struma.bg Open in urlscan Pro
2606:4700:3035::6815:3627 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://struma.bg/%D0%BD%D1%81-%D1%80%D0%B5%D1%88%D0%B8-%D0%BD%D1%8F%D0%BC%D0%B0-%D0%B4%D0%B0-%D0%B8%D0%BC%D0%B0-%...
Submission: On November 30 via api (November 30th 2023, 7:13:01 am UTC) from BG — Scanned from DE

Summary HTTP 330 Redirects Links 20 Behaviour Indicators

Summary

This website contacted 47 IPs in 5 countries across 41 domains to perform 330 HTTP transactions. The main IP is 2606:4700:3035::6815:3627, located in United States and belongs to CLOUDFLARENET, US. The main domain is struma.bg.
TLS certificate: Issued by GTS CA 1P5 on November 7th 2023. Valid for: 3 months.

This is the only time struma.bg was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 75	2606:4700:303... 2606:4700:3035::6815:3627	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
4	2a03:90c0:41:... 2a03:90c0:41:2801::62	199524 (GCORE) (GCORE)
5	2606:4700:440... 2606:4700:4400::ac40:986a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	2606:4700:1::... 2606:4700:1::6813:854c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
2	172.255.141.121 172.255.141.121	7979 (SERVERS-COM) (SERVERS-COM)
1 6	2a00:1450:400... 2a00:1450:4001:827::2004	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:80b::2008	15169 (GOOGLE) (GOOGLE)
1 8	2606:4700:440... 2606:4700:4400::ac40:919c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a03:2880:f17... 2a03:2880:f177:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
12	31.172.81.226 31.172.81.226	44066 (DE-FIRSTC...) (DE-FIRSTCOLO www.first-colo.net)
4	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
24	2a03:2880:f08... 2a03:2880:f084:d:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1 3	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
4	185.18.187.81 185.18.187.81	61107 (UCDN) (UCDN)
2	2a00:1450:400... 2a00:1450:4001:810::200a	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
2 2	188.42.34.65 188.42.34.65	7979 (SERVERS-COM) (SERVERS-COM)
1 1	88.85.84.119 88.85.84.119	35415 (WEBZILLA) (WEBZILLA)
1	78.140.179.119 78.140.179.119	35415 (WEBZILLA) (WEBZILLA)
3 6	116.202.73.72 116.202.73.72	24940 (HETZNER-AS) (HETZNER-AS)
2 5	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:831::2001	15169 (GOOGLE) (GOOGLE)
1	88.208.41.101 88.208.41.101	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
1 16	2606:4700:440... 2606:4700:4400::6812:24ac	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:440... 2606:4700:4400::ac40:98bf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700:440... 2606:4700:4400::6812:2396	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:440... 2606:4700:4400::ac40:9281	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700:1::... 2606:4700:1::6813:814c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	184.30.16.195 184.30.16.195	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2606:4700:10:... 2606:4700:10::ac43:266a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a04:4e42:600... 2a04:4e42:600::649	54113 (FASTLY) (FASTLY)
1	2606:4700::68... 2606:4700::6810:5714	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	52.222.236.18 52.222.236.18	16509 (AMAZON-02) (AMAZON-02)
48	2606:4700:440... 2606:4700:4400::ac40:934d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	172.217.18.2 172.217.18.2	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:803::200e	15169 (GOOGLE) (GOOGLE)
1	143.204.207.250 143.204.207.250	16509 (AMAZON-02) (AMAZON-02)
1	37.157.6.236 37.157.6.236	198622 (ADFORM) (ADFORM)
3	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2 4	172.217.18.102 172.217.18.102	15169 (GOOGLE) (GOOGLE)
1 35	2606:4700:440... 2606:4700:4400::6812:28b3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
4	35.190.43.134 35.190.43.134	15169 (GOOGLE) (GOOGLE)
1	3.65.77.69 3.65.77.69	16509 (AMAZON-02) (AMAZON-02)
330	47

75 2606:4700:3035::6815:3627 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

struma.bg	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:90c0:41:2801::62 (Frankfurt am Main, Germany)

ASN199524 (GCORE, LU)

st-n.ads1-adnow.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
st-n.ads3-adnow.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
st-n.ads5-adnow.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700:4400::ac40:986a (United States)

ASN13335 (CLOUDFLARENET, US)

jsc.adskeeper.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.adskeeper.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
servicer.adskeeper.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.adskeeper.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2606:4700:1::6813:854c (United States)

ASN13335 (CLOUDFLARENET, US)

jsc.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
servicer.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
a.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.255.141.121 (Netherlands)

ASN7979 (SERVERS-COM, US)

cdn.geozo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:827::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:80b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2606:4700:4400::ac40:919c (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

scripts.cleverwebserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ui.cleverwebserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sender.cleverwebserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
lp.cleverwebserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
call.cleverwebserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f177:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 31.172.81.226 (Germany)

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)

n.ads1-adnow.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 2a03:2880:f084:d:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
scontent.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.18.187.81 (Frankfurt am Main, Germany)

ASN61107 (UCDN, CY)

media.geozo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 188.42.34.65 (Luxembourg) 2 redirects

ASN7979 (SERVERS-COM, US)

ads.betweendigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 88.85.84.119 (Amsterdam, Netherlands) 1 redirects

ASN35415 (WEBZILLA, NL)

l8hdf6dsg4.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 78.140.179.119 (Netherlands)

ASN35415 (WEBZILLA, NL)

xamubee.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 116.202.73.72 (Germany) 3 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.72.73.202.116.clients.your-server.de

trk-a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a06:98c1:3120::3 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

imgcf1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
gml-grp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

lh3.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 88.208.41.101 (Amsterdam, Netherlands)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

scnd-tr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2606:4700:4400::6812:24ac (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

promos.betano.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::ac40:98bf (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.adskeeper.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:4400::6812:2396 (United States)

ASN13335 (CLOUDFLARENET, US)

s-img.adskeeper.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:4400::ac40:9281 (United States)

ASN13335 (CLOUDFLARENET, US)

cl.imghosts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:1::6813:814c (United States)

ASN13335 (CLOUDFLARENET, US)

s-img.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.30.16.195 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-16-195.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::ac43:266a (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:600::649 (United States)

ASN54113 (FASTLY, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5714 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.236.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-18.fra56.r.cloudfront.net

dd.betano.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

48 2606:4700:4400::ac40:934d (United States)

ASN13335 (CLOUDFLARENET, US)

landingpages.kaizengaming.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.18.2 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra15s28-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:803::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.207.250 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-207-250.fra53.r.cloudfront.net

sc-static.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.6.236 (Denmark)

ASN198622 (ADFORM, DK)

s2.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.217.18.102 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: zrh04s05-in-f102.1e100.net

12738953.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

35 2606:4700:4400::6812:28b3 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

visuals.kaizengaming.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.190.43.134 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 134.43.190.35.bc.googleusercontent.com

tr.snapchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.65.77.69 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-65-77-69.eu-central-1.compute.amazonaws.com

api-js.datadome.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
83	kaizengaming.com 1 redirects landingpages.kaizengaming.com — Cisco Umbrella Rank: 236344 visuals.kaizengaming.com — Cisco Umbrella Rank: 223871	1 MB
75	struma.bg 2 redirects struma.bg	1 MB
20	fbcdn.net static.xx.fbcdn.net — Cisco Umbrella Rank: 953 scontent.xx.fbcdn.net — Cisco Umbrella Rank: 445	404 KB
17	betano.de 1 redirects promos.betano.de dd.betano.de — Cisco Umbrella Rank: 541429	263 KB
14	ads1-adnow.com st-n.ads1-adnow.com — Cisco Umbrella Rank: 235532 n.ads1-adnow.com — Cisco Umbrella Rank: 237493	98 KB
12	gstatic.com www.gstatic.com fonts.gstatic.com	702 KB
11	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 2 fundingchoicesmessages.google.com — Cisco Umbrella Rank: 1404 adservice.google.com — Cisco Umbrella Rank: 93	185 KB
11	mgid.com jsc.mgid.com — Cisco Umbrella Rank: 9066 c.mgid.com — Cisco Umbrella Rank: 7275 cdn.mgid.com — Cisco Umbrella Rank: 11503 servicer.mgid.com — Cisco Umbrella Rank: 9134 s-img.mgid.com — Cisco Umbrella Rank: 9069 a.mgid.com — Cisco Umbrella Rank: 13689	145 KB
9	doubleclick.net 3 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196 googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 12738953.fls.doubleclick.net — Cisco Umbrella Rank: 610345 Failed	174 KB
8	cleverwebserver.com 1 redirects scripts.cleverwebserver.com — Cisco Umbrella Rank: 27971 ui.cleverwebserver.com — Cisco Umbrella Rank: 28712 sender.cleverwebserver.com — Cisco Umbrella Rank: 45814 lp.cleverwebserver.com — Cisco Umbrella Rank: 49097 call.cleverwebserver.com — Cisco Umbrella Rank: 29496	94 KB
8	adskeeper.com jsc.adskeeper.com — Cisco Umbrella Rank: 31554 c.adskeeper.com — Cisco Umbrella Rank: 24810 servicer.adskeeper.com — Cisco Umbrella Rank: 31175 s-img.adskeeper.com — Cisco Umbrella Rank: 24991 cm.adskeeper.com — Cisco Umbrella Rank: 34316	141 KB
7	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 36	416 KB
6	trk-a.com 3 redirects trk-a.com — Cisco Umbrella Rank: 209131	620 B
6	geozo.com cdn.geozo.com — Cisco Umbrella Rank: 41221 media.geozo.com — Cisco Umbrella Rank: 51047	292 KB
4	snapchat.com tr.snapchat.com — Cisco Umbrella Rank: 758	1 KB
4	facebook.net connect.facebook.net — Cisco Umbrella Rank: 168	177 KB
4	facebook.com www.facebook.com — Cisco Umbrella Rank: 98	26 KB
3	bing.com bat.bing.com — Cisco Umbrella Rank: 329	14 KB
3	imgcf1.com imgcf1.com — Cisco Umbrella Rank: 226911	1 MB
3	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2189 www.google-analytics.com — Cisco Umbrella Rank: 27	22 KB
3	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 102	238 KB
2	google.de www.google.de — Cisco Umbrella Rank: 6765	563 B
2	imghosts.com cl.imghosts.com — Cisco Umbrella Rank: 11711	833 KB
2	gml-grp.com 2 redirects gml-grp.com — Cisco Umbrella Rank: 56999	2 KB
2	betweendigital.com 2 redirects ads.betweendigital.com — Cisco Umbrella Rank: 1601	1 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29	5 KB
1	datadome.co api-js.datadome.co — Cisco Umbrella Rank: 3172	408 B
1	adform.net s2.adform.net — Cisco Umbrella Rank: 6115	31 KB
1	sc-static.net sc-static.net — Cisco Umbrella Rank: 945	17 KB
1	googleadservices.com 1 redirects www.googleadservices.com — Cisco Umbrella Rank: 138	536 B
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 313	11 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 735	30 KB
1	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 893	33 KB
1	pubmatic.com ads.pubmatic.com — Cisco Umbrella Rank: 544	63 KB
1	adskeeper.co.uk cdn.adskeeper.co.uk — Cisco Umbrella Rank: 35922	1 KB
1	scnd-tr.com scnd-tr.com — Cisco Umbrella Rank: 209274	88 B
1	googleusercontent.com lh3.googleusercontent.com — Cisco Umbrella Rank: 48	5 KB
1	xamubee.ru xamubee.ru — Cisco Umbrella Rank: 416940	173 KB
1	l8hdf6dsg4.ru 1 redirects l8hdf6dsg4.ru — Cisco Umbrella Rank: 457888	292 B
1	ads5-adnow.com st-n.ads5-adnow.com — Cisco Umbrella Rank: 260930	2 KB
1	ads3-adnow.com st-n.ads3-adnow.com — Cisco Umbrella Rank: 757684	33 KB
330	41

	Domain	Requested by
75	struma.bg	2 redirects struma.bg
48	landingpages.kaizengaming.com	code.jquery.com landingpages.kaizengaming.com promos.betano.de
35	visuals.kaizengaming.com	1 redirects code.jquery.com visuals.kaizengaming.com
16	promos.betano.de	1 redirects lp.cleverwebserver.com promos.betano.de code.jquery.com
16	static.xx.fbcdn.net	www.facebook.com static.xx.fbcdn.net
12	n.ads1-adnow.com	st-n.ads1-adnow.com struma.bg
8	fonts.gstatic.com	fonts.googleapis.com www.google.com struma.bg
7	www.googletagmanager.com	struma.bg www.googletagmanager.com promos.betano.de
6	trk-a.com	3 redirects struma.bg
6	www.google.com	1 redirects struma.bg www.gstatic.com www.google.com promos.betano.de
4	tr.snapchat.com	sc-static.net promos.betano.de
4	12738953.fls.doubleclick.net	www.googletagmanager.com
4	lp.cleverwebserver.com	struma.bg lp.cleverwebserver.com
4	media.geozo.com	struma.bg
4	scontent.xx.fbcdn.net	www.facebook.com
4	connect.facebook.net	struma.bg connect.facebook.net
4	www.gstatic.com	www.google.com www.gstatic.com
4	www.facebook.com	struma.bg promos.betano.de connect.facebook.net
3	bat.bing.com	struma.bg bat.bing.com promos.betano.de
3	s-img.mgid.com	struma.bg
3	s-img.adskeeper.com	struma.bg
3	imgcf1.com	struma.bg
3	fundingchoicesmessages.google.com	securepubads.g.doubleclick.net
3	googleads.g.doubleclick.net	1 redirects pagead2.googlesyndication.com www.googletagmanager.com
3	pagead2.googlesyndication.com	struma.bg pagead2.googlesyndication.com
2	adservice.google.com	12738953.fls.doubleclick.net
2	a.mgid.com	struma.bg promos.betano.de
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	www.google.de	www.googletagmanager.com promos.betano.de
2	cl.imghosts.com	struma.bg
2	cdn.mgid.com	struma.bg
2	gml-grp.com	2 redirects
2	ads.betweendigital.com	2 redirects
2	fonts.googleapis.com	struma.bg
2	cdn.geozo.com	struma.bg cdn.geozo.com
2	securepubads.g.doubleclick.net	struma.bg securepubads.g.doubleclick.net
2	jsc.mgid.com	struma.bg jsc.mgid.com
2	jsc.adskeeper.com	struma.bg jsc.adskeeper.com
2	st-n.ads1-adnow.com	struma.bg n.ads1-adnow.com
1	api-js.datadome.co	dd.betano.de
1	s2.adform.net	www.googletagmanager.com
1	sc-static.net	www.googletagmanager.com
1	www.googleadservices.com	1 redirects
1	dd.betano.de	promos.betano.de
1	cdn.jsdelivr.net	promos.betano.de
1	code.jquery.com	promos.betano.de
1	cdn.id5-sync.com	jsc.mgid.com
1	ads.pubmatic.com	jsc.adskeeper.com
1	cm.adskeeper.com	jsc.adskeeper.com
1	servicer.adskeeper.com	jsc.adskeeper.com
1	servicer.mgid.com	jsc.mgid.com
1	cdn.adskeeper.co.uk	struma.bg
1	scnd-tr.com	struma.bg
1	lh3.googleusercontent.com	struma.bg
1	c.adskeeper.com	struma.bg
1	xamubee.ru	struma.bg
1	l8hdf6dsg4.ru	1 redirects
1	st-n.ads5-adnow.com	struma.bg
1	c.mgid.com	struma.bg
1	call.cleverwebserver.com	struma.bg
1	sender.cleverwebserver.com	1 redirects
1	ui.cleverwebserver.com	struma.bg
1	region1.google-analytics.com	www.googletagmanager.com
1	scripts.cleverwebserver.com	struma.bg
1	st-n.ads3-adnow.com	struma.bg
330	65

This site contains links to these domains. Also see Links.

Domain
cleveradvertising.com
widgets.adskeeper.com
clck.adskeeper.com
geozo.com
cdn.geozo.com
www.largocenter.bg
www.karol-fernandez.com
vodno-stroitelstvo.bg
www.electrohold.bg
electrohold.bg
sharlopov.eu
mr-bricolage.bg
hotel-orbita.bg
www.facebook.com

Subject Issuer	Validity	Valid
struma.bg GTS CA 1P5	`2023-11-07` - `2024-02-05`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
n.ads1-adnow.com R3	`2023-09-27` - `2023-12-26`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-04-26` - `2024-04-25`	a year	crt.sh
cdn.geozo.com R3	`2023-10-10` - `2024-01-08`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
n.ads3-adnow.com R3	`2023-09-27` - `2023-12-26`	3 months	crt.sh
cleverwebserver.com Cloudflare Inc ECC CA-3	`2023-08-06` - `2024-08-04`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-09-08` - `2023-12-07`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
media.geozo.com R3	`2023-11-26` - `2024-02-24`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
feed.ads5-adnow.com R3	`2023-09-27` - `2023-12-26`	3 months	crt.sh
trk-a.com R3	`2023-11-09` - `2024-02-07`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
scnd-tr.com R3	`2023-11-14` - `2024-02-12`	3 months	crt.sh
promos.betano.de Cloudflare Inc ECC CA-3	`2023-09-11` - `2024-09-10`	a year	crt.sh
cl.imghosts.com Cloudflare Inc ECC CA-3	`2023-10-03` - `2024-10-02`	a year	crt.sh
*.pubmatic.com DigiCert TLS RSA SHA256 2020 CA1	`2023-11-26` - `2024-11-26`	a year	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2023-07-11` - `2024-07-14`	a year	crt.sh
dd.betano.de R3	`2023-10-01` - `2023-12-30`	3 months	crt.sh
landingpages.kaizengaming.com E1	`2023-10-04` - `2024-01-02`	3 months	crt.sh
sc-static.net Amazon RSA 2048 M02	`2023-01-20` - `2024-02-18`	a year	crt.sh
track.adform.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-06` - `2024-09-19`	a year	crt.sh
www.bing.com Microsoft Azure TLS Issuing CA 01	`2023-10-24` - `2024-04-21`	6 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.snap.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-04-13` - `2024-04-12`	a year	crt.sh
*.datadome.co Gandi RSA Domain Validation Secure Server CA 3	`2023-10-10` - `2024-11-09`	a year	crt.sh

This page contains 21 frames:

Primary Page: https://struma.bg/%D0%BD%D1%81-%D1%80%D0%B5%D1%88%D0%B8-%D0%BD%D1%8F%D0%BC%D0%B0-%D0%B4%D0%B0-%D0%B8%D0%BC%D0%B0-%D0%BA%D0%BE%D0%BC%D0%B8%D1%81%D0%B8%D1%8F-%D0%B7%D0%B0-%D1%80%D0%B0%D0%B7%D1%81%D0%BB%D0%B5%D0%B4%D0%B2/
Frame ID: 9DA0DE5772EB42C5910505568B01E5C6
Requests: 158 HTTP requests in this frame

Frame: https://struma.bg/date.html
Frame ID: ADBDEB690409C159A92952F2033162F4
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/likebox.php?href=https://www.facebook.com/pages/Strumabg/381955041882220&width=335&height=218&colorscheme=light&show_faces=true&show_border=false&stream=false&header=false
Frame ID: CADC23E5F07E31121B61B3C3AE143E1C
Requests: 11 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/likebox.php?href=http://www.facebook.com/pages/Strumabg/381955041882220&width=335&height=100&colorscheme=light&show_faces=false&show_border=false&stream=false&header=true
Frame ID: AAFABB86DACA69B4B97450EDB6BB4AAF
Requests: 11 HTTP requests in this frame

Frame: https://struma.bg/cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/main.js
Frame ID: 54C77CA78CAEA77CE0A8B064A2CA6419
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231128/r20190131/zrt_lookup_fy2021.html
Frame ID: 046A0A2792DBCAAE0EE31693411B2241
Requests: 1 HTTP requests in this frame

Frame: https://struma.bg/cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/main.js
Frame ID: 46A50D85CB597CFFDBF6D31370AFD5BF
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LckjIcUAAAAABhBn78wLQqK_K4srbDs5rQTxiZN&co=aHR0cHM6Ly9zdHJ1bWEuYmc6NDQz&hl=de&v=-QbJqHfGOUB8nuVRLvzFLVed&size=invisible&cb=lzbc8n65zmw4
Frame ID: 7C1A3D18C1D1FC577F5637D5224215CF
Requests: 8 HTTP requests in this frame

Frame: https://lp.cleverwebserver.com/betano/de/sports/sports_de/widescreen.html??id=773737&group=47482&tracker=aHR0cHM6Ly9nbWwtZ3JwLmNvbS9DLmFzaHg%2FYnRhZz1hXzgyNmJfMjkzMWNfJmFmZmlkPTQzMSZzaXRlaWQ9ODI2JmFkaWQ9MjkzMSZjPUpTQUJORVZQVkJEQUFERQ%3D%3D&ref=aHR0cHM6Ly9zdHJ1bWEuYmcvJUQwJUJEJUQxJTgxLSVEMSU4MCVEMCVCNSVEMSU4OCVEMCVCOC0lRDAlQkQlRDElOEYlRDAlQkMlRDAlQjAtJUQwJUI0JUQwJUIwLSVEMCVCOCVEMCVCQyVEMCVCMC0lRDAlQkElRDAlQkUlRDAlQkMlRDAlQjglRDElODElRDAlQjglRDElOEYtJUQwJUI3JUQwJUIwLSVEMSU4MCVEMCVCMCVEMCVCNyVEMSU4MSVEMCVCQiVEMCVCNSVEMCVCNCVEMCVCMi8%3D&r=262631074
Frame ID: 317CEDEE6A6087A964B488A1FB9A8871
Requests: 4 HTTP requests in this frame

Frame: https://promos.betano.de/willkommenspaket/index.html?btag=a_826b_2931c_JSABNEVPVBDAADE&utm_medium=431&utm_source=2&siteid=826
Frame ID: 8C3A8D48A33E9CBAC4ABB9B4308F6638
Requests: 87 HTTP requests in this frame

Frame: https://www.googletagmanager.com/ns.html?id=GTM-MN2KPC6
Frame ID: 8F042F60A819DCC0A39AD3B7AC162B1B
Requests: 2 HTTP requests in this frame

Frame: https://promos.betano.de/cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/main.js
Frame ID: 39B15593C171258DB62D99F36F3008A1
Requests: 2 HTTP requests in this frame

Frame: https://12738953.fls.doubleclick.net/activityi;dc_pre=CP_svYyW64IDFQlOHgIdoVoJ8g;src=12738953;type=despo0;cat=despo0;ord=1962460059;~oref=https%3A%2F%2Fpromos.betano.de%2F
Frame ID: 828DDABC3661F508A3792DF91D462D8A
Requests: 1 HTTP requests in this frame

Frame: https://12738953.fls.doubleclick.net/activityi;dc_pre=CLr1vYyW64IDFcJTHgIdArMBYw;src=12738953;type=despo0;cat=despo0;ord=9768710213423;gtm=45He3b60v79977643;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;tcfd=10001;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fpromos.betano.de%2Fwillkommenspaket%2Findex.html%3Fbtag%3Da_826b_2931c_JSABNEVPVBDAADE%26utm_medium%3D431%26utm_source%3D2%26siteid%3D826
Frame ID: 6975BA483B0E36F7B4D3AAA9B9CE58B5
Requests: 2 HTTP requests in this frame

Frame: https://12738953.fls.doubleclick.net/activityi;dc_pre=CI7xvYyW64IDFfxHwgodY0YPmQ;src=12738953;type=deaff0;cat=deaff0;ord=9036201225254;gtm=45He3b60v79977643;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;tcfd=10001;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fpromos.betano.de%2Fwillkommenspaket%2Findex.html%3Fbtag%3Da_826b_2931c_JSABNEVPVBDAADE%26utm_medium%3D431%26utm_source%3D2%26siteid%3D826
Frame ID: 9EF5D54A7994A29700CBA226F420FE27
Requests: 2 HTTP requests in this frame

Frame: https://visuals.kaizengaming.com/scripts/iframe?did=5dfcfbaa9ed3c30001234cf0&deeplink=on&preload=off&responsive=on&background=Transparent&a=64ee070c262380ef28e936b2&redirecturl=
Frame ID: 316F65FE0017C1E95C511AA034EE1C74
Requests: 10 HTTP requests in this frame

Frame: https://tr.snapchat.com/cm/i?pid=59013e41-1b63-4d8e-a887-ea6d3795d988&u_scsid=fd7431ba-bf40-4d92-989e-5c60e0f79831&u_sclid=5972e99e-c4c1-4c68-94bb-7cd4ec10467b
Frame ID: BB86A3ED6E4F066F15EFBCBC58EA1716
Requests: 1 HTTP requests in this frame

Frame: https://visuals.kaizengaming.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/main.js
Frame ID: 2134392BA06B1C068D15DBE5F71F18B1
Requests: 2 HTTP requests in this frame

Frame: https://www.facebook.com/v2.3/plugins/comments.php?app_id=1761292580857166&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfbcb1134c6bac%26domain%3Dstruma.bg%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fstruma.bg%252Ff3798c374de7c%26relation%3Dparent.parent&color_scheme=light&container_width=747&height=100&href=https%3A%2F%2Fstruma.bg%2F%25d0%25bd%25d1%2581-%25d1%2580%25d0%25b5%25d1%2588%25d0%25b8-%25d0%25bd%25d1%258f%25d0%25bc%25d0%25b0-%25d0%25b4%25d0%25b0-%25d0%25b8%25d0%25bc%25d0%25b0-%25d0%25ba%25d0%25be%25d0%25bc%25d0%25b8%25d1%2581%25d0%25b8%25d1%258f-%25d0%25b7%25d0%25b0-%25d1%2580%25d0%25b0%25d0%25b7%25d1%2581%25d0%25bb%25d0%25b5%25d0%25b4%25d0%25b2%2F&locale=bg_BG&numposts=5&sdk=joey&version=v2.3&width=
Frame ID: 7021F6459CB7A1D090C83A7FBF6D3FC9
Requests: 1 HTTP requests in this frame

Frame: blob://https://visuals.kaizengaming.com/b8a39538-3fdb-413b-8cd3-e7c09551e8a1
Frame ID: 2EA69C2C0DF93F750E64FD301EB47C5F
Requests: 1 HTTP requests in this frame

Frame: https://visuals.kaizengaming.com/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fbetano-stoiximan%2F5e3174ae9562931f344ad1a5%2Fimages%2F3cca6a95-2ccc-4b24-b704-2a20f97d11af.jpg&w=1213&h=1765&q=99&f=webp&rt=contain
Frame ID: F3917CAB8CB4F3F75C56E013E36D8EFF
Requests: 23 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

НС реши: Няма да има комисия за разследване на заплахите срещу Йоловски – Вестник СТРУМА

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Slick (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

(?:/([\d.]+))?/slick(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

330
Requests

93 %
HTTPS

67 %
IPv6

41
Domains

65
Subdomains

47
IPs

5
Countries

8385 kB
Transfer

15409 kB
Size

39
Cookies

20 Outgoing links

These are links going to different origins than the main page.

URL: https://cleveradvertising.com/

Search URL Search Domain Scan URL

URL: https://widgets.adskeeper.com/?utm_source=widget_adskeeper&utm_medium=text&utm_campaign=add&utm_content=1136859

Search URL Search Domain Scan URL

URL: https://clck.adskeeper.com/ghits/17901133/i/57470439/2/pp/1/1?h=vawLX_yOJrrOOCHoOupF-EkzpFVvhiW7u-TI-9Q-4-sCRbwmX5i4ed3MyNewjoB8vO__6FBQiq4noAGGmavrww**&rid=e2d43861-8f4f-11ee-9b2b-e43d1a2a04aa&tt=Direct&att=3&cpm=1&abd=1&iv=11&ct=1&gdprApplies=1&st=60&mp4=1&h2=vlJ0RdnMYFlD0pCQy6adPu73hKDooSLVV-ufeLqBWUw*

Search URL Search Domain Scan URL

URL: https://clck.adskeeper.com/ghits/17847627/i/57470439/2/pp/2/1?h=vawLX_yOJrrOOCHoOupF-JIr0_bmvENX-ZqDnnoaM4pVQ10fvA5EZZQvn12M48rHdHL3PMD9rIZjfgzs27ji3Q**&rid=e2d43861-8f4f-11ee-9b2b-e43d1a2a04aa&tt=Direct&att=3&cpm=1&abd=1&iv=11&ct=1&gdprApplies=1&st=60&mp4=1&h2=vlJ0RdnMYFlD0pCQy6adPu73hKDooSLVV-ufeLqBWUw*

Search URL Search Domain Scan URL

URL: https://clck.adskeeper.com/ghits/15653118/i/57470439/2/pp/3/1?h=vawLX_yOJrrOOCHoOupF-KLrMYzc-XF3G3GU7EYZ-Knw5rRjO14Sff1dBpiSyvd88YbR2F6VJ99msDLTVqYdCA**&rid=e2d43861-8f4f-11ee-9b2b-e43d1a2a04aa&tt=Direct&att=3&cpm=1&abd=1&iv=11&ct=1&gdprApplies=1&st=60&mp4=1&h2=vlJ0RdnMYFlD0pCQy6adPu73hKDooSLVV-ufeLqBWUw*

Search URL Search Domain Scan URL

URL: https://clck.adskeeper.com/ghits/16853267/i/57470439/2/pp/4/1?h=vawLX_yOJrrOOCHoOupF-Fe694YX83RGlbdDB9cTQy7fBzJZ5Cr6TdmsUYrq3u3lNGm3t-v9oBzFkZc8r2rqiA**&rid=e2d43861-8f4f-11ee-9b2b-e43d1a2a04aa&tt=Direct&att=3&cpm=1&abd=1&iv=11&ct=1&gdprApplies=1&st=60&mp4=1&h2=vlJ0RdnMYFlD0pCQy6adPu73hKDooSLVV-ufeLqBWUw*

Search URL Search Domain Scan URL

URL: https://geozo.com/?utm_source=websites&utm_medium=teasers&utm_content=logo

Search URL Search Domain Scan URL

URL: https://cdn.geozo.com/v4/click?media=110177&c=fwcCdkJ7RA1UbsGSFmj3OOblKXVmHgmq_wQ3F0SRREBo3YcRRqRqUtWBFT_1SFCVkH38FwOQ2wBomOmCMw40DMM7WiLmIEOeeeVOQNmHdnjVGzAyJBsRs01SzROX8e0TAEFPNYoT7uDCJmdlWXARQuH6ueFmrke6ANNMaOD_I0JQdafaLQYOAucUh8FZGpjrRZpq7oBy2LqLXvavU2MysodAbDwFyJtv2DcItyVXBiWKykV2p3fO7A64F_6CVW0zgk1icORXImHDzRrY8cpUeBl-tMGH9l5G3sDk3Nrl904Xx4OJcJdcd4ysO5T9Dm6gTQadnUkx6ay7zG4TcRSiVtIGW2OsMmHLOWsPPEt_56pvMZ7Tg_AoYtt37yK-VshOAKxaBHZq0pXt420fpPcNqbcyZNP1ChozPkY2QmnUc1QyZE6ySF53EhdYr7J2bp1_VuG7JANn13ntMIObVCZV5m1b8pB4xx-ToTgHO2DejWp56jijWlANZ0tskxEOGqLnPuoVUe0qytzKgiV6UcdctCJMIS5riv3o3kxhmNtyAPBajxBrhzF7v_FICf9gyW2ws-w6qCQc4HOx7Soj6bsOQuyD
Title: Die Papillome verschwinden und die Parasiten kommen heraus! Mehr

Search URL Search Domain Scan URL

URL: https://cdn.geozo.com/v4/click?media=116579&c=fytfc0J5LRtnrB2GFmj3OJDnc_jQkzAaK2p3mYG28GNpBUMZI40sU7EULa1dlg1XKQHloIdu3L39XBEU3Um4dQZDWn1n7kGiIVPMNdLU92IyEyPaSFHcdmc-_rF8mVTStGVDz1br0dG0C63_Hc7hBX2xEZr57QvPM62uBhJ6yxgoYrg3K11GCHvO-d2J2n1J3Qiqlnq5zUKIhQ2mCnGxn8HdFdjhRGtpStXZAjhcLzvxHoSzJ7YEPRr5Wvz37q9TQAfBUPUn2_NSgACQOharfEs7cEIWegYtGlj8iioojrFV3uIBfAX9fPy9s4W4qzClVFIwf1Gq0P86cRh1ROxUlGoEnoAQoDE5gtFhWV3GMhRj9N8Q5hHKlGh8vBgTArL40SxRfinUGPCTyeHDqBLncTHvoAAqIE9guak9AdfcOHS-ZhZupI6zInA8Et-sklWNHNbhZf4KYlH89kFdTZViz3h0bTndEBoXL30na6sV90-W6JeyZBYK_XNVRmUqnbANxh7_9Dslyia0j8BONtpU_0PI72WjqA
Title: Werfen Sie diese Klammern nicht weg: Sie sind Gold wert Mehr

Search URL Search Domain Scan URL

URL: https://cdn.geozo.com/v4/click?media=116590&c=f2xfc0IAS0FZsyuNFmj3OAWk3r3qeV_Uw2EfXThE1F6iQsWJKqJKPeWJSN7Xm8N9Vqt5z0t_MdsbEdhQNIT_otUH2o3zRohWBqlXFxWqWHFLhQTfpn-wG-twS-kJkTdduookp72PP7FKjxSEoBuVqDTpe5QfsjSQbFfjMoSrTPxoMqvSsA0OpSLF05yh0oo7S1swuJWWFtu9gcF8O4Fp-X72rw_tl6yY1kj-cM5ipA7mtScm7aztFLLAssAA4x4Csj02F2SOMI2KEBIGwf7Bo5u8LYGJkZO_4oa1EX46mjfR04NSdhPOe-BYdj9oKKDVWMMK_lIdDxr8jETGze0Kfmx5J1rHZ_3qnMPN7juIW87Tbya0DjBU4jWCmQRthP3rDQA5RBQYpAXkiExSHbRiRUKJcivX_jt-me5_d4K4UXBLTVAsCwrL0UjaBecouadigJUkl5k3G1LfHmah4hEBvjyv5gkd2d7QVzHSXvqmwxVgox5rBsgZXhtAnTac0709G44pZOSYYbIiCbJwOEjM9l9wquDq1Q
Title: Das macht die Folie auf dem Klo, probieren Sie es aus! Mehr

Search URL Search Domain Scan URL

URL: https://cdn.geozo.com/v4/click?media=110351&c=f1l6dUIAcFF6BYeYFmj3OFymmx5PvK-C5hCMSAEwRF1ic1bhGsoAWLe8mV8kfBbDpNXimm8NuYtef3fSfT8Z5xcl2ltZysogQmDXmPD7jaiCnCmT4VdRZD7g9ad18XciqaxT5AAowYVpw-MAj5PlotC4YYSbnGzevGC-BCzlX09jEYpmqADQggqD6v88F9g9ToIQVCjJuDeglkpkkBAj0HiofKmopHg-rjXNBEUzb4NZIr6RW7QdvBd6dl5gJqfjFNffgfsU04QmW2Hi3KbSUtRqvgAnODjoOw4hudrI8DkRF8K3AjsCt878L7zdjuR5joTpGOFJqaGmavOsEWLjeyt5gTy92hiy_n9FYWwiymRu_ShIAOgPVyYh-uHO2drAqsVwpJRLeX2lcwoLNl-f3u66sdmiBQZTFxXaVhPUpysqBhBU4nYDrXEdTAf4T3-0PipL-UaGmbZzMYkNqvh5-OofJOq1aAXiSggqDstlyYlveJxP-InEk3C7RjoTyaZkmTDnEAGS-oLjsHqbLVKoPigrskyM0_YX4Ey-OKzE1AR8Twarf55e_Nwf8-wjB81K6_d9OK611cZkA0om5hlxm85h
Title: Möchten Sie 100 Jahre alt werden? Bluthochdruck heilen! Mehr

Search URL Search Domain Scan URL

URL: http://www.largocenter.bg/

Search URL Search Domain Scan URL

URL: https://www.karol-fernandez.com/bg/

Search URL Search Domain Scan URL

URL: https://vodno-stroitelstvo.bg/

Search URL Search Domain Scan URL

URL: http://www.electrohold.bg/faktura

Search URL Search Domain Scan URL

URL: https://electrohold.bg/bg/sales/vzemete-oferta/

Search URL Search Domain Scan URL

URL: https://sharlopov.eu/bg

Search URL Search Domain Scan URL

URL: https://mr-bricolage.bg/

Search URL Search Domain Scan URL

URL: https://hotel-orbita.bg/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/Strumabg-381955041882220/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 88

https://struma.bg/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://struma.bg/cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/main.js

Request Chain 91

https://struma.bg/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://struma.bg/cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/main.js

Request Chain 130

https://sender.cleverwebserver.com/group/47482?id=773737&ref=aHR0cHM6Ly9zdHJ1bWEuYmcvJUQwJUJEJUQxJTgxLSVEMSU4MCVEMCVCNSVEMSU4OCVEMCVCOC0lRDAlQkQlRDElOEYlRDAlQkMlRDAlQjAtJUQwJUI0JUQwJUIwLSVEMCVCOCVEMCVCQyVEMCVCMC0lRDAlQkElRDAlQkUlRDAlQkMlRDAlQjglRDElODElRDAlQjglRDElOEYtJUQwJUI3JUQwJUIwLSVEMSU4MCVEMCVCMCVEMCVCNyVEMSU4MSVEMCVCQiVEMCVCNSVEMCVCNCVEMCVCMi8%3D&ruri=&r=262631074&tok=33419711310201791433&t=1701328375&cmpId=&fb=0&wl=1&furl=0&sf=0&bw=Q2hyb21l&b=0&m=0&p=V2luMTA%3D&res=1600x1200&app=&iv=-1&ctr=DE&sz=1200&landing=1&hei=360.00px&ts=0.227 HTTP 301
https://lp.cleverwebserver.com/betano/de/sports/sports_de/widescreen.html??id=773737&group=47482&tracker=aHR0cHM6Ly9nbWwtZ3JwLmNvbS9DLmFzaHg%2FYnRhZz1hXzgyNmJfMjkzMWNfJmFmZmlkPTQzMSZzaXRlaWQ9ODI2JmFkaWQ9MjkzMSZjPUpTQUJORVZQVkJEQUFERQ%3D%3D&ref=aHR0cHM6Ly9zdHJ1bWEuYmcvJUQwJUJEJUQxJTgxLSVEMSU4MCVEMCVCNSVEMSU4OCVEMCVCOC0lRDAlQkQlRDElOEYlRDAlQkMlRDAlQjAtJUQwJUI0JUQwJUIwLSVEMCVCOCVEMCVCQyVEMCVCMC0lRDAlQkElRDAlQkUlRDAlQkMlRDAlQjglRDElODElRDAlQjglRDElOEYtJUQwJUI3JUQwJUIwLSVEMSU4MCVEMCVCMCVEMCVCNyVEMSU4MSVEMCVCQiVEMCVCNSVEMCVCNCVEMCVCMi8%3D&r=262631074

Request Chain 143

https://ads.betweendigital.com/match?bidder_id=44422&callback_url=https%3A%2F%2Fn.ads1-adnow.com%2Fu%3Fdsp_id%3D336%26dsp_uid%3D${USER_ID} HTTP 302
https://ads.betweendigital.com/match?bidder_id=44422&callback_url=https%3A%2F%2Fn.ads1-adnow.com%2Fu%3Fdsp_id%3D336%26dsp_uid%3D${USER_ID}&crf=1&rts=1007359111875194430 HTTP 302
https://n.ads1-adnow.com/u?dsp_id=336&dsp_uid=d3fda0e6-7252-524e-838d-272ee6e512d6

Request Chain 146

https://l8hdf6dsg4.ru/rtb/impression/1701327600000-160794?nodeId=51&id=46917&imageUrl=https%3A%2F%2Fxamubee.ru%2Fe8e93dde39f8676e35738c9b25deb6ed.png&assetId=2 HTTP 302
https://xamubee.ru/e8e93dde39f8676e35738c9b25deb6ed.png

Request Chain 148

https://trk-a.com/imp?uid=0a857f69-4b2b-4e85-8e4c-2c49d020c187&params=YWRuX2lkPTE3JmFuaW09MCZhbmltYXRpb249MS4wMDAwMDAmYmlkX2lkPVNDQi0zMTgtc3NwLTRmZDY4M2E5LWIwYzAtMDU1Ny1lYjJiLWViMmItNDAwOWU3YjBlOS1scGt1emtjdi15bCZicnV0YWxfcmF0ZT0wJmNfdHlwZT0mY2FtcF9pZD0wJmNwYT1wZWVyY2xpY2smY3JlYXRpdmVfaWQ9MTY4MTAwJmNyZW9fcGFpcj0wLSUzRTk3OTAmZGV2aWNlPTImZGV2aWNlX2xhbmc9ZGUmZW5kcG9pbnQ9c3R1YiZlc3ViX2Zvcl9zaG9wPSZnZW89REVVJmlhYj1JQUIxMi0yLTItMTAmaW1nLXVybD1odHRwcyUzQSUyRiUyRmltZ2NmMS5jb20lMkZwaWN0dXJlcyUyRmI3YmVjOTc5MTc2Nzg4NWEzZjUxMmNlYTgxYWFhZTdhLmpwZyZpbXBfbnVtPTAmaW1waXA9MjE3LjExNC4yMTguMjYmaXA9Jm9mZmVyX2lkPTk3OTAmcmVmX2JpZF9pZD0mc2V4X3JhdGU9MCZzaG93X2JydXRhbF9yYXRlPTMuMDAwMDAwJnNob3dfc2V4X3JhdGU9Mi4wMDAwMDAmc2l0ZV9pZD04MjA5NiZzaXRlX2xhbmc9Ymcmc3ViYWNjMz10cnVlJnN1YmNhbXBfaWQ9MCZ0YWdfaWQ9MTMxNDkyJnR5cGVfYXBwcm92ZT0xJnVzZXJfaWQ9MCZ1c2VyX3NhZmVfaWQ9 HTTP 303
https://imgcf1.com/pictures/b7bec9791767885a3f512cea81aaae7a.jpg

Request Chain 150

https://trk-a.com/imp?uid=0a857f69-4b2b-4e85-8e4c-2c49d020c187&params=YWRuX2lkPTE3JmFuaW09MCZhbmltYXRpb249MS4wMDAwMDAmYmlkX2lkPVNDQi0zMTgtc3NwLTRmZDY4M2E5LWIwYzAtMDU1Ny1lYjJiLWViMmItNDAwOWU3YjBlOS1scGt1emtjdi15bCZicnV0YWxfcmF0ZT0wJmNfdHlwZT0mY2FtcF9pZD0wJmNwYT1wZWVyY2xpY2smY3JlYXRpdmVfaWQ9MTY4MDk4JmNyZW9fcGFpcj0wLSUzRTk3OTImZGV2aWNlPTImZGV2aWNlX2xhbmc9ZGUmZW5kcG9pbnQ9c3R1YiZlc3ViX2Zvcl9zaG9wPSZnZW89REVVJmlhYj1JQUIxMi0yLTItMTAmaW1nLXVybD1odHRwcyUzQSUyRiUyRmltZ2NmMS5jb20lMkZwaWN0dXJlcyUyRmM2MTlkZTFhZGM4MmQ0Nzk1OWVmYTEyOWUwYTQxNGZjLmpwZyZpbXBfbnVtPTImaW1waXA9MjE3LjExNC4yMTguMjYmaXA9Jm9mZmVyX2lkPTk3OTImcmVmX2JpZF9pZD0mc2V4X3JhdGU9MCZzaG93X2JydXRhbF9yYXRlPTMuMDAwMDAwJnNob3dfc2V4X3JhdGU9Mi4wMDAwMDAmc2l0ZV9pZD04MjA5NiZzaXRlX2xhbmc9Ymcmc3ViYWNjMz10cnVlJnN1YmNhbXBfaWQ9MCZ0YWdfaWQ9MTMxNDkyJnR5cGVfYXBwcm92ZT0xJnVzZXJfaWQ9MCZ1c2VyX3NhZmVfaWQ9 HTTP 303
https://imgcf1.com/pictures/c619de1adc82d47959efa129e0a414fc.jpg

Request Chain 152

https://trk-a.com/imp?uid=0a857f69-4b2b-4e85-8e4c-2c49d020c187&params=YWRuX2lkPTE3JmFuaW09MCZhbmltYXRpb249MS4wMDAwMDAmYmlkX2lkPVNDQi0zMTgtc3NwLTRmZDY4M2E5LWIwYzAtMDU1Ny1lYjJiLWViMmItNDAwOWU3YjBlOS1scGt1emtjdi15bCZicnV0YWxfcmF0ZT0wJmNfdHlwZT0mY2FtcF9pZD0wJmNwYT1wZWVyY2xpY2smY3JlYXRpdmVfaWQ9MTY4MjIwJmNyZW9fcGFpcj0wLSUzRTk2ODImZGV2aWNlPTImZGV2aWNlX2xhbmc9ZGUmZW5kcG9pbnQ9c3R1YiZlc3ViX2Zvcl9zaG9wPSZnZW89REVVJmlhYj1JQUIxMi0yLTItMSZpbWctdXJsPWh0dHBzJTNBJTJGJTJGaW1nY2YxLmNvbSUyRnBpY3R1cmVzJTJGZTBkZjZmNzdlNjMzYzYwYzZiODM1NjhkYTMwZTZmNTYuanBnJmltcF9udW09MSZpbXBpcD0yMTcuMTE0LjIxOC4yNiZpcD0mb2ZmZXJfaWQ9OTY4MiZyZWZfYmlkX2lkPSZzZXhfcmF0ZT0yJnNob3dfYnJ1dGFsX3JhdGU9My4wMDAwMDAmc2hvd19zZXhfcmF0ZT0yLjAwMDAwMCZzaXRlX2lkPTgyMDk2JnNpdGVfbGFuZz1iZyZzdWJhY2MzPXRydWUmc3ViY2FtcF9pZD0wJnRhZ19pZD0xMzE0OTImdHlwZV9hcHByb3ZlPTEmdXNlcl9pZD0wJnVzZXJfc2FmZV9pZD0= HTTP 303
https://imgcf1.com/pictures/e0df6f77e633c60c6b83568da30e6f56.jpg

Request Chain 178

https://gml-grp.com/C.ashx?btag=a_826b_2931c_&affid=431&siteid=826&adid=2931&c=JSABNEVPVBDAADE HTTP 302
https://gml-grp.com/C.ashx?btag=a_826b_2931c_&affid=431&siteid=826&adid=2931&c=JSABNEVPVBDAADE&AutoR=1 HTTP 302
https://promos.betano.de/willkommenspaket/index.html?btag=a_826b_2931c_JSABNEVPVBDAADE&utm_medium=431&utm_source=2&siteid=826

Request Chain 214

https://promos.betano.de/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://promos.betano.de/cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/main.js

Request Chain 221

https://www.googleadservices.com/pagead/conversion/763238947/?url=https%3A%2F%2Fpromos.betano.de%2F&guid=ON&script=0&data= HTTP 302
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/763238947/?url=https%3A%2F%2Fpromos.betano.de%2F&guid=ON&script=0&data=&ct_cookie_present=false&ocp_id=-TVoZYAJ4b727w_MrLqIDA&random=1885097637&sscte=1&crd=&pscrd=IhMIwOm6jJbrggMVYZ_9Bx1Mlg7B HTTP 302
https://www.google.com/pagead/1p-conversion/763238947/?url=https%3A%2F%2Fpromos.betano.de%2F&guid=ON&script=0&data=&ct_cookie_present=false&random=1885097637&sscte=1&crd=&pscrd=IhMIwOm6jJbrggMVYZ_9Bx1Mlg7B&is_vtc=1&ocp_id=-TVoZYAJ4b727w_MrLqIDA&cid=CAQSKQDICaaNbSvxJuN2uBDHhmwIMcnS4bQYDGOnSjpJShJ7eIHCKxeIDJRQ&random=1569652261 HTTP 302
https://www.google.de/pagead/1p-conversion/763238947/?url=https%3A%2F%2Fpromos.betano.de%2F&guid=ON&script=0&data=&ct_cookie_present=false&random=1885097637&sscte=1&crd=&pscrd=IhMIwOm6jJbrggMVYZ_9Bx1Mlg7B&is_vtc=1&ocp_id=-TVoZYAJ4b727w_MrLqIDA&cid=CAQSKQDICaaNbSvxJuN2uBDHhmwIMcnS4bQYDGOnSjpJShJ7eIHCKxeIDJRQ&random=1569652261&ipr=y

Request Chain 222

https://12738953.fls.doubleclick.net/activityi;src=12738953;type=despo0;cat=despo0;ord=1962460059;~oref=https%3A%2F%2Fpromos.betano.de%2F HTTP 302
https://12738953.fls.doubleclick.net/activityi;dc_pre=CP_svYyW64IDFQlOHgIdoVoJ8g;src=12738953;type=despo0;cat=despo0;ord=1962460059;~oref=https%3A%2F%2Fpromos.betano.de%2F

Request Chain 231

https://12738953.fls.doubleclick.net/activityi;src=12738953;type=despo0;cat=despo0;ord=9768710213423;gtm=45He3b60v79977643;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;tcfd=10001;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fpromos.betano.de%2Fwillkommenspaket%2Findex.html%3Fbtag%3Da_826b_2931c_JSABNEVPVBDAADE%26utm_medium%3D431%26utm_source%3D2%26siteid%3D826 HTTP 302
https://12738953.fls.doubleclick.net/activityi;dc_pre=CLr1vYyW64IDFcJTHgIdArMBYw;src=12738953;type=despo0;cat=despo0;ord=9768710213423;gtm=45He3b60v79977643;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;tcfd=10001;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fpromos.betano.de%2Fwillkommenspaket%2Findex.html%3Fbtag%3Da_826b_2931c_JSABNEVPVBDAADE%26utm_medium%3D431%26utm_source%3D2%26siteid%3D826

Request Chain 232

https://12738953.fls.doubleclick.net/activityi;src=12738953;type=deaff0;cat=deaff0;ord=9036201225254;gtm=45He3b60v79977643;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;tcfd=10001;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fpromos.betano.de%2Fwillkommenspaket%2Findex.html%3Fbtag%3Da_826b_2931c_JSABNEVPVBDAADE%26utm_medium%3D431%26utm_source%3D2%26siteid%3D826 HTTP 302
https://12738953.fls.doubleclick.net/activityi;dc_pre=CI7xvYyW64IDFfxHwgodY0YPmQ;src=12738953;type=deaff0;cat=deaff0;ord=9036201225254;gtm=45He3b60v79977643;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;tcfd=10001;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fpromos.betano.de%2Fwillkommenspaket%2Findex.html%3Fbtag%3Da_826b_2931c_JSABNEVPVBDAADE%26utm_medium%3D431%26utm_source%3D2%26siteid%3D826

Request Chain 293

https://visuals.kaizengaming.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://visuals.kaizengaming.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/main.js

330 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
struma.bg/%D0%BD%D1%81-%D1%80%D0%B5%D1%88%D0%B8-%D0%BD%D1%8F%D0%BC%D0%B0-%D0%B4%D0%B0-%D0%B8%D0%BC%D0%B0-%D0%BA%D0%BE%D0%BC%D0%B8%D1%81%D0%B8%D1%8F-%D0%B7%D0%B0-%D1%80%D0%B0%D0%B7%D1%81%D0%BB%D0%B5... 116 KB
23 KB 3017ms
2953ms Document
text/html 2606:4700:3035::6815:3627
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://struma.bg/%D0%BD%D1%81-%D1%80%D0%B5%D1%88%D0%B8-%D0%BD%D1%8F%D0%BC%D0%B0-%D0%B4%D0%B0-%D0%B8%D0%BC%D0%B0-%D0%BA%D0%BE%D0%BC%D0%B8%D1%81%D0%B8%D1%8F-%D0%B7%D0%B0-%D1%80%D0%B0%D0%B7%D1%81%D0%BB%D0%B5%D0%B4%D0%B2/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::6815:3627 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d86f00292097e43f06ef0fac9c065888703135e990a06a988e3e6a4f2aac7d2c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 82e148d7bb9803e4-FRA
content-encoding: br
content-security-policy: upgrade-insecure-requests
content-type: text/html; charset=UTF-8
date: Thu, 30 Nov 2023 07:12:55 GMT
link: <https://struma.bg/wp-json/>; rel="https://api.w.org/" <https://struma.bg/wp-json/wp/v2/posts/622754>; rel="alternate"; type="application/json" <https://struma.bg/?p=622754>; rel=shortlink
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
permissions-policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
referrer-policy: strict-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4ceKhQBaGa4gaUIrmDc8TASnoGIPMLway3HiNHLatkg%2FKCr7sB6rAuH0BCzADoLjt1tIjnYXNkwprPTZkbjInTpbv3BFtucL%2F%2B8WIoYACeAdZWFsMyISjrQLHlBvDVzZL1ZdFNhQbPE%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding, Cookie
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-served-by: struma.bg
x-xss-protection: 1; mode=block

GET
H2 200 style.min.css
struma.bg/wp-includes/css/dist/block-library/ 102 KB
14 KB 32ms
30ms Stylesheet
text/css 2606:4700:3035::6815:3627
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://struma.bg/wp-includes/css/dist/block-library/style.min.css?ver=be3a4d2f85a48f3c1181732f270d88ae

Requested by

Host: struma.bg
URL: https://struma.bg/%D0%BD%D1%81-%D1%80%D0%B5%D1%88%D0%B8-%D0%BD%D1%8F%D0%BC%D0%B0-%D0%B4%D0%B0-%D0%B8%D0%BC%D0%B0-%D0%BA%D0%BE%D0%BC%D0%B8%D1%81%D0%B8%D1%8F-%D0%B7%D0%B0-%D1%80%D0%B0%D0%B7%D1%81%D0%BB%D0%B5%D0%B4%D0%B2/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::6815:3627 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

67447c3656caad630373253691f3e8f64467eafd6e7305c9b0e98111b0b41694

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://struma.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 07:12:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2577
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-served-by: struma.bg
referrer-policy: strict-origin
last-modified: Tue, 29 Aug 2023 20:07:46 GMT
server: cloudflare
etag: W/"64ee5012-19824"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7tcSpIoXQMYWnHeES9ad7OchhViLTTNkPgVBzfGwrKimxBh7%2BvAFfvRWyFG%2B%2BIl7JbtDaPewoD9MErXilE1XXCJbyjSi7cNNON9C%2FWginTf4HHQTcNwyvNbVSmYSfxarPel8KbhnnRw%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
vary: Accept-Encoding
cache-control: max-age=31536000
permissions-policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
cf-ray: 82e148ea3bfe03e4-FRA

GET
H2 200 styles.css
struma.bg/wp-content/plugins/contact-form-7/includes/css/ 2 KB
1 KB 30ms
28ms Stylesheet
text/css 2606:4700:3035::6815:3627
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://struma.bg/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.8.1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::6815:3627 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6e7c083e0e173f849fa0582a9332bf40a3567c49ff818f28b0e4dca93930c6e5

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://struma.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 07:12:55 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4236
cf-polished: origSize=2859
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-served-by: struma.bg
referrer-policy: strict-origin
cf-bgj: minify
last-modified: Fri, 29 Sep 2023 08:34:42 GMT
server: cloudflare
etag: W/"65168c22-b2b"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O283BsBwpYnrXV9ffHQS%2BZ3btb0VGQQx8ej0KjQhFUHw8Un%2By6PWogpNcjUNqKkSM0exm%2FmlcSVRTnL4pUduG2WyFPqGKr9OLMohtr2PXkUZEpeiu64lN1i9VYTLnXCxc2C0W234LiA%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
vary: Accept-Encoding
cache-control: max-age=31536000
permissions-policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
cf-ray: 82e148ea3c0003e4-FRA

GET
H2 200 widgets-on-pages-public.css
struma.bg/wp-content/plugins/widgets-on-pages/public/css/ 74 B
397 B 31ms
29ms Stylesheet
text/css 2606:4700:3035::6815:3627
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://struma.bg/wp-content/plugins/widgets-on-pages/public/css/widgets-on-pages-public.css?ver=1.4.0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::6815:3627 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

172638a23c0d57350f8c097f80fd9dcf58cecaf5217cd70b8fa552b68a2a62e9

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://struma.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 07:12:55 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1466
cf-polished: origSize=83
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-served-by: struma.bg
referrer-policy: strict-origin
cf-bgj: minify
last-modified: Tue, 11 Jul 2023 13:49:25 GMT
server: cloudflare
etag: W/"64ad5de5-53"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r0nSTBEfMjeIufD1rQWAAlbJ9pPHBgSN%2FyH46LxlMb1xizkqQlVmiWEsrU30drbgXNP1AcaFC1%2BvWaMoPkZHV4g%2BJy7baS4JqkZyy4ixv9B5PqUVSHNNC2NI5oNCYCWQuQ5UdtJEiak%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
vary: Accept-Encoding
cache-control: max-age=31536000
permissions-policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
cf-ray: 82e148ea3c0203e4-FRA

GET
H2 200 style.css
struma.bg/wp-content/themes/child-theme/ 0
664 B 36ms
34ms Stylesheet
text/css 2606:4700:3035::6815:3627
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://struma.bg/wp-content/themes/child-theme/style.css?ver=be3a4d2f85a48f3c1181732f270d88ae

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::6815:3627 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://struma.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 07:12:55 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1466
cf-polished: origSize=419
alt-svc: h3=":443"; ma=86400
content-length: 0
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
cf-bgj: minify
last-modified: Sat, 13 Mar 2021 23:49:02 GMT
server: cloudflare
etag: "604d4f6e-1a3"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aCbtH4gcH4dxeUQoEHG5A4DNexnIRBRgSslOUiwPyaHLvrmr8OOS6N0CYartVL6pMdsJv2Ni96IGHpnNuWofVyLh6SyziTdTA3ZGdT4eop5oEEbUnb0Fnqgjb6ykhcCT30qLGIZ3Mdw%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
vary: Accept-Encoding
cache-control: max-age=31536000
permissions-policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
accept-ranges: bytes
cf-ray: 82e148ea3c0303e4-FRA

GET
H2 200 main.css
struma.bg/wp-content/themes/multinews/css/ 246 KB
43 KB 49ms
47ms Stylesheet
text/css 2606:4700:3035::6815:3627
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://struma.bg/wp-content/themes/multinews/css/main.css?ver=be3a4d2f85a48f3c1181732f270d88ae

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::6815:3627 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

77e0c3f24dae5e96af58102fc120359f7566b6af42f34f442ab59396790de26e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://struma.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 07:12:55 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1466
cf-polished: origSize=323792
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-served-by: struma.bg
referrer-policy: strict-origin
cf-bgj: minify
last-modified: Sat, 13 Mar 2021 23:49:00 GMT
server: cloudflare
etag: W/"604d4f6c-4f0d0"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KRTwDl1IwQfMMTiAeN62z5ukk3TO%2BH4ZQPPV%2FfnvDA%2B19Ur5s3gro2zGYalXrlE8WcO10fKfo82eDtgjSjmhjswY1PtaazQF7mLZRgnXClPghnp54aHxlW%2BQNsFsme74Y2BeG8BcAi4%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
vary: Accept-Encoding
cache-control: max-age=31536000
permissions-policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
cf-ray: 82e148ea3c0403e4-FRA

GET
H2 200 plugins.css
struma.bg/wp-content/themes/multinews/css/ 207 KB
31 KB 37ms
36ms Stylesheet
text/css 2606:4700:3035::6815:3627
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://struma.bg/wp-content/themes/multinews/css/plugins.css?ver=be3a4d2f85a48f3c1181732f270d88ae

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::6815:3627 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

03cf7cf7dd5d076a88d37562a6d235a0e1af2c635800fff29456d83da6d3bc0c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://struma.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 07:12:55 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2829
cf-polished: origSize=248657
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
cf-bgj: minify
last-modified: Sat, 13 Mar 2021 23:49:00 GMT
server: cloudflare
etag: W/"604d4f6c-3cb51"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HILc%2B7YDC7THUufTuycddd7kciA2zk1hStWCRfTH4iIPV6PWVFwwXJ3SxPyFUypAPpRwY21Zi2Gr8mSUuE%2Fb5ji6NR2MzMKgLwpvTtItSypdH6h3zoKowpEzMMyGbQ5j%2BZWHwW%2FL7qY%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
vary: Accept-Encoding
cache-control: max-age=31536000
permissions-policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
cf-ray: 82e148ea3c0503e4-FRA

GET
H2 200 media.css
struma.bg/wp-content/themes/multinews/css/ 51 KB
10 KB 33ms
32ms Stylesheet
text/css 2606:4700:3035::6815:3627
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://struma.bg/wp-content/themes/multinews/css/media.css?ver=be3a4d2f85a48f3c1181732f270d88ae

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::6815:3627 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5fdd4b70656a4af2ced48e2c62918cb576d2c19f7770aaeea03131b2e5150d53

