urlscan.io logo urlscan.io
SecurityTrails logo

www.dnevnik.bg Open in urlscan Pro
2606:4700:10::6816:c33  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.dnevnik.bg/ajax/ad/native
Effective URL: https://www.dnevnik.bg/ajax/ad/native/
Submission: On July 01 via manual from DE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 28 IPs in 4 countries across 19 domains to perform 67 HTTP transactions. The main IP is 2606:4700:10::6816:c33, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.dnevnik.bg. The Cisco Umbrella rank of the primary domain is 336903.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 14th 2022. Valid for: a year.
This is the only time www.dnevnik.bg was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 25 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 116.203.212.0 24940 (HETZNER-AS)
5 2a00:1450:400... 15169 (GOOGLE)
3 2606:4700::68... 13335 (CLOUDFLAR...)
4 2a03:2880:f01... 32934 (FACEBOOK)
1 2a00:1450:401... 15169 (GOOGLE)
2 2606:2800:234... 15133 (EDGECAST)
1 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
1 142.250.185.98 15169 (GOOGLE)
1 108.138.7.27 16509 (AMAZON-02)
1 88.99.5.37 24940 (HETZNER-AS)
1 108.138.7.111 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a03:2880:f11... 32934 (FACEBOOK)
2 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a02:6ea0:c70... 60068 (CDN77 ^_^)
1 104.244.42.136 13414 (TWITTER)
1 18.67.65.19 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 52.30.157.40 16509 (AMAZON-02)
1 18.66.112.19 16509 (AMAZON-02)
67 28
25    2606:4700:10::6816:c33 (United States)

ASN13335 (CLOUDFLARENET, US)
www.dnevnik.bg
1    2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
1    2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.economedia.bg
1    116.203.212.0 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.0.212.203.116.clients.your-server.de
cdn.onthe.io
5    2a00:1450:4001:80b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
3    2606:4700::6812:e234 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.onesignal.com
onesignal.com
4    2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    2a00:1450:4017:801::200a (Ireland)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
2    2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)
platform.twitter.com
1    2a00:1450:4001:80e::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
4    2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net
www.googleadservices.com
1    108.138.7.27 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-7-27.fra56.r.cloudfront.net
static.hotjar.com
1    88.99.5.37 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.88-99-5-37.clients.your-server.de
tt.onthe.io
1    108.138.7.111 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-7-111.fra56.r.cloudfront.net
script.hotjar.com
1    2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
2    2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
2    2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
1    2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
2    2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a02:6ea0:c700::20 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
cdn.sendpulse.com
1    104.244.42.136 (United States)

ASN13414 (TWITTER, US)
syndication.twitter.com
1    18.67.65.19 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-67-65-19.iad89.r.cloudfront.net
vars.hotjar.com
1    2a00:1450:400c:c1b::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    52.30.157.40 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-157-40.eu-west-1.compute.amazonaws.com
in.hotjar.com
1    18.66.112.19 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-19.fra56.r.cloudfront.net
vc.hotjar.io
Apex Domain
Subdomains		 Transfer
25 dnevnik.bg
www.dnevnik.bg — Cisco Umbrella Rank: 336903
599 KB
6 gstatic.com
www.gstatic.com
fonts.gstatic.com
347 KB
5 google.com
www.google.com — Cisco Umbrella Rank: 8
23 KB
4 hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 627
script.hotjar.com — Cisco Umbrella Rank: 904
vars.hotjar.com — Cisco Umbrella Rank: 917
in.hotjar.com — Cisco Umbrella Rank: 1509
67 KB
4 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 155
196 KB
3 twitter.com
platform.twitter.com — Cisco Umbrella Rank: 677
syndication.twitter.com — Cisco Umbrella Rank: 869
133 KB
3 onesignal.com
cdn.onesignal.com — Cisco Umbrella Rank: 3211
onesignal.com — Cisco Umbrella Rank: 1162
73 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 49
20 KB
2 google.de
www.google.de — Cisco Umbrella Rank: 5448
611 B
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 96
427 B
2 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 54
stats.g.doubleclick.net — Cisco Umbrella Rank: 119
2 KB
2 onthe.io
cdn.onthe.io — Cisco Umbrella Rank: 15838
tt.onthe.io — Cisco Umbrella Rank: 12795
17 KB
2 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 307
imasdk.googleapis.com — Cisco Umbrella Rank: 425
208 KB
1 hotjar.io
vc.hotjar.io — Cisco Umbrella Rank: 2167
256 B
1 sendpulse.com
cdn.sendpulse.com — Cisco Umbrella Rank: 21089
2 KB
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 231
2 KB
1 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 126
15 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 89
76 KB
1 economedia.bg
cdn.economedia.bg — Cisco Umbrella Rank: 685618
19 KB
67 19
Domain Requested by
25 www.dnevnik.bg 2 redirects www.dnevnik.bg
ajax.googleapis.com
5 www.google.com www.dnevnik.bg
www.gstatic.com
www.google.com
4 www.gstatic.com www.google.com
www.gstatic.com
4 connect.facebook.net www.dnevnik.bg
connect.facebook.net
2 fonts.gstatic.com www.google.com
2 www.google-analytics.com www.dnevnik.bg
www.google-analytics.com
2 www.google.de www.dnevnik.bg
2 www.facebook.com www.dnevnik.bg
2 platform.twitter.com www.dnevnik.bg
platform.twitter.com
2 cdn.onesignal.com www.dnevnik.bg
cdn.onesignal.com
1 vc.hotjar.io script.hotjar.com
1 in.hotjar.com script.hotjar.com
1 stats.g.doubleclick.net www.google-analytics.com
1 vars.hotjar.com static.hotjar.com
1 syndication.twitter.com platform.twitter.com
1 cdn.sendpulse.com www.googletagmanager.com
1 cdnjs.cloudflare.com ajax.googleapis.com
1 googleads.g.doubleclick.net www.googleadservices.com
1 onesignal.com cdn.onesignal.com
1 script.hotjar.com static.hotjar.com
1 tt.onthe.io cdn.onthe.io
1 static.hotjar.com www.googletagmanager.com
1 www.googleadservices.com www.googletagmanager.com
1 www.googletagmanager.com www.dnevnik.bg
1 imasdk.googleapis.com www.dnevnik.bg
1 cdn.onthe.io www.dnevnik.bg
1 cdn.economedia.bg www.dnevnik.bg
1 ajax.googleapis.com www.dnevnik.bg
67 28
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-05-14 -
2023-05-14		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-06-06 -
2022-08-29		 3 months crt.sh
*.onthe.io
Sectigo RSA Domain Validation Secure Server CA		 2022-06-02 -
2023-07-02		 a year crt.sh
www.google.com
GTS CA 1C3		 2022-06-06 -
2022-08-29		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-04-09 -
2022-07-08		 3 months crt.sh
*.twimg.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-10-20 -
2022-10-19		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-06-06 -
2022-08-29		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-06-06 -
2022-08-29		 3 months crt.sh
www.googleadservices.com
GTS CA 1C3		 2022-06-06 -
2022-08-29		 3 months crt.sh
*.hotjar.com
Amazon		 2021-11-25 -
2022-12-23		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-06-06 -
2022-08-29		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-06-06 -
2022-08-29		 3 months crt.sh
www.google.de
GTS CA 1C3		 2022-06-06 -
2022-08-29		 3 months crt.sh
1603358863.rsc.cdn77.org
R3		 2022-05-13 -
2022-08-11		 3 months crt.sh
syndication.twitter.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-03-07 -
2023-03-06		 a year crt.sh
*.google.de
GTS CA 1C3		 2022-06-06 -
2022-08-29		 3 months crt.sh
*.hotjar.io
Amazon		 2021-08-17 -
2022-09-15		 a year crt.sh

This page contains 5 frames:

Primary Page: https://www.dnevnik.bg/ajax/ad/native/
Frame ID: A743F4495ED1F5B41CC004D823B2EB35
Requests: 56 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.d7fc2fc075c61f6fa34d79a0cbbf1e34.html?origin=https%3A%2F%2Fwww.dnevnik.bg
Frame ID: D2C32ADA70DB09BE1B64932826DDE721
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ld2QMIUAAAAAOL_DKBec45aDu1ctha9VKgLLmwq&co=aHR0cHM6Ly93d3cuZG5ldm5pay5iZzo0NDM.&hl=de&v=4rwLQsl5N_ccppoTAwwwMrEN&size=invisible&cb=2k9t7o18w1ex
Frame ID: B291476DEE86BAAD4F21D0EB1AFD362D
Requests: 7 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-63c3a81830bf549dafe40b369003f751.html
Frame ID: 55970908AD809FE06068DED549F292F1
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 953D5D2157DC734567ABD7ED8ED09435
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Дневник - Новини от България и света, Анализи, Видео.

