoWR0o75LznrIwBvxDCnbaFMSpZTfyPQjbMqrGdquQhQCrppCzg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=10800
access-control-allow-credentials: true
vary: Accept-Encoding
cf-ray: 84f6374f6f57bb89-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires: Thu, 01 Feb 2024 11:26:13 GMT

GET
H2 200 apstag_new.js Show response
img.abv.bg/gm/z/ Frame 3DF4 449 KB
100 KB 55ms
55ms Script
application/javascript 194.153.145.104
NETINFO 12 Emil B...

General

Check archive.org

Show headers Download Go to

Full URL: https://img.abv.bg/gm/z/apstag_new.js?v=1.3
Requested by: Host: rimg.abv.bg
URL: https://rimg.abv.bg/gm/z/abv-r.html?pos=native&act=home&time=1706916564188
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 194.153.145.104 , Bulgaria, ASN13147 (NETINFO 12 Emil Bersinski Str, BG),
Reverse DNS: abv.bg
Software: nginx /
Resource Hash: 248450afda9996def331626c679c944b434621b28211762808bac1de455bdef7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rimg.abv.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 23:29:24 GMT
content-encoding: gzip
last-modified: Fri, 19 Jan 2024 11:35:50 GMT
server: nginx
etag: W/"65aa5e96-7036c"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
expires: Fri, 09 Feb 2024 23:29:24 GMT

GET
H2 200 abv-logo.svg
www.abv.bg/i/ Frame 3DF4 10 KB
10 KB 76ms
42ms Image
image/svg+xml 194.153.145.104
NETINFO 12 Emil B...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.abv.bg/i/abv-logo.svg

Requested by

Host: rimg.abv.bg
URL: https://rimg.abv.bg/gm/z/abv-r.html?pos=native&act=home&time=1706916564188

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

194.153.145.104 , Bulgaria, ASN13147 (NETINFO 12 Emil Bersinski Str, BG),

Reverse DNS

abv.bg

Software

nginx /

Resource Hash

3fea5307e5bd6f3b8fb4e95dd6ecb6f4db4131c77e69a3dce1d35368f166aec9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rimg.abv.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Feb 2024 23:29:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Thu, 03 Sep 2020 11:24:37 GMT
server: nginx
etag: "5f50d275-274f"
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
cache-control: no-cache
accept-ranges: bytes
content-length: 10063

GET
H2 200 z_codes.js Show response
img.abv.bg/gm/z/ Frame 4041 12 KB
5 KB 67ms
45ms Script
application/javascript 194.153.145.104
NETINFO 12 Emil B...

General

Check archive.org

Show headers Download Go to

Full URL: https://img.abv.bg/gm/z/z_codes.js?v=1.4.1
Requested by: Host: rimg.abv.bg
URL: https://rimg.abv.bg/gm/z/abv-r.html?pos=hidden&act=home&time=1706916564199
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 194.153.145.104 , Bulgaria, ASN13147 (NETINFO 12 Emil Bersinski Str, BG),
Reverse DNS: abv.bg
Software: nginx /
Resource Hash: e08e42fe80954eb5a68e69acecbea9755917507ec80f2c73a2f47cea4e327f26

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rimg.abv.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 23:29:24 GMT
content-encoding: gzip
last-modified: Fri, 19 Jan 2024 11:29:58 GMT
server: nginx
etag: W/"65aa5d36-31e6"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
expires: Fri, 09 Feb 2024 23:29:24 GMT

GET
H2 200 lib.min.js Show response
lib.wtg-ads.com/ Frame 4041 104 KB
25 KB 107ms
34ms Script
application/javascript 2606:4700:20::681a:f0a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://lib.wtg-ads.com/lib.min.js?v=1.7

Requested by

Host: rimg.abv.bg
URL: https://rimg.abv.bg/gm/z/abv-r.html?pos=hidden&act=home&time=1706916564199

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:f0a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4f4d7bb85250d85ecb70b6b5a7ec31ad662712f66910251a2563e04c2b814279

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rimg.abv.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 23:29:24 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 140591
x-visitor-country: DE
last-modified: Thu, 21 Dec 2023 05:55:43 GMT
server: cloudflare
etag: W/"6583d35f-19f7b"
access-control-max-age: 1728000
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FeR3JJJsIhGW2OxUvlzaUlPSEgb8pwf9CYHhy4O4AsmuIDCnwIbuGm%2BH%2Bnbihbvm2AcBFbpByz6MY6%2BEaAHxrFRpfqJMxwfmzAxu5OtfvUQ81faKbBc1NS%2FKJl9yhA8HZmQxkIXrQtUMCy7HaA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=10800
access-control-allow-credentials: true
vary: Accept-Encoding
cf-ray: 84f6374f6f56bb89-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires: Thu, 01 Feb 2024 11:26:13 GMT

GET
H2 200 apstag_new.js Show response
img.abv.bg/gm/z/ Frame 4041 449 KB
100 KB 54ms
54ms Script
application/javascript 194.153.145.104
NETINFO 12 Emil B...

General

Check archive.org

Show headers Download Go to

Full URL: https://img.abv.bg/gm/z/apstag_new.js?v=1.3
Requested by: Host: rimg.abv.bg
URL: https://rimg.abv.bg/gm/z/abv-r.html?pos=hidden&act=home&time=1706916564199
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 194.153.145.104 , Bulgaria, ASN13147 (NETINFO 12 Emil Bersinski Str, BG),
Reverse DNS: abv.bg
Software: nginx /
Resource Hash: 248450afda9996def331626c679c944b434621b28211762808bac1de455bdef7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rimg.abv.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 23:29:24 GMT
content-encoding: gzip
last-modified: Fri, 19 Jan 2024 11:35:50 GMT
server: nginx
etag: W/"65aa5e96-7036c"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
expires: Fri, 09 Feb 2024 23:29:24 GMT

GET
H2 200 abv-logo.svg
www.abv.bg/i/ Frame 4041 10 KB
10 KB 67ms
46ms Image
image/svg+xml 194.153.145.104
NETINFO 12 Emil B...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.abv.bg/i/abv-logo.svg

Requested by

Host: rimg.abv.bg
URL: https://rimg.abv.bg/gm/z/abv-r.html?pos=hidden&act=home&time=1706916564199

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

194.153.145.104 , Bulgaria, ASN13147 (NETINFO 12 Emil Bersinski Str, BG),

Reverse DNS

abv.bg

Software

nginx /

Resource Hash

3fea5307e5bd6f3b8fb4e95dd6ecb6f4db4131c77e69a3dce1d35368f166aec9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rimg.abv.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Feb 2024 23:29:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Thu, 03 Sep 2020 11:24:37 GMT
server: nginx
etag: "5f50d275-274f"
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
cache-control: no-cache
accept-ranges: bytes
content-length: 10063

GET
H2 200 main.min.css
www.abv.bg/css/ Frame 58C0 27 KB
7 KB 51ms
41ms Stylesheet
text/css 194.153.145.104
NETINFO 12 Emil B...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.abv.bg/css/main.min.css?v=11

Requested by

Host: rimg.abv.bg
URL: https://rimg.abv.bg/gm/z/home_rich.html?pos=rich&act=home&time=1706916564166

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

194.153.145.104 , Bulgaria, ASN13147 (NETINFO 12 Emil Bersinski Str, BG),

Reverse DNS

abv.bg

Software

nginx /

Resource Hash

ac48e308a1e61943f695a2768599fc91e20c47373a2c33a0f6e6d16c2d88ace1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rimg.abv.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Feb 2024 23:29:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
last-modified: Mon, 15 Jan 2024 14:17:07 GMT
server: nginx
etag: W/"65a53e63-6cdc"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: no-cache

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame 58C0 98 KB
29 KB 126ms
67ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: rimg.abv.bg
URL: https://rimg.abv.bg/gm/z/home_rich.html?pos=rich&act=home&time=1706916564166

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

475d49b739b1bec54bfe91ffd3c5860571f994bf02eea5f44a8b4a073297b806

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rimg.abv.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 23:29:24 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29549
x-xss-protection: 0
server: cafe
etag: 305 / 19755 / 31080792 / config-hash: 8558731290873694684
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 02 Feb 2024 23:29:24 GMT

GET
H2 200 z_codes.js Show response
img.abv.bg/gm/z/ Frame 36B9 12 KB
5 KB 47ms
46ms Script
application/javascript 194.153.145.104
NETINFO 12 Emil B...

General

Check archive.org

Show headers Download Go to

Full URL: https://img.abv.bg/gm/z/z_codes.js?v=1.4.1
Requested by: Host: rimg.abv.bg
URL: https://rimg.abv.bg/gm/z/abv-r.html?pos=gong&act=home&time=1706916564196
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 194.153.145.104 , Bulgaria, ASN13147 (NETINFO 12 Emil Bersinski Str, BG),
Reverse DNS: abv.bg
Software: nginx /
Resource Hash: e08e42fe80954eb5a68e69acecbea9755917507ec80f2c73a2f47cea4e327f26

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rimg.abv.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 23:29:24 GMT
content-encoding: gzip
last-modified: Fri, 19 Jan 2024 11:29:58 GMT
server: nginx
etag: W/"65aa5d36-31e6"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
expires: Fri, 09 Feb 2024 23:29:24 GMT

GET
H2 200 lib.min.js Show response
lib.wtg-ads.com/ Frame 36B9 104 KB
25 KB 33ms
32ms Script
application/javascript 2606:4700:20::681a:f0a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://lib.wtg-ads.com/lib.min.js?v=1.7

Requested by

Host: rimg.abv.bg
URL: https://rimg.abv.bg/gm/z/abv-r.html?pos=gong&act=home&time=1706916564196

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:f0a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4f4d7bb85250d85ecb70b6b5a7ec31ad662712f66910251a2563e04c2b814279

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rimg.abv.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 23:29:24 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 140591
x-visitor-country: DE
last-modified: Thu, 21 Dec 2023 05:55:43 GMT
server: cloudflare
etag: W/"6583d35f-19f7b"
access-control-max-age: 1728000
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UMrUyYzbYISdLlQ%2BJJ1bS1Di92OzK6fgqWjjGUiiqk4oJWV7netRMqt2KbQlj24%2BqB4yFN1Ki2LAOZhNjSmOlOWu2p4JHSLfHF7UC9mLfuLA0gwz%2BhiEPp7M%2F1oOOz2CEjf%2Bk0J6wyORiAREUA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=10800
access-control-allow-credentials: true
vary: Accept-Encoding
cf-ray: 84f6374f7f65bb89-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires: Thu, 01 Feb 2024 11:26:13 GMT

GET
H2 200 apstag_new.js Show response
img.abv.bg/gm/z/ Frame 36B9 449 KB
100 KB 55ms
50ms Script
application/javascript 194.153.145.104
NETINFO 12 Emil B...

General

Check archive.org

Show headers Download Go to

Full URL: https://img.abv.bg/gm/z/apstag_new.js?v=1.3
Requested by: Host: rimg.abv.bg
URL: https://rimg.abv.bg/gm/z/abv-r.html?pos=gong&act=home&time=1706916564196
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 194.153.145.104 , Bulgaria, ASN13147 (NETINFO 12 Emil Bersinski Str, BG),
Reverse DNS: abv.bg
Software: nginx /
Resource Hash: 248450afda9996def331626c679c944b434621b28211762808bac1de455bdef7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rimg.abv.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 23:29:24 GMT
content-encoding: gzip
last-modified: Fri, 19 Jan 2024 11:35:50 GMT
server: nginx
etag: W/"65aa5e96-7036c"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
expires: Fri, 09 Feb 2024 23:29:24 GMT

GET
H2 200 abv-logo.svg
www.abv.bg/i/ Frame 36B9 10 KB
10 KB 47ms
46ms Image
image/svg+xml 194.153.145.104
NETINFO 12 Emil B...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.abv.bg/i/abv-logo.svg

Requested by

Host: rimg.abv.bg
URL: https://rimg.abv.bg/gm/z/abv-r.html?pos=gong&act=home&time=1706916564196

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

194.153.145.104 , Bulgaria, ASN13147 (NETINFO 12 Emil Bersinski Str, BG),

Reverse DNS

abv.bg

Software

nginx /

Resource Hash

3fea5307e5bd6f3b8fb4e95dd6ecb6f4db4131c77e69a3dce1d35368f166aec9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rimg.abv.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Feb 2024 23:29:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Thu, 03 Sep 2020 11:24:37 GMT
server: nginx
etag: "5f50d275-274f"
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
cache-control: no-cache
accept-ranges: bytes
content-length: 10063

GET
H2 200 standard.publisher.config.min.js Show response
lib.wtg-ads.com/publisher/img.abv.bg/ Frame 7F03 133 KB
10 KB 45ms
40ms Script
application/javascript 2606:4700:20::681a:f0a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://lib.wtg-ads.com/publisher/img.abv.bg/standard.publisher.config.min.js

Requested by

Host: lib.wtg-ads.com
URL: https://lib.wtg-ads.com/lib.min.js?v=1.7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:f0a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d96fe1cf512970f6a8507b5fa58b95168ff7c1d03a2418b8ed32f9a1e9c49c93

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rimg.abv.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 23:29:24 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 141285
x-visitor-country: DE
last-modified: Thu, 01 Feb 2024 08:14:37 GMT
server: cloudflare
etag: W/"65bb52ed-21458"
access-control-max-age: 1728000
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b0GjwFoWi%2FpZP%2FDWByCIMuempB34cJ9fPfwCr0gf1yyvDgpiGLfELwKfnjejbOONdU2CxFR8wii6IIaZNc%2Bu0Lnjd2Zq97uuYNZVEd2KOiPbGz62XGObZ%2FePc9uj7qCqep%2BJx2v46b%2BlNjjgKA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=10800
access-control-allow-credentials: true
vary: Accept-Encoding
cf-ray: 84f637501fc1bb89-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires: Thu, 01 Feb 2024 11:14:39 GMT

GET
H2 200 standard.publisher.config.min.js Show response
lib.wtg-ads.com/publisher/img.abv.bg/ Frame 3DF4 133 KB
10 KB 29ms
27ms Script
application/javascript 2606:4700:20::681a:f0a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://lib.wtg-ads.com/publisher/img.abv.bg/standard.publisher.config.min.js

Requested by

Host: lib.wtg-ads.com
URL: https://lib.wtg-ads.com/lib.min.js?v=1.7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:f0a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d96fe1cf512970f6a8507b5fa58b95168ff7c1d03a2418b8ed32f9a1e9c49c93

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rimg.abv.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 23:29:24 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 141285
x-visitor-country: DE
last-modified: Thu, 01 Feb 2024 08:14:37 GMT
server: cloudflare
etag: W/"65bb52ed-21458"
access-control-max-age: 1728000
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JpyydmlyTMktH%2BbZF6LTNvAZBSHJ1wGxoIVmceh4JhZmwJCesrFXcCRFVbs%2Bo6zhaEVxcfV7BSjMEEeRg2ujKE4cmWTpZEjZYlvRVVeLj684Tz0DvyktVm9Gmp7QW0%2BKZBQfGEoVvWFbx01jVg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=10800
access-control-allow-credentials: true
vary: Accept-Encoding
cf-ray: 84f637501fc2bb89-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires: Thu, 01 Feb 2024 11:14:39 GMT

GET
H2 200 standard.publisher.config.min.js Show response
lib.wtg-ads.com/publisher/img.abv.bg/ Frame 4041 133 KB
10 KB 32ms
30ms Script
application/javascript 2606:4700:20::681a:f0a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://lib.wtg-ads.com/publisher/img.abv.bg/standard.publisher.config.min.js

Requested by

Host: lib.wtg-ads.com
URL: https://lib.wtg-ads.com/lib.min.js?v=1.7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:f0a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d96fe1cf512970f6a8507b5fa58b95168ff7c1d03a2418b8ed32f9a1e9c49c93

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rimg.abv.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 23:29:24 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 141285
x-visitor-country: DE
last-modified: Thu, 01 Feb 2024 08:14:37 GMT
server: cloudflare
etag: W/"65bb52ed-21458"
access-control-max-age: 1728000
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YkmKgRiY%2F5bBjvJVNDExYK5PckcBm1HcdSyk2GBk9TejWdUEJR2gLytQ6b6bEEdnYe4tY3Iir83YTtt3V33ZbhYTXUIoWcFqtB5pXKpOKC1PlUa65LtEWW7nZxI2Ci4iLPK3YfDZKbawkgBNDQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=10800
access-control-allow-credentials: true
vary: Accept-Encoding
cf-ray: 84f637501fc3bb89-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires: Thu, 01 Feb 2024 11:14:39 GMT

GET
H2 200 standard.publisher.config.min.js Show response
lib.wtg-ads.com/publisher/img.abv.bg/ Frame 36B9 133 KB
10 KB 28ms
28ms Script
application/javascript 2606:4700:20::681a:f0a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://lib.wtg-ads.com/publisher/img.abv.bg/standard.publisher.config.min.js

Requested by

Host: lib.wtg-ads.com
URL: https://lib.wtg-ads.com/lib.min.js?v=1.7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:f0a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d96fe1cf512970f6a8507b5fa58b95168ff7c1d03a2418b8ed32f9a1e9c49c93

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rimg.abv.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 23:29:24 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 141285
x-visitor-country: DE
last-modified: Thu, 01 Feb 2024 08:14:37 GMT
server: cloudflare
etag: W/"65bb52ed-21458"
access-control-max-age: 1728000
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YPIL5kPeUB78ol%2FyU2qpm20RSXT6ngZtTJ5%2Bq1UY9W7e7zngln2Nzm5%2BEJ7jPI4wY3UVn7Mwh6H1Fo5mbeaJgb2VFNmFbEMNx91HjOcKMnvDVE7g%2BuseCUcNiQ8P5u8JG2FNu%2FcFSzbIxHtltQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=10800
access-control-allow-credentials: true
vary: Accept-Encoding
cf-ray: 84f637501fcabb89-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires: Thu, 01 Feb 2024 11:14:39 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401290201/ Frame 58C0 435 KB
137 KB 102ms
23ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401290201/pubads_impl.js?cb=31080792

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4b7da2057c3a37a4c49b313a989f78fbc91ba50ba03725afcde21477b56d3378

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rimg.abv.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 15:37:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 28314
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 139509
x-xss-protection: 0
server: cafe
etag: 15006055029041311047
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sat, 01 Feb 2025 15:37:30 GMT

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame 7F03 6 KB
3 KB 105ms
28ms XHR
application/javascript 108.138.6.136
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: img.abv.bg
URL: https://img.abv.bg/gm/z/apstag_new.js?v=1.3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.6.136 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-6-136.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rimg.abv.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-amz-version-id: 9yABOonr2HqHtwbarUcdbIqN0f4A8Qog
content-encoding: gzip
via: 1.1 7b20af4202adb6ef25a7920ed74908dc.cloudfront.net (CloudFront)
date: Fri, 02 Feb 2024 01:51:18 GMT
x-amz-cf-pop: FRA56-P6
age: 77887
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Tue, 29 Aug 2023 08:30:37 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: McbeWOgvGD2zwbu8n-T10Qd5bJF9JcFXEydfCoGOUAcs_RVvqAyODw==

GET
H2 200 latest.json Show response
cdn.jsdelivr.net/gh/prebid/currency-file@1/ Frame 3DF4 2 KB
1 KB 81ms
30ms XHR
application/json 2606:4700::6810:5514
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20240202

Requested by

Host: lib.wtg-ads.com
URL: https://lib.wtg-ads.com/lib.min.js?v=1.7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cbcd80df687708a3eefbe3dcc30a96767d1b00e59898aadc9cb5d2436b92d78e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rimg.abv.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 23:29:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 26915
x-jsd-version: 1.0.1954
content-encoding: br
x-cache: HIT, MISS
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230103-FRA, cache-lga21966-LGA
x-jsd-version-type: version
server: cloudflare
etag: W/"63e-zKye8DGOlI++j9Gh5MFhkVbcuaw"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qON%2BYCFqGLM%2FnmiXRCgcg3J5pHtdLmx3gLe88zKCecgZ7YjUovwV1vdtJApisCvaa5NpZtopLIYUpztbcCpPR%2FC%2BsX43y2y45JpufeIsrzkjusB787cIHXe2TPWSc9aFYPQCgm8ZJeJZlju6SGo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 84f63750ada41e5b-FRA

GET
H2 200 latest.json Show response
cdn.jsdelivr.net/gh/prebid/currency-file@1/ Frame 36B9 2 KB
1 KB 58ms
33ms XHR
application/json 2606:4700::6810:5514
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20240202