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://struma.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 07:12:55 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1466
cf-polished: origSize=77550
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-served-by: struma.bg
referrer-policy: strict-origin
cf-bgj: minify
last-modified: Sat, 13 Mar 2021 23:49:00 GMT
server: cloudflare
etag: W/"604d4f6c-12eee"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t43%2BJKzXuGNNITbl%2BWO%2FV1HlZVoHXOsZGB3vH90ySx1FdGJG7XM4kTayDXm6sYjYBrLv5MjfYU2bE%2BpgIaYNtkMMhVBT%2B1u5%2FgMkQ8qgnDARj9phTOVl7MYQJAFwd7MVsO5X3ZYvhhY%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
vary: Accept-Encoding
cache-control: max-age=31536000
permissions-policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
cf-ray: 82e148ea3c0603e4-FRA

GET
H2 200 dashicons.min.css
struma.bg/wp-includes/css/ 58 KB
35 KB 52ms
51ms Stylesheet
text/css 2606:4700:3035::6815:3627
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://struma.bg/wp-includes/css/dashicons.min.css?ver=be3a4d2f85a48f3c1181732f270d88ae

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::6815:3627 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://struma.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 07:12:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: HIT
age: 1466
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Mon, 30 May 2022 23:48:30 GMT
server: cloudflare
etag: W/"629557ce-e688"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sxI73NkVP%2BM5bKKMiitpbJFb%2FHtJjCgK64Nwuw17XdbNlgX9oeCPjTUmQMzY1fpfvPet4x7RgcuuOljkAISjcEybkuzWOYliB7lX56JeHufzKM%2Ben%2Fhnews6AzsIpenqF12sCaepJsQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
vary: Accept-Encoding
cache-control: max-age=31536000
permissions-policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
cf-ray: 82e148ea3c0b03e4-FRA

GET
H2 200 facets-styles.css
struma.bg/wp-content/plugins/elasticpress/dist/css/ 4 KB
1 KB 34ms
33ms Stylesheet
text/css 2606:4700:3035::6815:3627
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://struma.bg/wp-content/plugins/elasticpress/dist/css/facets-styles.css?ver=6bf8a1bf958961284a92

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::6815:3627 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

205e9f18edd429e8891ed5e3518978e1c1859ad9f9a2a5627bd3478e546c577f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://struma.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 07:12:55 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1466
cf-polished: origSize=3959
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
cf-bgj: minify
last-modified: Fri, 01 Sep 2023 12:09:59 GMT
server: cloudflare
etag: W/"64f1d497-f77"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ky3sJ59vtofLGp8Cv0R4i78cDFIHGVsxnfjCnBXARRjqjJrcS81I74J8WEED%2Fjp7l6JOYQcY1eulWMsnRd5SIP1%2FH%2FdPv1m82ikPFMiEul1tkFWz2U8KMlwz4KNc7snoMI7QkRwSPyo%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
vary: Accept-Encoding
cache-control: max-age=31536000
permissions-policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
cf-ray: 82e148ea3c0e03e4-FRA

GET
H2 200 upw-theme-standard.min.css
struma.bg/wp-content/plugins/ultimate-posts-widget/css/ 1018 B
677 B 36ms
35ms Stylesheet
text/css 2606:4700:3035::6815:3627
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://struma.bg/wp-content/plugins/ultimate-posts-widget/css/upw-theme-standard.min.css?ver=be3a4d2f85a48f3c1181732f270d88ae

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::6815:3627 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cf833e5c78cd390e236192f2fb887cd9608fb8700c2b3465c4d26a85491ba7bf

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://struma.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 07:12:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: HIT
age: 2829
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Wed, 23 Aug 2023 10:47:48 GMT
server: cloudflare
etag: W/"64e5e3d4-3fa"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zwRmpNQg8qVpVJwG0ecBWrOnUCJ7cKDys1fRf2H1YPTGPD1KMZUo8BDMif5ShdMA36l3S4wgtTicib5JhkF2XpczpcGUUn3yuvDzpRMoLyl1XkcHTLIT524ubZjauugVi2V8Zw27FbE%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
vary: Accept-Encoding
cache-control: max-age=31536000
permissions-policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
cf-ray: 82e148ea3c1003e4-FRA

GET
H2 200 jquery.min.js Show response
struma.bg/wp-includes/js/jquery/ 85 KB
31 KB 63ms
62ms Script
application/javascript 2606:4700:3035::6815:3627
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://struma.bg/wp-includes/js/jquery/jquery.min.js?ver=3.7.0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::6815:3627 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5c93f77799d122fb5255ee24da285f9f228cc118cba11e6ceb2b6bda8cdf4164

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://struma.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 07:12:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: HIT
age: 1466
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Tue, 29 Aug 2023 20:07:46 GMT
server: cloudflare
etag: W/"64ee5012-155ba"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OeLY66xnAbDj6HHaJCvgL9cVMaecIIRm0F9ndvzR%2F1PxagMn%2B7s27fhkvvajAE8eK4Pqicf58JHcE1xeRdyIT3ok%2FaVHa2%2Bbc9aW2qCqlZdNF9CKid03KzYYXKIrnI3kJGwNk9ybzgQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
vary: Accept-Encoding
cache-control: max-age=31536000
permissions-policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
cf-ray: 82e148ea5c1903e4-FRA

GET
H2 200 jquery-migrate.min.js Show response
struma.bg/wp-includes/js/jquery/ 13 KB
5 KB 63ms
63ms Script
application/javascript 2606:4700:3035::6815:3627
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://struma.bg/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::6815:3627 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://struma.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 07:12:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: HIT
age: 2576
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Tue, 29 Aug 2023 20:07:47 GMT
server: cloudflare
etag: W/"64ee5013-3509"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qgE2qjUHpx0No%2FnruxWCfmeGXvXqO0WOyLfgygMLMu4BYsQUeSBEXSmdOmn%2BH052rTLL%2Bip9o73ADf5eH1cn6vgXQmiQcnKL7wDaqXNQYJqJOHpKcdDnJnho%2BGttO5gxt2vRvmMYJZU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
vary: Accept-Encoding
cache-control: max-age=31536000
permissions-policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
cf-ray: 82e148ea5c1b03e4-FRA

GET
H3 200 print.css
struma.bg/wp-content/themes/multinews/css/ 948 B
1 KB 152ms
151ms Stylesheet
text/css 2606:4700:3035::6815:3627
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://struma.bg/wp-content/themes/multinews/css/print.css

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::6815:3627 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

578bc39a829b4fff1ac0991c63993a36a142be40bd9d87d62ce745448d6371f2

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://struma.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 07:12:55 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6389
cf-polished: origSize=1096
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-served-by: struma.bg
referrer-policy: strict-origin
cf-bgj: minify
last-modified: Sat, 13 Mar 2021 23:49:00 GMT
server: cloudflare
etag: W/"604d4f6c-448"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5pS3gpv%2BK67TNg49TA%2B1jqSIOSYKysaxX53juYv6JOuur1wLe1sAMNS5gNITYatg%2BhTBQhsvot%2Ftp8%2FrkJpZj5K3P0EHCmY3OR6WBLXZA177%2B3talxm1GPFEgNo9SNqhr6ALXj03MgM%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
vary: Accept-Encoding
cache-control: max-age=31536000
permissions-policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
cf-ray: 82e148eac9379183-FRA

GET
BLOB 200
OK 44bd0faf-d81f-4e11-a71c-852602eec576
https://struma.bg/ 1 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://struma.bg/44bd0faf-d81f-4e11-a71c-852602eec576
Requested by: Host: struma.bg
URL: https://struma.bg/%D0%BD%D1%81-%D1%80%D0%B5%D1%88%D0%B8-%D0%BD%D1%8F%D0%BC%D0%B0-%D0%B4%D0%B0-%D0%B8%D0%BC%D0%B0-%D0%BA%D0%BE%D0%BC%D0%B8%D1%81%D0%B8%D1%8F-%D0%B7%D0%B0-%D1%80%D0%B0%D0%B7%D1%81%D0%BB%D0%B5%D0%B4%D0%B2/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Length: 1245
Content-Type: text/javascript

GET
H2 200 struma_logo.jpg
struma.bg/wp-content/uploads/2016/12/ 12 KB
13 KB 39ms
39ms Image
image/jpeg 2606:4700:3035::6815:3627
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://struma.bg/wp-content/uploads/2016/12/struma_logo.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::6815:3627 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c6208f9f9c9140070737c49b2a89d2290d37a58ca4571cdfdbcf5bce60bf4b57

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://struma.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 07:12:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 857
alt-svc: h3=":443"; ma=86400
content-length: 12464
x-xss-protection: 1; mode=block
x-served-by: struma.bg
referrer-policy: strict-origin
last-modified: Tue, 21 Feb 2017 16:21:17 GMT
server: cloudflare
etag: "58ac68fd-30b0"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xBhxQD4p01mS%2BADOFKKuOxwTmkWzjmjHUmKIc0wgrNmA20BkKxsj8%2FPSwo4MQmaumHqMZp%2FLEl6r06PvLGzqX7BL2jNQ2l%2Fpot38QEQOeBnO%2BwV6FpuR0wSv0Sk%2F5O%2B%2BxBT6L3xeXO0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: max-age=31536000
permissions-policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
accept-ranges: bytes
cf-ray: 82e148ea5c2c03e4-FRA

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 150 KB
52 KB 152ms
104ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0d30bf2fed05dd3fd9d75518e4880a732e6fe241c83d162d5f4dc601cda660d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://struma.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 07:12:55 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52750
x-xss-protection: 0
server: cafe
etag: 1020718251050001778
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 30 Nov 2023 07:12:55 GMT

GET
H3 200 struma_logo_retina.jpg
struma.bg/wp-content/uploads/2016/12/ 3 KB
4 KB 101ms
97ms Image
image/jpeg 2606:4700:3035::6815:3627
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://struma.bg/wp-content/uploads/2016/12/struma_logo_retina.jpg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::6815:3627 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2947a68c3b9205879f47c1fe508e4b95197f7e8ab129c2a7139845e34524328a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://struma.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 07:12:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 392
alt-svc: h3=":443"; ma=86400
content-length: 3104
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Tue, 21 Feb 2017 16:22:06 GMT
server: cloudflare
etag: "58ac692e-c20"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iR2jPcdVBwOeM%2BWO9aRv5JDY1%2BuvUnGqkbMdh8LIt3cYx%2FxzXfZBLSaunJ5rSdBtsCfxiDlK9zYWaJmkFeqWxsOUPOQqL55fKvHuo15Y8bgyQYHcJE7aueOUvMXo6wIR8jsreKghbXw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: max-age=31536000
permissions-policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
accept-ranges: bytes
cf-ray: 82e148eac90f9183-FRA

GET
H2 200 294x140_1701244611-765x510.jpg
struma.bg/wp-content/uploads/2023/11/ 51 KB
52 KB 164ms
163ms Image
image/jpeg 2606:4700:3035::6815:3627
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://struma.bg/wp-content/uploads/2023/11/294x140_1701244611-765x510.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::6815:3627 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9a109457f95156a2eca0712e676dfe53b63bdb6de75114fc2d48330de31c6878

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://struma.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 07:12:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 52385
x-xss-protection: 1; mode=block
x-served-by: struma.bg
referrer-policy: strict-origin
last-modified: Wed, 29 Nov 2023 11:12:29 GMT
server: cloudflare
etag: "65671c9d-cca1"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sSMJna0EDXXamNKwb66vGZ9Yst2TTS%2BBPWuyKA8jSTv5ayGkfeNtDJSQ%2FEibvOYiln2Z59WCzRYSSfChDxyvqyVvIaP3SnB%2B2cS2lSxCv6vS8hH%2B5FKLsnFjWOoK8RPsWxwe6zbEQcM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: max-age=31536000
permissions-policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
accept-ranges: bytes
cf-ray: 82e148ea5c2703e4-FRA

GET
H2 200 a.js Show response
st-n.ads1-adnow.com/js/ 86 KB
33 KB 89ms
30ms Script
application/javascript 2a03:90c0:41:2801::62
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://st-n.ads1-adnow.com/js/a.js
Requested by: Host: struma.bg
URL: https://struma.bg/%D0%BD%D1%81-%D1%80%D0%B5%D1%88%D0%B8-%D0%BD%D1%8F%D0%BC%D0%B0-%D0%B4%D0%B0-%D0%B8%D0%BC%D0%B0-%D0%BA%D0%BE%D0%BC%D0%B8%D1%81%D0%B8%D1%8F-%D0%B7%D0%B0-%D1%80%D0%B0%D0%B7%D1%81%D0%BB%D0%B5%D0%B4%D0%B2/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: d76535ab07df1120bfada6d12d72c8c1f46cbe4bc32d4c84d3c26af0656a8da5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://struma.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-id: fr5-hw-edge-gc8
date: Thu, 30 Nov 2023 07:12:55 GMT
content-encoding: gzip
last-modified: Tue, 28 Nov 2023 09:46:11 GMT
server: nginx
etag: W/"6565b6e3-15946"
x-cached-since: 2023-11-30T07:12:30+00:00
content-type: application/javascript
cache-control: max-age=60
cache: HIT
x-id-fe: fr5-hw-edge-gc8
expires: Thu, 30 Nov 2023 07:13:55 GMT

GET
H2 200 struma.bg.1136859.js Show response
jsc.adskeeper.com/s/t/ 4 KB
2 KB 94ms
41ms Script
text/javascript 2606:4700:4400::ac40:986a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.adskeeper.com/s/t/struma.bg.1136859.js
Requested by: Host: struma.bg
URL: https://struma.bg/%D0%BD%D1%81-%D1%80%D0%B5%D1%88%D0%B8-%D0%BD%D1%8F%D0%BC%D0%B0-%D0%B4%D0%B0-%D0%B8%D0%BC%D0%B0-%D0%BA%D0%BE%D0%BC%D0%B8%D1%81%D0%B8%D1%8F-%D0%B7%D0%B0-%D1%80%D0%B0%D0%B7%D1%81%D0%BB%D0%B5%D0%B4%D0%B2/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:986a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 99c96a265028ca8e1f611718b2ddbee2dd50375e62d32ac989f692b03fa033c3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://struma.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 07:12:55 GMT
content-encoding: gzip
x-amz-version-id: i73TOgmojSIrac26FGsayKzgkHleCVPN
cf-cache-status: HIT
x-amz-request-id: NPGVN75HTDQCSKPX
age: 2444
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
content-length: 1440
x-amz-id-2: wLRPCduu6njomqQKtssGc+oEjaNE5amhrhu/tjAq+1Biv0o6y46CJs4ivQPsu9XPdOPnxK1s6D8=
last-modified: Mon, 27 Nov 2023 10:47:52 GMT
server: cloudflare
etag: "0e6017c643b1b2cdfa3b42ef2d6b8d4b"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 82e148eb1e821e5b-FRA
expires: Thu, 30 Nov 2023 11:12:55 GMT

GET
H2 200 struma.bg.1290783.js Show response
jsc.mgid.com/s/t/ 4 KB
2 KB 265ms
212ms Script
text/javascript 2606:4700:1::6813:854c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://jsc.mgid.com/s/t/struma.bg.1290783.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:1::6813:854c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

150c4ce68ca34720f62e60afcde151da83ded89e0865822ef8fa76ae1e70a91e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://struma.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 07:12:55 GMT
x-amz-version-id: uV6BK0rC3M_wDL8Jy.5jaU2c5UC0ha3j
content-encoding: br
cf-cache-status: HIT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: HVVHHJPT83MSAANT
cf-polished: origSize=3755
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: g42KsPGAbBz+UJr7ODHMd0BcLfmzTEL6La6mPWdXdMWzxQ8Netsx9oGH507fAmQ4RbcaijdiTTg=
cf-bgj: minify
last-modified: Mon, 27 Nov 2023 14:04:45 GMT
server: cloudflare
etag: W/"1dfd43c9a1f0a7c76dfdff34b5d867a5"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=10800
cf-ray: 82e148eb1b3835e0-FRA
expires: Thu, 30 Nov 2023 10:12:55 GMT

GET
H3 200 294x140_1701277617-165x109.jpg
struma.bg/wp-content/uploads/2023/11/ 6 KB
7 KB 29ms
29ms Image
image/jpeg 2606:4700:3035::6815:3627
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://struma.bg/wp-content/uploads/2023/11/294x140_1701277617-165x109.jpg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::6815:3627 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b4b4cd8abf4c853ad0d8d039156cdca4a8f5b1157ebf18af7d0c461cb23d7fc0

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://struma.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 07:12:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 392
alt-svc: h3=":443"; ma=86400
content-length: 6005
x-xss-protection: 1; mode=block
x-served-by: struma.bg
referrer-policy: strict-origin
last-modified: Thu, 30 Nov 2023 06:18:45 GMT
server: cloudflare
etag: "65682945-1775"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5CHkqTXNFDIKA5wvoKAMrBIZPBrXYWVE0RUfpKNPmGlVjoPzQc204WKaEtob%2F741gN53C9JEiJx0Q%2BvxbjEy%2BGVpsNCHwySw2wJxNV27sRIznBw%2FwHRw4T8loDRzKzOGcU8sc704SD8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: max-age=31536000
permissions-policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
accept-ranges: bytes
cf-ray: 82e148eaa8e09183-FRA

GET
H3 200 COVID19-1-165x109.jpg
struma.bg/wp-content/uploads/2023/11/ 5 KB
6 KB 102ms
99ms Image
image/jpeg 2606:4700:3035::6815:3627
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://struma.bg/wp-content/uploads/2023/11/COVID19-1-165x109.jpg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::6815:3627 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0080fc182724bb08c4f7f45f0752d0e291afa9e49d831c62dafd805267a2a45f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://struma.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 07:12:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 392
alt-svc: h3=":443"; ma=86400
content-length: 5299
x-xss-protection: 1; mode=block
x-served-by: struma.bg
referrer-policy: strict-origin
last-modified: Thu, 30 Nov 2023 06:05:49 GMT
server: cloudflare
etag: "6568263d-14b3"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2gFbbSF3K%2B4Uvl58KdX7hxieze2ND55ksNv%2B11wMtvmkIFiQzzNWL605adPxhHiwxjkimxw6AIlTzLKj5nzRIsPCR%2BzFK9hoszqlSyK7mxccZMqm79T556NDdZg%2B1gcbWcUZjtLjWSc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: max-age=31536000
permissions-policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
accept-ranges: bytes
cf-ray: 82e148eac9109183-FRA

GET
H3 200 991-ratio-sergej-lavrov-165x109.jpg
struma.bg/wp-content/uploads/2023/11/ 5 KB
6 KB 105ms
102ms Image
image/jpeg 2606:4700:3035::6815:3627
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://struma.bg/wp-content/uploads/2023/11/991-ratio-sergej-lavrov-165x109.jpg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::6815:3627 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4738220a67bdb2caee6f2a17b01ad9c83456114795264cfd7358faad8c2e26ad

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://struma.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 07:12:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 392
alt-svc: h3=":443"; ma=86400
content-length: 5179
x-xss-protection: 1; mode=block
x-served-by: struma.bg
referrer-policy: strict-origin
last-modified: Thu, 30 Nov 2023 06:08:56 GMT
server: cloudflare
etag: "656826f8-143b"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RRjL9NhGWi8H0Ut9EFi3mjsKk9IyLyc%2BNKHZKLzJWkCcCzwHLdcCHyZMkRJUp%2Fty38xazLg8Wn6VQncIo%2BNirf05pGUIk67XEpNHFABtRZ%2FGERLcuG1bSHBtVf5iZkURTh3lGGTjpFs%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: max-age=31536000
permissions-policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
accept-ranges: bytes
cf-ray: 82e148eac9119183-FRA

GET
H3 200 %D0%B8%D0%B7%D1%82%D0%B5%D0%B3%D0%BB%D0%B5%D0%BD-%D1%84%D0%B0%D0%B9%D0%BB-1-5-165x109.jpg
struma.bg/wp-content/uploads/2023/11/ 6 KB
7 KB 106ms
103ms Image
image/jpeg 2606:4700:3035::6815:3627
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://struma.bg/wp-content/uploads/2023/11/%D0%B8%D0%B7%D1%82%D0%B5%D0%B3%D0%BB%D0%B5%D0%BD-%D1%84%D0%B0%D0%B9%D0%BB-1-5-165x109.jpg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::6815:3627 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

474bce658cf4099a533876ad3b355841f28f859970abb15faf021d4440360fe9

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://struma.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 07:12:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6390
alt-svc: h3=":443"; ma=86400
content-length: 6006
x-xss-protection: 1; mode=block
x-served-by: struma.bg
referrer-policy: strict-origin
last-modified: Wed, 29 Nov 2023 16:48:12 GMT
server: cloudflare
etag: "65676b4c-1776"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MhmQZrIwjlpZdlVKqc%2Bgxq%2F5k%2BQJJpV93658I%2FzpyTRLEMGPQE8kDuDt1cNsac54GcCmlI4UAHBNCMV8zat6Z0bfu2%2Ft09Ajt96pa7N4KjRxmC%2BRn0BD1gMdXkpegNzLyIrhIu13p4w%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: max-age=31536000
permissions-policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
accept-ranges: bytes
cf-ray: 82e148eac9139183-FRA

GET
H3 200 logo-largo.jpg
struma.bg/wp-content/uploads/2020/02/ 5 KB
6 KB 107ms
104ms Image
image/jpeg 2606:4700:3035::6815:3627
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://struma.bg/wp-content/uploads/2020/02/logo-largo.jpg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::6815:3627 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

10dace68155c5de4923c2037d6a6cae1c4f71913e77264e5632ebb598bc824c8

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://struma.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 07:12:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 392
alt-svc: h3=":443"; ma=86400
content-length: 5513
x-xss-protection: 1; mode=block
x-served-by: struma.bg
referrer-policy: strict-origin
last-modified: Wed, 05 Feb 2020 14:44:38 GMT
server: cloudflare
etag: "5e3ad4d6-1589"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bRBaL1o1Re2zJKV6TWuo%2FDGT%2B4pmVJ421mPDf4DKlcu3PoG8W9pvrH0tKQzrkykLJsLjVUaeQ7yZs6TpQLLiEgnDWmo1kC8sx2K9MsjgmNh0Lr0IBOMPVh1mVSySFRrs%2Fx%2FUzwDZEDQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: max-age=31536000
permissions-policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
accept-ranges: bytes
cf-ray: 82e148eac9149183-FRA

GET
H3 200 kfmLogo_bg.png
struma.bg/wp-content/uploads/2023/05/ 41 KB
42 KB 108ms
105ms Image
image/png 2606:4700:3035::6815:3627
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://struma.bg/wp-content/uploads/2023/05/kfmLogo_bg.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::6815:3627 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7153da2e49972f327ebf2d83a128aedd2614049c715121b271e0f6ea67e6caca

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://struma.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 07:12:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 392
alt-svc: h3=":443"; ma=86400
content-length: 42433
x-xss-protection: 1; mode=block
x-served-by: struma.bg
referrer-policy: strict-origin
last-modified: Mon, 15 May 2023 12:52:39 GMT
server: cloudflare
etag: "64622b17-a5c1"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=060oO2wwwnb3KjR1Fuxd28cyrvfLY1p2Mh2kQww6uLN%2BoPD2l3le1GmfvX0IPL7k6C16atwbyhCnnO0Ux3ILVx%2BazFOf8Si69NqMibz3dOtscZhK8u09LpPZZN5sB1NenHebfK3swDE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: max-age=31536000
permissions-policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
accept-ranges: bytes
cf-ray: 82e148eac9159183-FRA

GET
H3 200 i1-3_baikushev_metodi_result-81x55.gif
struma.bg/wp-content/uploads/2023/11/ 3 KB
4 KB 110ms
107ms Image
image/gif 2606:4700:3035::6815:3627
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://struma.bg/wp-content/uploads/2023/11/i1-3_baikushev_metodi_result-81x55.gif

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::6815:3627 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cf583db8344e9a581c1ab3183d073cc80f32bae519f94595323af9f827a0ac6a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://struma.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 07:12:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 392
alt-svc: h3=":443"; ma=86400
content-length: 3389
x-xss-protection: 1; mode=block
x-served-by: struma.bg
referrer-policy: strict-origin
last-modified: Wed, 29 Nov 2023 17:18:21 GMT
server: cloudflare
etag: "6567725d-d3d"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5X7bOUGlQZ0aqbQaMrUinhYyoov5YzINNcGdWVzYmxE4kLNWzkmIS2vLcop2eFJ7EY0jUNKT47qoVeLhfumIlWs%2BxANyQot8TLt3jsLZmpEIdkHjHXqNesdapI%2BkZjeyE5cqY7HkDpI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
vary: Accept-Encoding
cache-control: max-age=31536000
permissions-policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
accept-ranges: bytes
cf-ray: 82e148eac9179183-FRA

GET
H3 200 294x140_1701277617-81x55.jpg
struma.bg/wp-content/uploads/2023/11/ 2 KB
3 KB 111ms
108ms Image
image/jpeg 2606:4700:3035::6815:3627
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://struma.bg/wp-content/uploads/2023/11/294x140_1701277617-81x55.jpg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::6815:3627 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

efab51eff2a621c2155475f63f0f71816f5ac41b91d611c68b341ace6ec5b663

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://struma.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 07:12:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1575
alt-svc: h3=":443"; ma=86400
content-length: 2252
x-xss-protection: 1; mode=block
x-served-by: struma.bg
referrer-policy: strict-origin
last-modified: Thu, 30 Nov 2023 06:18:45 GMT
server: cloudflare
etag: "65682945-8cc"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6M0ea9fvZeodd9U6wKl7CYAfaNLDktf1B6UopuV2AAxGORVcHF3EAYyvRpB6t42BW7l2EvL225vTvqtFKuqI9%2FaqZ8ciLR1yFDuAlhccndbdLdPRe12%2B2AdRfmCna7qQrTOw7E71Z2A%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: max-age=31536000
permissions-policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
accept-ranges: bytes
cf-ray: 82e148eac9189183-FRA

GET
H3 200 COVID19-1-81x55.jpg
struma.bg/wp-content/uploads/2023/11/ 2 KB
3 KB 112ms
109ms Image
image/jpeg 2606:4700:3035::6815:3627
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://struma.bg/wp-content/uploads/2023/11/COVID19-1-81x55.jpg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::6815:3627 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b70e40d8a689b820544e9a8c25999c929c00b055bd724e22da96df740a15d82f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://struma.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 07:12:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 392
alt-svc: h3=":443"; ma=86400
content-length: 2047
x-xss-protection: 1; mode=block
x-served-by: struma.bg
referrer-policy: strict-origin
last-modified: Thu, 30 Nov 2023 06:05:49 GMT
server: cloudflare
etag: "6568263d-7ff"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bvQTzi6E1yAUkebUz%2FNgMQiMs2d7pmHLrx746gP8LEQZ85P0SX9WVrykI0%2FDBj%2B2zhQJy6If4VCs75ciuO0YWM%2F%2BJHvB2MG8UF3%2Bt42LVDf%2FNx%2FTr%2BaxC9W%2BtEWktG7SaGXGrkj%2BQCo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: max-age=31536000
permissions-policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
accept-ranges: bytes
cf-ray: 82e148eac91a9183-FRA

GET
H3 200 991-ratio-sergej-lavrov-81x55.jpg
struma.bg/wp-content/uploads/2023/11/ 2 KB
3 KB 112ms
110ms Image
image/jpeg 2606:4700:3035::6815:3627
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://struma.bg/wp-content/uploads/2023/11/991-ratio-sergej-lavrov-81x55.jpg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::6815:3627 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

97c2914dd845f3d215f957b2872aef8d21221de8c7547110f44662c96b1b2193

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://struma.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 07:12:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 392
alt-svc: h3=":443"; ma=86400
content-length: 1952
x-xss-protection: 1; mode=block
x-served-by: struma.bg
referrer-policy: strict-origin
last-modified: Thu, 30 Nov 2023 06:08:56 GMT
server: cloudflare
etag: "656826f8-7a0"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FYFZZyalRl4G11dZitXekm4RDRgb7%2BI3h2SYOyb6yPgr%2BuVQUdpmckm%2ByfYDvBxe4LDsxKzTsVjsSjWXwBDOpHrU0uge4aLHnFkQpD7vVMhi%2FDdjssoSZoLy%2FftBtmS%2FwXt9Wk%2FuyUQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: max-age=31536000
permissions-policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
accept-ranges: bytes
cf-ray: 82e148eac91b9183-FRA

GET
H3 200 andreevden-e-kakvi-sa-obichaite-011-81x55.jpg
struma.bg/wp-content/uploads/2023/11/ 2 KB
2 KB 113ms
111ms Image
image/jpeg 2606:4700:3035::6815:3627
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://struma.bg/wp-content/uploads/2023/11/andreevden-e-kakvi-sa-obichaite-011-81x55.jpg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::6815:3627 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

27ab9a78a525201acd5c66562a7ddbfbe44d5431474d345b577031fdc61c13cf

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://struma.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 07:12:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2576
alt-svc: h3=":443"; ma=86400
content-length: 1788
x-xss-protection: 1; mode=block
x-served-by: struma.bg
referrer-policy: strict-origin
last-modified: Thu, 30 Nov 2023 06:07:39 GMT
server: cloudflare
etag: "656826ab-6fc"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IqaJ4Ndv7uUq40fejSrMRluRDAWo7G%2B5yMIsMhuknhF9jcdTFxrVJVvp8ZHRSuzkk%2FdmQY6dl%2BHQ5IAidUVJHttx4kq4MgKkXfW7lV9Igy7f%2BzJDhPKXmuQt0grUTBmZvytrQalLuEw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: max-age=31536000
permissions-policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
accept-ranges: bytes
cf-ray: 82e148eac91c9183-FRA

GET
H3 200 899234-81x55.jpg
struma.bg/wp-content/uploads/2023/11/ 2 KB
3 KB 115ms
112ms Image
image/jpeg 2606:4700:3035::6815:3627
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://struma.bg/wp-content/uploads/2023/11/899234-81x55.jpg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::6815:3627 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2cef4d5519e8eaec7a37550736f40dbabb970cfacb137921669274e9032480b9

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://struma.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 07:12:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2827
alt-svc: h3=":443"; ma=86400
content-length: 1999
x-xss-protection: 1; mode=block
x-served-by: struma.bg
referrer-policy: strict-origin
last-modified: Thu, 30 Nov 2023 06:14:09 GMT
server: cloudflare
etag: "65682831-7cf"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HLWxc55EMBd7uaSESHTbaCxsFFl%2BB9nLOz0OSaCjpf%2Fjuh1SRz4LYKyyxbOSn0i%2FXQo8ks68Bih7sJqoE1u9GKSLx4hut6TwUmw30DY3eAoAqamHokk5w7%2Bitcconq3EEY9nBj7%2Bubk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: max-age=31536000
permissions-policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
accept-ranges: bytes
cf-ray: 82e148eac91d9183-FRA

GET
H3 200 4-17-81x55.jpg
struma.bg/wp-content/uploads/2023/11/ 7 KB
8 KB 116ms
113ms Image
image/jpeg 2606:4700:3035::6815:3627
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://struma.bg/wp-content/uploads/2023/11/4-17-81x55.jpg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::6815:3627 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c6407d5b7aca0abde3722967fd765b3a8f7d71974206c7640b0b4d65fff09090

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://struma.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 07:12:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2576
alt-svc: h3=":443"; ma=86400
content-length: 7578
x-xss-protection: 1; mode=block
x-served-by: struma.bg
referrer-policy: strict-origin
last-modified: Wed, 29 Nov 2023 15:30:45 GMT
server: cloudflare
etag: "65675925-1d9a"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HRjbX7Qn2PthGYvk2%2BE8%2BN5bFqj1ycjxr%2FRODsbmNOg5BYf6jS%2FaX9%2BAT7yBtZjplW9%2BdXZRbSnwQUDuHLBKXKUIKX%2BTWTcfJuScgzqTzCE95%2FooiKF3Wb0varcav%2BpfCiSbmkwQIqA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: max-age=31536000
permissions-policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
accept-ranges: bytes
cf-ray: 82e148eac91e9183-FRA

GET
H3 200 555498-2-81x55.jpg
struma.bg/wp-content/uploads/2023/11/ 1 KB
2 KB 118ms
115ms Image
image/jpeg 2606:4700:3035::6815:3627
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://struma.bg/wp-content/uploads/2023/11/555498-2-81x55.jpg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::6815:3627 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

697a21d3e2d9a51084dd673df60a5842c68120392fea6ca536bb0a686801d742

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://struma.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 07:12:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3418
alt-svc: h3=":443"; ma=86400
content-length: 1357
x-xss-protection: 1; mode=block
x-served-by: struma.bg
referrer-policy: strict-origin
last-modified: Thu, 30 Nov 2023 06:04:01 GMT
server: cloudflare
etag: "656825d1-54d"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=95vOxwayBO3vlLiLSs%2Bd8Un7hqKVmIPq4EwRmRT4n%2F7vzhrCjenU0yPFQK9YRg1wM%2FUkEwLxD%2B1dQwfHwRS6Eeo4mbr9ZoN%2FIGufoY%2Ff4pn%2BWNauFcf1qzmKa6D5aaSUGlGKUbu%2FJgc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: max-age=31536000
permissions-policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
accept-ranges: bytes
cf-ray: 82e148eac9209183-FRA

GET
H3 200 i1-1_chimev_metodi_result-81x55.gif
struma.bg/wp-content/uploads/2023/11/ 5 KB
6 KB 118ms
116ms Image
image/gif 2606:4700:3035::6815:3627
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://struma.bg/wp-content/uploads/2023/11/i1-1_chimev_metodi_result-81x55.gif

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::6815:3627 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b9432de7513a329a182574c3b8db7b5594094cb9528c400a377e48945c63f90c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://struma.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 07:12:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4235
alt-svc: h3=":443"; ma=86400
content-length: 5002
x-xss-protection: 1; mode=block
x-served-by: struma.bg
referrer-policy: strict-origin
last-modified: Wed, 29 Nov 2023 17:07:59 GMT
server: cloudflare
etag: "65676fef-138a"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iJ41sdNPGClfAg034gpGrop5QfYs%2BuF7u7KZ4GkhRTE0Uj3LTo3uSctYAWacKPJHLvLqq1U6GO5OFE8Uhae%2BaRCK44Xya1YzFoHmcRIXTRMXgrU65%2B4RJw13JTcOg6I5PLx9klzLCeg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
vary: Accept-Encoding
cache-control: max-age=31536000
permissions-policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
accept-ranges: bytes
cf-ray: 82e148eac9219183-FRA

GET
H3 200 horoskop-za-24-maj-2023-g-mnogo-pozitiven-den-za-81x55.jpg
struma.bg/wp-content/uploads/2023/08/ 3 KB
3 KB 120ms
118ms Image
image/jpeg 2606:4700:3035::6815:3627
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://struma.bg/wp-content/uploads/2023/08/horoskop-za-24-maj-2023-g-mnogo-pozitiven-den-za-81x55.jpg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::6815:3627 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3cdf7b9050b77215810c157f54ddb9d071403368cd88ae7e7c448de3205a94d2

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://struma.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 07:12:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2827
alt-svc: h3=":443"; ma=86400
content-length: 2667
x-xss-protection: 1; mode=block
x-served-by: struma.bg
referrer-policy: strict-origin
last-modified: Fri, 25 Aug 2023 13:22:53 GMT
server: cloudflare
etag: "64e8ab2d-a6b"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VPlkdSxjDJwtK5m%2BdLN9jWP4q3QBeuxBdKDytr%2B8X4UstG6d6IHO4oofXrQtesX4ewbUpOvkZnF9he4frcN3nWA2X5u%2BfyPeshugq7pN98uKqcPbV8mA%2BDVPwEB2Tovi6Yc%2BOgSB8bI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: max-age=31536000
permissions-policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
accept-ranges: bytes
cf-ray: 82e148eac9239183-FRA

GET
H3 200 baner_hydro.jpg
struma.bg/wp-content/uploads/2023/11/ 55 KB
55 KB 121ms
119ms Image
image/jpeg 2606:4700:3035::6815:3627
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://struma.bg/wp-content/uploads/2023/11/baner_hydro.jpg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::6815:3627 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7701eba9b44eb408d2231d10547ceee885afc69df73a40303b9eb66940e13711

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://struma.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 07:12:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 392
alt-svc: h3=":443"; ma=86400
content-length: 56084
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Tue, 14 Nov 2023 11:08:43 GMT
server: cloudflare
etag: "6553553b-db14"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ErPe%2FLOI4ctqwECyV2fBNfepITC8c0X9%2BQCPzqeLVeFgRSYVdEUBZ8b6W7a2lkzkXWX721vIoVAVt9cGsIC4De6kpzQFTdEAgwcMiugZq%2Fs4vU%2FOcyIw5CzeO4%2BuWxaNbg6NTvRx81o%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: max-age=31536000
permissions-policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
accept-ranges: bytes
cf-ray: 82e148eac9259183-FRA

GET
H3 200 Banner-Electrohold-336x280px-01.jpg
struma.bg/wp-content/uploads/2023/10/ 21 KB
22 KB 122ms
120ms Image
image/jpeg 2606:4700:3035::6815:3627
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://struma.bg/wp-content/uploads/2023/10/Banner-Electrohold-336x280px-01.jpg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::6815:3627 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6330b250ce97ae8971b752d428752058faeaaa0ac2182a6d91e65bae2380e3ae

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://struma.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 07:12:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 392
alt-svc: h3=":443"; ma=86400
content-length: 21753
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Wed, 11 Oct 2023 21:00:28 GMT
server: cloudflare
etag: "65270cec-54f9"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2mSkmrgAfWycp%2B8ayUP1u6kMuYeEEyZNlWXxA2YUhCpo9WA55qfD3EnLmqqeLt6UuSgUxscO4ylxMdpGmYbtAwDZDjjD2m9f2sCqEsCWd0Oq84h2QQpR481YcOKKLFE8U78xzrEEgtA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: max-age=31536000
permissions-policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
accept-ranges: bytes
cf-ray: 82e148eac9269183-FRA

GET
H3 200 250x250px-electrohold-3-stupki.png
struma.bg/wp-content/uploads/2023/11/ 93 KB
94 KB 123ms
121ms Image
image/png 2606:4700:3035::6815:3627
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://struma.bg/wp-content/uploads/2023/11/250x250px-electrohold-3-stupki.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::6815:3627 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7f447356ccf0699d8791d6c87bd44677a6250afcaf6a022d3c74228b638012c0

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://struma.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 07:12:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 392
alt-svc: h3=":443"; ma=86400
content-length: 95609
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Fri, 03 Nov 2023 11:30:10 GMT
server: cloudflare
etag: "6544d9c2-17579"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9MP%2Bp463OKg4uIvcInZxXibALJIs8%2FaeAxC3prDz3Bu9vz5pigxYeTyHalnTxt4LBGCVj3vIb%2BGGHEvajx%2BheS9EedEO0e4V25C%2FieUWjSiww%2BJY6ihFSh%2Fl1xCRcQIfrmxWQiE5bJ0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: max-age=31536000
permissions-policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
accept-ranges: bytes
cf-ray: 82e148eac9279183-FRA

GET
H3 200 baner_energoto.jpg
struma.bg/wp-content/uploads/2023/08/ 46 KB
47 KB 137ms
135ms Image
image/jpeg 2606:4700:3035::6815:3627
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://struma.bg/wp-content/uploads/2023/08/baner_energoto.jpg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::6815:3627 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e176abf520dcdae51ff540880992de96e67e7cb68d9ce16fec3b87d036e3001e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://struma.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 07:12:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 392
alt-svc: h3=":443"; ma=86400
content-length: 47052
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Mon, 28 Aug 2023 08:19:46 GMT
server: cloudflare
etag: "64ec58a2-b7cc"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zJEx%2FBNgjDt4yaFuTFR0E8b5O9Si7F%2FiVNF8KR%2BKbQQkc%2Fz0ni0TpjSMf9IqlxZIb1rMRVBeQd0c2koShH3lLxuejqCKpM8TamVpb4hN49c2fix1r75ncW6tNsX%2FSSVwnhJQ7bYxHDg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: max-age=31536000
permissions-policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
accept-ranges: bytes
cf-ray: 82e148eac9289183-FRA

GET
H3 200 baner_sharlopov-1.jpg
struma.bg/wp-content/uploads/2022/07/ 43 KB
43 KB 141ms
139ms Image
image/jpeg 2606:4700:3035::6815:3627
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://struma.bg/wp-content/uploads/2022/07/baner_sharlopov-1.jpg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::6815:3627 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3d1c2f35094801483b09e1ca0e6f952c38b597d472bf0b13a2087089b54886f0

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://struma.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 07:12:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2827
alt-svc: h3=":443"; ma=86400
content-length: 43773
x-xss-protection: 1; mode=block
x-served-by: struma.bg
referrer-policy: strict-origin
last-modified: Thu, 14 Jul 2022 22:23:02 GMT
server: cloudflare
etag: "62d09746-aafd"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uFAzg%2BVOleGrZcK24gYvR1eWo7bftp%2FV6%2FKYUDCBuiNJP%2FR5bgp7aBrjUVwmMjnQmz2ZcE3bh7wHoPHIC32lMr4wI%2BrolwHKCe2IrpSYiI7flumkk5ii7rtgFlZMIHW29vd5O%2FzLQcw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: max-age=31536000
permissions-policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
accept-ranges: bytes
cf-ray: 82e148eac9299183-FRA

GET
H3 200 baner_brikolaj_new.jpg
struma.bg/wp-content/uploads/2022/06/ 51 KB
52 KB 142ms
140ms Image
image/jpeg 2606:4700:3035::6815:3627
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://struma.bg/wp-content/uploads/2022/06/baner_brikolaj_new.jpg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::6815:3627 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

93e703b122858dfc4cd20b874cd1a1c0e5424d07f7b313f60456bdec52d64216

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://struma.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 07:12:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 392
alt-svc: h3=":443"; ma=86400
content-length: 52655
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Wed, 15 Jun 2022 21:50:12 GMT
server: cloudflare
etag: "62aa5414-cdaf"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p09i4ymbYySKqnpReADDiBILdAAlVr7lRlgT3Db44IHszo3RD9Xe8bYWvbdaRKIBdyiPSjgCEcEMLyAYpxT9%2F%2Bh0VHd72JNcb136ym9DRXeWBQLfv%2FqreAfAOoNvKmkg7MpdzlFrKcc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: max-age=31536000
permissions-policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
accept-ranges: bytes
cf-ray: 82e148eac92a9183-FRA

GET
H3 200 hotel-orbita-300x250.jpg
struma.bg/wp-content/uploads/2017/02/ 103 KB
104 KB 143ms
141ms Image
image/jpeg 2606:4700:3035::6815:3627
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://struma.bg/wp-content/uploads/2017/02/hotel-orbita-300x250.jpg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::6815:3627 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f59220288818ac9a0efd283cbdc1ee692ea5a6615d53d0ab9c1a1c7e92001176

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://struma.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 07:12:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 392
alt-svc: h3=":443"; ma=86400
content-length: 105618
x-xss-protection: 1; mode=block
x-served-by: struma.bg
referrer-policy: strict-origin
last-modified: Sun, 12 Feb 2017 00:04:33 GMT
server: cloudflare
etag: "589fa691-19c92"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nwNbue6hMmmFglYOEz6wtLHqOvSah%2BF0Nitqfv8sY6lveV9FGqRfGPaM2tSVGr4xe4jUbQnSxZ1jhmQ30cUwl%2FE0mW0fwyEI1RV6ZsipqmznqARvZxWn%2Fa1y6a9k1umv70Onsy6%2BQZY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: max-age=31536000
permissions-policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
accept-ranges: bytes
cf-ray: 82e148eac92c9183-FRA

GET
H3 200 TV-170x113.jpg
struma.bg/wp-content/uploads/2023/05/ 9 KB
10 KB 148ms
146ms Image
image/jpeg 2606:4700:3035::6815:3627
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://struma.bg/wp-content/uploads/2023/05/TV-170x113.jpg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::6815:3627 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

84f4ef64deccf9553fb29d45b7b7d2a80c31403f089741d5af7b42e0c4f5883e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://struma.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 07:12:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 902
alt-svc: h3=":443"; ma=86400
content-length: 9088
x-xss-protection: 1; mode=block
x-served-by: struma.bg
referrer-policy: strict-origin
last-modified: Fri, 12 May 2023 13:05:46 GMT
server: cloudflare
etag: "645e39aa-2380"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B84Ik6VK5FJfWFjuUo5LjfBGP6eo%2FzxpO8MHDeFEtxQ%2BKYEAU0I3hW3gfx2pRl%2BObi3R8fLJF9bHBXq5KCOcRJnjm9RbXipwmmML%2BQcbnp5%2BWEZqNs8ZyLRE5HvU%2BwNQ8g%2BnDESo%2Fc0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: max-age=31536000
permissions-policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
accept-ranges: bytes
cf-ray: 82e148eac92d9183-FRA

GET
H3 200 COVID19-1-170x113.jpg
struma.bg/wp-content/uploads/2023/11/ 5 KB
6 KB 149ms
147ms Image
image/jpeg 2606:4700:3035::6815:3627
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://struma.bg/wp-content/uploads/2023/11/COVID19-1-170x113.jpg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::6815:3627 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4be5965ec09031c136ca23f09f35b7235f8fdd5b1d3bc355e03efdcfb1dfe039

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://struma.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 07:12:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 902
alt-svc: h3=":443"; ma=86400
content-length: 5563
x-xss-protection: 1; mode=block
x-served-by: struma.bg
referrer-policy: strict-origin
last-modified: Thu, 30 Nov 2023 06:05:49 GMT
server: cloudflare
etag: "6568263d-15bb"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z0qleZ1%2F1llMzhV4H05IbB1pnlQ3aTmWciX%2BEPqdadQ9BbaCvAlLHyNqFFGIDvLCiUB2w7PGXILJYbVAcOXLkgNLUMp3d12ex0NgwUl4o7hKkqWhbGwdtkrB%2FLdo40xuhxvp5C5jjNE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: max-age=31536000
permissions-policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
accept-ranges: bytes
cf-ray: 82e148eac92f9183-FRA

GET
H3 200 horoskop-za-24-maj-2023-g-mnogo-pozitiven-den-za-170x113.jpg
struma.bg/wp-content/uploads/2023/08/ 8 KB
8 KB 149ms
148ms Image
image/jpeg 2606:4700:3035::6815:3627
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://struma.bg/wp-content/uploads/2023/08/horoskop-za-24-maj-2023-g-mnogo-pozitiven-den-za-170x113.jpg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::6815:3627 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d6cad12f9d8e4b25b93220906b7cddee8bed70097b31745a77c0a3ad75fd996e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://struma.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 07:12:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 902
alt-svc: h3=":443"; ma=86400
content-length: 7777
x-xss-protection: 1; mode=block
x-served-by: struma.bg
referrer-policy: strict-origin
last-modified: Fri, 25 Aug 2023 13:22:52 GMT
server: cloudflare
etag: "64e8ab2c-1e61"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M%2FrI6HYtUKY%2BHe7Mf282vRMnIayzSTuSK9p0c2EJk6rDWyphjZ%2FKZ1Lg7bumPbKElZudLA9s7cd6K%2FL%2BM1s5%2BKoYstyUQUKx7zvTxP0iTsvKgffMm4LRgYD%2FOEgeYIccUrPzJx9WKsw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: max-age=31536000
permissions-policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
accept-ranges: bytes
cf-ray: 82e148eac9309183-FRA

GET
H3 200 250x250-struma-banner.jpg
struma.bg/wp-content/uploads/2017/02/ 22 KB
23 KB 150ms
148ms Image
image/jpeg 2606:4700:3035::6815:3627
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://struma.bg/wp-content/uploads/2017/02/250x250-struma-banner.jpg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::6815:3627 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9811c6be17b570a85ec4168a9075ce04d300cbfdb8f9d1946c192ba7cea730ae

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://struma.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 07:12:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 392
alt-svc: h3=":443"; ma=86400
content-length: 22396
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Tue, 21 Feb 2017 16:19:46 GMT
server: cloudflare
etag: "58ac68a2-577c"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RRJJPAHzitWYjxUSlwKxy9EE8WAa01Os46bYvZy2uNP3177%2FZ%2FG9edPrNVt6Tz8%2BQU3OcHWtvU0U020aBB6NjrQMGlAROJXNZUjx7jJRejef1YZvV1yfNudVb1LK4%2FzwF6oUBxIY4pk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: max-age=31536000
permissions-policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
accept-ranges: bytes
cf-ray: 82e148eac9319183-FRA

GET
H3 200 struma_logo_small.jpg
struma.bg/wp-content/uploads/2016/12/ 9 KB
10 KB 151ms
150ms Image
image/jpeg 2606:4700:3035::6815:3627
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://struma.bg/wp-content/uploads/2016/12/struma_logo_small.jpg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::6815:3627 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c7d3d0e191dc84bc51059bcd15dd024b8f47a0b017879a0cce492d62b28c3ce6

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://struma.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 07:12:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 392
alt-svc: h3=":443"; ma=86400
content-length: 9221
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Sun, 12 Feb 2017 00:37:25 GMT
server: cloudflare
etag: "589fae45-2405"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0TEbkLAxTWauRs3sfd7m3cAt59Efrmr7YdGta%2BX2VO%2F7Nb9sCVWyBQ6g0otVYUuBcg%2BNYWtK%2BWteisoqltb%2F0BgWkowvH8gkhkwZ6DkusthoPyUmVXXIpFEFuNaXHcB2QRbWjD3dRxY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: max-age=31536000
permissions-policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
accept-ranges: bytes
cf-ray: 82e148eac9339183-FRA

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 92 KB
30 KB 137ms
91ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e83941b7c3900f1b329dffbdc8ba18878081bfd6f55f4c9ddbee2e5534c5f165

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://struma.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 07:12:55 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30214
x-xss-protection: 0
server: cafe
etag: 672 / 19691 / m202311150101 / config-hash: 13453586915431125287
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 30 Nov 2023 07:12:55 GMT

GET
H2 200 867pkyah.go Show response
cdn.geozo.com/e4jl71219ivlm0p03yhq8678quv/ 78 KB
24 KB 102ms
27ms Script
application/javascript 172.255.141.121
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.geozo.com/e4jl71219ivlm0p03yhq8678quv/867pkyah.go
Requested by: Host: struma.bg
URL: https://struma.bg/%D0%BD%D1%81-%D1%80%D0%B5%D1%88%D0%B8-%D0%BD%D1%8F%D0%BC%D0%B0-%D0%B4%D0%B0-%D0%B8%D0%BC%D0%B0-%D0%BA%D0%BE%D0%BC%D0%B8%D1%81%D0%B8%D1%8F-%D0%B7%D0%B0-%D1%80%D0%B0%D0%B7%D1%81%D0%BB%D0%B5%D0%B4%D0%B2/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 172.255.141.121 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx/1.20.2 /
Resource Hash: f245103ef4c09ad72c218711806e22380e1d107fa89a8241c8deca2d60cc21fb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://struma.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 07:12:55 GMT
content-encoding: gzip
last-modified: Fri, 10 Nov 2023 07:02:07 GMT
server: nginx/1.20.2
etag: "654dd56f-5f9a"
content-type: application/javascript; charset=utf-8
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
content-length: 24474

GET
H3 200 index.js Show response
struma.bg/wp-content/plugins/contact-form-7/includes/swv/js/ 11 KB
4 KB 61ms
61ms Script
application/javascript 2606:4700:3035::6815:3627
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://struma.bg/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.8.1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::6815:3627 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5fe46d2da01452067736578431f6c6e8116a24e616f58c72d9d81fdb2c7c9569

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://struma.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 07:12:55 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2829
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-served-by: struma.bg
referrer-policy: strict-origin
cf-bgj: minify
last-modified: Fri, 29 Sep 2023 08:34:42 GMT
server: cloudflare
etag: W/"65168c22-2a12"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CLfH5gahgyhIx4zE1Gi2yRxrIULCAPjzEz6hj%2BEsnPiSvn6g%2F4HImKGl7K009D%2BbBBbI%2FIQqqqXjgpl53DzkoJgc8ujuOulXcknGdGyQneCzqPXi7yZq0NvGA2v2ciT%2F6ha1fObV4Ck%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
vary: Accept-Encoding
cache-control: max-age=31536000
permissions-policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
cf-ray: 82e148eac8fa9183-FRA

GET
H3 200 index.js Show response
struma.bg/wp-content/plugins/contact-form-7/includes/js/ 13 KB
5 KB 42ms
37ms Script
application/javascript 2606:4700:3035::6815:3627
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://struma.bg/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.8.1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::6815:3627 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1060091178cbd6c843b802f516f230f1a3a1e85f1afbd6ef84d80e5430ba457e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://struma.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 07:12:55 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2828
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
cf-bgj: minify
last-modified: Fri, 29 Sep 2023 08:34:42 GMT
server: cloudflare
etag: W/"65168c22-328f"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LHlYl8YLTRt8fQd%2FZ%2B7d5WAT2yAxVLFkUk85KKldnXDfkCNnmJALkCgfEdofNNq8kAbZeJ4oPHaAFbOTuONqBiyEuU8GpLepj8pymHw2%2B3YcmZyfugFcP8aTXglng3t3tgesZSesw8s%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
vary: Accept-Encoding
cache-control: max-age=31536000
permissions-policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
cf-ray: 82e148eac8ff9183-FRA

GET
H3 200 custom.js Show response
struma.bg/wp-content/themes/child-theme/ 0
682 B 43ms
39ms Script
application/javascript 2606:4700:3035::6815:3627
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://struma.bg/wp-content/themes/child-theme/custom.js?ver=1.0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::6815:3627 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://struma.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 07:12:55 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4235
alt-svc: h3=":443"; ma=86400
content-length: 0
x-xss-protection: 1; mode=block
x-served-by: struma.bg
referrer-policy: strict-origin
cf-bgj: minify
last-modified: Sat, 13 Mar 2021 23:49:02 GMT
server: cloudflare
etag: "604d4f6e-0"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R2rBNuZTLKEaItuy6hxxptKh9ilG%2BOAYB03%2Fy%2FG%2F6lJjyEJfuTriQF9fmFdlrq6gns%2Fx8tYS924qJbEkZCF5ux6alKyMxtqSHxyKAAWiOxTfR5xkqxGXp%2FQPMVmAwiKmKdlADXtkuxc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
vary: Accept-Encoding
cache-control: max-age=31536000
permissions-policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
accept-ranges: bytes
cf-ray: 82e148eac9029183-FRA

GET
H3 200 main.js Show response
struma.bg/wp-content/themes/multinews/js/ 71 KB
22 KB 44ms
39ms Script
application/javascript 2606:4700:3035::6815:3627
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://struma.bg/wp-content/themes/multinews/js/main.js?ver=1.0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::6815:3627 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

da0be5acae24b3e6aa1913634ffa3dfffdd57d37291d385104e2dbdfd6b102cd

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://struma.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 07:12:55 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1176
cf-polished: origSize=86271
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-served-by: struma.bg
referrer-policy: strict-origin
cf-bgj: minify
last-modified: Sat, 13 Mar 2021 23:47:56 GMT
server: cloudflare
etag: W/"604d4f2c-150ff"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PJVvPTa6piKFFLB04A1KAxK9MJwkXfmEI6%2F5iQRgFx%2BQxT%2F8wuWirjr6H81tzH8p9mXzdn3NZDXP7jXffbdfebCEQOpcxEyT3XBTHZp2Xd1ytpDB7NlI8vvHenXMlhU6l2QkWjhx0eY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
vary: Accept-Encoding
cache-control: max-age=31536000
permissions-policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
cf-ray: 82e148eac9039183-FRA

GET
H3 200 plugins.min.js Show response
struma.bg/wp-content/themes/multinews/js/ 111 KB
35 KB 63ms
59ms Script
application/javascript 2606:4700:3035::6815:3627
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://struma.bg/wp-content/themes/multinews/js/plugins.min.js?ver=1.0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::6815:3627 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

330cff91555f186b8a8ecf86b23243c8dff0feea094f2504b385996add1e6ca9

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://struma.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 07:12:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6389
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-served-by: struma.bg
referrer-policy: strict-origin
last-modified: Sat, 13 Mar 2021 23:47:56 GMT
server: cloudflare
etag: W/"604d4f2c-1bce7"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n7CBFVt8ug81pHZVkdeCtqAcSz%2B%2BpH9ziEQXn1SfYZ1Jsrs4hi89LemT5xgREV8vGLg8zvkaW1qY%2FhEXIQ8pBB5mQFXwieGPDHS4uC%2BFV1gcWGecQ7Ux2K2wb26HnioDGjH05iFepUM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
vary: Accept-Encoding
cache-control: max-age=31536000
permissions-policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
cf-ray: 82e148eac9049183-FRA

GET
H3 200 comment-reply.min.js Show response
struma.bg/wp-includes/js/ 3 KB
2 KB 85ms
81ms Script
application/javascript 2606:4700:3035::6815:3627
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://struma.bg/wp-includes/js/comment-reply.min.js?ver=be3a4d2f85a48f3c1181732f270d88ae

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::6815:3627 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://struma.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 07:12:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: HIT
age: 6389
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Mon, 30 May 2022 23:47:55 GMT
server: cloudflare
etag: W/"629557ab-ba5"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B09Fzgk1TknV0xSIw8r6VltzGSSuOhOGjO3E6J6%2FSB5BfNkCV3E8%2F4G4qrp9UProlv0H9IyFGc0S5GTBIm9EK%2BP3hj7tW6hpbfwM9UzwtSqKOEzrnV7wkbK40g8TQkmZukgHGvouPBg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
vary: Accept-Encoding
cache-control: max-age=31536000
permissions-policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
cf-ray: 82e148eac9059183-FRA

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 1 KB
1 KB 82ms
31ms Script
text/javascript 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=6LckjIcUAAAAABhBn78wLQqK_K4srbDs5rQTxiZN&ver=3.0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

9e580a05bf8748792899a71d4b03e3c0c1cfc9b3b3655d76de111e9b606a202b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://struma.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 07:12:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Thu, 30 Nov 2023 07:12:55 GMT

GET
H3 200 wp-polyfill-inert.min.js Show response
struma.bg/wp-includes/js/dist/vendor/ 8 KB
3 KB 89ms
85ms Script
application/javascript 2606:4700:3035::6815:3627
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://struma.bg/wp-includes/js/dist/vendor/wp-polyfill-inert.min.js?ver=3.1.2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::6815:3627 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c1a9a3e223bad631dff12d33b5499eb145cb08d8621c20d9d73870e78d97afe4

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://struma.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 07:12:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: HIT
age: 6389
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Tue, 23 May 2023 18:10:07 GMT
server: cloudflare
etag: W/"646d017f-1feb"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QTMJb9d2FB0%2FXpH8BsTJkmeKxHXh5s2Sh%2Fknx%2FTQCGKDUnis46GdAbVm8wtFsvP8C723JRKCzJMsBA9oJ8NqLlDxtLKfTCSzXYl015iYblWtyYQovmwiYtoLB7B0ZyVj9Y1BBHs%2FfPQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
vary: Accept-Encoding
cache-control: max-age=31536000
permissions-policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
cf-ray: 82e148eac9069183-FRA

GET
H3 200 regenerator-runtime.min.js Show response
struma.bg/wp-includes/js/dist/vendor/ 6 KB
3 KB 90ms
86ms Script
application/javascript 2606:4700:3035::6815:3627
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://struma.bg/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.11

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::6815:3627 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6974bfd8fa06b7831f05cb4b25860c851a5ad3f02a6699ebe688987dd7a6ebe6

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://struma.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 07:12:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6389
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-served-by: struma.bg
referrer-policy: strict-origin
last-modified: Tue, 23 May 2023 18:10:07 GMT
server: cloudflare
etag: W/"646d017f-19cf"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NLyrriJEAEgs6SjNySOKK%2FC4HAYGIGJeX6OG8zowYekMCFKFfnIkCgwdCOJg21PcpdPCfBwh7WcA%2BiBjF7du78REcVfBGew7iYFm5Tt6%2FiOlWwCKmJdr4DSj3Kj0maXSbeQ%2BNpWzlig%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
vary: Accept-Encoding
cache-control: max-age=31536000
permissions-policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
cf-ray: 82e148eac9079183-FRA

GET
H3 200 wp-polyfill.min.js Show response
struma.bg/wp-includes/js/dist/vendor/ 16 KB
7 KB 91ms
87ms Script
application/javascript 2606:4700:3035::6815:3627
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://struma.bg/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::6815:3627 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4c0ced2cb3830d045cdd74f745fd4d6dcb082d8edd3a9fe46e39295e30cb8032

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://struma.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 07:12:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6389
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-served-by: struma.bg
referrer-policy: strict-origin
last-modified: Tue, 29 Aug 2023 20:07:47 GMT
server: cloudflare
etag: W/"64ee5013-3f12"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w752Zplx2NDxwd%2B9HAAcmBTjpHlcp7Hg0PJmxq%2BPkYzyAX1gGT55paur%2B5VSuSYsXEW8QcVuh9WM0QgpPMDR3AdT4U13DI5dXVT985iJzCrQSKE8R8JVaEsrJXJFc%2BdT5%2FlpJhERcZQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
vary: Accept-Encoding
cache-control: max-age=31536000
permissions-policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
cf-ray: 82e148eac9089183-FRA