Page URL History Show full URLs

  1. http://www.dnevnik.bg/ajax/ad/native HTTP 301
    https://www.dnevnik.bg/ajax/ad/native HTTP 301
    https://www.dnevnik.bg/ajax/ad/native/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • googletagmanager\.com/gtm\.js
Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/
Overall confidence: 100%
Detected patterns
  • moment(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • cdn\.onesignal\.com
Overall confidence: 100%
Detected patterns
  • //platform\.twitter\.com/widgets\.js
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • (?:<link [^>]*href="[^"]*prettyPhoto(?:\.min)?\.css|<a [^>]*rel="prettyPhoto)
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

67
Requests

99 %
HTTPS

67 %
IPv6

19
Domains

28
Subdomains

28
IPs

4
Countries

1799 kB
Transfer

4970 kB
Size

18
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.dnevnik.bg/ajax/ad/native HTTP 301
    https://www.dnevnik.bg/ajax/ad/native HTTP 301
    https://www.dnevnik.bg/ajax/ad/native/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

67 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.dnevnik.bg/ajax/ad/native/
Redirect Chain
  • http://www.dnevnik.bg/ajax/ad/native
  • https://www.dnevnik.bg/ajax/ad/native
  • https://www.dnevnik.bg/ajax/ad/native/
33 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.dnevnik.bg/ajax/ad/native/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:c33 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f993a39b2b3f10a7a4f1f186ad1cbb54559128b951804a26b629d377df3a3c17

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
0
cache-control
public
cf-cache-status
DYNAMIC
cf-ray
723ebf513b86cc46-ZRH
content-encoding
br
content-type
text/html; charset=UTF-8
date
Fri, 01 Jul 2022 11:19:33 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
-1
pragma
no-cache
server
cloudflare
x-content-digest
en988b949239ad7d7fc3c910361a4661edc24faad47daa82401fafe7c1a3e48d58

Redirect headers

cf-cache-status
DYNAMIC
cf-ray
723ebf509a89cc46-ZRH
content-type
text/html; charset=UTF-8
date
Fri, 01 Jul 2022 11:19:33 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
location
https://www.dnevnik.bg/ajax/ad/native/
server
cloudflare
x-xss-protection
1; mode=block
videojs.ads.css
www.dnevnik.bg/css/videojs/ 		960 B
671 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.dnevnik.bg/css/videojs/videojs.ads.css
Requested by
Host: www.dnevnik.bg
URL: https://www.dnevnik.bg/ajax/ad/native/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:c33 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a03490f3bf940e831c668d3855b6a61713bc50543405acb77aac286d566b4348
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dnevnik.bg/ajax/ad/native/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 01 Jul 2022 11:19:33 GMT
content-encoding
br
cf-cache-status
HIT
age
6879
cf-polished
origSize=975
content-security-policy-report-only
script-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=Fi.1S9CPh7OFG0LJWo4QMtlPCZFX87Bc4xBseP1xjx8-1656674373-0-AaC7WHQOBjpCKNJwPmNr8YZhTldCjptxglRpObfQBDhP27HPLQhU1nKjcBQhQ5TJnmHJMniRUfmm2WIgXktOB0Q
x-xss-protection
1; mode=block
last-modified
Fri, 18 Feb 2022 12:34:56 GMT
server
cloudflare
etag
W/"3cf-5d84a1c43db77-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=3600
cf-ray
723ebf528d71cc46-ZRH
cf-bgj
minify
videojs.ima.css
www.dnevnik.bg/css/videojs/ 		2 KB
819 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.dnevnik.bg/css/videojs/videojs.ima.css
Requested by
Host: www.dnevnik.bg
URL: https://www.dnevnik.bg/ajax/ad/native/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:c33 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4b1b8a317a5c6de64b988d630a66b74f994cc692b8ed9970341b874359b6861f
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dnevnik.bg/ajax/ad/native/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 01 Jul 2022 11:19:33 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 18 Feb 2022 12:34:56 GMT
server
cloudflare
age
3506
etag
W/"eda-5d84a1c438d57-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=3600
cf-polished
origSize=3802
cf-ray
723ebf528d74cc46-ZRH
x-xss-protection
1; mode=block
cf-bgj
minify
b=css&f=fonts.css,default.src.css,video.css,audio.css,scrollbar.css,prettyphoto.css,jquery.modal.css,slider.css,custom.css,error404.css&v=1655475460
www.dnevnik.bg/minc/ 		302 KB
61 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.dnevnik.bg/minc/b=css&f=fonts.css,default.src.css,video.css,audio.css,scrollbar.css,prettyphoto.css,jquery.modal.css,slider.css,custom.css,error404.css&v=1655475460
Requested by
Host: www.dnevnik.bg
URL: https://www.dnevnik.bg/ajax/ad/native/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:c33 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
330c23f9dd1a85cf6769dc96dbe133f053affefc195cf9645560d59306a8a468
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dnevnik.bg/ajax/ad/native/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 01 Jul 2022 11:19:33 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 17 Jun 2022 14:18:26 GMT
server
cloudflare
etag
W/"62ac8d32-4ce77"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
expires
Tue, 20 Jun 2023 04:14:51 GMT
cache-control
max-age=31536000
cf-polished
origSize=314999
cf-ray
723ebf528d77cc46-ZRH
x-xss-protection
1; mode=block
cf-bgj
minify
b=slick&f=slick.css
www.dnevnik.bg/minc/ 		1 KB
576 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.dnevnik.bg/minc/b=slick&f=slick.css
Requested by
Host: www.dnevnik.bg
URL: https://www.dnevnik.bg/ajax/ad/native/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:c33 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
21061765237c66c10b48e236063a3497c22d33629e98f8654d1a3b860fa48700
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dnevnik.bg/ajax/ad/native/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 01 Jul 2022 11:19:33 GMT
content-encoding
br
cf-cache-status
HIT
age
9821350
cf-polished
origSize=1333
cf-bgj
minify
x-xss-protection
1; mode=block
last-modified
Mon, 10 Feb 2020 14:57:55 GMT
server
cloudflare
etag
W/"5e416f73-535"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=31536000
cf-ray
723ebf528d78cc46-ZRH
expires
Thu, 09 Mar 2023 19:08:00 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/2.1.4/ 		82 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/2.1.4/jquery.min.js
Requested by
Host: www.dnevnik.bg
URL: https://www.dnevnik.bg/ajax/ad/native/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
22642f202577f0ba2f22cbe56b6cf291a09374487567cd3563e0d2a29f75c0c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dnevnik.bg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 01 Jul 2022 02:10:55 GMT
x-content-type-options
nosniff
age
32918
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
84380
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 01 Jul 2023 02:10:55 GMT
b=s&f=blockadblock__blockadblock.3.2.1.min.js,jquery-cookie__jquery.cookie-1.4.1.min.js,mobile-detect__mobile-detect.1.3.6.min.js,analytics__jquery.scrolldepth.min.js
cdn.economedia.bg/minj/ 		45 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.economedia.bg/minj/b=s&f=blockadblock__blockadblock.3.2.1.min.js,jquery-cookie__jquery.cookie-1.4.1.min.js,mobile-detect__mobile-detect.1.3.6.min.js,analytics__jquery.scrolldepth.min.js
Requested by
Host: www.dnevnik.bg
URL: https://www.dnevnik.bg/ajax/ad/native/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8c8dc824ee902a6c1fe541b39f53c2563609449f3e4834fda2144a743f8f4017
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dnevnik.bg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 01 Jul 2022 11:19:33 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
339420
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 27 Apr 2017 11:27:54 GMT
server
cloudflare
etag
W/"5901d5ba-b4ed"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Zjfq2aAjG5vAHpv%2BX2cTjw1zAVmufeTpeXo254tynTxKLjIN80zG3GNfIP1D5MsugxegQL5xb3ctlwDpVvEwWGg9jp9PVHQws1GZ42L18rC3AWwVYEi9AzJhDQL1cnLGc5qWdRP1vz%2Be88zMSWsgFA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000
cf-ray
723ebf52de8c5a43-MXP
expires
Tue, 27 Jun 2023 13:02:33 GMT
0MhQhfRAnOu1
cdn.onthe.io/io.js/ 		53 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onthe.io/io.js/0MhQhfRAnOu1
Requested by
Host: www.dnevnik.bg
URL: https://www.dnevnik.bg/ajax/ad/native/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
116.203.212.0 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.0.212.203.116.clients.your-server.de
Software
nginx /
Resource Hash
871e0f85b117aab1fa91c88b9823b85d2c3df79f0b746c0df304785f1bee2c3f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dnevnik.bg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Fri, 01 Jul 2022 11:19:33 GMT
Content-Encoding
gzip
Last-Modified
Thu, 05 Aug 2021 12:13:25 GMT
Server
nginx
ETag
W/"610bd5e5-d287"
Transfer-Encoding
chunked
Content-Type
text/javascript
Cache-Control
max-age=86400
Connection
keep-alive
Expires
Sat, 02 Jul 2022 11:19:33 GMT
api.js
www.google.com/recaptcha/ 		884 B
996 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?render=6Ld2QMIUAAAAAOL_DKBec45aDu1ctha9VKgLLmwq
Requested by
Host: www.dnevnik.bg
URL: https://www.dnevnik.bg/ajax/ad/native/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
a64d89a39eec9f7f39954610c6f89ce5a5f28f74a560c632554eda7d00639221
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dnevnik.bg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 01 Jul 2022 11:19:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
583
x-xss-protection
1; mode=block
expires
Fri, 01 Jul 2022 11:19:33 GMT
OneSignalSDK.js
cdn.onesignal.com/sdks/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onesignal.com/sdks/OneSignalSDK.js
Requested by
Host: www.dnevnik.bg
URL: https://www.dnevnik.bg/ajax/ad/native/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5df9eee36a61ef8f89d39c04ff402ded30aa9c627b6ef2134f55fa0e8b537153