Requested by

Host: lib.wtg-ads.com
URL: https://lib.wtg-ads.com/lib.min.js?v=1.7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cbcd80df687708a3eefbe3dcc30a96767d1b00e59898aadc9cb5d2436b92d78e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rimg.abv.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 23:29:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 26915
x-jsd-version: 1.0.1954
content-encoding: br
x-cache: HIT, MISS
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230103-FRA, cache-lga21966-LGA
x-jsd-version-type: version
server: cloudflare
etag: W/"63e-zKye8DGOlI++j9Gh5MFhkVbcuaw"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yvR%2FdvS3fUfuNCHnGKDt7Fg0hn8c%2FgZ5Au%2BpF3ixieULn1VIObn1ffSIWT2NNNrVGm%2BR89ZpYahLe6EMEM1Pc9fHhuZlCUo6TSEmn16gjRStmpBOiY6UDTtVIwoHT19WynpOcEVyb829YPC8tr0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 84f63750ada61e5b-FRA

GET
H2 200 latest.json Show response
cdn.jsdelivr.net/gh/prebid/currency-file@1/ Frame 4041 2 KB
1 KB 53ms
30ms XHR
application/json 2606:4700::6810:5514
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20240202

Requested by

Host: lib.wtg-ads.com
URL: https://lib.wtg-ads.com/lib.min.js?v=1.7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cbcd80df687708a3eefbe3dcc30a96767d1b00e59898aadc9cb5d2436b92d78e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rimg.abv.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 23:29:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 26915
x-jsd-version: 1.0.1954
content-encoding: br
x-cache: HIT, MISS
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230103-FRA, cache-lga21966-LGA
x-jsd-version-type: version
server: cloudflare
etag: W/"63e-zKye8DGOlI++j9Gh5MFhkVbcuaw"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6WKIS8rWYd7NkoOpqS51HJ%2FIrHt11bpZZLsY6MpmvZ6CWg28V3TwuFUQ8vDu72D4Zv9jq%2BP%2BF7N1Iv7OF%2BvKNN7NuMfnA0wVPr7SvGnZKcdwO7UMBje0b0Z80TyvaA1ykVkecdo48asQFNchw0M%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 84f63750ada81e5b-FRA

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame 3DF4 6 KB
3 KB 66ms
29ms XHR
application/javascript 108.138.6.136
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: img.abv.bg
URL: https://img.abv.bg/gm/z/apstag_new.js?v=1.3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.6.136 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-6-136.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rimg.abv.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-amz-version-id: 9yABOonr2HqHtwbarUcdbIqN0f4A8Qog
content-encoding: gzip
via: 1.1 7b20af4202adb6ef25a7920ed74908dc.cloudfront.net (CloudFront)
date: Fri, 02 Feb 2024 01:51:18 GMT
x-amz-cf-pop: FRA56-P6
age: 77887
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Tue, 29 Aug 2023 08:30:37 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: A3bt9-Yn__2FQ6fchUYaZvJ8rTIKoBBx2ymapMfFdttYJuGX4b5eww==

GET
H2 200 DFPAudiencePixel;ord=8745285455854;dc_seg=undefined;ppid=
pubads.g.doubleclick.net/activity;dc_iu=/157018629/ Frame 3DF4 42 B
542 B 139ms
56ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pubads.g.doubleclick.net/activity;dc_iu=/157018629/DFPAudiencePixel;ord=8745285455854;dc_seg=undefined;ppid=?

Requested by

Host: www.abv.bg
URL: https://www.abv.bg/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rimg.abv.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Feb 2024 23:29:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 latest.json Show response
cdn.jsdelivr.net/gh/prebid/currency-file@1/ Frame 7F03 2 KB
2 KB 47ms
29ms XHR
application/json 2606:4700::6810:5514
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20240202

Requested by

Host: lib.wtg-ads.com
URL: https://lib.wtg-ads.com/lib.min.js?v=1.7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cbcd80df687708a3eefbe3dcc30a96767d1b00e59898aadc9cb5d2436b92d78e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rimg.abv.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 23:29:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 26915
x-jsd-version: 1.0.1954
content-encoding: br
x-cache: HIT, MISS
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230103-FRA, cache-lga21966-LGA
x-jsd-version-type: version
server: cloudflare
etag: W/"63e-zKye8DGOlI++j9Gh5MFhkVbcuaw"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gzcX6G%2FAVhwXeqSie5d37kLaBCTTOSTdPEdVWii%2BaOLSHD6dusRebkoe9d4UEQSzoP45qQWyf9rFXfCYhz0m1KQCz5IwhDvHaWXkCsOW3PDb%2BcIUaZ%2FcG7Y1o8DXX2Eh66H%2F%2Bv8qGyc%2FWVwdPiI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 84f63750ada51e5b-FRA

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame 4041 6 KB
3 KB 63ms
31ms XHR
application/javascript 108.138.6.136
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: img.abv.bg
URL: https://img.abv.bg/gm/z/apstag_new.js?v=1.3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.6.136 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-6-136.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rimg.abv.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-amz-version-id: 9yABOonr2HqHtwbarUcdbIqN0f4A8Qog
content-encoding: gzip
via: 1.1 7b20af4202adb6ef25a7920ed74908dc.cloudfront.net (CloudFront)
date: Fri, 02 Feb 2024 01:51:18 GMT
x-amz-cf-pop: FRA56-P6
age: 77887
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Tue, 29 Aug 2023 08:30:37 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: OXLvJ5MJkwWFuHguGwr0ZaHrptDkisPrLPq0NGgZoLmlRMj5LBWQug==

GET
H2 200 DFPAudiencePixel;ord=6957286415016;dc_seg=undefined;ppid=
pubads.g.doubleclick.net/activity;dc_iu=/157018629/ Frame 7F03 42 B
209 B 167ms
88ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pubads.g.doubleclick.net/activity;dc_iu=/157018629/DFPAudiencePixel;ord=6957286415016;dc_seg=undefined;ppid=?

Requested by

Host: www.abv.bg
URL: https://www.abv.bg/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rimg.abv.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Feb 2024 23:29:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 DFPAudiencePixel;ord=1011360382262;dc_seg=undefined;ppid=
pubads.g.doubleclick.net/activity;dc_iu=/157018629/ Frame 4041 42 B
209 B 169ms
90ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pubads.g.doubleclick.net/activity;dc_iu=/157018629/DFPAudiencePixel;ord=1011360382262;dc_seg=undefined;ppid=?

Requested by

Host: www.abv.bg
URL: https://www.abv.bg/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rimg.abv.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Feb 2024 23:29:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame 36B9 6 KB
3 KB 59ms
30ms XHR
application/javascript 108.138.6.136
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: img.abv.bg
URL: https://img.abv.bg/gm/z/apstag_new.js?v=1.3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.6.136 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-6-136.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rimg.abv.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-amz-version-id: 9yABOonr2HqHtwbarUcdbIqN0f4A8Qog
content-encoding: gzip
via: 1.1 7b20af4202adb6ef25a7920ed74908dc.cloudfront.net (CloudFront)
date: Fri, 02 Feb 2024 01:51:18 GMT
x-amz-cf-pop: FRA56-P6
age: 77887
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Tue, 29 Aug 2023 08:30:37 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: t588zwKVQ19emlGyAcKdMdNu_l594G-2TfKfmJivG38Tl0qYQaTqew==

GET
H2 200 DFPAudiencePixel;ord=4259580120276;dc_seg=undefined;ppid=
pubads.g.doubleclick.net/activity;dc_iu=/157018629/ Frame 36B9 42 B
209 B 163ms
89ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pubads.g.doubleclick.net/activity;dc_iu=/157018629/DFPAudiencePixel;ord=4259580120276;dc_seg=undefined;ppid=?

Requested by

Host: www.abv.bg
URL: https://www.abv.bg/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rimg.abv.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Feb 2024 23:29:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 58C0 33 KB
14 KB 284ms
284ms Fetch
text/plain 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3995585039932507&correlator=1421590271912788&eid=31080155%2C31080784%2C31080792&output=ldjh&gdfp_req=1&vrg=202401290201&ptt=17&impl=fifs&iu_parts=157018629%2CAbv.bg%2CDesktop%2CHomepage%2C0x0%2CHidden2&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2F5&prev_iu_szs=956x150%7C1x1&ifi=1&sfv=1-0-40&sc=1&cookie_enabled=1&cdm=rimg.abv.bg&abxe=1&dt=1706916564693&lmt=1694508975&adxs=-12245933&adys=-12245933&biw=-12245933&bih=-12245933&scr_x=-12245933&scr_y=-12245933&ucis=incgpnokm4lt&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&nhd=2&url=https%3A%2F%2Frimg.abv.bg%2Fgm%2Fz%2Fhome_rich.html%3Fpos%3Drich%26act%3Dhome%26time%3D1706916564166&ref=https%3A%2F%2Fbimg.abv.bg%2F&top=https%3A%2F%2Fbimg.abv.bg%2F&vis=1&psz=0x0&msz=0x0&fws=260&ohw=0&ga_vid=1136767604.1706916565&ga_sid=1706916565&ga_hid=1008516755&ga_fc=false&dlt=1706916564332&idt=343&adks=2048870867&frm=8

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401290201/pubads_impl.js?cb=31080792

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cdeaa39fceb4494afd70c28a412f9ffe58c7f68f062adcc8897ef78ac6b635ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rimg.abv.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 23:29:24 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13818
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://rimg.abv.bg
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
d53e39e13c61f683f3b844fec1036e9d.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 5808 6 KB
3 KB 119ms
27ms Document
text/html 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://d53e39e13c61f683f3b844fec1036e9d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401290201/pubads_impl.js?cb=31080792

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://rimg.abv.bg/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 02 Feb 2024 23:29:24 GMT
expires: Sat, 01 Feb 2025 23:29:24 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 58C0 16 KB
12 KB 121ms
65ms XHR
application/json 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202401290201&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401290201/pubads_impl.js?cb=31080792

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

607e69a48f7b4a22974a4c094c5993f711ae7847ff40bc9f9d55f0469a3265f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rimg.abv.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 23:29:25 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12145
x-xss-protection: 0

GET
H2 200 abv_gdpr.html Show response
www.abv.bg/ Frame B1BD 11 KB
4 KB 45ms
45ms Document
text/html 194.153.145.104
NETINFO 12 Emil B...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.abv.bg/abv_gdpr.html?t=1706916563764

Requested by

Host: www.abv.bg
URL: https://www.abv.bg/js/jquery.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

194.153.145.104 , Bulgaria, ASN13147 (NETINFO 12 Emil Bersinski Str, BG),

Reverse DNS

abv.bg

Software

nginx /

Resource Hash

4c440dc2be7660b9fa1e93831042f63a50acbd6d4af229cb0091abfa63deadeb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.abv.bg/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache
content-encoding: gzip
content-type: text/html
date: Fri, 02 Feb 2024 23:29:24 GMT
etag: W/"65083f87-2c5e"
last-modified: Mon, 18 Sep 2023 12:16:07 GMT
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
x-frame-options: SAMEORIGIN

GET
H2 200 gtm.html Show response
img.abv.bg/e/s/ Frame 893D 3 KB
1 KB 45ms
45ms Document
text/html 194.153.145.104
NETINFO 12 Emil B...

General

Check archive.org

Show headers Download Go to

Full URL: https://img.abv.bg/e/s/gtm.html?t=1706916564941
Requested by: Host: www.abv.bg
URL: https://www.abv.bg/js/main.min.js?v=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 194.153.145.104 , Bulgaria, ASN13147 (NETINFO 12 Emil Bersinski Str, BG),
Reverse DNS: abv.bg
Software: nginx /
Resource Hash: e039aaaa1ae32e0e14c364db47dfa00b19b0b4a1130b66804ef4c7768b29803a

Request headers

Referer: https://www.abv.bg/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html
date: Fri, 02 Feb 2024 23:29:24 GMT
etag: W/"616d562b-a69"
last-modified: Mon, 18 Oct 2021 11:10:35 GMT
server: nginx
vary: Accept-Encoding

GET
H2 200 container.html Show response
d53e39e13c61f683f3b844fec1036e9d.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 1523 6 KB
3 KB 21ms
20ms Document
text/html 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://d53e39e13c61f683f3b844fec1036e9d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401290201/pubads_impl.js?cb=31080792

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://rimg.abv.bg/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 02 Feb 2024 23:29:24 GMT
expires: Sat, 01 Feb 2025 23:29:24 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 jquery.min.js Show response
www.abv.bg/js/ Frame B1BD 87 KB
36 KB 48ms
47ms Script
application/javascript 194.153.145.104
NETINFO 12 Emil B...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.abv.bg/js/jquery.min.js

Requested by

Host: www.abv.bg
URL: https://www.abv.bg/abv_gdpr.html?t=1706916563764

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

194.153.145.104 , Bulgaria, ASN13147 (NETINFO 12 Emil Bersinski Str, BG),

Reverse DNS

abv.bg

Software

nginx /

Resource Hash

4cf207f5a1d0e43e3fbf2b2fd34dff5103a186001d20d9b93538b76e3654e9e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.abv.bg/abv_gdpr.html?t=1706916563764
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Feb 2024 23:29:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
last-modified: Thu, 03 Sep 2020 11:24:37 GMT
server: nginx
etag: W/"5f50d275-15daf"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: no-cache

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ Frame 893D 263 KB
92 KB 83ms
34ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-P74CWJ

Requested by

Host: img.abv.bg
URL: https://img.abv.bg/e/s/gtm.html?t=1706916564941

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0a2bb369643972c1d9d2aadd0dd18b81c4d8cbfa2a140208af0de937e5df585c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://img.abv.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 23:29:25 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 93355
x-xss-protection: 0
last-modified: Fri, 02 Feb 2024 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 02 Feb 2024 23:29:25 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 2ABF 624 B
577 B 106ms
57ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj-rbvGATAB&v=APEucNXpR4bzN8ajPeYYLRybRumoBMD5nUOjJqLZeH6TykTVSBGDMdXEYlJkB73F2a7K_R0s-9lHUopKrA6ixgzr3KZ8VAMCt1OvMfqfZbnjO6PdA8CvG4vBoSGZuBhOnExXfAJUUSRgfv94BmFCB9c_Czx7Prt4_k7puFb3FaaI0fOo0dGU33ugFHuG7wFfD0mJrfDbLy4K

Requested by

Host: www.abv.bg
URL: https://www.abv.bg/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d53e39e13c61f683f3b844fec1036e9d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 02 Feb 2024 23:29:25 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 7C7A 93 KB
33 KB 106ms
59ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: www.abv.bg
URL: https://www.abv.bg/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ed0e7e64215a9663152e2d5c1c9a5ba0fe76c9f5de3dfe71bf45f0a64e977c69

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d53e39e13c61f683f3b844fec1036e9d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 23:29:25 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33320
x-xss-protection: 0
server: cafe
etag: 12501049806231860069
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Fri, 02 Feb 2024 23:29:25 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240131/r20110914/client/ Frame 7C7A 3 KB
1 KB 81ms
21ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240131/r20110914/client/window_focus_fy2021.js

Requested by

Host: www.abv.bg
URL: https://www.abv.bg/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d53e39e13c61f683f3b844fec1036e9d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 16:33:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 24950
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 16 Feb 2024 16:33:35 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240131/r20110914/client/ Frame 7C7A 20 KB
9 KB 79ms
19ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240131/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: www.abv.bg
URL: https://www.abv.bg/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0899097f526aab0c82c4332c8dd24d4041cb5fbde0638d98e883e159ecbe2a64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d53e39e13c61f683f3b844fec1036e9d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 16:33:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 24952
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8501
x-xss-protection: 0
server: cafe
etag: 9351358253902147912
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 16 Feb 2024 16:33:33 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 7C7A 0
0 72ms
25ms Image
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRGeuF1joid3JoFjFQ3-JuTbSdfkDKBDI5fz0B4-7b3wMRiJeeGcDiWG06iKcQH_3B1Vv7DC9MOkuUE7m6_Ue_ps-TqfQ
Requested by: Host: www.abv.bg
URL: https://www.abv.bg/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d53e39e13c61f683f3b844fec1036e9d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

GET
H2 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 7C7A 205 KB
62 KB 66ms
20ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: www.abv.bg
URL: https://www.abv.bg/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

84af93c376277b2fb1c7962b45ce84e1e0a31202815ceb873bd980df4378f62b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d53e39e13c61f683f3b844fec1036e9d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 22:55:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2055
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 63267
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 02 Feb 2024 23:55:10 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7C7A 42 B
173 B 100ms
54ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CMssAyf8mtIeyhxkw_GuUb52CoF6l8vOASZ8vN3_RYv_stQVuAM81_-luZHW3gbbIB5l2K035U_h862obW63i1mQbRwUPI0CAlGEupmPq_nWRt6Ic

Requested by

Host: www.abv.bg
URL: https://www.abv.bg/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d53e39e13c61f683f3b844fec1036e9d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Feb 2024 23:29:25 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 loader.js Show response
sdk.privacy-center.org/de5b4661-0ae3-4e87-9ae6-507a20953c0f/ Frame B1BD 66 KB
22 KB 95ms
25ms Script
application/javascript 2600:9000:2251:d000:5:b7cc:d3c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sdk.privacy-center.org/de5b4661-0ae3-4e87-9ae6-507a20953c0f/loader.js?target=www.abv.bg
Requested by: Host: www.abv.bg
URL: https://www.abv.bg/abv_gdpr.html?t=1706916563764
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:d000:5:b7cc:d3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 7c5f5b2dc3908344cf20286d2e81ac700c03b75528c02b156aad248b42edaa3a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.abv.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 22:44:38 GMT
content-encoding: br
x-didomi-remote-config-metadata: multiReg:true;legacyGlobalGdpr:true
via: 1.1 d63ea68c8b7458d49fe25f66ef7f0a5e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
age: 2687
x-amzn-requestid: 0cdc7b64-14b4-4cf1-afbb-1c04bc757df2
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
x-didomi-configs-version: 95
x-amzn-trace-id: root=1-65bd7056-118b73241bd6eb686b8b95be;sampled=0;lineage=eaae1266:0
etag: W/"86b5e0c3511d42f02e7b4060fc3215ba"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=7200, public
x-amz-cf-id: pmfy_2NC1Cbe_g_Xw0_fQKqbbAj-U6oKeu--FgZH3OzfUzae9iPeFg==

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 58C0 17 KB
7 KB 92ms
58ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401290201/pubads_impl.js?cb=31080792

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rimg.abv.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 23:29:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 02 Feb 2024 23:29:25 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 2ABF
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEF-0MBrjEHhMqJRft93P0fI&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEF-0MBrjEHhMqJRft93P0fI&google_cver=1&C=1

43 B
767 B

88ms
88ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEF-0MBrjEHhMqJRft93P0fI&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj-rbvGATAB&v=APEucNXpR4bzN8ajPeYYLRybRumoBMD5nUOjJqLZeH6TykTVSBGDMdXEYlJkB73F2a7K_R0s-9lHUopKrA6ixgzr3KZ8VAMCt1OvMfqfZbnjO6PdA8CvG4vBoSGZuBhOnExXfAJUUSRgfv94BmFCB9c_Czx7Prt4_k7puFb3FaaI0fOo0dGU33ugFHuG7wFfD0mJrfDbLy4K
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Feb 2024 23:29:25 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qk0MgJQox55iiq3HoERuUp6JHVyuilnAjTd7I8NR1XdrfAaR%2BY0c3r1DrX6Ygnu6pZmzSwWgh%2BqLW5zcMCoQ9HqjuKkMEuvAmMIH3xlUjjxPrSfqEIEJaHJ9LdhRFzMeMSosMNyBSU27fg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 84f637553b894480-TXL
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 02 Feb 2024 23:29:25 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2su3uRSJcZxDuhQFdgpWG3LI5SCsJYAZTd191%2BvfFQ6lF%2FLlie5TcMil3mDjpdy4RJJoIo%2B6%2FlQ6QUM%2BNp8lrFvCbzg2hFC14XrwZIjxQqFZPsZpNZEGU8Gf2aLKn1MJBbPj3a3xsIdbHQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: /rum?cm_dsp_id=45&external_user_id=CAESEF-0MBrjEHhMqJRft93P0fI&google_cver=1&C=1
cache-control: no-cache
cf-ray: 84f63754df6c44f2-TXL
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 2ABF
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Zb161dvwJ8kCROwJnePorQAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEF-0MBrjEHhMqJRft93P0fI&google_cver=1