GET
H3 200 index.js Show response
struma.bg/wp-content/plugins/contact-form-7/modules/recaptcha/ 991 B
1 KB 99ms
95ms Script
application/javascript 2606:4700:3035::6815:3627
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://struma.bg/wp-content/plugins/contact-form-7/modules/recaptcha/index.js?ver=5.8.1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::6815:3627 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4f26e74a5392e23175b93e81e7b642e02c20d3ca132207dc7f00abfb7dae2b6d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://struma.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 07:12:55 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6389
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
cf-bgj: minify
last-modified: Fri, 29 Sep 2023 08:34:42 GMT
server: cloudflare
etag: W/"65168c22-3df"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ROP0UXQTq6koCyuFJBm%2FeDnjFSWhdpLpwZT5Qf8gM%2Fh9%2FGFKjzvh67VGZZQ1bbJxgQzHAL%2Bx%2FSv0UJcpsXptpDOmYiyC9XNIoC%2B%2FgrnFITVC38WTaoQ%2FK2ronM2FrdBhRg2OfwK4kQE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
vary: Accept-Encoding
cache-control: max-age=31536000
permissions-policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
cf-ray: 82e148eac9099183-FRA

GET
H3 200 inview.js Show response
struma.bg/wp-content/themes/multinews/framework/shortcodes/editor/assets/js/ 1 KB
1 KB 100ms
96ms Script
application/javascript 2606:4700:3035::6815:3627
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://struma.bg/wp-content/themes/multinews/framework/shortcodes/editor/assets/js/inview.js?ver=2.1.1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::6815:3627 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5a3535bf9c68a69732cec8f625abb8a79db09a0466d0793f491a9193710aff92

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://struma.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 07:12:55 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6389
cf-polished: origSize=1439
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-served-by: struma.bg
referrer-policy: strict-origin
cf-bgj: minify
last-modified: Sat, 13 Mar 2021 23:48:54 GMT
server: cloudflare
etag: W/"604d4f66-59f"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fRJ1PGV%2Bq3hZPG%2B%2BxDoRYpo7tDiWjpmWNcQ89%2B%2B9VfkmDG428T3MmaULfdBTsZA3%2BmHONpkUewmOtLrQDXi9V%2FzrJBBc2xg3F5r%2Fh9KhJj09Z6PuyJNrUy%2BNB799rIHeTACOadm4irw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
vary: Accept-Encoding
cache-control: max-age=31536000
permissions-policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
cf-ray: 82e148eac90c9183-FRA

GET
H3 200 akismet-frontend.js Show response
struma.bg/wp-content/plugins/akismet/_inc/ 6 KB
2 KB 152ms
150ms Script
application/javascript 2606:4700:3035::6815:3627
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://struma.bg/wp-content/plugins/akismet/_inc/akismet-frontend.js?ver=1694763344

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::6815:3627 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a88ba0b09a4416c080044dc095eabf66ca59e4d12a1d6201457b693687be85d3

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://struma.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 07:12:55 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6389
cf-polished: origSize=10733
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
cf-bgj: minify
last-modified: Fri, 15 Sep 2023 07:35:44 GMT
server: cloudflare
etag: W/"65040950-29ed"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h%2Bsc65CA8Bbtd%2BU8HvQrJHamyp9iofxcSm%2FZP4%2FmAx5Ss%2F%2BHyFIHmn3XRJQXvhjTns%2BL4vB%2FdAU4UaD8f49Ih%2BXQ0iEUBrQu5iWExil5oUj6%2FOLSWMp4hWTfINHtVD11GK7WdDFmh8o%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
vary: Accept-Encoding
cache-control: max-age=31536000
permissions-policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
cf-ray: 82e148eac9359183-FRA

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 240 KB
83 KB 101ms
55ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-XGPPP9DSRW

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

75af868a8f2ae6a486b10397978544c7b2b607a39e791da1355f8be7944760b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://struma.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 07:12:55 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 85129
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 30 Nov 2023 07:12:55 GMT

GET
H2 200 adv_out.js Show response
st-n.ads3-adnow.com/js/ 86 KB
33 KB 83ms
33ms Script
application/javascript 2a03:90c0:41:2801::62
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://st-n.ads3-adnow.com/js/adv_out.js
Requested by: Host: struma.bg
URL: https://struma.bg/%D0%BD%D1%81-%D1%80%D0%B5%D1%88%D0%B8-%D0%BD%D1%8F%D0%BC%D0%B0-%D0%B4%D0%B0-%D0%B8%D0%BC%D0%B0-%D0%BA%D0%BE%D0%BC%D0%B8%D1%81%D0%B8%D1%8F-%D0%B7%D0%B0-%D1%80%D0%B0%D0%B7%D1%81%D0%BB%D0%B5%D0%B4%D0%B2/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: d76535ab07df1120bfada6d12d72c8c1f46cbe4bc32d4c84d3c26af0656a8da5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://struma.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-id: fr5-hw-edge-gc22
date: Thu, 30 Nov 2023 07:12:55 GMT
content-encoding: gzip
last-modified: Tue, 28 Nov 2023 09:46:11 GMT
server: nginx
etag: W/"6565b6e3-15946"
content-type: application/javascript
cache-control: max-age=60
cache: REVALIDATED
x-id-fe: fr5-hw-edge-gc22
expires: Thu, 30 Nov 2023 07:13:55 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 112 KB
44 KB 76ms
30ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-N8QF3FS

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

39cc61de7585bf7118a02407ae9937489452bdf141650c6bf221d545000e8010

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://struma.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 07:12:55 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44295
x-xss-protection: 0
last-modified: Thu, 30 Nov 2023 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 30 Nov 2023 07:12:55 GMT

GET
H3 200 struma_logo.jpg
struma.bg/wp-content/uploads/2016/12/ 12 KB
13 KB 153ms
152ms Image
image/jpeg 2606:4700:3035::6815:3627
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://struma.bg/wp-content/uploads/2016/12/struma_logo.jpg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::6815:3627 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c6208f9f9c9140070737c49b2a89d2290d37a58ca4571cdfdbcf5bce60bf4b57

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://struma.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 07:12:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 857
alt-svc: h3=":443"; ma=86400
content-length: 12464
x-xss-protection: 1; mode=block
x-served-by: struma.bg
referrer-policy: strict-origin
last-modified: Tue, 21 Feb 2017 16:21:17 GMT
server: cloudflare
etag: "58ac68fd-30b0"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mYbaL35hqcUEqqEKwkuQ6%2BLC5n78CjsHZ14w9%2FqTtISwfKG4Vy5AyY1UnspFlHTOp0OVx%2FySnap8JR1icNOsJxIh38e%2BtwYRAAW0ti9yV9f0xPM0xOEhlj8XnO%2F7tIzAHTm4Of6bvcU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: max-age=31536000
permissions-policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
accept-ranges: bytes
cf-ray: 82e148eac9389183-FRA

GET
H3 200 marchBG1.jpg
struma.bg/wp-content/uploads/2016/12/ 117 KB
118 KB 150ms
149ms Image
image/jpeg 2606:4700:3035::6815:3627
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://struma.bg/wp-content/uploads/2016/12/marchBG1.jpg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::6815:3627 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

90723d7ef2fa61619db4e555791dc593fbe4c2d96c8ca61a2157743a67728718

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://struma.bg/%D0%BD%D1%81-%D1%80%D0%B5%D1%88%D0%B8-%D0%BD%D1%8F%D0%BC%D0%B0-%D0%B4%D0%B0-%D0%B8%D0%BC%D0%B0-%D0%BA%D0%BE%D0%BC%D0%B8%D1%81%D0%B8%D1%8F-%D0%B7%D0%B0-%D1%80%D0%B0%D0%B7%D1%81%D0%BB%D0%B5%D0%B4%D0%B2/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 07:12:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6756
alt-svc: h3=":443"; ma=86400
content-length: 119711
x-xss-protection: 1; mode=block
x-served-by: struma.bg
referrer-policy: strict-origin
last-modified: Sun, 12 Feb 2017 00:37:25 GMT
server: cloudflare
etag: "589fae45-1d39f"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ukf4nL5XgofiOL9KZlLwhNTHaZ3tNZzi81Cjun3XyBOsshv1G7FqW6qYwDvFWhxkG6pOUTFkSOSW3nZHkPX87gnES9UljkqWMeXZDnTiJORIIdZu1IaUTAyAy3lKVw7s8zNnq%2BpDhdw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: max-age=31536000
permissions-policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
accept-ranges: bytes
cf-ray: 82e148eac9399183-FRA

GET
H3 200 momizat.ttf
struma.bg/wp-content/themes/multinews/fonts/icons/momizat/ 102 KB
103 KB 151ms
151ms Font
application/octet-stream 2606:4700:3035::6815:3627
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://struma.bg/wp-content/themes/multinews/fonts/icons/momizat/momizat.ttf

Requested by

Host: struma.bg
URL: https://struma.bg/wp-content/themes/multinews/css/plugins.css?ver=be3a4d2f85a48f3c1181732f270d88ae

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::6815:3627 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d0a501ed83bd8f764098cc94b5ba3007948b9454ecd2eef8748c3db7c0b6da00

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://struma.bg/
Origin: https://struma.bg
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 07:12:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6389
alt-svc: h3=":443"; ma=86400
content-length: 104264
x-xss-protection: 1; mode=block
x-served-by: struma.bg
referrer-policy: strict-origin
last-modified: Sat, 13 Mar 2021 23:47:56 GMT
server: cloudflare
etag: "604d4f2c-19748"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r%2F%2FVNvTYixITxQUB1cvmgnQzgRgNZETBew%2Bk2qEAJa62d42niT6tnRwNq75uVF%2Bdim8syCT8f9COJe1Z8Rhrh5xu6fvfZNGSg1twtjMdWDIqid%2BUOegEJ7RBaEh6Qf6AzEM%2FHKSgidI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
vary: Accept-Encoding
cache-control: max-age=31536000
permissions-policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
accept-ranges: bytes
cf-ray: 82e148eac93a9183-FRA

GET
H3 200 brankic.ttf
struma.bg/wp-content/themes/multinews/fonts/icons/brankic/ 104 KB
104 KB 153ms
153ms Font
application/octet-stream 2606:4700:3035::6815:3627
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://struma.bg/wp-content/themes/multinews/fonts/icons/brankic/brankic.ttf

Requested by

Host: struma.bg
URL: https://struma.bg/wp-content/themes/multinews/css/plugins.css?ver=be3a4d2f85a48f3c1181732f270d88ae

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::6815:3627 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aba44191715b5ddff9bcf2b98962dce2882e71b1f63305c7dbdf8375164dab44

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://struma.bg/
Origin: https://struma.bg
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 07:12:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1176
alt-svc: h3=":443"; ma=86400
content-length: 106156
x-xss-protection: 1; mode=block
x-served-by: struma.bg
referrer-policy: strict-origin
last-modified: Sat, 13 Mar 2021 23:47:58 GMT
server: cloudflare
etag: "604d4f2e-19eac"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ppgOMP8TtXaXaLJ7UxH%2Bp3%2BwxbNUn5bqkP6VNN%2F4jx8dnCuFwLiXRTlz1ynQAuakQBqUUHSo1KgpiAAvbXRw1g1%2B5NNDJgJsvdHFnOPnDaCgkS2Gw62utexyUC8rWOr0rPAEnMVd%2BA4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
vary: Accept-Encoding
cache-control: max-age=31536000
permissions-policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
accept-ranges: bytes
cf-ray: 82e148eac93d9183-FRA

GET
H3 200 enotype.ttf
struma.bg/wp-content/themes/multinews/fonts/icons/enotype/ 61 KB
62 KB 155ms
155ms Font
application/octet-stream 2606:4700:3035::6815:3627
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://struma.bg/wp-content/themes/multinews/fonts/icons/enotype/enotype.ttf

Requested by

Host: struma.bg
URL: https://struma.bg/wp-content/themes/multinews/css/plugins.css?ver=be3a4d2f85a48f3c1181732f270d88ae

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::6815:3627 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

941c246131068bb2134dce6134d70142c0847c48b8218f051ff178105774cbfc

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://struma.bg/
Origin: https://struma.bg
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 07:12:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1176
alt-svc: h3=":443"; ma=86400
content-length: 62900
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Sat, 13 Mar 2021 23:47:58 GMT
server: cloudflare
etag: "604d4f2e-f5b4"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oSYYV%2FtqAMX6UeVHBLzZSCBkk%2FLx8Quh3xGnITbKJNrcB%2F5tdDwVKndxvmVw8oNPsF%2Fxnp%2BOtLx%2B3kqYxGXbNuJ%2B1Q67twQk14n2jRPTsRmvk4v4WauciXsLWF%2BGhOfsgnnRp0U%2Bhmw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
vary: Accept-Encoding
cache-control: max-age=31536000
permissions-policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
accept-ranges: bytes
cf-ray: 82e148eac93e9183-FRA

GET
H3 200 fontawesome-webfont.woff2
struma.bg/wp-content/themes/multinews/fonts/icons/fa/ 65 KB
66 KB 156ms
156ms Font
application/octet-stream 2606:4700:3035::6815:3627
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://struma.bg/wp-content/themes/multinews/fonts/icons/fa/fontawesome-webfont.woff2?v=4.4.0

Requested by

Host: struma.bg
URL: https://struma.bg/wp-content/themes/multinews/css/plugins.css?ver=be3a4d2f85a48f3c1181732f270d88ae

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::6815:3627 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://struma.bg/
Origin: https://struma.bg
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 07:12:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1176
alt-svc: h3=":443"; ma=86400
content-length: 66624
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Sat, 13 Mar 2021 23:47:58 GMT
server: cloudflare
etag: "604d4f2e-10440"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6lZ%2BlL2NM5MyXbZoJ9hjbh8jacMTu7tsiIE6BgkRwMS4qHC9cxjFAj2Po3gO6Ih4oSGAPjSM152qhE2JNYQbUCSF4P4OEK69R7YVfLeLKCX78iHi6vN2neNtQOvc4dPe0A%2BU%2FzdS%2F6U%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
vary: Accept-Encoding
cache-control: max-age=31536000
permissions-policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
accept-ranges: bytes
cf-ray: 82e148eac9409183-FRA

GET
H3 200 date.html Show response
struma.bg/ Frame ADBD 4 KB
2 KB 133ms
133ms Document
text/html 2606:4700:3035::6815:3627
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://struma.bg/date.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::6815:3627 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

66b0257c1af0e91ae349f79cfe1208550c79d0794c481e959109a64f31c5ea1a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://struma.bg/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 82e148eaf9799183-FRA
content-encoding: br
content-security-policy: upgrade-insecure-requests
content-type: text/html
date: Thu, 30 Nov 2023 07:12:55 GMT
last-modified: Mon, 13 Feb 2023 09:10:59 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
permissions-policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
referrer-policy: strict-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CxlEjtoMKq%2BOrF7zk%2B5UGGzqCldoMwOUhPZdJP8W5eA0F7wttKmGvBN2U72zLd2GhSPdyabdHCyb9%2FUHIPgFY6cdc%2BkaAfv7wXPsGmgjgsBXYIUmhYHk4A6Xr9SD7f%2Fi6YmfZzPYdMA%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-served-by: struma.bg
x-xss-protection: 1; mode=block

GET
H2 200 d36d0936f0c839be7bf2b20d59eaa76d.js Show response
scripts.cleverwebserver.com/ 131 KB
47 KB 261ms
218ms Script
application/javascript 2606:4700:4400::ac40:919c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://scripts.cleverwebserver.com/d36d0936f0c839be7bf2b20d59eaa76d.js
Requested by: Host: struma.bg
URL: https://struma.bg/%D0%BD%D1%81-%D1%80%D0%B5%D1%88%D0%B8-%D0%BD%D1%8F%D0%BC%D0%B0-%D0%B4%D0%B0-%D0%B8%D0%BC%D0%B0-%D0%BA%D0%BE%D0%BC%D0%B8%D1%81%D0%B8%D1%8F-%D0%B7%D0%B0-%D1%80%D0%B0%D0%B7%D1%81%D0%BB%D0%B5%D0%B4%D0%B2/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:919c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f1d9cbf9155c0437e76b645310d963f967326a0de3ce2060f76ee70f9ab4be28

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://struma.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 07:12:55 GMT
x-amz-version-id: 0QrWY3OkWiJLz7fc7l4gr1cW7SGqTBKz
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 27 Nov 2023 15:22:21 GMT
server: cloudflare
x-amz-request-id: Z9160FAA6W4PK0AW
etag: W/"05a48957e1267b588849d74b9d7d186e"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=1800
cf-ray: 82e148eb4bad9131-FRA
x-amz-id-2: 6RifVu/xxJnTx55aShj/IfZ20XCkzgYH457QC+gO22eaKIqLxJ2peDuUoVqTR/KIWCUZHxGLZBU=
expires: Thu, 30 Nov 2023 07:42:55 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 150 KB
52 KB 140ms
140ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4ee5c41793a24742a7d8177cb2e31be8b5954c629de369817b1250b257a55d26

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://struma.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 07:12:55 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52751
x-xss-protection: 0
server: cafe
etag: 13051311838572307959
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 30 Nov 2023 07:12:55 GMT

GET
H2 200 likebox.php Show response
www.facebook.com/plugins/ Frame CADC 37 KB
12 KB 231ms
179ms Document
text/html 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/likebox.php?href=https://www.facebook.com/pages/Strumabg/381955041882220&width=335&height=218&colorscheme=light&show_faces=true&show_border=false&stream=false&header=false

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3360cb92daceed3120a0ab9bf0e5af602870bd57c2553f935bfca2ee3a6bfb5f

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://struma.bg/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: br
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Thu, 30 Nov 2023 07:12:55 GMT
document-policy: force-load-at-top
expires: Sat, 01 Jan 2000 00:00:00 GMT
origin-agent-cluster: ?0
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), geolocation=(self), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), payment=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), usb=(), window-management=()
permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
pragma: no-cache
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
reporting-endpoints: default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-fb-debug: 7dWaHNSS+zKq53ERZkE+J25QkK8r7B2097OWHE+vAXF9UBRK/BXR/KswT2d7GIN6FxeicntjdKqTMB8T59Sudg==
x-xss-protection: 0

GET
H2 200 likebox.php Show response
www.facebook.com/plugins/ Frame AAFA 36 KB
14 KB 212ms
161ms Document
text/html 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/likebox.php?href=http://www.facebook.com/pages/Strumabg/381955041882220&width=335&height=100&colorscheme=light&show_faces=false&show_border=false&stream=false&header=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c89e162e72c692221d5255fa86fcd954e23f1c6e04be44160018db40eb542113

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://struma.bg/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: br
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Thu, 30 Nov 2023 07:12:55 GMT
document-policy: force-load-at-top
expires: Sat, 01 Jan 2000 00:00:00 GMT
origin-agent-cluster: ?0
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), gamepad=(self), geolocation=(self), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), payment=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), usb=(), window-management=()
permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
pragma: no-cache
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
reporting-endpoints: default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-fb-debug: MEym9WK52N4DpLj5KGc9XrXg+gsoBR5DqHvkQic3LlCR8qHc0q6Xuk5GzMZ2Rheft0rRn4MUtHKnUDe7+zW3+g==
x-xss-protection: 0

GET
H3 200 i1-3_baikushev_metodi_result-81x55.gif
struma.bg/wp-content/uploads/2023/11/ 3 KB
4 KB 129ms
127ms Image
image/gif 2606:4700:3035::6815:3627
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://struma.bg/wp-content/uploads/2023/11/i1-3_baikushev_metodi_result-81x55.gif

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::6815:3627 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cf583db8344e9a581c1ab3183d073cc80f32bae519f94595323af9f827a0ac6a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://struma.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 07:12:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 392
alt-svc: h3=":443"; ma=86400
content-length: 3389
x-xss-protection: 1; mode=block
x-served-by: struma.bg
referrer-policy: strict-origin
last-modified: Wed, 29 Nov 2023 17:18:21 GMT
server: cloudflare
etag: "6567725d-d3d"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GjoccdzNF%2FVPuHbZcyx4%2F%2BY8kWdpaww913MAM68o%2BpPEae8ADKgpMuPbZERVkK%2FKX%2B6aVju3Fo67ZwJN%2B0ib8CJUrMra89gAwe2FefiFuCRtHHCLFduUlT8lZB6j5g04zJQjqLI9F3E%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
vary: Accept-Encoding
cache-control: max-age=31536000
permissions-policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
accept-ranges: bytes
cf-ray: 82e148eb09869183-FRA

GET
H3 200 294x140_1701277617-81x55.jpg
struma.bg/wp-content/uploads/2023/11/ 2 KB
3 KB 130ms
128ms Image
image/jpeg 2606:4700:3035::6815:3627
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://struma.bg/wp-content/uploads/2023/11/294x140_1701277617-81x55.jpg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::6815:3627 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

efab51eff2a621c2155475f63f0f71816f5ac41b91d611c68b341ace6ec5b663

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://struma.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 07:12:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1575
alt-svc: h3=":443"; ma=86400
content-length: 2252
x-xss-protection: 1; mode=block
x-served-by: struma.bg
referrer-policy: strict-origin
last-modified: Thu, 30 Nov 2023 06:18:45 GMT
server: cloudflare
etag: "65682945-8cc"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=taEfb%2BvRmnB4HF9evvKNGjIC1gk3fb5xkWMkulXIFI64qbzSPR4QgbETPgKWenbpkJT4X4RegbSFEl6QgHxvkt9VlatiMKoPGfhRsgISp3%2BEM3kgdqE0HJDyiaMHsOcuazJKK%2Fyqwas%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: max-age=31536000
permissions-policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
accept-ranges: bytes
cf-ray: 82e148eb09879183-FRA

GET
H3 200 COVID19-1-81x55.jpg
struma.bg/wp-content/uploads/2023/11/ 2 KB
3 KB 130ms
129ms Image
image/jpeg 2606:4700:3035::6815:3627
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://struma.bg/wp-content/uploads/2023/11/COVID19-1-81x55.jpg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::6815:3627 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b70e40d8a689b820544e9a8c25999c929c00b055bd724e22da96df740a15d82f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://struma.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 07:12:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 392
alt-svc: h3=":443"; ma=86400
content-length: 2047
x-xss-protection: 1; mode=block
x-served-by: struma.bg
referrer-policy: strict-origin
last-modified: Thu, 30 Nov 2023 06:05:49 GMT
server: cloudflare
etag: "6568263d-7ff"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5GNy5JQ9Xcdyjms%2BqoJ%2B9rfsakNq9hv77VtPupYLL8XbzVzhb9whLkAxejDBH%2F45oFuSlfu1cjnobeXtehGFhla40tjWrNmvA8vn0dZfOVPE5Cp8NnYoyWu3gAEXJJmCg%2BUZt%2Fep1AA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: max-age=31536000
permissions-policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
accept-ranges: bytes
cf-ray: 82e148eb09889183-FRA

GET
H2 200 a Show response
n.ads1-adnow.com/ 75 KB
18 KB 323ms
270ms Script
text/javascript 31.172.81.226
DE-FIRSTCOLO www....

General

Check archive.org

Show headers Download Go to

Full URL: https://n.ads1-adnow.com/a?Id=131492&uid=ssp-4fd683a9-b0c0-0557-eb2b-eb2b-4009e7b0e9&sync=0&hours=8&ajax=0&domain=n.ads1-adnow.com&unq=1&show_num=1&click_num=0&cookies=1&_c=e30%3D&RNum=2774&docurl_=aHV2c3c_NTZ7fXzCgHluPHF3QDdXRDpYWz1dS0BUTktEZFJHW1RKaldNa19QcF5TZ2hWdmNZd25kXX1qYH7CgWPCg3FmesKJacKJdmzCisKMb8KPfHLCkH99dsKWwoN5wpfCinzCnMKJf8KdwozCisKDwqPCkMKGwqTCm8KJwqnClsKMwqrCrMKPwq_CnMKSwrDCn8KdwpbCtsKjwpnCt8K3wpzCvMKpwp_CvcOBwqLDgsKvwqXDg8OFwqjDiMK1wqvDicOAwq7DjsK8wrHDhcK_wrTDlMOBwrfDlcOMwrrDmsOIwr3DkcOgw4jDgcOhw47DhMOiw5jDh8Onw5TDisOow5fDlcOOw67DnMORw6XDnsOUw7TDocOXw7XDpMOaw7rDp8Odw7vDscOgxIDDrsOjw7fDscOmxIbDs8OpxIfEiMOsxIzDucOvxI3EgcOyxJLDv8O1xJPEhsO4xJjEhcO7xJnEisSI&client_info=eyJ3aW4iOnsidyI6MTYwMCwiaCI6MTIwMH0sInNjcmVlbiI6eyJ3aWR0aCI6MTYwMCwiaGVpZ2h0IjoxMjAwLCJjb2xvckRlcHRoIjoyNCwicGl4ZWxEZXB0aCI6MjR9LCJuYXZpZ2F0b3IiOnsibGFuZ3VhZ2UiOiJlbi1VUyIsImJyb3dzZXJMYW5ndWFnZSI6IiIsInN5c3RlbUxhbmd1YWdlIjoiIiwidXNlckxhbmd1YWdlIjoiIiwicGxhdGZvcm0iOiJXaW4zMiIsInZlbmRvciI6Ikdvb2dsZSBJbmMuIiwidGltZVpvbmUiOjEsImRhdGUiOiIyMDIzLTExLTMwVDA3OjEyOjU1LjUwOFoiLCJob3VyIjo4LCJ3aWR0aCI6MTYwMCwiaGVpZ2h0IjoxMjAwLCJwbHVnaW5zIjpbIkNocm9tZSBQREYgUGx1Z2luIiwiQ2hyb21lIFBERiBWaWV3ZXIiLCJOYXRpdmUgQ2xpZW50Il0sImZsYXNoVmVyc2lvbiI6ZmFsc2UsImNvbm5lY3Rpb25UeXBlIjoidW5kZWYifX0%3D&doc_inf=eyJ0aXRsZSI6IiVEMCU5RCVEMCVBMSUyMCVEMSU4MCVEMCVCNSVEMSU4OCVEMCVCOCUzQSUyMCVEMCU5RCVEMSU4RiVEMCVCQyVEMCVCMCUyMCVEMCVCNCVEMCVCMCUyMCVEMCVCOCVEMCVCQyVEMCVCMCUyMCVEMCVCQSVEMCVCRSVEMCVCQyVEMCVCOCVEMSU4MSVEMCVCOCVEMSU4RiUyMCVEMCVCNyVEMCVCMCUyMCVEMSU4MCVEMCVCMCVEMCVCNyVEMSU4MSVEMCVCQiVEMCVCNSVEMCVCNCVEMCVCMiVEMCVCMCVEMCVCRCVEMCVCNSUyMCVEMCVCRCVEMCVCMCUyMCVEMCVCNyVEMCVCMCVEMCVCRiVEMCVCQiVEMCVCMCVEMSU4NSVEMCVCOCVEMSU4MiVEMCVCNSUyMCVEMSU4MSVEMSU4MCVEMCVCNSVEMSU4OSVEMSU4MyUyMCVEMCU5OSVEMCVCRSVEMCVCQiVEMCVCRSVEMCVCMiVEMSU4MSVEMCVCQSVEMCVCOCUyMCVFMiU4MCU5MyUyMCVEMCU5MiVEMCVCNSVEMSU4MSVEMSU4MiVEMCVCRCVEMCVCOCVEMCVCQSUyMCVEMCVBMSVEMCVBMiVEMCVBMCVEMCVBMyVEMCU5QyVEMCU5MCIsImRlc2NyaXB0aW9uIjoiIiwiY2hhclNldCI6IlVURi04In0%3D&set=e30%3D&ver=8&bln=0&bver=5&loc=https%3A%2F%2Fstruma.bg%2F%25D0%25BD%25D1%2581-%25D1%2580%25D0%25B5%25D1%2588%25D0%25B8-%25D0%25BD%25D1%258F%25D0%25BC%25D0%25B0-%25D0%25B4%25D0%25B0-%25D0%25B8%25D0%25BC%25D0%25B0-%25D0%25BA%25D0%25BE%25D0%25BC%25D0%25B8%25D1%2581%25D0%25B8%25D1%258F-%25D0%25B7%25D0%25B0-%25D1%2580%25D0%25B0%25D0%25B7%25D1%2581%25D0%25BB%25D0%25B5%25D0%25B4%25D0%25B2%2F
Requested by: Host: st-n.ads1-adnow.com
URL: https://st-n.ads1-adnow.com/js/a.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 31.172.81.226 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
Software: nginx/1.10.3 /
Resource Hash: aa15d448fae63e8a8214498df0b391537923f6f966f800b3c2e9e01190318832

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://struma.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 07:13:03 GMT
content-encoding: gzip
server: nginx/1.10.3
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/ 468 KB
188 KB 64ms
19ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6LckjIcUAAAAABhBn78wLQqK_K4srbDs5rQTxiZN&ver=3.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

983871cac9e719263fcecaa540c4e1597c8ece1805845830ec21fef0e71d9f88

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://struma.bg/
Origin: https://struma.bg
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 12:38:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 66880
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 192016
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 05:42:11 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 28 Nov 2024 12:38:15 GMT

GET
H3 200 struma.bg.1136859.es6.js Show response
jsc.adskeeper.com/s/t/ 312 KB
96 KB 248ms
226ms Script
text/javascript 2606:4700:4400::ac40:986a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.adskeeper.com/s/t/struma.bg.1136859.es6.js
Requested by: Host: jsc.adskeeper.com
URL: https://jsc.adskeeper.com/s/t/struma.bg.1136859.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:4400::ac40:986a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fc47ac1e50c7b9987c4463929ea31096b13d2820a127acb7e2c1c06c4dbfe34e

Request headers

Referer: https://struma.bg/
Origin: https://struma.bg
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 07:12:55 GMT
content-encoding: gzip
x-amz-version-id: TTvvOAYeeF2Un2ZVrm_2koqNseUjYfAB
cf-cache-status: REVALIDATED
x-amz-request-id: 5YSWZT6SD5BSD2JP
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
content-length: 98197
x-amz-id-2: /OX/jdbmO8CZvGBup8tw1IN9EBiypfE2ZZyFk+jgVDHcl+P+mSXH6Z+tXHSO4+Ht5xOsPEnA01A=
last-modified: Mon, 27 Nov 2023 10:47:52 GMT
server: cloudflare
etag: "ba77b7310b302ada78ef5ffdc67b0e98"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 82e148ec0f0f5b44-FRA
expires: Thu, 30 Nov 2023 11:12:55 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/bg_BG/ 3 KB
3 KB 60ms
20ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/bg_BG/sdk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c9f73c49899326294711de4465c97426b37e342a534080ee033547d527d92e69

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://struma.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 30 Nov 2023 07:12:55 GMT
content-md5: Aw9AvitCBbQDQNkpYy67ew==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1688
reporting-endpoints
x-fb-debug: XNQYWa94OdYy+URFfgHusiw1pRqY12y9meAOlwqG/6Jg0S/GkJEcwHQv82G8viNg8pybMYB+kv+oLEDTzgtPmQ==
x-fb-content-md5: 0d5db653cd215b372b437a63a1c72d07
cross-origin-opener-policy: same-origin-allow-popups
etag: "7929c5853422a79969663746e24d471a"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Thu, 30 Nov 2023 07:18:13 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 240 KB
83 KB 31ms
31ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-XGPPP9DSRW&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N8QF3FS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9132a81373d31ca0ab68687cd76bfc3a7f2e262e182c79fee62b3ecbff1e1c39

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://struma.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 07:12:55 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 85185
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 30 Nov 2023 07:12:55 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/ 431 KB
135 KB 19ms
17ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b033f59e4ffeaa6f3e4f2e839c035a14811d5469d3f772eda6056d7d5782c53f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://struma.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 20:18:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 39287
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 138149
x-xss-protection: 0
server: cafe
etag: 11558412289700915514
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Thu, 28 Nov 2024 20:18:08 GMT

GET
H3 200 wp-emoji-release.min.js Show response
struma.bg/wp-includes/js/ 18 KB
5 KB 28ms
28ms Script
application/javascript 2606:4700:3035::6815:3627
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://struma.bg/wp-includes/js/wp-emoji-release.min.js?ver=be3a4d2f85a48f3c1181732f270d88ae

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::6815:3627 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://struma.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 07:12:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: HIT
age: 1176
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Tue, 23 May 2023 18:10:07 GMT
server: cloudflare
etag: W/"646d017f-4904"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NUK2qE0EzAqGeoqil%2BQAh3aUr9FnfGUgpR4xYgGgqqWbv%2FYh2ybgKGZNjOfbI%2Bj0ORNOxT1mwTzWiYBSSBpXGWIF%2FaX8ISTXGtCx%2FIaBdgm1qjoUikBee6vKcDghKsYTSajilY7%2FKa8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
vary: Accept-Encoding
cache-control: max-age=31536000
permissions-policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
cf-ray: 82e148ec2acc9183-FRA

GET
H3

200

main.js Show response
struma.bg/cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/ Frame 54C7
Redirect Chain

https://struma.bg/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://struma.bg/cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/main.js

7 KB
4 KB

27ms
27ms

Script
application/javascript

2606:4700:3035::6815:3627
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://struma.bg/cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/main.js

Requested by

Protocol

Server

2606:4700:3035::6815:3627 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5330e3408a23abb0eaa204cb328183ed6781ca7c0e0350629454c170e15c033a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 07:12:55 GMT
content-encoding: br
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HKvrWSWUBT2FyQCw01TyMlCend5DJaMEbI74wc%2BpmWgZZ0Ntio0lImD2FnjP4JvLjL0ud4jDOgHuhfzsNXyyuwX3zrq4CcbRphky0PZi6PiLCXIlWuNM3MuA4QRKYXojvTfRUlD2OcY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 82e148ec9b729183-FRA
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Thu, 30 Nov 2023 07:12:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PVV%2FEwhZPMR%2Bh6%2By83KBvxu1J0le%2BnukrwF64yuzVoKK%2BsUEbU0nreMEj2CXJgnKDX8tI3w1ZJBsaAMKE6LSx9BBkwY6%2FTjKTO82BttXs%2FZH5GEgJyoC9iDXf%2FX2oE2IoHIvddMI7w8%3D"}],"group":"cf-nel","max_age":604800}
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/main.js
access-control-allow-origin: *
cache-control: max-age=300, public
cf-ray: 82e148ec2ad29183-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/ 397 KB
134 KB 80ms
79ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6644984847630508&plah=struma.bg

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

13b05ebed75e866c373f97e313031b9249f7dfa400646280636c7c422359bcbf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://struma.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 07:12:55 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 137281
x-xss-protection: 0
server: cafe
etag: 17625587354625887254
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 30 Nov 2023 07:12:55 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231128/r20190131/ Frame 046A 9 KB
4 KB 63ms
18ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231128/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9f6e245ec73203f99ecb888db309a2bdaf91f8696c1cebaa94e477a953fab30a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://struma.bg/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 24354
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4121
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 30 Nov 2023 00:27:01 GMT
etag: 12051592065903069241
expires: Thu, 14 Dec 2023 00:27:01 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

main.js Show response
struma.bg/cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/ Frame 46A5
Redirect Chain

https://struma.bg/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://struma.bg/cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/main.js

7 KB
4 KB

25ms
25ms

Script
application/javascript

2606:4700:3035::6815:3627
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://struma.bg/cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/main.js

Requested by

Protocol

Server

2606:4700:3035::6815:3627 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

51d6ff42b2e67ee804fe0013a703261074953d0c4287fa94096d07d843e9344b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 07:12:55 GMT
content-encoding: br
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fCbyRDUhlWN4VNbkrIAAg4rLrwjsyn6n1gOo%2FMtSiSkxcFPSIb6y9QvegNJqt5TD5JDdc4cdt%2BX6UvECDA%2BXuJ4%2FanLD83vGa6m6bddQI0Ujnmt%2FcJhQWd%2BkWRPZr2XKJMIDtf3g3pA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 82e148ecbb859183-FRA
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Thu, 30 Nov 2023 07:12:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KAg8Hkgv9nZnHFbjDQE1BqZBd0nNE9WJ1BrYy8%2FJB9GieIEVCsmZ4qdXWot9KEA5m%2F5rAXtirp4JPr6U7667gPDjaMDgquPDTv04JlwZ%2BKWSYM254bcv7hx%2FhkoOB2ZZjFz0FpfERT4%3D"}],"group":"cf-nel","max_age":604800}
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/main.js
access-control-allow-origin: *
cache-control: max-age=300, public
cf-ray: 82e148ec5b0d9183-FRA
alt-svc: h3=":443"; ma=86400

POST
H2 204 collect
region1.google-analytics.com/g/ 0
241 B 76ms
28ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-XGPPP9DSRW&gtm=45je3b60v882884653&_p=1701328375471&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1833567260.1701328376&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1701328375&sct=1&seg=0&dl=https%3A%2F%2Fstruma.bg%2F%D0%BD%D1%81-%D1%80%D0%B5%D1%88%D0%B8-%D0%BD%D1%8F%D0%BC%D0%B0-%D0%B4%D0%B0-%D0%B8%D0%BC%D0%B0-%D0%BA%D0%BE%D0%BC%D0%B8%D1%81%D0%B8%D1%8F-%D0%B7%D0%B0-%D1%80%D0%B0%D0%B7%D1%81%D0%BB%D0%B5%D0%B4%D0%B2%2F&dt=%D0%9D%D0%A1%20%D1%80%D0%B5%D1%88%D0%B8%3A%20%D0%9D%D1%8F%D0%BC%D0%B0%20%D0%B4%D0%B0%20%D0%B8%D0%BC%D0%B0%20%D0%BA%D0%BE%D0%BC%D0%B8%D1%81%D0%B8%D1%8F%20%D0%B7%D0%B0%20%D1%80%D0%B0%D0%B7%D1%81%D0%BB%D0%B5%D0%B4%D0%B2%D0%B0%D0%BD%D0%B5%20%D0%BD%D0%B0%20%D0%B7%D0%B0%D0%BF%D0%BB%D0%B0%D1%85%D0%B8%D1%82%D0%B5%20%D1%81%D1%80%D0%B5%D1%89%D1%83%20%D0%99%D0%BE%D0%BB%D0%BE%D0%B2%D1%81%D0%BA%D0%B8%20%E2%80%93%20%D0%92%D0%B5%D1%81%D1%82%D0%BD%D0%B8%D0%BA%20%D0%A1%D0%A2%D0%A0%D0%A3%D0%9C%D0%90&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=3381
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-XGPPP9DSRW
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://struma.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Nov 2023 07:12:55 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://struma.bg
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 admin-ajax.php Show response
struma.bg/wp-admin/ 0
773 B 610ms
610ms XHR
text/html 2606:4700:3035::6815:3627
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://struma.bg/wp-admin/admin-ajax.php

Requested by

Host: struma.bg
URL: https://struma.bg/wp-includes/js/jquery/jquery.min.js?ver=3.7.0

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::6815:3627 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: text/html, */*; q=0.01
Referer: https://struma.bg/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Thu, 30 Nov 2023 07:12:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff, nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-security-policy: upgrade-insecure-requests
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-served-by: struma.bg
referrer-policy: strict-origin-when-cross-origin, strict-origin
server: cloudflare
x-frame-options: SAMEORIGIN, SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lGM%2B45ZYcoNg5lv3B76L5DjVUsLmwJla0%2BH2kIcNReT9bmdtq%2BV94UvG6hVi3c1S6GzudQrb7nNX6H8hu7Ox3%2FXf8MwdfuKic0OsQ3r3hgX1pnAtlcGQdk7yrz0f%2FcmjsrSpBZqlbvw%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://struma.bg
cache-control: no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
permissions-policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
x-robots-tag: noindex
cf-ray: 82e148ec9b679183-FRA
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H2 200 render Show response
cdn.geozo.com/v4/ 24 KB
9 KB 103ms
50ms XHR
text/html 172.255.141.121
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.geozo.com/v4/render?surfer_uuid=544178f8-7135-4bdc-bc6e-21723bed86cb&referrer=https%3A%2F%2Fstruma.bg%2F%25D0%25BD%25D1%2581-%25D1%2580%25D0%25B5%25D1%2588%25D0%25B8-%25D0%25BD%25D1%258F%25D0%25BC%25D0%25B0-%25D0%25B4%25D0%25B0-%25D0%25B8%25D0%25BC%25D0%25B0-%25D0%25BA%25D0%25BE%25D0%25BC%25D0%25B8%25D1%2581%25D0%25B8%25D1%258F-%25D0%25B7%25D0%25B0-%25D1%2580%25D0%25B0%25D0%25B7%25D1%2581%25D0%25BB%25D0%25B5%25D0%25B4%25D0%25B2%2F&time_zone=1&page_load_uuid=b41dcab1-baf6-475a-93e2-3148154e7624&page_depth=1&a0kyavnf05s=42490810-fdbe-43d8-bcda-13adf400ee28&block_uuid=42490810-fdbe-43d8-bcda-13adf400ee28&refresh_depth=1&safari_multiple_request=489
Requested by: Host: cdn.geozo.com
URL: https://cdn.geozo.com/e4jl71219ivlm0p03yhq8678quv/867pkyah.go
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 172.255.141.121 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx/1.20.2 /
Resource Hash: 51b30ef10f6cc1ec7afd7a6cec35fb1959128983ddfb694eddd75dac700bc80f

Request headers

Referer: https://struma.bg/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: *
date: Thu, 30 Nov 2023 07:12:55 GMT
cache-control: no-cache, private
content-encoding: gzip
server: nginx/1.20.2
access-control-allow-headers: *
content-type: text/html; charset=UTF-8

GET
H2 200 nYpzKWqvlq9.css
static.xx.fbcdn.net/rsrc.php/v3/y9/l/0,cross/ Frame AAFA 19 KB
5 KB 60ms
22ms Stylesheet
text/css 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/y9/l/0,cross/nYpzKWqvlq9.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/plugins/likebox.php?href=http://www.facebook.com/pages/Strumabg/381955041882220&width=335&height=100&colorscheme=light&show_faces=false&show_border=false&stream=false&header=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

2863b52bbc74d053b6415278249cb4258747dd6f355f6ba30739b1f84e76861a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 07:12:55 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: o/7VM47+HYG0hT0S5PaW4w==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 5162
reporting-endpoints
x-fb-debug: mOne0kKoTwDo2wyCXv6Y9AjadZKOIc1Q4Uyl1ghIfqK/v9hnft8SAGKgZ8NR4f0RHPJNshcfUZAlRR7eJKzCIQ==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 23 Nov 2024 18:32:14 GMT

GET
H2 200 HauxnoHmp2p.js Show response
static.xx.fbcdn.net/rsrc.php/v3/ym/r/ Frame AAFA 354 KB
92 KB 107ms
69ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/ym/r/HauxnoHmp2p.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

46f7263eac1e2453cee5455bb2c4630c038ee08dcfd8676624a748f5ac7ea918

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 07:12:55 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: LqYlz30EULIaF3RMJPh8og==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 93657
reporting-endpoints
x-fb-debug: 8vG+vgceebHLzeslRY6eLhMZP4Z0gjF9lzIs3dA+8/Q7Q3PSlczA4DvS5QV3vnvpVy+m/k5zNxgHk35WzmSiUQ==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Thu, 28 Nov 2024 21:16:05 GMT

GET
H2 200 tbb6w30TkDN.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yz/r/ Frame AAFA 7 KB
2 KB 107ms
69ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yz/r/tbb6w30TkDN.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

baa47cb028f5878356baacb8c2760dbc85b3695c4fe1c346e26b4b978eb0100f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 07:12:55 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: HCL+u+2LMSrM7ELnarU2bQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 2226
reporting-endpoints
x-fb-debug: Fj9lcin1Oce5p0T3zP36C/8x3+lWqWfSZy+4sNcCZqpVyFAKNaFfrA8yJMUpXWnczcft+c0ivm4i6A7jubgzDg==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Thu, 21 Nov 2024 19:40:39 GMT

GET
H2 200 YJcyY7izLGB.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yZ/r/ Frame AAFA 94 KB
27 KB 107ms
69ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yZ/r/YJcyY7izLGB.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

2f940657680bd767a223c8dbfae60a9d020adcc30ef92c65f35716064c905359

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 07:12:55 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: qj5bFqqBeNQLu7uSNkxJ/A==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27471
reporting-endpoints
x-fb-debug: CSu4kVm6RR+wMQcWV+RLpVT2Ix3b5JwbgxVOgrqZ2gvQaxwFgRAZ60QYzlfLf3B1Rry7Ykvfrsc8LZnuC5pokA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Thu, 28 Nov 2024 21:44:32 GMT

GET
H2 200 uK1oiHJVa8d.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yv/r/ Frame AAFA 52 KB
17 KB 106ms
68ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yv/r/uK1oiHJVa8d.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

20eb692d7e54b1992776015beb0cc19aa121ebbcc37f6e5ee59d5b0f03a6b558

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 07:12:55 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: mTTo/RpDZavyXbvvIYyIzA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 16769
reporting-endpoints
x-fb-debug: Z0UXQ49D1Uvn0FZZDKyo/uWRBoSSx/ijoobu1Ct0c57D9mLM3djZtfOmi771AeY4U4M70FG7A0ZF28CP3dJRyA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 23 Nov 2024 18:20:15 GMT

GET
H2 200 BdZkwffUSJu.js Show response
static.xx.fbcdn.net/rsrc.php/v3iAxA4/yb/l/de_DE/ Frame AAFA 71 KB
20 KB 106ms
68ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3iAxA4/yb/l/de_DE/BdZkwffUSJu.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9aa6501ff5395d8b36bfb5dd589c2c94fb6e4b04fadac7be66b754d103563412

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 07:12:55 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: rrf4dM+FJD2HRlMrbGU0kQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 20129
reporting-endpoints
x-fb-debug: Et3Sz3/lTSuu5XC7ATnFXpGfrdPdrqoINlpzpUPq2cPvtWD+7BnU5LDV/xs1gKkiX2EXPNUt3vsz5R94hG7a4w==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 23 Nov 2024 18:21:07 GMT

GET
H2 200 p55HfXW__mM.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yF/r/ Frame AAFA 507 B
997 B 58ms
20ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yF/r/p55HfXW__mM.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9e57fedb96b3686621bccd5521f43a2037a823c74f062176952890b179b3955b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 07:12:55 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: L5E9gSgR735vyjAzTFly4g==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 293
reporting-endpoints
x-fb-debug: U2LxFaH01Cwgc1NjWlmyr2UB9mXFX+OvL6KbvZWro8eGKFr7XzJP+MKsDL0cfROijFMM81h73CYon2WHLJBRwQ==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 16 Nov 2024 16:52:11 GMT

GET
H2 200 337552508_5753351014793496_5738150568059242991_n.jpg
scontent.xx.fbcdn.net/v/t39.30808-6/ Frame AAFA 36 KB
36 KB 21ms
21ms Image
image/jpeg 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent.xx.fbcdn.net/v/t39.30808-6/337552508_5753351014793496_5738150568059242991_n.jpg?stp=dst-jpg_p261x260&_nc_cat=111&ccb=1-7&_nc_sid=081abc&_nc_ohc=wEUmpY3wlNMAX-n22oZ&_nc_ht=scontent.xx&edm=AEDRbFQEAAAA&oh=00_AfDgnG4g5YJP3i9ykGvMI3sN6xiASpH6aaYHFrvXm_XmWg&oe=656C67D4
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/plugins/likebox.php?href=http://www.facebook.com/pages/Strumabg/381955041882220&width=335&height=100&colorscheme=light&show_faces=false&show_border=false&stream=false&header=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 0b8f29b4daf9d94e8f16aa1350d765302aa6c972887cbbee7122f2103d5f4812

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 07:12:55 GMT
x-storage-error-category: dfs:none;sc_p:200:WSE_NOT_SET
last-modified: Mon, 27 Mar 2023 14:23:08 GMT
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=2190493848
thrift_fmhk: GBDp+vpMaD41A5an7rHOzbWNFfDr4Z0EAA==
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 511185709
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 36933

GET
H2 200 307120505_464288379053567_2610352952482910698_n.jpg
scontent.xx.fbcdn.net/v/t39.30808-1/ Frame AAFA 2 KB
2 KB 18ms
18ms Image
image/jpeg 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent.xx.fbcdn.net/v/t39.30808-1/307120505_464288379053567_2610352952482910698_n.jpg?stp=cp0_dst-jpg_p50x50&_nc_cat=107&ccb=1-7&_nc_sid=4da83f&_nc_ohc=56_UfCK4KkUAX_8XO_Q&_nc_ht=scontent.xx&edm=AEDRbFQEAAAA&oh=00_AfD77LvaQy0AoFoIS4yRopcfYKwUsKcDgww-iGyJ_tGPag&oe=656D4BC7
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/plugins/likebox.php?href=http://www.facebook.com/pages/Strumabg/381955041882220&width=335&height=100&colorscheme=light&show_faces=false&show_border=false&stream=false&header=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 72e223a4e1881061e5e4375fc424a4b627d2d35544b2e07331618cd3f51263dc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 07:12:56 GMT
x-storage-error-category: dfs:none;sc_p:200:WSE_NOT_SET
last-modified: Mon, 26 Sep 2022 23:51:11 GMT
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=3331032012
thrift_fmhk: GBCCGJSeYCdI7LxFsVd76lSLFfDr4Z0EAA==
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 3090578652
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 1818

GET
H2 200 nYpzKWqvlq9.css
static.xx.fbcdn.net/rsrc.php/v3/y9/l/0,cross/ Frame CADC 19 KB
5 KB 55ms
22ms Stylesheet
text/css 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/y9/l/0,cross/nYpzKWqvlq9.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/plugins/likebox.php?href=https://www.facebook.com/pages/Strumabg/381955041882220&width=335&height=218&colorscheme=light&show_faces=true&show_border=false&stream=false&header=false

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

2863b52bbc74d053b6415278249cb4258747dd6f355f6ba30739b1f84e76861a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 07:12:55 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: o/7VM47+HYG0hT0S5PaW4w==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 5162
reporting-endpoints
x-fb-debug: mOne0kKoTwDo2wyCXv6Y9AjadZKOIc1Q4Uyl1ghIfqK/v9hnft8SAGKgZ8NR4f0RHPJNshcfUZAlRR7eJKzCIQ==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 23 Nov 2024 18:32:14 GMT

GET
H2 200 HauxnoHmp2p.js Show response
static.xx.fbcdn.net/rsrc.php/v3/ym/r/ Frame CADC 354 KB
92 KB 101ms
68ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/ym/r/HauxnoHmp2p.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

46f7263eac1e2453cee5455bb2c4630c038ee08dcfd8676624a748f5ac7ea918

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 07:12:55 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: LqYlz30EULIaF3RMJPh8og==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 93657
reporting-endpoints
x-fb-debug: 8vG+vgceebHLzeslRY6eLhMZP4Z0gjF9lzIs3dA+8/Q7Q3PSlczA4DvS5QV3vnvpVy+m/k5zNxgHk35WzmSiUQ==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Thu, 28 Nov 2024 21:16:05 GMT

GET
H2 200 tbb6w30TkDN.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yz/r/ Frame CADC 7 KB
2 KB 95ms
62ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yz/r/tbb6w30TkDN.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

baa47cb028f5878356baacb8c2760dbc85b3695c4fe1c346e26b4b978eb0100f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 07:12:55 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: HCL+u+2LMSrM7ELnarU2bQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 2226
reporting-endpoints
x-fb-debug: Fj9lcin1Oce5p0T3zP36C/8x3+lWqWfSZy+4sNcCZqpVyFAKNaFfrA8yJMUpXWnczcft+c0ivm4i6A7jubgzDg==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Thu, 21 Nov 2024 19:40:39 GMT

GET
H2 200 YJcyY7izLGB.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yZ/r/ Frame CADC 94 KB
27 KB 53ms
21ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yZ/r/YJcyY7izLGB.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

2f940657680bd767a223c8dbfae60a9d020adcc30ef92c65f35716064c905359

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 07:12:55 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: qj5bFqqBeNQLu7uSNkxJ/A==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27471
reporting-endpoints
x-fb-debug: CSu4kVm6RR+wMQcWV+RLpVT2Ix3b5JwbgxVOgrqZ2gvQaxwFgRAZ60QYzlfLf3B1Rry7Ykvfrsc8LZnuC5pokA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Thu, 28 Nov 2024 21:44:32 GMT

GET
H2 200 uK1oiHJVa8d.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yv/r/ Frame CADC 52 KB
17 KB 54ms
21ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yv/r/uK1oiHJVa8d.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

20eb692d7e54b1992776015beb0cc19aa121ebbcc37f6e5ee59d5b0f03a6b558

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 07:12:55 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: mTTo/RpDZavyXbvvIYyIzA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 16769
reporting-endpoints
x-fb-debug: Z0UXQ49D1Uvn0FZZDKyo/uWRBoSSx/ijoobu1Ct0c57D9mLM3djZtfOmi771AeY4U4M70FG7A0ZF28CP3dJRyA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 23 Nov 2024 18:20:15 GMT

GET
H2 200 BdZkwffUSJu.js Show response
static.xx.fbcdn.net/rsrc.php/v3iAxA4/yb/l/de_DE/ Frame CADC 71 KB
20 KB 94ms
62ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3iAxA4/yb/l/de_DE/BdZkwffUSJu.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9aa6501ff5395d8b36bfb5dd589c2c94fb6e4b04fadac7be66b754d103563412

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 07:12:55 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: rrf4dM+FJD2HRlMrbGU0kQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 20129
reporting-endpoints
x-fb-debug: Et3Sz3/lTSuu5XC7ATnFXpGfrdPdrqoINlpzpUPq2cPvtWD+7BnU5LDV/xs1gKkiX2EXPNUt3vsz5R94hG7a4w==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 23 Nov 2024 18:21:07 GMT

GET
H2 200 p55HfXW__mM.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yF/r/ Frame CADC 507 B
442 B 53ms
21ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yF/r/p55HfXW__mM.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9e57fedb96b3686621bccd5521f43a2037a823c74f062176952890b179b3955b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 07:12:55 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: L5E9gSgR735vyjAzTFly4g==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 293
reporting-endpoints
x-fb-debug: U2LxFaH01Cwgc1NjWlmyr2UB9mXFX+OvL6KbvZWro8eGKFr7XzJP+MKsDL0cfROijFMM81h73CYon2WHLJBRwQ==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 16 Nov 2024 16:52:11 GMT

GET
H2 200 337552508_5753351014793496_5738150568059242991_n.jpg
scontent.xx.fbcdn.net/v/t39.30808-6/ Frame CADC 36 KB
36 KB 40ms
40ms Image
image/jpeg 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent.xx.fbcdn.net/v/t39.30808-6/337552508_5753351014793496_5738150568059242991_n.jpg?stp=dst-jpg_p261x260&_nc_cat=111&ccb=1-7&_nc_sid=081abc&_nc_ohc=wEUmpY3wlNMAX-n22oZ&_nc_ht=scontent.xx&edm=AEDRbFQEAAAA&oh=00_AfDgnG4g5YJP3i9ykGvMI3sN6xiASpH6aaYHFrvXm_XmWg&oe=656C67D4
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/plugins/likebox.php?href=https://www.facebook.com/pages/Strumabg/381955041882220&width=335&height=218&colorscheme=light&show_faces=true&show_border=false&stream=false&header=false
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 0b8f29b4daf9d94e8f16aa1350d765302aa6c972887cbbee7122f2103d5f4812

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 07:12:55 GMT
x-storage-error-category: dfs:none;sc_p:200:WSE_NOT_SET
last-modified: Mon, 27 Mar 2023 14:23:08 GMT
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=2190493848
thrift_fmhk: GBDp+vpMaD41A5an7rHOzbWNFfDr4Z0EAA==
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 511185709
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 36933

GET
H2 200 307120505_464288379053567_2610352952482910698_n.jpg
scontent.xx.fbcdn.net/v/t39.30808-1/ Frame CADC 2 KB
2 KB 19ms
18ms Image
image/jpeg 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent.xx.fbcdn.net/v/t39.30808-1/307120505_464288379053567_2610352952482910698_n.jpg?stp=cp0_dst-jpg_p50x50&_nc_cat=107&ccb=1-7&_nc_sid=4da83f&_nc_ohc=56_UfCK4KkUAX_8XO_Q&_nc_ht=scontent.xx&edm=AEDRbFQEAAAA&oh=00_AfD77LvaQy0AoFoIS4yRopcfYKwUsKcDgww-iGyJ_tGPag&oe=656D4BC7
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/plugins/likebox.php?href=https://www.facebook.com/pages/Strumabg/381955041882220&width=335&height=218&colorscheme=light&show_faces=true&show_border=false&stream=false&header=false
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 72e223a4e1881061e5e4375fc424a4b627d2d35544b2e07331618cd3f51263dc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 07:12:56 GMT
x-storage-error-category: dfs:none;sc_p:200:WSE_NOT_SET
last-modified: Mon, 26 Sep 2022 23:51:11 GMT
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=3331032012
thrift_fmhk: GBCCGJSeYCdI7LxFsVd76lSLFfDr4Z0EAA==
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 3090578652
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 1818

GET
H3 200 sdk.js Show response
connect.facebook.net/bg_BG/ 303 KB
87 KB 40ms
20ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/bg_BG/sdk.js?hash=e7124045207ce887b86049fd777b9ab6

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/bg_BG/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5b9d26288aab01965aca265cb2d6c95dd3061a82a02c258ee3c487d2a4d5dfd1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://struma.bg/
Origin: https://struma.bg
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 30 Nov 2023 07:12:55 GMT
content-md5: NT6JuS9eOmHyhpcgkZ86mA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 88469
reporting-endpoints
x-fb-debug: smhuRgFf3rBoGS7NJBMMWzPfV1oO8j9pkuLmNVxb2uYVk9bFKh5qvkWgQ1ub5jtWE6wozo+N137dzC3TzSyQhQ==
x-fb-content-md5: abb25fad02d58f95474182c16d9fd208
cross-origin-opener-policy: same-origin-allow-popups
etag: "30da27d671c92d0118434e7ed7719557"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=3,i
expires: Fri, 29 Nov 2024 06:58:14 GMT

GET
H3 200 struma.bg.1290783.es6.js Show response
jsc.mgid.com/s/t/ 329 KB
98 KB 64ms
42ms Script
text/javascript 2606:4700:1::6813:854c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://jsc.mgid.com/s/t/struma.bg.1290783.es6.js

Requested by

Host: jsc.mgid.com
URL: https://jsc.mgid.com/s/t/struma.bg.1290783.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:1::6813:854c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ed5424cd0f45ca5efad943f068b734bf754e28fe1079152df976eac7291b98cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://struma.bg/
Origin: https://struma.bg
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 07:12:55 GMT
x-amz-version-id: GD4_eECv3tubQK3pjQg1w21DDcJ6d9zw
content-encoding: br
cf-cache-status: HIT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: 34APWJ0YMKE93T7B
age: 1630
cf-polished: origSize=337216
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: cThYG5nwJfpv/dmk8V5Gd/dBHf3NQDDRks+EZTkQFPR7yHyS7Fg+Gl6i/xj4IjO8h7m0/xuiZxU=
cf-bgj: minify
last-modified: Mon, 27 Nov 2023 14:04:45 GMT
server: cloudflare
etag: W/"811d12e5e4115af4ec401abb2ce9b354"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=10800
cf-ray: 82e148ecfca49b7c-FRA
expires: Thu, 30 Nov 2023 10:12:55 GMT

GET
H2 200 22811454513 Show response
fundingchoicesmessages.google.com/i/ 176 KB
59 KB 111ms
51ms Script
application/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/22811454513?ers=3

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c85cdff161111817eaa5ec9b0381bf061e8de8b97a9dcae6fd8d4fff02d5a858

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-rLXZJqBPTfOpJkRrX7h79Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://struma.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 07:12:55 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-rLXZJqBPTfOpJkRrX7h79Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 7C1A 60 KB
34 KB 46ms
44ms Document
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LckjIcUAAAAABhBn78wLQqK_K4srbDs5rQTxiZN&co=aHR0cHM6Ly9zdHJ1bWEuYmc6NDQz&hl=de&v=-QbJqHfGOUB8nuVRLvzFLVed&size=invisible&cb=lzbc8n65zmw4

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__de.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

d8752d6c4a32d1efcca0056d67bcf197225e7baf1b30085a63e5b213a510ec66

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-38xIUCGaMboFHdCT-PHtIw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://struma.bg/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-38xIUCGaMboFHdCT-PHtIw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 30 Nov 2023 07:12:55 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 / Show response
ui.cleverwebserver.com/ 160 B
384 B 37ms
36ms Script
application/javascript 2606:4700:4400::ac40:919c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ui.cleverwebserver.com/
Requested by: Host: struma.bg
URL: https://struma.bg/%D0%BD%D1%81-%D1%80%D0%B5%D1%88%D0%B8-%D0%BD%D1%8F%D0%BC%D0%B0-%D0%B4%D0%B0-%D0%B8%D0%BC%D0%B0-%D0%BA%D0%BE%D0%BC%D0%B8%D1%81%D0%B8%D1%8F-%D0%B7%D0%B0-%D1%80%D0%B0%D0%B7%D1%81%D0%BB%D0%B5%D0%B4%D0%B2/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:919c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eee10a1812fb9b2b549dbb445e7fe8ea5d07f1b683e4039a1c643cc46e31901f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://struma.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 07:12:55 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: *
cf-ray: 82e148ed3dc69131-FRA
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization