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dnevnik.bg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

cf-ray
723ebf539aaa2373-ZRH
date
Fri, 01 Jul 2022 11:19:33 GMT
via
1.1 google
cf-cache-status
HIT
server
cloudflare
age
1950
etag
W/"a393ad4e03deeab316f7121a80708ce6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Mon, 04 Jul 2022 11:19:33 GMT
sdk.js
connect.facebook.net/en_GB/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_GB/sdk.js
Requested by
Host: www.dnevnik.bg
URL: https://www.dnevnik.bg/ajax/ad/native/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
9008d344ca4cbcf1a3235188d719d3b50b956e5c788f6aab9256aec44fc7977c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.dnevnik.bg/
Origin
https://www.dnevnik.bg
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
hMQJYykyxYkF2U2xsyo4Pw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
1686
x-fb-rlafr
0
x-fb-debug
GxU28mnosHbdegXHbq37Em8AXkhLTPGeG716/IyZk7q/NwcPxDFsP3fgz5iAhyAYqq37BxXwaczK5ZFi/OC5NA==
x-fb-trip-id
2050670934
x-fb-content-md5
a12ebd7eb22db39e90f9fab4dd420d80
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Fri, 01 Jul 2022 11:19:33 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
etag
"6d17d8296405af9c8f6e2dc05116a332"
timing-allow-origin
*
expires
Fri, 01 Jul 2022 11:27:10 GMT
logo-dnevnik.svg
www.dnevnik.bg/images/layout/ 		3 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.dnevnik.bg/images/layout/logo-dnevnik.svg
Requested by
Host: www.dnevnik.bg
URL: https://www.dnevnik.bg/ajax/ad/native/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:c33 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
69acc5bbc810da8a80854f2e45b8e3ed667560f4f90eef2a5aa13a346febaff6
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dnevnik.bg/ajax/ad/native/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 01 Jul 2022 11:19:33 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Wed, 15 Dec 2021 08:10:34 GMT
server
cloudflare
etag
W/"c44-5d32ad7218ee8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=3600
cf-ray
723ebf535e9acc46-ZRH
x-xss-protection
1; mode=block
logo-dnevnik.png
www.dnevnik.bg/images/layout/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.dnevnik.bg/images/layout/logo-dnevnik.png
Requested by
Host: www.dnevnik.bg
URL: https://www.dnevnik.bg/ajax/ad/native/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:c33 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0b956a4911b3aebf54d319b68ae3e37e03b49b7a444e0513ac5d45c54443784b
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dnevnik.bg/ajax/ad/native/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 01 Jul 2022 11:19:33 GMT
cf-cache-status
HIT
age
3506
cf-polished
origFmt=png, origSize=3867
content-disposition
inline; filename="logo-dnevnik.webp"
content-length
1600
x-xss-protection
1; mode=block
last-modified
Wed, 15 Dec 2021 08:10:47 GMT
server
cloudflare
etag
"f1b-5d32ad7e318ae"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
cache-control
max-age=3600
accept-ranges
bytes
cf-ray
723ebf535e9ccc46-ZRH
cf-bgj
imgq:100,h2pri
amb.jpg
www.dnevnik.bg/images/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.dnevnik.bg/images/amb.jpg
Requested by
Host: www.dnevnik.bg
URL: https://www.dnevnik.bg/ajax/ad/native/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:c33 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
02a6fbfef2c21355b2594d3ab924f1464d8e0224367c301ed0a3710f81056bf8
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dnevnik.bg/ajax/ad/native/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 01 Jul 2022 11:19:33 GMT
cf-cache-status
HIT
age
3506
cf-polished
origSize=22633, status=webp_bigger
content-length
22023
x-xss-protection
1; mode=block
last-modified
Wed, 15 Dec 2021 08:08:34 GMT
server
cloudflare
etag
"5869-5d32acff30982"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=3600
accept-ranges
bytes
cf-ray
723ebf535e9dcc46-ZRH
cf-bgj
imgq:100,h2pri
email-decode.min.js
www.dnevnik.bg/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
846 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.dnevnik.bg/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: www.dnevnik.bg
URL: https://www.dnevnik.bg/ajax/ad/native/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:c33 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dnevnik.bg/ajax/ad/native/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 01 Jul 2022 11:19:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 30 Jun 2022 11:19:50 GMT
server
cloudflare
etag
W/"62bd86d6-4d7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
DENY
content-type
application/javascript
cache-control
max-age=172800, public
cf-ray
723ebf530e23cc46-ZRH
vary
Accept-Encoding
expires
Sun, 03 Jul 2022 11:19:33 GMT
ima3.js
imasdk.googleapis.com/js/sdkloader/ 		373 KB
125 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: www.dnevnik.bg
URL: https://www.dnevnik.bg/ajax/ad/native/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4017:801::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
569831d47fe57e18ab5fabaa3534378fe2bcea9b052773a25f4beae4b384ab0a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dnevnik.bg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 01 Jul 2022 11:19:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
126951
x-xss-protection
0
expires
Fri, 01 Jul 2022 11:19:33 GMT
video.min.js
www.dnevnik.bg/js/videojs/ 		524 KB
145 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.dnevnik.bg/js/videojs/video.min.js
Requested by
Host: www.dnevnik.bg
URL: https://www.dnevnik.bg/ajax/ad/native/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:c33 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f66c72eba2fc065baa8d7efee6e00af0dbc191d553f4bfa46369a0ee6be00020
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dnevnik.bg/ajax/ad/native/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 01 Jul 2022 11:19:33 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 18 Feb 2022 12:34:56 GMT
server
cloudflare
age
3506
etag
W/"8304e-5d84a1c3f18be-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600
cf-ray
723ebf533e50cc46-ZRH
x-xss-protection
1; mode=block
videojs.ads.min.js
www.dnevnik.bg/js/videojs/ 		27 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.dnevnik.bg/js/videojs/videojs.ads.min.js
Requested by
Host: www.dnevnik.bg
URL: https://www.dnevnik.bg/ajax/ad/native/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:c33 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
57c913dc95d16172397422ada208071f527339dc1153b77a26b24598923be6d7
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dnevnik.bg/ajax/ad/native/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 01 Jul 2022 11:19:33 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 18 Feb 2022 12:34:56 GMT
server
cloudflare
age
3506
etag
W/"6a3c-5d84a1c3e0f1f-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600
cf-ray
723ebf535e8acc46-ZRH
x-xss-protection
1; mode=block
videojs.ima.js
www.dnevnik.bg/js/videojs/ 		44 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.dnevnik.bg/js/videojs/videojs.ima.js
Requested by
Host: www.dnevnik.bg
URL: https://www.dnevnik.bg/ajax/ad/native/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:c33 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
74b0f13c636520f8011525976abe1f04cdc628c0554a1abbbb53ebcd35dc3e21
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dnevnik.bg/ajax/ad/native/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 01 Jul 2022 11:19:33 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 18 Feb 2022 12:34:56 GMT
server
cloudflare
age
3506
etag
W/"14d3e-5d84a1c3fb4fd-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600
cf-polished
origSize=85310
cf-ray
723ebf535e8ccc46-ZRH
x-xss-protection
1; mode=block
cf-bgj
minify
ads.js
www.dnevnik.bg/js/videojs/ 		858 B
420 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.dnevnik.bg/js/videojs/ads.js?v=5
Requested by
Host: www.dnevnik.bg
URL: https://www.dnevnik.bg/ajax/ad/native/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:c33 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e3d2707ef10ea6831eb004b917447cc797c933b267e1cf31eb88b450413d371
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dnevnik.bg/ajax/ad/native/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 01 Jul 2022 11:19:33 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 18 Feb 2022 12:34:56 GMT
server
cloudflare
age
3506
etag
W/"6d1-5d84a1c3e7c7f-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600
cf-polished
origSize=1745
cf-ray
723ebf535e90cc46-ZRH
x-xss-protection
1; mode=block
cf-bgj
minify
jquery.lazyload.min.js
www.dnevnik.bg/js/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.dnevnik.bg/js/jquery.lazyload.min.js
Requested by
Host: www.dnevnik.bg
URL: https://www.dnevnik.bg/ajax/ad/native/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:c33 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e576f12e82c468567e420386b68476ff7045815976395bc6baad1a822c7368a7
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dnevnik.bg/ajax/ad/native/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 01 Jul 2022 11:19:33 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 15 Dec 2021 08:13:23 GMT
server
cloudflare
age
3506
etag
W/"d35-5d32ae12a8823-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600
cf-ray
723ebf536eaccc46-ZRH
x-xss-protection
1; mode=block
b=js&f=moment.min.js,plugins.js,jquery.mCustomScrollbar.js,prettyphoto.js,jquery.disablescroll.js,jquery.modal.js,slider.js&v=1639556035
www.dnevnik.bg/minj/ 		240 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.dnevnik.bg/minj/b=js&f=moment.min.js,plugins.js,jquery.mCustomScrollbar.js,prettyphoto.js,jquery.disablescroll.js,jquery.modal.js,slider.js&v=1639556035
Requested by
Host: www.dnevnik.bg
URL: https://www.dnevnik.bg/ajax/ad/native/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:c33 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7fc1d45815ccd75d7cbbd3266f128d742dc4d223ea7ce2568b0c03fb80a92a83
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dnevnik.bg/ajax/ad/native/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 01 Jul 2022 11:19:33 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Wed, 15 Dec 2021 08:21:12 GMT
server
cloudflare
etag
W/"61b9a578-3c012"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
application/javascript
cache-control
max-age=31536000
cf-ray
723ebf535e94cc46-ZRH
x-xss-protection
1; mode=block
expires
Sat, 01 Jul 2023 11:19:33 GMT
b=js&f=default.src.js,forms.js,custom.js,poll.js,affix.js&v=1656581292
www.dnevnik.bg/minj/ 		94 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.dnevnik.bg/minj/b=js&f=default.src.js,forms.js,custom.js,poll.js,affix.js&v=1656581292
Requested by
Host: www.dnevnik.bg
URL: https://www.dnevnik.bg/ajax/ad/native/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:c33 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fce728809698763aa80f1ea36768cf3875ec41ae2f264fb81fc28a153111fb46
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dnevnik.bg/ajax/ad/native/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 01 Jul 2022 11:19:33 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Thu, 30 Jun 2022 09:28:13 GMT
server
cloudflare
etag
W/"62bd6cad-177a2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
application/javascript
cache-control
max-age=31536000
cf-ray
723ebf535e97cc46-ZRH
x-xss-protection
1; mode=block
expires
Sat, 01 Jul 2023 11:19:33 GMT
b=slick&f=slick.js
www.dnevnik.bg/minc/ 		52 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.dnevnik.bg/minc/b=slick&f=slick.js
Requested by
Host: www.dnevnik.bg
URL: https://www.dnevnik.bg/ajax/ad/native/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:c33 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd58b252c6da4e955bdabc02ccb44597abc7ca2e1f01805880a066345f98711c
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dnevnik.bg/ajax/ad/native/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 01 Jul 2022 11:19:33 GMT
content-encoding
br
cf-cache-status
HIT
age
1259696
cf-polished
status=cannot_optimize
cf-bgj
minify
x-xss-protection
1; mode=block
last-modified
Mon, 10 Feb 2020 14:57:55 GMT
server
cloudflare
etag
W/"5e416f73-d128"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=31536000
cf-ray
723ebf535e98cc46-ZRH
expires
Sat, 10 Jun 2023 00:48:43 GMT
widgets.js
platform.twitter.com/ 		97 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets.js
Requested by
Host: www.dnevnik.bg
URL: https://www.dnevnik.bg/ajax/ad/native/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (amb/6BBD) /
Resource Hash
dccafac57a7fcedce0d95d35007b502104f45b82f43f052159c370258ef13a53