43 B
729 B

52ms
52ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEF-0MBrjEHhMqJRft93P0fI&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj-rbvGATAB&v=APEucNXpR4bzN8ajPeYYLRybRumoBMD5nUOjJqLZeH6TykTVSBGDMdXEYlJkB73F2a7K_R0s-9lHUopKrA6ixgzr3KZ8VAMCt1OvMfqfZbnjO6PdA8CvG4vBoSGZuBhOnExXfAJUUSRgfv94BmFCB9c_Czx7Prt4_k7puFb3FaaI0fOo0dGU33ugFHuG7wFfD0mJrfDbLy4K
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Feb 2024 23:29:25 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E04gdPHhPOHmPqq46GATFnV74TNHPYfzOw2xsj1r42nIbER5%2BE5QSV0b4c8EvprxPplHSaxmpJRW8Qwv7QfatNh8EtKCylnVK35wog2YWFHHLYamsqpNW1lTbo9jfw0Icc5TnSQgGi%2FoaA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 84f637557c1e4480-TXL
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 02 Feb 2024 23:29:25 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEF-0MBrjEHhMqJRft93P0fI&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

bounce
ib.adnxs.com/ Frame 2ABF
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEAU9Eext3S309nPbdytxrb8&google_cver=1
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEAU9Eext3S309nPbdytxrb8%26google_cver%3D1

43 B
1 KB

38ms
37ms

Image
image/gif

185.89.210.212
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEAU9Eext3S309nPbdytxrb8%26google_cver%3D1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj-rbvGATAB&v=APEucNXpR4bzN8ajPeYYLRybRumoBMD5nUOjJqLZeH6TykTVSBGDMdXEYlJkB73F2a7K_R0s-9lHUopKrA6ixgzr3KZ8VAMCt1OvMfqfZbnjO6PdA8CvG4vBoSGZuBhOnExXfAJUUSRgfv94BmFCB9c_Czx7Prt4_k7puFb3FaaI0fOo0dGU33ugFHuG7wFfD0mJrfDbLy4K

Protocol

Server

185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Feb 2024 23:29:25 GMT
an-x-request-uuid: 2118435c-a480-406c-84f0-dc5766dd2c88
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 217.114.218.20; 217.114.218.20; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 02 Feb 2024 23:29:25 GMT
an-x-request-uuid: 919471a8-dfec-491c-bce1-f17699d9280f
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEAU9Eext3S309nPbdytxrb8%26google_cver%3D1
cache-control: no-store, no-cache, private
x-proxy-origin: 217.114.218.20; 217.114.218.20; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 2ABF
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mzg1Njk3ODg4ODgzNDg4MTQ3OA%3D%3D

170 B
243 B

30ms
30ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mzg1Njk3ODg4ODgzNDg4MTQ3OA%3D%3D

Requested by

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Feb 2024 23:29:25 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 02 Feb 2024 23:29:25 GMT
an-x-request-uuid: a5358d5b-b1e7-4ded-9a74-898affbd17dd
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mzg1Njk3ODg4ODgzNDg4MTQ3OA%3D%3D
x-proxy-origin: 217.114.218.20; 217.114.218.20; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7C7A 0
58 B 52ms
51ms Ping
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=9778202155126&version=m202401290101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d53e39e13c61f683f3b844fec1036e9d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Feb 2024 23:29:25 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7C7A 0
56 B 51ms
51ms Ping
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=9778202155126&version=m202401290101&ct=77&x=1&cor=3194554871877215700

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d53e39e13c61f683f3b844fec1036e9d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Feb 2024 23:29:25 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 7C7A 20 KB
14 KB 55ms
54ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A_tB8nDox7aJUrknKD6mK_aYq37jsr0CcotZbaCeD73gU-tnv_ZA0nkA1l_ggxv1PVJ3_O_jWRDVnDkrBEjlNdPPwM0R3LSql_2Ub0It4ujEWXjTRzJHZmgHcEpmt6hCncEXmiS34JMv8zzuhLCu8Ig8FF2srEH_tj2RzZzximMo9wpRc&cry=1&dbm_d=AKAmf-Aa0ed8qFLEuV83DrHRYC-oqtlzUu8I0SdT3J1qFRIhGe90o89dbFF7tPxO7n3jqZdLXmDKCXUOgBB870bG4l4h4mhNoudDFFix_YnoT3tIhoztZTOKjdnvchHK4uIi9rS1q_OB0JUJH9jSf5nhEtbQDVkblHiBOONKZsniiq-mMjQTvD7P9RisT191IZFa5v20fp_aMM8pvNzSU6_QsamxiCsc7wzOKoWPKhQqchhBwVJ7ViOVwNM7kwOhazKxT_paZWl57yYr9yK1dwMUO8zR9jh1ChC-6eSVbECku0deqSR7JNkKxe8MlaSVKEaUMQAZpPrY0cgKI4GyZ4qB9OvZeYyEVQ48H4O2lsGERMnD1uUWEGayRpzwwFvP7saTtLNhAYKGkWcZ62xB9WWX8XCX9f8oiECnVvw4rQS-Yj8e5RZdqCQSvNdwBlvUa6gSUsEyHND48pEtLmN4MaEmnZliR4NvvJkB29rHw0HjCw3ZI4cJFoHxWVZVK7ZqHzFnd2sxfHxMTg1irOYhRuInicNPc-I41agENUW5bNFZfIu-tUoz0T9fFatih1NOF3NgS-ZFyFSylj458zZCjoyyElkBOWI4bNDPVJf64dzh9LO-c0qTWJlCO8n2PY400Gm2zr4nEWlJxTwQPM0U93taYL1uvMGvRHp7xn6PPhlVdICIFOIkqHU2KIOCR_sEaatpkR0g3TO_JGa_AZWNoTytRFRisXsl7uvOECpL2hMJk-vqOEceRNtG0XF_97ABivPJp4HLfwdHo6gqH3xhxDFLhTDb90YWUC5ylhtzwxLeIFN3SaYK0YvjmgImpHFdbf0TqltT8Of5ZDw4IX8PQP7gxwaDYeVALqbAk-bJm7QpFiUlgIhDMGOLO8qhIRYb_VU85TMso0_hsSQ0dBQo7e-q8Txeq-kDcIDBeKMgJpioKDr7oE6ODWj04717h0iQvDm8CPZ3TfREWASvQart5XCOCtO9RHvGSM6adrFZjHlyCOBmK-5OQp60qw59JVqTnn_v-FWsfqSSbhRH8W7aaaHTAEXR4Q7XqLRmhl3lfhyLC2bZjc9rbLP6zk95apr2NEXkedDd2zr2OZzz-qVarfvRdIeQBKj8Fw5b1LryKHSvPZhBICouI9M5ZGpo-jL14y95_twnBY-ujRJ4AmMxm5eIXQJr4gOsQCFhCjcE3xOR3koETmj7COkPgNyL9zKdVizKRum04Sn-yX00WHfoSzF6lhmKnSUpnLMPHjwie8CNywUnEzaaEXJ22IRQcvHHOUGxybokW82lFbqK9AWI2y1noFQe7qBqNUWXxK8dq-kDhebh088f4GKDh0qOROC1ep52-Wg2TWskNvzZeZphFwWQ8Ba-m2f2r5yD6to9LsJ6eU7ARBNlE4YR-VUH46qYIjwTsZrBPpdTtB3qRc2JGf74vwfP8RgcxOvUgtlu3hAAQxL3MX8mlQXOtXI1sTykltfLe1NwG2wd8FZ5DlhqBMk4ATiticGB133NK1uRfXxYA76tj4P_wMNTW19QTjE8GMGQF8TUeIvbAUuPj78DJ_1vfPQ7FPGSg0ifZ4rMy3v1yS5Xb_Unviq3xNfeY82PO35G6aSLKjfn9HumoXwdYlKQU2uVGsHRrjNqTZDnlkn4p0vcfKskxNR6LxLACLjRSQfLqGwCwwHt6Nxjqwg6SrxA2ol9oul2v9rW0ytFOT4COIFIEmF6PTPrWiAL8pvxbcwcULsdt1h9L7JU5_QPLHygwl1uTPxBBFqIbo_b5nHyj0YIkpEBHgx5Zssqp1rv0NsNGnvJ4sL8n2dVo8bNoFf7rLZGuzgaRaMhlqVBgI5DzySy3SPayxxDlJ6zcX60fXw11lB3gRgJXvaqUVRCAUupaK3uaptfcI-bx6SbOKocFHBiAA9Ct00kFsDtePwCQUntUo25cyVwTtsGeYqSdDIjpk_h65cf0rRvYgasVUJ-TrBjr_q_LLwC2tSEzdtejwkZJj_vvAt7OZKOB1C1NVk3eoe9GAfh6YBU5JGERIHA20hKy_8hC3_7zISBzDPVICx-xzsg39PRXJqh8cAZCTcUiRi0xDSpckGI8xugcaGcvrrDC43wcTgDsXOcf-Wp8DIjBIrhb3wBCCZqRwimfXOW4vs9KrR9Os4BeXtKMgQ7xFdZyGWEVd7IQDqvGM5TlQL0f7kWd0k_hS1jV9im2CC63KersuKkG7vO6e2I_kow90SLUwCZn8ixUCOayOBDTZ5ppq-A5i5bsDmwpl6NLvC-TyB40RbVYs9IER3d4R24ZctEMgpcwKp4FNCXdvehVq50ENPCOBi64IqJDEZzidYz90wKqOt20gwKKOF_R1ok6Gqhnp1Wd-NkPwfrz6nNxFgHuOI5E1imFAQU7b-h-cGL3TOFQk7C50p6WLlcXvyZ03TM5xaEPn_Gqa7i0BsZoPucthUJ-UQE_ui0fRChDn9fGonaD0_lgZD43vX7ssP9RB4NoVP9Cix8Q3pMOe07UVD-fCay4zaqbuUmBqsdtGBU5Di7J9m95H9IfqrIp0Ldqe2u78NAM2m3kH2Y562peJh4baFo2EwL4yWu1_U5vHisKilThQ2QA8SB3gpSE1PfaZqtFTh9RUoAxLf9glWcRCqB7I5Qljq5rtEiHmu5OlHUzbl7c-H2MyDo3d5wWVHeqHD2Cp2xGyPiNGCbyIeIUdl3ZizIPLwLYEEotU06maEFh_TMYDVcfIsB_R3kD4NtAMQaFjLCrb2pYZAA7fGhJbqESR_b4PyzFG_a49FclJEEaZbh5Jy2_YPimrahMxXd4aOd6Ss5hID05Yzx8ZQqDj6vAU2XC-7TgcDKIM2Oz2DInA8V_XY6uX2AXhQdH-ZoMe__getZtRuTFRLClbGwegYfF7B1Qjsqff10Hq7WppHkM7UHemAVt_VJ5hna86evL90Ljwo_L1z48ynQI0EB3VSeYl8r88FIZJ96WfdzvUCRQleSbaIALaXtKX3xpu9N4GQqVRpnXpqYUdt4Vl9uBbe30McKFu8ol91ojaauKlzx9wySzWKHJ---xDdiZWTgZ8I9F2QnaKtvO50NAWDxkag0fP93ZegTCENf0tE8bVpqC7VGqsfLoVMDGWnPj_OwSydaC4NJE7t6VRfkiI3GFE_6iWweg9VFUcNUBOwlXN9CmofCcQ7fWydQNfgyuVpXYkt91ahTxT7Gk7MZNrDivbe89hBskntLpcqeHcnxOC1W39JLTounF8J0Nn6A9EdOTQ7-vWMgFKIcAOSIij60h-5-G0KAZgsPnSIHKm0dr0Ud-n_Tp4r4SJxsLZSIHS6eSdo9M3E-IVAwM76d3fWF0cpHGYQkjD-VGpejxIP_4GGfbj6nB-SIqgsXoN9dsF8nArChImMnEQijlE9wJKTpluHKKlqwgS4bp25R1b7_LzaHhXEgXKXjdX8RupKPjRruxGNts6QCZcvGa1jigqMC112OL8HmsQ21h_zXjLI_PoGpIt0tYjjCIj-3DP84aK_h13gAm_rVc3sLGdSCH96REgzMILBjAYD4e6nxwlkQCQZelDKh1v0ALhjRCXgu5qGCiMfGZZkvu-7GzCQjt5p7ZWbqOR5UkzLopFOJThOtxHIg9fbPfqydwqg3jzOspw94mAH0u__HSpf-DfSQ5i3x_bDIo6r11-1VnfDIBzIGotg6ODOtH2-GGEL2dzLOvOtot7eLOFc5Y34nj93pMKQql-q-2dkwzv-yf7NbtSSQusNdV8prTA1XfrwE3X_luSLweVeCZCv9_wSMsr92_M2ju7ndgvoFQ2ElTsLGVmXIIBoCXk131KV7OwIakrI6idYN5r11QCpoDm4J8M_q0jdLBqoBhvmSo63lLSEiR6o0ugThfIm0-qHqqSlkAOzf9sbLAqq7IgaHgzmx1cFcktUbrYxspbhAfq5niYeyZ9KdqN5mRsQiiNbUls0XIEVyVd45p9Kh831oL7f8Wl52G6cr-2JoSA0o0sHOtdpY0lAEMhs8BR5VqhI_dvgiBlLifuHOAC4oIZHBTo7d06GxrGlfjO7coEtCb9U2ZIAsuXPPx29NLVvsvphaKkRFDN-s9bsfAwDTzjz-PK_eE4l3mr-AJZ_qf71XmbNg&cid=CAQSPAAvHhf_xRZn3QbHvDD3Z6sscQfOspH4mrGF8di0XQeaw4_iEKlxN0CuEBtPHtoyfpDf-g2ej2XztV4B6xgB&dv3_ver=m202401290101&rfl=https%3A%2F%2Fwww.abv.bg&ds=l&xdt=1&iif=1&cor=3194554871877215700&adk=2775897823&idt=115&cac=0&dtd=25

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c4b3b636c989f0dd1c9ffe320cfdd7f3a281f414aacef5e9e4c924fe08cdf5cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d53e39e13c61f683f3b844fec1036e9d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Feb 2024 23:29:25 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13442
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 tag Show response
dmp.adwise.bg/servlet/ Frame 893D 0
89 B 235ms
44ms Script
text/javascript 194.153.145.88
NETINFO 12 Emil B...

General

Check archive.org

Show headers Download Go to

Full URL: https://dmp.adwise.bg/servlet/tag?ref=https%3A%2F%2Fwww.abv.bg%2F
Requested by: Host: www.abv.bg
URL: https://www.abv.bg/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 194.153.145.88 , Bulgaria, ASN13147 (NETINFO 12 Emil Bersinski Str, BG),
Reverse DNS: dmp.adwise.bg
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://img.abv.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Feb 2024 23:29:25 GMT
cache-control: no-cache
server: nginx
content-length: 0
content-type: text/javascript

GET
H2 200 5f9ae8347f08c7237d8609f9 Show response
analytics.contentexchange.me/bex/load/ Frame 893D 52 KB
17 KB 214ms
72ms Script
text/javascript 46.19.11.36
SIEL

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.contentexchange.me/bex/load/5f9ae8347f08c7237d8609f9
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P74CWJ
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 46.19.11.36 , Slovenia, ASN51790 (SIEL, SI),
Reverse DNS: ilog.vsn.si
Software: nginx/1.16.1 /
Resource Hash: a74485af5c58be1a5dc0928f48e72c9a105249627d537ecf059c15bfcb4d1436

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://img.abv.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 23:29:25 GMT
content-encoding: gzip
server: nginx/1.16.1
content-type: text/javascript; charset=utf-8

GET
H2

200

rexdot.js Show response
gabg.hit.gemius.pl/__/_1706916565204/ Frame 2866
Redirect Chain

https://gabg.hit.gemius.pl/_1706916565204/rexdot.js?l=106&sendf=24&id=pyM6ETuay1axb8mosdTjz6R..KfGoHBcgod0mxirr8X.07&et=view&hsrc=2&initsonar=1&extra=&eventid=0&tz=-60&fv=-&href=https%3A%2F%2Fimg.a...
https://gabg.hit.gemius.pl/__/_1706916565204/rexdot.js?l=106&sendf=24&id=pyM6ETuay1axb8mosdTjz6R..KfGoHBcgod0mxirr8X.07&et=view&hsrc=2&initsonar=1&extra=&eventid=0&tz=-60&fv=-&href=https%3A%2F%2Fim...

169 B
550 B

128ms
128ms

Script
application/x-javascript

78.128.6.44
TELEPOINT

General

Check archive.org

Show headers Download Go to

Full URL: https://gabg.hit.gemius.pl/__/_1706916565204/rexdot.js?l=106&sendf=24&id=pyM6ETuay1axb8mosdTjz6R..KfGoHBcgod0mxirr8X.07&et=view&hsrc=2&initsonar=1&extra=&eventid=0&tz=-60&fv=-&href=https%3A%2F%2Fimg.abv.bg%2Fe%2Fs%2Fcounters.html%3Fv%3D1.0&screen=1600x1200r1000&col=24&window=1x1&vis=1&lsdata=JRwayq.birU03FBwYjhfKpC7YskvpJcJ7B.kG6xw7D3.G7BcWQMYJYe7V45ByP133JYHKUsXvuYQTmcfi44ieRrAoyYu/rw5JhCabKinCn/&fpdata=Bzm7zkyWuFneSePKuCpIVyuQ2p_SFEvR_qcTmXmowMb.Y7&ltime=240&fr=3&tr=1&ref=https%3A%2F%2Fwww.abv.bg&inner=_ver%3D347%7C_ch_mobile%3D0%7C_ch_wow64%3D0%7C_ch_brands%3D&exid=65bd7ad40b706647&brts=1706916565&fpcap=
Protocol: H2
Server: 78.128.6.44 , Bulgaria, ASN31083 (TELEPOINT, BG),
Reverse DNS: ip-6-44.telehouse.bg
Software: GHC /
Resource Hash: 70adbfe76bd4a2dd8fd225c39c07648dfce460559b538ef983cc9ee86905195e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://img.abv.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Feb 2024 23:29:25 GMT
server: GHC
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: CP="NOI DSP COR NID PSAo OUR IND"
content-type: application/x-javascript
cache-control: no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-length: 169
expires: Thu, 01 Feb 2024 23:29:25 GMT

Redirect headers

pragma: no-cache
date: Fri, 02 Feb 2024 23:29:25 GMT
server: GHC
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: CP="NOI DSP COR NID PSAo OUR IND"
location: /__/_1706916565204/rexdot.js?l=106&sendf=24&id=pyM6ETuay1axb8mosdTjz6R..KfGoHBcgod0mxirr8X.07&et=view&hsrc=2&initsonar=1&extra=&eventid=0&tz=-60&fv=-&href=https%3A%2F%2Fimg.abv.bg%2Fe%2Fs%2Fcounters.html%3Fv%3D1.0&screen=1600x1200r1000&col=24&window=1x1&vis=1&lsdata=JRwayq.birU03FBwYjhfKpC7YskvpJcJ7B.kG6xw7D3.G7BcWQMYJYe7V45ByP133JYHKUsXvuYQTmcfi44ieRrAoyYu/rw5JhCabKinCn/&fpdata=Bzm7zkyWuFneSePKuCpIVyuQ2p_SFEvR_qcTmXmowMb.Y7&ltime=240&fr=3&tr=1&ref=https%3A%2F%2Fwww.abv.bg&inner=_ver%3D347%7C_ch_mobile%3D0%7C_ch_wow64%3D0%7C_ch_brands%3D&exid=65bd7ad40b706647&brts=1706916565&fpcap=
cache-control: no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-length: 0
expires: Thu, 01 Feb 2024 23:29:25 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 3955 13 KB
5 KB 22ms
18ms Document
text/html 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://rimg.abv.bg/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 57234
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 02 Feb 2024 07:35:31 GMT
expires: Sat, 01 Feb 2025 07:35:31 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 3AEE 829 B
1 KB 31ms
29ms Document
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

a0445e5fa87a424fc2007ac0c5f71ea259f6d9e27604e922b568581fe871c727

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-pcvHOZqx1cq8ZsOWxZCXCw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://rimg.abv.bg/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-pcvHOZqx1cq8ZsOWxZCXCw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 02 Feb 2024 23:29:25 GMT
expires: Fri, 02 Feb 2024 23:29:25 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 sdk.e17d32fa80881efdcb7b857db1509329b98d5e0c.js Show response
sdk.privacy-center.org/sdk/e17d32fa80881efdcb7b857db1509329b98d5e0c/modern/ Frame B1BD 337 KB
94 KB 23ms
22ms Script
application/javascript 2600:9000:2251:d000:5:b7cc:d3c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sdk.privacy-center.org/sdk/e17d32fa80881efdcb7b857db1509329b98d5e0c/modern/sdk.e17d32fa80881efdcb7b857db1509329b98d5e0c.js
Requested by: Host: sdk.privacy-center.org
URL: https://sdk.privacy-center.org/de5b4661-0ae3-4e87-9ae6-507a20953c0f/loader.js?target=www.abv.bg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:d000:5:b7cc:d3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 74cfe5cc0a7328cf94a2af3c2c8473d97145bc0821c94c9c905c2e91a41a1aa8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.abv.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 16:55:48 GMT
content-encoding: gzip
via: 1.1 d63ea68c8b7458d49fe25f66ef7f0a5e.cloudfront.net (CloudFront)
last-modified: Wed, 31 Jan 2024 16:55:38 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 196418
etag: W/"4cf035169e0b6a20c7a67041e1e842c8-1"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: Mj2q-gNr3RbmgACUgCQSxl3RpcWZ77K95CWboQCHXt4f5hSKKCsbow==