GET
H2 200 d0365312ae892989.webp
media.geozo.com/.cdn/5531a5/d3d944/7002fc9133304fa18cf5c4231975d6af/ 8 KB
8 KB 234ms
117ms Image
image/webp 185.18.187.81
UCDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.geozo.com/.cdn/5531a5/d3d944/7002fc9133304fa18cf5c4231975d6af/d0365312ae892989.webp
Requested by: Host: struma.bg
URL: https://struma.bg/%D0%BD%D1%81-%D1%80%D0%B5%D1%88%D0%B8-%D0%BD%D1%8F%D0%BC%D0%B0-%D0%B4%D0%B0-%D0%B8%D0%BC%D0%B0-%D0%BA%D0%BE%D0%BC%D0%B8%D1%81%D0%B8%D1%8F-%D0%B7%D0%B0-%D1%80%D0%B0%D0%B7%D1%81%D0%BB%D0%B5%D0%B4%D0%B2/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.18.187.81 Frankfurt am Main, Germany, ASN61107 (UCDN, CY),
Reverse DNS
Software: ucdn/1.24.0 /
Resource Hash: d556ecab494d9ef5700359aaab3cbf70abf565fb59e828a1593edf3270cfc319

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://struma.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 07:12:56 GMT
last-modified: Thu, 19 Oct 2023 13:11:04 GMT
server: ucdn/1.24.0
x-ureq-id: 5ci+HV5uGl2sg34JhgRbCLYFVPI5nM3WyYmOcsUJ4y6/b+mz5q8H20twkLxWu16yuKYcKulHVUDjrphGT2A0S+6WX8rpzyPnQiZo6kWFTHJaOfqMV8TLoM8LyvhxJsflqXqsM5nPXOh10ICBM2A12A==
etag: "65312ae8-1fc8"
x-served-from: l1
access-control-allow-methods: HEAD, GET, OPTIONS
content-type: image/webp
access-control-allow-origin: *
x-vhostid: 6523, 73, 24963
cache-control: max-age=12905389
accept-ranges: bytes
access-control-allow-headers: *
content-length: 8136
expires: Sat, 27 Apr 2024 16:02:45 GMT

GET
H2 200 d036555bcc8cb57c.webp
media.geozo.com/.cdn/5531a5/6512bd/046adf85491c498b96ad79039a02d8a6/ 16 KB
16 KB 233ms
117ms Image
image/webp 185.18.187.81
UCDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.geozo.com/.cdn/5531a5/6512bd/046adf85491c498b96ad79039a02d8a6/d036555bcc8cb57c.webp
Requested by: Host: struma.bg
URL: https://struma.bg/%D0%BD%D1%81-%D1%80%D0%B5%D1%88%D0%B8-%D0%BD%D1%8F%D0%BC%D0%B0-%D0%B4%D0%B0-%D0%B8%D0%BC%D0%B0-%D0%BA%D0%BE%D0%BC%D0%B8%D1%81%D0%B8%D1%8F-%D0%B7%D0%B0-%D1%80%D0%B0%D0%B7%D1%81%D0%BB%D0%B5%D0%B4%D0%B2/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.18.187.81 Frankfurt am Main, Germany, ASN61107 (UCDN, CY),
Reverse DNS
Software: ucdn/1.24.0 /
Resource Hash: a5b757ca5ed6113899d96960ca30dc4e2e9185344d22ae6727c85d7b991b2f3e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://struma.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 07:12:56 GMT
last-modified: Thu, 16 Nov 2023 06:55:04 GMT
server: ucdn/1.24.0
x-ureq-id: 5ci+HV5uGl2sg34JhgRbCNo0/ratog/f62/A3qFTbbC8M9rzaJ2nNRn9isz2BbMhCsi6MIrWZChi/J+D+3P13YrNsT6ODLWMQbDCno294W6qpT3eiQVjgSamWT+tjBTD
etag: "6555bcc8-3efc"
x-served-from: l1
access-control-allow-methods: HEAD, GET, OPTIONS
content-type: image/webp
access-control-allow-origin: *
x-vhostid: 6559, 24963
cache-control: max-age=12912965
accept-ranges: bytes
access-control-allow-headers: *
content-length: 16124
expires: Sat, 27 Apr 2024 18:09:01 GMT

GET
H2 200 d036555c26b7d3e0.webp
media.geozo.com/.cdn/5531a5/6512bd/b5e09b94a61c4228987203ba783e05dd/ 226 KB
226 KB 142ms
26ms Image
image/webp 185.18.187.81
UCDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.geozo.com/.cdn/5531a5/6512bd/b5e09b94a61c4228987203ba783e05dd/d036555c26b7d3e0.webp
Requested by: Host: struma.bg
URL: https://struma.bg/%D0%BD%D1%81-%D1%80%D0%B5%D1%88%D0%B8-%D0%BD%D1%8F%D0%BC%D0%B0-%D0%B4%D0%B0-%D0%B8%D0%BC%D0%B0-%D0%BA%D0%BE%D0%BC%D0%B8%D1%81%D0%B8%D1%8F-%D0%B7%D0%B0-%D1%80%D0%B0%D0%B7%D1%81%D0%BB%D0%B5%D0%B4%D0%B2/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.18.187.81 Frankfurt am Main, Germany, ASN61107 (UCDN, CY),
Reverse DNS
Software: ucdn/1.24.0 /
Resource Hash: 52b348a8a70b0dd4a3e2665558d62a9a863e46fc62aa9e53020d86a97f9b6927

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://struma.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 07:12:56 GMT
last-modified: Thu, 16 Nov 2023 07:19:07 GMT
server: ucdn/1.24.0
x-ureq-id: 5ci+HV5uGl2sg34JhgRbCNo0/ratog/f62/A3qFTbbC8M9rzaJ2nNRn9isz2BbMhzi49KxsIo0E9BC5yzT2IF4rNsT6ODLWMQbDCno294W6qpT3eiQVjgSamWT+tjBTD
etag: "6555c26b-38620"
x-served-from: l1
access-control-allow-methods: HEAD, GET, OPTIONS
content-type: image/webp
access-control-allow-origin: *
x-vhostid: 6556, 24963
cache-control: max-age=12914699
accept-ranges: bytes
access-control-allow-headers: *
content-length: 230944
expires: Sat, 27 Apr 2024 18:37:55 GMT

GET
H2 200 d0365321853ce23a.webp
media.geozo.com/.cdn/5531a5/d3d944/70478799c19e419eb6f3c27733c680d1/ 7 KB
8 KB 234ms
117ms Image
image/webp 185.18.187.81
UCDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.geozo.com/.cdn/5531a5/d3d944/70478799c19e419eb6f3c27733c680d1/d0365321853ce23a.webp
Requested by: Host: struma.bg
URL: https://struma.bg/%D0%BD%D1%81-%D1%80%D0%B5%D1%88%D0%B8-%D0%BD%D1%8F%D0%BC%D0%B0-%D0%B4%D0%B0-%D0%B8%D0%BC%D0%B0-%D0%BA%D0%BE%D0%BC%D0%B8%D1%81%D0%B8%D1%8F-%D0%B7%D0%B0-%D1%80%D0%B0%D0%B7%D1%81%D0%BB%D0%B5%D0%B4%D0%B2/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.18.187.81 Frankfurt am Main, Germany, ASN61107 (UCDN, CY),
Reverse DNS
Software: ucdn/1.24.0 /
Resource Hash: 64df14cee80e2e1dd6d148352be620b1e1723b9b6177a1a2a04b15b9cfd5baee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://struma.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 07:12:56 GMT
last-modified: Fri, 20 Oct 2023 06:04:03 GMT
server: ucdn/1.24.0
x-ureq-id: 5ci+HV5uGl2sg34JhgRbCLYFVPI5nM3WyYmOcsUJ4y6/b+mz5q8H20twkLxWu16yuKYcKulHVUDjrphGT2A0S+6WX8rpzyPnQiZo6kWFTHL/9js42YV4YElnWuLqWp2RqXqsM5nPXOh10ICBM2A12A==
etag: "65321853-1ce0"
x-served-from: l1
access-control-allow-methods: HEAD, GET, OPTIONS
content-type: image/webp
access-control-allow-origin: *
x-vhostid: 6930, 54, 24963
cache-control: max-age=12905390
accept-ranges: bytes
access-control-allow-headers: *
content-length: 7392
expires: Sat, 27 Apr 2024 16:02:46 GMT

GET
H2 200 css
fonts.googleapis.com/ 12 KB
1 KB 78ms
30ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:100,200,300,400,500,600,700,800,900

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d175185dc8199dc8531d2c25a84073ad93a7c605a921b0168ed6106a193d21ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://struma.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 30 Nov 2023 07:12:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 30 Nov 2023 06:37:11 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 30 Nov 2023 07:12:55 GMT

POST
H3 200 82e148d7bb9803e4 Show response
struma.bg/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame 54C7 0
545 B 42ms
41ms XHR
text/plain 2606:4700:3035::6815:3627
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://struma.bg/cdn-cgi/challenge-platform/h/g/jsd/r/82e148d7bb9803e4
Requested by: Host: struma.bg
URL: https://struma.bg/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:3627 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 30 Nov 2023 07:12:55 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BS5b06JUrhUvWH30OVs0K8nAh2P2fnhntdNUmEuvPqiBfom20dKxdA2PJuAkFvcf%2FKgP4XTC1TvVjTnE6SPbHRlIZ5w5vghS%2BigXArThBXn6fwo10IqTQCeDpoUD59ezX9p89xSTjzs%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cf-ray: 82e148edbcaf9183-FRA
alt-svc: h3=":443"; ma=86400

POST
H3 200 82e148eaf9799183 Show response
struma.bg/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame 46A5 0
543 B 47ms
47ms XHR
text/plain 2606:4700:3035::6815:3627
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://struma.bg/cdn-cgi/challenge-platform/h/g/jsd/r/82e148eaf9799183
Requested by: Host: struma.bg
URL: https://struma.bg/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:3627 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 30 Nov 2023 07:12:56 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ve1de16tm2tm%2Fa8Skgm4TYxP6anR5554%2BS%2FSu3XXVsgetLHvpSkfhlc6gj6E0Ehzt0SEyQYbfH2M7ocKaqEmMDorayKTYmJcIYc7IZaB1jXfZFcsGSDd7dofpbCNNMfsa4inXMi63hI%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cf-ray: 82e148ee1d229183-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/ Frame 7C1A 55 KB
24 KB 63ms
21ms Stylesheet
text/css 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LckjIcUAAAAABhBn78wLQqK_K4srbDs5rQTxiZN&co=aHR0cHM6Ly9zdHJ1bWEuYmc6NDQz&hl=de&v=-QbJqHfGOUB8nuVRLvzFLVed&size=invisible&cb=lzbc8n65zmw4

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 04:28:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 9850
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24606
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 05:42:11 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 29 Nov 2024 04:28:46 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/ Frame 7C1A 468 KB
188 KB 60ms
19ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

983871cac9e719263fcecaa540c4e1597c8ece1805845830ec21fef0e71d9f88

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 12:38:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 66881
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 192016
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 05:42:11 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 28 Nov 2024 12:38:15 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 67ms
20ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:100,200,300,400,500,600,700,800,900

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://struma.bg
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 16:39:21 GMT
x-content-type-options: nosniff
age: 484415
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 23 Nov 2024 16:39:21 GMT

GET
H3 200 UXtr_j2Fwe-.png
static.xx.fbcdn.net/rsrc.php/v3/yw/r/ Frame CADC 573 B
711 B 20ms
20ms Image
image/png 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yw/r/UXtr_j2Fwe-.png

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/y9/l/0,cross/nYpzKWqvlq9.css?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

96e3e8dfde6b1042514824bac1b44282d4a76bac028f2d767f6534dce2cf3db0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.xx.fbcdn.net/rsrc.php/v3/y9/l/0,cross/nYpzKWqvlq9.css?_nc_x=Ij3Wp8lg5Kz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 07:12:56 GMT
x-content-type-options: nosniff
content-md5: 07aG/2AEtDHVAZ5LUajMDQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 573
reporting-endpoints
x-fb-debug: qWcSAI33ejnNI22TZL8tCQkK2WveaNdjwqNCvuZs2LFAmzyANjWb8N5v0Q6bYOzZpAIzVTX2zItcMI0HXroeAw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=3,i
expires: Wed, 27 Nov 2024 01:13:51 GMT

GET
H3 200 UXtr_j2Fwe-.png
static.xx.fbcdn.net/rsrc.php/v3/yw/r/ Frame AAFA 573 B
708 B 20ms
20ms Image
image/png 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yw/r/UXtr_j2Fwe-.png

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/y9/l/0,cross/nYpzKWqvlq9.css?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

96e3e8dfde6b1042514824bac1b44282d4a76bac028f2d767f6534dce2cf3db0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.xx.fbcdn.net/rsrc.php/v3/y9/l/0,cross/nYpzKWqvlq9.css?_nc_x=Ij3Wp8lg5Kz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 07:12:56 GMT
x-content-type-options: nosniff
content-md5: 07aG/2AEtDHVAZ5LUajMDQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 573
reporting-endpoints
x-fb-debug: qWcSAI33ejnNI22TZL8tCQkK2WveaNdjwqNCvuZs2LFAmzyANjWb8N5v0Q6bYOzZpAIzVTX2zItcMI0HXroeAw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=3,i
expires: Wed, 27 Nov 2024 01:13:51 GMT

GET
H2

200

widescreen.html Show response
lp.cleverwebserver.com/betano/de/sports/sports_de/ Frame 317C
Redirect Chain

https://sender.cleverwebserver.com/group/47482?id=773737&ref=aHR0cHM6Ly9zdHJ1bWEuYmcvJUQwJUJEJUQxJTgxLSVEMSU4MCVEMCVCNSVEMSU4OCVEMCVCOC0lRDAlQkQlRDElOEYlRDAlQkMlRDAlQjAtJUQwJUI0JUQwJUIwLSVEMCVCOCVE...
https://lp.cleverwebserver.com/betano/de/sports/sports_de/widescreen.html??id=773737&group=47482&tracker=aHR0cHM6Ly9nbWwtZ3JwLmNvbS9DLmFzaHg%2FYnRhZz1hXzgyNmJfMjkzMWNfJmFmZmlkPTQzMSZzaXRlaWQ9ODI2Jm...

2 KB
884 B

116ms
98ms

Document
text/html

2606:4700:4400::ac40:919c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lp.cleverwebserver.com/betano/de/sports/sports_de/widescreen.html??id=773737&group=47482&tracker=aHR0cHM6Ly9nbWwtZ3JwLmNvbS9DLmFzaHg%2FYnRhZz1hXzgyNmJfMjkzMWNfJmFmZmlkPTQzMSZzaXRlaWQ9ODI2JmFkaWQ9MjkzMSZjPUpTQUJORVZQVkJEQUFERQ%3D%3D&ref=aHR0cHM6Ly9zdHJ1bWEuYmcvJUQwJUJEJUQxJTgxLSVEMSU4MCVEMCVCNSVEMSU4OCVEMCVCOC0lRDAlQkQlRDElOEYlRDAlQkMlRDAlQjAtJUQwJUI0JUQwJUIwLSVEMCVCOCVEMCVCQyVEMCVCMC0lRDAlQkElRDAlQkUlRDAlQkMlRDAlQjglRDElODElRDAlQjglRDElOEYtJUQwJUI3JUQwJUIwLSVEMSU4MCVEMCVCMCVEMCVCNyVEMSU4MSVEMCVCQiVEMCVCNSVEMCVCNCVEMCVCMi8%3D&r=262631074
Requested by: Host: struma.bg
URL: https://struma.bg/%D0%BD%D1%81-%D1%80%D0%B5%D1%88%D0%B8-%D0%BD%D1%8F%D0%BC%D0%B0-%D0%B4%D0%B0-%D0%B8%D0%BC%D0%B0-%D0%BA%D0%BE%D0%BC%D0%B8%D1%81%D0%B8%D1%8F-%D0%B7%D0%B0-%D1%80%D0%B0%D0%B7%D1%81%D0%BB%D0%B5%D0%B4%D0%B2/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:919c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0e4d2065ce1ca476b7eee65f4df4c3112627e1531aaeea876d6e3a1e2c010abc

Request headers

Referer: https://struma.bg/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: public, max-age=28800
cf-cache-status: MISS
cf-ray: 82e148ef2fd09131-FRA
content-encoding: br
content-type: text/html
date: Thu, 30 Nov 2023 07:12:56 GMT
expires: Thu, 30 Nov 2023 15:12:56 GMT
last-modified: Wed, 29 Nov 2023 18:22:58 GMT
server: cloudflare
vary: Accept-Encoding
x-amz-id-2: ZmyYkqHJQTQ1jueofTTy5lEO9yRibeh6kdwrhLpzOV4bkQd/K//FejvLIMAld+BulxptvlWxcSo=
x-amz-request-id: MF67E4XNNMR4XM91

Redirect headers

cf-cache-status: DYNAMIC
cf-ray: 82e148eebf6e9131-FRA
content-type: text/html
date: Thu, 30 Nov 2023 07:12:56 GMT
location: https://lp.cleverwebserver.com/betano/de/sports/sports_de/widescreen.html??id=773737&group=47482&tracker=aHR0cHM6Ly9nbWwtZ3JwLmNvbS9DLmFzaHg%2FYnRhZz1hXzgyNmJfMjkzMWNfJmFmZmlkPTQzMSZzaXRlaWQ9ODI2JmFkaWQ9MjkzMSZjPUpTQUJORVZQVkJEQUFERQ%3D%3D&ref=aHR0cHM6Ly9zdHJ1bWEuYmcvJUQwJUJEJUQxJTgxLSVEMSU4MCVEMCVCNSVEMSU4OCVEMCVCOC0lRDAlQkQlRDElOEYlRDAlQkMlRDAlQjAtJUQwJUI0JUQwJUIwLSVEMCVCOCVEMCVCQyVEMCVCMC0lRDAlQkElRDAlQkUlRDAlQkMlRDAlQjglRDElODElRDAlQjglRDElOEYtJUQwJUI3JUQwJUIwLSVEMSU4MCVEMCVCMCVEMCVCNyVEMSU4MSVEMCVCQiVEMCVCNSVEMCVCNCVEMCVCMi8%3D&r=262631074
server: cloudflare

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f0275273984e78ca6824c6944f8d8bebcb3d7e441fbab8ee380508c3991ef347

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 46336d17bc0deae32fd48d3697163d7845b46f846ef4b247fd01358d7f349a20

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/gif

GET
BLOB 200
OK 3b2b9d5f-e3b2-4c10-9137-e85950ca2466
https://struma.bg/ 0
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://struma.bg/3b2b9d5f-e3b2-4c10-9137-e85950ca2466
Requested by: Host: struma.bg
URL: https://struma.bg/%D0%BD%D1%81-%D1%80%D0%B5%D1%88%D0%B8-%D0%BD%D1%8F%D0%BC%D0%B0-%D0%B4%D0%B0-%D0%B8%D0%BC%D0%B0-%D0%BA%D0%BE%D0%BC%D0%B8%D1%81%D0%B8%D1%8F-%D0%B7%D0%B0-%D1%80%D0%B0%D0%B7%D1%81%D0%BB%D0%B5%D0%B4%D0%B2/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Length: 0
Content-Type: text/javascript

GET
BLOB 200
OK 701856b0-519c-41cd-9621-25f05a432814
https://struma.bg/ 250 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://struma.bg/701856b0-519c-41cd-9621-25f05a432814
Requested by: Host: struma.bg
URL: https://struma.bg/%D0%BD%D1%81-%D1%80%D0%B5%D1%88%D0%B8-%D0%BD%D1%8F%D0%BC%D0%B0-%D0%B4%D0%B0-%D0%B8%D0%BC%D0%B0-%D0%BA%D0%BE%D0%BC%D0%B8%D1%81%D0%B8%D1%8F-%D0%B7%D0%B0-%D1%80%D0%B0%D0%B7%D1%81%D0%BB%D0%B5%D0%B4%D0%B2/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e37071398d21f18dff2370ee0885f38811bb69bb465b398100ab3101fc521d6b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Length: 250
Content-Type: text/javascript

GET
H2 200 configurable.js Show response
st-n.ads1-adnow.com/js/ 135 KB
45 KB 22ms
22ms Script
application/javascript 2a03:90c0:41:2801::62
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://st-n.ads1-adnow.com/js/configurable.js
Requested by: Host: n.ads1-adnow.com
URL: https://n.ads1-adnow.com/a?Id=131492&uid=ssp-4fd683a9-b0c0-0557-eb2b-eb2b-4009e7b0e9&sync=0&hours=8&ajax=0&domain=n.ads1-adnow.com&unq=1&show_num=1&click_num=0&cookies=1&_c=e30%3D&RNum=2774&docurl_=aHV2c3c_NTZ7fXzCgHluPHF3QDdXRDpYWz1dS0BUTktEZFJHW1RKaldNa19QcF5TZ2hWdmNZd25kXX1qYH7CgWPCg3FmesKJacKJdmzCisKMb8KPfHLCkH99dsKWwoN5wpfCinzCnMKJf8KdwozCisKDwqPCkMKGwqTCm8KJwqnClsKMwqrCrMKPwq_CnMKSwrDCn8KdwpbCtsKjwpnCt8K3wpzCvMKpwp_CvcOBwqLDgsKvwqXDg8OFwqjDiMK1wqvDicOAwq7DjsK8wrHDhcK_wrTDlMOBwrfDlcOMwrrDmsOIwr3DkcOgw4jDgcOhw47DhMOiw5jDh8Onw5TDisOow5fDlcOOw67DnMORw6XDnsOUw7TDocOXw7XDpMOaw7rDp8Odw7vDscOgxIDDrsOjw7fDscOmxIbDs8OpxIfEiMOsxIzDucOvxI3EgcOyxJLDv8O1xJPEhsO4xJjEhcO7xJnEisSI&client_info=eyJ3aW4iOnsidyI6MTYwMCwiaCI6MTIwMH0sInNjcmVlbiI6eyJ3aWR0aCI6MTYwMCwiaGVpZ2h0IjoxMjAwLCJjb2xvckRlcHRoIjoyNCwicGl4ZWxEZXB0aCI6MjR9LCJuYXZpZ2F0b3IiOnsibGFuZ3VhZ2UiOiJlbi1VUyIsImJyb3dzZXJMYW5ndWFnZSI6IiIsInN5c3RlbUxhbmd1YWdlIjoiIiwidXNlckxhbmd1YWdlIjoiIiwicGxhdGZvcm0iOiJXaW4zMiIsInZlbmRvciI6Ikdvb2dsZSBJbmMuIiwidGltZVpvbmUiOjEsImRhdGUiOiIyMDIzLTExLTMwVDA3OjEyOjU1LjUwOFoiLCJob3VyIjo4LCJ3aWR0aCI6MTYwMCwiaGVpZ2h0IjoxMjAwLCJwbHVnaW5zIjpbIkNocm9tZSBQREYgUGx1Z2luIiwiQ2hyb21lIFBERiBWaWV3ZXIiLCJOYXRpdmUgQ2xpZW50Il0sImZsYXNoVmVyc2lvbiI6ZmFsc2UsImNvbm5lY3Rpb25UeXBlIjoidW5kZWYifX0%3D&doc_inf=eyJ0aXRsZSI6IiVEMCU5RCVEMCVBMSUyMCVEMSU4MCVEMCVCNSVEMSU4OCVEMCVCOCUzQSUyMCVEMCU5RCVEMSU4RiVEMCVCQyVEMCVCMCUyMCVEMCVCNCVEMCVCMCUyMCVEMCVCOCVEMCVCQyVEMCVCMCUyMCVEMCVCQSVEMCVCRSVEMCVCQyVEMCVCOCVEMSU4MSVEMCVCOCVEMSU4RiUyMCVEMCVCNyVEMCVCMCUyMCVEMSU4MCVEMCVCMCVEMCVCNyVEMSU4MSVEMCVCQiVEMCVCNSVEMCVCNCVEMCVCMiVEMCVCMCVEMCVCRCVEMCVCNSUyMCVEMCVCRCVEMCVCMCUyMCVEMCVCNyVEMCVCMCVEMCVCRiVEMCVCQiVEMCVCMCVEMSU4NSVEMCVCOCVEMSU4MiVEMCVCNSUyMCVEMSU4MSVEMSU4MCVEMCVCNSVEMSU4OSVEMSU4MyUyMCVEMCU5OSVEMCVCRSVEMCVCQiVEMCVCRSVEMCVCMiVEMSU4MSVEMCVCQSVEMCVCOCUyMCVFMiU4MCU5MyUyMCVEMCU5MiVEMCVCNSVEMSU4MSVEMSU4MiVEMCVCRCVEMCVCOCVEMCVCQSUyMCVEMCVBMSVEMCVBMiVEMCVBMCVEMCVBMyVEMCU5QyVEMCU5MCIsImRlc2NyaXB0aW9uIjoiIiwiY2hhclNldCI6IlVURi04In0%3D&set=e30%3D&ver=8&bln=0&bver=5&loc=https%3A%2F%2Fstruma.bg%2F%25D0%25BD%25D1%2581-%25D1%2580%25D0%25B5%25D1%2588%25D0%25B8-%25D0%25BD%25D1%258F%25D0%25BC%25D0%25B0-%25D0%25B4%25D0%25B0-%25D0%25B8%25D0%25BC%25D0%25B0-%25D0%25BA%25D0%25BE%25D0%25BC%25D0%25B8%25D1%2581%25D0%25B8%25D1%258F-%25D0%25B7%25D0%25B0-%25D1%2580%25D0%25B0%25D0%25B7%25D1%2581%25D0%25BB%25D0%25B5%25D0%25B4%25D0%25B2%2F
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 11965a44399ce5cd904ee01dece352a1d6598e49f71178d012129cacffb5a569

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://struma.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-id: fr5-hw-edge-gc8
date: Thu, 30 Nov 2023 07:12:56 GMT
content-encoding: gzip
last-modified: Tue, 28 Nov 2023 09:46:11 GMT
server: nginx
etag: W/"6565b6e3-21ca3"
x-cached-since: 2023-11-30T07:12:19+00:00
content-type: application/javascript
cache-control: max-age=60
cache: HIT
x-id-fe: fr5-hw-edge-gc8
expires: Thu, 30 Nov 2023 07:13:56 GMT

GET
H2 200 AGSKWxXxizvUAVpnvTFbZs0C-GKP5qzbZ1o1hPaGqfnNXdBxCNkB_IBXHhc4qMwLNQ1ryIoOHJJOdYFSxPbk12SP6zKAERnAyjq0XfmenEjr4O_Di3WU1oyF-2nJMM8fzKsG5WuufuS24w== Show response
fundingchoicesmessages.google.com/f/ 524 KB
70 KB 136ms
135ms Script
application/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXxizvUAVpnvTFbZs0C-GKP5qzbZ1o1hPaGqfnNXdBxCNkB_IBXHhc4qMwLNQ1ryIoOHJJOdYFSxPbk12SP6zKAERnAyjq0XfmenEjr4O_Di3WU1oyF-2nJMM8fzKsG5WuufuS24w==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzAxMzI4Mzc2LDEwOTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly9zdHJ1bWEuYmcvJUQwJUJEJUQxJTgxLSVEMSU4MCVEMCVCNSVEMSU4OCVEMCVCOC0lRDAlQkQlRDElOEYlRDAlQkMlRDAlQjAtJUQwJUI0JUQwJUIwLSVEMCVCOCVEMCVCQyVEMCVCMC0lRDAlQkElRDAlQkUlRDAlQkMlRDAlQjglRDElODElRDAlQjglRDElOEYtJUQwJUI3JUQwJUIwLSVEMSU4MCVEMCVCMCVEMCVCNyVEMSU4MSVEMCVCQiVEMCVCNSVEMCVCNCVEMCVCMi8iLG51bGwsW1s4LCJGYVlQdVJ3ZXFJSSJdLFs5LCJkZSJdLFsxOSwiMSJdLFsxNywiWzBdIl1dXQ

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.FaYPuRweqII.es5.O/am=CAM/d=1/rs=AJlcJMytfF6m19eh4g6bfBvkWRwpynfzCw/m=kernel_loader,loader_js_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d1e96a3abda22630803fecb9d0dc09b6bc88a602337f0d6bd3fc6504815851ae

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Q2UMGnfI58qRY5AvER44EQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://struma.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 07:12:56 GMT
content-security-policy: script-src 'report-sample' 'nonce-Q2UMGnfI58qRY5AvER44EQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
call.cleverwebserver.com/ 43 B
128 B 44ms
43ms Image
image/gif 2606:4700:4400::ac40:919c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://call.cleverwebserver.com/?id=47482&c=DE&r=null&l=223&b=Chrome&os=Win10&mob=0&v=1.58.3&ref=aHR0cHM6Ly9zdHJ1bWEuYmcvJUQwJUJEJUQxJTgxLSVEMSU4MCVEMCVCNSVEMSU4OCVEMCVCOC0lRDAlQkQlRDElOEYlRDAlQkMlRDAlQjAtJUQwJUI0JUQwJUIwLSVEMCVCOCVEMCVCQyVEMCVCMC0lRDAlQkElRDAlQkUlRDAlQkMlRDAlQjglRDElODElRDAlQjglRDElOEYtJUQwJUI3JUQwJUIwLSVEMSU4MCVEMCVCMCVEMCVCNyVEMSU4MSVEMCVCQiVEMCVCNSVEMCVCNCVEMCVCMi8%3D&ruri=&iv=-1&ctr=DE&sz=1200
Requested by: Host: struma.bg
URL: https://struma.bg/%D0%BD%D1%81-%D1%80%D0%B5%D1%88%D0%B8-%D0%BD%D1%8F%D0%BC%D0%B0-%D0%B4%D0%B0-%D0%B8%D0%BC%D0%B0-%D0%BA%D0%BE%D0%BC%D0%B8%D1%81%D0%B8%D1%8F-%D0%B7%D0%B0-%D1%80%D0%B0%D0%B7%D1%81%D0%BB%D0%B5%D0%B4%D0%B2/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:919c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://struma.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 07:12:56 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 82e148eecf789131-FRA
content-length: 43
content-type: image/gif

GET
BLOB 200
OK a2afe939-4599-4777-93b9-50575f860eab
https://struma.bg/ 0
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://struma.bg/a2afe939-4599-4777-93b9-50575f860eab
Requested by: Host: struma.bg
URL: https://struma.bg/%D0%BD%D1%81-%D1%80%D0%B5%D1%88%D0%B8-%D0%BD%D1%8F%D0%BC%D0%B0-%D0%B4%D0%B0-%D0%B8%D0%BC%D0%B0-%D0%BA%D0%BE%D0%BC%D0%B8%D1%81%D0%B8%D1%8F-%D0%B7%D0%B0-%D1%80%D0%B0%D0%B7%D1%81%D0%BB%D0%B5%D0%B4%D0%B2/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Length: 0
Content-Type: text/javascript

GET
BLOB 200
OK 580b0827-ca9a-456f-99ac-5dbe5b4c36ff
https://struma.bg/ 250 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://struma.bg/580b0827-ca9a-456f-99ac-5dbe5b4c36ff
Requested by: Host: struma.bg
URL: https://struma.bg/%D0%BD%D1%81-%D1%80%D0%B5%D1%88%D0%B8-%D0%BD%D1%8F%D0%BC%D0%B0-%D0%B4%D0%B0-%D0%B8%D0%BC%D0%B0-%D0%BA%D0%BE%D0%BC%D0%B8%D1%81%D0%B8%D1%8F-%D0%B7%D0%B0-%D1%80%D0%B0%D0%B7%D1%81%D0%BB%D0%B5%D0%B4%D0%B2/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e37071398d21f18dff2370ee0885f38811bb69bb465b398100ab3101fc521d6b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Length: 250
Content-Type: text/javascript

GET
H2 200 /
c.mgid.com/pv/ 43 B
138 B 54ms
37ms Image
image/gif 2606:4700:1::6813:854c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.mgid.com/pv/?lu=https%3A%2F%2Fstruma.bg%2F%25D0%25BD%25D1%2581-%25D1%2580%25D0%25B5%25D1%2588%25D0%25B8-%25D0%25BD%25D1%258F%25D0%25BC%25D0%25B0-%25D0%25B4%25D0%25B0-%25D0%25B8%25D0%25BC%25D0%25B0-%25D0%25BA%25D0%25BE%25D0%25BC%25D0%25B8%25D1%2581%25D0%25B8%25D1%258F-%25D0%25B7%25D0%25B0-%25D1%2580%25D0%25B0%25D0%25B7%25D1%2581%25D0%25BB%25D0%25B5%25D0%25B4%25D0%25B2%2F&cbuster=1701328376128839899746&pvid=18c1f12d140a46cb003&implVersion=11&cxurl=https%3A%2F%2Fstruma.bg%2F%25d0%25bd%25d1%2581-%25d1%2580%25d0%25b5%25d1%2588%25d0%25b8-%25d0%25bd%25d1%258f%25d0%25bc%25d0%25b0-%25d0%25b4%25d0%25b0-%25d0%25b8%25d0%25bc%25d0%25b0-%25d0%25ba%25d0%25be%25d0%25bc%25d0%25b8%25d1%2581%25d0%25b8%25d1%258f-%25d0%25b7%25d0%25b0-%25d1%2580%25d0%25b0%25d0%25b7%25d1%2581%25d0%25bb%25d0%25b5%25d0%25b4%25d0%25b2%2F&site=795170&i=1&scum=%3F0&scuw=%3F0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:1::6813:854c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://struma.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 07:12:56 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: DYNAMIC
server: cloudflare
content-type: image/gif
cf-ray: 82e148eefe4f35e0-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43

GET
H2 200 adnow-mini-v2.png
st-n.ads5-adnow.com/i/logo/ 2 KB
2 KB 76ms
30ms Image
image/png 2a03:90c0:41:2801::62
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://st-n.ads5-adnow.com/i/logo/adnow-mini-v2.png
Requested by: Host: struma.bg
URL: https://struma.bg/%D0%BD%D1%81-%D1%80%D0%B5%D1%88%D0%B8-%D0%BD%D1%8F%D0%BC%D0%B0-%D0%B4%D0%B0-%D0%B8%D0%BC%D0%B0-%D0%BA%D0%BE%D0%BC%D0%B8%D1%81%D0%B8%D1%8F-%D0%B7%D0%B0-%D1%80%D0%B0%D0%B7%D1%81%D0%BB%D0%B5%D0%B4%D0%B2/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 59b5e3f2ee98460d0d815072c15c6683f9614e7ebaa614dc104f2ab03ff41b7c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://struma.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-id: fr5-hw-edge-gc17
date: Thu, 30 Nov 2023 07:12:56 GMT
last-modified: Tue, 22 Dec 2015 13:27:30 GMT
server: nginx
etag: "56794fc2-636"
x-cached-since: 2023-11-30T07:12:25+00:00
content-type: image/png
cache-control: max-age=60
cache: HIT
x-id-fe: fr5-hw-edge-gc17
accept-ranges: bytes
content-length: 1590
expires: Thu, 30 Nov 2023 07:13:56 GMT

GET
H2

200

u
n.ads1-adnow.com/
Redirect Chain

https://ads.betweendigital.com/match?bidder_id=44422&callback_url=https%3A%2F%2Fn.ads1-adnow.com%2Fu%3Fdsp_id%3D336%26dsp_uid%3D${USER_ID}
https://ads.betweendigital.com/match?bidder_id=44422&callback_url=https%3A%2F%2Fn.ads1-adnow.com%2Fu%3Fdsp_id%3D336%26dsp_uid%3D${USER_ID}&crf=1&rts=1007359111875194430
https://n.ads1-adnow.com/u?dsp_id=336&dsp_uid=d3fda0e6-7252-524e-838d-272ee6e512d6

119 B
119 B

22ms
22ms

Image
image/png

31.172.81.226
DE-FIRSTCOLO www....

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://n.ads1-adnow.com/u?dsp_id=336&dsp_uid=d3fda0e6-7252-524e-838d-272ee6e512d6
Requested by: Host: struma.bg
URL: https://struma.bg/%D0%BD%D1%81-%D1%80%D0%B5%D1%88%D0%B8-%D0%BD%D1%8F%D0%BC%D0%B0-%D0%B4%D0%B0-%D0%B8%D0%BC%D0%B0-%D0%BA%D0%BE%D0%BC%D0%B8%D1%81%D0%B8%D1%8F-%D0%B7%D0%B0-%D1%80%D0%B0%D0%B7%D1%81%D0%BB%D0%B5%D0%B4%D0%B2/
Protocol: H2
Server: 31.172.81.226 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
Software: nginx/1.10.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://struma.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Nov 2023 07:13:04 GMT
server: nginx/1.10.3
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
content-type: image/png
cache-control: no-cache, no-store
content-length: 119

Redirect headers

location: https://n.ads1-adnow.com/u?dsp_id=336&dsp_uid=d3fda0e6-7252-524e-838d-272ee6e512d6
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0

GET
H2 200 st
n.ads1-adnow.com/ 119 B
119 B 30ms
29ms Image
image/png 31.172.81.226
DE-FIRSTCOLO www....

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://n.ads1-adnow.com/st?d=eyJ0aW1lIjoxNzAxMzI4Mzc2LCJhZG5faWQiOjE3LCJhZHRfaWQiOjE0LCJjb2RlX2lkIjoxMzE0OTIsInNpdGVfaWQiOjgyMDk2LCJzdWJfaWQiOiIiLCJjbnJfY29kZSI6IkRFVSIsImNpdHkiOiIiLCJpc19jYWNoZWQiOjAsImRzcCI6MjUyLCJkc3BfcHJpY2UiOjEzLjc1NTE5NSwiZHNwX3ByaWNlX3VzZCI6MC4xNTQ3NTQsInByaWNlIjoxMy43NTUxOTUsImV4dGVybmFsX2JpZF9wcmljZV91c2QiOjAsImV4dGVybmFsX2JpZF9wcmljZV9ydWIiOjAsImFkdF9mb3JtYXQiOiJudHYtMngyIiwiY29kZV9zaG93X3R5cGUiOiJub3JtYWwiLCJiaWRpZCI6IlNDQi0yNTItc3NwLTRmZDY4M2E5LWIwYzAtMDU1Ny1lYjJiLWViMmItNDAwOWU3YjBlOS1scGt1emtjdi15bCIsImltcGlkIjoiU0NJLTI1Mi0xMzE0OTItbHBrdXprY3ctMWdseCIsImNwYyI6MCwiY3BtIjowLCJ0ZWFzZXJzRGF0YSI6W3siaWFiIjoiSUFCOS0zMCIsInVzZXJuYW1lIjoiMjUyLTY5MDM4In0seyJjcGEiOiJMdWNreSBGZWVkIiwiY3BhX2FjY291bnQiOiJhbmRyaXlldHMuYTVAZ21haWwuY29tIiwiaWFiIjoiSUFCMTItMi0yLTEwIiwidGVhbSI6InRlYW0gYiIsInVzZXJuYW1lIjoiMzE4LWRlZG1hemF5In0seyJjcGEiOiJMdWNreSBGZWVkIiwiY3BhX2FjY291bnQiOiJhbmRyaXlldHMuYTVAZ21haWwuY29tIiwiaWFiIjoiSUFCMTItMi0yLTEwIiwidGVhbSI6InRlYW0gYiIsInVzZXJuYW1lIjoiMzE4LWRlZG1hemF5In0seyJjcGEiOiJMdWNreSBGZWVkIiwiY3BhX2FjY291bnQiOiJhbmRyaXlldHMuYTVAZ21haWwuY29tIiwiaWFiIjoiSUFCMTItMi0yLTEiLCJ0ZWFtIjoidGVhbSBiIiwidXNlcm5hbWUiOiIzMTgtam9yZGFuIn1dfQ&r=19072
Requested by: Host: struma.bg
URL: https://struma.bg/%D0%BD%D1%81-%D1%80%D0%B5%D1%88%D0%B8-%D0%BD%D1%8F%D0%BC%D0%B0-%D0%B4%D0%B0-%D0%B8%D0%BC%D0%B0-%D0%BA%D0%BE%D0%BC%D0%B8%D1%81%D0%B8%D1%8F-%D0%B7%D0%B0-%D1%80%D0%B0%D0%B7%D1%81%D0%BB%D0%B5%D0%B4%D0%B2/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 31.172.81.226 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
Software: nginx/1.10.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://struma.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Nov 2023 07:13:04 GMT
server: nginx/1.10.3
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
content-type: image/png
cache-control: no-cache, no-store
content-length: 119

GET
H2 200 stn
n.ads1-adnow.com/ 119 B
119 B 28ms
27ms Image
image/png 31.172.81.226
DE-FIRSTCOLO www....

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://n.ads1-adnow.com/stn?d=eyJ0aW1lIjoxNzAxMzI4Mzc2LCJhZG5faWQiOjE3LCJhZHRfaWQiOjE0LCJjb2RlX2lkIjoxMzE0OTIsInNpdGVfaWQiOjgyMDk2LCJzdWJfaWQiOiIiLCJjbnJfY29kZSI6IkRFVSIsImNpdHkiOiIiLCJpc19jYWNoZWQiOjAsImRzcCI6MjUyLCJkc3BfcHJpY2UiOjMuNzk4OTMsImRzcF9wcmljZV91c2QiOjAuMDQyNzQsInByaWNlIjozLjc5ODkzLCJleHRlcm5hbF9iaWRfcHJpY2VfdXNkIjowLCJleHRlcm5hbF9iaWRfcHJpY2VfcnViIjowLCJhZHRfZm9ybWF0IjoibnR2LTJ4MiIsImNvZGVfc2hvd190eXBlIjoibm9ybWFsIiwiYmlkaWQiOiJTQ0ItMjUyLXNzcC00ZmQ2ODNhOS1iMGMwLTA1NTctZWIyYi1lYjJiLTQwMDllN2IwZTktbHBrdXprY3YteWwiLCJpbXBpZCI6IlNDSS0yNTItMTMxNDkyLWxwa3V6a2N3LTFnbHgiLCJjcGMiOjAsImNwbSI6MCwidGVhc2Vyc0RhdGEiOlt7ImlhYiI6IklBQjktMzAiLCJ1c2VybmFtZSI6IjI1Mi02OTAzOCJ9XX0&r=34525
Requested by: Host: struma.bg
URL: https://struma.bg/%D0%BD%D1%81-%D1%80%D0%B5%D1%88%D0%B8-%D0%BD%D1%8F%D0%BC%D0%B0-%D0%B4%D0%B0-%D0%B8%D0%BC%D0%B0-%D0%BA%D0%BE%D0%BC%D0%B8%D1%81%D0%B8%D1%8F-%D0%B7%D0%B0-%D1%80%D0%B0%D0%B7%D1%81%D0%BB%D0%B5%D0%B4%D0%B2/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 31.172.81.226 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
Software: nginx/1.10.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://struma.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Nov 2023 07:13:04 GMT
server: nginx/1.10.3
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
content-type: image/png
cache-control: no-cache, no-store
content-length: 119

GET
H/1.1

200
OK

e8e93dde39f8676e35738c9b25deb6ed.png
xamubee.ru/
Redirect Chain

https://l8hdf6dsg4.ru/rtb/impression/1701327600000-160794?nodeId=51&id=46917&imageUrl=https%3A%2F%2Fxamubee.ru%2Fe8e93dde39f8676e35738c9b25deb6ed.png&assetId=2
https://xamubee.ru/e8e93dde39f8676e35738c9b25deb6ed.png

173 KB
173 KB

104ms
48ms

Image
image/png

78.140.179.119
WEBZILLA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xamubee.ru/e8e93dde39f8676e35738c9b25deb6ed.png
Requested by: Host: struma.bg
URL: https://struma.bg/%D0%BD%D1%81-%D1%80%D0%B5%D1%88%D0%B8-%D0%BD%D1%8F%D0%BC%D0%B0-%D0%B4%D0%B0-%D0%B8%D0%BC%D0%B0-%D0%BA%D0%BE%D0%BC%D0%B8%D1%81%D0%B8%D1%8F-%D0%B7%D0%B0-%D1%80%D0%B0%D0%B7%D1%81%D0%BB%D0%B5%D0%B4%D0%B2/
Protocol: HTTP/1.1
Server: 78.140.179.119 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 9d94188d59b26bacfe797ce92087cc1940e26b4b208b02e99652a6a3c6e317df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://struma.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Thu, 30 Nov 2023 07:12:56 GMT
Last-Modified: Fri, 10 Nov 2023 03:28:11 GMT
Server: nginx/1.16.1
ETag: "654da34b-2b302"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 176898

Redirect headers

date: Thu, 30 Nov 2023 07:12:56 GMT
vary: Accept
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
location: https://xamubee.ru/e8e93dde39f8676e35738c9b25deb6ed.png
access-control-allow-credentials: true
connection: close
content-length: 77

GET
H2 200 stn
n.ads1-adnow.com/ 119 B
119 B 23ms
22ms Image
image/png 31.172.81.226
DE-FIRSTCOLO www....

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://n.ads1-adnow.com/stn?d=eyJ0aW1lIjoxNzAxMzI4Mzc2LCJhZG5faWQiOjE3LCJhZHRfaWQiOjE0LCJjb2RlX2lkIjoxMzE0OTIsInNpdGVfaWQiOjgyMDk2LCJzdWJfaWQiOiIiLCJjbnJfY29kZSI6IkRFVSIsImNpdHkiOiIiLCJpc19jYWNoZWQiOjAsImRzcCI6MzE4LCJkc3BfcHJpY2UiOjMuMzE4NzU1LCJkc3BfcHJpY2VfdXNkIjowLjAzNzMzOCwicHJpY2UiOjMuMzE4NzU1LCJleHRlcm5hbF9iaWRfcHJpY2VfdXNkIjowLCJleHRlcm5hbF9iaWRfcHJpY2VfcnViIjowLCJhZHRfZm9ybWF0IjoibnR2LTJ4MiIsImNvZGVfc2hvd190eXBlIjoibm9ybWFsIiwiYmlkaWQiOiJTQ0ItMzE4LXNzcC00ZmQ2ODNhOS1iMGMwLTA1NTctZWIyYi1lYjJiLTQwMDllN2IwZTktbHBrdXprY3YteWwiLCJpbXBpZCI6IlNDSS0zMTgtMTMxNDkyLWxwa3V6a2N3LTFnbHgiLCJjcGMiOjAsImNwbSI6MCwidGVhc2Vyc0RhdGEiOlt7ImNwYSI6Ikx1Y2t5IEZlZWQiLCJjcGFfYWNjb3VudCI6ImFuZHJpeWV0cy5hNUBnbWFpbC5jb20iLCJpYWIiOiJJQUIxMi0yLTItMTAiLCJ0ZWFtIjoidGVhbSBiIiwidXNlcm5hbWUiOiIzMTgtZGVkbWF6YXkifV19&r=81564
Requested by: Host: struma.bg
URL: https://struma.bg/%D0%BD%D1%81-%D1%80%D0%B5%D1%88%D0%B8-%D0%BD%D1%8F%D0%BC%D0%B0-%D0%B4%D0%B0-%D0%B8%D0%BC%D0%B0-%D0%BA%D0%BE%D0%BC%D0%B8%D1%81%D0%B8%D1%8F-%D0%B7%D0%B0-%D1%80%D0%B0%D0%B7%D1%81%D0%BB%D0%B5%D0%B4%D0%B2/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 31.172.81.226 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
Software: nginx/1.10.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://struma.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Nov 2023 07:13:04 GMT
server: nginx/1.10.3
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
content-type: image/png
cache-control: no-cache, no-store
content-length: 119

GET
H2

200

b7bec9791767885a3f512cea81aaae7a.jpg
imgcf1.com/pictures/
Redirect Chain

https://trk-a.com/imp?uid=0a857f69-4b2b-4e85-8e4c-2c49d020c187&params=YWRuX2lkPTE3JmFuaW09MCZhbmltYXRpb249MS4wMDAwMDAmYmlkX2lkPVNDQi0zMTgtc3NwLTRmZDY4M2E5LWIwYzAtMDU1Ny1lYjJiLWViMmItNDAwOWU3YjBlOS1...
https://imgcf1.com/pictures/b7bec9791767885a3f512cea81aaae7a.jpg

679 KB
680 KB

85ms
27ms

Image
image/jpeg

2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imgcf1.com/pictures/b7bec9791767885a3f512cea81aaae7a.jpg
Requested by: Host: struma.bg
URL: https://struma.bg/%D0%BD%D1%81-%D1%80%D0%B5%D1%88%D0%B8-%D0%BD%D1%8F%D0%BC%D0%B0-%D0%B4%D0%B0-%D0%B8%D0%BC%D0%B0-%D0%BA%D0%BE%D0%BC%D0%B8%D1%81%D0%B8%D1%8F-%D0%B7%D0%B0-%D1%80%D0%B0%D0%B7%D1%81%D0%BB%D0%B5%D0%B4%D0%B2/
Protocol: H2
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ff3b5ea3330be7110f303fa5f86b038557e507fdda8b47ab91a98be16b59636c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://struma.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 07:12:56 GMT
cf-cache-status: HIT
last-modified: Thu, 14 Sep 2023 18:38:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2900
etag: "65035316-a9c11"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Tuzb4tZf25FS4SjOo70Oo4bA3%2BO0OI2bQfixIwg2HMbydmXJph7HraSS%2FsmsyG51MYAihYOqSWm6Cqt6w4uBvHCqffCPj2S0zZiECP%2BYTR9OWCtpyCtfAOGLGXus4gbUatkHJQLfTXdU"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 82e148efdd5b5c38-FRA
alt-svc: h3=":443"; ma=86400
content-length: 695313

Redirect headers

location: https://imgcf1.com/pictures/b7bec9791767885a3f512cea81aaae7a.jpg
date: Thu, 30 Nov 2023 07:12:56 GMT
strict-transport-security: max-age=15724800; includeSubDomains
server: openresty/1.15.8.2
content-length: 91
content-type: text/html; charset=utf-8

GET
H2 200 stn
n.ads1-adnow.com/ 119 B
119 B 23ms
23ms Image
image/png 31.172.81.226
DE-FIRSTCOLO www....

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://n.ads1-adnow.com/stn?d=eyJ0aW1lIjoxNzAxMzI4Mzc2LCJhZG5faWQiOjE3LCJhZHRfaWQiOjE0LCJjb2RlX2lkIjoxMzE0OTIsInNpdGVfaWQiOjgyMDk2LCJzdWJfaWQiOiIiLCJjbnJfY29kZSI6IkRFVSIsImNpdHkiOiIiLCJpc19jYWNoZWQiOjAsImRzcCI6MzE4LCJkc3BfcHJpY2UiOjMuMzE4NzU1LCJkc3BfcHJpY2VfdXNkIjowLjAzNzMzOCwicHJpY2UiOjMuMzE4NzU1LCJleHRlcm5hbF9iaWRfcHJpY2VfdXNkIjowLCJleHRlcm5hbF9iaWRfcHJpY2VfcnViIjowLCJhZHRfZm9ybWF0IjoibnR2LTJ4MiIsImNvZGVfc2hvd190eXBlIjoibm9ybWFsIiwiYmlkaWQiOiJTQ0ItMzE4LXNzcC00ZmQ2ODNhOS1iMGMwLTA1NTctZWIyYi1lYjJiLTQwMDllN2IwZTktbHBrdXprY3YteWwiLCJpbXBpZCI6IlNDSS0zMTgtMTMxNDkyLWxwa3V6a2N3LTFnbHgiLCJjcGMiOjAsImNwbSI6MCwidGVhc2Vyc0RhdGEiOlt7ImNwYSI6Ikx1Y2t5IEZlZWQiLCJjcGFfYWNjb3VudCI6ImFuZHJpeWV0cy5hNUBnbWFpbC5jb20iLCJpYWIiOiJJQUIxMi0yLTItMTAiLCJ0ZWFtIjoidGVhbSBiIiwidXNlcm5hbWUiOiIzMTgtZGVkbWF6YXkifV19&r=62140
Requested by: Host: struma.bg
URL: https://struma.bg/%D0%BD%D1%81-%D1%80%D0%B5%D1%88%D0%B8-%D0%BD%D1%8F%D0%BC%D0%B0-%D0%B4%D0%B0-%D0%B8%D0%BC%D0%B0-%D0%BA%D0%BE%D0%BC%D0%B8%D1%81%D0%B8%D1%8F-%D0%B7%D0%B0-%D1%80%D0%B0%D0%B7%D1%81%D0%BB%D0%B5%D0%B4%D0%B2/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 31.172.81.226 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
Software: nginx/1.10.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://struma.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Nov 2023 07:13:04 GMT
server: nginx/1.10.3
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
content-type: image/png
cache-control: no-cache, no-store
content-length: 119

GET
H2

200

c619de1adc82d47959efa129e0a414fc.jpg
imgcf1.com/pictures/
Redirect Chain

https://trk-a.com/imp?uid=0a857f69-4b2b-4e85-8e4c-2c49d020c187&params=YWRuX2lkPTE3JmFuaW09MCZhbmltYXRpb249MS4wMDAwMDAmYmlkX2lkPVNDQi0zMTgtc3NwLTRmZDY4M2E5LWIwYzAtMDU1Ny1lYjJiLWViMmItNDAwOWU3YjBlOS1...
https://imgcf1.com/pictures/c619de1adc82d47959efa129e0a414fc.jpg

311 KB
311 KB

83ms
46ms

Image
image/jpeg

2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imgcf1.com/pictures/c619de1adc82d47959efa129e0a414fc.jpg
Requested by: Host: struma.bg
URL: https://struma.bg/%D0%BD%D1%81-%D1%80%D0%B5%D1%88%D0%B8-%D0%BD%D1%8F%D0%BC%D0%B0-%D0%B4%D0%B0-%D0%B8%D0%BC%D0%B0-%D0%BA%D0%BE%D0%BC%D0%B8%D1%81%D0%B8%D1%8F-%D0%B7%D0%B0-%D1%80%D0%B0%D0%B7%D1%81%D0%BB%D0%B5%D0%B4%D0%B2/
Protocol: H2
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a2cccdf6d1d985c28aa6a2d20bcb2e124e67fa3c189b5d9503c0fcf3bb720fbd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://struma.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 07:12:56 GMT
cf-cache-status: HIT
last-modified: Thu, 14 Sep 2023 18:38:17 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6715
etag: "65035319-4da13"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yDnOiNekUOOSuOwQsXvQ3C0wmKa7bJlSRdJMkQegUzTSBw33oRkzjrDFCSOdztArprYP2bT9kIXQuZHlXMb3b2LUDCkxJr%2Fb7NcQH21P%2F4HWVCZ8rixuNzXyDrdQYN65xjhdnXu1FxcG"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 82e148efdd5d5c38-FRA
alt-svc: h3=":443"; ma=86400
content-length: 317971

Redirect headers

location: https://imgcf1.com/pictures/c619de1adc82d47959efa129e0a414fc.jpg
date: Thu, 30 Nov 2023 07:12:56 GMT
strict-transport-security: max-age=15724800; includeSubDomains
server: openresty/1.15.8.2
content-length: 91
content-type: text/html; charset=utf-8

GET
H2 200 stn
n.ads1-adnow.com/ 119 B
119 B 24ms
23ms Image
image/png 31.172.81.226
DE-FIRSTCOLO www....

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://n.ads1-adnow.com/stn?d=eyJ0aW1lIjoxNzAxMzI4Mzc2LCJhZG5faWQiOjE3LCJhZHRfaWQiOjE0LCJjb2RlX2lkIjoxMzE0OTIsInNpdGVfaWQiOjgyMDk2LCJzdWJfaWQiOiIiLCJjbnJfY29kZSI6IkRFVSIsImNpdHkiOiIiLCJpc19jYWNoZWQiOjAsImRzcCI6MzE4LCJkc3BfcHJpY2UiOjMuMzE4NzU1LCJkc3BfcHJpY2VfdXNkIjowLjAzNzMzOCwicHJpY2UiOjMuMzE4NzU1LCJleHRlcm5hbF9iaWRfcHJpY2VfdXNkIjowLCJleHRlcm5hbF9iaWRfcHJpY2VfcnViIjowLCJhZHRfZm9ybWF0IjoibnR2LTJ4MiIsImNvZGVfc2hvd190eXBlIjoibm9ybWFsIiwiYmlkaWQiOiJTQ0ItMzE4LXNzcC00ZmQ2ODNhOS1iMGMwLTA1NTctZWIyYi1lYjJiLTQwMDllN2IwZTktbHBrdXprY3YteWwiLCJpbXBpZCI6IlNDSS0zMTgtMTMxNDkyLWxwa3V6a2N3LTFnbHgiLCJjcGMiOjAsImNwbSI6MCwidGVhc2Vyc0RhdGEiOlt7ImNwYSI6Ikx1Y2t5IEZlZWQiLCJjcGFfYWNjb3VudCI6ImFuZHJpeWV0cy5hNUBnbWFpbC5jb20iLCJpYWIiOiJJQUIxMi0yLTItMSIsInRlYW0iOiJ0ZWFtIGIiLCJ1c2VybmFtZSI6IjMxOC1qb3JkYW4ifV19&r=13668
Requested by: Host: struma.bg
URL: https://struma.bg/%D0%BD%D1%81-%D1%80%D0%B5%D1%88%D0%B8-%D0%BD%D1%8F%D0%BC%D0%B0-%D0%B4%D0%B0-%D0%B8%D0%BC%D0%B0-%D0%BA%D0%BE%D0%BC%D0%B8%D1%81%D0%B8%D1%8F-%D0%B7%D0%B0-%D1%80%D0%B0%D0%B7%D1%81%D0%BB%D0%B5%D0%B4%D0%B2/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 31.172.81.226 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
Software: nginx/1.10.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://struma.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Nov 2023 07:13:04 GMT
server: nginx/1.10.3
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
content-type: image/png
cache-control: no-cache, no-store
content-length: 119

GET
H2

200

e0df6f77e633c60c6b83568da30e6f56.jpg
imgcf1.com/pictures/
Redirect Chain

https://trk-a.com/imp?uid=0a857f69-4b2b-4e85-8e4c-2c49d020c187&params=YWRuX2lkPTE3JmFuaW09MCZhbmltYXRpb249MS4wMDAwMDAmYmlkX2lkPVNDQi0zMTgtc3NwLTRmZDY4M2E5LWIwYzAtMDU1Ny1lYjJiLWViMmItNDAwOWU3YjBlOS1...
https://imgcf1.com/pictures/e0df6f77e633c60c6b83568da30e6f56.jpg

42 KB
43 KB

81ms
25ms

Image
image/jpeg

2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imgcf1.com/pictures/e0df6f77e633c60c6b83568da30e6f56.jpg
Requested by: Host: struma.bg
URL: https://struma.bg/%D0%BD%D1%81-%D1%80%D0%B5%D1%88%D0%B8-%D0%BD%D1%8F%D0%BC%D0%B0-%D0%B4%D0%B0-%D0%B8%D0%BC%D0%B0-%D0%BA%D0%BE%D0%BC%D0%B8%D1%81%D0%B8%D1%8F-%D0%B7%D0%B0-%D1%80%D0%B0%D0%B7%D1%81%D0%BB%D0%B5%D0%B4%D0%B2/
Protocol: H2
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fb1cd68fd3775a601f45e637325ff3e1df8880ea6d54750fb301354be0651d5f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://struma.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 07:12:56 GMT
cf-cache-status: HIT
last-modified: Thu, 31 Aug 2023 16:55:29 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6715
etag: "64f0c601-a8a5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xVOy0oz5jw0Nteuv4SiF7gJmXdY7%2B61C4KPKNx%2Fv13Eu3prCvIv%2FQlMPW1Ogkb8AHpY9hYxndvKuqwf6mR4ASDcrUhd%2BBX9S63taJacQvdVUX7dVO8opUXWtTD1V%2B9njv%2F1GaIIZwnX1"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 82e148efcd5a5c38-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43173

Redirect headers

location: https://imgcf1.com/pictures/e0df6f77e633c60c6b83568da30e6f56.jpg
date: Thu, 30 Nov 2023 07:12:56 GMT
strict-transport-security: max-age=15724800; includeSubDomains
server: openresty/1.15.8.2
content-length: 91
content-type: text/html; charset=utf-8

GET
H2 200 imptracker
trk-a.com/ 36 B
36 B 67ms
22ms Image
text/plain 116.202.73.72
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://trk-a.com/imptracker?uid=0a857f69-4b2b-4e85-8e4c-2c49d020c187&params=YWRuX2lkPTE3JmFuaW09MCZhbmltYXRpb249MS4wMDAwMDAmYmlkX2lkPVNDQi0zMTgtc3NwLTRmZDY4M2E5LWIwYzAtMDU1Ny1lYjJiLWViMmItNDAwOWU3YjBlOS1scGt1emtjdi15bCZicnV0YWxfcmF0ZT0wJmNfdHlwZT0mY2FtcF9pZD0wJmNwYT1wZWVyY2xpY2smY3JlYXRpdmVfaWQ9MTY4MDk4JmNyZW9fcGFpcj0wLSUzRTk3OTImZGV2aWNlPTImZGV2aWNlX2xhbmc9ZGUmZW5kcG9pbnQ9c3R1YiZlc3ViX2Zvcl9zaG9wPSZnZW89REVVJmlhYj1JQUIxMi0yLTItMTAmaW1nLXVybD1odHRwcyUzQSUyRiUyRmltZ2NmMS5jb20lMkZwaWN0dXJlcyUyRmM2MTlkZTFhZGM4MmQ0Nzk1OWVmYTEyOWUwYTQxNGZjLmpwZyZpbXBfbnVtPTImaW1waXA9MjE3LjExNC4yMTguMjYmaXA9Jm9mZmVyX2lkPTk3OTImcmVmX2JpZF9pZD0mc2V4X3JhdGU9MCZzaG93X2JydXRhbF9yYXRlPTMuMDAwMDAwJnNob3dfc2V4X3JhdGU9Mi4wMDAwMDAmc2l0ZV9pZD04MjA5NiZzaXRlX2xhbmc9Ymcmc3ViYWNjMz10cnVlJnN1YmNhbXBfaWQ9MCZ0YWdfaWQ9MTMxNDkyJnR5cGVfYXBwcm92ZT0xJnVzZXJfaWQ9MCZ1c2VyX3NhZmVfaWQ9

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

116.202.73.72 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.72.73.202.116.clients.your-server.de

Software

openresty/1.15.8.2 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://struma.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 07:12:56 GMT
strict-transport-security: max-age=15724800; includeSubDomains
server: openresty/1.15.8.2
content-length: 36
content-type: text/plain; charset=utf-8

GET
H2 200 imptracker
trk-a.com/ 36 B
36 B 86ms
41ms Image
text/plain 116.202.73.72
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://trk-a.com/imptracker?uid=0a857f69-4b2b-4e85-8e4c-2c49d020c187&params=YWRuX2lkPTE3JmFuaW09MCZhbmltYXRpb249MS4wMDAwMDAmYmlkX2lkPVNDQi0zMTgtc3NwLTRmZDY4M2E5LWIwYzAtMDU1Ny1lYjJiLWViMmItNDAwOWU3YjBlOS1scGt1emtjdi15bCZicnV0YWxfcmF0ZT0wJmNfdHlwZT0mY2FtcF9pZD0wJmNwYT1wZWVyY2xpY2smY3JlYXRpdmVfaWQ9MTY4MjIwJmNyZW9fcGFpcj0wLSUzRTk2ODImZGV2aWNlPTImZGV2aWNlX2xhbmc9ZGUmZW5kcG9pbnQ9c3R1YiZlc3ViX2Zvcl9zaG9wPSZnZW89REVVJmlhYj1JQUIxMi0yLTItMSZpbWctdXJsPWh0dHBzJTNBJTJGJTJGaW1nY2YxLmNvbSUyRnBpY3R1cmVzJTJGZTBkZjZmNzdlNjMzYzYwYzZiODM1NjhkYTMwZTZmNTYuanBnJmltcF9udW09MSZpbXBpcD0yMTcuMTE0LjIxOC4yNiZpcD0mb2ZmZXJfaWQ9OTY4MiZyZWZfYmlkX2lkPSZzZXhfcmF0ZT0yJnNob3dfYnJ1dGFsX3JhdGU9My4wMDAwMDAmc2hvd19zZXhfcmF0ZT0yLjAwMDAwMCZzaXRlX2lkPTgyMDk2JnNpdGVfbGFuZz1iZyZzdWJhY2MzPXRydWUmc3ViY2FtcF9pZD0wJnRhZ19pZD0xMzE0OTImdHlwZV9hcHByb3ZlPTEmdXNlcl9pZD0wJnVzZXJfc2FmZV9pZD0=

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

116.202.73.72 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.72.73.202.116.clients.your-server.de

Software

openresty/1.15.8.2 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://struma.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 07:12:56 GMT
strict-transport-security: max-age=15724800; includeSubDomains
server: openresty/1.15.8.2
content-length: 36
content-type: text/plain; charset=utf-8

GET
H2 200 stv
n.ads1-adnow.com/ 119 B
119 B 49ms
47ms Image
image/png 31.172.81.226
DE-FIRSTCOLO www....