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dnevnik.bg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Fri, 01 Jul 2022 11:19:33 GMT
Content-Encoding
gzip
Age
1473
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=1
Content-Length
29459
x-tw-cdn
VZ
Last-Modified
Thu, 02 Jun 2022 18:12:37 GMT
Server
ECS (amb/6BBD)
Etag
"5d21dece96ce474f5f1ac122cbdef6eb+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=1800
gtm.js
www.googletagmanager.com/ 		232 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-K7P4WH
Requested by
Host: www.dnevnik.bg
URL: https://www.dnevnik.bg/ajax/ad/native/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d492c662a2b59515b896e7c109670738563fab5e7b904af516fc7cd36fe47c48
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dnevnik.bg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 01 Jul 2022 11:19:33 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
77339
x-xss-protection
0
last-modified
Fri, 01 Jul 2022 10:36:56 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 01 Jul 2022 11:19:33 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/ 		366 KB
145 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6Ld2QMIUAAAAAOL_DKBec45aDu1ctha9VKgLLmwq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d1146849b14934539a02490c2934b135178838306e98e2a490a8aac3206f8036
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dnevnik.bg/
Origin
https://www.dnevnik.bg
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 01 Jul 2022 10:50:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1773
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
148046
x-xss-protection
0
last-modified
Mon, 13 Jun 2022 04:02:51 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 01 Jul 2023 10:50:00 GMT
d-bigIcon.png
www.dnevnik.bg/images/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.dnevnik.bg/images/d-bigIcon.png
Requested by
Host: www.dnevnik.bg
URL: https://www.dnevnik.bg/minc/b=css&f=fonts.css,default.src.css,video.css,audio.css,scrollbar.css,prettyphoto.css,jquery.modal.css,slider.css,custom.css,error404.css&v=1655475460
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:c33 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
697c6ee2e636ddd9c0f2d2983f48262099ee3559d076b63b02aed15d6d23512d
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dnevnik.bg/minc/b=css&f=fonts.css,default.src.css,video.css,audio.css,scrollbar.css,prettyphoto.css,jquery.modal.css,slider.css,custom.css,error404.css&v=1655475460
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 01 Jul 2022 11:19:33 GMT
cf-cache-status
REVALIDATED
cf-polished
origFmt=png, origSize=3548
content-disposition
inline; filename="d-bigIcon.webp"
content-length
1306
x-xss-protection
1; mode=block
last-modified
Wed, 15 Dec 2021 08:08:37 GMT
server
cloudflare
etag
"ddc-5d32ad0212dbe"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
cache-control
max-age=3600
accept-ranges
bytes
cf-ray
723ebf536eafcc46-ZRH
cf-bgj
imgq:100,h2pri
theserifdnevnik-semibold-webfont.woff2
www.dnevnik.bg/fonts/ 		62 KB
62 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.dnevnik.bg/fonts/theserifdnevnik-semibold-webfont.woff2
Requested by
Host: www.dnevnik.bg
URL: https://www.dnevnik.bg/minc/b=css&f=fonts.css,default.src.css,video.css,audio.css,scrollbar.css,prettyphoto.css,jquery.modal.css,slider.css,custom.css,error404.css&v=1655475460
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:c33 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fa42c817e731b6df7c3e7c5c2f88f70de78deefcdca470187cbbf1e862649922
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.dnevnik.bg/minc/b=css&f=fonts.css,default.src.css,video.css,audio.css,scrollbar.css,prettyphoto.css,jquery.modal.css,slider.css,custom.css,error404.css&v=1655475460
Origin
https://www.dnevnik.bg
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 01 Jul 2022 11:19:33 GMT
cf-cache-status
HIT
last-modified
Wed, 15 Dec 2021 08:12:30 GMT
server
cloudflare
age
2322
etag
"f7a0-5d32addfea904"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
font/woff2
cache-control
max-age=3600
accept-ranges
bytes
cf-ray
723ebf536eb2cc46-ZRH
content-length
63392
x-xss-protection
1; mode=block
thesansdnevnik-semilight-webfont.woff2
www.dnevnik.bg/fonts/ 		52 KB
52 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.dnevnik.bg/fonts/thesansdnevnik-semilight-webfont.woff2
Requested by
Host: www.dnevnik.bg
URL: https://www.dnevnik.bg/minc/b=css&f=fonts.css,default.src.css,video.css,audio.css,scrollbar.css,prettyphoto.css,jquery.modal.css,slider.css,custom.css,error404.css&v=1655475460
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:c33 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
156cedcbc2079028f7bc16c62a505811e12afe92983a126c4c2924d06bb73165
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.dnevnik.bg/minc/b=css&f=fonts.css,default.src.css,video.css,audio.css,scrollbar.css,prettyphoto.css,jquery.modal.css,slider.css,custom.css,error404.css&v=1655475460
Origin
https://www.dnevnik.bg
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 01 Jul 2022 11:19:33 GMT
cf-cache-status
HIT
last-modified
Wed, 15 Dec 2021 08:12:29 GMT
server
cloudflare
age
2322
etag
"cf10-5d32addf27416"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
font/woff2
cache-control
max-age=3600
accept-ranges
bytes
cf-ray
723ebf536eb4cc46-ZRH
content-length
53008
x-xss-protection
1; mode=block
theserifdnevnik-plain-webfont.woff2
www.dnevnik.bg/fonts/ 		62 KB
62 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.dnevnik.bg/fonts/theserifdnevnik-plain-webfont.woff2
Requested by
Host: www.dnevnik.bg
URL: https://www.dnevnik.bg/minc/b=css&f=fonts.css,default.src.css,video.css,audio.css,scrollbar.css,prettyphoto.css,jquery.modal.css,slider.css,custom.css,error404.css&v=1655475460
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:c33 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2a9eff5371f1ffa91a49acfeca19d98c91e1a55a101b93ae5cdc15f5917b5ba5
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.dnevnik.bg/minc/b=css&f=fonts.css,default.src.css,video.css,audio.css,scrollbar.css,prettyphoto.css,jquery.modal.css,slider.css,custom.css,error404.css&v=1655475460
Origin
https://www.dnevnik.bg
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 01 Jul 2022 11:19:33 GMT
cf-cache-status
HIT
last-modified
Wed, 15 Dec 2021 08:13:26 GMT
server
cloudflare
age
2322
etag
"f940-5d32ae16166b3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
font/woff2
cache-control
max-age=3600
accept-ranges
bytes
cf-ray
723ebf536ebacc46-ZRH
content-length
63808
x-xss-protection
1; mode=block
thesansdnevnik-plain-webfont.woff2
www.dnevnik.bg/fonts/ 		52 KB
52 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.dnevnik.bg/fonts/thesansdnevnik-plain-webfont.woff2
Requested by
Host: www.dnevnik.bg
URL: https://www.dnevnik.bg/minc/b=css&f=fonts.css,default.src.css,video.css,audio.css,scrollbar.css,prettyphoto.css,jquery.modal.css,slider.css,custom.css,error404.css&v=1655475460
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:c33 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a8eb67d5a3bcf1a3f050b94e755229ce18ee9dd19f19f8246c3ecefbe2bef236
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.dnevnik.bg/minc/b=css&f=fonts.css,default.src.css,video.css,audio.css,scrollbar.css,prettyphoto.css,jquery.modal.css,slider.css,custom.css,error404.css&v=1655475460
Origin
https://www.dnevnik.bg
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 01 Jul 2022 11:19:33 GMT
cf-cache-status
HIT
last-modified
Wed, 15 Dec 2021 08:13:01 GMT
server
cloudflare
age
2322
etag
"ce70-5d32adfdea147"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
font/woff2
cache-control
max-age=3600
accept-ranges
bytes
cf-ray
723ebf536ebdcc46-ZRH
content-length
52848
x-xss-protection
1; mode=block
sdk.js
connect.facebook.net/en_GB/ 		295 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_GB/sdk.js?hash=b24c670564ecfb1f8afd2c5ad18dc904
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_GB/sdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
9c37f755e2c7e7816a5f76825ff775ced614d89a3a4388e501cb6647b4c8c82e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.dnevnik.bg/
Origin
https://www.dnevnik.bg
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
k1bwsMllSFuP/q6ulyn0fQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
86059
x-fb-rlafr
0
x-fb-debug
0XEAkX8M3ZKuJW7rGMfkAZCBs5EdjgUH92IyYRqBvq3dlfbNgk5P/T+bA8NdixSrc3mO8iAopRR5O1jZt6EbuQ==
x-fb-trip-id
2050670934
x-fb-content-md5
0b9b35f86b652da91150f1736e2fbe90
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Fri, 01 Jul 2022 11:19:33 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
etag
"69f804470261fc7e853402f998be2016"
timing-allow-origin
*
priority
u=3,i
expires
Sat, 01 Jul 2023 09:32:23 GMT
OneSignalPageSDKES6.js
cdn.onesignal.com/sdks/ 		283 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151513
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7512bf3b9ec62642bc0800d0ca3c5b8b37a1384814cc7a29d31f6823740fd403