GET
H3 200 IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js Show response
pagead2.googlesyndication.com/bg/ Frame 3955 39 KB
15 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 17:56:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 19979
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15219
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 01 Feb 2025 17:56:26 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 3AEE 0
0 51ms
51ms Image
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202401290201&jk=3995585039932507&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 7C7A 41 KB
14 KB 19ms
18ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A_tB8nDox7aJUrknKD6mK_aYq37jsr0CcotZbaCeD73gU-tnv_ZA0nkA1l_ggxv1PVJ3_O_jWRDVnDkrBEjlNdPPwM0R3LSql_2Ub0It4ujEWXjTRzJHZmgHcEpmt6hCncEXmiS34JMv8zzuhLCu8Ig8FF2srEH_tj2RzZzximMo9wpRc&cry=1&dbm_d=AKAmf-Aa0ed8qFLEuV83DrHRYC-oqtlzUu8I0SdT3J1qFRIhGe90o89dbFF7tPxO7n3jqZdLXmDKCXUOgBB870bG4l4h4mhNoudDFFix_YnoT3tIhoztZTOKjdnvchHK4uIi9rS1q_OB0JUJH9jSf5nhEtbQDVkblHiBOONKZsniiq-mMjQTvD7P9RisT191IZFa5v20fp_aMM8pvNzSU6_QsamxiCsc7wzOKoWPKhQqchhBwVJ7ViOVwNM7kwOhazKxT_paZWl57yYr9yK1dwMUO8zR9jh1ChC-6eSVbECku0deqSR7JNkKxe8MlaSVKEaUMQAZpPrY0cgKI4GyZ4qB9OvZeYyEVQ48H4O2lsGERMnD1uUWEGayRpzwwFvP7saTtLNhAYKGkWcZ62xB9WWX8XCX9f8oiECnVvw4rQS-Yj8e5RZdqCQSvNdwBlvUa6gSUsEyHND48pEtLmN4MaEmnZliR4NvvJkB29rHw0HjCw3ZI4cJFoHxWVZVK7ZqHzFnd2sxfHxMTg1irOYhRuInicNPc-I41agENUW5bNFZfIu-tUoz0T9fFatih1NOF3NgS-ZFyFSylj458zZCjoyyElkBOWI4bNDPVJf64dzh9LO-c0qTWJlCO8n2PY400Gm2zr4nEWlJxTwQPM0U93taYL1uvMGvRHp7xn6PPhlVdICIFOIkqHU2KIOCR_sEaatpkR0g3TO_JGa_AZWNoTytRFRisXsl7uvOECpL2hMJk-vqOEceRNtG0XF_97ABivPJp4HLfwdHo6gqH3xhxDFLhTDb90YWUC5ylhtzwxLeIFN3SaYK0YvjmgImpHFdbf0TqltT8Of5ZDw4IX8PQP7gxwaDYeVALqbAk-bJm7QpFiUlgIhDMGOLO8qhIRYb_VU85TMso0_hsSQ0dBQo7e-q8Txeq-kDcIDBeKMgJpioKDr7oE6ODWj04717h0iQvDm8CPZ3TfREWASvQart5XCOCtO9RHvGSM6adrFZjHlyCOBmK-5OQp60qw59JVqTnn_v-FWsfqSSbhRH8W7aaaHTAEXR4Q7XqLRmhl3lfhyLC2bZjc9rbLP6zk95apr2NEXkedDd2zr2OZzz-qVarfvRdIeQBKj8Fw5b1LryKHSvPZhBICouI9M5ZGpo-jL14y95_twnBY-ujRJ4AmMxm5eIXQJr4gOsQCFhCjcE3xOR3koETmj7COkPgNyL9zKdVizKRum04Sn-yX00WHfoSzF6lhmKnSUpnLMPHjwie8CNywUnEzaaEXJ22IRQcvHHOUGxybokW82lFbqK9AWI2y1noFQe7qBqNUWXxK8dq-kDhebh088f4GKDh0qOROC1ep52-Wg2TWskNvzZeZphFwWQ8Ba-m2f2r5yD6to9LsJ6eU7ARBNlE4YR-VUH46qYIjwTsZrBPpdTtB3qRc2JGf74vwfP8RgcxOvUgtlu3hAAQxL3MX8mlQXOtXI1sTykltfLe1NwG2wd8FZ5DlhqBMk4ATiticGB133NK1uRfXxYA76tj4P_wMNTW19QTjE8GMGQF8TUeIvbAUuPj78DJ_1vfPQ7FPGSg0ifZ4rMy3v1yS5Xb_Unviq3xNfeY82PO35G6aSLKjfn9HumoXwdYlKQU2uVGsHRrjNqTZDnlkn4p0vcfKskxNR6LxLACLjRSQfLqGwCwwHt6Nxjqwg6SrxA2ol9oul2v9rW0ytFOT4COIFIEmF6PTPrWiAL8pvxbcwcULsdt1h9L7JU5_QPLHygwl1uTPxBBFqIbo_b5nHyj0YIkpEBHgx5Zssqp1rv0NsNGnvJ4sL8n2dVo8bNoFf7rLZGuzgaRaMhlqVBgI5DzySy3SPayxxDlJ6zcX60fXw11lB3gRgJXvaqUVRCAUupaK3uaptfcI-bx6SbOKocFHBiAA9Ct00kFsDtePwCQUntUo25cyVwTtsGeYqSdDIjpk_h65cf0rRvYgasVUJ-TrBjr_q_LLwC2tSEzdtejwkZJj_vvAt7OZKOB1C1NVk3eoe9GAfh6YBU5JGERIHA20hKy_8hC3_7zISBzDPVICx-xzsg39PRXJqh8cAZCTcUiRi0xDSpckGI8xugcaGcvrrDC43wcTgDsXOcf-Wp8DIjBIrhb3wBCCZqRwimfXOW4vs9KrR9Os4BeXtKMgQ7xFdZyGWEVd7IQDqvGM5TlQL0f7kWd0k_hS1jV9im2CC63KersuKkG7vO6e2I_kow90SLUwCZn8ixUCOayOBDTZ5ppq-A5i5bsDmwpl6NLvC-TyB40RbVYs9IER3d4R24ZctEMgpcwKp4FNCXdvehVq50ENPCOBi64IqJDEZzidYz90wKqOt20gwKKOF_R1ok6Gqhnp1Wd-NkPwfrz6nNxFgHuOI5E1imFAQU7b-h-cGL3TOFQk7C50p6WLlcXvyZ03TM5xaEPn_Gqa7i0BsZoPucthUJ-UQE_ui0fRChDn9fGonaD0_lgZD43vX7ssP9RB4NoVP9Cix8Q3pMOe07UVD-fCay4zaqbuUmBqsdtGBU5Di7J9m95H9IfqrIp0Ldqe2u78NAM2m3kH2Y562peJh4baFo2EwL4yWu1_U5vHisKilThQ2QA8SB3gpSE1PfaZqtFTh9RUoAxLf9glWcRCqB7I5Qljq5rtEiHmu5OlHUzbl7c-H2MyDo3d5wWVHeqHD2Cp2xGyPiNGCbyIeIUdl3ZizIPLwLYEEotU06maEFh_TMYDVcfIsB_R3kD4NtAMQaFjLCrb2pYZAA7fGhJbqESR_b4PyzFG_a49FclJEEaZbh5Jy2_YPimrahMxXd4aOd6Ss5hID05Yzx8ZQqDj6vAU2XC-7TgcDKIM2Oz2DInA8V_XY6uX2AXhQdH-ZoMe__getZtRuTFRLClbGwegYfF7B1Qjsqff10Hq7WppHkM7UHemAVt_VJ5hna86evL90Ljwo_L1z48ynQI0EB3VSeYl8r88FIZJ96WfdzvUCRQleSbaIALaXtKX3xpu9N4GQqVRpnXpqYUdt4Vl9uBbe30McKFu8ol91ojaauKlzx9wySzWKHJ---xDdiZWTgZ8I9F2QnaKtvO50NAWDxkag0fP93ZegTCENf0tE8bVpqC7VGqsfLoVMDGWnPj_OwSydaC4NJE7t6VRfkiI3GFE_6iWweg9VFUcNUBOwlXN9CmofCcQ7fWydQNfgyuVpXYkt91ahTxT7Gk7MZNrDivbe89hBskntLpcqeHcnxOC1W39JLTounF8J0Nn6A9EdOTQ7-vWMgFKIcAOSIij60h-5-G0KAZgsPnSIHKm0dr0Ud-n_Tp4r4SJxsLZSIHS6eSdo9M3E-IVAwM76d3fWF0cpHGYQkjD-VGpejxIP_4GGfbj6nB-SIqgsXoN9dsF8nArChImMnEQijlE9wJKTpluHKKlqwgS4bp25R1b7_LzaHhXEgXKXjdX8RupKPjRruxGNts6QCZcvGa1jigqMC112OL8HmsQ21h_zXjLI_PoGpIt0tYjjCIj-3DP84aK_h13gAm_rVc3sLGdSCH96REgzMILBjAYD4e6nxwlkQCQZelDKh1v0ALhjRCXgu5qGCiMfGZZkvu-7GzCQjt5p7ZWbqOR5UkzLopFOJThOtxHIg9fbPfqydwqg3jzOspw94mAH0u__HSpf-DfSQ5i3x_bDIo6r11-1VnfDIBzIGotg6ODOtH2-GGEL2dzLOvOtot7eLOFc5Y34nj93pMKQql-q-2dkwzv-yf7NbtSSQusNdV8prTA1XfrwE3X_luSLweVeCZCv9_wSMsr92_M2ju7ndgvoFQ2ElTsLGVmXIIBoCXk131KV7OwIakrI6idYN5r11QCpoDm4J8M_q0jdLBqoBhvmSo63lLSEiR6o0ugThfIm0-qHqqSlkAOzf9sbLAqq7IgaHgzmx1cFcktUbrYxspbhAfq5niYeyZ9KdqN5mRsQiiNbUls0XIEVyVd45p9Kh831oL7f8Wl52G6cr-2JoSA0o0sHOtdpY0lAEMhs8BR5VqhI_dvgiBlLifuHOAC4oIZHBTo7d06GxrGlfjO7coEtCb9U2ZIAsuXPPx29NLVvsvphaKkRFDN-s9bsfAwDTzjz-PK_eE4l3mr-AJZ_qf71XmbNg&cid=CAQSPAAvHhf_xRZn3QbHvDD3Z6sscQfOspH4mrGF8di0XQeaw4_iEKlxN0CuEBtPHtoyfpDf-g2ej2XztV4B6xgB&dv3_ver=m202401290101&rfl=https%3A%2F%2Fwww.abv.bg&ds=l&xdt=1&iif=1&cor=3194554871877215700&adk=2775897823&idt=115&cac=0&dtd=25

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d53e39e13c61f683f3b844fec1036e9d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 19:13:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 274585
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 29 Jan 2025 19:13:00 GMT

GET
H2 200 attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwNjkxNjU2NTIxMzMxNAogIHNlcnZlcl9pcDogMTM5ODAyNzYzCiAgcHJvY2Vzc19pZDogMTI5MTkxNDk3OQp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiAxMTg2ODk0...
ad.doubleclick.net/ddm/activity/ Frame 7C7A 0
865 B 105ms
53ms Image
image/png 142.250.185.102
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/activity/attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwNjkxNjU2NTIxMzMxNAogIHNlcnZlcl9pcDogMTM5ODAyNzYzCiAgcHJvY2Vzc19pZDogMTI5MTkxNDk3OQp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiAxMTg2ODk0MwphZHZlcnRpc2VyX2RvbWFpbjogImh0dHBzOi8vcmVkaW50ZWxsaWdlbmNlLm5ldCIKeGZhX2F0dHJpYnV0aW9uX2ludGVyYWN0aW9uX3R5cGU6IFZJRVcKaW1wcmVzc2lvbl9wcmlvcml0eTogMAppbXByZXNzaW9uX2V4cGlyeV9pbl9kYXlzOiAzMApldmVudF9pbXByZXNzaW9uX2lkOiAxMDY5NDA4NTQ3MjIyNzEwOTE4OQpkZWJ1Z19rZXk6IDEwMDYyNDI3MzAwMTU5NjYwNjAyCmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX1BST0RVQ1RfVFlQRQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9JTlRFUkFDVElPTl9UWVBFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAzCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0lOVEVSQUNUSU9OX0RBVEUKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgc3RyaW5nX3ZhbHVlOiAiMjAyNC0wMi0wMiIKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fRkxPT0RMSUdIVF9DT05GSUdfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDExODY4OTQzCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0NPUkVfUExBVEZPUk1fU0VSVklDRQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMAogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9QTEFURk9STV9UWVBFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAwCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX1FVRVJZX0NPVU5UUlkKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgc3RyaW5nX3ZhbHVlOiAiVVMiCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX1BMQUNFTUVOVF9JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMzMyMTc0ODQwCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0RWM19BRFZFUlRJU0VSX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiA4NzgyNDM2OTYKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fRFYzX0xJTkVfSVRFTV9JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMTY2NjAxNDIwNjMKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fRFYzX0NSRUFUSVZFX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiA0MTYyMDg2MzgKICB9Cn0KYXJjaGV0eXBlX2lkOiAxMgphcmNoZXR5cGVfaWQ6IDEzCmFyY2hldHlwZV9pZDogMTQKYXJjaGV0eXBlX2lkOiAxNQphZHZlcnRpc2VyX2NvbnZlcnNpb25fZG9tYWluczogImh0dHBzOi8vcmVkaW50ZWxsaWdlbmNlLm5ldCIKYWR2ZXJ0aXNlcl9jb252ZXJzaW9uX2RvbWFpbnM6ICJodHRwczovL2RlYnVnY29udmVyc2lvbmRvbWFpbjEuY29tIgphZHZlcnRpc2VyX2NvbnZlcnNpb25fZG9tYWluczogImh0dHBzOi8vZGVidWdjb252ZXJzaW9uZG9tYWluMi5jb20iCmltcHJlc3Npb25fZXZlbnRfcmVwb3J0aW5nX3dpbmRvd19kYXlzOiA0CmJyb3dzZXJfYXR0cmlidXRpb25fYXBpX3JlcXVlc3RfcHJvY2Vzc2luZ19iaXRzOiA3MzgxOTc1MDQK

Requested by

Host: d53e39e13c61f683f3b844fec1036e9d.safeframe.googlesyndication.com
URL: https://d53e39e13c61f683f3b844fec1036e9d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f6.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d53e39e13c61f683f3b844fec1036e9d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Feb 2024 23:29:25 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"12":"0xa0aedf43682e75900000000000000000","13":"0x1a01286f6c8a0ca0000000000000000","14":"0xea008714569536ee0000000000000000","15":"0x9e293720a373cea90000000000000000"},"debug_key":"10062427300159660602","debug_reporting":true,"destination":"https://redintelligence.net","event_report_window":"345600","expiry":"2592000","filter_data":{"14":[],"21":[],"8":["11868943"]},"priority":"0","source_event_id":"10694085472227109189"}
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK g72h7lz2c4az Show response
hal9000.redintelligence.net/zone/ Frame 7C7A 11 KB
4 KB 86ms
28ms Script
text/html 88.99.219.174
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/g72h7lz2c4az?subid=&gdpr=&gdpr_consent=&rnd=1706916564747994&extVar[]=DV360_SSP:1&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCmD4s1Hq9ZdrTLbmqjuwPsouFyAmm5b2gaYWVnKfJD_AuEAEg8KqHIWCVgoCAmAfIAQmpAr3QS9cwGLI-qAMByAObBKoE3AFP0CdXwN9GQiys25Ylx8juXyeuO2OQOnBJ-ohvHBKcLAWNi3MpV4p_Mcnae1Pd7dXmrEEUSSYEtrfnHkP-LrxlO6Pn3SunCb7-019OnoElRUcm4lI1n1BbQUA6k26fjGmp0mzOf0EidBVZRn_48Bh6fYQuFjub_wH12w423v4UXb8aVHbADAExhIPApTPX-A0GuHXLagzvnvqwjJxG54iSw3lZhc2zaob4FqXtBEwIX7QizHxAtC8XeXK6catfjfmvMp8dW6bylH1wm_blaDSRnMDPGY83BwPDa8NCwATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCCUIgOGAEBABGB0yAqoCOgiAQICAhICABEi9_cE6WOjXgdznjYQDgAoDmAsByAsBgAwBqg0CREXiDRMI7ouC3OeNhAMVOZWDBx2yRQGZsBOH77EV0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSPAAvHhf_xRZn3QbHvDD3Z6sscQfOspH4mrGF8di0XQeaw4_iEKlxN0CuEBtPHtoyfpDf-g2ej2XztV4B6xgB%26sig%3DAOD64_3E0qHEzfSm7iEFGJU9HzFdw6zlXQ%26client%3Dca-pub-9699434551737642%26dbm_c%3DAKAmf-A1DI6bPXy8vief0yBvR-WNC7n_UDV3XIExRgQlnlsrbsrGCqJ56paIDXNNGDQ1PcPxy90qtDKQsm0wUnBBCM2oX_9czbstc9HQeRCRGATri4B7rD7ARu9smYEkasf7zNdM6z12T0EMeC_4QTJRKUVflOr2jLbKx5zhZjzxZqGFWT6tqTs%26cry%3D1%26dbm_d%3DAKAmf-AXvVRaYsJKZgZt8-7WqQqDbl9aZfv9exuxUbq5RgCvtbJWfAxk6FCwabkDVx-ic7Xcpl6kPQFur1zEPde1geRan5CcCXDmBBZtl2GF90VpgncStkF1Z0HgGM5vFXsPnXwyWKDdd7VAuGKuzossqq9Vvpq3I93bymplsIWZjJfJergPTsoeuhFLGRhgr6q89kLjf83xNltsJMvMJcSs4ZfRXolUon1JeHgPN6doLyE8074t8UowYu_YjAh8aMH_WLnQc5VQ2-y5JtFtl8IjdBfWS_Bo5tyayHf7RuuTPCzAktcCwACZ3ByslGqCREycXRIk5nkAO18gGGJk_saLDjRddcoeJTd1WJiJmycRFjFX8tC3tf8L_hDJOC4-ec9irmp5JXA9ypaV2HPSVAIfSi-YuF1nJrHxLeZSTaFfLsrlUcBs7FMftDL8-a3IYYBPRMityKd6PJpmEt-247pH0Hhx-PQlKKH0Km83WFVGcrJpaxFH9OC3CMjXLKRWzI3XraqvbTY2-nnLwmWP0RlVeZ5t4EVoAMzxZe94hXRbQX3Ser1SF0-c41EwoJJ2DPc3kKBm2KRfIA9Ri5azZ_vmhZ9kfK6UlBFV9mhUfwet0n4MznuzH0G7QglE7nTrXfH1Y3Me8uQC%26adurl%3D
Requested by: Host: d53e39e13c61f683f3b844fec1036e9d.safeframe.googlesyndication.com
URL: https://d53e39e13c61f683f3b844fec1036e9d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 88.99.219.174 Lutzingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.174.219.99.88.clients.your-server.de
Software: Apache /
Resource Hash: b44ddf01c50169ffd00da691ac18ed98026d2aa6c59d9d9919a807eba29cbcce

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d53e39e13c61f683f3b844fec1036e9d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Fri, 02 Feb 2024 23:29:25 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 4207
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H3 200 ui-gdpr-bg-web.e17d32fa80881efdcb7b857db1509329b98d5e0c.js Show response
sdk.privacy-center.org/sdk/e17d32fa80881efdcb7b857db1509329b98d5e0c/modern/ Frame B1BD 308 KB
58 KB 19ms
19ms Script
application/javascript 2600:9000:2251:d000:5:b7cc:d3c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sdk.privacy-center.org/sdk/e17d32fa80881efdcb7b857db1509329b98d5e0c/modern/ui-gdpr-bg-web.e17d32fa80881efdcb7b857db1509329b98d5e0c.js
Requested by: Host: sdk.privacy-center.org
URL: https://sdk.privacy-center.org/sdk/e17d32fa80881efdcb7b857db1509329b98d5e0c/modern/sdk.e17d32fa80881efdcb7b857db1509329b98d5e0c.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:2251:d000:5:b7cc:d3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a097440d87742f82ff1c429c8af406d8b602e24bda9eb47e0a02039cc59e28f5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.abv.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 16:56:58 GMT
content-encoding: br
via: 1.1 b43c04a791e8dcb8ddb6bb0847fcf95a.cloudfront.net (CloudFront)
last-modified: Wed, 31 Jan 2024 16:55:35 GMT
server: AmazonS3
age: 196348
x-amz-cf-pop: FRA60-P3
etag: W/"d5a4d71f305fa2e60769322d57a0f4aa-1"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: nOW8wXHTC_D3G9MD48OJQA1O9rrqFBTy-2-hjX7YLKTK_UGB2gDm-w==

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame B5AB 38 KB
13 KB 19ms
18ms Document
text/html 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d53e39e13c61f683f3b844fec1036e9d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 274414
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 30 Jan 2024 19:15:51 GMT
expires: Wed, 29 Jan 2025 19:15:51 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1

200
OK

request.php Show response
hal90008.redintelligence.net/ Frame 7C7A
Redirect Chain

https://hal90008.redintelligence.net/request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=3b244e0690&subid=&uid=076e6e14bcc3b622&screenSize=1600x1200&screenSizeAvail=1600x1200&cli...
https://hal90008.redintelligence.net/request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=3b244e0690&subid=&uid=076e6e14bcc3b622&screenSize=1600x1200&screenSizeAvail=1600x1200&cli...