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://n.ads1-adnow.com/stv?d=eyJ0aW1lIjoxNzAxMzI4Mzc2LCJhZG5faWQiOjE3LCJhZHRfaWQiOjE0LCJjb2RlX2lkIjoxMzE0OTIsInNpdGVfaWQiOjgyMDk2LCJzdWJfaWQiOiIiLCJjbnJfY29kZSI6IkRFVSIsImNpdHkiOiIiLCJpc19jYWNoZWQiOjAsImRzcCI6MjUyLCJkc3BfcHJpY2UiOjEzLjc1NTE5NSwiZHNwX3ByaWNlX3VzZCI6MC4xNTQ3NTQsInByaWNlIjoxMy43NTUxOTUsImV4dGVybmFsX2JpZF9wcmljZV91c2QiOjAsImV4dGVybmFsX2JpZF9wcmljZV9ydWIiOjAsImFkdF9mb3JtYXQiOiJudHYtMngyIiwiY29kZV9zaG93X3R5cGUiOiJub3JtYWwiLCJiaWRpZCI6IlNDQi0yNTItc3NwLTRmZDY4M2E5LWIwYzAtMDU1Ny1lYjJiLWViMmItNDAwOWU3YjBlOS1scGt1emtjdi15bCIsImltcGlkIjoiU0NJLTI1Mi0xMzE0OTItbHBrdXprY3ctMWdseCIsImNwYyI6MCwiY3BtIjowLCJ0ZWFzZXJzRGF0YSI6W3siaWFiIjoiSUFCOS0zMCIsInVzZXJuYW1lIjoiMjUyLTY5MDM4In0seyJjcGEiOiJMdWNreSBGZWVkIiwiY3BhX2FjY291bnQiOiJhbmRyaXlldHMuYTVAZ21haWwuY29tIiwiaWFiIjoiSUFCMTItMi0yLTEwIiwidGVhbSI6InRlYW0gYiIsInVzZXJuYW1lIjoiMzE4LWRlZG1hemF5In0seyJjcGEiOiJMdWNreSBGZWVkIiwiY3BhX2FjY291bnQiOiJhbmRyaXlldHMuYTVAZ21haWwuY29tIiwiaWFiIjoiSUFCMTItMi0yLTEwIiwidGVhbSI6InRlYW0gYiIsInVzZXJuYW1lIjoiMzE4LWRlZG1hemF5In0seyJjcGEiOiJMdWNreSBGZWVkIiwiY3BhX2FjY291bnQiOiJhbmRyaXlldHMuYTVAZ21haWwuY29tIiwiaWFiIjoiSUFCMTItMi0yLTEiLCJ0ZWFtIjoidGVhbSBiIiwidXNlcm5hbWUiOiIzMTgtam9yZGFuIn1dfQ&r=22749&showNumV=1
Requested by: Host: struma.bg
URL: https://struma.bg/%D0%BD%D1%81-%D1%80%D0%B5%D1%88%D0%B8-%D0%BD%D1%8F%D0%BC%D0%B0-%D0%B4%D0%B0-%D0%B8%D0%BC%D0%B0-%D0%BA%D0%BE%D0%BC%D0%B8%D1%81%D0%B8%D1%8F-%D0%B7%D0%B0-%D1%80%D0%B0%D0%B7%D1%81%D0%BB%D0%B5%D0%B4%D0%B2/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 31.172.81.226 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
Software: nginx/1.10.3 /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://struma.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Nov 2023 07:13:04 GMT
server: nginx/1.10.3
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
content-type: image/png
cache-control: no-cache, no-store
content-length: 119

GET
H2 200 stnv
n.ads1-adnow.com/ 119 B
119 B 119ms
117ms Image
image/png 31.172.81.226
DE-FIRSTCOLO www....

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://n.ads1-adnow.com/stnv?d=eyJ0aW1lIjoxNzAxMzI4Mzc2LCJhZG5faWQiOjE3LCJhZHRfaWQiOjE0LCJjb2RlX2lkIjoxMzE0OTIsInNpdGVfaWQiOjgyMDk2LCJzdWJfaWQiOiIiLCJjbnJfY29kZSI6IkRFVSIsImNpdHkiOiIiLCJpc19jYWNoZWQiOjAsImRzcCI6MzE4LCJkc3BfcHJpY2UiOjMuMzE4NzU1LCJkc3BfcHJpY2VfdXNkIjowLjAzNzMzOCwicHJpY2UiOjMuMzE4NzU1LCJleHRlcm5hbF9iaWRfcHJpY2VfdXNkIjowLCJleHRlcm5hbF9iaWRfcHJpY2VfcnViIjowLCJhZHRfZm9ybWF0IjoibnR2LTJ4MiIsImNvZGVfc2hvd190eXBlIjoibm9ybWFsIiwiYmlkaWQiOiJTQ0ItMzE4LXNzcC00ZmQ2ODNhOS1iMGMwLTA1NTctZWIyYi1lYjJiLTQwMDllN2IwZTktbHBrdXprY3YteWwiLCJpbXBpZCI6IlNDSS0zMTgtMTMxNDkyLWxwa3V6a2N3LTFnbHgiLCJjcGMiOjAsImNwbSI6MCwidGVhc2Vyc0RhdGEiOlt7ImNwYSI6Ikx1Y2t5IEZlZWQiLCJjcGFfYWNjb3VudCI6ImFuZHJpeWV0cy5hNUBnbWFpbC5jb20iLCJpYWIiOiJJQUIxMi0yLTItMSIsInRlYW0iOiJ0ZWFtIGIiLCJ1c2VybmFtZSI6IjMxOC1qb3JkYW4ifV19&r=90301
Requested by: Host: struma.bg
URL: https://struma.bg/%D0%BD%D1%81-%D1%80%D0%B5%D1%88%D0%B8-%D0%BD%D1%8F%D0%BC%D0%B0-%D0%B4%D0%B0-%D0%B8%D0%BC%D0%B0-%D0%BA%D0%BE%D0%BC%D0%B8%D1%81%D0%B8%D1%8F-%D0%B7%D0%B0-%D1%80%D0%B0%D0%B7%D1%81%D0%BB%D0%B5%D0%B4%D0%B2/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 31.172.81.226 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
Software: nginx/1.10.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://struma.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Nov 2023 07:13:04 GMT
server: nginx/1.10.3
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
content-type: image/png
cache-control: no-cache, no-store
content-length: 119

GET
H2 200 stnv
n.ads1-adnow.com/ 119 B
119 B 23ms
22ms Image
image/png 31.172.81.226
DE-FIRSTCOLO www....

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://n.ads1-adnow.com/stnv?d=eyJ0aW1lIjoxNzAxMzI4Mzc2LCJhZG5faWQiOjE3LCJhZHRfaWQiOjE0LCJjb2RlX2lkIjoxMzE0OTIsInNpdGVfaWQiOjgyMDk2LCJzdWJfaWQiOiIiLCJjbnJfY29kZSI6IkRFVSIsImNpdHkiOiIiLCJpc19jYWNoZWQiOjAsImRzcCI6MzE4LCJkc3BfcHJpY2UiOjMuMzE4NzU1LCJkc3BfcHJpY2VfdXNkIjowLjAzNzMzOCwicHJpY2UiOjMuMzE4NzU1LCJleHRlcm5hbF9iaWRfcHJpY2VfdXNkIjowLCJleHRlcm5hbF9iaWRfcHJpY2VfcnViIjowLCJhZHRfZm9ybWF0IjoibnR2LTJ4MiIsImNvZGVfc2hvd190eXBlIjoibm9ybWFsIiwiYmlkaWQiOiJTQ0ItMzE4LXNzcC00ZmQ2ODNhOS1iMGMwLTA1NTctZWIyYi1lYjJiLTQwMDllN2IwZTktbHBrdXprY3YteWwiLCJpbXBpZCI6IlNDSS0zMTgtMTMxNDkyLWxwa3V6a2N3LTFnbHgiLCJjcGMiOjAsImNwbSI6MCwidGVhc2Vyc0RhdGEiOlt7ImNwYSI6Ikx1Y2t5IEZlZWQiLCJjcGFfYWNjb3VudCI6ImFuZHJpeWV0cy5hNUBnbWFpbC5jb20iLCJpYWIiOiJJQUIxMi0yLTItMTAiLCJ0ZWFtIjoidGVhbSBiIiwidXNlcm5hbWUiOiIzMTgtZGVkbWF6YXkifV19&r=75038
Requested by: Host: struma.bg
URL: https://struma.bg/%D0%BD%D1%81-%D1%80%D0%B5%D1%88%D0%B8-%D0%BD%D1%8F%D0%BC%D0%B0-%D0%B4%D0%B0-%D0%B8%D0%BC%D0%B0-%D0%BA%D0%BE%D0%BC%D0%B8%D1%81%D0%B8%D1%8F-%D0%B7%D0%B0-%D1%80%D0%B0%D0%B7%D1%81%D0%BB%D0%B5%D0%B4%D0%B2/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 31.172.81.226 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
Software: nginx/1.10.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://struma.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Nov 2023 07:13:04 GMT
server: nginx/1.10.3
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
content-type: image/png
cache-control: no-cache, no-store
content-length: 119

GET
H2 200 stnv
n.ads1-adnow.com/ 119 B
119 B 22ms
21ms Image
image/png 31.172.81.226
DE-FIRSTCOLO www....

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://n.ads1-adnow.com/stnv?d=eyJ0aW1lIjoxNzAxMzI4Mzc2LCJhZG5faWQiOjE3LCJhZHRfaWQiOjE0LCJjb2RlX2lkIjoxMzE0OTIsInNpdGVfaWQiOjgyMDk2LCJzdWJfaWQiOiIiLCJjbnJfY29kZSI6IkRFVSIsImNpdHkiOiIiLCJpc19jYWNoZWQiOjAsImRzcCI6MjUyLCJkc3BfcHJpY2UiOjMuNzk4OTMsImRzcF9wcmljZV91c2QiOjAuMDQyNzQsInByaWNlIjozLjc5ODkzLCJleHRlcm5hbF9iaWRfcHJpY2VfdXNkIjowLCJleHRlcm5hbF9iaWRfcHJpY2VfcnViIjowLCJhZHRfZm9ybWF0IjoibnR2LTJ4MiIsImNvZGVfc2hvd190eXBlIjoibm9ybWFsIiwiYmlkaWQiOiJTQ0ItMjUyLXNzcC00ZmQ2ODNhOS1iMGMwLTA1NTctZWIyYi1lYjJiLTQwMDllN2IwZTktbHBrdXprY3YteWwiLCJpbXBpZCI6IlNDSS0yNTItMTMxNDkyLWxwa3V6a2N3LTFnbHgiLCJjcGMiOjAsImNwbSI6MCwidGVhc2Vyc0RhdGEiOlt7ImlhYiI6IklBQjktMzAiLCJ1c2VybmFtZSI6IjI1Mi02OTAzOCJ9XX0&r=30930
Requested by: Host: struma.bg
URL: https://struma.bg/%D0%BD%D1%81-%D1%80%D0%B5%D1%88%D0%B8-%D0%BD%D1%8F%D0%BC%D0%B0-%D0%B4%D0%B0-%D0%B8%D0%BC%D0%B0-%D0%BA%D0%BE%D0%BC%D0%B8%D1%81%D0%B8%D1%8F-%D0%B7%D0%B0-%D1%80%D0%B0%D0%B7%D1%81%D0%BB%D0%B5%D0%B4%D0%B2/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 31.172.81.226 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
Software: nginx/1.10.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://struma.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Nov 2023 07:13:04 GMT
server: nginx/1.10.3
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
content-type: image/png
cache-control: no-cache, no-store
content-length: 119

GET
H2 200 stnv
n.ads1-adnow.com/ 119 B
119 B 77ms
76ms Image
image/png 31.172.81.226
DE-FIRSTCOLO www....

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://n.ads1-adnow.com/stnv?d=eyJ0aW1lIjoxNzAxMzI4Mzc2LCJhZG5faWQiOjE3LCJhZHRfaWQiOjE0LCJjb2RlX2lkIjoxMzE0OTIsInNpdGVfaWQiOjgyMDk2LCJzdWJfaWQiOiIiLCJjbnJfY29kZSI6IkRFVSIsImNpdHkiOiIiLCJpc19jYWNoZWQiOjAsImRzcCI6MzE4LCJkc3BfcHJpY2UiOjMuMzE4NzU1LCJkc3BfcHJpY2VfdXNkIjowLjAzNzMzOCwicHJpY2UiOjMuMzE4NzU1LCJleHRlcm5hbF9iaWRfcHJpY2VfdXNkIjowLCJleHRlcm5hbF9iaWRfcHJpY2VfcnViIjowLCJhZHRfZm9ybWF0IjoibnR2LTJ4MiIsImNvZGVfc2hvd190eXBlIjoibm9ybWFsIiwiYmlkaWQiOiJTQ0ItMzE4LXNzcC00ZmQ2ODNhOS1iMGMwLTA1NTctZWIyYi1lYjJiLTQwMDllN2IwZTktbHBrdXprY3YteWwiLCJpbXBpZCI6IlNDSS0zMTgtMTMxNDkyLWxwa3V6a2N3LTFnbHgiLCJjcGMiOjAsImNwbSI6MCwidGVhc2Vyc0RhdGEiOlt7ImNwYSI6Ikx1Y2t5IEZlZWQiLCJjcGFfYWNjb3VudCI6ImFuZHJpeWV0cy5hNUBnbWFpbC5jb20iLCJpYWIiOiJJQUIxMi0yLTItMTAiLCJ0ZWFtIjoidGVhbSBiIiwidXNlcm5hbWUiOiIzMTgtZGVkbWF6YXkifV19&r=74804
Requested by: Host: struma.bg
URL: https://struma.bg/%D0%BD%D1%81-%D1%80%D0%B5%D1%88%D0%B8-%D0%BD%D1%8F%D0%BC%D0%B0-%D0%B4%D0%B0-%D0%B8%D0%BC%D0%B0-%D0%BA%D0%BE%D0%BC%D0%B8%D1%81%D0%B8%D1%8F-%D0%B7%D0%B0-%D1%80%D0%B0%D0%B7%D1%81%D0%BB%D0%B5%D0%B4%D0%B2/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 31.172.81.226 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
Software: nginx/1.10.3 /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://struma.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Nov 2023 07:13:04 GMT
server: nginx/1.10.3
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
content-type: image/png
cache-control: no-cache, no-store
content-length: 119

GET
H2 200 imptracker
trk-a.com/ 36 B
36 B 65ms
22ms Image
text/plain 116.202.73.72
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://trk-a.com/imptracker?uid=0a857f69-4b2b-4e85-8e4c-2c49d020c187&params=YWRuX2lkPTE3JmFuaW09MCZhbmltYXRpb249MS4wMDAwMDAmYmlkX2lkPVNDQi0zMTgtc3NwLTRmZDY4M2E5LWIwYzAtMDU1Ny1lYjJiLWViMmItNDAwOWU3YjBlOS1scGt1emtjdi15bCZicnV0YWxfcmF0ZT0wJmNfdHlwZT0mY2FtcF9pZD0wJmNwYT1wZWVyY2xpY2smY3JlYXRpdmVfaWQ9MTY4MTAwJmNyZW9fcGFpcj0wLSUzRTk3OTAmZGV2aWNlPTImZGV2aWNlX2xhbmc9ZGUmZW5kcG9pbnQ9c3R1YiZlc3ViX2Zvcl9zaG9wPSZnZW89REVVJmlhYj1JQUIxMi0yLTItMTAmaW1nLXVybD1odHRwcyUzQSUyRiUyRmltZ2NmMS5jb20lMkZwaWN0dXJlcyUyRmI3YmVjOTc5MTc2Nzg4NWEzZjUxMmNlYTgxYWFhZTdhLmpwZyZpbXBfbnVtPTAmaW1waXA9MjE3LjExNC4yMTguMjYmaXA9Jm9mZmVyX2lkPTk3OTAmcmVmX2JpZF9pZD0mc2V4X3JhdGU9MCZzaG93X2JydXRhbF9yYXRlPTMuMDAwMDAwJnNob3dfc2V4X3JhdGU9Mi4wMDAwMDAmc2l0ZV9pZD04MjA5NiZzaXRlX2xhbmc9Ymcmc3ViYWNjMz10cnVlJnN1YmNhbXBfaWQ9MCZ0YWdfaWQ9MTMxNDkyJnR5cGVfYXBwcm92ZT0xJnVzZXJfaWQ9MCZ1c2VyX3NhZmVfaWQ9

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

116.202.73.72 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.72.73.202.116.clients.your-server.de

Software

openresty/1.15.8.2 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://struma.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 07:12:56 GMT
strict-transport-security: max-age=15724800; includeSubDomains
server: openresty/1.15.8.2
content-length: 36
content-type: text/plain; charset=utf-8

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 7C1A 2 KB
2 KB 19ms
19ms Image
image/png 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 20:04:28 GMT
x-content-type-options: nosniff
age: 212908
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Mon, 04 Dec 2023 20:04:28 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 7C1A 15 KB
15 KB 20ms
19ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 23:26:56 GMT
x-content-type-options: nosniff
age: 546360
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 22 Nov 2024 23:26:56 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 7C1A 15 KB
15 KB 26ms
25ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 21:01:27 GMT
x-content-type-options: nosniff
age: 36689
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 28 Nov 2024 21:01:27 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame 7C1A 102 B
135 B 29ms
29ms Other
text/javascript 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=-QbJqHfGOUB8nuVRLvzFLVed

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

f3706dd9e175fdadc2a564238f1ddc64afea19e67aefd5b922f33040d5f94540

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LckjIcUAAAAABhBn78wLQqK_K4srbDs5rQTxiZN&co=aHR0cHM6Ly9zdHJ1bWEuYmc6NDQz&hl=de&v=-QbJqHfGOUB8nuVRLvzFLVed&size=invisible&cb=lzbc8n65zmw4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 07:12:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Thu, 30 Nov 2023 07:12:56 GMT

GET
H2 200 /
c.adskeeper.com/pv/ 43 B
137 B 46ms
37ms Image
image/gif 2606:4700:4400::ac40:986a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.adskeeper.com/pv/?lu=https%3A%2F%2Fstruma.bg%2F%25D0%25BD%25D1%2581-%25D1%2580%25D0%25B5%25D1%2588%25D0%25B8-%25D0%25BD%25D1%258F%25D0%25BC%25D0%25B0-%25D0%25B4%25D0%25B0-%25D0%25B8%25D0%25BC%25D0%25B0-%25D0%25BA%25D0%25BE%25D0%25BC%25D0%25B8%25D1%2581%25D0%25B8%25D1%258F-%25D0%25B7%25D0%25B0-%25D1%2580%25D0%25B0%25D0%25B7%25D1%2581%25D0%25BB%25D0%25B5%25D0%25B4%25D0%25B2%2F&cbuster=1701328376217199147317&pvid=18c1f12d140a46cb003&implVersion=11&cxurl=https%3A%2F%2Fstruma.bg%2F%25d0%25bd%25d1%2581-%25d1%2580%25d0%25b5%25d1%2588%25d0%25b8-%25d0%25bd%25d1%258f%25d0%25bc%25d0%25b0-%25d0%25b4%25d0%25b0-%25d0%25b8%25d0%25bc%25d0%25b0-%25d0%25ba%25d0%25be%25d0%25bc%25d0%25b8%25d1%2581%25d0%25b8%25d1%258f-%25d0%25b7%25d0%25b0-%25d1%2580%25d0%25b0%25d0%25b7%25d1%2581%25d0%25bb%25d0%25b5%25d0%25b4%25d0%25b2%2F&site=713334&i=1&scum=%3F0&scuw=%3F0
Requested by: Host: struma.bg
URL: https://struma.bg/%D0%BD%D1%81-%D1%80%D0%B5%D1%88%D0%B8-%D0%BD%D1%8F%D0%BC%D0%B0-%D0%B4%D0%B0-%D0%B8%D0%BC%D0%B0-%D0%BA%D0%BE%D0%BC%D0%B8%D1%81%D0%B8%D1%8F-%D0%B7%D0%B0-%D1%80%D0%B0%D0%B7%D1%81%D0%BB%D0%B5%D0%B4%D0%B2/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:986a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://struma.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 07:12:56 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 82e148ef7bab1e5b-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
content-type: image/gif

GET
H2 200 bg-1490x300.webp
lp.cleverwebserver.com/betano/de/sports/sports_de/imgs/ Frame 317C 40 KB
40 KB 33ms
33ms Image
binary/octet-stream 2606:4700:4400::ac40:919c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lp.cleverwebserver.com/betano/de/sports/sports_de/imgs/bg-1490x300.webp?v=33
Requested by: Host: lp.cleverwebserver.com
URL: https://lp.cleverwebserver.com/betano/de/sports/sports_de/widescreen.html??id=773737&group=47482&tracker=aHR0cHM6Ly9nbWwtZ3JwLmNvbS9DLmFzaHg%2FYnRhZz1hXzgyNmJfMjkzMWNfJmFmZmlkPTQzMSZzaXRlaWQ9ODI2JmFkaWQ9MjkzMSZjPUpTQUJORVZQVkJEQUFERQ%3D%3D&ref=aHR0cHM6Ly9zdHJ1bWEuYmcvJUQwJUJEJUQxJTgxLSVEMSU4MCVEMCVCNSVEMSU4OCVEMCVCOC0lRDAlQkQlRDElOEYlRDAlQkMlRDAlQjAtJUQwJUI0JUQwJUIwLSVEMCVCOCVEMCVCQyVEMCVCMC0lRDAlQkElRDAlQkUlRDAlQkMlRDAlQjglRDElODElRDAlQjglRDElOEYtJUQwJUI3JUQwJUIwLSVEMSU4MCVEMCVCMCVEMCVCNyVEMSU4MSVEMCVCQiVEMCVCNSVEMCVCNCVEMCVCMi8%3D&r=262631074
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:919c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a3ba5c932fea0dd2015bf65c241445b86fe14a0d6ba863f65f6f5585afbe1733

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lp.cleverwebserver.com/betano/de/sports/sports_de/widescreen.html??id=773737&group=47482&tracker=aHR0cHM6Ly9nbWwtZ3JwLmNvbS9DLmFzaHg%2FYnRhZz1hXzgyNmJfMjkzMWNfJmFmZmlkPTQzMSZzaXRlaWQ9ODI2JmFkaWQ9MjkzMSZjPUpTQUJORVZQVkJEQUFERQ%3D%3D&ref=aHR0cHM6Ly9zdHJ1bWEuYmcvJUQwJUJEJUQxJTgxLSVEMSU4MCVEMCVCNSVEMSU4OCVEMCVCOC0lRDAlQkQlRDElOEYlRDAlQkMlRDAlQjAtJUQwJUI0JUQwJUIwLSVEMCVCOCVEMCVCQyVEMCVCMC0lRDAlQkElRDAlQkUlRDAlQkMlRDAlQjglRDElODElRDAlQjglRDElOEYtJUQwJUI3JUQwJUIwLSVEMSU4MCVEMCVCMCVEMCVCNyVEMSU4MSVEMCVCQiVEMCVCNSVEMCVCNCVEMCVCMi8%3D&r=262631074
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 07:12:56 GMT
cf-cache-status: HIT
last-modified: Tue, 28 Nov 2023 10:57:18 GMT
server: cloudflare
x-amz-request-id: J8EQCBQJZZ9V6D8S
age: 27718
etag: "36d580ed1582db1c3722787924fc00d3"
vary: Accept-Encoding
content-type: binary/octet-stream
cache-control: public, max-age=28800
accept-ranges: bytes
cf-ray: 82e148efd8789131-FRA
content-length: 41072
x-amz-id-2: 65S7f7DN4fLkLtVKi7odd16pwszt+DKHX2lQEtcP6JoIAooag36ju/d+3F1cp4naOOHxey0YMtw=
expires: Thu, 30 Nov 2023 15:12:56 GMT

GET
H2 200 rocket-loader.min.js Show response
lp.cleverwebserver.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ Frame 317C 12 KB
4 KB 22ms
22ms Script
application/javascript 2606:4700:4400::ac40:919c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://lp.cleverwebserver.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: lp.cleverwebserver.com
URL: https://lp.cleverwebserver.com/betano/de/sports/sports_de/widescreen.html??id=773737&group=47482&tracker=aHR0cHM6Ly9nbWwtZ3JwLmNvbS9DLmFzaHg%2FYnRhZz1hXzgyNmJfMjkzMWNfJmFmZmlkPTQzMSZzaXRlaWQ9ODI2JmFkaWQ9MjkzMSZjPUpTQUJORVZQVkJEQUFERQ%3D%3D&ref=aHR0cHM6Ly9zdHJ1bWEuYmcvJUQwJUJEJUQxJTgxLSVEMSU4MCVEMCVCNSVEMSU4OCVEMCVCOC0lRDAlQkQlRDElOEYlRDAlQkMlRDAlQjAtJUQwJUI0JUQwJUIwLSVEMCVCOCVEMCVCQyVEMCVCMC0lRDAlQkElRDAlQkUlRDAlQkMlRDAlQjglRDElODElRDAlQjglRDElOEYtJUQwJUI3JUQwJUIwLSVEMSU4MCVEMCVCMCVEMCVCNyVEMSU4MSVEMCVCQiVEMCVCNSVEMCVCNCVEMCVCMi8%3D&r=262631074

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:919c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lp.cleverwebserver.com/betano/de/sports/sports_de/widescreen.html??id=773737&group=47482&tracker=aHR0cHM6Ly9nbWwtZ3JwLmNvbS9DLmFzaHg%2FYnRhZz1hXzgyNmJfMjkzMWNfJmFmZmlkPTQzMSZzaXRlaWQ9ODI2JmFkaWQ9MjkzMSZjPUpTQUJORVZQVkJEQUFERQ%3D%3D&ref=aHR0cHM6Ly9zdHJ1bWEuYmcvJUQwJUJEJUQxJTgxLSVEMSU4MCVEMCVCNSVEMSU4OCVEMCVCOC0lRDAlQkQlRDElOEYlRDAlQkMlRDAlQjAtJUQwJUI0JUQwJUIwLSVEMCVCOCVEMCVCQyVEMCVCMC0lRDAlQkElRDAlQkUlRDAlQkMlRDAlQjglRDElODElRDAlQjglRDElOEYtJUQwJUI3JUQwJUIwLSVEMSU4MCVEMCVCMCVEMCVCNyVEMSU4MSVEMCVCQiVEMCVCNSVEMCVCNCVEMCVCMi8%3D&r=262631074
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 07:12:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 27 Nov 2023 12:56:30 GMT
server: cloudflare
etag: W/"656491fe-302c"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 82e148efd8799131-FRA
expires: Sat, 02 Dec 2023 07:12:56 GMT

GET
H2 200 css
fonts.googleapis.com/ 69 KB
4 KB 35ms
35ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.FaYPuRweqII.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMwlLW_mylTS11_htG8IL16Oj6Xnrw/m=web_iab_tcf_v2_wall_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c4cb7ee295b14fe670ced1e8271273041990ca3d5af39accf8e960c227148eab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://struma.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 30 Nov 2023 07:12:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 30 Nov 2023 07:12:56 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 30 Nov 2023 07:12:56 GMT

GET
H2 200 WsugEl6-TuhfWlgv771FSF8xgiqJmAxuEftIRjNnlzuR1R8RId1lRs3NcgiBUQa39FTnW8CgFVuoyiME8YGQgm0gbPPOO6quNewqFvQuNOOTE6C__apLVw=h60
lh3.googleusercontent.com/ 4 KB
5 KB 64ms
19ms Image
image/jpeg 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/WsugEl6-TuhfWlgv771FSF8xgiqJmAxuEftIRjNnlzuR1R8RId1lRs3NcgiBUQa39FTnW8CgFVuoyiME8YGQgm0gbPPOO6quNewqFvQuNOOTE6C__apLVw=h60

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

8f10e6183c86db37064020c73bbea51bcf15f13747883fb643173ae33a33ca27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://struma.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 03:39:13 GMT
x-content-type-options: nosniff
age: 12823
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4561
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Fri, 01 Dec 2023 03:39:13 GMT

GET
H2 204 track.gif
scnd-tr.com/ 0
88 B 98ms
28ms Image
text/plain 88.208.41.101
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scnd-tr.com/track.gif?a=configurable_perf1&b=650&c=841&d=216&e=66&f=&g=ssp-4fd683a9-b0c0-0557-eb2b-eb2b-4009e7b0e9&h=131492
Requested by: Host: struma.bg
URL: https://struma.bg/%D0%BD%D1%81-%D1%80%D0%B5%D1%88%D0%B8-%D0%BD%D1%8F%D0%BC%D0%B0-%D0%B4%D0%B0-%D0%B8%D0%BC%D0%B0-%D0%BA%D0%BE%D0%BC%D0%B8%D1%81%D0%B8%D1%8F-%D0%B7%D0%B0-%D1%80%D0%B0%D0%B7%D1%81%D0%BB%D0%B5%D0%B4%D0%B2/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 88.208.41.101 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://struma.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-origin: *
x-upstream: 192.168.11.101:8085
date: Thu, 30 Nov 2023 07:12:56 GMT
server: nginx

GET
H3 200 flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v140/ 125 KB
125 KB 21ms
21ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/materialicons/v140/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://struma.bg/
Origin: https://struma.bg
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 20:08:20 GMT
x-content-type-options: nosniff
age: 471876
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 128352
x-xss-protection: 0
last-modified: Tue, 07 Mar 2023 19:51:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 23 Nov 2024 20:08:20 GMT

POST
H3 204 AGSKWxWkvLCJ1h9AWEziBNiSKmi5C58xpgWAt3JYZczrfRkgHVojCto1_5q594OMVhrPVPlt3Oxtv7CnQ9vCDUnvi4BzQ6RrjelwrmZXrgr3J9EEh2UV0kfT4IILu-HTHgW3sAsM1ZKvvg== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 70ms
31ms XHR
text/html 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWkvLCJ1h9AWEziBNiSKmi5C58xpgWAt3JYZczrfRkgHVojCto1_5q594OMVhrPVPlt3Oxtv7CnQ9vCDUnvi4BzQ6RrjelwrmZXrgr3J9EEh2UV0kfT4IILu-HTHgW3sAsM1ZKvvg==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-c5B7gVZVd4soLsl8xlXl-A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://struma.bg/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 30 Nov 2023 07:12:56 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-c5B7gVZVd4soLsl8xlXl-A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://struma.bg
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 clever-core-other.js Show response
lp.cleverwebserver.com/ Frame 317C 1 KB
846 B 39ms
38ms Script
text/javascript 2606:4700:4400::ac40:919c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lp.cleverwebserver.com/clever-core-other.js?v=33
Requested by: Host: lp.cleverwebserver.com
URL: https://lp.cleverwebserver.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:919c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2a5e290f330a473df29695496b8d33d379cb2b17686b63f9356bb23e07f7bd86

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lp.cleverwebserver.com/betano/de/sports/sports_de/widescreen.html??id=773737&group=47482&tracker=aHR0cHM6Ly9nbWwtZ3JwLmNvbS9DLmFzaHg%2FYnRhZz1hXzgyNmJfMjkzMWNfJmFmZmlkPTQzMSZzaXRlaWQ9ODI2JmFkaWQ9MjkzMSZjPUpTQUJORVZQVkJEQUFERQ%3D%3D&ref=aHR0cHM6Ly9zdHJ1bWEuYmcvJUQwJUJEJUQxJTgxLSVEMSU4MCVEMCVCNSVEMSU4OCVEMCVCOC0lRDAlQkQlRDElOEYlRDAlQkMlRDAlQjAtJUQwJUI0JUQwJUIwLSVEMCVCOCVEMCVCQyVEMCVCMC0lRDAlQkElRDAlQkUlRDAlQkMlRDAlQjglRDElODElRDAlQjglRDElOEYtJUQwJUI3JUQwJUIwLSVEMSU4MCVEMCVCMCVEMCVCNyVEMSU4MSVEMCVCQiVEMCVCNSVEMCVCNCVEMCVCMi8%3D&r=262631074
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 07:12:56 GMT
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: 0MSRDFTHN77GZ2XC
age: 20457
cf-polished: origSize=1799
x-amz-id-2: NzZ2RfsF3msNFjsDvtyHylJlNh4sgLY4tPaS7Lmd7eMwNcX/FvPzm+EJ12yPPgBcSvYN+5Gsrno=
cf-bgj: minify
last-modified: Wed, 29 Nov 2023 18:23:15 GMT
server: cloudflare
etag: W/"e5be82211892c5a612ab8274562f1ef2"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=28800
cf-ray: 82e148f078f89131-FRA
expires: Thu, 30 Nov 2023 15:12:56 GMT

GET
H3 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v36/ 47 KB
47 KB 21ms
20ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://struma.bg
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 14:29:28 GMT
x-content-type-options: nosniff
age: 492208
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48432
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 00:40:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 23 Nov 2024 14:29:28 GMT

GET
H3 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSumu1aB.woff2
fonts.gstatic.com/s/opensans/v36/ 26 KB
26 KB 28ms
28ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSumu1aB.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a1f50e52a7fda97827e6e3d2cd3bb2788a68a78296728fa2592be8e89d54b5b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://struma.bg
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 17:10:37 GMT
x-content-type-options: nosniff
age: 50539
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26640
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 01:00:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 28 Nov 2024 17:10:37 GMT

GET
H3 200 4iCs6KVjbNBYlgoKfw72.woff2
fonts.gstatic.com/s/ubuntu/v20/ 34 KB
34 KB 30ms
29ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ubuntu/v20/4iCs6KVjbNBYlgoKfw72.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7f653b3ce9d3277457fc6da4edb246ae2f6c913f088c42dcb8cd2e96267aa21a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://struma.bg
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 17:54:07 GMT
x-content-type-options: nosniff
age: 393529
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34852
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:31:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 24 Nov 2024 17:54:07 GMT

GET
H3 200 4iCs6KVjbNBYlgoKew72j00.woff2
fonts.gstatic.com/s/ubuntu/v20/ 20 KB
20 KB 33ms
33ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ubuntu/v20/4iCs6KVjbNBYlgoKew72j00.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f1400c92345dcd9dbf746acab2c60e8580aa959473e9e56c8772cadcf7734b76

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://struma.bg
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 23:28:11 GMT
x-content-type-options: nosniff
age: 459885
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20860
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:15:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 23 Nov 2024 23:28:11 GMT

GET
H2

200

index.html Show response
promos.betano.de/willkommenspaket/ Frame 8C3A
Redirect Chain

https://gml-grp.com/C.ashx?btag=a_826b_2931c_&affid=431&siteid=826&adid=2931&c=JSABNEVPVBDAADE
https://gml-grp.com/C.ashx?btag=a_826b_2931c_&affid=431&siteid=826&adid=2931&c=JSABNEVPVBDAADE&AutoR=1
https://promos.betano.de/willkommenspaket/index.html?btag=a_826b_2931c_JSABNEVPVBDAADE&utm_medium=431&utm_source=2&siteid=826

12 KB
4 KB

132ms
72ms

Document
text/html

2606:4700:4400::6812:24ac
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://promos.betano.de/willkommenspaket/index.html?btag=a_826b_2931c_JSABNEVPVBDAADE&utm_medium=431&utm_source=2&siteid=826

Requested by

Host: lp.cleverwebserver.com
URL: https://lp.cleverwebserver.com/clever-core-other.js?v=33

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:24ac , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

329d5731cf31f3c11606e20207942d0434d3fef9a4f7fcd4fb2130b99408847d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://lp.cleverwebserver.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
age: 75461
cache-control: public, max-age=900, immutable
cf-cache-status: DYNAMIC
cf-ray: 82e148f28a263a61-FRA
content-encoding: gzip
content-md5: uFN4f36vMGzzhOrcv8TbsA==
content-type: text/html; charset=utf-8
date: Thu, 30 Nov 2023 07:12:56 GMT
last-modified: Wed, 22 Nov 2023 09:55:40 GMT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-ms-blob-type: BlockBlob
x-ms-lease-state: available
x-ms-lease-status: unlocked
x-ms-request-id: 25723b6d-201e-0016-13ac-22e4d5000000
x-ms-version: 2014-02-14

Redirect headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cache-control: private
cf-cache-status: DYNAMIC
cf-ray: 82e148f1d8beb92c-AMS
content-type: text/html; charset=utf-8
date: Thu, 30 Nov 2023 07:12:56 GMT
location: https://promos.betano.de/willkommenspaket/index.html?btag=a_826b_2931c_JSABNEVPVBDAADE&utm_medium=431&utm_source=2&siteid=826
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r0hpN14wjlyF8lPVAkCei6HWe6EFp%2FTdSUWrnV5DliqBgGuoXhohG2NSAbANh2oPPCPCCtvQGqrvw9lfZxk3%2F7%2F1HsEDqGSXAs0RzP%2Fi%2Fej9g1QmTYyQhOZSMVizzVtXZ6dFIDolo8mueQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-aspnet-version: 4.0.30319
x-aspnetmvc-version: 5.2
x-powered-by: ASP.NET
x-xss-protection: 1; mode=block

GET
BLOB 206
Partial Content 830fa2e2-59a4-4e35-86cb-6e6cb981b050
https://struma.bg/ 1 KB
0 Media
video/mp4

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://struma.bg/830fa2e2-59a4-4e35-86cb-6e6cb981b050
Requested by: Host: struma.bg
URL: https://struma.bg/%D0%BD%D1%81-%D1%80%D0%B5%D1%88%D0%B8-%D0%BD%D1%8F%D0%BC%D0%B0-%D0%B4%D0%B0-%D0%B8%D0%BC%D0%B0-%D0%BA%D0%BE%D0%BC%D0%B8%D1%81%D0%B8%D1%8F-%D0%B7%D0%B0-%D1%80%D0%B0%D0%B7%D1%81%D0%BB%D0%B5%D0%B4%D0%B2/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Range: bytes=0-

Response headers

Content-Range: bytes 0-1492/1493
Content-Length: 1493
Content-Type: video/mp4

GET
BLOB 206
Partial Content 74dec279-e3a7-467c-baf1-c763c5ed1d89
https://struma.bg/ 1 KB
0 Media
video/mp4

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://struma.bg/74dec279-e3a7-467c-baf1-c763c5ed1d89
Requested by: Host: struma.bg
URL: https://struma.bg/%D0%BD%D1%81-%D1%80%D0%B5%D1%88%D0%B8-%D0%BD%D1%8F%D0%BC%D0%B0-%D0%B4%D0%B0-%D0%B8%D0%BC%D0%B0-%D0%BA%D0%BE%D0%BC%D0%B8%D1%81%D0%B8%D1%8F-%D0%B7%D0%B0-%D1%80%D0%B0%D0%B7%D1%81%D0%BB%D0%B5%D0%B4%D0%B2/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Range: bytes=0-

Response headers

Content-Range: bytes 0-1492/1493
Content-Length: 1493
Content-Type: video/mp4

GET
H2 200 mgid_ua.svg
cdn.mgid.com/images/mgid/ 2 KB
1 KB 62ms
31ms Image
image/svg+xml 2606:4700:1::6813:854c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.mgid.com/images/mgid/mgid_ua.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:1::6813:854c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

70d5c4de881e718d0b7638959680ba86722d44eecbe4058d20dd77b8d0d97155

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://struma.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 07:12:56 GMT
x-amz-version-id: null
content-encoding: br
cf-cache-status: HIT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: 7WA8KCPZQAH2PZWF
age: 1134
alt-svc: h3=":443"; ma=86400
x-amz-id-2: kvsl6VAtvv8F+gGXdpAiyvfQuhCDH+KlU7RL7b7YoKk7lVyumbVObA9AuUZ0mYRKwhyRYqcQ4e0=
last-modified: Tue, 08 Mar 2022 17:05:01 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1646759091/ctime:1646759091/gid:0/gname:root/md5:617c205137825561208ef7c1a2d8f319/mode:33206/mtime:1646759091/uid:0/uname:root
etag: W/"617c205137825561208ef7c1a2d8f319"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-ray: 82e148f1585a35e0-FRA
expires: Fri, 01 Dec 2023 07:12:56 GMT

GET
H2 200 Adchoices.svg
cdn.mgid.com/images/logos/ 836 B
889 B 61ms
30ms Image
image/svg+xml 2606:4700:1::6813:854c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.mgid.com/images/logos/Adchoices.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:1::6813:854c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://struma.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 07:12:56 GMT
x-amz-version-id: null
content-encoding: br
cf-cache-status: HIT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: JYXHPFNPTFG828JN
age: 999
alt-svc: h3=":443"; ma=86400
x-amz-id-2: VptEv1ZMU7ImCI/FAzjgbTI+mStZGMF9ar/dySu++XICtqRjsiQc3kjbKJ2EJ8ArgX5QaYg5tyw=
last-modified: Wed, 17 Feb 2021 18:15:53 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1613585745/ctime:1613585745/gid:0/gname:root/md5:7d59364b7ed2df3f02507c9f92560df9/mode:33206/mtime:1613585745/uid:0/uname:root
etag: W/"7d59364b7ed2df3f02507c9f92560df9"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-ray: 82e148f1585b35e0-FRA
expires: Fri, 01 Dec 2023 07:12:56 GMT

GET
H2 200 adskeeper_svg.svg
cdn.adskeeper.co.uk/images/ 4 KB
1 KB 75ms
27ms Image
image/svg+xml 2606:4700:4400::ac40:98bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.adskeeper.co.uk/images/adskeeper_svg.svg
Requested by: Host: struma.bg
URL: https://struma.bg/%D0%BD%D1%81-%D1%80%D0%B5%D1%88%D0%B8-%D0%BD%D1%8F%D0%BC%D0%B0-%D0%B4%D0%B0-%D0%B8%D0%BC%D0%B0-%D0%BA%D0%BE%D0%BC%D0%B8%D1%81%D0%B8%D1%8F-%D0%B7%D0%B0-%D1%80%D0%B0%D0%B7%D1%81%D0%BB%D0%B5%D0%B4%D0%B2/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:98bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3c1798ee0e6e7de78f91bb457e6670385951caea9fc9c97295ca303ec6fe49be

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://struma.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 07:12:56 GMT
x-amz-version-id: null
content-encoding: gzip
cf-cache-status: HIT
x-amz-request-id: KHWSKQJR8BH1ZA8W
age: 1089
alt-svc: h3=":443"; ma=86400
x-amz-id-2: cby9xsgDLHQTlxDR4m48uoyR6qS8ziozW3PHiE1WC35oWTV8YspQKl1d0w9LileWPMSU7OlpeIk=
last-modified: Tue, 08 Dec 2020 08:34:59 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1607416491/ctime:1607416491/gid:0/gname:root/md5:93f6d1136fb77e38a0a2c72108588f09/mode:33206/mtime:1607416491/uid:0/uname:root
etag: W/"93f6d1136fb77e38a0a2c72108588f09"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=14400
cf-ray: 82e148f17ac28ff4-FRA
expires: Thu, 30 Nov 2023 11:12:56 GMT

POST
H3 200 reload Show response
www.google.com/recaptcha/api2/ Frame 7C1A 34 KB
20 KB 64ms
64ms XHR
application/json 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/reload?k=6LckjIcUAAAAABhBn78wLQqK_K4srbDs5rQTxiZN

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

191105d9bb6dcd1260c8a35f8a9968b44dab4480659e68f1f6a04f4128e82575

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LckjIcUAAAAABhBn78wLQqK_K4srbDs5rQTxiZN&co=aHR0cHM6Ly9zdHJ1bWEuYmc6NDQz&hl=de&v=-QbJqHfGOUB8nuVRLvzFLVed&size=invisible&cb=lzbc8n65zmw4
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: application/x-protobuffer

Response headers

date: Thu, 30 Nov 2023 07:12:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: private, max-age=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Thu, 30 Nov 2023 07:12:56 GMT

GET
H2 200 1 Show response
servicer.mgid.com/1290783/ 5 KB
2 KB 96ms
79ms Script
application/x-javascript 2606:4700:1::6813:854c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://servicer.mgid.com/1290783/1?tcfV2=1&mp4=1&ap=1&w=747&h=280&sz=179x220&szp=1,2,3,4&szl=1,2,3,4&cols=4&sessionId=656835f8-16ac8&sessionPage=1&sessionNumberWeek=1&sessionNumber=1&lu=https%3A%2F%2Fstruma.bg%2F%25D0%25BD%25D1%2581-%25D1%2580%25D0%25B5%25D1%2588%25D0%25B8-%25D0%25BD%25D1%258F%25D0%25BC%25D0%25B0-%25D0%25B4%25D0%25B0-%25D0%25B8%25D0%25BC%25D0%25B0-%25D0%25BA%25D0%25BE%25D0%25BC%25D0%25B8%25D1%2581%25D0%25B8%25D1%258F-%25D0%25B7%25D0%25B0-%25D1%2580%25D0%25B0%25D0%25B7%25D1%2581%25D0%25BB%25D0%25B5%25D0%25B4%25D0%25B2%2F&cbuster=1701328376548536513728&pvid=18c1f12d140a46cb003&implVersion=11&cxurl=https%3A%2F%2Fstruma.bg%2F%25d0%25bd%25d1%2581-%25d1%2580%25d0%25b5%25d1%2588%25d0%25b8-%25d0%25bd%25d1%258f%25d0%25bc%25d0%25b0-%25d0%25b4%25d0%25b0-%25d0%25b8%25d0%25bc%25d0%25b0-%25d0%25ba%25d0%25be%25d0%25bc%25d0%25b8%25d1%2581%25d0%25b8%25d1%258f-%25d0%25b7%25d0%25b0-%25d1%2580%25d0%25b0%25d0%25b7%25d1%2581%25d0%25bb%25d0%25b5%25d0%25b4%25d0%25b2%2F&scum=%3F0&scuw=%3F0&uniqId=01b91&niet=4g&nisd=false&pv=5&lct=1701043200&jsv=es6&pageView=1&dpr=1&ref=&tfre=1136

Requested by

Host: jsc.mgid.com
URL: https://jsc.mgid.com/s/t/struma.bg.1290783.es6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:1::6813:854c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e166bdc1895abd9162be7a466cc14be1b7703525409ea71e1c9a19dc99ba2bd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://struma.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 07:12:56 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 82e148f1989135e0-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 1 Show response
servicer.adskeeper.com/1136859/ 5 KB
2 KB 81ms
71ms Script
application/x-javascript 2606:4700:4400::ac40:986a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://servicer.adskeeper.com/1136859/1?tcfV2=1&mp4=1&ap=1&w=747&h=231&sz=177x188&szp=1,2,3,4&szl=1,2,3,4&cols=4&sessionId=656835f8-16ac8&sessionPage=1&sessionNumberWeek=1&sessionNumber=1&lu=https%3A%2F%2Fstruma.bg%2F%25D0%25BD%25D1%2581-%25D1%2580%25D0%25B5%25D1%2588%25D0%25B8-%25D0%25BD%25D1%258F%25D0%25BC%25D0%25B0-%25D0%25B4%25D0%25B0-%25D0%25B8%25D0%25BC%25D0%25B0-%25D0%25BA%25D0%25BE%25D0%25BC%25D0%25B8%25D1%2581%25D0%25B8%25D1%258F-%25D0%25B7%25D0%25B0-%25D1%2580%25D0%25B0%25D0%25B7%25D1%2581%25D0%25BB%25D0%25B5%25D0%25B4%25D0%25B2%2F&cbuster=1701328376549304174117&pvid=18c1f12d140a46cb003&implVersion=11&cxurl=https%3A%2F%2Fstruma.bg%2F%25d0%25bd%25d1%2581-%25d1%2580%25d0%25b5%25d1%2588%25d0%25b8-%25d0%25bd%25d1%258f%25d0%25bc%25d0%25b0-%25d0%25b4%25d0%25b0-%25d0%25b8%25d0%25bc%25d0%25b0-%25d0%25ba%25d0%25be%25d0%25bc%25d0%25b8%25d1%2581%25d0%25b8%25d1%258f-%25d0%25b7%25d0%25b0-%25d1%2580%25d0%25b0%25d0%25b7%25d1%2581%25d0%25bb%25d0%25b5%25d0%25b4%25d0%25b2%2F&scum=%3F0&scuw=%3F0&uniqId=17994&childs=1271993&niet=4g&nisd=false&pv=5&lct=1701043200&jsv=es6&pageView=1&dpr=1&ref=&tfre=1137
Requested by: Host: jsc.adskeeper.com
URL: https://jsc.adskeeper.com/s/t/struma.bg.1136859.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:986a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1c8164e40df8196fb3c93781e337ff7b73230d361c5056d6efe90a77f993ae66

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://struma.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 07:12:56 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 82e148f18e1e1e5b-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIzLTExLzcyNTMwMC85NTgyN...
s-img.adskeeper.com/g/17901133/492x328/-/ 14 KB
14 KB 90ms
32ms Image
image/webp 2606:4700:4400::6812:2396
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.adskeeper.com/g/17901133/492x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIzLTExLzcyNTMwMC85NTgyNjE1Yjk1MTYyMTViMzFlY2FkMGRiZTcwYjdmOS5qcGc.webp?v=1701328376-PVbjgc1erqHm8K1IuC_BgaqnT-NMQ7IMA531dJ06FY4
Requested by: Host: struma.bg
URL: https://struma.bg/%D0%BD%D1%81-%D1%80%D0%B5%D1%88%D0%B8-%D0%BD%D1%8F%D0%BC%D0%B0-%D0%B4%D0%B0-%D0%B8%D0%BC%D0%B0-%D0%BA%D0%BE%D0%BC%D0%B8%D1%81%D0%B8%D1%8F-%D0%B7%D0%B0-%D1%80%D0%B0%D0%B7%D1%81%D0%BB%D0%B5%D0%B4%D0%B2/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2396 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0786aed711548e78f13e219e44e492712e89fb2d8b079c35124cccb7fe1e14da

Request headers

Referer: https://struma.bg/
Origin: https://struma.bg
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 07:12:56 GMT
cf-cache-status: HIT
last-modified: Wed, 29 Nov 2023 17:28:42 GMT
x-mg-request-uuid: 6fa8ea44-504e-4665-81c7-b53fe55f2f94
server: cloudflare
age: 49454
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex
cf-ray: 82e148f26ab11d94-FRA
content-length: 14270
alt-svc: h3=":443"; ma=86400

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIzLTAxLzM2OTQwMy8wZTYyN...
s-img.adskeeper.com/g/15653118/492x328/-/ 14 KB
14 KB 91ms
34ms Image
image/webp 2606:4700:4400::6812:2396
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.adskeeper.com/g/15653118/492x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIzLTAxLzM2OTQwMy8wZTYyNjM0ODA2ODFkNThkYzYxNjU3MTZmZWU3OGE1Yy5qcGVn.webp?v=1701328376-yoy-YhObQghPuqvuLVZRg1Zwg8l6d1mGCiNRZeJ9qPQ
Requested by: Host: struma.bg
URL: https://struma.bg/%D0%BD%D1%81-%D1%80%D0%B5%D1%88%D0%B8-%D0%BD%D1%8F%D0%BC%D0%B0-%D0%B4%D0%B0-%D0%B8%D0%BC%D0%B0-%D0%BA%D0%BE%D0%BC%D0%B8%D1%81%D0%B8%D1%8F-%D0%B7%D0%B0-%D1%80%D0%B0%D0%B7%D1%81%D0%BB%D0%B5%D0%B4%D0%B2/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2396 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ef6b7c1e7045717cf74ba6b60a4bcf7886999cc0a0a7ce6c11d3cd627ab5ae93

Request headers

Referer: https://struma.bg/
Origin: https://struma.bg
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 07:12:56 GMT
cf-cache-status: HIT
last-modified: Thu, 16 Mar 2023 15:02:17 GMT
x-mg-request-uuid: 20ff0af6-a01a-4d0d-b183-813adec46a73
server: cloudflare
age: 1819038
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex
cf-ray: 82e148f26ab01d94-FRA
content-length: 14154
alt-svc: h3=":443"; ma=86400

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIzLTA1LzM2NjkwNC83YmRkY...
s-img.adskeeper.com/g/16853267/492x328/-/ 12 KB
13 KB 87ms
29ms Image
image/webp 2606:4700:4400::6812:2396
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.adskeeper.com/g/16853267/492x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIzLTA1LzM2NjkwNC83YmRkYThhYzk1OGMxZWM2OWQ2Y2ZhNDVhYmQ0NmRmYy5wbmc.webp?v=1701328376--W8XdyEXSeE25MBx4H0mYtcQTrzKpIKsZu75V5bSJoQ
Requested by: Host: struma.bg
URL: https://struma.bg/%D0%BD%D1%81-%D1%80%D0%B5%D1%88%D0%B8-%D0%BD%D1%8F%D0%BC%D0%B0-%D0%B4%D0%B0-%D0%B8%D0%BC%D0%B0-%D0%BA%D0%BE%D0%BC%D0%B8%D1%81%D0%B8%D1%8F-%D0%B7%D0%B0-%D1%80%D0%B0%D0%B7%D1%81%D0%BB%D0%B5%D0%B4%D0%B2/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2396 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 441066fc4e80d18432943778ba2930fa98304ad18f842ea1d9a97fc84cf841f7

Request headers

Referer: https://struma.bg/
Origin: https://struma.bg
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 07:12:56 GMT
cf-cache-status: HIT
last-modified: Wed, 02 Aug 2023 17:42:17 GMT
x-mg-request-uuid: 8c7c9f51-64f5-4253-b66b-b91a2f7d8f77
server: cloudflare
age: 1658468
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex
cf-ray: 82e148f26aae1d94-FRA
content-length: 12520
alt-svc: h3=":443"; ma=86400

GET
H2 206 b2254f0a29054e5d325e332d1004c905.mp4
cl.imghosts.com/imgh/video/upload/ar_3:2,c_fill,w_680/videos/t/2023-11/348419/ 239 KB
239 KB 100ms
49ms Media
video/mp4 2606:4700:4400::ac40:9281
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cl.imghosts.com/imgh/video/upload/ar_3:2,c_fill,w_680/videos/t/2023-11/348419/b2254f0a29054e5d325e332d1004c905.mp4?v=1701328376-JGmK76EBr85neDCOrJuNHi8RWok44ZISiZM4t1NcvyY

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9281 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7401836307ac55f837cf952e5309a1dcd7bd5340538b473e65e8ba9aeb8d5fd9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://struma.bg/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Range: bytes=0-

Response headers

date: Thu, 30 Nov 2023 07:12:56 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2690
Content-Range: bytes 0-244523/244524
server-timing: cld-cloudflare;mitm=c;dur=214;start=2023-11-30T04:06:35.213Z;desc=miss,content-info;desc="width=680,height=452,abps=116440,fps=30.0,du=2.1,vc="h264",bytes=244524,owidth=1000,oheight=666,oabps=291987,ofps=30.0,odu=2.1,ovc="h264",obytes=613173,oformat="mp4";";cloudinary;dur=112;start=2023-11-30T04:06:35.275Z
alt-svc: h3=":443"; ma=86400
Content-Length: 244524
last-modified: Thu, 23 Nov 2023 11:24:24 GMT
server: cloudflare
etag: "7fc3e47431d42ea8fc311ce14f186e1c"
vary: Accept-Encoding
content-type: video/mp4;codecs=avc1
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,Vary,x-content-type-options
cache-control: public, max-age=31536000, no-transform, immutable
timing-allow-origin: *
x-robots-tag: noindex
cf-ray: 82e148f25f532bc9-FRA

GET
H2 200 i.js Show response
cm.adskeeper.com/ 0
103 B 156ms
147ms Script
application/javascript 2606:4700:4400::ac40:986a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.adskeeper.com/i.js?cbuster=1701328376648548318992
Requested by: Host: jsc.adskeeper.com
URL: https://jsc.adskeeper.com/s/t/struma.bg.1136859.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:986a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://struma.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Nov 2023 07:12:56 GMT
cf-cache-status: DYNAMIC
server: cloudflare
content-type: application/javascript
cache-control: no-store, no-cache, must-revalidate, max-age=0
cf-ray: 82e148f22f001e5b-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMy0xMS83MjUzMDAvOTU4M...
s-img.mgid.com/g/17901133/492x277/-/ 11 KB
11 KB 81ms
33ms Image
image/webp 2606:4700:1::6813:814c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s-img.mgid.com/g/17901133/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMy0xMS83MjUzMDAvOTU4MjYxNWI5NTE2MjE1YjMxZWNhZDBkYmU3MGI3ZjkuanBn.webp?v=1701328376-FuLbP8_Q3TD4XzbL1jUQZd1qA6zSQH5JFWnSpaR5i3c

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:1::6813:814c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8bf131131c83dbeae0a94ad54705f24e60d0351889c741864b84b94161244e10

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://struma.bg/
Origin: https://struma.bg
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 07:12:56 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
x-mg-request-uuid: 7649bb2b-03b6-4977-bc66-60e654edfe67
age: 49220
alt-svc: h3=":443"; ma=86400
content-length: 11390
last-modified: Wed, 29 Nov 2023 17:29:11 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex
cf-ray: 82e148f26cc59bca-FRA