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dnevnik.bg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

cf-ray
723ebf542e482397-ZRH
date
Fri, 01 Jul 2022 11:19:33 GMT
via
1.1 google
cf-cache-status
HIT
server
cloudflare
age
1923
etag
W/"0e269028feac530d16f00d8dad8ece74"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Mon, 04 Jul 2022 11:19:33 GMT
conversion_async.js
www.googleadservices.com/pagead/ 		40 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K7P4WH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
00e67a6bb1601297c954a9c6438eb956f4ca87253683fb348d1bda64cee7d1ca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dnevnik.bg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 01 Jul 2022 11:19:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15163
x-xss-protection
0
server
cafe
etag
11137310801552021614
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 01 Jul 2022 11:19:33 GMT
hotjar-3017778.js
static.hotjar.com/c/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-3017778.js?sv=7
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K7P4WH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-27.fra56.r.cloudfront.net
Software
/
Resource Hash
dbd54fc93f46a0f1fb751bab8ea1034850ae0db50e375bc54f8ffc6924b96d1d
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dnevnik.bg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 01 Jul 2022 11:19:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
6
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=86400; includeSubDomains
access-control-allow-origin
*
x-cache-hit
1
etag
W/6161515a2593c0b6e91a5bfb71aa641c
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
via
1.1 f61953901038b0c4b4c82c311140f1b8.cloudfront.net (CloudFront)
cache-control
max-age=60
x-amz-cf-pop
FRA56-P6
x-amz-cf-id
lI590_EDFlA-kGwaPnCw9fM9f8y-tfgviAh--rom3N2mpyxzFPSmLA==
fbevents.js
connect.facebook.net/en_US/ 		98 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.dnevnik.bg
URL: https://www.dnevnik.bg/ajax/ad/native/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
f8bdb531d36caf4bb43071d1be58a2d1b153d3a403f4b8f4e6a919dd46213f47
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dnevnik.bg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
25939
x-xss-protection
0
pragma
public
x-fb-debug
H7qhRyWcS47xMaYU9SScoZTYSPM3SykgroTS8ES0t56kK0+v6kuqxZaFZmtxfMZOO8oDl7hLz1QqB8BvCFRXFg==
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Fri, 01 Jul 2022 11:19:33 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
tt.onthe.io/ 		0
287 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tt.onthe.io/?k[]=18631:pageviews[url:%2Fajax%2Fad%2Fnative%2F,domain:www.dnevnik.bg,page:%D0%94%D0%BD%D0%B5%D0%B2%D0%BD%D0%B8%D0%BA%20-%20%D0%9D%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%BE%D1%82%20%D0%91%D1%8A%D0%BB%D0%B3%D0%B0%D1%80%D0%B8%D1%8F%20%D0%B8%20%D1%81%D0%B2%D0%B5%D1%82%D0%B0%2C%20%D0%90%D0%BD%D0%B0%D0%BB%D0%B8%D0%B7%D0%B8%2C%20%D0%92%D0%B8%D0%B4%D0%B5%D0%BE.,page_type:default,language:bg,user_agent:Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F103.0.5060.53%20Safari%2F537.36,device:desktop,browser_version:Chrome%20103,browser:Chrome,depth:1,user_type:new,user_id:e5c65c936.882dacb15_1656674373777,session_id:51fa62782.c67f963f5_1656674373778,cdn_version:34]&s=7747745be03d8e656b177b70c91036dd&1656674373782
Requested by
Host: cdn.onthe.io
URL: https://cdn.onthe.io/io.js/0MhQhfRAnOu1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
88.99.5.37 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.88-99-5-37.clients.your-server.de
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dnevnik.bg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 01 Jul 2022 11:19:33 GMT
Server
nginx
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:01 GMT
865591223557665
connect.facebook.net/signals/config/ 		291 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/865591223557665?v=2.9.64&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
706026a1d7de82e7de684909f8eb173e36f500e0dbb0009255e053810d3bbe38
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dnevnik.bg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection
0
pragma
public
x-fb-debug
000WL6dTTuXdp0Tg6OQjJap7EnYjHNVPFYxspn2RMBfxgSGJ1eklcCPejJz/08TV9EBjSCDpM72nhY5KRVJa0A==
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Fri, 01 Jul 2022 11:19:33 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
x-content-cdn-origin-ts
1656674373851
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
modules.b4253c4a74219da558ee.js
script.hotjar.com/ 		243 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.b4253c4a74219da558ee.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-3017778.js?sv=7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-111.fra56.r.cloudfront.net
Software
/
Resource Hash
8f244e407e374e5a35e20db52746d972e7e3a09d54952be4bbebb51a90c959e2
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dnevnik.bg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 01 Jul 2022 10:53:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
1587
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=86400; includeSubDomains
content-length
64087
access-control-allow-origin
*
last-modified
Fri, 01 Jul 2022 10:52:14 GMT
etag
"bda2f6d20c6ee79ecef8722dadf19aea"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 0ece2d48b2ca1badca11fa675b7785ea.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA56-P6
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
TuFeORYODwCDUYGCREQJrdXQvKj2qjUxPe2P4AOFBEQJ4qGuRv_yhg==
web
onesignal.com/api/v1/sync/5374b9eb-d0dc-4d25-9d34-5ad05837c28c/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://onesignal.com/api/v1/sync/5374b9eb-d0dc-4d25-9d34-5ad05837c28c/web?callback=__jp0
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151513
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6d4664e47092eae862c019c346ba0001338f249782c92d7ec95a42cbbc77cfd4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dnevnik.bg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 01 Jul 2022 11:19:33 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
HIT
x-permitted-cross-domain-policies
none
age
149
cf-polished
origSize=5281
status
200 OK
x-envoy-upstream-service-time
53
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
bc4939eb-6f24-4c08-8a29-0ce36141a6bb
x-runtime
0.051747
referrer-policy
strict-origin-when-cross-origin
cf-bgj
minify
server
cloudflare
etag
W/"4c5079343f75fad14432fc4e85caecf1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
x-download-options
noopen
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=3600
cf-ray
723ebf54dc922373-ZRH
access-control-allow-headers
SDK-Version
expires
Fri, 01 Jul 2022 12:19:33 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/879861983/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/879861983/?random=1656674373889&cv=9&fst=1656674373889&num=1&label=8I7rCNDM7WgQ38HGowM&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg6t0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.dnevnik.bg%2Fajax%2Fad%2Fnative%2F&tiba=%D0%94%D0%BD%D0%B5%D0%B2%D0%BD%D0%B8%D0%BA%20-%20%D0%9D%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%BE%D1%82%20%D0%91%D1%8A%D0%BB%D0%B3%D0%B0%D1%80%D0%B8%D1%8F%20%D0%B8%20%D1%81%D0%B2%D0%B5%D1%82%D0%B0%2C%20%D0%90%D0%BD%D0%B0%D0%BB%D0%B8%D0%B7%D0%B8%2C%20%D0%92&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d6cb92a104e5ec8c97a89cb56cf315a3cd8dacfae79158922c5acfa9e5f50fad
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dnevnik.bg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Jul 2022 11:19:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1148
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=865591223557665&ev=PageView&dl=https%3A%2F%2Fwww.dnevnik.bg%2Fajax%2Fad%2Fnative%2F&rl=&if=false&ts=1656674373901&sw=1600&sh=1200&v=2.9.64&r=stable&ec=0&o=30&fbp=fb.1.1656674373900.1119211377&it=1656674373799&coo=false&rqm=GET
Requested by
Host: www.dnevnik.bg
URL: https://www.dnevnik.bg/ajax/ad/native/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dnevnik.bg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 01 Jul 2022 11:19:33 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
44
expires
Fri, 01 Jul 2022 11:19:33 GMT
/
www.google.com/pagead/1p-user-list/879861983/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/879861983/?random=1656674373889&cv=9&fst=1656673200000&num=1&label=8I7rCNDM7WgQ38HGowM&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg6t0&sendb=1&frm=0&url=https%3A%2F%2Fwww.dnevnik.bg%2Fajax%2Fad%2Fnative%2F&tiba=%D0%94%D0%BD%D0%B5%D0%B2%D0%BD%D0%B8%D0%BA%20-%20%D0%9D%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%BE%D1%82%20%D0%91%D1%8A%D0%BB%D0%B3%D0%B0%D1%80%D0%B8%D1%8F%20%D0%B8%20%D1%81%D0%B2%D0%B5%D1%82%D0%B0%2C%20%D0%90%D0%BD%D0%B0%D0%BB%D0%B8%D0%B7%D0%B8%2C%20%D0%92&async=1&fmt=3&is_vtc=1&random=2500206488&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: www.dnevnik.bg
URL: https://www.dnevnik.bg/ajax/ad/native/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dnevnik.bg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Jul 2022 11:19:33 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/879861983/ 		42 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/879861983/?random=1656674373889&cv=9&fst=1656673200000&num=1&label=8I7rCNDM7WgQ38HGowM&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg6t0&sendb=1&frm=0&url=https%3A%2F%2Fwww.dnevnik.bg%2Fajax%2Fad%2Fnative%2F&tiba=%D0%94%D0%BD%D0%B5%D0%B2%D0%BD%D0%B8%D0%BA%20-%20%D0%9D%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%BE%D1%82%20%D0%91%D1%8A%D0%BB%D0%B3%D0%B0%D1%80%D0%B8%D1%8F%20%D0%B8%20%D1%81%D0%B2%D0%B5%D1%82%D0%B0%2C%20%D0%90%D0%BD%D0%B0%D0%BB%D0%B8%D0%B7%D0%B8%2C%20%D0%92&async=1&fmt=3&is_vtc=1&random=2500206488&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: www.dnevnik.bg
URL: https://www.dnevnik.bg/ajax/ad/native/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dnevnik.bg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Jul 2022 11:19:33 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
jquery.mousewheel.min.js
cdnjs.cloudflare.com/ajax/libs/jquery-mousewheel/3.1.13/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery-mousewheel/3.1.13/jquery.mousewheel.min.js?_=1656674373639
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/2.1.4/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8e73a30d35c83ea6a597c3343324d2b7df097ad26e67b62efb5266ee12d317b5
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dnevnik.bg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 01 Jul 2022 11:19:34 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
9124934
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1046
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:11:46 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec2-ad3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5yFgBRLmVwcSms0ll757bwCZXV4KqN8KYTOUsxufHY4OEGs7d3PFmUobyLG5u6s38MqqCpa6eXiCaanH2NNySqd8VZRFcLPFzwwKsxFYpCInMqlO4Cggfn1WKs3E0UbUECvS%2BHy40pnoroKwq0WDEGnz"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
723ebf561a580229-ZRH
expires
Wed, 21 Jun 2023 11:19:34 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.dnevnik.bg
URL: https://www.dnevnik.bg/ajax/ad/native/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dnevnik.bg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
1406
date
Fri, 01 Jul 2022 10:56:08 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Fri, 01 Jul 2022 12:56:08 GMT
e2ae984d-b2d2-4bfb-b64f-d457311dd56b
https://www.dnevnik.bg/ 		31 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.dnevnik.bg/e2ae984d-b2d2-4bfb-b64f-d457311dd56b
Requested by
Host: www.dnevnik.bg
URL: https://www.dnevnik.bg/ajax/ad/native/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Length
31
Content-Type
application/javascript
widget_iframe.d7fc2fc075c61f6fa34d79a0cbbf1e34.html
platform.twitter.com/widgets/ Frame D2C3 		319 KB
104 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets/widget_iframe.d7fc2fc075c61f6fa34d79a0cbbf1e34.html?origin=https%3A%2F%2Fwww.dnevnik.bg
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (amb/6B9D) /
Resource Hash
c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e