3 KB
2 KB

181ms
134ms

Script
application/x-javascript

138.201.63.150
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90008.redintelligence.net/request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=3b244e0690&subid=&uid=076e6e14bcc3b622&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCmD4s1Hq9ZdrTLbmqjuwPsouFyAmm5b2gaYWVnKfJD_AuEAEg8KqHIWCVgoCAmAfIAQmpAr3QS9cwGLI-qAMByAObBKoE3AFP0CdXwN9GQiys25Ylx8juXyeuO2OQOnBJ-ohvHBKcLAWNi3MpV4p_Mcnae1Pd7dXmrEEUSSYEtrfnHkP-LrxlO6Pn3SunCb7-019OnoElRUcm4lI1n1BbQUA6k26fjGmp0mzOf0EidBVZRn_48Bh6fYQuFjub_wH12w423v4UXb8aVHbADAExhIPApTPX-A0GuHXLagzvnvqwjJxG54iSw3lZhc2zaob4FqXtBEwIX7QizHxAtC8XeXK6catfjfmvMp8dW6bylH1wm_blaDSRnMDPGY83BwPDa8NCwATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCCUIgOGAEBABGB0yAqoCOgiAQICAhICABEi9_cE6WOjXgdznjYQDgAoDmAsByAsBgAwBqg0CREXiDRMI7ouC3OeNhAMVOZWDBx2yRQGZsBOH77EV0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSPAAvHhf_xRZn3QbHvDD3Z6sscQfOspH4mrGF8di0XQeaw4_iEKlxN0CuEBtPHtoyfpDf-g2ej2XztV4B6xgB%26sig%3DAOD64_3E0qHEzfSm7iEFGJU9HzFdw6zlXQ%26client%3Dca-pub-9699434551737642%26dbm_c%3DAKAmf-A1DI6bPXy8vief0yBvR-WNC7n_UDV3XIExRgQlnlsrbsrGCqJ56paIDXNNGDQ1PcPxy90qtDKQsm0wUnBBCM2oX_9czbstc9HQeRCRGATri4B7rD7ARu9smYEkasf7zNdM6z12T0EMeC_4QTJRKUVflOr2jLbKx5zhZjzxZqGFWT6tqTs%26cry%3D1%26dbm_d%3DAKAmf-AXvVRaYsJKZgZt8-7WqQqDbl9aZfv9exuxUbq5RgCvtbJWfAxk6FCwabkDVx-ic7Xcpl6kPQFur1zEPde1geRan5CcCXDmBBZtl2GF90VpgncStkF1Z0HgGM5vFXsPnXwyWKDdd7VAuGKuzossqq9Vvpq3I93bymplsIWZjJfJergPTsoeuhFLGRhgr6q89kLjf83xNltsJMvMJcSs4ZfRXolUon1JeHgPN6doLyE8074t8UowYu_YjAh8aMH_WLnQc5VQ2-y5JtFtl8IjdBfWS_Bo5tyayHf7RuuTPCzAktcCwACZ3ByslGqCREycXRIk5nkAO18gGGJk_saLDjRddcoeJTd1WJiJmycRFjFX8tC3tf8L_hDJOC4-ec9irmp5JXA9ypaV2HPSVAIfSi-YuF1nJrHxLeZSTaFfLsrlUcBs7FMftDL8-a3IYYBPRMityKd6PJpmEt-247pH0Hhx-PQlKKH0Km83WFVGcrJpaxFH9OC3CMjXLKRWzI3XraqvbTY2-nnLwmWP0RlVeZ5t4EVoAMzxZe94hXRbQX3Ser1SF0-c41EwoJJ2DPc3kKBm2KRfIA9Ri5azZ_vmhZ9kfK6UlBFV9mhUfwet0n4MznuzH0G7QglE7nTrXfH1Y3Me8uQC%26adurl%3D&documentReferer=https%3A%2F%2Fd53e39e13c61f683f3b844fec1036e9d.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html%3Fn%3D2&ancestorOrigins=https%3A%2F%2Fd53e39e13c61f683f3b844fec1036e9d.safeframe.googlesyndication.com%2Chttps%3A%2F%2Frimg.abv.bg%2Chttps%3A%2F%2Fbimg.abv.bg%2Chttps%3A%2F%2Fwww.abv.bg&random=7051435369361&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0&uidRedirect=1
Requested by: Host: d53e39e13c61f683f3b844fec1036e9d.safeframe.googlesyndication.com
URL: https://d53e39e13c61f683f3b844fec1036e9d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Protocol: HTTP/1.1
Server: 138.201.63.150 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.150.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 93b831455b733a950ca7703bdcc753d79a1a3f8371a216f103ef8d12d422c80e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d53e39e13c61f683f3b844fec1036e9d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 02 Feb 2024 23:29:25 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: application/x-javascript; charset=utf-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 12614700002615704444550012589008
Connection: close
Content-Length: 1121
Expires: Fri, 02 Feb 2024 23:29:25 +0100

Redirect headers

Pragma: no-cache
Date: Fri, 02 Feb 2024 23:29:25 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location: request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=3b244e0690&subid=&uid=076e6e14bcc3b622&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCmD4s1Hq9ZdrTLbmqjuwPsouFyAmm5b2gaYWVnKfJD_AuEAEg8KqHIWCVgoCAmAfIAQmpAr3QS9cwGLI-qAMByAObBKoE3AFP0CdXwN9GQiys25Ylx8juXyeuO2OQOnBJ-ohvHBKcLAWNi3MpV4p_Mcnae1Pd7dXmrEEUSSYEtrfnHkP-LrxlO6Pn3SunCb7-019OnoElRUcm4lI1n1BbQUA6k26fjGmp0mzOf0EidBVZRn_48Bh6fYQuFjub_wH12w423v4UXb8aVHbADAExhIPApTPX-A0GuHXLagzvnvqwjJxG54iSw3lZhc2zaob4FqXtBEwIX7QizHxAtC8XeXK6catfjfmvMp8dW6bylH1wm_blaDSRnMDPGY83BwPDa8NCwATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCCUIgOGAEBABGB0yAqoCOgiAQICAhICABEi9_cE6WOjXgdznjYQDgAoDmAsByAsBgAwBqg0CREXiDRMI7ouC3OeNhAMVOZWDBx2yRQGZsBOH77EV0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSPAAvHhf_xRZn3QbHvDD3Z6sscQfOspH4mrGF8di0XQeaw4_iEKlxN0CuEBtPHtoyfpDf-g2ej2XztV4B6xgB%26sig%3DAOD64_3E0qHEzfSm7iEFGJU9HzFdw6zlXQ%26client%3Dca-pub-9699434551737642%26dbm_c%3DAKAmf-A1DI6bPXy8vief0yBvR-WNC7n_UDV3XIExRgQlnlsrbsrGCqJ56paIDXNNGDQ1PcPxy90qtDKQsm0wUnBBCM2oX_9czbstc9HQeRCRGATri4B7rD7ARu9smYEkasf7zNdM6z12T0EMeC_4QTJRKUVflOr2jLbKx5zhZjzxZqGFWT6tqTs%26cry%3D1%26dbm_d%3DAKAmf-AXvVRaYsJKZgZt8-7WqQqDbl9aZfv9exuxUbq5RgCvtbJWfAxk6FCwabkDVx-ic7Xcpl6kPQFur1zEPde1geRan5CcCXDmBBZtl2GF90VpgncStkF1Z0HgGM5vFXsPnXwyWKDdd7VAuGKuzossqq9Vvpq3I93bymplsIWZjJfJergPTsoeuhFLGRhgr6q89kLjf83xNltsJMvMJcSs4ZfRXolUon1JeHgPN6doLyE8074t8UowYu_YjAh8aMH_WLnQc5VQ2-y5JtFtl8IjdBfWS_Bo5tyayHf7RuuTPCzAktcCwACZ3ByslGqCREycXRIk5nkAO18gGGJk_saLDjRddcoeJTd1WJiJmycRFjFX8tC3tf8L_hDJOC4-ec9irmp5JXA9ypaV2HPSVAIfSi-YuF1nJrHxLeZSTaFfLsrlUcBs7FMftDL8-a3IYYBPRMityKd6PJpmEt-247pH0Hhx-PQlKKH0Km83WFVGcrJpaxFH9OC3CMjXLKRWzI3XraqvbTY2-nnLwmWP0RlVeZ5t4EVoAMzxZe94hXRbQX3Ser1SF0-c41EwoJJ2DPc3kKBm2KRfIA9Ri5azZ_vmhZ9kfK6UlBFV9mhUfwet0n4MznuzH0G7QglE7nTrXfH1Y3Me8uQC%26adurl%3D&documentReferer=https%3A%2F%2Fd53e39e13c61f683f3b844fec1036e9d.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html%3Fn%3D2&ancestorOrigins=https%3A%2F%2Fd53e39e13c61f683f3b844fec1036e9d.safeframe.googlesyndication.com%2Chttps%3A%2F%2Frimg.abv.bg%2Chttps%3A%2F%2Fbimg.abv.bg%2Chttps%3A%2F%2Fwww.abv.bg&random=7051435369361&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0&uidRedirect=1
Content-Type: text/html; charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Length: 0
Expires: Fri, 02 Feb 2024 23:29:25 +0100

POST
H2 200 audittrail Show response
dmp.adwise.bg/servlet/ Frame B1BD 132 B
362 B 163ms
44ms XHR
text/plain 194.153.145.88
NETINFO 12 Emil B...

General

Check archive.org

Show headers Download Go to

Full URL: https://dmp.adwise.bg/servlet/audittrail
Requested by: Host: www.abv.bg
URL: https://www.abv.bg/js/jquery.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 194.153.145.88 , Bulgaria, ASN13147 (NETINFO 12 Emil Bersinski Str, BG),
Reverse DNS: dmp.adwise.bg
Software: nginx /
Resource Hash: 3efebfecb1aa490dc47b46c1b3a4fde0351f60be13268ff8dd7810f6e3905753

Request headers

Accept: */*
Referer: https://www.abv.bg/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 02 Feb 2024 23:29:25 GMT
server: nginx
access-control-allow-methods: POST
content-type: text/plain;charset=ISO-8859-1
access-control-allow-origin: https://www.abv.bg
cache-control: no-cache
access-control-allow-credentials: true
access-control-allow-headers: Origin
content-length: 132

GET
H/1.1 200
OK logo.svg
blog.netinfocompany.bg/wp-content/themes/shapely/custom/img/ Frame B1BD 195 KB
195 KB 364ms
58ms Image
image/svg+xml 84.238.193.148
BTC-SEC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blog.netinfocompany.bg/wp-content/themes/shapely/custom/img/logo.svg

Requested by

Host: www.abv.bg
URL: https://www.abv.bg/abv_gdpr.html?t=1706916563764

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

84.238.193.148 , Bulgaria, ASN205132 (BTC-SEC-AS, BG),

Reverse DNS

blog.netinfocompany.bg

Software

Apache /

Resource Hash

a728e38256a3554f3dd6f32fa3852b492807aa82cb9c982655d3e3d1fb79608a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.abv.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Fri, 02 Feb 2024 23:29:25 GMT
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Last-Modified: Tue, 08 Nov 2022 13:13:41 GMT
Server: Apache
ETag: "30c2b-5ecf54f0dcb40"
Content-Type: image/svg+xml
Connection: close
Accept-Ranges: bytes
Content-Length: 199723

GET
H3 200 IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js Show response
pagead2.googlesyndication.com/bg/ Frame B5AB 39 KB
15 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 17:56:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 19979
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15219
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 01 Feb 2025 17:56:26 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 3955 0
10 B 19ms
18ms Image
text/plain 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?pVst_Q
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 23:29:25 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame 893D 52 KB
21 KB 63ms
18ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P74CWJ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://img.abv.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 02 Feb 2024 21:48:09 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 6076
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Fri, 02 Feb 2024 23:48:09 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame B5AB 0
20 B 54ms
53ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=B873Q1Xq9ZcKCDYvx1PIP452E6AQAAAAAOAHgBAI&bg=!VFelVxjNAAa8BdJLnAU7ADQBe5WfOKiVmR3xPa93oD10kthWbYT1dAx8MjsJ8UJtl3n9OmOJPVMzKUfOWctLsYuRcIEpAgAAAHBSAAAAA2gBB5kDe5SQg1obrxVdBAKW_hN_nHlRZyJnhOGkyW_4BG8xrYZJ81RJjzeDXf8Yt_TOXEG0NA--7o9cjamwE6oK7iEwvNEZ0RHIqhDMzI-GjqGZCLSq2f7SlZ3ohckscvcH8Yt0yTi2eRU2fEQgF7tisiT5cpaM15UQ0iBokv9iOcwwNzswlSghq7ORouJGPTsczl_smVQ1aaHZrFEWa4JYZbKeMAPomdyBkQlNsDYHjGi0C2CDQw2PLUsVvZkjQmjy_yMimzAmoruSwAE9JlV0zCBU-NCJHD3ztXIvg21UBjy43Lq35C-6o_G4NSQMNkkI432Ob2JZxx6Za7Utyf6uNaeBIPA5HY7e9TzRTOOWFxF7pemEr8dcIVuEAH1yP7S-Bn1IgZJA_tjgXvOKawDPQbopSM2UFbmdsBT4sHyXf73UadWc6BF0k6KlRTVNPQ6herMPFaYIAbhJcnCvCfQRNaNCy_ojad4PQe9nGOlRwid_WVvy5e11hh1ZpE3hwjdc54wyUgqjGA1KjnG_6OeESV58CCosymRdKOAofNWigqSo7aU-IW16HHJsNlBcKDFIe6FTvVOApeeaB8wSA2SzTFGcGXBVOqatqJl-H_SHf0_v9ZcCfAadsK-PQPSE3tGBNlFNPDgMCVhJ4d0GKVUleCCggDQdtbPiiB8JYj-L9cHiyLxyw5U66cGG2jsbxnpG8AVFqDrP5l6S1aOdaKMsVbCU-eE6inQ0bPu7grksBfE2kFTWSpiM6Gyycv4oaHz_6ubGnm3XBGpcV5mvHHUwwCe0D-k0KgZo0Nz_axlUNrDHTciA2eRTCYvfKvHF_rBrTCfbymA004UJjy8MT7pm9svqsIsfWutszVtCHLrRTds4i1d8Rt_U6yY6ce8OUx_Ki1S4nSJ91prGR54gycUZ84Jwq_uC8Ovk8HUmTfDaG8JEVFpVeuJ1sMBrE1uBrtu1tQrZWywWR5w1NKUVqCfT2reTWwVuP1233Q4yj7l83nBVVhap5yt6Au4kv9jzKnWOhd2DQFFyVsnBgcIUlQrSw1E6eKQxSm2IjqsnkBpou6GrXuINR3i4m1fI00FwlkM84AZktCZ9KhTgKkt0lSQQvdU4ta7w6Z4QZWSwElzFznMOhzpXolkB9ZKNz55YsvBVZSme_Ujmjx2rMoSBHKhfXMjC0JPAouKn7o8BPrKVUA

Requested by

Host: d53e39e13c61f683f3b844fec1036e9d.safeframe.googlesyndication.com
URL: https://d53e39e13c61f683f3b844fec1036e9d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Feb 2024 23:29:25 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ Frame 893D 35 B
194 B 19ms
18ms Image
image/gif 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&aip=1&a=114697713&t=pageview&_s=1&dl=https%3A%2F%2Fwww.abv.bg%2F&dr=&dp=%2F&dh=www.abv.bg&ul=en-us&de=windows-1252&dt=%D0%90%D0%91%D0%92%20%D0%9F%D0%BE%D1%89%D0%B0&sd=24-bit&sr=1600x1200&vp=1x1&je=0&_u=YEBAAEABAAAAAAgHK~&cid=1207508347.1706916566&tid=UA-68436640-1&_gid=968593227.1706916566&gtm=45He41v0n71P74CWJza200&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&z=1133292615

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://img.abv.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Feb 2024 19:18:11 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 15074
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
adv.office-partner.de/ Frame 7F2A 930 B
923 B 131ms
25ms Document
text/html 2a0b:4d07:102::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Requested by: Host: hal90008.redintelligence.net
URL: https://hal90008.redintelligence.net/request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=3b244e0690&subid=&uid=076e6e14bcc3b622&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCmD4s1Hq9ZdrTLbmqjuwPsouFyAmm5b2gaYWVnKfJD_AuEAEg8KqHIWCVgoCAmAfIAQmpAr3QS9cwGLI-qAMByAObBKoE3AFP0CdXwN9GQiys25Ylx8juXyeuO2OQOnBJ-ohvHBKcLAWNi3MpV4p_Mcnae1Pd7dXmrEEUSSYEtrfnHkP-LrxlO6Pn3SunCb7-019OnoElRUcm4lI1n1BbQUA6k26fjGmp0mzOf0EidBVZRn_48Bh6fYQuFjub_wH12w423v4UXb8aVHbADAExhIPApTPX-A0GuHXLagzvnvqwjJxG54iSw3lZhc2zaob4FqXtBEwIX7QizHxAtC8XeXK6catfjfmvMp8dW6bylH1wm_blaDSRnMDPGY83BwPDa8NCwATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCCUIgOGAEBABGB0yAqoCOgiAQICAhICABEi9_cE6WOjXgdznjYQDgAoDmAsByAsBgAwBqg0CREXiDRMI7ouC3OeNhAMVOZWDBx2yRQGZsBOH77EV0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSPAAvHhf_xRZn3QbHvDD3Z6sscQfOspH4mrGF8di0XQeaw4_iEKlxN0CuEBtPHtoyfpDf-g2ej2XztV4B6xgB%26sig%3DAOD64_3E0qHEzfSm7iEFGJU9HzFdw6zlXQ%26client%3Dca-pub-9699434551737642%26dbm_c%3DAKAmf-A1DI6bPXy8vief0yBvR-WNC7n_UDV3XIExRgQlnlsrbsrGCqJ56paIDXNNGDQ1PcPxy90qtDKQsm0wUnBBCM2oX_9czbstc9HQeRCRGATri4B7rD7ARu9smYEkasf7zNdM6z12T0EMeC_4QTJRKUVflOr2jLbKx5zhZjzxZqGFWT6tqTs%26cry%3D1%26dbm_d%3DAKAmf-AXvVRaYsJKZgZt8-7WqQqDbl9aZfv9exuxUbq5RgCvtbJWfAxk6FCwabkDVx-ic7Xcpl6kPQFur1zEPde1geRan5CcCXDmBBZtl2GF90VpgncStkF1Z0HgGM5vFXsPnXwyWKDdd7VAuGKuzossqq9Vvpq3I93bymplsIWZjJfJergPTsoeuhFLGRhgr6q89kLjf83xNltsJMvMJcSs4ZfRXolUon1JeHgPN6doLyE8074t8UowYu_YjAh8aMH_WLnQc5VQ2-y5JtFtl8IjdBfWS_Bo5tyayHf7RuuTPCzAktcCwACZ3ByslGqCREycXRIk5nkAO18gGGJk_saLDjRddcoeJTd1WJiJmycRFjFX8tC3tf8L_hDJOC4-ec9irmp5JXA9ypaV2HPSVAIfSi-YuF1nJrHxLeZSTaFfLsrlUcBs7FMftDL8-a3IYYBPRMityKd6PJpmEt-247pH0Hhx-PQlKKH0Km83WFVGcrJpaxFH9OC3CMjXLKRWzI3XraqvbTY2-nnLwmWP0RlVeZ5t4EVoAMzxZe94hXRbQX3Ser1SF0-c41EwoJJ2DPc3kKBm2KRfIA9Ri5azZ_vmhZ9kfK6UlBFV9mhUfwet0n4MznuzH0G7QglE7nTrXfH1Y3Me8uQC%26adurl%3D&documentReferer=https%3A%2F%2Fd53e39e13c61f683f3b844fec1036e9d.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html%3Fn%3D2&ancestorOrigins=https%3A%2F%2Fd53e39e13c61f683f3b844fec1036e9d.safeframe.googlesyndication.com%2Chttps%3A%2F%2Frimg.abv.bg%2Chttps%3A%2F%2Fbimg.abv.bg%2Chttps%3A%2F%2Fwww.abv.bg&random=7051435369361&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn /
Resource Hash: 384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7