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMy0wMS8zNjk0MDMvMGU2M...
s-img.mgid.com/g/15653118/492x277/-/ 13 KB
14 KB 77ms
30ms Image
image/webp 2606:4700:1::6813:814c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s-img.mgid.com/g/15653118/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMy0wMS8zNjk0MDMvMGU2MjYzNDgwNjgxZDU4ZGM2MTY1NzE2ZmVlNzhhNWMuanBlZw.webp?v=1701328376-oTg8dH0Z4UsFdJRjbXKP77X5aHkdQXc7hbT6acOF2Qg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:1::6813:814c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0cdf7ea3b474c0386095c61755691af8545e472b38686666ef5f9854eb1180bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://struma.bg/
Origin: https://struma.bg
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 07:12:56 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
x-mg-request-uuid: 0907940b-ca73-4b9a-afc9-764113bcd547
age: 2428536
alt-svc: h3=":443"; ma=86400
content-length: 13368
last-modified: Thu, 16 Mar 2023 15:16:39 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex
cf-ray: 82e148f26cc49bca-FRA

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMy0wNS8zNjY5MDQvN2JkZ...
s-img.mgid.com/g/16853267/492x277/-/ 11 KB
12 KB 78ms
31ms Image
image/webp 2606:4700:1::6813:814c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s-img.mgid.com/g/16853267/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMy0wNS8zNjY5MDQvN2JkZGE4YWM5NThjMWVjNjlkNmNmYTQ1YWJkNDZkZmMucG5n.webp?v=1701328376-9VcRUzhXPZN-G6EURB26dw0-BjE2I3dCncQ7l1058UE

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:1::6813:814c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

02d8d8d1d3f164722d3aae632d7f0847fa5e99e1f0bc0442043779016dc2f500

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://struma.bg/
Origin: https://struma.bg
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 07:12:56 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
x-mg-request-uuid: dab2c6b5-884e-4c26-b736-3b3a2db9c016
age: 1742124
alt-svc: h3=":443"; ma=86400
content-length: 11512
last-modified: Wed, 02 Aug 2023 15:12:46 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex
cf-ray: 82e148f26cc79bca-FRA

GET
H2 200 pwt.js Show response
ads.pubmatic.com/AdServer/js/pwt/161673/7165/ 207 KB
63 KB 89ms
21ms Script
application/javascript 184.30.16.195
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/pwt/161673/7165/pwt.js
Requested by: Host: jsc.adskeeper.com
URL: https://jsc.adskeeper.com/s/t/struma.bg.1136859.es6.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.16.195 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-16-195.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: a9f959272120a8fe9fc940b8df6a07a9e6c79d9b72773d62878e82fcd1c51951

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://struma.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 07:12:56 GMT
content-encoding: gzip
last-modified: Sat, 29 Apr 2023 00:55:21 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=52074
accept-ranges: bytes
content-length: 63913
expires: Thu, 30 Nov 2023 21:40:50 GMT

GET
H2 206 382807a63802a06b08a3659468d0f84b.mp4
cl.imghosts.com/imgh/video/upload/ar_16:9,c_fill,w_680/videos/t/2022-11/369403/ 592 KB
593 KB 64ms
28ms Media
video/mp4 2606:4700:4400::ac40:9281
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cl.imghosts.com/imgh/video/upload/ar_16:9,c_fill,w_680/videos/t/2022-11/369403/382807a63802a06b08a3659468d0f84b.mp4?v=1701328376-0job09egm1pQE-VFCG1HX9NlGE7B_uuBWZrxZtzI_Fs

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9281 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

07acb32729e17bc7cdd9f0496c1c24dd12dfc2d51da123a9d9d65cbd4f2d76e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://struma.bg/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Range: bytes=0-

Response headers

date: Thu, 30 Nov 2023 07:12:56 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 17686
Content-Range: bytes 0-606340/606341
server-timing: cld-cloudflare;mitm=c;dur=154;start=2023-11-29T05:58:18.647Z;desc=miss,content-info;desc="width=680,height=382,abps=82227,fps=29.97,du=7.374,vc="h264",bytes=606341;";cloudinary;dur=130;start=2023-11-29T05:58:18.666Z
alt-svc: h3=":443"; ma=86400
Content-Length: 606341
last-modified: Tue, 17 Oct 2023 07:20:28 GMT
server: cloudflare
etag: "65b89ae40d96954f8cc22083122fe009"
vary: Accept-Encoding
content-type: video/mp4;codecs=avc1
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,Vary,x-content-type-options
cache-control: public, max-age=31536000, no-transform, immutable
timing-allow-origin: *
x-robots-tag: noindex
cf-ray: 82e148f25f552bc9-FRA

GET
H2 200 id5-api.js Show response
cdn.id5-sync.com/api/1.0/ 151 KB
33 KB 92ms
32ms Script
text/javascript 2606:4700:10::ac43:266a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/id5-api.js

Requested by

Host: jsc.mgid.com
URL: https://jsc.mgid.com/s/t/struma.bg.1290783.es6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:266a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7571db16348512fc55b35102ce3699733cf0882f4b4fb3e652fa8db700c07fb5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://struma.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 07:12:56 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 28 Nov 2023 11:19:25 GMT
server: cloudflare
x-amz-request-id: 6K7SZ4BDX1CX3S23
age: 3425
etag: W/"53159e4ae3ffbda2ff6c0204350035be"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 82e148f2fa7c2c39-FRA
x-amz-id-2: UGOPpC2npzZL2XTpk/afLnrjxcP/IvfpzaHlqqz33cLNUEMUWJSFHlEOGHpNjhumHipqITwuBBC9eR9BViYKbA==

GET
H2 200 r4JQVZETZTeQtnzawJh5s2Wbw6I.js Show response
promos.betano.de/cdn-cgi/apps/head/ Frame 8C3A 4 KB
2 KB 44ms
43ms Script
application/javascript 2606:4700:4400::6812:24ac
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://promos.betano.de/cdn-cgi/apps/head/r4JQVZETZTeQtnzawJh5s2Wbw6I.js

Requested by

Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_826b_2931c_JSABNEVPVBDAADE&utm_medium=431&utm_source=2&siteid=826

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:24ac , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

78882a11de1f82194b521c7a3729eec430b5e5487a978fd8b1059b7adfe8231a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/willkommenspaket/index.html?btag=a_826b_2931c_JSABNEVPVBDAADE&utm_medium=431&utm_source=2&siteid=826
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 07:12:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amz-version-id: Zh4UFBp5SiovjzqdpTjNO2bLSPAo829H
cf-cache-status: HIT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: FHJTSV9GKE97WC3E
age: 14
content-length: 1344
x-amz-id-2: xDtCXEvrhivE6UjhcLXI5hvfHPJ5NAzYWeo60fkQ/ZE0dEJqXXr5c1QTVI8SccbFqOBW52ZIrWc=
last-modified: Mon, 16 Oct 2023 09:23:56 GMT
server: cloudflare
etag: "30cf280ac36d10da9b831b91729cc23c"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 82e148f31ab03a61-FRA
expires: Fri, 29 Nov 2024 07:12:56 GMT

GET
H2 200 jquery-3.4.1.min.js Show response
code.jquery.com/ Frame 8C3A 86 KB
30 KB 76ms
19ms Script
application/javascript 2a04:4e42:600::649
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.4.1.min.js
Requested by: Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_826b_2931c_JSABNEVPVBDAADE&utm_medium=431&utm_source=2&siteid=826
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:600::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 07:12:56 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 6526177
x-cache: HIT, HIT
content-length: 30638
x-served-by: cache-lga21965-LGA, cache-fra-eddf8230088-FRA
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
x-timer: S1701328377.871662,VS0,VE0
etag: W/"28feccc0-15851"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=604800
accept-ranges: bytes
x-cache-hits: 454, 743

GET
H2 200 slick.min.js Show response
cdn.jsdelivr.net/npm/slick-carousel@1.8.1/slick/ Frame 8C3A 42 KB
11 KB 78ms
31ms Script
application/javascript 2606:4700::6810:5714
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/slick-carousel@1.8.1/slick/slick.min.js

Requested by

Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_826b_2931c_JSABNEVPVBDAADE&utm_medium=431&utm_source=2&siteid=826

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 07:12:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1816728
x-jsd-version: 1.8.1
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230032-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"a76f-O0GzvJVmhQFaNHoiOOcdsp36Dbs"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GceNpq2QuzCNtWFOHE4t3IkkRoyb3R3jm78MIX%2BtJIKhF9spBVedj3ALnJ8vTgMnHZiVscKRrNi0KEOB0tIkua4WFRG0TNv%2FiRBmwJNbDUQF30V3LUVDJfyr4E4xeWwcv3kM0iUTMz25%2F%2Fr4LA4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 82e148f36a7f37ca-FRA

GET
H2 200 Init.js Show response
promos.betano.de/willkommenspaket/ Frame 8C3A 2 KB
943 B 52ms
51ms Script
application/javascript 2606:4700:4400::6812:24ac
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://promos.betano.de/willkommenspaket/Init.js

Requested by

Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_826b_2931c_JSABNEVPVBDAADE&utm_medium=431&utm_source=2&siteid=826

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:24ac , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d776482d5387dd66a3354637a3ddf5261dc6f35298b1e67d3f25ddefd5154d66

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/willkommenspaket/index.html?btag=a_826b_2931c_JSABNEVPVBDAADE&utm_medium=431&utm_source=2&siteid=826
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 30 Nov 2023 07:12:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=15552000; includeSubDomains; preload
age: 147
content-md5: MU2fLrkr53Ix09vSPFEwZA==
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Wed, 22 Nov 2023 09:55:41 GMT
server: cloudflare
etag: W/"0x8DBEB412FE1A984"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-ms-request-id: 7713a2d6-e01e-0054-3b2e-1d5d55000000
cache-control: public, max-age=900
x-ms-version: 2014-02-14
cf-ray: 82e148f31ab13a61-FRA
expires: Thu, 30 Nov 2023 07:27:56 GMT

GET
H2 200 Landing.js Show response
promos.betano.de/willkommenspaket/ Frame 8C3A 614 B
404 B 83ms
82ms Script
application/javascript 2606:4700:4400::6812:24ac
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://promos.betano.de/willkommenspaket/Landing.js

Requested by

Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_826b_2931c_JSABNEVPVBDAADE&utm_medium=431&utm_source=2&siteid=826

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:24ac , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8f88d265d4f543754bfda9de4c9549fc41754bfbe3d9e2fb58011aa9d5f8a929

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/willkommenspaket/index.html?btag=a_826b_2931c_JSABNEVPVBDAADE&utm_medium=431&utm_source=2&siteid=826
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 30 Nov 2023 07:12:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=15552000; includeSubDomains; preload
age: 435
content-md5: IVOxqm2c5AfGSPYura3A9A==
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Wed, 22 Nov 2023 09:55:41 GMT
server: cloudflare
etag: W/"0x8DBEB412FED1990"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-ms-request-id: 1712304a-701e-0069-5d2e-1d2b4e000000
cache-control: public, max-age=900
x-ms-version: 2014-02-14
cf-ray: 82e148f31ab33a61-FRA
expires: Thu, 30 Nov 2023 07:27:56 GMT

GET
H2 200 custom.js Show response
promos.betano.de/ Frame 8C3A 8 KB
3 KB 59ms
58ms Script
application/javascript 2606:4700:4400::6812:24ac
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://promos.betano.de/custom.js

Requested by

Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_826b_2931c_JSABNEVPVBDAADE&utm_medium=431&utm_source=2&siteid=826

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:24ac , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6b16426ca00785ca2b259d4305d99b2e6e89a17cc9fa6af3aaa72ec7b16d587f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/willkommenspaket/index.html?btag=a_826b_2931c_JSABNEVPVBDAADE&utm_medium=431&utm_source=2&siteid=826
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 30 Nov 2023 07:12:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=15552000; includeSubDomains; preload
age: 435
content-md5: IACfhqsuxFK5etAGqh7MRA==
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Fri, 20 Oct 2023 08:33:32 GMT
server: cloudflare
etag: W/"0x8DBD1473EA630C7"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 87b77d8e-401e-003f-36e2-11daa1000000
cache-control: public, max-age=300
x-ms-version: 2014-02-14
cf-ray: 82e148f31ab43a61-FRA
expires: Thu, 30 Nov 2023 07:17:56 GMT

GET
H2 200 tagline.png
promos.betano.de/willkommenspaket/ Frame 8C3A 219 KB
220 KB 62ms
62ms Image
image/png 2606:4700:4400::6812:24ac
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://promos.betano.de/willkommenspaket/tagline.png

Requested by

Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_826b_2931c_JSABNEVPVBDAADE&utm_medium=431&utm_source=2&siteid=826

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:24ac , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7987ed9a45cb8609048c1f88719a037c46d30d4b7101473326d12e5767a2aa7d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/willkommenspaket/index.html?btag=a_826b_2931c_JSABNEVPVBDAADE&utm_medium=431&utm_source=2&siteid=826
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 30 Nov 2023 07:12:56 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: 2k9YU1t/lIEgNgYbwdE88A==
age: 147
content-length: 224661
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Wed, 22 Nov 2023 09:55:41 GMT
server: cloudflare
etag: "0x8DBEB412FFF665B"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: 7713a2c7-e01e-0054-342e-1d5d55000000
cache-control: public, max-age=900
x-ms-version: 2014-02-14
accept-ranges: bytes
cf-ray: 82e148f31ab53a61-FRA
expires: Thu, 30 Nov 2023 07:27:56 GMT

GET
H2 404 Rectangle.svg
promos.betano.de/willkommenspaket/ Frame 8C3A 215 B
215 B 55ms
54ms Image
application/xml 2606:4700:4400::6812:24ac
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://promos.betano.de/willkommenspaket/Rectangle.svg

Requested by

Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_826b_2931c_JSABNEVPVBDAADE&utm_medium=431&utm_source=2&siteid=826

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:24ac , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

351fa8afb88d904594dbf5f1bb46b2cefe46e2ade4a5cb156ad27e0912c70149

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/willkommenspaket/index.html?btag=a_826b_2931c_JSABNEVPVBDAADE&utm_medium=431&utm_source=2&siteid=826
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 07:12:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains; preload
age: 74
vary: Accept-Encoding
content-type: application/xml
access-control-allow-origin: *
x-ms-request-id: 265ee0ae-d01e-0060-755c-236e9d000000
cache-control: public, max-age=300
x-ms-version: 2014-02-14
cf-ray: 82e148f31ab63a61-FRA
expires: Thu, 30 Nov 2023 07:17:56 GMT

GET
H2 404 bullet.svg
promos.betano.de/willkommenspaket/ Frame 8C3A 215 B
215 B 54ms
54ms Image
application/xml 2606:4700:4400::6812:24ac
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://promos.betano.de/willkommenspaket/bullet.svg

Requested by

Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_826b_2931c_JSABNEVPVBDAADE&utm_medium=431&utm_source=2&siteid=826

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:24ac , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

45c3fd1dddb49f5a2d28f93bc49a1cf05111308523e706be17bf580fd6bc54e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/willkommenspaket/index.html?btag=a_826b_2931c_JSABNEVPVBDAADE&utm_medium=431&utm_source=2&siteid=826
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 07:12:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains; preload
age: 121
vary: Accept-Encoding
content-type: application/xml
access-control-allow-origin: *
x-ms-request-id: 37828764-d01e-003d-285c-236419000000
cache-control: public, max-age=300
x-ms-version: 2014-02-14
cf-ray: 82e148f37b1d3a61-FRA
expires: Thu, 30 Nov 2023 07:17:56 GMT

GET
H2 404 banner1.png
promos.betano.de/willkommenspaket/ Frame 8C3A 215 B
215 B 60ms
59ms Image
application/xml 2606:4700:4400::6812:24ac
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://promos.betano.de/willkommenspaket/banner1.png

Requested by

Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_826b_2931c_JSABNEVPVBDAADE&utm_medium=431&utm_source=2&siteid=826

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:24ac , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

66d6134ba78aa696138e20379d5d29b84786209296632af931db7d4631380f7b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/willkommenspaket/index.html?btag=a_826b_2931c_JSABNEVPVBDAADE&utm_medium=431&utm_source=2&siteid=826
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 07:12:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains; preload
age: 120
vary: Accept-Encoding
content-type: application/xml
access-control-allow-origin: *
x-ms-request-id: 665b620f-e01e-0044-0f5c-23983d000000
cache-control: public, max-age=300
x-ms-version: 2014-02-14
cf-ray: 82e148f3ab553a61-FRA
expires: Thu, 30 Nov 2023 07:17:56 GMT

GET
H2 404 banner2.png
promos.betano.de/willkommenspaket/ Frame 8C3A 215 B
215 B 78ms
77ms Image
application/xml 2606:4700:4400::6812:24ac
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://promos.betano.de/willkommenspaket/banner2.png

Requested by

Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_826b_2931c_JSABNEVPVBDAADE&utm_medium=431&utm_source=2&siteid=826

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:24ac , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ab21096ad8f1ce28d2c108481bbe13b6e342d0558548447114cc7d80345d1ff5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/willkommenspaket/index.html?btag=a_826b_2931c_JSABNEVPVBDAADE&utm_medium=431&utm_source=2&siteid=826
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 07:12:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains; preload
age: 120
vary: Accept-Encoding
content-type: application/xml
access-control-allow-origin: *
x-ms-request-id: 28c1502f-d01e-0070-5b5c-23abf5000000
cache-control: public, max-age=300
x-ms-version: 2014-02-14
cf-ray: 82e148f3ab573a61-FRA
expires: Thu, 30 Nov 2023 07:17:56 GMT

GET
H2 404 banner3.png
promos.betano.de/willkommenspaket/ Frame 8C3A 215 B
215 B 61ms
60ms Image
application/xml 2606:4700:4400::6812:24ac
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://promos.betano.de/willkommenspaket/banner3.png

Requested by

Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_826b_2931c_JSABNEVPVBDAADE&utm_medium=431&utm_source=2&siteid=826

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:24ac , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0a5f94941f29c7f9ee9e9bcb9b324b23c49faf39f55f49a0e80bf81189297adc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/willkommenspaket/index.html?btag=a_826b_2931c_JSABNEVPVBDAADE&utm_medium=431&utm_source=2&siteid=826
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 07:12:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains; preload
age: 121
vary: Accept-Encoding
content-type: application/xml
access-control-allow-origin: *
x-ms-request-id: 252e7e4e-e01e-0026-215c-235a1a000000
cache-control: public, max-age=300
x-ms-version: 2014-02-14
cf-ray: 82e148f3bb583a61-FRA
expires: Thu, 30 Nov 2023 07:17:56 GMT

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ Frame 8C3A 389 KB
114 KB 29ms
29ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MN2KPC6

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e916edafcd04a5cbfa0f4c08439665ee5b5524d2185c9bd76d265bb22729d614

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 07:12:56 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 116528
x-xss-protection: 0
last-modified: Thu, 30 Nov 2023 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 30 Nov 2023 07:12:56 GMT

GET
H2 200 tags.js Show response
dd.betano.de/ Frame 8C3A 147 KB
27 KB 122ms
20ms Script
text/javascript 52.222.236.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dd.betano.de/tags.js

Requested by

Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_826b_2931c_JSABNEVPVBDAADE&utm_medium=431&utm_source=2&siteid=826

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.18 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-18.fra56.r.cloudfront.net

Software

Apache /

Resource Hash

c54140eac6df64b97abf9bf21e88910bac89ddc973d871fcd33dca119b8b4c24

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: gzip
via: 1.1 10f3c0984ab3eaba3e5720ed830a77b6.cloudfront.net (CloudFront)
date: Thu, 30 Nov 2023 06:45:52 GMT
x-amz-cf-pop: FRA56-P4
age: 1628
x-cache: Hit from cloudfront
content-length: 27331
last-modified: Wed, 29 Nov 2023 13:37:06 GMT
server: Apache
etag: "24cd6-60b4aa18fa3ca-gzip"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=3600, public
accept-ranges: bytes
x-amz-cf-id: PLegunXsO2yTSpMum7pdbfsh3BgtoYofR8jLFwEDIRNZLKewnheVdA==
expires: Thu, 30 Nov 2023 07:45:49 GMT

GET
H2 404 Rectangle.svg
promos.betano.de/willkommenspaket/ Frame 8C3A 215 B
215 B 47ms
47ms Image
application/xml 2606:4700:4400::6812:24ac
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://promos.betano.de/willkommenspaket/Rectangle.svg

Requested by

Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_826b_2931c_JSABNEVPVBDAADE&utm_medium=431&utm_source=2&siteid=826

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:24ac , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

351fa8afb88d904594dbf5f1bb46b2cefe46e2ade4a5cb156ad27e0912c70149

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/willkommenspaket/index.html?btag=a_826b_2931c_JSABNEVPVBDAADE&utm_medium=431&utm_source=2&siteid=826
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 07:12:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains; preload
age: 74
vary: Accept-Encoding
content-type: application/xml
access-control-allow-origin: *
x-ms-request-id: 265ee0ae-d01e-0060-755c-236e9d000000
cache-control: public, max-age=300
x-ms-version: 2014-02-14
cf-ray: 82e148f3bb593a61-FRA
expires: Thu, 30 Nov 2023 07:17:56 GMT

GET
H3 200 ns.html Show response
www.googletagmanager.com/ Frame 8F04 690 B
344 B 28ms
28ms Document
text/html 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/ns.html?id=GTM-MN2KPC6

Requested by

Host: promos.betano.de
URL: https://promos.betano.de/custom.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4857c221597211a7cf32ce246c4237a835909e361d9e87faa9c87e281f47a085

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://promos.betano.de/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, must-revalidate
content-encoding: br
content-length: 322
content-type: text/html; charset=UTF-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 30 Nov 2023 07:12:56 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
vary: *
x-xss-protection: 0

GET
H2

200

main.js Show response
promos.betano.de/cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/ Frame 39B1
Redirect Chain

https://promos.betano.de/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://promos.betano.de/cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/main.js

7 KB
4 KB

27ms
27ms

Script
application/javascript

2606:4700:4400::6812:24ac
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://promos.betano.de/cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/main.js

Requested by

Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_826b_2931c_JSABNEVPVBDAADE&utm_medium=431&utm_source=2&siteid=826

Protocol

Server

2606:4700:4400::6812:24ac , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7f937584df6a9df7d04071ad69f59b673f4299c6a6bd028cbe7590a47d76f95e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 07:12:56 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
content-encoding: gzip
server: cloudflare
vary: accept-encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 82e148f3fbb73a61-FRA

Redirect headers

date: Thu, 30 Nov 2023 07:12:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains; preload
server: cloudflare
vary: accept-encoding
access-control-allow-origin: *
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/main.js
cache-control: max-age=300, public
cf-ray: 82e148f3bb633a61-FRA

GET
H2 200 css-betano.css
landingpages.kaizengaming.com/layout/ Frame 8C3A 266 B
584 B 87ms
35ms Stylesheet
text/css 2606:4700:4400::ac40:934d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://landingpages.kaizengaming.com/layout/css-betano.css
Requested by: Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.4.1.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1bcda979c82fbdb001a058bbcd782235588ba0cf67ec17cb6b406c354049697

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 30 Nov 2023 07:12:56 GMT
content-encoding: gzip
cf-cache-status: HIT
content-md5: VV0mNMQdoST1edPAjk1m6w==
age: 1605
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Thu, 24 Aug 2023 13:27:08 GMT
server: cloudflare
etag: W/"0x8DBA4A5D1339F5D"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
x-ms-request-id: d8eae766-201e-004b-44d0-15ee51000000
cache-control: public, max-age=900, immutable
x-ms-version: 2014-02-14
cf-ray: 82e148f41d2c37f1-FRA

GET
H2 200 css-theme.css
landingpages.kaizengaming.com/de-sport/ Frame 8C3A 799 B
779 B 90ms
39ms Stylesheet
text/css 2606:4700:4400::ac40:934d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://landingpages.kaizengaming.com/de-sport/css-theme.css
Requested by: Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.4.1.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0aa554b7453c36d605833a473df0e1825189dc64c064b472430bbc65078c9312

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 30 Nov 2023 07:12:56 GMT
content-encoding: gzip
cf-cache-status: HIT
content-md5: kJMidRkqsO72r6TQLkoSKQ==
age: 448
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Mon, 30 Oct 2023 17:20:44 GMT
server: cloudflare
etag: W/"0x8DBD96C8C8A3391"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
x-ms-request-id: 92395a42-f01e-0067-689f-0b02fe000000
cache-control: public, max-age=900, immutable
x-ms-version: 2014-02-14
cf-ray: 82e148f41d2a37f1-FRA

GET
H2 200 css-betano_worldcup.css
landingpages.kaizengaming.com/layout/ Frame 8C3A 3 KB
1 KB 87ms
36ms Stylesheet
text/css 2606:4700:4400::ac40:934d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://landingpages.kaizengaming.com/layout/css-betano_worldcup.css
Requested by: Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.4.1.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a24f4f105f56838f9beb801ad17aba77b0a225f6e207515d5be5f4bf500fbee4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 30 Nov 2023 07:12:56 GMT
content-encoding: gzip
cf-cache-status: HIT
content-md5: k3d6Yiaa8bmwIFFDC1yKKQ==
age: 225
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Thu, 24 Aug 2023 13:27:09 GMT
server: cloudflare
etag: W/"0x8DBA4A5D1452901"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
x-ms-request-id: 3f4af0ac-e01e-0019-2a34-1592b9000000
cache-control: public, max-age=900, immutable
x-ms-version: 2014-02-14
cf-ray: 82e148f41d2b37f1-FRA

GET
H2 200 css-iframe.css
landingpages.kaizengaming.com/layout/ Frame 8C3A 2 KB
899 B 92ms
40ms Stylesheet
text/css 2606:4700:4400::ac40:934d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://landingpages.kaizengaming.com/layout/css-iframe.css
Requested by: Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.4.1.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7392d426ac3da3071ebe16fa2ba3003e438842f8368aa9611b7fdcc48239024e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 30 Nov 2023 07:12:56 GMT
content-encoding: gzip
cf-cache-status: HIT
content-md5: 39E7RXrp/bQVuYTQHPOHVg==
age: 366
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Thu, 24 Aug 2023 13:27:12 GMT
server: cloudflare
etag: W/"0x8DBA4A5D385763B"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
x-ms-request-id: 1799abcd-201e-0016-79f2-12e4d5000000
cache-control: public, max-age=900, immutable
x-ms-version: 2014-02-14
cf-ray: 82e148f41d2d37f1-FRA

GET
H2 200 Theme.css
promos.betano.de/willkommenspaket/ Frame 8C3A 4 KB
1 KB 70ms
70ms Stylesheet
text/css 2606:4700:4400::6812:24ac
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://promos.betano.de/willkommenspaket/Theme.css

Requested by

Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.4.1.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:24ac , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d30e51042a424e480e0bda151a436d5a50f2e08d939fdb4a0e8553269de1d74a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/willkommenspaket/index.html?btag=a_826b_2931c_JSABNEVPVBDAADE&utm_medium=431&utm_source=2&siteid=826
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 30 Nov 2023 07:12:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=15552000; includeSubDomains; preload
age: 316
content-md5: iEQB/4Da+za49y9++eEi0A==
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Wed, 22 Nov 2023 09:55:41 GMT
server: cloudflare
etag: W/"0x8DBEB412FC9DF39"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
x-ms-request-id: 94cf8a15-301e-0057-012e-1dbc31000000
cache-control: public, max-age=900
x-ms-version: 2014-02-14
cf-ray: 82e148f3cb713a61-FRA
expires: Thu, 30 Nov 2023 07:27:56 GMT

GET
H2 200 common.js Show response
landingpages.kaizengaming.com/layout/ Frame 8C3A 7 KB
2 KB 84ms
34ms Script
application/javascript 2606:4700:4400::ac40:934d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://landingpages.kaizengaming.com/layout/common.js
Requested by: Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.4.1.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a493de25e0c3a0d6e8cff6840a97dc93226c9d704102d957b1d4ddee13313aa7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 30 Nov 2023 07:12:56 GMT
content-encoding: gzip
cf-cache-status: HIT
content-md5: Tt1r+v6iV6U4snwCJhK1bQ==
age: 366
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Thu, 24 Aug 2023 13:27:08 GMT
server: cloudflare
etag: W/"0x8DBA4A5D12AEE0B"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-ms-request-id: 747213fe-d01e-005f-1e90-d6a63e000000
cache-control: public, max-age=900, immutable
x-ms-version: 2014-02-14
cf-ray: 82e148f41d2e37f1-FRA

GET
H2

200

/
www.google.de/pagead/1p-conversion/763238947/ Frame 8F04
Redirect Chain

https://www.googleadservices.com/pagead/conversion/763238947/?url=https%3A%2F%2Fpromos.betano.de%2F&guid=ON&script=0&data=
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/763238947/?url=https%3A%2F%2Fpromos.betano.de%2F&guid=ON&script=0&data=&ct_cookie_present=false&ocp_id=-TVoZYAJ4b727w_MrLqIDA&random...
https://www.google.com/pagead/1p-conversion/763238947/?url=https%3A%2F%2Fpromos.betano.de%2F&guid=ON&script=0&data=&ct_cookie_present=false&random=1885097637&sscte=1&crd=&pscrd=IhMIwOm6jJbrggMVYZ_9...
https://www.google.de/pagead/1p-conversion/763238947/?url=https%3A%2F%2Fpromos.betano.de%2F&guid=ON&script=0&data=&ct_cookie_present=false&random=1885097637&sscte=1&crd=&pscrd=IhMIwOm6jJbrggMVYZ_9B...

42 B
108 B

32ms
32ms

Image
image/gif

2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/763238947/?url=https%3A%2F%2Fpromos.betano.de%2F&guid=ON&script=0&data=&ct_cookie_present=false&random=1885097637&sscte=1&crd=&pscrd=IhMIwOm6jJbrggMVYZ_9Bx1Mlg7B&is_vtc=1&ocp_id=-TVoZYAJ4b727w_MrLqIDA&cid=CAQSKQDICaaNbSvxJuN2uBDHhmwIMcnS4bQYDGOnSjpJShJ7eIHCKxeIDJRQ&random=1569652261&ipr=y

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/ns.html?id=GTM-MN2KPC6

Protocol

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.googletagmanager.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Nov 2023 07:12:57 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 30 Nov 2023 07:12:57 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.de/pagead/1p-conversion/763238947/?url=https%3A%2F%2Fpromos.betano.de%2F&guid=ON&script=0&data=&ct_cookie_present=false&random=1885097637&sscte=1&crd=&pscrd=IhMIwOm6jJbrggMVYZ_9Bx1Mlg7B&is_vtc=1&ocp_id=-TVoZYAJ4b727w_MrLqIDA&cid=CAQSKQDICaaNbSvxJuN2uBDHhmwIMcnS4bQYDGOnSjpJShJ7eIHCKxeIDJRQ&random=1569652261&ipr=y
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET

activityi;dc_pre=CP_svYyW64IDFQlOHgIdoVoJ8g;src=12738953;type=despo0;cat=despo0;ord=1962460059;~oref=https%3A%2F%2Fpromos.betano.de%2F
12738953.fls.doubleclick.net/ Frame 828D
Redirect Chain

https://12738953.fls.doubleclick.net/activityi;src=12738953;type=despo0;cat=despo0;ord=1962460059;~oref=https%3A%2F%2Fpromos.betano.de%2F?
https://12738953.fls.doubleclick.net/activityi;dc_pre=CP_svYyW64IDFQlOHgIdoVoJ8g;src=12738953;type=despo0;cat=despo0;ord=1962460059;~oref=https%3A%2F%2Fpromos.betano.de%2F?

0
0

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame 8C3A 277 KB
92 KB 34ms
34ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-W0C280Z7PP&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MN2KPC6

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5a9d7acd12a63781599a69aaa83db1b96ed2df854473c5b6197b280d4a4b1cdf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 07:12:57 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 93905
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 30 Nov 2023 07:12:57 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame 8C3A 52 KB
21 KB 63ms
18ms Script
text/javascript 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MN2KPC6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 30 Nov 2023 05:49:38 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 4999
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Thu, 30 Nov 2023 07:49:38 GMT

GET
H2 200 scevent.min.js Show response
sc-static.net/ Frame 8C3A 40 KB
17 KB 105ms
43ms Script
application/javascript 143.204.207.250
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sc-static.net/scevent.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MN2KPC6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.207.250 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-207-250.fra53.r.cloudfront.net
Software: CloudFront /
Resource Hash: 98a95ec0ce66575d7c332369abd1a2e288674d741c5cae81efcaddaa29de6228

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 07:12:57 GMT
content-encoding: gzip
via: 1.1 3f6fbf009bb5cf969f92ba2e59576614.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA53-C1
x-cache: Miss from cloudfront
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: private, s-maxage=0, max-age=600
access-control-allow-headers: Content-Type
content-length: 17230
x-amz-cf-id: JFLF221kO06LScfrcZ24buZqob32GksPstSKahNyWfthrky3G6j9Ow==

GET
H2 200 trackpoint-async.js Show response
s2.adform.net/banners/scripts/st/ Frame 8C3A 81 KB
31 KB 134ms
34ms Script
application/javascript 37.157.6.236
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s2.adform.net/banners/scripts/st/trackpoint-async.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MN2KPC6
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.236 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 99c28ba77690124b83aea8cdbbb17ab1145ba247c791aeb4bad747b4248ac459

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 07:12:57 GMT
content-encoding: gzip
last-modified: Tue, 23 May 2023 09:56:34 GMT
server: nginx
x-amz-request-id: tx000004a99d1e4c6dfecaa-00646c8ee1-32950a49-default
etag: W/"f937ab3eef01c118930b200e5087d00d"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-rgw-object-type: Normal
cache-control: public, max-age=604800

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ Frame 8C3A 202 KB
53 KB 21ms
21ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 30 Nov 2023 07:12:57 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 54273
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: BCbpu4jeMvQq0EYUtiTW8995owmQ1RwJWEmGQZ0Vy4Vcl4c7uTVX2yhxnpipEEqLNFdDtFJMIhj/Ht3jutbe2g==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ Frame 8C3A 45 KB
13 KB 102ms
48ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

5e319852607809336b2534ffeb96f6933f26994dd040f535302c84f59cc0a214

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Thu, 30 Nov 2023 07:12:56 GMT
last-modified: Fri, 10 Nov 2023 20:09:55 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: F03160F4D9DF4CDEB1D5766753AC9598 Ref B: FRAEDGE1909 Ref C: 2023-11-30T07:12:57Z
etag: "80abcdf1114da1:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 13175

GET
H2 200 mgsensor.js Show response
a.mgid.com/ Frame 8C3A 15 KB
5 KB 127ms
117ms Script
application/javascript 2606:4700:1::6813:854c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://a.mgid.com/mgsensor.js?d=1701328376993

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:1::6813:854c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fab2f44ed2c54018f566702de911e32e0d0502e41768f5b16227576589f42e68

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 07:12:57 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: br
cf-cache-status: DYNAMIC
x-mg-request-uuid: 62149faf-75e3-4a18-a48f-fec58490eb79
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
cf-ray: 82e148f45aea35e0-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/763238947/ Frame 8C3A 3 KB
2 KB 32ms
32ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/763238947/?random=1701328376988&cv=11&fst=1701328376988&bg=ffffff&guid=ON&async=1&gtm=45He3b60v79977643&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&tcfd=10001&u_w=1600&u_h=1200&url=https%3A%2F%2Fpromos.betano.de%2Fwillkommenspaket%2Findex.html%3Fbtag%3Da_826b_2931c_JSABNEVPVBDAADE%26utm_medium%3D431%26utm_source%3D2%26siteid%3D826&ref=https%3A%2F%2Flp.cleverwebserver.com%2F&top=https%3A%2F%2Fstruma.bg&hn=www.googleadservices.com&frm=2&tiba=BETANO%20MODE&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MN2KPC6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d4c774c527d6c3c510b611c6fdd8df7d89438e0b71d77c886a843a129174cb85

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Nov 2023 07:12:57 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1349
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

activityi;dc_pre=CLr1vYyW64IDFcJTHgIdArMBYw;src=12738953;type=despo0;cat=despo0;ord=9768710213423;gtm=45He3b60v79977643;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;tcfd=10001;uaa=;uab=;uafvl=;uamb=0;uam=;u... Show response
12738953.fls.doubleclick.net/ Frame 6975
Redirect Chain

https://12738953.fls.doubleclick.net/activityi;src=12738953;type=despo0;cat=despo0;ord=9768710213423;gtm=45He3b60v79977643;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;tcfd=10001;uaa=;uab=;uafvl=;uamb=0;uam...
https://12738953.fls.doubleclick.net/activityi;dc_pre=CLr1vYyW64IDFcJTHgIdArMBYw;src=12738953;type=despo0;cat=despo0;ord=9768710213423;gtm=45He3b60v79977643;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;tcfd...

614 B
672 B

65ms
65ms

Document
text/html

172.217.18.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://12738953.fls.doubleclick.net/activityi;dc_pre=CLr1vYyW64IDFcJTHgIdArMBYw;src=12738953;type=despo0;cat=despo0;ord=9768710213423;gtm=45He3b60v79977643;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;tcfd=10001;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fpromos.betano.de%2Fwillkommenspaket%2Findex.html%3Fbtag%3Da_826b_2931c_JSABNEVPVBDAADE%26utm_medium%3D431%26utm_source%3D2%26siteid%3D826?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MN2KPC6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f102.1e100.net

Software

cafe /

Resource Hash

6592305ec6aa9d489618146fcf99be8d4fde180b7a44bfcba1a5733cd50015cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://promos.betano.de/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 374
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 30 Nov 2023 07:12:57 GMT
expires: Thu, 30 Nov 2023 07:12:57 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 30 Nov 2023 07:12:57 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://12738953.fls.doubleclick.net/activityi;dc_pre=CLr1vYyW64IDFcJTHgIdArMBYw;src=12738953;type=despo0;cat=despo0;ord=9768710213423;gtm=45He3b60v79977643;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;tcfd=10001;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fpromos.betano.de%2Fwillkommenspaket%2Findex.html%3Fbtag%3Da_826b_2931c_JSABNEVPVBDAADE%26utm_medium%3D431%26utm_source%3D2%26siteid%3D826?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

activityi;dc_pre=CI7xvYyW64IDFfxHwgodY0YPmQ;src=12738953;type=deaff0;cat=deaff0;ord=9036201225254;gtm=45He3b60v79977643;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;tcfd=10001;uaa=;uab=;uafvl=;uamb=0;uam=;u... Show response
12738953.fls.doubleclick.net/ Frame 9EF5
Redirect Chain

https://12738953.fls.doubleclick.net/activityi;src=12738953;type=deaff0;cat=deaff0;ord=9036201225254;gtm=45He3b60v79977643;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;tcfd=10001;uaa=;uab=;uafvl=;uamb=0;uam...
https://12738953.fls.doubleclick.net/activityi;dc_pre=CI7xvYyW64IDFfxHwgodY0YPmQ;src=12738953;type=deaff0;cat=deaff0;ord=9036201225254;gtm=45He3b60v79977643;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;tcfd...

614 B
671 B

66ms
64ms

Document
text/html

172.217.18.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://12738953.fls.doubleclick.net/activityi;dc_pre=CI7xvYyW64IDFfxHwgodY0YPmQ;src=12738953;type=deaff0;cat=deaff0;ord=9036201225254;gtm=45He3b60v79977643;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;tcfd=10001;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fpromos.betano.de%2Fwillkommenspaket%2Findex.html%3Fbtag%3Da_826b_2931c_JSABNEVPVBDAADE%26utm_medium%3D431%26utm_source%3D2%26siteid%3D826?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MN2KPC6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f102.1e100.net

Software

cafe /

Resource Hash

5a81bb5455ce6e042897ddd46d78dcef7e677f9ab7df1069a04419493e0e4d7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://promos.betano.de/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 373
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 30 Nov 2023 07:12:57 GMT
expires: Thu, 30 Nov 2023 07:12:57 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 30 Nov 2023 07:12:57 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://12738953.fls.doubleclick.net/activityi;dc_pre=CI7xvYyW64IDFfxHwgodY0YPmQ;src=12738953;type=deaff0;cat=deaff0;ord=9036201225254;gtm=45He3b60v79977643;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;tcfd=10001;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fpromos.betano.de%2Fwillkommenspaket%2Findex.html%3Fbtag%3Da_826b_2931c_JSABNEVPVBDAADE%26utm_medium%3D431%26utm_source%3D2%26siteid%3D826?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 slick.css
landingpages.kaizengaming.com/layout/ Frame 8C3A 2 KB
667 B 41ms
39ms Stylesheet
text/css 2606:4700:4400::ac40:934d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://landingpages.kaizengaming.com/layout/slick.css
Requested by: Host: landingpages.kaizengaming.com
URL: https://landingpages.kaizengaming.com/layout/css-betano.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fc0081d5d01c24bef68e2329cfc63cd65ba2516dceb940baeff08b09430e1e62

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://landingpages.kaizengaming.com/layout/css-betano.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 30 Nov 2023 07:12:57 GMT
content-encoding: gzip
cf-cache-status: HIT
content-md5: WZ31BB/YyxPVIgu7I3iKsw==
age: 831
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Thu, 24 Aug 2023 13:27:12 GMT
server: cloudflare
etag: W/"0x8DBA4A5D32ED756"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
x-ms-request-id: 8223f478-b01e-0004-51d0-159f05000000
cache-control: public, max-age=900, immutable
x-ms-version: 2014-02-14
cf-ray: 82e148f45d6137f1-FRA

GET
H2 200 slick-theme.css
landingpages.kaizengaming.com/layout/ Frame 8C3A 3 KB
1 KB 33ms
31ms Stylesheet
text/css 2606:4700:4400::ac40:934d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://landingpages.kaizengaming.com/layout/slick-theme.css
Requested by: Host: landingpages.kaizengaming.com
URL: https://landingpages.kaizengaming.com/layout/css-betano.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ed48c2c26ab144483ce6e6cfd207070eaa30dcd7cfe36c14b29d89b343e9df05

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://landingpages.kaizengaming.com/layout/css-betano.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 30 Nov 2023 07:12:57 GMT
content-encoding: gzip
cf-cache-status: HIT
content-md5: UpLamLxcSvAJaktpLARRvQ==
age: 226
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Thu, 24 Aug 2023 13:27:12 GMT
server: cloudflare
etag: W/"0x8DBA4A5D316E60C"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
x-ms-request-id: 257fadc4-b01e-0066-19cf-155d22000000
cache-control: public, max-age=900, immutable
x-ms-version: 2014-02-14
cf-ray: 82e148f45d6237f1-FRA

GET
H2 200 css-fonts.css
landingpages.kaizengaming.com/layout/ Frame 8C3A 4 KB
502 B 42ms
41ms Stylesheet
text/css 2606:4700:4400::ac40:934d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://landingpages.kaizengaming.com/layout/css-fonts.css
Requested by: Host: landingpages.kaizengaming.com
URL: https://landingpages.kaizengaming.com/layout/css-betano.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b7128e23958b3fda5c3c906893ed845791c82b203b643817c854c86f211efbb1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://landingpages.kaizengaming.com/layout/css-betano.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 30 Nov 2023 07:12:57 GMT
content-encoding: gzip
cf-cache-status: HIT
content-md5: pvSNyxtpXpV4jwDcVBs+8g==
age: 22
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Thu, 24 Aug 2023 13:27:09 GMT
server: cloudflare
etag: W/"0x8DBA4A5D1600014"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
x-ms-request-id: 563d7241-201e-0064-2298-16e39a000000
cache-control: public, max-age=900, immutable
x-ms-version: 2014-02-14
cf-ray: 82e148f45d6337f1-FRA

GET
H2 200 css-common.css
landingpages.kaizengaming.com/layout/ Frame 8C3A 944 B
600 B 35ms
33ms Stylesheet
text/css 2606:4700:4400::ac40:934d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://landingpages.kaizengaming.com/layout/css-common.css
Requested by: Host: landingpages.kaizengaming.com
URL: https://landingpages.kaizengaming.com/layout/css-betano.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d8a0d356d644b4013aa75e86393844a21bdfaf2a4bd5e99c2ab05c0fe74e3101

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://landingpages.kaizengaming.com/layout/css-betano.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 30 Nov 2023 07:12:57 GMT
content-encoding: gzip
cf-cache-status: HIT
content-md5: 5eGR2sXfZgOapde0CV8YSg==
age: 861
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Thu, 24 Aug 2023 13:27:09 GMT
server: cloudflare
etag: W/"0x8DBA4A5D14E9D7C"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
x-ms-request-id: f36275d2-d01e-0060-0d76-226e9d000000
cache-control: public, max-age=900, immutable
x-ms-version: 2014-02-14
cf-ray: 82e148f45d6437f1-FRA

GET
H2 200 css-landing.css
landingpages.kaizengaming.com/layout/ Frame 8C3A 8 KB
2 KB 34ms
32ms Stylesheet
text/css 2606:4700:4400::ac40:934d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://landingpages.kaizengaming.com/layout/css-landing.css
Requested by: Host: landingpages.kaizengaming.com
URL: https://landingpages.kaizengaming.com/layout/css-betano.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c71752822cfbdf7713731e936ebe7f93fe99c5984e0ddd3c6a8e185c17ff5048

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://landingpages.kaizengaming.com/layout/css-betano.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 30 Nov 2023 07:12:57 GMT
content-encoding: gzip
cf-cache-status: HIT
content-md5: JDqCfcVQtN58am64kAmqvg==
age: 831
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Thu, 24 Aug 2023 13:27:09 GMT
server: cloudflare
etag: W/"0x8DBA4A5D168B161"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
x-ms-request-id: 9e377160-101e-006f-6eac-2118f1000000
cache-control: public, max-age=900, immutable
x-ms-version: 2014-02-14
cf-ray: 82e148f45d6537f1-FRA

GET
H2 200 css-desktop.css
landingpages.kaizengaming.com/layout/ Frame 8C3A 5 KB
1 KB 35ms
34ms Stylesheet
text/css 2606:4700:4400::ac40:934d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://landingpages.kaizengaming.com/layout/css-desktop.css
Requested by: Host: landingpages.kaizengaming.com
URL: https://landingpages.kaizengaming.com/layout/css-betano.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bf06e66d0b6d12c39860b7a3f1a724397a8bc0267423b64c6627ef0f52a7b27d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://landingpages.kaizengaming.com/layout/css-betano.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 30 Nov 2023 07:12:57 GMT
content-encoding: gzip
cf-cache-status: HIT
content-md5: AOVpmo2f/4Wn1SoTquvjVA==
age: 365
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Thu, 24 Aug 2023 13:27:09 GMT
server: cloudflare
etag: W/"0x8DBA4A5D1574ECA"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
x-ms-request-id: 72bda778-201e-0029-456f-222c76000000
cache-control: public, max-age=900, immutable
x-ms-version: 2014-02-14
cf-ray: 82e148f45d6637f1-FRA

GET
H2 200 css-tablet.css
landingpages.kaizengaming.com/layout/ Frame 8C3A 4 KB
1 KB 41ms
40ms Stylesheet
text/css 2606:4700:4400::ac40:934d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://landingpages.kaizengaming.com/layout/css-tablet.css
Requested by: Host: landingpages.kaizengaming.com
URL: https://landingpages.kaizengaming.com/layout/css-betano.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1172af7570acdb509d41b715ff6f8d2c0e06a3af29b54e76ae681571161e4d5e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://landingpages.kaizengaming.com/layout/css-betano.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 30 Nov 2023 07:12:57 GMT
content-encoding: gzip
cf-cache-status: HIT
content-md5: Mr2IdhRK+4IeBy7KcyoBtQ==
age: 525
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Thu, 24 Aug 2023 13:27:09 GMT
server: cloudflare
etag: W/"0x8DBA4A5D18E0E3F"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
x-ms-request-id: f73faa91-401e-005d-1190-d61886000000
cache-control: public, max-age=900, immutable
x-ms-version: 2014-02-14
cf-ray: 82e148f45d6737f1-FRA

GET
H2 200 css-mobile.css
landingpages.kaizengaming.com/layout/ Frame 8C3A 3 KB
1 KB 43ms
42ms Stylesheet
text/css 2606:4700:4400::ac40:934d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://landingpages.kaizengaming.com/layout/css-mobile.css
Requested by: Host: landingpages.kaizengaming.com
URL: https://landingpages.kaizengaming.com/layout/css-betano.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fea86661c5d80146c78c8e112e81c6ebcd3ac8c3f4d81c6fd3419532343c21a0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://landingpages.kaizengaming.com/layout/css-betano.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 30 Nov 2023 07:12:57 GMT
content-encoding: gzip
cf-cache-status: HIT
content-md5: y0J3Tr1dgXYbzTPMrvAM5Q==
age: 525
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Thu, 24 Aug 2023 13:27:09 GMT
server: cloudflare
etag: W/"0x8DBA4A5D171FED7"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
x-ms-request-id: 9c9cc867-901e-0003-7890-d6f366000000
cache-control: public, max-age=900, immutable
x-ms-version: 2014-02-14
cf-ray: 82e148f45d6837f1-FRA

GET
H2 200 css-betano_theme.css
landingpages.kaizengaming.com/layout/ Frame 8C3A 8 KB
1 KB 36ms
35ms Stylesheet
text/css 2606:4700:4400::ac40:934d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://landingpages.kaizengaming.com/layout/css-betano_theme.css
Requested by: Host: landingpages.kaizengaming.com
URL: https://landingpages.kaizengaming.com/layout/css-betano.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dad7cc652286fe3fcd072159ff6fdc30a62ba200d329d99cc1674f5183406584

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://landingpages.kaizengaming.com/layout/css-betano.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 30 Nov 2023 07:12:57 GMT
content-encoding: gzip
cf-cache-status: HIT
content-md5: D6htD+uya4gpW6XLW/HaDw==
age: 22
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Thu, 24 Aug 2023 13:27:09 GMT
server: cloudflare
etag: W/"0x8DBA4A5D13C50A6"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
x-ms-request-id: 916d0452-901e-0013-1080-12360e000000
cache-control: public, max-age=900, immutable
x-ms-version: 2014-02-14
cf-ray: 82e148f45d6937f1-FRA

POST
H2 200 82e148f28a263a61 Show response
promos.betano.de/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame 39B1 0
274 B 48ms
48ms XHR
text/plain 2606:4700:4400::6812:24ac
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://promos.betano.de/cdn-cgi/challenge-platform/h/g/jsd/r/82e148f28a263a61

Requested by

Host: promos.betano.de
URL: https://promos.betano.de/cdn-cgi/challenge-platform/scripts/jsd/main.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:24ac , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 30 Nov 2023 07:12:57 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
content-encoding: gzip
server: cloudflare
cf-ray: 82e148f4bc733a61-FRA
content-type: text/plain; charset=UTF-8

GET
H2 200 iframe Show response
visuals.kaizengaming.com/scripts/ Frame 316F 3 KB
2 KB 115ms
56ms Document
text/html 2606:4700:4400::6812:28b3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://visuals.kaizengaming.com/scripts/iframe?did=5dfcfbaa9ed3c30001234cf0&deeplink=on&preload=off&responsive=on&background=Transparent&a=64ee070c262380ef28e936b2&redirecturl=
Requested by: Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.4.1.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:28b3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 063f01f90525ec70cedf00e54824f77cf8576fd98dfa18b38ea60c2d990c0f09

Request headers

Referer: https://promos.betano.de/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
age: 660
cache-control: public, max-age=14400
cf-cache-status: DYNAMIC
cf-ray: 82e148f52e742bf2-FRA
content-encoding: gzip
content-md5: pRIJ2/N21dbBjDWXiJP+cQ==
content-type: text/html
date: Thu, 30 Nov 2023 07:12:57 GMT
expires: Thu, 30 Nov 2023 11:12:57 GMT
last-modified: Wed, 29 Mar 2023 06:31:05 GMT
server: cloudflare
vary: Accept-Encoding
x-ms-blob-type: BlockBlob
x-ms-lease-status: unlocked
x-ms-request-id: 6fffdcd3-801e-0031-534a-2334c0000000
x-ms-version: 2011-08-18

GET
H2 200 index.html Show response
landingpages.kaizengaming.com/de-sport/ Frame 8C3A 12 KB
4 KB 111ms
68ms XHR
text/html 2606:4700:4400::ac40:934d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://landingpages.kaizengaming.com/de-sport/index.html
Requested by: Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.4.1.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e151b237c4a78dcbae0d727db96ada0a06ad3c0be5cc68d4cc6ade404d135012

Request headers

Accept: */*
Referer: https://promos.betano.de/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 30 Nov 2023 07:12:57 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
content-md5: esea11DRZcCjIxk5Z3E7cA==
age: 271891
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Mon, 30 Oct 2023 17:20:43 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/html; charset=utf-8
access-control-allow-origin: *
x-ms-request-id: 534f7306-901e-004e-4ee0-153c8a000000
cache-control: public, max-age=900, immutable
x-ms-version: 2014-02-14
cf-ray: 82e148f50fad3a9c-FRA

GET
H3 200 /
www.google.com/pagead/1p-user-list/763238947/ Frame 8C3A 42 B
64 B 32ms
32ms Image
image/gif 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/763238947/?random=1701328376988&cv=11&fst=1701327600000&bg=ffffff&guid=ON&async=1&gtm=45He3b60v79977643&u_w=1600&u_h=1200&url=https%3A%2F%2Fpromos.betano.de%2Fwillkommenspaket%2Findex.html%3Fbtag%3Da_826b_2931c_JSABNEVPVBDAADE%26utm_medium%3D431%26utm_source%3D2%26siteid%3D826&ref=https%3A%2F%2Flp.cleverwebserver.com%2F&frm=2&tiba=BETANO%20MODE&fmt=3&is_vtc=1&cid=CAQSGwDICaaNrVzzqgrM1DiROrlzgQlj6xA9ikCNdg&random=194080362&rmt_tld=0&ipr=y

Requested by

Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_826b_2931c_JSABNEVPVBDAADE&utm_medium=431&utm_source=2&siteid=826

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Nov 2023 07:12:57 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/763238947/ Frame 8C3A 42 B
455 B 75ms
31ms Image
image/gif 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/763238947/?random=1701328376988&cv=11&fst=1701327600000&bg=ffffff&guid=ON&async=1&gtm=45He3b60v79977643&u_w=1600&u_h=1200&url=https%3A%2F%2Fpromos.betano.de%2Fwillkommenspaket%2Findex.html%3Fbtag%3Da_826b_2931c_JSABNEVPVBDAADE%26utm_medium%3D431%26utm_source%3D2%26siteid%3D826&ref=https%3A%2F%2Flp.cleverwebserver.com%2F&frm=2&tiba=BETANO%20MODE&fmt=3&is_vtc=1&cid=CAQSGwDICaaNrVzzqgrM1DiROrlzgQlj6xA9ikCNdg&random=194080362&rmt_tld=1&ipr=y

Requested by

Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_826b_2931c_JSABNEVPVBDAADE&utm_medium=431&utm_source=2&siteid=826

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Nov 2023 07:12:57 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 234568464078651 Show response
connect.facebook.net/signals/config/ Frame 8C3A 133 KB
35 KB 20ms
20ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/234568464078651?v=2.9.138&r=stable&domain=lp.cleverwebserver.com

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

fea130fcf4b807ff81a3fdbfe587a558707eba03646841e76af16bdd97e06fc2

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 30 Nov 2023 07:12:57 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 35511
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: FE/+VUUAyiPycEDPgDIMRGGu0GLIoPiQOUZeHfY+ovaGvEwAWOFZRyorEgS5AChiQu7gzyNHfbPRgSTtjOzWqQ==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 linkid.js Show response
www.google-analytics.com/plugins/ua/ Frame 8C3A 2 KB
1 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 06:34:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2331
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 697
x-xss-protection: 0
last-modified: Fri, 30 Jun 2023 18:58:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 30 Nov 2023 07:34:06 GMT

GET
BLOB 200
OK 36246aef-b587-4903-8bc0-b0d09daced53
https://promos.betano.de/ Frame 8C3A 597 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://promos.betano.de/36246aef-b587-4903-8bc0-b0d09daced53
Requested by: Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_826b_2931c_JSABNEVPVBDAADE&utm_medium=431&utm_source=2&siteid=826
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6292d47914f9b1671e0c7b3076ea35aa0127785ed01ae8df56f534171114b08a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Length: 597
Content-Type: application/javascript

GET
H2 204 137000673.js Show response
bat.bing.com/p/action/ Frame 8C3A 0
116 B 44ms
44ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/137000673.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Thu, 30 Nov 2023 07:12:56 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 3196A1E326C1419BA7AB37C4CF5FD389 Ref B: FRAEDGE1909 Ref C: 2023-11-30T07:12:57Z
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ Frame 8C3A 0
284 B 107ms
107ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=137000673&Ver=2&mid=81ddb1d7-1c76-43ab-b063-134dc500c015&sid=e32bbc708f4f11ee8386d5d56bb9da42&vid=e32bb1208f4f11eeae154d38ed54f2ce&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=BETANO%20MODE&p=https%3A%2F%2Flp.cleverwebserver.com%2F&r=&lt=479&evt=pageLoad&ifm=1&sv=1&rn=89803

Requested by

Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_826b_2931c_JSABNEVPVBDAADE&utm_medium=431&utm_source=2&siteid=826

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 30 Nov 2023 07:12:56 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 81B2E59C95BC4BCC85A720DD755A4B01 Ref B: FRAEDGE1909 Ref C: 2023-11-30T07:12:57Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_pre=CI7xvYyW64IDFfxHwgodY0YPmQ;src=12738953;type=deaff0;cat=deaff0;ord=9036201225254;gtm=45He3b60v79977643;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;tcfd=10001;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;...
adservice.google.com/ddm/fls/z/ Frame 9EF5 42 B
107 B 110ms
59ms Image
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CI7xvYyW64IDFfxHwgodY0YPmQ;src=12738953;type=deaff0;cat=deaff0;ord=9036201225254;gtm=45He3b60v79977643;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;tcfd=10001;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fpromos.betano.de%2Fwillkommenspaket%2Findex.html%3Fbtag%3Da_826b_2931c_JSABNEVPVBDAADE%26utm_medium%3D431%26utm_source%3D2%26siteid%3D826

Requested by

Host: 12738953.fls.doubleclick.net
URL: https://12738953.fls.doubleclick.net/activityi;dc_pre=CI7xvYyW64IDFfxHwgodY0YPmQ;src=12738953;type=deaff0;cat=deaff0;ord=9036201225254;gtm=45He3b60v79977643;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;tcfd=10001;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fpromos.betano.de%2Fwillkommenspaket%2Findex.html%3Fbtag%3Da_826b_2931c_JSABNEVPVBDAADE%26utm_medium%3D431%26utm_source%3D2%26siteid%3D826?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://12738953.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Nov 2023 07:12:57 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_pre=CLr1vYyW64IDFcJTHgIdArMBYw;src=12738953;type=despo0;cat=despo0;ord=9768710213423;gtm=45He3b60v79977643;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;tcfd=10001;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;...
adservice.google.com/ddm/fls/z/ Frame 6975 42 B
401 B 109ms
59ms Image
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CLr1vYyW64IDFcJTHgIdArMBYw;src=12738953;type=despo0;cat=despo0;ord=9768710213423;gtm=45He3b60v79977643;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;tcfd=10001;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fpromos.betano.de%2Fwillkommenspaket%2Findex.html%3Fbtag%3Da_826b_2931c_JSABNEVPVBDAADE%26utm_medium%3D431%26utm_source%3D2%26siteid%3D826

Requested by

Host: 12738953.fls.doubleclick.net
URL: https://12738953.fls.doubleclick.net/activityi;dc_pre=CLr1vYyW64IDFcJTHgIdArMBYw;src=12738953;type=despo0;cat=despo0;ord=9768710213423;gtm=45He3b60v79977643;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;tcfd=10001;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fpromos.betano.de%2Fwillkommenspaket%2Findex.html%3Fbtag%3Da_826b_2931c_JSABNEVPVBDAADE%26utm_medium%3D431%26utm_source%3D2%26siteid%3D826?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://12738953.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Nov 2023 07:12:57 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ Frame 8C3A 0
129 B 19ms
19ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=234568464078651&ev=PageView&dl=https%3A%2F%2Fpromos.betano.de%2Fwillkommenspaket%2Findex.html%3Fbtag%3Da_826b_2931c_JSABNEVPVBDAADE%26utm_medium%3D431%26utm_source%3D2%26siteid%3D826&rl=https%3A%2F%2Flp.cleverwebserver.com%2F&if=true&ts=1701328377170&sw=1600&sh=1200&v=2.9.138&r=stable&a=tmgoogletagmanager&ec=0&o=4126&ler=other&it=1701328377085&coo=false&rqm=GET

Requested by

Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_826b_2931c_JSABNEVPVBDAADE&utm_medium=431&utm_source=2&siteid=826

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 30 Nov 2023 07:12:57 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 59013e41-1b63-4d8e-a887-ea6d3795d988.js Show response
tr.snapchat.com/config/de/ Frame 8C3A 169 B
437 B 94ms
33ms Script
application/javascript 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/config/de/59013e41-1b63-4d8e-a887-ea6d3795d988.js?v=3.6.1-2311282110

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

e944ca333ad41c999957978e91109d248e9dee1921577c709f869cfcc8e6bbab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

Referer: https://promos.betano.de/
Origin: https://promos.betano.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 07:12:57 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
via: 1.1 google
server: API Gateway
content-type: application/javascript
access-control-allow-origin: https://promos.betano.de
x-envoy-upstream-service-time: 0
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 169

GET
H2 200 i Show response
tr.snapchat.com/cm/ Frame BB86 0
201 B 90ms
32ms Document
text/html 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/cm/i?pid=59013e41-1b63-4d8e-a887-ea6d3795d988&u_scsid=fd7431ba-bf40-4d92-989e-5c60e0f79831&u_sclid=5972e99e-c4c1-4c68-94bb-7cd4ec10467b