Request headers

Referer
https://www.dnevnik.bg/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
244136
Cache-Control
public, max-age=315360000
Content-Encoding
gzip
Content-Length
105433
Content-Type
text/html; charset=utf-8
Date
Fri, 01 Jul 2022 11:19:34 GMT
Etag
"8321d7cf58d70200c1423dfa0bca40f6+gzip"
Last-Modified
Thu, 02 Jun 2022 18:01:40 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (amb/6B9D)
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
Vary
Accept-Encoding
X-Cache
HIT
x-tw-cdn
VZ
/
www.dnevnik.bg/user/ajax/usermenu/ 		119 B
318 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.dnevnik.bg/user/ajax/usermenu/
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/2.1.4/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:c33 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9afe1e45789ded4ba6fb9a0bb453c5d2a4dc063113bfe898374c3c2e16af4690
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Referer
https://www.dnevnik.bg/ajax/ad/native/
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Jul 2022 11:19:34 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
cache-control
public, s-maxage=0
cf-ray
723ebf561a2bcc46-ZRH
x-xss-protection
1; mode=block
expires
-1
anchor
www.google.com/recaptcha/api2/ Frame B291 		41 KB
21 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ld2QMIUAAAAAOL_DKBec45aDu1ctha9VKgLLmwq&co=aHR0cHM6Ly93d3cuZG5ldm5pay5iZzo0NDM.&hl=de&v=4rwLQsl5N_ccppoTAwwwMrEN&size=invisible&cb=2k9t7o18w1ex
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
0d44435eee3f29d507f05442582f6a612d5f87bcecf3b0c8ae4bbdd0ecbfeac0
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-CUgj9nbCVwXe1xB5fMXZgQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.dnevnik.bg/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-length
21885
content-security-policy
script-src 'report-sample' 'nonce-CUgj9nbCVwXe1xB5fMXZgQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 01 Jul 2022 11:19:34 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
fb230f9a01459034d49c5341f63b0494_0.js
cdn.sendpulse.com/28edd3380a1c17cf65b137fe96516659/js/push/ 		3 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.sendpulse.com/28edd3380a1c17cf65b137fe96516659/js/push/fb230f9a01459034d49c5341f63b0494_0.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K7P4WH
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::20 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
Content-Security-Policy default-src wss://* blob: data: sendpulse.com *.sendpulse.com *.sendpulse.com:4434 data.sendpulse.com *.pulse-stat.com *.stat-pulse.com *.pulse-stat.com:8080 *.stat-pulse.com:8080 http://*.sendpulse.com:4434 http://*.pulse-stat.com http://*.stat-pulse.com http://*.pulse-stat.com:8080 http://*.stat-pulse.com:8080 *.sendpulse.ua *.sendpulse.by *.sendpulse.kz *.sendpulse.cl *.sendpulse.com.tr *.sendpulse.ng sendpul.se *.sendpul.se *.loginsrc.com *.routee.net *.bizml.ru *.jquery.com *.youtube.com *.ytimg.com *.vimeo.com *.vimeocdn.com *.tinymce.com *.ampproject.org *.hotjar.com *.hotjar.io *.ipinfo.io *.highcharts.com *.appspot.com *.doubleclick.net *.facebook.com *.facebook.net *.fbcdn.net *.fbsbx.com *.rawgit.com *.cloudflare.com *.jsdelivr.net *.kissmetrics.com *.bitrix24.com *.quantserve.com *.quantcount.com *.twitter.com *.offershub.ru *.stripe.com *.braintreegateway.com *.mlstatic.com *.cloudpayments.ru *.woopra.com *.jivosite.com *.google.com *.google.com.ua *.googleadservices.com *.google-analytics.com *.googleapis.com *.googletagmanager.com *.gstatic.com *.online-metrix.net *.retently.com *.maxmind.com *.revisionme.com *.yandex.ru *.ymetrica.ru *.mmapiws.com *.bootstrapcdn.com *.kaptcha.com *.paypal.com *.paypalobjects.com *.mercadopago.com.br *.mercadopago.com *.braintree-api.com vk.com api.telegram.org *.webformscr.com *.yandex.net *.cardinalcommerce.com *.mercadolibre.com *.supportsrc.com *.instagram.com *.googleoptimize.com *.privatbank.ua *.cardinalcommerce.com 'self' 'unsafe-eval' 'unsafe-inline'; img-src blob: data: *; font-src data: *; style-src * 'unsafe-inline';, frame-ancestors 'self';
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dnevnik.bg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Fri, 01 Jul 2022 11:19:34 GMT
x-content-type-options
nosniff
x-77-nzt-ray
Mx6vMiDQ1H8
x-77-cache
HIT
x-cache
HIT
x-age
164891
content-length
3
x-xss-protection
1; mode=block
x-77-nzt
AdRmOI2UV4T/G4QCAA
x-accel-expires
@1657114283
x-sp-ma
sp-ma-1
last-modified
Thu, 16 Sep 2021 09:58:45 GMT
server
CDN77-Turbo
etag
"3-5cc19dc491783"
vary
User-Agent
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=604800
content-security-policy
default-src wss://* blob: data: sendpulse.com *.sendpulse.com *.sendpulse.com:4434 data.sendpulse.com *.pulse-stat.com *.stat-pulse.com *.pulse-stat.com:8080 *.stat-pulse.com:8080 http://*.sendpulse.com:4434 http://*.pulse-stat.com http://*.stat-pulse.com http://*.pulse-stat.com:8080 http://*.stat-pulse.com:8080 *.sendpulse.ua *.sendpulse.by *.sendpulse.kz *.sendpulse.cl *.sendpulse.com.tr *.sendpulse.ng sendpul.se *.sendpul.se *.loginsrc.com *.routee.net *.bizml.ru *.jquery.com *.youtube.com *.ytimg.com *.vimeo.com *.vimeocdn.com *.tinymce.com *.ampproject.org *.hotjar.com *.hotjar.io *.ipinfo.io *.highcharts.com *.appspot.com *.doubleclick.net *.facebook.com *.facebook.net *.fbcdn.net *.fbsbx.com *.rawgit.com *.cloudflare.com *.jsdelivr.net *.kissmetrics.com *.bitrix24.com *.quantserve.com *.quantcount.com *.twitter.com *.offershub.ru *.stripe.com *.braintreegateway.com *.mlstatic.com *.cloudpayments.ru *.woopra.com *.jivosite.com *.google.com *.google.com.ua *.googleadservices.com *.google-analytics.com *.googleapis.com *.googletagmanager.com *.gstatic.com *.online-metrix.net *.retently.com *.maxmind.com *.revisionme.com *.yandex.ru *.ymetrica.ru *.mmapiws.com *.bootstrapcdn.com *.kaptcha.com *.paypal.com *.paypalobjects.com *.mercadopago.com.br *.mercadopago.com *.braintree-api.com vk.com api.telegram.org *.webformscr.com *.yandex.net *.cardinalcommerce.com *.mercadolibre.com *.supportsrc.com *.instagram.com *.googleoptimize.com *.privatbank.ua *.cardinalcommerce.com 'self' 'unsafe-eval' 'unsafe-inline'; img-src blob: data: *; font-src data: *; style-src * 'unsafe-inline';, frame-ancestors 'self';
accept-ranges
bytes
settings
syndication.twitter.com/ Frame D2C3 		512 B
521 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://syndication.twitter.com/settings?session_id=00ce4118fbb5845e2fb4abafb5dd5a83943b3d4f
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.d7fc2fc075c61f6fa34d79a0cbbf1e34.html?origin=https%3A%2F%2Fwww.dnevnik.bg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.136 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
a15f95e938fbfd9ffef12a20682cdb3eebc3cfefa4843ceab38d0ff1a612cbda
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-response-time
106
date
Fri, 01 Jul 2022 11:19:33 GMT
content-encoding
gzip
last-modified
Fri, 01 Jul 2022 11:19:34 GMT
server
tsa_o
vary
Origin
strict-transport-security
max-age=631138519
content-type
application/json; charset=utf-8
access-control-allow-origin
https://platform.twitter.com
cache-control
must-revalidate, max-age=600
access-control-allow-credentials
true
x-connection-hash
f06f9d439317d587f7ac21fe17194228063021cac8418a6bd3232aec7725ed16
content-length
241
collect
www.google-analytics.com/j/ 		4 B
24 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&aip=1&a=1693216185&t=pageview&_s=1&dl=https%3A%2F%2Fwww.dnevnik.bg%2Fajax%2Fad%2Fnative%2F&ul=en-us&de=UTF-8&dt=%D0%94%D0%BD%D0%B5%D0%B2%D0%BD%D0%B8%D0%BA%20-%20%D0%9D%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%BE%D1%82%20%D0%91%D1%8A%D0%BB%D0%B3%D0%B0%D1%80%D0%B8%D1%8F%20%D0%B8%20%D1%81%D0%B2%D0%B5%D1%82%D0%B0%2C%20%D0%90%D0%BD%D0%B0%D0%BB%D0%B8%D0%B7%D0%B8%2C%20%D0%92%D0%B8%D0%B4%D0%B5%D0%BE.&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAAABAAAAAC~&jid=306244139&gjid=17754351&cid=1583969807.1656674374&tid=UA-317994-11&_gid=1737136141.1656674374&_r=1&_slc=1&cd5=NotLoggedIn&z=2034736882
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.dnevnik.bg/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 01 Jul 2022 11:19:34 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.dnevnik.bg
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
box-63c3a81830bf549dafe40b369003f751.html
vars.hotjar.com/ Frame 5597 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://vars.hotjar.com/box-63c3a81830bf549dafe40b369003f751.html
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-3017778.js?sv=7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.65.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-65-19.iad89.r.cloudfront.net
Software
/
Resource Hash
f05ac9ba83369cd58d06d8ee2e5f8d61c040d30d044e20752153f95577627dc6
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Referer
https://www.dnevnik.bg/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
13175
cache-control
max-age=31536000
content-encoding
br
content-length
1044
content-type
text/html
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 01 Jul 2022 07:39:59 GMT
etag
"e6fb1304cb60a0dea0f76f7077cb13c6"
last-modified
Thu, 30 Jun 2022 14:48:22 GMT
strict-transport-security
max-age=86400; includeSubDomains
vary
Accept-Encoding
via
1.1 4a66fbee8ce857225d1bddf53b79420c.cloudfront.net (CloudFront)
x-amz-cf-id
g-BPb5q3k6y8J8u68MQ-oR58bXImF_hpv-1d10lbk4WKFErrpn3UFQ==
x-amz-cf-pop
IAD89-P1
x-cache
Hit from cloudfront
x-robots-tag
none
styles__ltr.css
www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/ Frame B291 		51 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ld2QMIUAAAAAOL_DKBec45aDu1ctha9VKgLLmwq&co=aHR0cHM6Ly93d3cuZG5ldm5pay5iZzo0NDM.&hl=de&v=4rwLQsl5N_ccppoTAwwwMrEN&size=invisible&cb=2k9t7o18w1ex
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 01 Jul 2022 09:50:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
5367
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24237
x-xss-protection
0
last-modified
Mon, 13 Jun 2022 04:02:51 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 01 Jul 2023 09:50:07 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/ Frame B291 		366 KB
145 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ld2QMIUAAAAAOL_DKBec45aDu1ctha9VKgLLmwq&co=aHR0cHM6Ly93d3cuZG5ldm5pay5iZzo0NDM.&hl=de&v=4rwLQsl5N_ccppoTAwwwMrEN&size=invisible&cb=2k9t7o18w1ex
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d1146849b14934539a02490c2934b135178838306e98e2a490a8aac3206f8036
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 01 Jul 2022 10:50:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1774
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
148046
x-xss-protection
0
last-modified
Mon, 13 Jun 2022 04:02:51 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 01 Jul 2023 10:50:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
442 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-317994-11&cid=1583969807.1656674374&jid=306244139&gjid=17754351&_gid=1737136141.1656674374&_u=YEBAAAAAAAAAAC~&z=1011260510
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c1b::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.dnevnik.bg/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Fri, 01 Jul 2022 11:19:34 GMT
content-type
text/plain
access-control-allow-origin
https://www.dnevnik.bg
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame B291 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/recaptcha/api2/logo_48.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 30 Jun 2022 19:40:09 GMT
x-content-type-options
nosniff
age
56365
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2228
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
expires
Thu, 07 Jul 2022 19:40:09 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame B291 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ld2QMIUAAAAAOL_DKBec45aDu1ctha9VKgLLmwq&co=aHR0cHM6Ly93d3cuZG5ldm5pay5iZzo0NDM.&hl=de&v=4rwLQsl5N_ccppoTAwwwMrEN&size=invisible&cb=2k9t7o18w1ex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 28 Jun 2022 17:06:41 GMT
x-content-type-options
nosniff
age
238373
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 28 Jun 2023 17:06:41 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame B291 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ld2QMIUAAAAAOL_DKBec45aDu1ctha9VKgLLmwq&co=aHR0cHM6Ly93d3cuZG5ldm5pay5iZzo0NDM.&hl=de&v=4rwLQsl5N_ccppoTAwwwMrEN&size=invisible&cb=2k9t7o18w1ex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 28 Jun 2022 08:48:37 GMT
x-content-type-options
nosniff
age
268257
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15552
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 28 Jun 2023 08:48:37 GMT
webworker.js
www.google.com/recaptcha/api2/ Frame B291 		102 B
132 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=4rwLQsl5N_ccppoTAwwwMrEN
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ld2QMIUAAAAAOL_DKBec45aDu1ctha9VKgLLmwq&co=aHR0cHM6Ly93d3cuZG5ldm5pay5iZzo0NDM.&hl=de&v=4rwLQsl5N_ccppoTAwwwMrEN&size=invisible&cb=2k9t7o18w1ex
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
36bc338d4454d68ba19d0b4ad84e5b9bd5cc04d8f1f97d0a6481a8044b76fa95
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ld2QMIUAAAAAOL_DKBec45aDu1ctha9VKgLLmwq&co=aHR0cHM6Ly93d3cuZG5ldm5pay5iZzo0NDM.&hl=de&v=4rwLQsl5N_ccppoTAwwwMrEN&size=invisible&cb=2k9t7o18w1ex
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 01 Jul 2022 11:19:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
cross-origin-embedder-policy
require-corp
x-frame-options
SAMEORIGIN
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
110
x-xss-protection
1; mode=block
expires
Fri, 01 Jul 2022 11:19:34 GMT
ga-audiences
www.google.com/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-317994-11&cid=1583969807.1656674374&jid=306244139&_u=YEBAAAAAAAAAAC~&z=863460380
Requested by
Host: www.dnevnik.bg
URL: https://www.dnevnik.bg/ajax/ad/native/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dnevnik.bg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Jul 2022 11:19:34 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-317994-11&cid=1583969807.1656674374&jid=306244139&_u=YEBAAAAAAAAAAC~&z=863460380
Requested by
Host: www.dnevnik.bg
URL: https://www.dnevnik.bg/ajax/ad/native/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dnevnik.bg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Jul 2022 11:19:34 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ Frame 953D 		0
18 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Requested by
Host: www.dnevnik.bg
URL: https://www.dnevnik.bg/ajax/ad/native/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://www.dnevnik.bg
Referer
https://www.dnevnik.bg/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
https://www.dnevnik.bg
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
content-type
text/plain
cross-origin-resource-policy
cross-origin
date
Fri, 01 Jul 2022 11:19:34 GMT
priority
u=0
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
visit-data
in.hotjar.com/api/v2/client/sites/3017778/ 		147 B
323 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://in.hotjar.com/api/v2/client/sites/3017778/visit-data?sv=7
Requested by
Host: script.hotjar.com
URL: https://script.hotjar.com/modules.b4253c4a74219da558ee.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.30.157.40 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-30-157-40.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
d2e4914ae962acd061798de5379f9e74b461e90543002cf3f284d6a29dcd5f23