Request headers

Referer: https://d53e39e13c61f683f3b844fec1036e9d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=604800
content-encoding: gzip
content-length: 552
content-type: text/html
date: Fri, 02 Feb 2024 23:29:25 GMT
etag: "3a2-5c1ab16b3be00-gzip"
expires: Fri, 09 Feb 2024 23:29:25 GMT
last-modified: Thu, 06 May 2021 15:37:28 GMT
link: <https://adv-srv.office-partner.de/?utm_source=webgains&utm_campaign=webgains>; rel="canonical"
server: keycdn
vary: Accept-Encoding
x-accel-version: 0.01
x-cache: HIT
x-edge-location: defr

GET
H2 200 e99aace94e6e5873e27022e22519b6a9 Show response
pv.medialead.de/trck/epv/ Frame 5C50 0
327 B 108ms
28ms Document
application/javascript 91.121.248.44
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://pv.medialead.de/trck/epv/e99aace94e6e5873e27022e22519b6a9?subid=12614700002615704444550012589008&t=htlp&gdpr=1&consent=1&gdpr_consent=
Requested by: Host: hal90008.redintelligence.net
URL: https://hal90008.redintelligence.net/request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=3b244e0690&subid=&uid=076e6e14bcc3b622&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCmD4s1Hq9ZdrTLbmqjuwPsouFyAmm5b2gaYWVnKfJD_AuEAEg8KqHIWCVgoCAmAfIAQmpAr3QS9cwGLI-qAMByAObBKoE3AFP0CdXwN9GQiys25Ylx8juXyeuO2OQOnBJ-ohvHBKcLAWNi3MpV4p_Mcnae1Pd7dXmrEEUSSYEtrfnHkP-LrxlO6Pn3SunCb7-019OnoElRUcm4lI1n1BbQUA6k26fjGmp0mzOf0EidBVZRn_48Bh6fYQuFjub_wH12w423v4UXb8aVHbADAExhIPApTPX-A0GuHXLagzvnvqwjJxG54iSw3lZhc2zaob4FqXtBEwIX7QizHxAtC8XeXK6catfjfmvMp8dW6bylH1wm_blaDSRnMDPGY83BwPDa8NCwATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCCUIgOGAEBABGB0yAqoCOgiAQICAhICABEi9_cE6WOjXgdznjYQDgAoDmAsByAsBgAwBqg0CREXiDRMI7ouC3OeNhAMVOZWDBx2yRQGZsBOH77EV0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSPAAvHhf_xRZn3QbHvDD3Z6sscQfOspH4mrGF8di0XQeaw4_iEKlxN0CuEBtPHtoyfpDf-g2ej2XztV4B6xgB%26sig%3DAOD64_3E0qHEzfSm7iEFGJU9HzFdw6zlXQ%26client%3Dca-pub-9699434551737642%26dbm_c%3DAKAmf-A1DI6bPXy8vief0yBvR-WNC7n_UDV3XIExRgQlnlsrbsrGCqJ56paIDXNNGDQ1PcPxy90qtDKQsm0wUnBBCM2oX_9czbstc9HQeRCRGATri4B7rD7ARu9smYEkasf7zNdM6z12T0EMeC_4QTJRKUVflOr2jLbKx5zhZjzxZqGFWT6tqTs%26cry%3D1%26dbm_d%3DAKAmf-AXvVRaYsJKZgZt8-7WqQqDbl9aZfv9exuxUbq5RgCvtbJWfAxk6FCwabkDVx-ic7Xcpl6kPQFur1zEPde1geRan5CcCXDmBBZtl2GF90VpgncStkF1Z0HgGM5vFXsPnXwyWKDdd7VAuGKuzossqq9Vvpq3I93bymplsIWZjJfJergPTsoeuhFLGRhgr6q89kLjf83xNltsJMvMJcSs4ZfRXolUon1JeHgPN6doLyE8074t8UowYu_YjAh8aMH_WLnQc5VQ2-y5JtFtl8IjdBfWS_Bo5tyayHf7RuuTPCzAktcCwACZ3ByslGqCREycXRIk5nkAO18gGGJk_saLDjRddcoeJTd1WJiJmycRFjFX8tC3tf8L_hDJOC4-ec9irmp5JXA9ypaV2HPSVAIfSi-YuF1nJrHxLeZSTaFfLsrlUcBs7FMftDL8-a3IYYBPRMityKd6PJpmEt-247pH0Hhx-PQlKKH0Km83WFVGcrJpaxFH9OC3CMjXLKRWzI3XraqvbTY2-nnLwmWP0RlVeZ5t4EVoAMzxZe94hXRbQX3Ser1SF0-c41EwoJJ2DPc3kKBm2KRfIA9Ri5azZ_vmhZ9kfK6UlBFV9mhUfwet0n4MznuzH0G7QglE7nTrXfH1Y3Me8uQC%26adurl%3D&documentReferer=https%3A%2F%2Fd53e39e13c61f683f3b844fec1036e9d.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html%3Fn%3D2&ancestorOrigins=https%3A%2F%2Fd53e39e13c61f683f3b844fec1036e9d.safeframe.googlesyndication.com%2Chttps%3A%2F%2Frimg.abv.bg%2Chttps%3A%2F%2Fbimg.abv.bg%2Chttps%3A%2F%2Fwww.abv.bg&random=7051435369361&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 91.121.248.44 Paris, France, ASN16276 (OVH, FR),
Reverse DNS: ip44.ip-91-121-248.eu
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://d53e39e13c61f683f3b844fec1036e9d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: *
access-control-expose-headers: X-Request-ID
attribution-reporting-register-source: {"source_event_id":"17200521800103982","destination":"https://trck.easy-m.de","expiry":5184000,"filter_data":{}}
content-length: 0
content-type: application/javascript; charset=utf-8
date: Fri, 02 Feb 2024 23:29:25 GMT
host: pv.medialead.de
proxy-host: pv.medialead.de
server: nginx
vary: Origin

GET
H2

200

htlp Show response
futalis.de/ Frame D6E3
Redirect Chain

https://cdn.retailads.net/tb.php?t=150337V2172132532M&subid=12614700002615704444550012589008&ra_cnt_active=1&ra_cnt=1
https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=3508217906

350 B
401 B

101ms
24ms

Document
text/html

49.12.22.42
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=3508217906
Requested by: Host: hal90008.redintelligence.net
URL: https://hal90008.redintelligence.net/request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=3b244e0690&subid=&uid=076e6e14bcc3b622&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCmD4s1Hq9ZdrTLbmqjuwPsouFyAmm5b2gaYWVnKfJD_AuEAEg8KqHIWCVgoCAmAfIAQmpAr3QS9cwGLI-qAMByAObBKoE3AFP0CdXwN9GQiys25Ylx8juXyeuO2OQOnBJ-ohvHBKcLAWNi3MpV4p_Mcnae1Pd7dXmrEEUSSYEtrfnHkP-LrxlO6Pn3SunCb7-019OnoElRUcm4lI1n1BbQUA6k26fjGmp0mzOf0EidBVZRn_48Bh6fYQuFjub_wH12w423v4UXb8aVHbADAExhIPApTPX-A0GuHXLagzvnvqwjJxG54iSw3lZhc2zaob4FqXtBEwIX7QizHxAtC8XeXK6catfjfmvMp8dW6bylH1wm_blaDSRnMDPGY83BwPDa8NCwATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCCUIgOGAEBABGB0yAqoCOgiAQICAhICABEi9_cE6WOjXgdznjYQDgAoDmAsByAsBgAwBqg0CREXiDRMI7ouC3OeNhAMVOZWDBx2yRQGZsBOH77EV0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSPAAvHhf_xRZn3QbHvDD3Z6sscQfOspH4mrGF8di0XQeaw4_iEKlxN0CuEBtPHtoyfpDf-g2ej2XztV4B6xgB%26sig%3DAOD64_3E0qHEzfSm7iEFGJU9HzFdw6zlXQ%26client%3Dca-pub-9699434551737642%26dbm_c%3DAKAmf-A1DI6bPXy8vief0yBvR-WNC7n_UDV3XIExRgQlnlsrbsrGCqJ56paIDXNNGDQ1PcPxy90qtDKQsm0wUnBBCM2oX_9czbstc9HQeRCRGATri4B7rD7ARu9smYEkasf7zNdM6z12T0EMeC_4QTJRKUVflOr2jLbKx5zhZjzxZqGFWT6tqTs%26cry%3D1%26dbm_d%3DAKAmf-AXvVRaYsJKZgZt8-7WqQqDbl9aZfv9exuxUbq5RgCvtbJWfAxk6FCwabkDVx-ic7Xcpl6kPQFur1zEPde1geRan5CcCXDmBBZtl2GF90VpgncStkF1Z0HgGM5vFXsPnXwyWKDdd7VAuGKuzossqq9Vvpq3I93bymplsIWZjJfJergPTsoeuhFLGRhgr6q89kLjf83xNltsJMvMJcSs4ZfRXolUon1JeHgPN6doLyE8074t8UowYu_YjAh8aMH_WLnQc5VQ2-y5JtFtl8IjdBfWS_Bo5tyayHf7RuuTPCzAktcCwACZ3ByslGqCREycXRIk5nkAO18gGGJk_saLDjRddcoeJTd1WJiJmycRFjFX8tC3tf8L_hDJOC4-ec9irmp5JXA9ypaV2HPSVAIfSi-YuF1nJrHxLeZSTaFfLsrlUcBs7FMftDL8-a3IYYBPRMityKd6PJpmEt-247pH0Hhx-PQlKKH0Km83WFVGcrJpaxFH9OC3CMjXLKRWzI3XraqvbTY2-nnLwmWP0RlVeZ5t4EVoAMzxZe94hXRbQX3Ser1SF0-c41EwoJJ2DPc3kKBm2KRfIA9Ri5azZ_vmhZ9kfK6UlBFV9mhUfwet0n4MznuzH0G7QglE7nTrXfH1Y3Me8uQC%26adurl%3D&documentReferer=https%3A%2F%2Fd53e39e13c61f683f3b844fec1036e9d.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html%3Fn%3D2&ancestorOrigins=https%3A%2F%2Fd53e39e13c61f683f3b844fec1036e9d.safeframe.googlesyndication.com%2Chttps%3A%2F%2Frimg.abv.bg%2Chttps%3A%2F%2Fbimg.abv.bg%2Chttps%3A%2F%2Fwww.abv.bg&random=7051435369361&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 49.12.22.42 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: lb-3.futalis.de
Software: /
Resource Hash: 582e283baa4cce4006055beb2eb8fe257c1ec5ef573a40f173b880636089e8cd

Request headers

Referer: https://d53e39e13c61f683f3b844fec1036e9d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-length: 350
content-type: text/html; charset=utf-8

Redirect headers

content-length: 0
content-type: text/html; charset=utf-8
date: Fri, 02 Feb 2024 23:29:25 GMT
location: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=3508217906
p3p: policyref="https://www.retailads.net/w3c/p3p.xml",CP="NOI CUR OUR STP"
server: Apache
xphp81: true

GET
H2 200 link.html Show response
track.webgains.com/ Frame 7C7A 2 KB
2 KB 208ms
97ms Script
text/html 18.171.29.178
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=2513135&wgcampaignid=99582&js=1&viewref=12614700002615704444550012589008&nw=1
Requested by: Host: www.abv.bg
URL: https://www.abv.bg/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.171.29.178 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-171-29-178.eu-west-2.compute.amazonaws.com
Software: nginx / PHP/7.4.26
Resource Hash: a48dde77f414bd2c73ae64de215ba75252ea3b64edf58ac9b8332bec199ff119

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d53e39e13c61f683f3b844fec1036e9d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 23:29:25 GMT
last-modified: Fri, 02 Feb 2024 23:29:25 GMT
server: nginx
x-powered-by: PHP/7.4.26
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=60
access-control-allow-headers: Authorization
expires: Fri, 02 Feb 2024 23:30:25 GMT

GET
H/1.1 200
OK request_content.php Show response
hal90008.redintelligence.net/ Frame 96D8 7 KB
2 KB 70ms
24ms Document
text/html 138.201.63.150
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90008.redintelligence.net/request_content.php?s=12614700002615704444550012589008&a=c9e47829
Requested by: Host: hal90008.redintelligence.net
URL: https://hal90008.redintelligence.net/request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=3b244e0690&subid=&uid=076e6e14bcc3b622&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCmD4s1Hq9ZdrTLbmqjuwPsouFyAmm5b2gaYWVnKfJD_AuEAEg8KqHIWCVgoCAmAfIAQmpAr3QS9cwGLI-qAMByAObBKoE3AFP0CdXwN9GQiys25Ylx8juXyeuO2OQOnBJ-ohvHBKcLAWNi3MpV4p_Mcnae1Pd7dXmrEEUSSYEtrfnHkP-LrxlO6Pn3SunCb7-019OnoElRUcm4lI1n1BbQUA6k26fjGmp0mzOf0EidBVZRn_48Bh6fYQuFjub_wH12w423v4UXb8aVHbADAExhIPApTPX-A0GuHXLagzvnvqwjJxG54iSw3lZhc2zaob4FqXtBEwIX7QizHxAtC8XeXK6catfjfmvMp8dW6bylH1wm_blaDSRnMDPGY83BwPDa8NCwATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCCUIgOGAEBABGB0yAqoCOgiAQICAhICABEi9_cE6WOjXgdznjYQDgAoDmAsByAsBgAwBqg0CREXiDRMI7ouC3OeNhAMVOZWDBx2yRQGZsBOH77EV0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSPAAvHhf_xRZn3QbHvDD3Z6sscQfOspH4mrGF8di0XQeaw4_iEKlxN0CuEBtPHtoyfpDf-g2ej2XztV4B6xgB%26sig%3DAOD64_3E0qHEzfSm7iEFGJU9HzFdw6zlXQ%26client%3Dca-pub-9699434551737642%26dbm_c%3DAKAmf-A1DI6bPXy8vief0yBvR-WNC7n_UDV3XIExRgQlnlsrbsrGCqJ56paIDXNNGDQ1PcPxy90qtDKQsm0wUnBBCM2oX_9czbstc9HQeRCRGATri4B7rD7ARu9smYEkasf7zNdM6z12T0EMeC_4QTJRKUVflOr2jLbKx5zhZjzxZqGFWT6tqTs%26cry%3D1%26dbm_d%3DAKAmf-AXvVRaYsJKZgZt8-7WqQqDbl9aZfv9exuxUbq5RgCvtbJWfAxk6FCwabkDVx-ic7Xcpl6kPQFur1zEPde1geRan5CcCXDmBBZtl2GF90VpgncStkF1Z0HgGM5vFXsPnXwyWKDdd7VAuGKuzossqq9Vvpq3I93bymplsIWZjJfJergPTsoeuhFLGRhgr6q89kLjf83xNltsJMvMJcSs4ZfRXolUon1JeHgPN6doLyE8074t8UowYu_YjAh8aMH_WLnQc5VQ2-y5JtFtl8IjdBfWS_Bo5tyayHf7RuuTPCzAktcCwACZ3ByslGqCREycXRIk5nkAO18gGGJk_saLDjRddcoeJTd1WJiJmycRFjFX8tC3tf8L_hDJOC4-ec9irmp5JXA9ypaV2HPSVAIfSi-YuF1nJrHxLeZSTaFfLsrlUcBs7FMftDL8-a3IYYBPRMityKd6PJpmEt-247pH0Hhx-PQlKKH0Km83WFVGcrJpaxFH9OC3CMjXLKRWzI3XraqvbTY2-nnLwmWP0RlVeZ5t4EVoAMzxZe94hXRbQX3Ser1SF0-c41EwoJJ2DPc3kKBm2KRfIA9Ri5azZ_vmhZ9kfK6UlBFV9mhUfwet0n4MznuzH0G7QglE7nTrXfH1Y3Me8uQC%26adurl%3D&documentReferer=https%3A%2F%2Fd53e39e13c61f683f3b844fec1036e9d.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html%3Fn%3D2&ancestorOrigins=https%3A%2F%2Fd53e39e13c61f683f3b844fec1036e9d.safeframe.googlesyndication.com%2Chttps%3A%2F%2Frimg.abv.bg%2Chttps%3A%2F%2Fbimg.abv.bg%2Chttps%3A%2F%2Fwww.abv.bg&random=7051435369361&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.150 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.150.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 21fc3ce05fbbb71c52a0041c08978bd9de7209acd687464ddb84495a0724406e

Request headers

Referer: https://d53e39e13c61f683f3b844fec1036e9d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Encoding: gzip
Content-Length: 2082
Content-Type: text/html; charset=utf-8
Date: Fri, 02 Feb 2024 23:29:25 GMT
Expires: Fri, 02 Feb 2024 23:29:25 +0100
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding

GET
H2 200 e99aace94e6e5873e27022e22519b6a9
pv.medialead.de/trck/eview/ Frame 7C7A 43 B
360 B 108ms
28ms Image
image/gif 91.121.248.44
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pv.medialead.de/trck/eview/e99aace94e6e5873e27022e22519b6a9?subid=12614700002615704444550012589008&t=htlp&gdpr=1&consent=1&gdpr_consent=
Requested by: Host: d53e39e13c61f683f3b844fec1036e9d.safeframe.googlesyndication.com
URL: https://d53e39e13c61f683f3b844fec1036e9d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 91.121.248.44 Paris, France, ASN16276 (OVH, FR),
Reverse DNS: ip44.ip-91-121-248.eu
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d53e39e13c61f683f3b844fec1036e9d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 23:29:25 GMT
attribution-reporting-register-source: {"source_event_id":"17200521800103982","destination":"https://trck.easy-m.de","expiry":5184000,"filter_data":{}}
server: nginx
host: pv.medialead.de
vary: Origin
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: X-Request-ID
access-control-allow-credentials: true
content-length: 43
proxy-host: pv.medialead.de

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame D820 1 KB
643 B 21ms
20ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: d53e39e13c61f683f3b844fec1036e9d.safeframe.googlesyndication.com
URL: https://d53e39e13c61f683f3b844fec1036e9d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d53e39e13c61f683f3b844fec1036e9d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 22721
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 02 Feb 2024 17:10:44 GMT
etag: 48472445140208031
expires: Sat, 03 Feb 2024 17:10:44 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D820
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEPVHn3FpYcInkj5LUjQ2oyE&google_push=AXcoOmTOxkhGLQ56GK0xaHns5VC31P4qPmZ4o64C_DhNAFuLuEyAt3Ynyq...

170 B
188 B

34ms
34ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEPVHn3FpYcInkj5LUjQ2oyE&google_push=AXcoOmTOxkhGLQ56GK0xaHns5VC31P4qPmZ4o64C_DhNAFuLuEyAt3Ynyq9EwHk0rCJkGAfcpEsQCOrdruUnN7Sc5aG8po7AMgyu

Requested by

Host: d53e39e13c61f683f3b844fec1036e9d.safeframe.googlesyndication.com
URL: https://d53e39e13c61f683f3b844fec1036e9d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Feb 2024 23:29:25 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by: cache-fra-eddf8230090-FRA
pragma: no-cache
date: Fri, 02 Feb 2024 23:29:25 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1706916566.775681,VS0,VE145
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEPVHn3FpYcInkj5LUjQ2oyE&google_push=AXcoOmTOxkhGLQ56GK0xaHns5VC31P4qPmZ4o64C_DhNAFuLuEyAt3Ynyq9EwHk0rCJkGAfcpEsQCOrdruUnN7Sc5aG8po7AMgyu
cache-control: no-cache
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D820
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEPuHaC2NLxHeuKjkLPeyoU0&google_cver=1&google_push=AXcoOmSs454v7-6JqIjp70mtIRKfbFB9CkPh14eyvrfmHS78rWjUWSlCj6jnHVz1QLDDtifEEHapTgm7RGNbS6HUNwffuISV5Adm
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=D9BAFA67ADEE4716BEA5A02694A5CAF1&google_push=AXcoOmSs454v7-6JqIjp70mtIRKfbFB9CkPh14eyvrfmHS78rWjUWSlCj6jnHVz1QLDDtifEEHapTgm7RGNbS6H...