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains

Request headers

Referer: https://promos.betano.de/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Thu, 30 Nov 2023 07:12:57 GMT
server: API Gateway
strict-transport-security: max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains
via: 1.1 google
x-envoy-upstream-service-time: 0

GET
H2 200 p
tr.snapchat.com/ Frame 8C3A 68 B
310 B 90ms
32ms Image
image/png 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tr.snapchat.com/p?pid=59013e41-1b63-4d8e-a887-ea6d3795d988&ev=PAGE_VIEW&intg=gtm&pids=59013e41-1b63-4d8e-a887-ea6d3795d988&u_c1=8487f96e-66a1-470f-b0d1-02fbce1d6b8c&u_sclid=5972e99e-c4c1-4c68-94bb-7cd4ec10467b&u_scsid=fd7431ba-bf40-4d92-989e-5c60e0f79831&bt=1d53c387&d_bvs=%5B%5D&huah=true&if=true&m_dcl=479&m_ic=true&m_pi=474&m_pl=0&m_pv=2&m_rd=741&m_sh=1200&m_sl=0&m_sw=1600&pl=https%3A%2F%2Flp.cleverwebserver.com%2F&rf=https%3A%2F%2Flp.cleverwebserver.com%2F&trackId=e34f95c8-c322-439b-a5e3-86e26f096808&ts=1701328377175&v=3.6.1-2311282110

Requested by

Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_826b_2931c_JSABNEVPVBDAADE&utm_medium=431&utm_source=2&siteid=826

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 07:12:57 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
via: 1.1 google
server: API Gateway
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache, no-transform
x-envoy-upstream-service-time: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68

POST
H2 200 / Show response
api-js.datadome.co/js/ Frame 8C3A 230 B
408 B 92ms
21ms XHR
application/json 3.65.77.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api-js.datadome.co/js/
Requested by: Host: dd.betano.de
URL: https://dd.betano.de/tags.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.65.77.69 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-65-77-69.eu-central-1.compute.amazonaws.com
Software: DataDome /
Resource Hash: d588aea80978462349811d27176a03a84eace6344d6c473324c6d0f63dd524f2

Request headers

Referer: https://promos.betano.de/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Thu, 30 Nov 2023 07:12:57 GMT
server: DataDome
content-type: application/json;charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
content-length: 230
expires: 0

GET
H2 200 spn_Sporting_CP2_b%201.png
landingpages.kaizengaming.com/de-sport/ Frame 8C3A 19 KB
19 KB 65ms
58ms Image
image/png 2606:4700:4400::ac40:934d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://landingpages.kaizengaming.com/de-sport/spn_Sporting_CP2_b%201.png
Requested by: Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_826b_2931c_JSABNEVPVBDAADE&utm_medium=431&utm_source=2&siteid=826
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2019d77fa19a331f0e33fb1e0f96103832fdaf49481ef54920e83b59ab68f1e2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 30 Nov 2023 07:12:57 GMT
cf-cache-status: HIT
content-md5: mwHkbVJHeMadNj4jxLZolA==
age: 1492
content-length: 19119
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Mon, 30 Oct 2023 17:20:46 GMT
server: cloudflare
etag: "0x8DBD96C8DB7630C"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: 3f4c30e2-e01e-0019-6135-1592b9000000
cache-control: public, max-age=900, immutable
x-ms-version: 2014-02-14
accept-ranges: bytes
cf-ray: 82e148f59e7037f1-FRA

GET
H2 200 spn_Benfica_2021_8_13_15_24_29_b%201.png
landingpages.kaizengaming.com/de-sport/ Frame 8C3A 28 KB
28 KB 38ms
32ms Image
image/png 2606:4700:4400::ac40:934d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://landingpages.kaizengaming.com/de-sport/spn_Benfica_2021_8_13_15_24_29_b%201.png
Requested by: Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_826b_2931c_JSABNEVPVBDAADE&utm_medium=431&utm_source=2&siteid=826
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aab3b7005f69e9d7c10a94d7f3657277d5c9dae9cfc6bde05617b003a56fa125

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 30 Nov 2023 07:12:57 GMT
cf-cache-status: HIT
content-md5: oEUX3HqfuPUvYFG+QZJ9tQ==
age: 1146
content-length: 28849
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Mon, 30 Oct 2023 17:20:45 GMT
server: cloudflare
etag: "0x8DBD96C8D3463E2"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: eeb12a1f-101e-0040-3837-0d153a000000
cache-control: public, max-age=900, immutable
x-ms-version: 2014-02-14
accept-ranges: bytes
cf-ray: 82e148f59e7137f1-FRA

GET
H2 200 spn_FC_Porto_b%201.png
landingpages.kaizengaming.com/de-sport/ Frame 8C3A 24 KB
24 KB 66ms
59ms Image
image/png 2606:4700:4400::ac40:934d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://landingpages.kaizengaming.com/de-sport/spn_FC_Porto_b%201.png
Requested by: Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_826b_2931c_JSABNEVPVBDAADE&utm_medium=431&utm_source=2&siteid=826
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 728165191b625a29fc0c1469f93cf17eb62f3595f379c977890974543f7d814d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 30 Nov 2023 07:12:57 GMT
cf-cache-status: HIT
content-md5: jSdk+PY50XexolMJPt5Q0Q==
age: 1565
content-length: 24710
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Mon, 30 Oct 2023 17:20:45 GMT
server: cloudflare
etag: "0x8DBD96C8D6557A8"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: a4e0bbaa-901e-0013-02eb-12360e000000
cache-control: public, max-age=900, immutable
x-ms-version: 2014-02-14
accept-ranges: bytes
cf-ray: 82e148f59e7437f1-FRA

GET
H2 200 spn_osfp210X210_b_b_2019_8_14_8_57_11_b%201.png
landingpages.kaizengaming.com/de-sport/ Frame 8C3A 25 KB
25 KB 65ms
59ms Image
image/png 2606:4700:4400::ac40:934d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://landingpages.kaizengaming.com/de-sport/spn_osfp210X210_b_b_2019_8_14_8_57_11_b%201.png
Requested by: Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_826b_2931c_JSABNEVPVBDAADE&utm_medium=431&utm_source=2&siteid=826
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: abc9055dec46bd0fe46b5534dee9d9a6411491662f1403df81e6e238389b0b8b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 30 Nov 2023 07:12:57 GMT
cf-cache-status: HIT
content-md5: JhbPFXjZywCGfmkqf6Kweg==
age: 1146
content-length: 25859
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Mon, 30 Oct 2023 17:20:45 GMT
server: cloudflare
etag: "0x8DBD96C8D9E878D"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: 25d3ecb6-001e-002e-6fa0-0b4015000000
cache-control: public, max-age=900, immutable
x-ms-version: 2014-02-14
accept-ranges: bytes
cf-ray: 82e148f5ae7737f1-FRA

GET
H2 200 spn_Logo_Panathinaikos-01-3%201.png
landingpages.kaizengaming.com/de-sport/ Frame 8C3A 19 KB
20 KB 44ms
38ms Image
image/png 2606:4700:4400::ac40:934d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://landingpages.kaizengaming.com/de-sport/spn_Logo_Panathinaikos-01-3%201.png
Requested by: Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_826b_2931c_JSABNEVPVBDAADE&utm_medium=431&utm_source=2&siteid=826
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 35eb8dfaab4bf3bac258cec08918ec16f4b23e8d47b5bbaa41fbd28f4660b1de

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 30 Nov 2023 07:12:57 GMT
cf-cache-status: HIT
content-md5: XMp6ffG72oNhRO1DDx+D8g==
age: 1146
content-length: 19885
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Mon, 30 Oct 2023 17:20:45 GMT
server: cloudflare
etag: "0x8DBD96C8D862133"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: c0924783-e01e-0044-4078-22983d000000
cache-control: public, max-age=900, immutable
x-ms-version: 2014-02-14
accept-ranges: bytes
cf-ray: 82e148f5ae7937f1-FRA

GET
H2 200 spn_stxmn_xorigies_footer_210x210_paok_b_2019_8_14_8_59_31_b%201.png
landingpages.kaizengaming.com/de-sport/ Frame 8C3A 19 KB
20 KB 75ms
69ms Image
image/png 2606:4700:4400::ac40:934d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://landingpages.kaizengaming.com/de-sport/spn_stxmn_xorigies_footer_210x210_paok_b_2019_8_14_8_59_31_b%201.png
Requested by: Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_826b_2931c_JSABNEVPVBDAADE&utm_medium=431&utm_source=2&siteid=826
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 51da5b73ff056af5a7b6661a72877729acae13288868cf5689e7933f283d8f22

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 30 Nov 2023 07:12:57 GMT
cf-cache-status: HIT
content-md5: ZWskDbpA4tguY75DycNraw==
age: 1146
content-length: 19873
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Mon, 30 Oct 2023 17:20:46 GMT
server: cloudflare
etag: "0x8DBD96C8DBE3FD2"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: 818210a6-301e-001a-53f9-1173dd000000
cache-control: public, max-age=900, immutable
x-ms-version: 2014-02-14
accept-ranges: bytes
cf-ray: 82e148f5ae7a37f1-FRA

GET
H2 200 spn_apoel%20footer_b%201.png
landingpages.kaizengaming.com/de-sport/ Frame 8C3A 18 KB
18 KB 58ms
52ms Image
image/png 2606:4700:4400::ac40:934d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://landingpages.kaizengaming.com/de-sport/spn_apoel%20footer_b%201.png
Requested by: Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_826b_2931c_JSABNEVPVBDAADE&utm_medium=431&utm_source=2&siteid=826
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fda4c0c8d886d3dc37996a43e3733d5f8433d49283716ea9e7a7316cda7794ba

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 30 Nov 2023 07:12:57 GMT
cf-cache-status: HIT
content-md5: bqT5Gi69cDmYsDYa4bEKsQ==
age: 1146
content-length: 18469
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Mon, 30 Oct 2023 17:20:44 GMT
server: cloudflare
etag: "0x8DBD96C8D134C45"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: 78a3c4e6-d01e-004f-1868-146356000000
cache-control: public, max-age=900, immutable
x-ms-version: 2014-02-14
accept-ranges: bytes
cf-ray: 82e148f5ae7b37f1-FRA

GET
H2 200 spn_apollon-logo-210x210_b%201.png
landingpages.kaizengaming.com/de-sport/ Frame 8C3A 23 KB
23 KB 56ms
50ms Image
image/png 2606:4700:4400::ac40:934d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://landingpages.kaizengaming.com/de-sport/spn_apollon-logo-210x210_b%201.png
Requested by: Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_826b_2931c_JSABNEVPVBDAADE&utm_medium=431&utm_source=2&siteid=826
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 21b1fdeba9c263ef576c174286f2d861a4ef9b8b5cb98f34cb568905fb899d86

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 30 Nov 2023 07:12:57 GMT
cf-cache-status: HIT
content-md5: GASNhmiazNjE2gYaQyS6Dg==
age: 1565
content-length: 23572
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Mon, 30 Oct 2023 17:20:45 GMT
server: cloudflare
etag: "0x8DBD96C8D1A0202"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: addacb4f-601e-0017-4aa0-0bbb09000000
cache-control: public, max-age=900, immutable
x-ms-version: 2014-02-14
accept-ranges: bytes
cf-ray: 82e148f5ae7d37f1-FRA

GET
H2 200 spn_fcsb%20210x210%20(1)_b%201.png
landingpages.kaizengaming.com/de-sport/ Frame 8C3A 22 KB
23 KB 63ms
57ms Image
image/png 2606:4700:4400::ac40:934d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://landingpages.kaizengaming.com/de-sport/spn_fcsb%20210x210%20(1)_b%201.png
Requested by: Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_826b_2931c_JSABNEVPVBDAADE&utm_medium=431&utm_source=2&siteid=826
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6a4aaeb80b8cab44b94d532c946cbaed2a25c8dead8dd54161340d3cc56bc308

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 30 Nov 2023 07:12:57 GMT
cf-cache-status: HIT
content-md5: SBVluZQtT7yiLEiEDAA5aQ==
age: 1565
content-length: 22894
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Mon, 30 Oct 2023 17:20:45 GMT
server: cloudflare
etag: "0x8DBD96C8D6C5B78"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: b345c4ce-701e-000b-5ac5-12e969000000
cache-control: public, max-age=900, immutable
x-ms-version: 2014-02-14
accept-ranges: bytes
cf-ray: 82e148f5ae7e37f1-FRA

GET
H2 200 spn_craiova%20fc%20logo_210x210%20(1)_b%201.png
landingpages.kaizengaming.com/de-sport/ Frame 8C3A 18 KB
18 KB 64ms
59ms Image
image/png 2606:4700:4400::ac40:934d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://landingpages.kaizengaming.com/de-sport/spn_craiova%20fc%20logo_210x210%20(1)_b%201.png
Requested by: Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_826b_2931c_JSABNEVPVBDAADE&utm_medium=431&utm_source=2&siteid=826
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 62abee42f8de35bf84f870156e78a63ef9ac008a94e48924de6101eb335c1856

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 30 Nov 2023 07:12:57 GMT
cf-cache-status: HIT
content-md5: OKKcJspihS+zi860B9s0Bw==
age: 1146
content-length: 18147
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Mon, 30 Oct 2023 17:20:45 GMT
server: cloudflare
etag: "0x8DBD96C8D4EC5CE"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: b091c6f9-d01e-003d-2edb-156419000000
cache-control: public, max-age=900, immutable
x-ms-version: 2014-02-14
accept-ranges: bytes
cf-ray: 82e148f5ae7f37f1-FRA

GET
H2 200 spn_Sparta.png
landingpages.kaizengaming.com/de-sport/ Frame 8C3A 5 KB
5 KB 73ms
68ms Image
image/png 2606:4700:4400::ac40:934d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://landingpages.kaizengaming.com/de-sport/spn_Sparta.png
Requested by: Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_826b_2931c_JSABNEVPVBDAADE&utm_medium=431&utm_source=2&siteid=826
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 62caffb569b2f4b4bf9f4c317c6dfc6ed155304a9bce20f0d12613053f1cc3c1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 30 Nov 2023 07:12:57 GMT
cf-cache-status: REVALIDATED
content-md5: /0mt5FHZVIAjX94uZVR7dA==
content-length: 5318
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Mon, 30 Oct 2023 17:20:46 GMT
server: cloudflare
etag: "0x8DBD96C8E458419"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: 0395e16c-b01e-0014-7ff9-115a6d000000
cache-control: public, max-age=900, immutable
x-ms-version: 2014-02-14
accept-ranges: bytes
cf-ray: 82e148f5ae8037f1-FRA

GET
H2 200 spn_FC%20Viktoria%20Plzen.png
landingpages.kaizengaming.com/de-sport/ Frame 8C3A 17 KB
17 KB 39ms
34ms Image
image/png 2606:4700:4400::ac40:934d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://landingpages.kaizengaming.com/de-sport/spn_FC%20Viktoria%20Plzen.png
Requested by: Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_826b_2931c_JSABNEVPVBDAADE&utm_medium=431&utm_source=2&siteid=826
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c69c7bb218bf8af15e2ae415862db1bd0d445c959be698fb58320d97dd1a5b5a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 30 Nov 2023 07:12:57 GMT
cf-cache-status: HIT
content-md5: QZwghOjpQSeiH/VC0Pp+5g==
age: 1565
content-length: 17257
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Mon, 30 Oct 2023 17:20:45 GMT
server: cloudflare
etag: "0x8DBD96C8D5DB7AC"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: 7e67a2d2-b01e-0059-80a0-0b9581000000
cache-control: public, max-age=900, immutable
x-ms-version: 2014-02-14
accept-ranges: bytes
cf-ray: 82e148f5ae8137f1-FRA

GET
H2 200 spn_PFC%20Locomotiv.png
landingpages.kaizengaming.com/de-sport/ Frame 8C3A 17 KB
17 KB 95ms
90ms Image
image/png 2606:4700:4400::ac40:934d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://landingpages.kaizengaming.com/de-sport/spn_PFC%20Locomotiv.png
Requested by: Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_826b_2931c_JSABNEVPVBDAADE&utm_medium=431&utm_source=2&siteid=826
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1b89e19aca89f180ba1e62c62495c5e4156f96cfa866b19cf0df0192452f477f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 30 Nov 2023 07:12:57 GMT
cf-cache-status: HIT
content-md5: n8zLW8cpLiU4kbUrGnwtDw==
age: 406
content-length: 17581
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Mon, 30 Oct 2023 17:20:45 GMT
server: cloudflare
etag: "0x8DBD96C8DA62790"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: 261482e7-601e-0038-5fa0-0bb6c2000000
cache-control: public, max-age=900, immutable
x-ms-version: 2014-02-14
accept-ranges: bytes
cf-ray: 82e148f5ae8237f1-FRA

GET
H2 200 spn_atleticologo_whiteoutline_b%201.png
landingpages.kaizengaming.com/de-sport/ Frame 8C3A 15 KB
15 KB 63ms
58ms Image
image/png 2606:4700:4400::ac40:934d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://landingpages.kaizengaming.com/de-sport/spn_atleticologo_whiteoutline_b%201.png
Requested by: Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_826b_2931c_JSABNEVPVBDAADE&utm_medium=431&utm_source=2&siteid=826
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5c447157fa660c55a320f8c1735eacb754c4697c5ff98dd4140da21ffb9b1ba4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 30 Nov 2023 07:12:57 GMT
cf-cache-status: HIT
content-md5: exAxLiOKF1ZQ22Z4FzBs+g==
age: 1146
content-length: 15119
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Mon, 30 Oct 2023 17:20:45 GMT
server: cloudflare
etag: "0x8DBD96C8D21C90B"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: f2ef4b2c-901e-0071-5e1a-12f429000000
cache-control: public, max-age=900, immutable
x-ms-version: 2014-02-14
accept-ranges: bytes
cf-ray: 82e148f5ae8337f1-FRA

GET
H2 200 spn_logo_fluminense%20(1)_b%201.png
landingpages.kaizengaming.com/de-sport/ Frame 8C3A 23 KB
23 KB 61ms
56ms Image
image/png 2606:4700:4400::ac40:934d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://landingpages.kaizengaming.com/de-sport/spn_logo_fluminense%20(1)_b%201.png
Requested by: Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_826b_2931c_JSABNEVPVBDAADE&utm_medium=431&utm_source=2&siteid=826
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ac7bb492fca6a4c1c72dacfff28d869d9a125529a085d29da9ff803b994688b5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 30 Nov 2023 07:12:57 GMT
cf-cache-status: HIT
content-md5: 3yDwl8syJHaDX8oSywlAEw==
age: 1146
content-length: 23395
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Mon, 30 Oct 2023 17:20:45 GMT
server: cloudflare
etag: "0x8DBD96C8D7C85AE"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: d8cbf759-201e-0064-4de1-0be39a000000
cache-control: public, max-age=900, immutable
x-ms-version: 2014-02-14
accept-ranges: bytes
cf-ray: 82e148f5ae8437f1-FRA

GET
H2 200 spn_CHUNCHO_CLUB%20U%20DE%20CHILE%20210x210_b%201.png
landingpages.kaizengaming.com/de-sport/ Frame 8C3A 15 KB
15 KB 61ms
57ms Image
image/png 2606:4700:4400::ac40:934d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://landingpages.kaizengaming.com/de-sport/spn_CHUNCHO_CLUB%20U%20DE%20CHILE%20210x210_b%201.png
Requested by: Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_826b_2931c_JSABNEVPVBDAADE&utm_medium=431&utm_source=2&siteid=826
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 80a95fa030fd1df8c270f9c36ffa2c8e0f359ac337e57184d2923c5926d9ce2d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 30 Nov 2023 07:12:57 GMT
cf-cache-status: HIT
content-md5: Jj6jwZ8PUpg8EK5z52QngQ==
age: 1146
content-length: 15040
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Mon, 30 Oct 2023 17:20:45 GMT
server: cloudflare
etag: "0x8DBD96C8D4773DC"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: 7dfdbb82-201e-0016-7199-0ce4d5000000
cache-control: public, max-age=900, immutable
x-ms-version: 2014-02-14
accept-ranges: bytes
cf-ray: 82e148f5ae8537f1-FRA

GET
H2 200 BarcelonaSC.png
landingpages.kaizengaming.com/de-sport/ Frame 8C3A 33 KB
34 KB 62ms
58ms Image
image/png 2606:4700:4400::ac40:934d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://landingpages.kaizengaming.com/de-sport/BarcelonaSC.png
Requested by: Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_826b_2931c_JSABNEVPVBDAADE&utm_medium=431&utm_source=2&siteid=826
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1eee6b3963047a706793e8dbaae752aaff358acfb880b66ce0bc0ce9af38b2ed

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 30 Nov 2023 07:12:57 GMT
cf-cache-status: HIT
content-md5: zbtTWkcdS/4ZVcTx0P65OA==
age: 1146
content-length: 34170
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Mon, 30 Oct 2023 17:20:46 GMT
server: cloudflare
etag: "0x8DBD96C8E215FAC"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: c70ae5d1-401e-0010-2e63-0dd76a000000
cache-control: public, max-age=900, immutable
x-ms-version: 2014-02-14
accept-ranges: bytes
cf-ray: 82e148f5ae8637f1-FRA

GET
H2 200 FBCMELGAR.png
landingpages.kaizengaming.com/de-sport/ Frame 8C3A 31 KB
31 KB 74ms
69ms Image
image/png 2606:4700:4400::ac40:934d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://landingpages.kaizengaming.com/de-sport/FBCMELGAR.png
Requested by: Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_826b_2931c_JSABNEVPVBDAADE&utm_medium=431&utm_source=2&siteid=826
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b222717d8498c895539da6ef8972866b03bcdd1b78f31e2028b31616fa1d3b5b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 30 Nov 2023 07:12:57 GMT
cf-cache-status: HIT
content-md5: laAoZTUUiqFTjoKqlD93JA==
age: 1146
content-length: 31523
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Mon, 30 Oct 2023 17:20:46 GMT
server: cloudflare
etag: "0x8DBD96C8E31B0F1"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: 97c1ee2f-201e-0006-733b-1221bd000000
cache-control: public, max-age=900, immutable
x-ms-version: 2014-02-14
accept-ranges: bytes
cf-ray: 82e148f5ae8837f1-FRA

GET
H2 200 KOMETA.png
landingpages.kaizengaming.com/de-sport/ Frame 8C3A 6 KB
6 KB 74ms
70ms Image
image/png 2606:4700:4400::ac40:934d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://landingpages.kaizengaming.com/de-sport/KOMETA.png
Requested by: Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_826b_2931c_JSABNEVPVBDAADE&utm_medium=431&utm_source=2&siteid=826
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 180bc0fd96460f6ba482df5d6e323af292a60993e19cc7aa183b5ab74574f2bf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 30 Nov 2023 07:12:57 GMT
cf-cache-status: HIT
content-md5: X1Is2lD/8CCkI96L9PqC6Q==
age: 1565
content-length: 6098
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Mon, 30 Oct 2023 17:20:46 GMT
server: cloudflare
etag: "0x8DBD96C8E3C36AB"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: f0dd1d05-001e-0063-279c-168ff9000000
cache-control: public, max-age=900, immutable
x-ms-version: 2014-02-14
accept-ranges: bytes
cf-ray: 82e148f5ae8937f1-FRA

GET
H2 200 logo_pce2.png
landingpages.kaizengaming.com/de-sport/ Frame 8C3A 9 KB
9 KB 61ms
57ms Image
image/png 2606:4700:4400::ac40:934d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://landingpages.kaizengaming.com/de-sport/logo_pce2.png
Requested by: Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_826b_2931c_JSABNEVPVBDAADE&utm_medium=431&utm_source=2&siteid=826
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 47e965a46ae6785a0a3412ca35b96a6caf9da9e787d56b78b9fdbb1f129bc48f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 30 Nov 2023 07:12:57 GMT
cf-cache-status: HIT
content-md5: Wdb5g3cD4eZh2Tm0CyXe6A==
age: 1146
content-length: 8998
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Mon, 30 Oct 2023 17:20:47 GMT
server: cloudflare
etag: "0x8DBD96C8E4CAEF9"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: ed15b1a3-701e-0024-69a0-0be4a2000000
cache-control: public, max-age=900, immutable
x-ms-version: 2014-02-14
accept-ranges: bytes
cf-ray: 82e148f5ae8a37f1-FRA

GET
H2 200 logo-betano.svg
landingpages.kaizengaming.com/de-sport/ Frame 8C3A 22 KB
6 KB 60ms
56ms Image
image/svg+xml 2606:4700:4400::ac40:934d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://landingpages.kaizengaming.com/de-sport/logo-betano.svg
Requested by: Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_826b_2931c_JSABNEVPVBDAADE&utm_medium=431&utm_source=2&siteid=826
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3072f755bf99acdaa34415da49f58e8e83ae33d63231854a6d290dd09d5c2500

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 30 Nov 2023 07:12:57 GMT
content-encoding: gzip
cf-cache-status: HIT
content-md5: /8PMtJkMzUjtMFEegZIHcw==
age: 1565
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Mon, 30 Oct 2023 17:20:44 GMT
server: cloudflare
etag: W/"0x8DBD96C8D0A73F3"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 6719c0eb-701e-001b-799c-132c01000000
cache-control: public, max-age=900, immutable
x-ms-version: 2014-02-14
cf-ray: 82e148f5ae8b37f1-FRA

GET
H2 200 awd_egr-award-2022-operator-of-the-year.png
landingpages.kaizengaming.com/de-sport/ Frame 8C3A 4 KB
5 KB 63ms
59ms Image
image/png 2606:4700:4400::ac40:934d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://landingpages.kaizengaming.com/de-sport/awd_egr-award-2022-operator-of-the-year.png
Requested by: Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_826b_2931c_JSABNEVPVBDAADE&utm_medium=431&utm_source=2&siteid=826
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 882e474b6c38b47acb0ec38ce9e095a84624ea2b8a1d1a122c2d17d3d26c47b3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 30 Nov 2023 07:12:57 GMT
cf-cache-status: HIT
content-md5: aXcrchTaRow4V+J4yNZSjQ==
age: 1146
content-length: 4512
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Mon, 30 Oct 2023 17:20:46 GMT
server: cloudflare
etag: "0x8DBD96C8E080F19"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: d417fe4c-f01e-0058-24c5-12ca5d000000
cache-control: public, max-age=900, immutable
x-ms-version: 2014-02-14
accept-ranges: bytes
cf-ray: 82e148f5ae8c37f1-FRA

GET
H2 200 awd_egr-award-2022-sports-betting-operator.png
landingpages.kaizengaming.com/de-sport/ Frame 8C3A 5 KB
5 KB 59ms
56ms Image
image/png 2606:4700:4400::ac40:934d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://landingpages.kaizengaming.com/de-sport/awd_egr-award-2022-sports-betting-operator.png
Requested by: Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_826b_2931c_JSABNEVPVBDAADE&utm_medium=431&utm_source=2&siteid=826
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4c9314b73430fd751f94a5091a3e108f0a455d74279bf56a08dca769c746b2bd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 30 Nov 2023 07:12:57 GMT
cf-cache-status: HIT
content-md5: eXjGNE64RFjnYc6aOBQYqw==
age: 1146
content-length: 4692
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Mon, 30 Oct 2023 17:20:46 GMT
server: cloudflare
etag: "0x8DBD96C8E18AE69"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: 9e579d74-401e-0062-57a0-0bd025000000
cache-control: public, max-age=900, immutable
x-ms-version: 2014-02-14
accept-ranges: bytes
cf-ray: 82e148f5ae8d37f1-FRA

GET
H2 200 awd_egr-award-2021-football-betting-operator.png
landingpages.kaizengaming.com/de-sport/ Frame 8C3A 6 KB
6 KB 78ms
74ms Image
image/png 2606:4700:4400::ac40:934d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://landingpages.kaizengaming.com/de-sport/awd_egr-award-2021-football-betting-operator.png
Requested by: Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_826b_2931c_JSABNEVPVBDAADE&utm_medium=431&utm_source=2&siteid=826
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 71f82d8de2cbd83902d319f2d4f3b35ac739742a884b1aa5e3ce48fbeb54abbe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 30 Nov 2023 07:12:57 GMT
cf-cache-status: HIT
content-md5: QL48N56WPpNnD2BJCbdfrQ==
age: 1146
content-length: 6010
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Mon, 30 Oct 2023 17:20:43 GMT
server: cloudflare
etag: "0x8DBD96C8C66AB3D"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: 72f2b333-701e-0079-603b-12ee26000000
cache-control: public, max-age=900, immutable
x-ms-version: 2014-02-14
accept-ranges: bytes
cf-ray: 82e148f5bea237f1-FRA

GET
H2 200 awd_egr-award-2021-customer-services.png
landingpages.kaizengaming.com/de-sport/ Frame 8C3A 4 KB
5 KB 78ms
75ms Image
image/png 2606:4700:4400::ac40:934d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://landingpages.kaizengaming.com/de-sport/awd_egr-award-2021-customer-services.png
Requested by: Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_826b_2931c_JSABNEVPVBDAADE&utm_medium=431&utm_source=2&siteid=826
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e244ed2d3d2e650e8a423eec17d1792502c9b95fbc956c19a8fb8a8b93a9e4a3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 30 Nov 2023 07:12:57 GMT
cf-cache-status: HIT
content-md5: p3VebR5AVw3QzT/Awp05+w==
age: 1523
content-length: 4583
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Mon, 30 Oct 2023 17:20:43 GMT
server: cloudflare
etag: "0x8DBD96C8C5B3B4C"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: 57d4f775-901e-0071-26e1-0bf429000000
cache-control: public, max-age=900, immutable
x-ms-version: 2014-02-14
accept-ranges: bytes
cf-ray: 82e148f5bea437f1-FRA

GET
H2 200 awd_egr-award-2019-mobile-operator.png
landingpages.kaizengaming.com/de-sport/ Frame 8C3A 6 KB
6 KB 71ms
68ms Image
image/png 2606:4700:4400::ac40:934d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://landingpages.kaizengaming.com/de-sport/awd_egr-award-2019-mobile-operator.png
Requested by: Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_826b_2931c_JSABNEVPVBDAADE&utm_medium=431&utm_source=2&siteid=826
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 495ad399c1caa9c72a5b1fad6051aaa739d0df20f5623afe10bb3dc4c6c2ff3d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 30 Nov 2023 07:12:57 GMT
cf-cache-status: HIT
content-md5: 44fs+40EJE8j1DmLrNorsQ==
age: 1363
content-length: 6296
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Mon, 30 Oct 2023 17:20:43 GMT
server: cloudflare
etag: "0x8DBD96C8C506771"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: 67d9228b-701e-001b-2005-152c01000000
cache-control: public, max-age=900, immutable
x-ms-version: 2014-02-14
accept-ranges: bytes
cf-ray: 82e148f5bea737f1-FRA

GET
H2 200 awd_sbc-awards.png
landingpages.kaizengaming.com/de-sport/ Frame 8C3A 6 KB
6 KB 74ms
71ms Image
image/png 2606:4700:4400::ac40:934d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://landingpages.kaizengaming.com/de-sport/awd_sbc-awards.png
Requested by: Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_826b_2931c_JSABNEVPVBDAADE&utm_medium=431&utm_source=2&siteid=826
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9cd1efd147d00fc5bce9fd0cee40ed69acff80b89889375878a0570da83c986e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 30 Nov 2023 07:12:57 GMT
cf-cache-status: HIT
content-md5: +S8h4H5YiK6h8Y4RwrAOJQ==
age: 1146
content-length: 6301
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Mon, 30 Oct 2023 17:20:43 GMT
server: cloudflare
etag: "0x8DBD96C8C809802"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: 532d7b49-a01e-0045-2aa7-12c7e1000000
cache-control: public, max-age=900, immutable
x-ms-version: 2014-02-14
accept-ranges: bytes
cf-ray: 82e148f5bea837f1-FRA

GET
H2 200 icon-ios.png
landingpages.kaizengaming.com/de-sport/ Frame 8C3A 6 KB
6 KB 73ms
70ms Image
image/png 2606:4700:4400::ac40:934d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://landingpages.kaizengaming.com/de-sport/icon-ios.png
Requested by: Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_826b_2931c_JSABNEVPVBDAADE&utm_medium=431&utm_source=2&siteid=826
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fd3d318d6fad54a4131b5c1008853f1a01dd13aeb6ec114d11fbefad59f266ef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 30 Nov 2023 07:12:57 GMT
cf-cache-status: HIT
content-md5: j0GjjlDNvp6PdAbk4d+Rqg==
age: 1523
content-length: 5932
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Mon, 30 Oct 2023 17:20:44 GMT
server: cloudflare
etag: "0x8DBD96C8CD64C59"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: 1408dcc9-601e-0028-6a68-2273aa000000
cache-control: public, max-age=900, immutable
x-ms-version: 2014-02-14
accept-ranges: bytes
cf-ray: 82e148f5beaa37f1-FRA

GET
H2 200 icon-android.png
landingpages.kaizengaming.com/de-sport/ Frame 8C3A 6 KB
6 KB 70ms
68ms Image
image/png 2606:4700:4400::ac40:934d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://landingpages.kaizengaming.com/de-sport/icon-android.png
Requested by: Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_826b_2931c_JSABNEVPVBDAADE&utm_medium=431&utm_source=2&siteid=826
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8bb753343c3b0af0b9dfa273b033712833caedfa19b95e0d4b64b8cb14d7eeec

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 30 Nov 2023 07:12:57 GMT
cf-cache-status: HIT
content-md5: Xcsdo6ehQR3VQfTMT595Zw==
age: 582
content-length: 5944
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Mon, 30 Oct 2023 17:20:44 GMT
server: cloudflare
etag: "0x8DBD96C8CBB274B"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: a9934c3a-e01e-0026-125c-145a1a000000
cache-control: public, max-age=900, immutable
x-ms-version: 2014-02-14
accept-ranges: bytes
cf-ray: 82e148f5beac37f1-FRA

GET
H2 200 icon-instagram.png
landingpages.kaizengaming.com/de-sport/ Frame 8C3A 2 KB
2 KB 70ms
67ms Image
image/png 2606:4700:4400::ac40:934d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://landingpages.kaizengaming.com/de-sport/icon-instagram.png
Requested by: Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_826b_2931c_JSABNEVPVBDAADE&utm_medium=431&utm_source=2&siteid=826
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f5e7a155078e632cfbebf8f8aaee8ea5edd6fb350cdbcd61c227736fe374cdaf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 30 Nov 2023 07:12:57 GMT
cf-cache-status: HIT
content-md5: AUubypnMN2JeRlPkf9zpnQ==
age: 1565
content-length: 2235
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Mon, 30 Oct 2023 17:20:44 GMT
server: cloudflare
etag: "0x8DBD96C8CCF217C"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: c4e2f070-501e-0051-0fa1-0c8f8e000000
cache-control: public, max-age=900, immutable
x-ms-version: 2014-02-14
accept-ranges: bytes
cf-ray: 82e148f5bead37f1-FRA

GET
H2 200 icon-facebook.png
landingpages.kaizengaming.com/de-sport/ Frame 8C3A 1 KB
2 KB 62ms
60ms Image
image/png 2606:4700:4400::ac40:934d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://landingpages.kaizengaming.com/de-sport/icon-facebook.png
Requested by: Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_826b_2931c_JSABNEVPVBDAADE&utm_medium=431&utm_source=2&siteid=826
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 83b71ec4344fb3116e6ed880f9d1ba1bb3520f6e6445adce7fda816a68e75ffc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 30 Nov 2023 07:12:57 GMT
cf-cache-status: HIT
content-md5: DmyyMSlBYTT52o9Zn45TeA==
age: 1565
content-length: 1446
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Mon, 30 Oct 2023 17:20:44 GMT
server: cloudflare
etag: "0x8DBD96C8CC22B17"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: 67aee85d-e01e-006b-02a0-0b95f6000000
cache-control: public, max-age=900, immutable
x-ms-version: 2014-02-14
accept-ranges: bytes
cf-ray: 82e148f5beb137f1-FRA

GET
H2 200 icon-youtube.png
landingpages.kaizengaming.com/de-sport/ Frame 8C3A 2 KB
2 KB 71ms
69ms Image
image/png 2606:4700:4400::ac40:934d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://landingpages.kaizengaming.com/de-sport/icon-youtube.png
Requested by: Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_826b_2931c_JSABNEVPVBDAADE&utm_medium=431&utm_source=2&siteid=826
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c29b70533eedd12590ae5c9cf58d6e95063f4f23ef666343e5ba6bf602b62e75

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 30 Nov 2023 07:12:57 GMT
cf-cache-status: HIT
content-md5: Io37aBC4ERo7T8rJ2LvIeQ==
age: 582
content-length: 1674
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Mon, 30 Oct 2023 17:20:44 GMT
server: cloudflare
etag: "0x8DBD96C8CEF9CFC"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: 0395e1a4-b01e-0014-32f9-115a6d000000
cache-control: public, max-age=900, immutable
x-ms-version: 2014-02-14
accept-ranges: bytes
cf-ray: 82e148f5beb337f1-FRA

GET
H2 200 icon-linkedin.png
landingpages.kaizengaming.com/de-sport/ Frame 8C3A 2 KB
2 KB 72ms
70ms Image
image/png 2606:4700:4400::ac40:934d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://landingpages.kaizengaming.com/de-sport/icon-linkedin.png
Requested by: Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_826b_2931c_JSABNEVPVBDAADE&utm_medium=431&utm_source=2&siteid=826
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b65aa9d90fcec9cf44a72ddccfa72e53a10784427249050194b4c5bad3dddc03

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 30 Nov 2023 07:12:57 GMT
cf-cache-status: HIT
content-md5: T9Bl2/9ajIjSJ/Oj1zQkFw==
age: 1146
content-length: 1615
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Mon, 30 Oct 2023 17:20:44 GMT
server: cloudflare
etag: "0x8DBD96C8CDD502F"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: 84794c87-401e-0000-35c5-121202000000
cache-control: public, max-age=900, immutable
x-ms-version: 2014-02-14
accept-ranges: bytes
cf-ray: 82e148f5beb637f1-FRA

GET
H2 200 64ee070c262380ef28e936b2 Show response
visuals.kaizengaming.com/a/ Frame 316F 64 KB
21 KB 59ms
58ms Script
application/javascript 2606:4700:4400::6812:28b3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://visuals.kaizengaming.com/a/64ee070c262380ef28e936b2?did=5dfcfbaa9ed3c30001234cf0&deeplink=on&preload=off&responsive=on&background=Transparent&a=64ee070c262380ef28e936b2&redirecturl=&container=.creative
Requested by: Host: visuals.kaizengaming.com
URL: https://visuals.kaizengaming.com/scripts/iframe?did=5dfcfbaa9ed3c30001234cf0&deeplink=on&preload=off&responsive=on&background=Transparent&a=64ee070c262380ef28e936b2&redirecturl=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:28b3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 841fb12bda2901d5ff4479a2ad11317c213838cfc2afc21236c12301ace03625

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://visuals.kaizengaming.com/scripts/iframe?did=5dfcfbaa9ed3c30001234cf0&deeplink=on&preload=off&responsive=on&background=Transparent&a=64ee070c262380ef28e936b2&redirecturl=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 07:12:57 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
content-type: application/javascript
cache-control: public, s-maxage=10
cf-ray: 82e148f5aee72bf2-FRA
request-context: appId=cid-v1:1a5f66bd-0229-467a-a946-b3753e659ecb

GET
H2

200

main.js Show response
visuals.kaizengaming.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/ Frame 2134
Redirect Chain

https://visuals.kaizengaming.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://visuals.kaizengaming.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/main.js

7 KB
4 KB

32ms
32ms

Script
application/javascript

2606:4700:4400::6812:28b3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://visuals.kaizengaming.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/main.js

Requested by

Host: visuals.kaizengaming.com
URL: https://visuals.kaizengaming.com/scripts/iframe?did=5dfcfbaa9ed3c30001234cf0&deeplink=on&preload=off&responsive=on&background=Transparent&a=64ee070c262380ef28e936b2&redirecturl=

Protocol

Server

2606:4700:4400::6812:28b3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0c779c332c1cde9a27c5047c4f6755e25bf3437d3f1c9f71ac7dbf60f564ae27

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 07:12:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cloudflare
vary: accept-encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 82e148f5df352bf2-FRA

Redirect headers

date: Thu, 30 Nov 2023 07:12:57 GMT
content-encoding: gzip
server: cloudflare
vary: accept-encoding
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/main.js
access-control-allow-origin: *
cache-control: max-age=300, public
cf-ray: 82e148f5aeed2bf2-FRA

GET
H2 200 1x1.gif
a.mgid.com/ Frame 8C3A 43 B
96 B 116ms
116ms Image
image/gif 2606:4700:1::6813:854c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://a.mgid.com/1x1.gif?id=714661&type=c&tg=&r=https%3A%2F%2Flp.cleverwebserver.com%2F&nv=0&clid=&d=1701328377278

Requested by

Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_826b_2931c_JSABNEVPVBDAADE&utm_medium=431&utm_source=2&siteid=826

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:1::6813:854c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 07:12:57 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: DYNAMIC
server: cloudflare
content-type: image/gif
cf-ray: 82e148f60c4935e0-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43

GET
H2 200 document.000000CF16561F.js Show response
visuals.kaizengaming.com/accounts/betano-stoiximan/5e3174ae9562931f344ad1a5/published/5643592/7988958/ Frame 316F 177 KB
27 KB 53ms
50ms Script
application/javascript 2606:4700:4400::6812:28b3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://visuals.kaizengaming.com/accounts/betano-stoiximan/5e3174ae9562931f344ad1a5/published/5643592/7988958/document.000000CF16561F.js
Requested by: Host: visuals.kaizengaming.com
URL: https://visuals.kaizengaming.com/a/64ee070c262380ef28e936b2?did=5dfcfbaa9ed3c30001234cf0&deeplink=on&preload=off&responsive=on&background=Transparent&a=64ee070c262380ef28e936b2&redirecturl=&container=.creative
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:28b3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 09487307b29147d8a84d33e3a8bfff43d9da2260bfb39b8cf4ca75a32b239ff7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://visuals.kaizengaming.com/scripts/iframe?did=5dfcfbaa9ed3c30001234cf0&deeplink=on&preload=off&responsive=on&background=Transparent&a=64ee070c262380ef28e936b2&redirecturl=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 30 Nov 2023 07:12:57 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
content-md5: rIrlDQ43Y2HScKgRpGejWA==
x-ms-lease-status: unlocked
last-modified: Thu, 16 Nov 2023 15:35:17 GMT
server: cloudflare
etag: W/"0x8DBE6B9A2912048"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 7f543b0a-c01e-0052-0a7d-22a93b000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2011-08-18
cf-ray: 82e148f61f6d2bf2-FRA
expires: Fri, 29 Nov 2024 07:12:57 GMT

GET
H2 200 animated-creative.381532d5d5de3962867f.js Show response
visuals.kaizengaming.com/scripts/ Frame 316F 156 KB
53 KB 36ms
33ms Script
application/javascript 2606:4700:4400::6812:28b3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://visuals.kaizengaming.com/scripts/animated-creative.381532d5d5de3962867f.js
Requested by: Host: visuals.kaizengaming.com
URL: https://visuals.kaizengaming.com/a/64ee070c262380ef28e936b2?did=5dfcfbaa9ed3c30001234cf0&deeplink=on&preload=off&responsive=on&background=Transparent&a=64ee070c262380ef28e936b2&redirecturl=&container=.creative
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:28b3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dc9005440b3e7c7663e35ea9a5654e1895509c8e9b0712f3902881aebf706c89

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://visuals.kaizengaming.com/scripts/iframe?did=5dfcfbaa9ed3c30001234cf0&deeplink=on&preload=off&responsive=on&background=Transparent&a=64ee070c262380ef28e936b2&redirecturl=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 30 Nov 2023 07:12:57 GMT
content-encoding: gzip
cf-cache-status: HIT
content-md5: 7/+J+TpFL/6K7/yG6MNwEg==
age: 1421
x-ms-lease-status: unlocked
last-modified: Tue, 14 Nov 2023 09:16:12 GMT
server: cloudflare
etag: W/"0x8DBE4F258FA183A"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: edf68b8b-f01e-002b-4d59-23551f000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2011-08-18
cf-ray: 82e148f61f6f2bf2-FRA
expires: Fri, 29 Nov 2024 06:49:16 GMT

POST
H2 200 82e148f52e742bf2 Show response
visuals.kaizengaming.com/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame 2134 0
255 B 58ms
57ms XHR
text/plain 2606:4700:4400::6812:28b3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://visuals.kaizengaming.com/cdn-cgi/challenge-platform/h/g/jsd/r/82e148f52e742bf2
Requested by: Host: visuals.kaizengaming.com
URL: https://visuals.kaizengaming.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:28b3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 30 Nov 2023 07:12:57 GMT
content-encoding: gzip
server: cloudflare
cf-ray: 82e148f66fb92bf2-FRA
content-type: text/plain; charset=UTF-8

POST
H2 200 p
tr.snapchat.com/ Frame 8C3A 0
89 B 31ms
31ms Ping
text/plain 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/p

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

Referer: https://promos.betano.de/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 30 Nov 2023 07:12:57 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
via: 1.1 google
server: API Gateway
access-control-allow-origin: https://promos.betano.de
x-envoy-upstream-service-time: 1
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 comments.php
www.facebook.com/v2.3/plugins/ Frame 7021 0
0 120ms
119ms Document
text/html 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/v2.3/plugins/comments.php?app_id=1761292580857166&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfbcb1134c6bac%26domain%3Dstruma.bg%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fstruma.bg%252Ff3798c374de7c%26relation%3Dparent.parent&color_scheme=light&container_width=747&height=100&href=https%3A%2F%2Fstruma.bg%2F%25d0%25bd%25d1%2581-%25d1%2580%25d0%25b5%25d1%2588%25d0%25b8-%25d0%25bd%25d1%258f%25d0%25bc%25d0%25b0-%25d0%25b4%25d0%25b0-%25d0%25b8%25d0%25bc%25d0%25b0-%25d0%25ba%25d0%25be%25d0%25bc%25d0%25b8%25d1%2581%25d0%25b8%25d1%258f-%25d0%25b7%25d0%25b0-%25d1%2580%25d0%25b0%25d0%25b7%25d1%2581%25d0%25bb%25d0%25b5%25d0%25b4%25d0%25b2%2F&locale=bg_BG&numposts=5&sdk=joey&version=v2.3&width=

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/bg_BG/sdk.js?hash=e7124045207ce887b86049fd777b9ab6

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://struma.bg/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-length: 0
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html;charset=utf-8
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 30 Nov 2023 07:12:57 GMT
expires: Sat, 01 Jan 2000 00:00:00 GMT
pragma: no-cache
priority: u=0,i
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
reporting-endpoints: default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
x-content-type-options: nosniff
x-fb-debug: zWQ76y6h+vfOoMthiWbHqhgjSD+8tFTH+GgogStUHPTcAl99lhoa67JsAhMaFuwQtM56LV/qASFfmwWIOULoAg==
x-frame-options: DENY
x-xss-protection: 0

GET
H3 200 a
www.googletagmanager.com/ Frame 8C3A 0
11 B 27ms
26ms Image
text/html 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?v=3&t=l&pid=1249152033&rv=3b60&u=AAAAggAIAAAAACAAAAAAEA&h=Ag&gtm=45je3b60v879569639&ccid=79569639&cid=G-W0C280Z7PP&l=G-W0C280Z7PP.L467.S11.B8.E293.I473.EC7.TC21.HTC0~gtm.init.S0.V0.E35.TS5ogtreferralexclusion.TI112.TE0.TS5ogtcrossdomain.TI114.TE1.TS5ogt1pdatav2.TI115.TE0.TS5ccdgalast.TI116.TE0.TS5ccdautoredact.TI117.TE0.TS5ogteventcreate.TI118.TE0.TS5ogteventcreate.TI119.TE0.TS5ogteventcreate.TI120.TE0.TS5ogteventcreate.TI121.TE0.TS5ogteventcreate.TI122.TE0.TS5ccdconversionmarking.TI123.TE0.TS5ccdemsitesearch.TI124.TE0.TS5ccdemscroll.TI125.TE0.TS5ccdempageview.TI126.TE0.TS5ccdemoutboundclick.TI127.TE0.TS5ccdemdownload.TI128.TE0.TS5ccdgaregscope.TI129.TE0.TS5ogtgooglesignals.TI130.TE0.TS5setproductsettings.TI131.TE0.TS5ccdgafirst.TI132.TE0~gtm.js.S0.V0.E28.TS5gct.TI109.TE0~*.S0.V0.E6~gtm.dom.S0.V0.E6~gtm.scrollDepth.S0.V0.E22~gtm.load.S0.V0.E2~gtm.init_consent.S0.V0.E12

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 07:12:57 GMT
server: Google Tag Manager
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
DATA 200
OK truncated
/ Frame 316F 66 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b71c20271d9c80d1a71aa0ab9935281c4fa8ac404533f1a0747d7fb03fc68e79

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/webp

GET
BLOB 200
OK b8a39538-3fdb-413b-8cd3-e7c09551e8a1 Show response
https://visuals.kaizengaming.com/ Frame 2EA6 668 B
0 Script
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://visuals.kaizengaming.com/b8a39538-3fdb-413b-8cd3-e7c09551e8a1
Requested by: Host: visuals.kaizengaming.com
URL: https://visuals.kaizengaming.com/scripts/animated-creative.381532d5d5de3962867f.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cda3c421b62828768ee2741a35bef36bcfdb1199ee3eb987269f7d1ce2dd8876

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Length: 668
Content-Type

GET
H2 200 font
visuals.kaizengaming.com/fs/api/v2/ Frame 316F 3 KB
4 KB 51ms
51ms Font
font/woff 2606:4700:4400::6812:28b3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://visuals.kaizengaming.com/fs/api/v2/font?u=https%3A%2F%2Ffontmanagerstorage.blob.core.windows.net%2Ffontmanagerfonts%2F5e3174ae6448e1179cf13c84%2F4391e467-37b3-4742-bea0-3fd8d7724a46.woff&t=%20EGIJNRSTZ
Requested by: Host: visuals.kaizengaming.com
URL: https://visuals.kaizengaming.com/scripts/iframe?did=5dfcfbaa9ed3c30001234cf0&deeplink=on&preload=off&responsive=on&background=Transparent&a=64ee070c262380ef28e936b2&redirecturl=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:28b3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f8dada0628417055311bc45caedee2ba1770e2927bd4e50621a72f92afbc4650

Request headers

Referer: https://visuals.kaizengaming.com/scripts/iframe?did=5dfcfbaa9ed3c30001234cf0&deeplink=on&preload=off&responsive=on&background=Transparent&a=64ee070c262380ef28e936b2&redirecturl=
Origin: https://visuals.kaizengaming.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 07:12:57 GMT
cf-cache-status: DYNAMIC
last-modified: Tue, 28 Nov 2023 04:01:51 GMT
server: cloudflare
age: 184266
vary: Accept-Encoding
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
content-disposition: attachment; filename=4391e467-37b3-4742-bea0-3fd8d7724a46-subset.woff
cf-ray: 82e148f758d42bf2-FRA
expires: Fri, 29 Nov 2024 07:12:57 GMT

GET
H2 200 font
visuals.kaizengaming.com/fs/api/v2/ Frame 316F 17 KB
17 KB 56ms
56ms Font
font/woff 2606:4700:4400::6812:28b3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://visuals.kaizengaming.com/fs/api/v2/font?u=https%3A%2F%2Ffontmanagerstorage.blob.core.windows.net%2Ffontmanagerfonts%2F5e3174ae6448e1179cf13c84%2F043e3f84-365c-4321-9c90-7c1294855724.woff&t=%2008ACDEHILNSTVabcdefghilnorstuz%E2%82%AC
Requested by: Host: visuals.kaizengaming.com
URL: https://visuals.kaizengaming.com/scripts/iframe?did=5dfcfbaa9ed3c30001234cf0&deeplink=on&preload=off&responsive=on&background=Transparent&a=64ee070c262380ef28e936b2&redirecturl=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:28b3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0a9d65739f91192dc126b2865f29391483c6ff7a415ef6ea9d6df33825e4f018

Request headers

Referer: https://visuals.kaizengaming.com/scripts/iframe?did=5dfcfbaa9ed3c30001234cf0&deeplink=on&preload=off&responsive=on&background=Transparent&a=64ee070c262380ef28e936b2&redirecturl=
Origin: https://visuals.kaizengaming.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 07:12:57 GMT
cf-cache-status: DYNAMIC
last-modified: Tue, 28 Nov 2023 07:32:31 GMT
server: cloudflare
age: 171626
vary: Accept-Encoding
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
content-disposition: attachment; filename=043e3f84-365c-4321-9c90-7c1294855724-subset.woff
cf-ray: 82e148f7a93b2bf2-FRA
expires: Fri, 29 Nov 2024 07:12:57 GMT

GET
H2 200 font
visuals.kaizengaming.com/fs/api/v2/ Frame 316F 6 KB
6 KB 48ms
48ms Font
font/woff 2606:4700:4400::6812:28b3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://visuals.kaizengaming.com/fs/api/v2/font?u=https%3A%2F%2Ffontmanagerstorage.blob.core.windows.net%2Ffontmanagerfonts%2F5e3174ae6448e1179cf13c84%2Fb2261d2b-270d-4a56-995b-9f25df05ffcd.woff&t=%20%25-012ABEFINORSTUW%E2%82%AC
Requested by: Host: visuals.kaizengaming.com
URL: https://visuals.kaizengaming.com/scripts/iframe?did=5dfcfbaa9ed3c30001234cf0&deeplink=on&preload=off&responsive=on&background=Transparent&a=64ee070c262380ef28e936b2&redirecturl=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:28b3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 98f53a2ca87e71456a97f804d4c1fd6295cc5bbe02d8fc46f6486418a5eccc84

Request headers

Referer: https://visuals.kaizengaming.com/scripts/iframe?did=5dfcfbaa9ed3c30001234cf0&deeplink=on&preload=off&responsive=on&background=Transparent&a=64ee070c262380ef28e936b2&redirecturl=
Origin: https://visuals.kaizengaming.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 07:12:57 GMT
cf-cache-status: DYNAMIC
last-modified: Thu, 09 Nov 2023 07:21:54 GMT
server: cloudflare
age: 1813863
vary: Accept-Encoding
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
content-disposition: attachment; filename=b2261d2b-270d-4a56-995b-9f25df05ffcd-subset.woff
cf-ray: 82e148f8098d2bf2-FRA
expires: Fri, 29 Nov 2024 07:12:57 GMT

GET
H2 200 font
visuals.kaizengaming.com/fs/api/v2/ Frame 316F 5 KB
5 KB 47ms
47ms Font
font/woff 2606:4700:4400::6812:28b3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://visuals.kaizengaming.com/fs/api/v2/font?u=https%3A%2F%2Ffontmanagerstorage.blob.core.windows.net%2Ffontmanagerfonts%2F5e3174ae6448e1179cf13c84%2F0ff439d2-b12a-430f-bbee-4de7ec22a2af.woff&t=%20ACDEHIKLMNOPRSTW
Requested by: Host: visuals.kaizengaming.com
URL: https://visuals.kaizengaming.com/scripts/iframe?did=5dfcfbaa9ed3c30001234cf0&deeplink=on&preload=off&responsive=on&background=Transparent&a=64ee070c262380ef28e936b2&redirecturl=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:28b3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5299d0c7907c9a6db479a9c84723e41338c0d5ca6b1231ebfc1c94733b023f5a

Request headers

Referer: https://visuals.kaizengaming.com/scripts/iframe?did=5dfcfbaa9ed3c30001234cf0&deeplink=on&preload=off&responsive=on&background=Transparent&a=64ee070c262380ef28e936b2&redirecturl=
Origin: https://visuals.kaizengaming.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 07:12:57 GMT
cf-cache-status: DYNAMIC
last-modified: Thu, 30 Nov 2023 02:21:31 GMT
server: cloudflare
age: 17486
vary: Accept-Encoding
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
content-disposition: attachment; filename=0ff439d2-b12a-430f-bbee-4de7ec22a2af-subset.woff
cf-ray: 82e148f859de2bf2-FRA
expires: Fri, 29 Nov 2024 07:12:57 GMT

GET
H2 200 optimize
visuals.kaizengaming.com/io/api/image/ Frame F391 334 KB
334 KB 54ms
50ms Image
image/webp 2606:4700:4400::6812:28b3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://visuals.kaizengaming.com/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fbetano-stoiximan%2F5e3174ae9562931f344ad1a5%2Fimages%2F3cca6a95-2ccc-4b24-b704-2a20f97d11af.jpg&w=1213&h=1765&q=99&f=webp&rt=contain
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:28b3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c12b04b2276fa80a6649200e12ec4e78f3fb11bf0e21d2d2c6a215cdde0b3dcf

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

request-context: appId=cid-v1:aa2d0cc3-fd7d-4ac0-80ca-1db03d937ce1
date: Thu, 30 Nov 2023 07:12:57 GMT
cf-cache-status: DYNAMIC
last-modified: Wed, 29 Nov 2023 08:02:10 GMT
api-supported-versions: 2.0
server: cloudflare
age: 83447
vary: Accept-Encoding
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 82e148f96b3c2bf2-FRA
content-length: 341852
expires: Fri, 01 Dec 2023 07:12:57 GMT

GET
H2 200 optimize
visuals.kaizengaming.com/io/api/image/ Frame F391 56 KB
56 KB 66ms
63ms Image
image/webp 2606:4700:4400::6812:28b3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://visuals.kaizengaming.com/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fbetano-stoiximan%2F5e3174ae9562931f344ad1a5%2Fimages%2Fe77d9c26-6f64-4321-aa40-30bf97eaa85e.png&w=264&h=327&q=99&f=webp&rt=contain
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:28b3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8fd70d02d7616b90b93fbcf03f7df1c82e387831b164f744c179721924bc5335

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

request-context: appId=cid-v1:aa2d0cc3-fd7d-4ac0-80ca-1db03d937ce1
date: Thu, 30 Nov 2023 07:12:57 GMT
cf-cache-status: DYNAMIC
last-modified: Thu, 30 Nov 2023 06:04:37 GMT
api-supported-versions: 2.0
server: cloudflare
age: 4100
vary: Accept-Encoding
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 82e148f96b3d2bf2-FRA
content-length: 56928
expires: Fri, 01 Dec 2023 07:12:57 GMT

GET
H2 200 optimize
visuals.kaizengaming.com/io/api/image/ Frame F391 30 KB
30 KB 73ms
70ms Image
image/webp 2606:4700:4400::6812:28b3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://visuals.kaizengaming.com/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fbetano-stoiximan%2F5e3174ae9562931f344ad1a5%2Fimages%2F251cd259-6273-46b5-bbf2-d9de173c45ee.png&w=217&h=217&q=99&f=webp&rt=contain
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:28b3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9a05fe1eb798dc87fa29108b3ed49352b3f891fec5732c0320f7d7c5cfeedd97

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

request-context: appId=cid-v1:aa2d0cc3-fd7d-4ac0-80ca-1db03d937ce1
date: Thu, 30 Nov 2023 07:12:57 GMT
cf-cache-status: DYNAMIC
last-modified: Thu, 30 Nov 2023 04:38:25 GMT
api-supported-versions: 2.0
server: cloudflare
age: 9272
vary: Accept-Encoding
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 82e148f96b3e2bf2-FRA
content-length: 30628
expires: Fri, 01 Dec 2023 07:12:57 GMT

GET
H2 200 optimize
visuals.kaizengaming.com/io/api/image/ Frame F391 13 KB
13 KB 73ms
70ms Image
image/webp 2606:4700:4400::6812:28b3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://visuals.kaizengaming.com/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fbetano-stoiximan%2F5e3174ae9562931f344ad1a5%2Fimages%2Fd8aa5a9f-d88c-48e4-816d-106a562da729.png&w=133&h=185&q=99&f=webp&rt=contain
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:28b3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f3a18c01abb2d09ff95420fe629d9d6962376b864a43be5321315cf5674357f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

request-context: appId=cid-v1:aa2d0cc3-fd7d-4ac0-80ca-1db03d937ce1
date: Thu, 30 Nov 2023 07:12:57 GMT
cf-cache-status: DYNAMIC
last-modified: Thu, 30 Nov 2023 02:20:53 GMT
api-supported-versions: 2.0
server: cloudflare
age: 17524
vary: Accept-Encoding
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 82e148f96b3f2bf2-FRA
content-length: 13040
expires: Fri, 01 Dec 2023 07:12:57 GMT

GET
H2 200 optimize
visuals.kaizengaming.com/io/api/image/ Frame F391 11 KB
11 KB 45ms
42ms Image
image/webp 2606:4700:4400::6812:28b3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://visuals.kaizengaming.com/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fbetano-stoiximan%2F5e3174ae9562931f344ad1a5%2Fimages%2Fc0d9d4c9-d111-4df6-949b-4916fa35a25c.png&w=125&h=120&q=99&f=webp&rt=contain
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:28b3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 044161f81ce1fac7a4fad00b81c1797ef53b6420dcb3ee5023d0ac7773e06984