Request headers

Referer
https://www.dnevnik.bg/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain; charset=UTF-8

Response headers

date
Fri, 01 Jul 2022 11:19:34 GMT
content-encoding
br
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store
access-control-allow-credentials
true
3017778
vc.hotjar.io/sessions/ 		0
256 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vc.hotjar.io/sessions/3017778?s=0.25&r=0.006088715602243333
Requested by
Host: script.hotjar.com
URL: https://script.hotjar.com/modules.b4253c4a74219da558ee.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-19.fra56.r.cloudfront.net
Software
Python/3.7 aiohttp/3.5.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dnevnik.bg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 01 Jul 2022 11:19:34 GMT
via
1.1 83f46196ad7d99e4351e2a7adab8f174.cloudfront.net (CloudFront)
server
Python/3.7 aiohttp/3.5.4
x-amz-cf-pop
FRA56-P5
x-cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
no-store
x-amz-cf-id
0lKRs3ki2A4w-dGmtaF6eCcAsH3jXq39NEZKDXgzB4h9PeuG9_xaqw==

Verdicts & Comments Add Verdict or Comment

152 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation function| $ function| jQuery function| BlockAdBlock object| blockAdBlock function| MobileDetect string| query string| dvCookie undefined| md string| $_root boolean| $logged object| _io_config object| dataLayer object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client function| OneSignal object| FB object| recaptcha object| google_tag_manager function| postscribe object| google_tag_manager_external object| google_tag_data function| hj object| _hjSettings function| fbq function| _fbq object| _io_widget object| __io object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| hjLazyModules number| __oneSignalSdkLoadCount function| __jp0 function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO object| _google_rum_ns_ object| google_persistent_state_async number| google_global_correlator object| google_js_reporting_queue number| google_srt function| mb function| Goog_AdSense_Lidar_sendVastEvent function| Goog_AdSense_Lidar_getViewability function| Goog_AdSense_Lidar_getUrlSignalsArray function| Goog_AdSense_Lidar_getUrlSignalsList object| module$contents$ima$CompanionAdSelectionSettings_CompanionAdSelectionSettings object| module$contents$ima$AdsRenderingSettings_AdsRenderingSettings object| ima object| module$contents$ima$AdCuePoints_AdCuePoints object| module$contents$ima$AdError_AdError object| module$contents$ima$AdErrorEvent_AdErrorEvent object| module$contents$ima$AdEvent_AdEvent object| module$contents$ima$AdsManagerLoadedEvent_AdsManagerLoadedEvent object| google object| vttjs function| WebVTT function| videojs function| videojsContribAds function| videojsIma undefined| player undefined| options undefined| contentPlayer undefined| initAdDisplayContainer undefined| startEvent undefined| wrapperDiv string| BLANK boolean| pp_alreadyInitialized function| moment object| Modernizr function| freewall function| Freewall function| Pikaday object| audiojs function| audiojsInstance boolean| mCustomScrollbar function| UserScrollDisabler boolean| supportsOrientationChange string| orientationEvent undefined| isOldIE undefined| isIE boolean| ieVersion function| calcAside function| initWallGalleries function| selectElementContents function| hideModal function| reloadCommentCaptcha function| initScripts function| openFormModal object| emailRegex function| prettyPhotoLoad function| reloadCaptcha function| changeForm string| path boolean| devEnv string| pathRoot string| currentPath boolean| loadingComments function| replaceShareUrl function| validateEmail function| validateUrl function| reloadCommentFormCaptcha function| checkYoutube function| checkSubscribeComments function| checkVimeo undefined| videoProgressInterval undefined| playerObj undefined| playerVideoUrl function| startVideoProgressChecking function| stopVideoProgressChecking undefined| progressReach function| checkVideoProgress function| olxSelectActiveMonth function| resendRegistrationEmail function| showDeletedComment function| debateVoteAndUpdateNumbers function| debateVoteItEffects function| enhancedScrollTo function| StickyHeader object| Poll undefined| make_copy_button string| gaClientId string| GoogleAnalyticsObject function| ga undefined| formSubmit object| __twttrll object| twttr object| __twttr boolean| doresize object| scroll_pos boolean| hashtag object| closure_lm_992822 object| gaplugins object| gaGlobal object| gaData function| onYouTubeIframeAPIReady