170 B
188 B

30ms
30ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=D9BAFA67ADEE4716BEA5A02694A5CAF1&google_push=AXcoOmSs454v7-6JqIjp70mtIRKfbFB9CkPh14eyvrfmHS78rWjUWSlCj6jnHVz1QLDDtifEEHapTgm7RGNbS6HUNwffuISV5Adm

Requested by

Host: d53e39e13c61f683f3b844fec1036e9d.safeframe.googlesyndication.com
URL: https://d53e39e13c61f683f3b844fec1036e9d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Feb 2024 23:29:25 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 02 Feb 2024 23:29:25 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=D9BAFA67ADEE4716BEA5A02694A5CAF1&google_push=AXcoOmSs454v7-6JqIjp70mtIRKfbFB9CkPh14eyvrfmHS78rWjUWSlCj6jnHVz1QLDDtifEEHapTgm7RGNbS6HUNwffuISV5Adm
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Thu, 01 Feb 2024 23:29:25 GMT

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame D820 70 B
149 B 137ms
42ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEA1v3kmKoBqWAf3COSAvk6w&google_cver=1&google_push=AXcoOmQrVpl9QCXiAv7n7B0gT26BzLhUOo7kY7LpwiLvmI-CHlUuUKUOrzQCLRgdeNZfqtLLiA2Jl-aceRzyXpbpN9rZy5PezoMt
Requested by: Host: d53e39e13c61f683f3b844fec1036e9d.safeframe.googlesyndication.com
URL: https://d53e39e13c61f683f3b844fec1036e9d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 23:29:25 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D820
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEB6i7wGep8mQLv_B7tjswjo&google_cver=1&google_push=AXcoOmS6dwZeDpspyrRRUiudC5fIXIunpgryI2kM6Q1yFsvZno5BxqZ0BAkLnNq-AsXtmNiBiyA85HR9obo4c1...
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMzMTE1MDgyMzY4ODk2MDE0MA%3D%3D&google_push=AXcoOmS6dwZeDpspyrRRUiudC5fIXIunpgryI2kM6Q1yFsvZno5BxqZ0BAkLnNq-AsXtmNiBiyA85HR9obo4c1joiU...

170 B
188 B

30ms
30ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMzMTE1MDgyMzY4ODk2MDE0MA%3D%3D&google_push=AXcoOmS6dwZeDpspyrRRUiudC5fIXIunpgryI2kM6Q1yFsvZno5BxqZ0BAkLnNq-AsXtmNiBiyA85HR9obo4c1joiUQ016vDGCJD

Requested by

Host: d53e39e13c61f683f3b844fec1036e9d.safeframe.googlesyndication.com
URL: https://d53e39e13c61f683f3b844fec1036e9d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Feb 2024 23:29:25 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMzMTE1MDgyMzY4ODk2MDE0MA%3D%3D&google_push=AXcoOmS6dwZeDpspyrRRUiudC5fIXIunpgryI2kM6Q1yFsvZno5BxqZ0BAkLnNq-AsXtmNiBiyA85HR9obo4c1joiUQ016vDGCJD
Date: Fri, 02 Feb 2024 23:29:25 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H2 200 UCookieSetPug
image6.pubmatic.com/AdServer/ Frame D820 0
166 B 124ms
32ms Image
text/html 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEL7ZBiB8ey5y_Bjp93SgTkk&google_cver=1&google_push=AXcoOmRF7IBPnEYXkcUGlzUCyPkpLudqXtlE9FrP51FNPD33vIc9GTepRWTvNJRPjBUqhFZMC0WsLpI1PVwyYybqN5Pr9qO6eRPs
Requested by: Host: d53e39e13c61f683f3b844fec1036e9d.safeframe.googlesyndication.com
URL: https://d53e39e13c61f683f3b844fec1036e9d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date: Fri, 02 Feb 2024 23:29:25 GMT
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D820
Redirect Chain

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEA5nFkclGW2iAuKCb8-T1j4&google_cver=1&google_push=AXcoOmTDNl66qp8mZE9fSM-3GQ3O5bRSB5kmXLCUEK4ARfQ4FWy4yRWsqrVOk2EzCbrTY9mw6JsKEi0kvST5GZVbVdrkoaT2R8bd
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AXcoOmTDNl66qp8mZE9fSM-3GQ3O5bRSB5kmXLCUEK4ARfQ4FWy4yRWsqrVOk2EzCbrTY9mw6JsKEi0kvST5GZVbVdrkoaT2R8b...
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjMzNTI4NjYwNTA0OTUyMDEyMDkwNA%3D%3D&google_push=AXcoOmTDNl66qp8mZE9fSM-3GQ3O5bRSB5kmXLCUEK4ARfQ4FWy4yRWs...

170 B
188 B

30ms
30ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjMzNTI4NjYwNTA0OTUyMDEyMDkwNA%3D%3D&google_push=AXcoOmTDNl66qp8mZE9fSM-3GQ3O5bRSB5kmXLCUEK4ARfQ4FWy4yRWsqrVOk2EzCbrTY9mw6JsKEi0kvST5GZVbVdrkoaT2R8bd

Requested by

Host: d53e39e13c61f683f3b844fec1036e9d.safeframe.googlesyndication.com
URL: https://d53e39e13c61f683f3b844fec1036e9d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Feb 2024 23:29:25 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjMzNTI4NjYwNTA0OTUyMDEyMDkwNA%3D%3D&google_push=AXcoOmTDNl66qp8mZE9fSM-3GQ3O5bRSB5kmXLCUEK4ARfQ4FWy4yRWsqrVOk2EzCbrTY9mw6JsKEi0kvST5GZVbVdrkoaT2R8bd
date: Fri, 02 Feb 2024 23:29:25 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H/1.1 200
OK pub
cs.chocolateplatform.com/ Frame D820 0
134 B 338ms
106ms Image
text/plain 159.203.145.121
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.chocolateplatform.com/pub?pid=ebda&google_gid=CAESEO5h_KfmVfe2sDDJfgIb7EM&google_cver=1&google_push=AXcoOmTuuT9h8_rL_YBuqyrIcEXrvYyVBNTMf78dl2W4Y8nBmgaSi_a-QqcTuK2wLj6fWFxJLKxgfTFXF69NnlX6Cde7juKMiziQ
Requested by: Host: d53e39e13c61f683f3b844fec1036e9d.safeframe.googlesyndication.com
URL: https://d53e39e13c61f683f3b844fec1036e9d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 159.203.145.121 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: CookieSync Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 02 Feb 2024 23:29:25 GMT
server: CookieSync Server
content-length: 0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame D820 0
12 B 28ms
28ms Image
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LsmrIy7kZvw6Xv9C3n4rQBh7N91_bCMEpdjdfIONG1FWI_-33L3KvJ0bB4hrm6fdg-E37g

Requested by

Host: d53e39e13c61f683f3b844fec1036e9d.safeframe.googlesyndication.com
URL: https://d53e39e13c61f683f3b844fec1036e9d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 23:29:25 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 css
fonts.googleapis.com/ Frame 96D8 2 KB
843 B 77ms
29ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Titillium+Web:400,700

Requested by

Host: hal90008.redintelligence.net
URL: https://hal90008.redintelligence.net/request_content.php?s=12614700002615704444550012589008&a=c9e47829

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

bf5b911ce6645add415b3dbf40d50dc8cda426f38f5300525bf4793c4131b2c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal90008.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 02 Feb 2024 23:29:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 02 Feb 2024 22:00:39 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 02 Feb 2024 23:29:25 GMT

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 96D8 9 KB
9 KB 72ms
25ms Image
image/png 88.99.219.174
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=62&height=62&url=https://cdn.contentspread.net/24i/advertiser/30229/creativesup/627x627_Office-Partner.jpg
Requested by: Host: hal90008.redintelligence.net
URL: https://hal90008.redintelligence.net/request_content.php?s=12614700002615704444550012589008&a=c9e47829
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 88.99.219.174 Lutzingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.174.219.99.88.clients.your-server.de
Software: Apache /
Resource Hash: 696082bb5b82c869497d60d80530366c9e757a2274426db9bc6677b766c561af

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal90008.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Fri, 02 Feb 2024 23:29:25 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 9249
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 96D8 9 KB
9 KB 111ms
62ms Image
image/png 88.99.219.174
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=62&height=62&url=https://cdn.contentspread.net/24i/advertiser/6383/creativesup/postbank-business-giro-aktiv-627x627.jpg
Requested by: Host: hal90008.redintelligence.net
URL: https://hal90008.redintelligence.net/request_content.php?s=12614700002615704444550012589008&a=c9e47829
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 88.99.219.174 Lutzingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.174.219.99.88.clients.your-server.de
Software: Apache /
Resource Hash: 7608cdeddbdf3a02e0161af6fb11d64433cf62c594d44b0dbfef8eab8eb61916

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal90008.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Fri, 02 Feb 2024 23:29:25 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 9209
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 96D8 7 KB
8 KB 119ms
69ms Image
image/png 88.99.219.174
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=62&height=62&url=https://cdn.contentspread.net/24i/advertiser/55487/creativesup/627x627.jpg
Requested by: Host: hal90008.redintelligence.net
URL: https://hal90008.redintelligence.net/request_content.php?s=12614700002615704444550012589008&a=c9e47829
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 88.99.219.174 Lutzingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.174.219.99.88.clients.your-server.de
Software: Apache /
Resource Hash: 75c6ffa4a046f0140bcffafa5302a23d137bc55d2cc3647d4a853f4c90732bc5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal90008.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Fri, 02 Feb 2024 23:29:25 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 7631
Vary: Accept-Encoding
Content-Type: image/png

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ Frame 7F2A 181 KB
64 KB 46ms
45ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF

Requested by

Host: adv.office-partner.de
URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3b6ff8303a1bda2213218bdcb6638dbfaf89a3fb89d3668a7602329e9b5e5e52

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adv.office-partner.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 23:29:25 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65693
x-xss-protection: 0
last-modified: Fri, 02 Feb 2024 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 02 Feb 2024 23:29:25 GMT

GET
H/1.1 200
OK viewability Show response
hal90008.redintelligence.net/ Frame 96D8 0
150 B 72ms
24ms Script
text/html 138.201.63.150
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90008.redintelligence.net/viewability?s=12614700002615704444550012589008&a=4a427ec8&vb=m
Requested by: Host: hal90008.redintelligence.net
URL: https://hal90008.redintelligence.net/request_content.php?s=12614700002615704444550012589008&a=c9e47829
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.150 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.150.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal90008.redintelligence.net/request_content.php?s=12614700002615704444550012589008&a=c9e47829
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Fri, 02 Feb 2024 23:29:25 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H2 200 ts.js Show response
cdn.retailads.net/ Frame D6E3 5 KB
5 KB 21ms
21ms Script
application/javascript 2a01:4f8:d0a:2321::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.retailads.net/ts.js
Requested by: Host: futalis.de
URL: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=3508217906
Protocol: H2
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 2a01:4f8:d0a:2321::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: Apache /
Resource Hash: 525e7c89461afb3f73ea7030fbceba4f9e9383570159926acee637b4f86b8148

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://futalis.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 23:29:25 GMT
last-modified: Wed, 05 Apr 2023 20:14:46 GMT
server: Apache
etag: "1416-5f89c717cdc2f"
content-type: application/javascript
xphp81: true
accept-ranges: bytes
content-length: 5142

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame 7F2A 277 KB
92 KB 28ms
27ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-Q7C756EV6G&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

57dee07638470994903d944d9149740e5679a35ef1e42190c042e36812475e8c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adv.office-partner.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 23:29:25 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 93980
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 02 Feb 2024 23:29:25 GMT

GET
H2 200 storage.html Show response
analytics.contentexchange.me/bex/ Frame D9D3 1 KB
631 B 38ms
37ms Document
text/html 46.19.11.36
SIEL

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.contentexchange.me/bex/storage.html
Requested by: Host: analytics.contentexchange.me
URL: https://analytics.contentexchange.me/bex/load/5f9ae8347f08c7237d8609f9
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 46.19.11.36 , Slovenia, ASN51790 (SIEL, SI),
Reverse DNS: ilog.vsn.si
Software: nginx/1.16.1 /
Resource Hash: 78526ac509a71a338fd7659197f80b4a153b6c4cdd4d61240511b78e47370834

Request headers

Referer: https://img.abv.bg/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=31536000
content-encoding: gzip
content-type: text/html
date: Fri, 02 Feb 2024 23:29:25 GMT
server: nginx/1.16.1

GET
H2

200

3923349716448940480
match.contentexchange.me/adform/ Frame 893D
Redirect Chain

https://dmp.adform.net/serving/cookie/match?party=1219&cid=65bd7ad5d16c2e2a9131d3b8&redirect=https://match.contentexchange.me/adform/__ADFUID__
https://dmp.adform.net/serving/cookie/match?CC=1&party=1219&cid=65bd7ad5d16c2e2a9131d3b8&redirect=https://match.contentexchange.me/adform/__ADFUID__
https://match.contentexchange.me/adform/3923349716448940480

0
48 B

44ms
43ms

Image
text/plain

46.19.11.36
SIEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.contentexchange.me/adform/3923349716448940480
Protocol: H2
Server: 46.19.11.36 , Slovenia, ASN51790 (SIEL, SI),
Reverse DNS: ilog.vsn.si
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://img.abv.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 23:29:26 GMT
content-length: 0
server: nginx/1.16.1

Redirect headers

pragma: no-cache
date: Fri, 02 Feb 2024 23:29:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://match.contentexchange.me/adform/3923349716448940480
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 request
match.contentexchange.me/ Frame 893D 0
48 B 70ms
38ms Image
text/plain 46.19.11.36
SIEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.contentexchange.me/request
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 46.19.11.36 , Slovenia, ASN51790 (SIEL, SI),
Reverse DNS: ilog.vsn.si
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://img.abv.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 23:29:25 GMT
content-length: 0
server: nginx/1.16.1

GET
H2 200 collect
collector_sr.contentexchange.me/bg/ Frame 893D 43 B
259 B 149ms
36ms Image
image/gif 46.19.9.32
SIEL

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://collector_sr.contentexchange.me/bg/collect?event=pageview&gdpr=2&pv=471b4d0f-b3c2-4e95-b9ea-bc968690e4bf&url=https%3A%2F%2Fwww.abv.bg%2F&ref=iframe&user_id=65bd7ad5d16c2e2a9131d3b8&new=true&tz=-60&cs=windows-1252&ns=1706916565431&req_ts=1706916564943&res_ts=1706916564988&ts=1706916565862&screen=1200x1600x24

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

46.19.9.32 , Slovenia, ASN51790 (SIEL, SI),

Reverse DNS

trfx.serv.si

Software

nginx/1.16.1 /

Resource Hash

d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://img.abv.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 23:29:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: nginx/1.16.1
content-type: image/gif

GET
H2 200 pvClk.min.js Show response
analytics.webgains.io/ Frame 7C7A 56 KB
19 KB 139ms
38ms Script
application/javascript 18.239.255.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/pvClk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=2513135&wgcampaignid=99582&js=1&viewref=12614700002615704444550012589008&nw=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.255.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-255-3.bud50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ace44b78e613a7199dfb108bc4b31f8d017c1053d469e231eab78eb60cb51b07

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d53e39e13c61f683f3b844fec1036e9d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 09:52:45 GMT
content-encoding: gzip
via: 1.1 958678c8b28f579ac2dae5a06f183e02.cloudfront.net (CloudFront)
last-modified: Thu, 01 Feb 2024 09:49:57 GMT
server: AmazonS3
x-amz-cf-pop: BUD50-P2
age: 49005
x-amz-server-side-encryption: AES256
etag: W/"2ef4dffee1e13116d65e55acc50ac4aa"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: EdII_GFPg5SHpANzAqY6g4ceMWzy6rXT7i2Esl5RmzbL3JiiRDbpFA==

GET
H2 200 1x1.png
cdn.track.production.webgains.team/7121/ Frame 7C7A 3 KB
3 KB 76ms
18ms Image
image/png 99.86.4.36
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.track.production.webgains.team/7121/1x1.png?Expires=1706916865&Signature=gg2u4FIuVglLMv3WfeIb4yzghfre1TahMPLdEgQVURj694tlDkfx-Lcw0pW9DY3gyDUaT1ZYlhCVA5x~J9x-OeL1Tos4DgHL5KWO90P0AQraZYDoUDpXs~5B~wD1vIXbPn1DNCEUjsq31EJeDowpTN0pBc2SF6fcR4~uWPUt~5ysFlm9L18pIhEJRdsALI1q5WUjU29bu1iLvzaSTj~Q6QYiHO0xTc68Lol5kFmOvcOZAn7lf41NO1lE~GOG2lXnweWAIv93ezOnFBYzamnAj6FfW9hGXAkj1nwuaON5gckyZx5Jz62gKX5HXMrN-DyyrvYltnpynnf1qJ2nXGp9Kg__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by: Host: d53e39e13c61f683f3b844fec1036e9d.safeframe.googlesyndication.com
URL: https://d53e39e13c61f683f3b844fec1036e9d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-36.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 232d3fbf590a584138bb563319747dbef0c9e41db91f19ff45d41e785a5f4f98

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d53e39e13c61f683f3b844fec1036e9d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-amz-version-id: null
date: Fri, 02 Feb 2024 04:48:22 GMT
via: 1.1 82e9051d8d41080bd3028731e0e8677e.cloudfront.net (CloudFront)
last-modified: Fri, 06 May 2022 11:40:06 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
age: 67264
etag: "4e57de0506fbdb487ffcd53b450caee1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 2808
x-amz-cf-id: ZJF92TMyHv2AaAzC6vreLdKUW0KGzn0EK5ORZyGwcGWq0Dr0OpQq2w==

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 58C0 0
0 54ms
53ms Image
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202401290201&jk=3995585039932507&bg=!Q0ClQA_NAAa8BdJLnAU7ADQBe5WfOGZCnfo3Kyd0xNjVIcFGOjd1QlUJCSMj55Oc4zBIilWO1MNk4MBEHHq_UHFoRG-vAgAAANRSAAAAA2gBB5kC3PTvelgL6vpbpi_TnR5QW1-aRcEvzGAR9x6XicRQiHKAJMrGWO3CYSV13KFyNCGa63iABWiim2sse6KmutIcKkID76ktb0pSFMS1buYagT_hGRUlIUYOL8akn98xkSKoxDPopjaAAClmgnGAZ_bqGrx_1MfrWVT7agO3zk5BZUH1o5gLiF7wl5dnC2tB1AxQmFWV7PFO68SLkW0P2cal5TIxXNUPe9eOQluK2jBi7Cb3f00Skog7Oj_V66RfDplwQhFjga9SAalqALPvrPRTPwZ02jcm650ed9djOsG3kMJQIzhZbCHViP53LCEErfxAB4M6u3sfaDR_G0lpZVPvlc7KWCXAP1Y7h7UXtjoCbNoEV8cJslty1zagsq-nWBHotrdnVpYQ3s-VHBcN5KkQ-om41YGThIbfZ1w6nrLGYu_vR9Oe3fYKbX9Kr9C0FNsJCtfKHJy9r68Go3HrtiX4e25ki-I76fnN5_fIet53N--AVaqoUSYbbXBIpAVMBxoTtUwE_rQcwXJoiJMhPBps2-XsEnrLw6M6YqYDZiMoFzdOyaygt5mL8xclN6NG8IadOhIMg-aENdj4ztqdesT9zeSo2I1HwNdheJQitrfmD7REkyWCPS2u6RsnkZreUTMnhkdA-BucjYHIyGbcIlee_HmVWFRajP1MRDYgIQHFzobOpw7lxu5Z4vTX_uapPMbb_T6O2bdG-QUFwOWEKXxyptQ6A74GLeQod_mNo7WnLomLwz6ieuuAMghrDoDXov8FDn5ej8CtD0jF-N5jXUfoNNnk2gmJ2HbJHGARp8Yukju0DF1HpbMC-CsmCKgsbjNY4fipU05nLq1Oz4tLdReI9vVFTW1n2KxjgE-C6f47StqWhdZpF0XxFbwQpUkox4Qd3GNST-MSQyWoae68XiEZ2XVa4y1z7K6tsYn0cqJlSj7xPwVqH2fSPXUwgqH-ldZkHJcbXSSTet_-ySYgIQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rimg.abv.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame 7C7A 16 B
209 B 71ms
71ms Fetch
application/json 52.56.219.216
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.56.219.216 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-56-219-216.eu-west-2.compute.amazonaws.com