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

request-context: appId=cid-v1:aa2d0cc3-fd7d-4ac0-80ca-1db03d937ce1
date: Thu, 30 Nov 2023 07:12:57 GMT
cf-cache-status: DYNAMIC
last-modified: Thu, 30 Nov 2023 05:09:03 GMT
api-supported-versions: 2.0
server: cloudflare
age: 7434
vary: Accept-Encoding
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 82e148f96b402bf2-FRA
content-length: 11302
expires: Fri, 01 Dec 2023 07:12:57 GMT

GET
H2 200 optimize
visuals.kaizengaming.com/io/api/image/ Frame F391 6 KB
7 KB 64ms
60ms Image
image/webp 2606:4700:4400::6812:28b3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://visuals.kaizengaming.com/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fbetano-stoiximan%2F5e3174ae9562931f344ad1a5%2Fimages%2F6fa76e81-1a2f-4336-a8b6-1baee8c06025.png&w=90&h=37&q=99&f=webp&rt=contain
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:28b3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9c4474c8a08e668d7fdb8ecbfeda8bbd14f9a70424c2d4c2fdcb7f8a23538f7f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

request-context: appId=cid-v1:aa2d0cc3-fd7d-4ac0-80ca-1db03d937ce1
date: Thu, 30 Nov 2023 07:12:57 GMT
cf-cache-status: DYNAMIC
last-modified: Thu, 30 Nov 2023 02:20:53 GMT
api-supported-versions: 2.0
server: cloudflare
age: 17524
vary: Accept-Encoding
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 82e148f96b422bf2-FRA
content-length: 6620
expires: Fri, 01 Dec 2023 07:12:57 GMT

GET
H2 200 optimize
visuals.kaizengaming.com/io/api/image/ Frame F391 16 KB
16 KB 72ms
69ms Image
image/webp 2606:4700:4400::6812:28b3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://visuals.kaizengaming.com/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fbetano-stoiximan%2F5e3174ae9562931f344ad1a5%2Fimages%2Ff9124f75-1c52-4bea-af06-084d845e611d.png&w=162&h=164&q=99&f=webp&rt=contain
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:28b3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f198cc70c0dbefa53f75b5b8af85af5a92c12c00e727b24399a58d0f671c7426

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

request-context: appId=cid-v1:aa2d0cc3-fd7d-4ac0-80ca-1db03d937ce1
date: Thu, 30 Nov 2023 07:12:57 GMT
cf-cache-status: DYNAMIC
last-modified: Thu, 30 Nov 2023 04:38:25 GMT
api-supported-versions: 2.0
server: cloudflare
age: 9272
vary: Accept-Encoding
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 82e148f96b442bf2-FRA
content-length: 16182
expires: Fri, 01 Dec 2023 07:12:57 GMT

GET
H2 200 optimize
visuals.kaizengaming.com/io/api/image/ Frame F391 28 KB
28 KB 65ms
62ms Image
image/webp 2606:4700:4400::6812:28b3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://visuals.kaizengaming.com/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fbetano-stoiximan%2F5e3174ae9562931f344ad1a5%2Fimages%2Fcb9e21a8-9abc-4102-a538-be570b2404b3.png&w=356&h=254&q=99&f=webp&rt=contain
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:28b3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3f7c2d68eca71c2a9797c36fd965569ae502682df8e24ddf6fa8c21f6acc3f74

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

request-context: appId=cid-v1:aa2d0cc3-fd7d-4ac0-80ca-1db03d937ce1
date: Thu, 30 Nov 2023 07:12:57 GMT
cf-cache-status: DYNAMIC
last-modified: Thu, 30 Nov 2023 06:17:59 GMT
api-supported-versions: 2.0
server: cloudflare
age: 3298
vary: Accept-Encoding
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 82e148f96b462bf2-FRA
content-length: 29032
expires: Fri, 01 Dec 2023 07:12:57 GMT

GET
H2 200 optimize
visuals.kaizengaming.com/io/api/image/ Frame F391 172 KB
173 KB 63ms
60ms Image
image/webp 2606:4700:4400::6812:28b3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://visuals.kaizengaming.com/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fbetano-stoiximan%2F5e3174ae9562931f344ad1a5%2Fimages%2F532cefbc-9131-47e7-b840-a3e13b61dfe8.png&w=604&h=697&q=99&f=webp&rt=contain
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:28b3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: af6634af0785dfa1f6342dc216e635ffe9dbd92feb81d0a1783fecd3b37e67ad

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

request-context: appId=cid-v1:aa2d0cc3-fd7d-4ac0-80ca-1db03d937ce1
date: Thu, 30 Nov 2023 07:12:57 GMT
cf-cache-status: DYNAMIC
last-modified: Thu, 30 Nov 2023 06:34:30 GMT
api-supported-versions: 2.0
server: cloudflare
age: 2307
vary: Accept-Encoding
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 82e148f96b472bf2-FRA
content-length: 176540
expires: Fri, 01 Dec 2023 07:12:57 GMT

GET
H2 200 optimize
visuals.kaizengaming.com/io/api/image/ Frame F391 7 KB
7 KB 71ms
68ms Image
image/webp 2606:4700:4400::6812:28b3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://visuals.kaizengaming.com/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fbetano-stoiximan%2F5e3174ae9562931f344ad1a5%2Fimages%2Ff1514e3a-d99a-4082-a246-cf6c57fa525d.png&w=150&h=80&q=99&f=webp&rt=contain
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:28b3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1674c641b55359d221317d2a0a580c317148ed50753954cb477734f615157e74

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

request-context: appId=cid-v1:aa2d0cc3-fd7d-4ac0-80ca-1db03d937ce1
date: Thu, 30 Nov 2023 07:12:57 GMT
cf-cache-status: DYNAMIC
last-modified: Thu, 30 Nov 2023 03:13:42 GMT
api-supported-versions: 2.0
server: cloudflare
age: 14355
vary: Accept-Encoding
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 82e148f96b482bf2-FRA
content-length: 6958
expires: Fri, 01 Dec 2023 07:12:57 GMT

GET
H2 200 optimize
visuals.kaizengaming.com/io/api/image/ Frame F391 8 KB
8 KB 64ms
61ms Image
image/webp 2606:4700:4400::6812:28b3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://visuals.kaizengaming.com/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fbetano-stoiximan%2F5e3174ae9562931f344ad1a5%2Fimages%2F7a763a39-7916-445d-8fae-a6216e685905.png&w=174&h=69&q=99&f=webp&rt=contain
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:28b3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fa2fe840687db705e1e27dfa93fa8c233e3a460045892a6a094402b59b085330

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

request-context: appId=cid-v1:aa2d0cc3-fd7d-4ac0-80ca-1db03d937ce1
date: Thu, 30 Nov 2023 07:12:57 GMT
cf-cache-status: DYNAMIC
last-modified: Thu, 30 Nov 2023 05:44:07 GMT
api-supported-versions: 2.0
server: cloudflare
age: 5330
vary: Accept-Encoding
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 82e148f96b492bf2-FRA
content-length: 7696
expires: Fri, 01 Dec 2023 07:12:57 GMT

GET
H2 200 a81fba0d-00f3-4513-ae96-d2e9de4e35c9.svg
visuals.kaizengaming.com/accounts/betano-stoiximan/5e3174ae9562931f344ad1a5/images/ Frame F391 462 B
460 B 51ms
48ms Image
image/svg+xml 2606:4700:4400::6812:28b3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://visuals.kaizengaming.com/accounts/betano-stoiximan/5e3174ae9562931f344ad1a5/images/a81fba0d-00f3-4513-ae96-d2e9de4e35c9.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:28b3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4be6e57f964287d22addfd30806f4fc69fc1560fdb5f9c649beb85d1f72075db

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 30 Nov 2023 07:12:57 GMT
content-encoding: gzip
cf-cache-status: HIT
content-md5: db1RviXCYsfCGJyPhdZBgQ==
age: 722
x-ms-lease-status: unlocked
last-modified: Tue, 08 Aug 2023 12:08:19 GMT
server: cloudflare
etag: W/"0x8DB98082775296F"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: bf5ad56b-e01e-0055-3745-23c558000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2011-08-18
cf-ray: 82e148f96b4a2bf2-FRA
expires: Thu, 30 Nov 2023 11:00:55 GMT

GET
H2 200 e97b0b38-2076-4e93-b438-b20020972f61.svg
visuals.kaizengaming.com/accounts/betano-stoiximan/5e3174ae9562931f344ad1a5/images/ Frame F391 712 B
549 B 50ms
47ms Image
image/svg+xml 2606:4700:4400::6812:28b3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://visuals.kaizengaming.com/accounts/betano-stoiximan/5e3174ae9562931f344ad1a5/images/e97b0b38-2076-4e93-b438-b20020972f61.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:28b3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4fbb415ea8b4660ac89a8992303f64daddc2ccc2337b91f2cc8ee8c2c08df747

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 30 Nov 2023 07:12:57 GMT
content-encoding: gzip
cf-cache-status: HIT
content-md5: Wj2Rm4rI4ts1bvK6/OwKuA==
age: 1500
x-ms-lease-status: unlocked
last-modified: Tue, 08 Aug 2023 12:08:19 GMT
server: cloudflare
etag: W/"0x8DB9808278220AD"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 9779fb53-e01e-0008-6948-23cfdc000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2011-08-18
cf-ray: 82e148f96b4b2bf2-FRA
expires: Thu, 30 Nov 2023 10:47:57 GMT

GET
H2 200 6d5c7812-5f89-45cd-ab6d-c542e499b1fa.svg
visuals.kaizengaming.com/accounts/betano-stoiximan/5e3174ae9562931f344ad1a5/images/ Frame F391 716 B
545 B 52ms
49ms Image
image/svg+xml 2606:4700:4400::6812:28b3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://visuals.kaizengaming.com/accounts/betano-stoiximan/5e3174ae9562931f344ad1a5/images/6d5c7812-5f89-45cd-ab6d-c542e499b1fa.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:28b3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 515132f19d1446bd5902d4654f2cf236fed020ad67553ead26982588351949d4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 30 Nov 2023 07:12:57 GMT
content-encoding: gzip
cf-cache-status: HIT
content-md5: wOI1kvcZ2lxVvarwrZkpVw==
age: 536
x-ms-lease-status: unlocked
last-modified: Tue, 08 Aug 2023 12:08:19 GMT
server: cloudflare
etag: W/"0x8DB980827807321"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: c327f40c-601e-0039-76a0-212ecf000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2011-08-18
cf-ray: 82e148f96b4c2bf2-FRA
expires: Thu, 30 Nov 2023 11:04:01 GMT

GET
H2 200 44fd3f8b-5a25-42a7-a98f-996de4abd146.svg
visuals.kaizengaming.com/accounts/betano-stoiximan/5e3174ae9562931f344ad1a5/images/ Frame F391 699 B
782 B 46ms
44ms Image
image/svg+xml 2606:4700:4400::6812:28b3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://visuals.kaizengaming.com/accounts/betano-stoiximan/5e3174ae9562931f344ad1a5/images/44fd3f8b-5a25-42a7-a98f-996de4abd146.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:28b3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0e2407c604b7d77289bd9c43e9bbcc41f39378761bc7450b7b151e681729aa94

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 30 Nov 2023 07:12:57 GMT
content-encoding: gzip
cf-cache-status: HIT
content-md5: 6T5iHY4kR/cqRXlJfcIgeg==
age: 1049
x-ms-lease-status: unlocked
last-modified: Tue, 08 Aug 2023 12:08:19 GMT
server: cloudflare
etag: W/"0x8DB980827A0A29B"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 36147fb9-201e-0028-2474-22b47b000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2011-08-18
cf-ray: 82e148f96b4d2bf2-FRA
expires: Thu, 30 Nov 2023 10:55:28 GMT

GET
H2 200 50881c1d-287e-498a-abef-0967eee64053.svg
visuals.kaizengaming.com/accounts/betano-stoiximan/5e3174ae9562931f344ad1a5/images/ Frame F391 705 B
805 B 63ms
61ms Image
image/svg+xml 2606:4700:4400::6812:28b3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://visuals.kaizengaming.com/accounts/betano-stoiximan/5e3174ae9562931f344ad1a5/images/50881c1d-287e-498a-abef-0967eee64053.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:28b3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: db66baeede40115b8e53c9b5bdbd4403e4fd749493ea0074d86234e15c082ad9

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 30 Nov 2023 07:12:57 GMT
content-encoding: gzip
cf-cache-status: HIT
content-md5: OGNNML/bbmYzG3WVI4K2vw==
age: 1049
x-ms-lease-status: unlocked
last-modified: Tue, 08 Aug 2023 12:08:19 GMT
server: cloudflare
etag: W/"0x8DB98082797A2B0"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: dcf6b9c4-e01e-006a-2268-220dfb000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2011-08-18
cf-ray: 82e148f96b4f2bf2-FRA
expires: Thu, 30 Nov 2023 10:55:28 GMT

GET
H2 200 68caeb64-8770-4732-8cdc-b287d26e232f.svg
visuals.kaizengaming.com/accounts/betano-stoiximan/5e3174ae9562931f344ad1a5/images/ Frame F391 711 B
524 B 64ms
62ms Image
image/svg+xml 2606:4700:4400::6812:28b3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://visuals.kaizengaming.com/accounts/betano-stoiximan/5e3174ae9562931f344ad1a5/images/68caeb64-8770-4732-8cdc-b287d26e232f.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:28b3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ca53f71166b7b496394a852d6266cfd9c7e8800b3890e7074ad8e6f219958208

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 30 Nov 2023 07:12:57 GMT
content-encoding: gzip
cf-cache-status: HIT
content-md5: H8vQZgECIVhMUK6iBn/x3A==
age: 1049
x-ms-lease-status: unlocked
last-modified: Tue, 08 Aug 2023 12:08:19 GMT
server: cloudflare
etag: W/"0x8DB9808278D9165"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: dcb95173-701e-000a-3274-227164000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2011-08-18
cf-ray: 82e148f96b502bf2-FRA
expires: Thu, 30 Nov 2023 10:55:28 GMT

GET
H2 200 c7fea8b5-896d-4d27-bcfc-3d8e40cc4ee2.svg
visuals.kaizengaming.com/accounts/betano-stoiximan/5e3174ae9562931f344ad1a5/images/ Frame F391 713 B
521 B 64ms
62ms Image
image/svg+xml 2606:4700:4400::6812:28b3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://visuals.kaizengaming.com/accounts/betano-stoiximan/5e3174ae9562931f344ad1a5/images/c7fea8b5-896d-4d27-bcfc-3d8e40cc4ee2.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:28b3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 09a3e0af0b633adb17d10b1e76da6da24a474166ae0d23c14e70d61ee4d5a39d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 30 Nov 2023 07:12:57 GMT
content-encoding: gzip
cf-cache-status: HIT
content-md5: PGPRbIvWC6EgP2XMl5G9Xw==
age: 536
x-ms-lease-status: unlocked
last-modified: Tue, 08 Aug 2023 12:08:19 GMT
server: cloudflare
etag: W/"0x8DB9808279A137F"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: ce293d5b-401e-003e-149c-2142ac000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2011-08-18
cf-ray: 82e148f96b512bf2-FRA
expires: Thu, 30 Nov 2023 11:04:01 GMT

GET
H2 200 d5e4cd03-efef-48fe-94f1-4867b321bfec.svg
visuals.kaizengaming.com/accounts/betano-stoiximan/5e3174ae9562931f344ad1a5/images/ Frame F391 701 B
521 B 71ms
69ms Image
image/svg+xml 2606:4700:4400::6812:28b3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://visuals.kaizengaming.com/accounts/betano-stoiximan/5e3174ae9562931f344ad1a5/images/d5e4cd03-efef-48fe-94f1-4867b321bfec.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:28b3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1b3f188627e15b360d1350f38b9fc396fc21fde8a6286bc43133a5b2a26638eb

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 30 Nov 2023 07:12:57 GMT
content-encoding: gzip
cf-cache-status: HIT
content-md5: kbsYe45EOgyN0lklvpvsrA==
age: 1049
x-ms-lease-status: unlocked
last-modified: Tue, 08 Aug 2023 12:08:19 GMT
server: cloudflare
etag: W/"0x8DB9808279B4BE1"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 16dcae01-401e-003e-3374-2242ac000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2011-08-18
cf-ray: 82e148f96b522bf2-FRA
expires: Thu, 30 Nov 2023 10:55:28 GMT

GET
H2 200 4d170477-b2d8-4716-ba89-5383a384fb5e.svg
visuals.kaizengaming.com/accounts/betano-stoiximan/5e3174ae9562931f344ad1a5/images/ Frame F391 701 B
803 B 72ms
70ms Image
image/svg+xml 2606:4700:4400::6812:28b3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://visuals.kaizengaming.com/accounts/betano-stoiximan/5e3174ae9562931f344ad1a5/images/4d170477-b2d8-4716-ba89-5383a384fb5e.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:28b3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5c694b35a7330040aa87ab8631c4cd208848c931022413ae1cd36211d3be18d1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 30 Nov 2023 07:12:57 GMT
content-encoding: gzip
cf-cache-status: HIT
content-md5: CP5dckuzFGRJ6dKK7x8ltA==
age: 1049
x-ms-lease-status: unlocked
last-modified: Tue, 08 Aug 2023 12:08:19 GMT
server: cloudflare
etag: W/"0x8DB980827905047"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 1dd6b8e7-501e-000d-3f8d-221d07000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2011-08-18
cf-ray: 82e148f96b542bf2-FRA
expires: Thu, 30 Nov 2023 10:55:28 GMT

GET
H2 200 721e32ef-455d-42fa-8428-1ae5fb319ab9.svg
visuals.kaizengaming.com/accounts/betano-stoiximan/5e3174ae9562931f344ad1a5/images/ Frame F391 2 KB
1 KB 62ms
61ms Image
image/svg+xml 2606:4700:4400::6812:28b3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://visuals.kaizengaming.com/accounts/betano-stoiximan/5e3174ae9562931f344ad1a5/images/721e32ef-455d-42fa-8428-1ae5fb319ab9.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:28b3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b03448143098de5b03500bf34c10210735d29421ef85ddd0d06213eea451fd49

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 30 Nov 2023 07:12:57 GMT
content-encoding: gzip
cf-cache-status: HIT
content-md5: dIIZsAgREGCk+L7z+CtKvA==
age: 161
x-ms-lease-status: unlocked
last-modified: Thu, 10 Aug 2023 10:33:34 GMT
server: cloudflare
etag: W/"0x8DB998D3FC6613A"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: dd10961b-701e-000a-028c-227164000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2011-08-18
cf-ray: 82e148f98b6a2bf2-FRA
expires: Thu, 30 Nov 2023 11:10:16 GMT

GET
H2 200 7d019101-6c40-47bf-b456-9289e9bf3d69.svg
visuals.kaizengaming.com/accounts/betano-stoiximan/5e3174ae9562931f344ad1a5/images/ Frame F391 454 B
481 B 70ms
69ms Image
image/svg+xml 2606:4700:4400::6812:28b3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://visuals.kaizengaming.com/accounts/betano-stoiximan/5e3174ae9562931f344ad1a5/images/7d019101-6c40-47bf-b456-9289e9bf3d69.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:28b3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d1003881ad0defce4d7bd1955eed2bd8acedde9f766c08473d49157082ac3994

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 30 Nov 2023 07:12:57 GMT
content-encoding: gzip
cf-cache-status: HIT
content-md5: Fe9zUTUCieFRBF6mOTWgjw==
age: 722
x-ms-lease-status: unlocked
last-modified: Tue, 08 Aug 2023 09:01:14 GMT
server: cloudflare
etag: W/"0x8DB97EE04CD7BF6"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: bf5ac2d9-e01e-0055-0845-23c558000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2011-08-18
cf-ray: 82e148f98b6c2bf2-FRA
expires: Thu, 30 Nov 2023 11:00:55 GMT

GET
H2 200 f32d22d9-d683-4c02-9855-0e5fcd20e25b.svg
visuals.kaizengaming.com/accounts/betano-stoiximan/5e3174ae9562931f344ad1a5/images/ Frame F391 2 KB
1 KB 69ms
68ms Image
image/svg+xml 2606:4700:4400::6812:28b3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://visuals.kaizengaming.com/accounts/betano-stoiximan/5e3174ae9562931f344ad1a5/images/f32d22d9-d683-4c02-9855-0e5fcd20e25b.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:28b3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4c337470bc1e9446492c2dbb7a54343960f4ae88e51115502008f4c7f05a1f00

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 30 Nov 2023 07:12:57 GMT
content-encoding: gzip
cf-cache-status: HIT
content-md5: 52m6i3E5yoDqe8bIckaoJg==
age: 1420
x-ms-lease-status: unlocked
last-modified: Tue, 08 Aug 2023 09:01:14 GMT
server: cloudflare
etag: W/"0x8DB97EE04CF5095"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 1fcc6ac7-c01e-0020-57b7-21ae74000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2011-08-18
cf-ray: 82e148f98b6d2bf2-FRA
expires: Thu, 30 Nov 2023 10:49:17 GMT

POST
H2 200 /
visuals.kaizengaming.com/tr/v2/pixel/ Frame 316F 0
73 B 74ms
74ms Ping
text/plain 2606:4700:4400::6812:28b3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://visuals.kaizengaming.com/tr/v2/pixel/
Requested by: Host: visuals.kaizengaming.com
URL: https://visuals.kaizengaming.com/a/64ee070c262380ef28e936b2?did=5dfcfbaa9ed3c30001234cf0&deeplink=on&preload=off&responsive=on&background=Transparent&a=64ee070c262380ef28e936b2&redirecturl=&container=.creative
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:28b3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://visuals.kaizengaming.com/scripts/iframe?did=5dfcfbaa9ed3c30001234cf0&deeplink=on&preload=off&responsive=on&background=Transparent&a=64ee070c262380ef28e936b2&redirecturl=
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 30 Nov 2023 07:12:57 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 82e148fa0bf22bf2-FRA
content-length: 0
request-context: appId=cid-v1:1d9bcaa3-5ddc-4e5d-973c-949d7ceab63e

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: 12738953.fls.doubleclick.net
URL: https://12738953.fls.doubleclick.net/activityi;dc_pre=CP_svYyW64IDFQlOHgIdoVoJ8g;src=12738953;type=despo0;cat=despo0;ord=1962460059;~oref=https%3A%2F%2Fpromos.betano.de%2F?

Verdicts & Comments Add Verdict or Comment

158 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

39 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
sc-static.net/scevent.min.js	1970-01-20 16:36:54	Name: X-AB Value: undefined
www.google.com/recaptcha	1970-01-20 20:54:40	Name: _GRECAPTCHA Value: 09AGYuNuROBw_FDUQIPvyBiNCuP_LVignsRZ5OMajvD8oKhTqQyAX98O_8SmXoXFVVh_CA_ycUX6jL4kd7yCrPoE8
struma.bg/	1970-01-20 16:45:33	Name: SC_showNum_131492 Value: 1
.struma.bg/	1970-01-20 16:36:25	Name: SC_unique_131492 Value: 0
.struma.bg/	1970-01-20 16:36:54	Name: surfer_uuid Value: 544178f8-7135-4bdc-bc6e-21723bed86cb
.struma.bg/	1969-12-31 23:59:59	Name: gz_page_depth Value: %7B%22last%22%3A%22https%3A%2F%2Fstruma.bg%2F%25D0%25BD%25D1%2581-%25D1%2580%25D0%25B5%25D1%2588%25D0%25B8-%25D0%25BD%25D1%258F%25D0%25BC%25D0%25B0-%25D0%25B4%25D0%25B0-%25D0%25B8%25D0%25BC%25D0%25B0-%25D0%25BA%25D0%25BE%25D0%25BC%25D0%25B8%25D1%2581%25D0%25B8%25D1%258F-%25D0%25B7%25D0%25B0-%25D1%2580%25D0%25B0%25D0%25B7%25D1%2581%25D0%25BB%25D0%25B5%25D0%25B4%25D0%25B2%2F%22%2C%22depth%22%3A1%7D
.struma.bg/	1969-12-31 23:59:59	Name: page_load_uuid Value: b41dcab1-baf6-475a-93e2-3148154e7624
.mgid.com/	1970-01-20 16:35:30	Name: __cf_bm Value: a2gz10jL7sBGfeV3vhfyb1k7bKwBCvEefpToeF6_p3I-1701328375-0-AVIgM73GvLUYaVJ1UiksEuj7bqyRbNpMFp4DO06hrXTuDVmN39lCeMr/YtBi5QN1j0DX6b5dGrfUKrXjjUNXN/8=
.struma.bg/	1970-01-21 02:11:28	Name: _ga_XGPPP9DSRW Value: GS1.1.1701328375.1.0.1701328375.0.0.0
.struma.bg/	1970-01-21 02:11:28	Name: _ga Value: GA1.1.1833567260.1701328376
.struma.bg/	1970-01-21 01:21:04	Name: cf_clearance Value: UgnkalkrSXdmu9BoroP8cgKRccelYvmDeaLlKtGGnPE-1701328376-0-1-941433cb.172cc000.c7b8291f-0.2.1701328376
struma.bg/	1970-01-20 17:18:40	Name: clever-last-tracker-47482 Value: 1
struma.bg/	1970-01-20 16:36:54	Name: clever-counter-47482 Value: 0-1
struma.bg/	1970-01-20 16:45:33	Name: SC_showNumV_131492 Value: 1
struma.bg/	1970-01-20 16:45:33	Name: SC_sevenDay_Expires_131492 Value: 1701933176158
.betweendigital.com/	1970-01-21 01:21:04	Name: dc Value: lux1
.betweendigital.com/	1970-01-21 01:21:04	Name: tuuid Value: d3fda0e6-7252-524e-838d-272ee6e512d6
.betweendigital.com/	1970-01-21 01:21:04	Name: ss Value: 1
.betweendigital.com/	1970-01-21 01:21:04	Name: ut Value: ZWg1-AADwPD6Kq_JbzQaMTaTT1ezC8SkZIMU8w==
n.ads1-adnow.com/	1969-12-31 23:59:59	Name: SC_dsp_uuid_v3_336 Value: d3fda0e6-7252-524e-838d-272ee6e512d6
gml-grp.com/	1970-01-21 02:11:28	Name: CEK Value: a
.gml-grp.com/	1970-01-20 16:35:30	Name: __cf_bm Value: H6ApANuM8whuc3goLhkJd6wpf482hAZjVtS782WxRog-1701328376-0-AbejIdxbkiwEA7dbf9RdBbOAQxnFA09DCiejdrNWHLZJ/zOpjpVsNgRmstQFwiOAlnWwHzo8wG/KPB9fI/7BOvU=
.gml-grp.com/	1969-12-31 23:59:59	Name: _cfuvid Value: 0yj1Ea9VTgXSEll7I.4C3eOC2FeqsITAw84sgU5CAL8-1701328376589-0-604800000
struma.bg/	1969-12-31 23:59:59	Name: AdskeeperStorage Value: %7B%220%22%3A%7B%22svspr%22%3A%22%22%2C%22svsds%22%3A1%7D%2C%22C1136859%22%3A%7B%22page%22%3A1%2C%22time%22%3A%221701328376635%22%7D%7D
struma.bg/	1969-12-31 23:59:59	Name: MgidStorage Value: %7B%220%22%3A%7B%22svspr%22%3A%22%22%2C%22svsds%22%3A1%7D%2C%22C1290783%22%3A%7B%22page%22%3A1%2C%22time%22%3A%221701328376649%22%7D%7D
gml-grp.com/	1970-01-20 18:45:04	Name: XYZ Value: 120&0&148&&&&0&1&&03942586-83b8-4c1d-ac85-590a4f523793&&a_826b_2931&
gml-grp.com/	1970-01-20 18:45:04	Name: A_2931 Value: a=2931&r=0&fv=0&lv=0&vc=0&fc=20231130&lc=20231130071256&cc=1
gml-grp.com/	1970-01-20 18:45:04	Name: PM_11 Value: id=aa381129-aba3-4f73-81a9-0295dbde684f&c=JSABNEVPVBDAADE&s=826&ad=2931&md=0&pm=11&d=20231130071256&ip=0&r=0&ref=https%3A%2F%2Flp.cleverwebserver.com%2F&RedirectParams=btag%3Da_826b_2931c_JSABNEVPVBDAADE%26utm_medium%3D431%26utm_source%3D2%26siteid%3D826&cip=MjAwMToxYjYwOjI6MjQwOjMyNDc6OjEw
struma.bg/	1970-01-20 17:18:40	Name: _pbjs_userid_consent_data Value: 3524755945110770
.betano.de/	1970-01-20 17:18:40	Name: btag Value: a_826b_2931c_JSABNEVPVBDAADE
.betano.de/	1970-01-20 16:35:30	Name: __cf_bm Value: kflmUgocYqYOlTbWWSRyinSY2L4Tc5nTo1VIRxb0rEA-1701328376-0-AQXC4MzjhHbkPBQqqq2BqkGviT1aYbN+0FJHecEkSD88PtQwlEfJnub4w2eTRgOpzqShghGXh6Ptjc+eNR+BsMs=
.betano.de/	1969-12-31 23:59:59	Name: _cfuvid Value: cdrFIgJoOxi3ct7xMK4TyXV1oN9L9BVUuMf2C5couaQ-1701328376781-0-604800000
.kaizengaming.com/	1970-01-20 16:35:30	Name: __cf_bm Value: nA6E_Nkw2THBcGGn4eTAgHAEvavl8UI86J56zIs7Il0-1701328376-0-AR4HkF8lzT1dL9OhRBUnmx9+VCfDUC+hS4gkjIa9GZyKcfPDaR2xZOr33DJcIKVpVaekk8bqif72hjeLavnldso=
.kaizengaming.com/	1969-12-31 23:59:59	Name: _cfuvid Value: Wx0u_JoKpOmR0TUGsaDXfXfMnDj9sVBffcGYX6L0kGI-1701328376995-0-604800000
.betano.de/	1970-01-21 01:21:04	Name: cf_clearance Value: V8Wpl7nE3Ysr5yVpQU3N.GR7y2sOD9_eqYvDcQfzDdg-1701328377-0-1-941433cb.9863c73f.c3156c2b-0.2.1701328377
.doubleclick.net/	1970-01-21 01:57:04	Name: IDE Value: AHWqTUkN1u_7ZFr0oL-9bgdEEeYJtN9jHIjrryguU5WJsbF3jzWM9gPj34AEhE0VV4Y
.bing.com/	1970-01-21 01:57:04	Name: MUID Value: 3C0066D0961260472C2D7509971261AB
.snapchat.com/	1970-01-21 01:57:04	Name: sc_at Value: v2\|H4sIAAAAAAAAAAXBgRHAIAgDwIm4C0ZMHQdbnILh+7+uDyCvxYqwebYsRRo2PQv5vVXdLjjHQ6nxAzf10jcyAAAA
.kaizengaming.com/	1970-01-21 01:21:04	Name: cf_clearance Value: vj7j1TtOGQU4_qcFhNHXpxgbj00tX.97x6zHFdhoKBI-1701328377-0-1-941433cb.89285fa8.c3156c2b-0.2.1701328377

15 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'ambient-light-sensor'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'bluetooth'.
security	warning	Message: Error with Permissions-Policy-Report-Only header: Unrecognized feature: 'document-domain'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'ambient-light-sensor'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'bluetooth'.
security	warning	Message: Error with Permissions-Policy-Report-Only header: Unrecognized feature: 'document-domain'.
javascript	warning	URL: https://jsc.mgid.com/s/t/struma.bg.1290783.es6.js(Line 399) Message: The deviceorientation events are blocked by permissions policy. See https://github.com/w3c/webappsec-permissions-policy/blob/master/features.md#sensor-features
javascript	warning	URL: https://jsc.adskeeper.com/s/t/struma.bg.1136859.es6.js(Line 219) Message: The deviceorientation events are blocked by permissions policy. See https://github.com/w3c/webappsec-permissions-policy/blob/master/features.md#sensor-features
network	error	URL: https://promos.betano.de/willkommenspaket/Rectangle.svg Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://promos.betano.de/willkommenspaket/bullet.svg Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://promos.betano.de/willkommenspaket/Rectangle.svg Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://promos.betano.de/willkommenspaket/banner1.png Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://promos.betano.de/willkommenspaket/banner3.png Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://promos.betano.de/willkommenspaket/banner2.png Message: Failed to load resource: the server responded with a status of 404 ()
other	error	URL: chrome-error://chromewebdata/ Message: Refused to display 'https://www.facebook.com/' in a frame because it set 'X-Frame-Options' to 'deny'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

12738953.fls.doubleclick.net
a.mgid.com
ads.betweendigital.com
ads.pubmatic.com
adservice.google.com
api-js.datadome.co
bat.bing.com
c.adskeeper.com
c.mgid.com
call.cleverwebserver.com
cdn.adskeeper.co.uk
cdn.geozo.com
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.mgid.com
cl.imghosts.com
cm.adskeeper.com
code.jquery.com
connect.facebook.net
dd.betano.de
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
gml-grp.com
googleads.g.doubleclick.net
imgcf1.com
jsc.adskeeper.com
jsc.mgid.com
l8hdf6dsg4.ru
landingpages.kaizengaming.com
lh3.googleusercontent.com
lp.cleverwebserver.com
media.geozo.com
n.ads1-adnow.com
pagead2.googlesyndication.com
promos.betano.de
region1.google-analytics.com
s-img.adskeeper.com
s-img.mgid.com
s2.adform.net
sc-static.net
scnd-tr.com
scontent.xx.fbcdn.net
scripts.cleverwebserver.com
securepubads.g.doubleclick.net
sender.cleverwebserver.com
servicer.adskeeper.com
servicer.mgid.com
st-n.ads1-adnow.com
st-n.ads3-adnow.com
st-n.ads5-adnow.com
static.xx.fbcdn.net
struma.bg
tr.snapchat.com
trk-a.com
ui.cleverwebserver.com
visuals.kaizengaming.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
xamubee.ru
12738953.fls.doubleclick.net
116.202.73.72
143.204.207.250
172.217.18.102
172.217.18.2
172.255.141.121
184.30.16.195
185.18.187.81
188.42.34.65
2001:4860:4802:34::36
2606:4700:10::ac43:266a
2606:4700:1::6813:814c
2606:4700:1::6813:854c
2606:4700:3035::6815:3627
2606:4700:4400::6812:2396
2606:4700:4400::6812:24ac
2606:4700:4400::6812:28b3
2606:4700:4400::ac40:919c
2606:4700:4400::ac40:9281
2606:4700:4400::ac40:934d
2606:4700:4400::ac40:986a
2606:4700:4400::ac40:98bf
2606:4700::6810:5714
2620:1ec:c11::200
2a00:1450:4001:800::2002
2a00:1450:4001:803::200e
2a00:1450:4001:809::2002
2a00:1450:4001:80b::2008
2a00:1450:4001:810::2002
2a00:1450:4001:810::200a
2a00:1450:4001:813::2003
2a00:1450:4001:827::2004
2a00:1450:4001:82f::2002
2a00:1450:4001:82f::2003
2a00:1450:4001:830::200e
2a00:1450:4001:831::2001
2a00:1450:4001:831::2003
2a03:2880:f084:d:face:b00c:0:3
2a03:2880:f177:83:face:b00c:0:25de
2a03:90c0:41:2801::62
2a04:4e42:600::649
2a06:98c1:3120::3
3.65.77.69
31.172.81.226
35.190.43.134
37.157.6.236
52.222.236.18
78.140.179.119
88.208.41.101
88.85.84.119
0080fc182724bb08c4f7f45f0752d0e291afa9e49d831c62dafd805267a2a45f
02d8d8d1d3f164722d3aae632d7f0847fa5e99e1f0bc0442043779016dc2f500
03cf7cf7dd5d076a88d37562a6d235a0e1af2c635800fff29456d83da6d3bc0c
044161f81ce1fac7a4fad00b81c1797ef53b6420dcb3ee5023d0ac7773e06984
063f01f90525ec70cedf00e54824f77cf8576fd98dfa18b38ea60c2d990c0f09
0786aed711548e78f13e219e44e492712e89fb2d8b079c35124cccb7fe1e14da
07acb32729e17bc7cdd9f0496c1c24dd12dfc2d51da123a9d9d65cbd4f2d76e8
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
09487307b29147d8a84d33e3a8bfff43d9da2260bfb39b8cf4ca75a32b239ff7
09a3e0af0b633adb17d10b1e76da6da24a474166ae0d23c14e70d61ee4d5a39d
0a5f94941f29c7f9ee9e9bcb9b324b23c49faf39f55f49a0e80bf81189297adc
0a9d65739f91192dc126b2865f29391483c6ff7a415ef6ea9d6df33825e4f018
0aa554b7453c36d605833a473df0e1825189dc64c064b472430bbc65078c9312
0b8f29b4daf9d94e8f16aa1350d765302aa6c972887cbbee7122f2103d5f4812
0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740
0c779c332c1cde9a27c5047c4f6755e25bf3437d3f1c9f71ac7dbf60f564ae27
0cdf7ea3b474c0386095c61755691af8545e472b38686666ef5f9854eb1180bb
0d30bf2fed05dd3fd9d75518e4880a732e6fe241c83d162d5f4dc601cda660d5
0e2407c604b7d77289bd9c43e9bbcc41f39378761bc7450b7b151e681729aa94
0e4d2065ce1ca476b7eee65f4df4c3112627e1531aaeea876d6e3a1e2c010abc
1060091178cbd6c843b802f516f230f1a3a1e85f1afbd6ef84d80e5430ba457e
10dace68155c5de4923c2037d6a6cae1c4f71913e77264e5632ebb598bc824c8
1172af7570acdb509d41b715ff6f8d2c0e06a3af29b54e76ae681571161e4d5e
11965a44399ce5cd904ee01dece352a1d6598e49f71178d012129cacffb5a569
13b05ebed75e866c373f97e313031b9249f7dfa400646280636c7c422359bcbf
150c4ce68ca34720f62e60afcde151da83ded89e0865822ef8fa76ae1e70a91e
1674c641b55359d221317d2a0a580c317148ed50753954cb477734f615157e74
172638a23c0d57350f8c097f80fd9dcf58cecaf5217cd70b8fa552b68a2a62e9
180bc0fd96460f6ba482df5d6e323af292a60993e19cc7aa183b5ab74574f2bf
191105d9bb6dcd1260c8a35f8a9968b44dab4480659e68f1f6a04f4128e82575
1b3f188627e15b360d1350f38b9fc396fc21fde8a6286bc43133a5b2a26638eb
1b89e19aca89f180ba1e62c62495c5e4156f96cfa866b19cf0df0192452f477f
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1c8164e40df8196fb3c93781e337ff7b73230d361c5056d6efe90a77f993ae66
1eee6b3963047a706793e8dbaae752aaff358acfb880b66ce0bc0ce9af38b2ed
2019d77fa19a331f0e33fb1e0f96103832fdaf49481ef54920e83b59ab68f1e2
205e9f18edd429e8891ed5e3518978e1c1859ad9f9a2a5627bd3478e546c577f
20eb692d7e54b1992776015beb0cc19aa121ebbcc37f6e5ee59d5b0f03a6b558
21b1fdeba9c263ef576c174286f2d861a4ef9b8b5cb98f34cb568905fb899d86
27ab9a78a525201acd5c66562a7ddbfbe44d5431474d345b577031fdc61c13cf
2863b52bbc74d053b6415278249cb4258747dd6f355f6ba30739b1f84e76861a
2947a68c3b9205879f47c1fe508e4b95197f7e8ab129c2a7139845e34524328a
2a5e290f330a473df29695496b8d33d379cb2b17686b63f9356bb23e07f7bd86
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2cef4d5519e8eaec7a37550736f40dbabb970cfacb137921669274e9032480b9
2f940657680bd767a223c8dbfae60a9d020adcc30ef92c65f35716064c905359
3072f755bf99acdaa34415da49f58e8e83ae33d63231854a6d290dd09d5c2500
329d5731cf31f3c11606e20207942d0434d3fef9a4f7fcd4fb2130b99408847d
330cff91555f186b8a8ecf86b23243c8dff0feea094f2504b385996add1e6ca9
3360cb92daceed3120a0ab9bf0e5af602870bd57c2553f935bfca2ee3a6bfb5f
351fa8afb88d904594dbf5f1bb46b2cefe46e2ade4a5cb156ad27e0912c70149
35eb8dfaab4bf3bac258cec08918ec16f4b23e8d47b5bbaa41fbd28f4660b1de
39cc61de7585bf7118a02407ae9937489452bdf141650c6bf221d545000e8010
3c1798ee0e6e7de78f91bb457e6670385951caea9fc9c97295ca303ec6fe49be
3cdf7b9050b77215810c157f54ddb9d071403368cd88ae7e7c448de3205a94d2
3d1c2f35094801483b09e1ca0e6f952c38b597d472bf0b13a2087089b54886f0
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3f7c2d68eca71c2a9797c36fd965569ae502682df8e24ddf6fa8c21f6acc3f74
441066fc4e80d18432943778ba2930fa98304ad18f842ea1d9a97fc84cf841f7
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22
45c3fd1dddb49f5a2d28f93bc49a1cf05111308523e706be17bf580fd6bc54e4
46336d17bc0deae32fd48d3697163d7845b46f846ef4b247fd01358d7f349a20
46f7263eac1e2453cee5455bb2c4630c038ee08dcfd8676624a748f5ac7ea918
4738220a67bdb2caee6f2a17b01ad9c83456114795264cfd7358faad8c2e26ad
474bce658cf4099a533876ad3b355841f28f859970abb15faf021d4440360fe9
47e965a46ae6785a0a3412ca35b96a6caf9da9e787d56b78b9fdbb1f129bc48f
4857c221597211a7cf32ce246c4237a835909e361d9e87faa9c87e281f47a085
495ad399c1caa9c72a5b1fad6051aaa739d0df20f5623afe10bb3dc4c6c2ff3d
4be5965ec09031c136ca23f09f35b7235f8fdd5b1d3bc355e03efdcfb1dfe039
4be6e57f964287d22addfd30806f4fc69fc1560fdb5f9c649beb85d1f72075db
4c0ced2cb3830d045cdd74f745fd4d6dcb082d8edd3a9fe46e39295e30cb8032
4c337470bc1e9446492c2dbb7a54343960f4ae88e51115502008f4c7f05a1f00
4c9314b73430fd751f94a5091a3e108f0a455d74279bf56a08dca769c746b2bd
4ee5c41793a24742a7d8177cb2e31be8b5954c629de369817b1250b257a55d26
4f26e74a5392e23175b93e81e7b642e02c20d3ca132207dc7f00abfb7dae2b6d
4f3a18c01abb2d09ff95420fe629d9d6962376b864a43be5321315cf5674357f
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
4fbb415ea8b4660ac89a8992303f64daddc2ccc2337b91f2cc8ee8c2c08df747
515132f19d1446bd5902d4654f2cf236fed020ad67553ead26982588351949d4
51b30ef10f6cc1ec7afd7a6cec35fb1959128983ddfb694eddd75dac700bc80f
51d6ff42b2e67ee804fe0013a703261074953d0c4287fa94096d07d843e9344b
51da5b73ff056af5a7b6661a72877729acae13288868cf5689e7933f283d8f22
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
5299d0c7907c9a6db479a9c84723e41338c0d5ca6b1231ebfc1c94733b023f5a
52b348a8a70b0dd4a3e2665558d62a9a863e46fc62aa9e53020d86a97f9b6927
5330e3408a23abb0eaa204cb328183ed6781ca7c0e0350629454c170e15c033a
578bc39a829b4fff1ac0991c63993a36a142be40bd9d87d62ce745448d6371f2
59b5e3f2ee98460d0d815072c15c6683f9614e7ebaa614dc104f2ab03ff41b7c
5a3535bf9c68a69732cec8f625abb8a79db09a0466d0793f491a9193710aff92
5a81bb5455ce6e042897ddd46d78dcef7e677f9ab7df1069a04419493e0e4d7a
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5a9d7acd12a63781599a69aaa83db1b96ed2df854473c5b6197b280d4a4b1cdf
5b9d26288aab01965aca265cb2d6c95dd3061a82a02c258ee3c487d2a4d5dfd1
5c447157fa660c55a320f8c1735eacb754c4697c5ff98dd4140da21ffb9b1ba4
5c694b35a7330040aa87ab8631c4cd208848c931022413ae1cd36211d3be18d1
5c93f77799d122fb5255ee24da285f9f228cc118cba11e6ceb2b6bda8cdf4164
5e319852607809336b2534ffeb96f6933f26994dd040f535302c84f59cc0a214
5fdd4b70656a4af2ced48e2c62918cb576d2c19f7770aaeea03131b2e5150d53
5fe46d2da01452067736578431f6c6e8116a24e616f58c72d9d81fdb2c7c9569
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda
6292d47914f9b1671e0c7b3076ea35aa0127785ed01ae8df56f534171114b08a
62abee42f8de35bf84f870156e78a63ef9ac008a94e48924de6101eb335c1856
62caffb569b2f4b4bf9f4c317c6dfc6ed155304a9bce20f0d12613053f1cc3c1
6330b250ce97ae8971b752d428752058faeaaa0ac2182a6d91e65bae2380e3ae
64df14cee80e2e1dd6d148352be620b1e1723b9b6177a1a2a04b15b9cfd5baee
6592305ec6aa9d489618146fcf99be8d4fde180b7a44bfcba1a5733cd50015cb
66b0257c1af0e91ae349f79cfe1208550c79d0794c481e959109a64f31c5ea1a
66d6134ba78aa696138e20379d5d29b84786209296632af931db7d4631380f7b
67447c3656caad630373253691f3e8f64467eafd6e7305c9b0e98111b0b41694
6974bfd8fa06b7831f05cb4b25860c851a5ad3f02a6699ebe688987dd7a6ebe6
697a21d3e2d9a51084dd673df60a5842c68120392fea6ca536bb0a686801d742
6a4aaeb80b8cab44b94d532c946cbaed2a25c8dead8dd54161340d3cc56bc308
6b16426ca00785ca2b259d4305d99b2e6e89a17cc9fa6af3aaa72ec7b16d587f
6e7c083e0e173f849fa0582a9332bf40a3567c49ff818f28b0e4dca93930c6e5
70d5c4de881e718d0b7638959680ba86722d44eecbe4058d20dd77b8d0d97155
7153da2e49972f327ebf2d83a128aedd2614049c715121b271e0f6ea67e6caca
71f82d8de2cbd83902d319f2d4f3b35ac739742a884b1aa5e3ce48fbeb54abbe
728165191b625a29fc0c1469f93cf17eb62f3595f379c977890974543f7d814d
72e223a4e1881061e5e4375fc424a4b627d2d35544b2e07331618cd3f51263dc
7392d426ac3da3071ebe16fa2ba3003e438842f8368aa9611b7fdcc48239024e
7401836307ac55f837cf952e5309a1dcd7bd5340538b473e65e8ba9aeb8d5fd9
7571db16348512fc55b35102ce3699733cf0882f4b4fb3e652fa8db700c07fb5
75af868a8f2ae6a486b10397978544c7b2b607a39e791da1355f8be7944760b4
7701eba9b44eb408d2231d10547ceee885afc69df73a40303b9eb66940e13711
77e0c3f24dae5e96af58102fc120359f7566b6af42f34f442ab59396790de26e
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
78882a11de1f82194b521c7a3729eec430b5e5487a978fd8b1059b7adfe8231a
7987ed9a45cb8609048c1f88719a037c46d30d4b7101473326d12e5767a2aa7d
7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5
7f447356ccf0699d8791d6c87bd44677a6250afcaf6a022d3c74228b638012c0
7f653b3ce9d3277457fc6da4edb246ae2f6c913f088c42dcb8cd2e96267aa21a
7f937584df6a9df7d04071ad69f59b673f4299c6a6bd028cbe7590a47d76f95e
80a95fa030fd1df8c270f9c36ffa2c8e0f359ac337e57184d2923c5926d9ce2d
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
83b71ec4344fb3116e6ed880f9d1ba1bb3520f6e6445adce7fda816a68e75ffc
841fb12bda2901d5ff4479a2ad11317c213838cfc2afc21236c12301ace03625
84f4ef64deccf9553fb29d45b7b7d2a80c31403f089741d5af7b42e0c4f5883e
882e474b6c38b47acb0ec38ce9e095a84624ea2b8a1d1a122c2d17d3d26c47b3
8bb753343c3b0af0b9dfa273b033712833caedfa19b95e0d4b64b8cb14d7eeec
8bf131131c83dbeae0a94ad54705f24e60d0351889c741864b84b94161244e10
8f10e6183c86db37064020c73bbea51bcf15f13747883fb643173ae33a33ca27
8f88d265d4f543754bfda9de4c9549fc41754bfbe3d9e2fb58011aa9d5f8a929
8fd70d02d7616b90b93fbcf03f7df1c82e387831b164f744c179721924bc5335
90723d7ef2fa61619db4e555791dc593fbe4c2d96c8ca61a2157743a67728718
9132a81373d31ca0ab68687cd76bfc3a7f2e262e182c79fee62b3ecbff1e1c39
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
93e703b122858dfc4cd20b874cd1a1c0e5424d07f7b313f60456bdec52d64216
941c246131068bb2134dce6134d70142c0847c48b8218f051ff178105774cbfc
96e3e8dfde6b1042514824bac1b44282d4a76bac028f2d767f6534dce2cf3db0
97c2914dd845f3d215f957b2872aef8d21221de8c7547110f44662c96b1b2193
9811c6be17b570a85ec4168a9075ce04d300cbfdb8f9d1946c192ba7cea730ae
983871cac9e719263fcecaa540c4e1597c8ece1805845830ec21fef0e71d9f88
98a95ec0ce66575d7c332369abd1a2e288674d741c5cae81efcaddaa29de6228
98f53a2ca87e71456a97f804d4c1fd6295cc5bbe02d8fc46f6486418a5eccc84
99c28ba77690124b83aea8cdbbb17ab1145ba247c791aeb4bad747b4248ac459
99c96a265028ca8e1f611718b2ddbee2dd50375e62d32ac989f692b03fa033c3
9a05fe1eb798dc87fa29108b3ed49352b3f891fec5732c0320f7d7c5cfeedd97
9a109457f95156a2eca0712e676dfe53b63bdb6de75114fc2d48330de31c6878
9aa6501ff5395d8b36bfb5dd589c2c94fb6e4b04fadac7be66b754d103563412
9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5
9c4474c8a08e668d7fdb8ecbfeda8bbd14f9a70424c2d4c2fdcb7f8a23538f7f
9cd1efd147d00fc5bce9fd0cee40ed69acff80b89889375878a0570da83c986e
9d94188d59b26bacfe797ce92087cc1940e26b4b208b02e99652a6a3c6e317df
9e57fedb96b3686621bccd5521f43a2037a823c74f062176952890b179b3955b
9e580a05bf8748792899a71d4b03e3c0c1cfc9b3b3655d76de111e9b606a202b
9f6e245ec73203f99ecb888db309a2bdaf91f8696c1cebaa94e477a953fab30a
a1f50e52a7fda97827e6e3d2cd3bb2788a68a78296728fa2592be8e89d54b5b8
a24f4f105f56838f9beb801ad17aba77b0a225f6e207515d5be5f4bf500fbee4
a2cccdf6d1d985c28aa6a2d20bcb2e124e67fa3c189b5d9503c0fcf3bb720fbd
a3ba5c932fea0dd2015bf65c241445b86fe14a0d6ba863f65f6f5585afbe1733
a493de25e0c3a0d6e8cff6840a97dc93226c9d704102d957b1d4ddee13313aa7
a5b757ca5ed6113899d96960ca30dc4e2e9185344d22ae6727c85d7b991b2f3e
a88ba0b09a4416c080044dc095eabf66ca59e4d12a1d6201457b693687be85d3
a9f959272120a8fe9fc940b8df6a07a9e6c79d9b72773d62878e82fcd1c51951
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
aa15d448fae63e8a8214498df0b391537923f6f966f800b3c2e9e01190318832
aab3b7005f69e9d7c10a94d7f3657277d5c9dae9cfc6bde05617b003a56fa125
ab21096ad8f1ce28d2c108481bbe13b6e342d0558548447114cc7d80345d1ff5
aba44191715b5ddff9bcf2b98962dce2882e71b1f63305c7dbdf8375164dab44
abc9055dec46bd0fe46b5534dee9d9a6411491662f1403df81e6e238389b0b8b
ac7bb492fca6a4c1c72dacfff28d869d9a125529a085d29da9ff803b994688b5
af6634af0785dfa1f6342dc216e635ffe9dbd92feb81d0a1783fecd3b37e67ad
b033f59e4ffeaa6f3e4f2e839c035a14811d5469d3f772eda6056d7d5782c53f
b03448143098de5b03500bf34c10210735d29421ef85ddd0d06213eea451fd49
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1bcda979c82fbdb001a058bbcd782235588ba0cf67ec17cb6b406c354049697
b222717d8498c895539da6ef8972866b03bcdd1b78f31e2028b31616fa1d3b5b
b4b4cd8abf4c853ad0d8d039156cdca4a8f5b1157ebf18af7d0c461cb23d7fc0
b65aa9d90fcec9cf44a72ddccfa72e53a10784427249050194b4c5bad3dddc03
b70e40d8a689b820544e9a8c25999c929c00b055bd724e22da96df740a15d82f
b7128e23958b3fda5c3c906893ed845791c82b203b643817c854c86f211efbb1
b71c20271d9c80d1a71aa0ab9935281c4fa8ac404533f1a0747d7fb03fc68e79
b9432de7513a329a182574c3b8db7b5594094cb9528c400a377e48945c63f90c
baa47cb028f5878356baacb8c2760dbc85b3695c4fe1c346e26b4b978eb0100f
bf06e66d0b6d12c39860b7a3f1a724397a8bc0267423b64c6627ef0f52a7b27d
c12b04b2276fa80a6649200e12ec4e78f3fb11bf0e21d2d2c6a215cdde0b3dcf
c1a9a3e223bad631dff12d33b5499eb145cb08d8621c20d9d73870e78d97afe4
c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e
c29b70533eedd12590ae5c9cf58d6e95063f4f23ef666343e5ba6bf602b62e75
c4cb7ee295b14fe670ced1e8271273041990ca3d5af39accf8e960c227148eab
c54140eac6df64b97abf9bf21e88910bac89ddc973d871fcd33dca119b8b4c24
c6208f9f9c9140070737c49b2a89d2290d37a58ca4571cdfdbcf5bce60bf4b57
c6407d5b7aca0abde3722967fd765b3a8f7d71974206c7640b0b4d65fff09090
c69c7bb218bf8af15e2ae415862db1bd0d445c959be698fb58320d97dd1a5b5a
c71752822cfbdf7713731e936ebe7f93fe99c5984e0ddd3c6a8e185c17ff5048
c7d3d0e191dc84bc51059bcd15dd024b8f47a0b017879a0cce492d62b28c3ce6
c85cdff161111817eaa5ec9b0381bf061e8de8b97a9dcae6fd8d4fff02d5a858
c89e162e72c692221d5255fa86fcd954e23f1c6e04be44160018db40eb542113
c9f73c49899326294711de4465c97426b37e342a534080ee033547d527d92e69
ca53f71166b7b496394a852d6266cfd9c7e8800b3890e7074ad8e6f219958208
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cda3c421b62828768ee2741a35bef36bcfdb1199ee3eb987269f7d1ce2dd8876
cf583db8344e9a581c1ab3183d073cc80f32bae519f94595323af9f827a0ac6a
cf833e5c78cd390e236192f2fb887cd9608fb8700c2b3465c4d26a85491ba7bf
d0a501ed83bd8f764098cc94b5ba3007948b9454ecd2eef8748c3db7c0b6da00
d1003881ad0defce4d7bd1955eed2bd8acedde9f766c08473d49157082ac3994
d175185dc8199dc8531d2c25a84073ad93a7c605a921b0168ed6106a193d21ee
d1e96a3abda22630803fecb9d0dc09b6bc88a602337f0d6bd3fc6504815851ae
d30e51042a424e480e0bda151a436d5a50f2e08d939fdb4a0e8553269de1d74a
d4c774c527d6c3c510b611c6fdd8df7d89438e0b71d77c886a843a129174cb85
d556ecab494d9ef5700359aaab3cbf70abf565fb59e828a1593edf3270cfc319
d588aea80978462349811d27176a03a84eace6344d6c473324c6d0f63dd524f2
d6cad12f9d8e4b25b93220906b7cddee8bed70097b31745a77c0a3ad75fd996e
d76535ab07df1120bfada6d12d72c8c1f46cbe4bc32d4c84d3c26af0656a8da5
d776482d5387dd66a3354637a3ddf5261dc6f35298b1e67d3f25ddefd5154d66
d86f00292097e43f06ef0fac9c065888703135e990a06a988e3e6a4f2aac7d2c
d8752d6c4a32d1efcca0056d67bcf197225e7baf1b30085a63e5b213a510ec66
d8a0d356d644b4013aa75e86393844a21bdfaf2a4bd5e99c2ab05c0fe74e3101
da0be5acae24b3e6aa1913634ffa3dfffdd57d37291d385104e2dbdfd6b102cd
dad7cc652286fe3fcd072159ff6fdc30a62ba200d329d99cc1674f5183406584
db66baeede40115b8e53c9b5bdbd4403e4fd749493ea0074d86234e15c082ad9
dc9005440b3e7c7663e35ea9a5654e1895509c8e9b0712f3902881aebf706c89
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e151b237c4a78dcbae0d727db96ada0a06ad3c0be5cc68d4cc6ade404d135012
e166bdc1895abd9162be7a466cc14be1b7703525409ea71e1c9a19dc99ba2bd7
e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789
e176abf520dcdae51ff540880992de96e67e7cb68d9ce16fec3b87d036e3001e
e244ed2d3d2e650e8a423eec17d1792502c9b95fbc956c19a8fb8a8b93a9e4a3
e37071398d21f18dff2370ee0885f38811bb69bb465b398100ab3101fc521d6b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e83941b7c3900f1b329dffbdc8ba18878081bfd6f55f4c9ddbee2e5534c5f165
e916edafcd04a5cbfa0f4c08439665ee5b5524d2185c9bd76d265bb22729d614
e944ca333ad41c999957978e91109d248e9dee1921577c709f869cfcc8e6bbab
ed48c2c26ab144483ce6e6cfd207070eaa30dcd7cfe36c14b29d89b343e9df05
ed5424cd0f45ca5efad943f068b734bf754e28fe1079152df976eac7291b98cc
eee10a1812fb9b2b549dbb445e7fe8ea5d07f1b683e4039a1c643cc46e31901f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef6b7c1e7045717cf74ba6b60a4bcf7886999cc0a0a7ce6c11d3cd627ab5ae93
efab51eff2a621c2155475f63f0f71816f5ac41b91d611c68b341ace6ec5b663
f0275273984e78ca6824c6944f8d8bebcb3d7e441fbab8ee380508c3991ef347
f1400c92345dcd9dbf746acab2c60e8580aa959473e9e56c8772cadcf7734b76
f198cc70c0dbefa53f75b5b8af85af5a92c12c00e727b24399a58d0f671c7426
f1d9cbf9155c0437e76b645310d963f967326a0de3ce2060f76ee70f9ab4be28
f245103ef4c09ad72c218711806e22380e1d107fa89a8241c8deca2d60cc21fb
f3706dd9e175fdadc2a564238f1ddc64afea19e67aefd5b922f33040d5f94540
f59220288818ac9a0efd283cbdc1ee692ea5a6615d53d0ab9c1a1c7e92001176
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f5e7a155078e632cfbebf8f8aaee8ea5edd6fb350cdbcd61c227736fe374cdaf
f8dada0628417055311bc45caedee2ba1770e2927bd4e50621a72f92afbc4650
fa2fe840687db705e1e27dfa93fa8c233e3a460045892a6a094402b59b085330
fab2f44ed2c54018f566702de911e32e0d0502e41768f5b16227576589f42e68
fb1cd68fd3775a601f45e637325ff3e1df8880ea6d54750fb301354be0651d5f
fc0081d5d01c24bef68e2329cfc63cd65ba2516dceb940baeff08b09430e1e62
fc47ac1e50c7b9987c4463929ea31096b13d2820a127acb7e2c1c06c4dbfe34e
fd3d318d6fad54a4131b5c1008853f1a01dd13aeb6ec114d11fbefad59f266ef
fda4c0c8d886d3dc37996a43e3733d5f8433d49283716ea9e7a7316cda7794ba
fea130fcf4b807ff81a3fdbfe587a558707eba03646841e76af16bdd97e06fc2
fea86661c5d80146c78c8e112e81c6ebcd3ac8c3f4d81c6fd3419532343c21a0
ff3b5ea3330be7110f303fa5f86b038557e507fdda8b47ab91a98be16b59636c
ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995

struma.bg Open in urlscan Pro 2606:4700:3035::6815:3627 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

330 Requests

93 %HTTPS

67 %IPv6

41 Domains

65 Subdomains

47 IPs

5 Countries

8385 kBTransfer

15409 kBSize

39 Cookies

20 Outgoing links

Redirected requests

330 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

struma.bg Open in urlscan Pro
2606:4700:3035::6815:3627 Public Scan

Screenshot
Live screenshot

Full Image

330
Requests

93 %
HTTPS

67 %
IPv6

41
Domains

65
Subdomains

47
IPs

5
Countries

8385 kB
Transfer

15409 kB
Size

39
Cookies

330 HTTP transactions
2 data transactions