18 Cookies

Domain/Path Name / Value
www.dnevnik.bg/ Name: device_view
Value: full
.dnevnik.bg/ Name: __io_d
Value: 1_4041697707
www.dnevnik.bg/ Name: __io_lv
Value: 1656674373777
www.dnevnik.bg/ Name: __io
Value: e5c65c936.882dacb15_1656674373777
.dnevnik.bg/ Name: __io_session_id
Value: 51fa62782.c67f963f5_1656674373778
.dnevnik.bg/ Name: __io_nav_state18631
Value: %7B%22current%22%3A%22%2Fajax%2Fad%2Fnative%2F%22%2C%22currentDomain%22%3A%22www.dnevnik.bg%22%2C%22previousDomain%22%3A%22%22%7D
.dnevnik.bg/ Name: _fbp
Value: fb.1.1656674373900.1119211377
.facebook.com/ Name: fr
Value: 0yPy1EjMsQchLsbe3..BivthF...1.0.BivthF.
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.dnevnik.bg/ Name: _ga
Value: GA1.2.1583969807.1656674374
.dnevnik.bg/ Name: _gid
Value: GA1.2.1737136141.1656674374
.dnevnik.bg/ Name: _gat
Value: 1
.dnevnik.bg/ Name: _hjSessionUser_3017778
Value: eyJpZCI6IjJiM2VjN2VkLTMzYTQtNWNiNi04Mzc5LWZhNDBhYTE4MjQzMCIsImNyZWF0ZWQiOjE2NTY2NzQzNzM4NjYsImV4aXN0aW5nIjpmYWxzZX0=
.dnevnik.bg/ Name: _hjFirstSeen
Value: 1
www.dnevnik.bg/ Name: _hjIncludedInSessionSample
Value: 0
.dnevnik.bg/ Name: _hjSession_3017778
Value: eyJpZCI6Ijg5ZjZhMDYzLTVkYWQtNDlkOS1hZTMzLWU3Zjg1YWNjNGRmNCIsImNyZWF0ZWQiOjE2NTY2NzQzNzQ0ODMsImluU2FtcGxlIjpmYWxzZX0=
www.dnevnik.bg/ Name: _hjIncludedInPageviewSample
Value: 1
.dnevnik.bg/ Name: _hjAbsoluteSessionInProgress
Value: 1

1 Console Messages

Source Level URL
Text
network error URL: https://www.dnevnik.bg/ajax/ad/native/
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
cdn.economedia.bg
cdn.onesignal.com
cdn.onthe.io
cdn.sendpulse.com
cdnjs.cloudflare.com
connect.facebook.net
fonts.gstatic.com
googleads.g.doubleclick.net
imasdk.googleapis.com
in.hotjar.com
onesignal.com
platform.twitter.com
script.hotjar.com
static.hotjar.com
stats.g.doubleclick.net
syndication.twitter.com
tt.onthe.io
vars.hotjar.com
vc.hotjar.io
www.dnevnik.bg
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
104.244.42.136
108.138.7.111
108.138.7.27
116.203.212.0
142.250.185.98
18.66.112.19
18.67.65.19
2606:2800:234:59:254c:406:2366:268c
2606:4700:10::6816:c33
2606:4700::6811:190e
2606:4700::6812:e234
2a00:1450:4001:800::200a
2a00:1450:4001:809::2003
2a00:1450:4001:80b::2003
2a00:1450:4001:80b::2004
2a00:1450:4001:80e::2008
2a00:1450:4001:80e::200e
2a00:1450:4001:82b::2003
2a00:1450:4001:82f::2002
2a00:1450:400c:c1b::9d
2a00:1450:4017:801::200a
2a02:6ea0:c700::20
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a06:98c1:3121::3
52.30.157.40
88.99.5.37
00e67a6bb1601297c954a9c6438eb956f4ca87253683fb348d1bda64cee7d1ca
02a6fbfef2c21355b2594d3ab924f1464d8e0224367c301ed0a3710f81056bf8
0b956a4911b3aebf54d319b68ae3e37e03b49b7a444e0513ac5d45c54443784b
0d44435eee3f29d507f05442582f6a612d5f87bcecf3b0c8ae4bbdd0ecbfeac0
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
156cedcbc2079028f7bc16c62a505811e12afe92983a126c4c2924d06bb73165
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
21061765237c66c10b48e236063a3497c22d33629e98f8654d1a3b860fa48700
22642f202577f0ba2f22cbe56b6cf291a09374487567cd3563e0d2a29f75c0c5
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2a9eff5371f1ffa91a49acfeca19d98c91e1a55a101b93ae5cdc15f5917b5ba5
330c23f9dd1a85cf6769dc96dbe133f053affefc195cf9645560d59306a8a468
36bc338d4454d68ba19d0b4ad84e5b9bd5cc04d8f1f97d0a6481a8044b76fa95
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
4b1b8a317a5c6de64b988d630a66b74f994cc692b8ed9970341b874359b6861f
4e3d2707ef10ea6831eb004b917447cc797c933b267e1cf31eb88b450413d371
569831d47fe57e18ab5fabaa3534378fe2bcea9b052773a25f4beae4b384ab0a
57c913dc95d16172397422ada208071f527339dc1153b77a26b24598923be6d7
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5df9eee36a61ef8f89d39c04ff402ded30aa9c627b6ef2134f55fa0e8b537153
697c6ee2e636ddd9c0f2d2983f48262099ee3559d076b63b02aed15d6d23512d
69acc5bbc810da8a80854f2e45b8e3ed667560f4f90eef2a5aa13a346febaff6
6d4664e47092eae862c019c346ba0001338f249782c92d7ec95a42cbbc77cfd4
706026a1d7de82e7de684909f8eb173e36f500e0dbb0009255e053810d3bbe38
74b0f13c636520f8011525976abe1f04cdc628c0554a1abbbb53ebcd35dc3e21
7512bf3b9ec62642bc0800d0ca3c5b8b37a1384814cc7a29d31f6823740fd403
7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d
7fc1d45815ccd75d7cbbd3266f128d742dc4d223ea7ce2568b0c03fb80a92a83
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
871e0f85b117aab1fa91c88b9823b85d2c3df79f0b746c0df304785f1bee2c3f
8c8dc824ee902a6c1fe541b39f53c2563609449f3e4834fda2144a743f8f4017
8e73a30d35c83ea6a597c3343324d2b7df097ad26e67b62efb5266ee12d317b5
8f244e407e374e5a35e20db52746d972e7e3a09d54952be4bbebb51a90c959e2
9008d344ca4cbcf1a3235188d719d3b50b956e5c788f6aab9256aec44fc7977c
9afe1e45789ded4ba6fb9a0bb453c5d2a4dc063113bfe898374c3c2e16af4690
9c37f755e2c7e7816a5f76825ff775ced614d89a3a4388e501cb6647b4c8c82e
a03490f3bf940e831c668d3855b6a61713bc50543405acb77aac286d566b4348
a15f95e938fbfd9ffef12a20682cdb3eebc3cfefa4843ceab38d0ff1a612cbda
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a64d89a39eec9f7f39954610c6f89ce5a5f28f74a560c632554eda7d00639221
a8eb67d5a3bcf1a3f050b94e755229ce18ee9dd19f19f8246c3ecefbe2bef236
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
d1146849b14934539a02490c2934b135178838306e98e2a490a8aac3206f8036
d2e4914ae962acd061798de5379f9e74b461e90543002cf3f284d6a29dcd5f23
d492c662a2b59515b896e7c109670738563fab5e7b904af516fc7cd36fe47c48
d6cb92a104e5ec8c97a89cb56cf315a3cd8dacfae79158922c5acfa9e5f50fad
dbd54fc93f46a0f1fb751bab8ea1034850ae0db50e375bc54f8ffc6924b96d1d
dccafac57a7fcedce0d95d35007b502104f45b82f43f052159c370258ef13a53
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e576f12e82c468567e420386b68476ff7045815976395bc6baad1a822c7368a7
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f05ac9ba83369cd58d06d8ee2e5f8d61c040d30d044e20752153f95577627dc6
f66c72eba2fc065baa8d7efee6e00af0dbc191d553f4bfa46369a0ee6be00020
f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48
f8bdb531d36caf4bb43071d1be58a2d1b153d3a403f4b8f4e6a919dd46213f47
f993a39b2b3f10a7a4f1f186ad1cbb54559128b951804a26b629d377df3a3c17
fa42c817e731b6df7c3e7c5c2f88f70de78deefcdca470187cbbf1e862649922
fce728809698763aa80f1ea36768cf3875ec41ae2f264fb81fc28a153111fb46
fd58b252c6da4e955bdabc02ccb44597abc7ca2e1f01805880a066345f98711c