Software

nginx / PHP/8.1.14

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://d53e39e13c61f683f3b844fec1036e9d.safeframe.googlesyndication.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 02 Feb 2024 23:29:26 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/8.1.14
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 165ms
37ms Preflight 52.56.219.216
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.56.219.216 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-56-219-216.eu-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://d53e39e13c61f683f3b844fec1036e9d.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

access-control-allow-headers: Authorization, Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
date: Fri, 02 Feb 2024 23:29:26 GMT
server: nginx

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7C7A 0
20 B 51ms
50ms Ping
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=9778202155126&version=m202401290101&ct=77&x=1&cor=3194554871877215700

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d53e39e13c61f683f3b844fec1036e9d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Feb 2024 23:29:27 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

29 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

39 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
img.abv.bg/e/s	1969-12-31 23:59:59	Name: Value: cx_test
www.abv.bg/	1969-12-31 23:59:59	Name: JSESSIONID Value: B38404CD3B274650D05607C79FD1A4C9
.abv.bg/	1970-01-21 02:54:12	Name: _h Value: b0218ada201b9c73ade3c0a35ca1ce5a
a.abv.bg/	1970-01-21 02:54:12	Name: OAID Value: 07171b5dc114269803c739817ac97e19
.abv.bg/	1970-01-21 03:37:24	Name: __gfp_64b Value: Bzm7zkyWuFneSePKuCpIVyuQ2p_SFEvR_qcTmXmowMb.Y7\|1706916564
.abv.bg/	1970-01-21 03:37:24	Name: __gfp_s_64b Value: Bzm7zkyWuFneSePKuCpIVyuQ2p_SFEvR_qcTmXmowMb.Y7\|1706916564
.doubleclick.net/	1970-01-21 03:30:12	Name: IDE Value: AHWqTUnyESpALqBLcS0BvvPVc9NZpeOFsqfS_-b565kJHqnnA_bQOgRfBxyfJUnB6dg
.abv.bg/	1970-01-21 03:30:12	Name: __gads Value: ID=c042a145167cca5d:T=1706916564:RT=1706916564:S=ALNI_MZgMqHQ-ta6EQRn1gtmYDEsOKrL9w
.abv.bg/	1970-01-21 03:30:12	Name: __gpi Value: UID=00000d4f6f3e7347:T=1706916564:RT=1706916564:S=ALNI_MbA_XRLZv-wZFVuA6bLqp--q4z0vQ
.abv.bg/	1970-01-20 22:27:48	Name: __eoi Value: ID=f4d5301a060bb8e9:T=1706916564:RT=1706916564:S=AA-AfjaPL9OfG7rMn75d9SjzDgeH
.doubleclick.net/	1970-01-20 22:27:48	Name: APC Value: AfxxVi6Bw_Zmdt7ck4F71ETBCFJHJ5lJlNrlDKgwfhwomkyt5KIRWQ
.doubleclick.net/	1970-01-20 22:27:48	Name: receive-cookie-deprecation Value: 1
.hit.gemius.pl/	1970-01-20 18:18:41	Name: Gtest Value: KlQPNRXGQMGG7fM8oeJAg3EUssGMXP8c25nSGg-vbtD1u51UsG..
.adnxs.com/	1970-01-21 03:44:36	Name: receive-cookie-deprecation Value: 1
.casalemedia.com/	1970-01-20 20:18:12	Name: CMPS Value: 5125
.abv.bg/	1970-01-21 02:55:38	Name: didomi_token Value: eyJ1c2VyX2lkIjoiMThkNmMyN2QtMTIyYi02MDA3LTliOGItOGFlZTkwNjAxNzFlIiwiY3JlYXRlZCI6IjIwMjQtMDItMDJUMjM6Mjk6MjUuMzA0WiIsInVwZGF0ZWQiOiIyMDI0LTAyLTAyVDIzOjI5OjI1LjMwNFoiLCJ2ZXJzaW9uIjpudWxsfQ==
.adnxs.com/	1970-01-20 20:18:12	Name: XANDR_PANID Value: p4ogV4dsDi0utuS2vvHkrKc39HI9HWxKh2c1xGJG_O5REr_o3aQbHjuOUWFJtefJW5cQStEFsa7EfYgsC-hKLFkTDEphgHUrYTRXNLVOfII.
.adnxs.com/	1970-01-20 20:18:12	Name: anj Value: dTM7k!M41.D>6NRF']wIg2GVQu%>Cu!]tbPl1M>e)ZlrFUfJ+tGXxoP[57=I:B_$l_'9Mr8_46h<S_PBOyz9FCj?WX3If)y3KL9D3I?+w<k//C
.adnxs.com/	1970-01-20 20:18:12	Name: uuid2 Value: 3790805682163927934
.doubleclick.net/	1970-01-20 18:51:48	Name: ar_debug Value: 1
.hit.gemius.pl/	1970-01-21 03:37:24	Name: Gdyn Value: KlQ-YRXGQMGG7fM8oeJAg3EUssGMXP8c25nSGg-vbtD1u5MUGsRPIQlGvGGpnF38SsGT8SpGDlnaxFLWXRSG
.hit.gemius.pl/	1970-01-21 03:37:24	Name: Gdynp Value: gPp7pT.kIMMtSi.WEhPDgT3aRlxhwGBI9Wfqo3Znxeb.v7
.casalemedia.com/	1970-01-21 02:54:12	Name: CMID Value: Zb161dvwJ8kCROwJnePorQAA
.casalemedia.com/	1970-01-20 20:18:12	Name: CMPRO Value: 3232
.redintelligence.net/	1970-01-20 20:18:12	Name: 8lcfmzhxc8d6_uid Value: 0bcb2410563cc54e
.abv.bg/	1970-01-21 03:44:36	Name: _ga Value: GA1.2.1207508347.1706916566
.abv.bg/	1970-01-20 18:10:02	Name: _gid Value: GA1.2.968593227.1706916566
.retailads.net/	1970-01-20 18:51:48	Name: ppb2172 Value: 3508217906
.adfarm1.adition.com/	1970-01-20 20:18:12	Name: UserID1 Value: 7331150823688960140
.3lift.com/	1970-01-20 20:18:12	Name: tluid Value: 2335286605049520120904
.simpli.fi/	1970-01-21 02:55:38	Name: suid Value: D9BAFA67ADEE4716BEA5A02694A5CAF1
.office-partner.de/	1970-01-21 03:44:36	Name: source Value: {"webgains_webgains":{"timestamp":1706916565860,"clickCookie":false}}
img.abv.bg/	1970-01-21 03:44:36	Name: cx_id Value: 65bd7ad5d16c2e2a9131d3b8
img.abv.bg/	1970-01-21 03:44:36	Name: cx_last_match Value: 1706916565862
.futalis.de/	1970-01-20 19:35:00	Name: raSIDb Value: 3508217906
.everesttech.net/	1970-01-21 02:54:12	Name: everest_g_v2 Value: g_surferid~Zb161QACAdkowQA9
.contentexchange.me/	1970-01-21 03:44:36	Name: cx_id Value: 65bd7ad5d16c2e2a9131d3b8
.adform.net/	1970-01-20 18:50:22	Name: C Value: 1
.adform.net/	1970-01-20 19:35:00	Name: uid Value: 3923349716448940480

90 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: about:blank Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security	warning	URL: about:blank Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security	warning	URL: about:blank Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security	warning	URL: https://www.abv.bg/js/jquery.min.js(Line 1) Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security	warning	URL: https://www.abv.bg/js/jquery.min.js(Line 1) Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security	warning	URL: https://www.abv.bg/js/jquery.min.js(Line 1) Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security	warning	URL: https://www.abv.bg/js/jquery.min.js(Line 1) Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
other	warning	URL: https://www.abv.bg/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.abv.bg/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.abv.bg/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.abv.bg/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.abv.bg/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.abv.bg/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.abv.bg/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
security	warning	URL: https://www.abv.bg/abv_gdpr.html?t=1706916563764 Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
other	warning	URL: https://www.abv.bg/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.abv.bg/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.abv.bg/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.abv.bg/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.abv.bg/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.abv.bg/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.abv.bg/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.abv.bg/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.abv.bg/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.abv.bg/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.abv.bg/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.abv.bg/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.abv.bg/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
deprecation	warning	URL: https://www.abv.bg/js/jquery.min.js(Line 1) Message: Listener added for a synchronous 'DOMNodeInserted' DOM Mutation Event. This event type is deprecated (https://w3c.github.io/uievents/#legacy-event-types) and work is underway to remove it from this browser. Usage of this event listener will cause performance issues today, and represents a risk of future incompatibility. Consider using MutationObserver instead.
other	warning	URL: https://www.abv.bg/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.abv.bg/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.abv.bg/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.abv.bg/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.abv.bg/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.abv.bg/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.abv.bg/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.abv.bg/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.abv.bg/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.abv.bg/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.abv.bg/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.abv.bg/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.abv.bg/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.abv.bg/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.abv.bg/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.abv.bg/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.abv.bg/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.abv.bg/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.abv.bg/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.abv.bg/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.abv.bg/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.abv.bg/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.abv.bg/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.abv.bg/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.abv.bg/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.abv.bg/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.abv.bg/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.abv.bg/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.abv.bg/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.abv.bg/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.abv.bg/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.abv.bg/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.abv.bg/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.abv.bg/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.abv.bg/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.abv.bg/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.abv.bg/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.abv.bg/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.abv.bg/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.abv.bg/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.abv.bg/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.abv.bg/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.abv.bg/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.abv.bg/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.abv.bg/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.abv.bg/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.abv.bg/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.abv.bg/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.abv.bg/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.abv.bg/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.abv.bg/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.abv.bg/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.abv.bg/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.abv.bg/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.abv.bg/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.abv.bg/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.abv.bg/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.abv.bg/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.abv.bg/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.abv.bg/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.abv.bg/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.abv.bg
abv.bg
ad.doubleclick.net
adv.office-partner.de
analytics.contentexchange.me
analytics.webgains.io
api.webgains.io
bimg.abv.bg
blog.netinfocompany.bg
c.amazon-adsystem.com
cdn.jsdelivr.net
cdn.retailads.net
cdn.track.production.webgains.team
cm.g.doubleclick.net
collector_sr.contentexchange.me
cs.chocolateplatform.com
d53e39e13c61f683f3b844fec1036e9d.safeframe.googlesyndication.com
dmp.adform.net
dmp.adwise.bg
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
eb2.3lift.com
fonts.googleapis.com
futalis.de
gabg.hit.gemius.pl
googleads.g.doubleclick.net
hal9000.redintelligence.net
hal90008.redintelligence.net
ib.adnxs.com
image6.pubmatic.com
img.abv.bg
lib.wtg-ads.com
ls.hit.gemius.pl
m.netinfo.bg
match.adsrvr.org
match.contentexchange.me
pagead2.googlesyndication.com
pubads.g.doubleclick.net
pv.medialead.de
rimg.abv.bg
sdk.privacy-center.org
securepubads.g.doubleclick.net
sync-tm.everesttech.net
tpc.googlesyndication.com
track.webgains.com
um.simpli.fi
www.abv.bg
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
108.138.6.136
13.248.245.213
138.201.63.150
142.250.185.102
142.250.186.66
146.59.30.100
15.197.193.217
151.101.194.49
159.203.145.121
172.64.151.101
18.171.29.178
18.239.255.3
185.64.190.78
185.89.210.212
194.153.145.104
194.153.145.88
2600:9000:2251:d000:5:b7cc:d3c0:93a1
2606:4700:20::681a:f0a
2606:4700::6810:5514
2a00:1450:4001:800::2001
2a00:1450:4001:80e::2002
2a00:1450:4001:810::2002
2a00:1450:4001:811::2002
2a00:1450:4001:812::2004
2a00:1450:4001:81c::2001
2a00:1450:4001:828::200a
2a00:1450:4001:82b::2002
2a00:1450:4001:830::2008
2a00:1450:4001:830::200e
2a00:1450:4001:831::2002
2a01:4f8:d0a:2321::2
2a0b:4d07:102::1
34.91.62.186
37.157.2.230
46.19.11.36
46.19.9.32
49.12.22.42
52.56.219.216
78.128.6.44
84.238.193.148
84.238.193.153
84.238.194.241
85.114.159.93
88.99.219.174
91.121.248.44
99.86.4.36
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0899097f526aab0c82c4332c8dd24d4041cb5fbde0638d98e883e159ecbe2a64
0a2bb369643972c1d9d2aadd0dd18b81c4d8cbfa2a140208af0de937e5df585c
0b1d1923acbb8b348e4a9f7aa29fdde2b58fb2ce39312c77c009abb1f6ba3d7f
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
1576b32be2f1b8db625ed80898082b5c425cc4d750f0fb850a3ec3f724a0741c
2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e
21fc3ce05fbbb71c52a0041c08978bd9de7209acd687464ddb84495a0724406e
232d3fbf590a584138bb563319747dbef0c9e41db91f19ff45d41e785a5f4f98
248450afda9996def331626c679c944b434621b28211762808bac1de455bdef7
2569d17d561e662fdb33495851bbc297d02ffb0902a86eb39f5795ea83f3565f
25c64fcb450e450c49acaa2175a3df2e9f48939d4cd9696e3ff8c0a6f8455502
261155e87501a2929307a51614849feb31d5a5291249cb00ddb24b37a0ba21fd
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
33bd24b7fa3f836621f5c9891bd0734668171624d559fa66d8f726481ae357be
384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7
38ea4265f6c1a87bb5183b1f2b85b3aab917aab7a540cd0c07065fd4d7e6ad0a
3b6ff8303a1bda2213218bdcb6638dbfaf89a3fb89d3668a7602329e9b5e5e52
3efebfecb1aa490dc47b46c1b3a4fde0351f60be13268ff8dd7810f6e3905753
3fea5307e5bd6f3b8fb4e95dd6ecb6f4db4131c77e69a3dce1d35368f166aec9
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
475d49b739b1bec54bfe91ffd3c5860571f994bf02eea5f44a8b4a073297b806
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b7da2057c3a37a4c49b313a989f78fbc91ba50ba03725afcde21477b56d3378
4c440dc2be7660b9fa1e93831042f63a50acbd6d4af229cb0091abfa63deadeb
4cf207f5a1d0e43e3fbf2b2fd34dff5103a186001d20d9b93538b76e3654e9e1
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f13bea2ee58769f2deef4e0ee11616840baaddb5159423dfee389d7e0be5488
4f4d7bb85250d85ecb70b6b5a7ec31ad662712f66910251a2563e04c2b814279
4fe14aa50a67932c19bd971db85ab116e5dfe22b50c1f9f9296c0ac8d169f9b9
525e7c89461afb3f73ea7030fbceba4f9e9383570159926acee637b4f86b8148
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
57dee07638470994903d944d9149740e5679a35ef1e42190c042e36812475e8c
582e283baa4cce4006055beb2eb8fe257c1ec5ef573a40f173b880636089e8cd
583c0b3461cfb179912a538d901284de007723cf6e94a31c138880588b90794a
607e69a48f7b4a22974a4c094c5993f711ae7847ff40bc9f9d55f0469a3265f3
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
696082bb5b82c869497d60d80530366c9e757a2274426db9bc6677b766c561af
70adbfe76bd4a2dd8fd225c39c07648dfce460559b538ef983cc9ee86905195e
74cfe5cc0a7328cf94a2af3c2c8473d97145bc0821c94c9c905c2e91a41a1aa8
75c6ffa4a046f0140bcffafa5302a23d137bc55d2cc3647d4a853f4c90732bc5
7608cdeddbdf3a02e0161af6fb11d64433cf62c594d44b0dbfef8eab8eb61916
78526ac509a71a338fd7659197f80b4a153b6c4cdd4d61240511b78e47370834
7c5f5b2dc3908344cf20286d2e81ac700c03b75528c02b156aad248b42edaa3a
803dc25c206420b0781f530c4b533eb59ac0a5e721f829c399ada82cbf0dd367
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84af93c376277b2fb1c7962b45ce84e1e0a31202815ceb873bd980df4378f62b
8aff15171a8b4ec0d859310e87cf2df9434e6f6540f1414a7605bc4e3cf264a0
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
91efa3ec9b68793d9d8114ec0dde9359391dc8f4789c9d80ca80c44950937df6
93b831455b733a950ca7703bdcc753d79a1a3f8371a216f103ef8d12d422c80e
977c1c119b0131a5f84ab03347ee844fbeaa6d1a0e9ecea4d16a17c55bbe58f4
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9be4a520b9b64e9d8ffeba19b72dba95ef65c43720fec41bb3678a27d336c13c
9ddcbbf0db592955aab01d89fce48b3e29abbdb279ea5b1b0022a01947c6f4af
9e607953d68a18e2620c706051f4e73b9fe1d7ee7c6a24adab56d0a6b37a17bc
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a0445e5fa87a424fc2007ac0c5f71ea259f6d9e27604e922b568581fe871c727
a097440d87742f82ff1c429c8af406d8b602e24bda9eb47e0a02039cc59e28f5
a0f1e9d61dfa9dcddec8a560e3c4e8f6fe9cc28a56f04242d450e4087f4d3628
a48dde77f414bd2c73ae64de215ba75252ea3b64edf58ac9b8332bec199ff119
a728e38256a3554f3dd6f32fa3852b492807aa82cb9c982655d3e3d1fb79608a
a74485af5c58be1a5dc0928f48e72c9a105249627d537ecf059c15bfcb4d1436
ac48e308a1e61943f695a2768599fc91e20c47373a2c33a0f6e6d16c2d88ace1
ace44b78e613a7199dfb108bc4b31f8d017c1053d469e231eab78eb60cb51b07
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b44ddf01c50169ffd00da691ac18ed98026d2aa6c59d9d9919a807eba29cbcce
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bf5b911ce6645add415b3dbf40d50dc8cda426f38f5300525bf4793c4131b2c2
c4b3b636c989f0dd1c9ffe320cfdd7f3a281f414aacef5e9e4c924fe08cdf5cb
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
cbcd80df687708a3eefbe3dcc30a96767d1b00e59898aadc9cb5d2436b92d78e
cdeaa39fceb4494afd70c28a412f9ffe58c7f68f062adcc8897ef78ac6b635ad
d39d031d2a49b20da5a435532544ac6813211b2b3b8976345da213a6962d52c6
d50365d1d11ecb9455378d6cac9ab8fc2f79b1507f2a8568a0a39f4a334af270
d52ae375f84984c7870583ffa3ce8ec32a180c55fc498d8fd8f69d6d2e9b0405
d52e42dc09316f5470b72b1dc231a802ff2a8bb2a7a7219196c8e048c62603c6
d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc
d96fe1cf512970f6a8507b5fa58b95168ff7c1d03a2418b8ed32f9a1e9c49c93
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e039aaaa1ae32e0e14c364db47dfa00b19b0b4a1130b66804ef4c7768b29803a
e08e42fe80954eb5a68e69acecbea9755917507ec80f2c73a2f47cea4e327f26
e1fba56aa54e3d947aaab10b5da61cd1eecce9e569ad61ac8715f679da473a06
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ed0e7e64215a9663152e2d5c1c9a5ba0fe76c9f5de3dfe71bf45f0a64e977c69
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2257f0573956fd0fa5e79f64039d9ae2386a1b104c40e5daf7162e182589d78
f2aa795c5d1d0e7044da1a6e8f9355228da1cfc90ceeaf3a8306535ce61713a9
f424915a692bc5a458d6e7d9c99e4fe0cf5cb8883bd3516b01d4fef5da8d3663
fd08bfaf5c3c7b88caab0088d3e061f2103480e637c8534a7cf4d330bcf26d3c

www.abv.bg Open in urlscan Pro 194.153.145.104 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

154 Requests

93 %HTTPS

35 %IPv6

35 Domains

51 Subdomains

42 IPs

10 Countries

2226 kBTransfer

6932 kBSize

39 Cookies

72 Outgoing links

Page URL History

Redirected requests

154 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.abv.bg Open in urlscan Pro
194.153.145.104 Public Scan

Screenshot
Live screenshot

Full Image

154
Requests

93 %
HTTPS

35 %
IPv6

35
Domains

51
Subdomains

42
IPs

10
Countries

2226 kB
Transfer

6932 kB
Size

39
Cookies

154 HTTP transactions
2 data transactions