urlscan.io logo urlscan.io
SecurityTrails logo

bul.ba-homecare.com Open in urlscan Pro
2606:4700:3031::6815:1522  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://bul.ba-homecare.com/
Effective URL: https://bul.ba-homecare.com/
Submission Tags: falconsandbox
Submission: On August 21 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 5 countries across 10 domains to perform 33 HTTP transactions. The main IP is 2606:4700:3031::6815:1522, located in United States and belongs to CLOUDFLARENET, US. The main domain is bul.ba-homecare.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 20th 2022. Valid for: a year.
This is the only time bul.ba-homecare.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

12    2606:4700:3031::6815:1522 (United States)

ASN13335 (CLOUDFLARENET, US)
bul.ba-homecare.com
3    2a00:1450:400a:808::200a (Zurich, Switzerland)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    185.177.92.179 (Amsterdam, Netherlands)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
PTR: ip-185-177-92-179.ah-server.com
op06.biz
1    2600:9000:21f3:3c00:6:b871:4f00:93a1 (United States)

ASN16509 (AMAZON-02, US)
cmp.optad360.io
2    2600:9000:21f3:6a00:11:a4de:2580:93a1 (United States)

ASN16509 (AMAZON-02, US)
get.optad360.io
4    2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
7    2a02:6b8::1:119 (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)
mc.yandex.ru
mc.yandex.com
3    142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net
securepubads.g.doubleclick.net
1    2a04:4e42:400::485 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
3    13.225.78.123 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-123.fra2.r.cloudfront.net
optad360.mgr.consensu.org
Apex Domain
Subdomains		 Transfer
12 ba-homecare.com
bul.ba-homecare.com
232 KB
5 yandex.com
mc.yandex.com — Cisco Umbrella Rank: 10960
2 KB
4 gstatic.com
fonts.gstatic.com
113 KB
3 consensu.org
optad360.mgr.consensu.org — Cisco Umbrella Rank: 117575
241 KB
3 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 218
159 KB
3 optad360.io
cmp.optad360.io — Cisco Umbrella Rank: 47240
get.optad360.io — Cisco Umbrella Rank: 27697
659 KB
3 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 54
3 KB
2 yandex.ru
mc.yandex.ru — Cisco Umbrella Rank: 3880
71 KB
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 422
1 KB
1 op06.biz
op06.biz
13 KB
33 10
Domain Requested by
12 bul.ba-homecare.com 1 redirects bul.ba-homecare.com
5 mc.yandex.com 2 redirects bul.ba-homecare.com
4 fonts.gstatic.com fonts.googleapis.com
3 optad360.mgr.consensu.org cmp.optad360.io
optad360.mgr.consensu.org
3 securepubads.g.doubleclick.net get.optad360.io
securepubads.g.doubleclick.net
3 fonts.googleapis.com bul.ba-homecare.com
2 mc.yandex.ru 1 redirects bul.ba-homecare.com
2 get.optad360.io bul.ba-homecare.com
get.optad360.io
1 cdn.jsdelivr.net get.optad360.io
1 cmp.optad360.io bul.ba-homecare.com
1 op06.biz bul.ba-homecare.com
33 11

This site contains links to these domains. Also see Links.

Domain
swe.ba-homecare.com
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-05-20 -
2023-05-20		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-08-01 -
2022-10-24		 3 months crt.sh
op04.biz
R3		 2022-07-27 -
2022-10-25		 3 months crt.sh
*.optad360.io
Amazon		 2021-11-17 -
2022-12-15		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2022-08-01 -
2022-10-24		 3 months crt.sh
mc.yandex.ru
GlobalSign ECC OV SSL CA 2018		 2022-05-21 -
2022-10-31		 5 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-08-01 -
2022-10-24		 3 months crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2022 Q1		 2022-03-21 -
2023-04-22		 a year crt.sh
optad360.mgr.consensu.org
Amazon		 2022-05-23 -
2023-06-21		 a year crt.sh

This page contains 2 frames:

Primary Page: https://bul.ba-homecare.com/
Frame ID: 907BA41371D4DDCC890F3F9E86249FC8
Requests: 31 HTTP requests in this frame

Frame: https://optad360.mgr.consensu.org/cmp/v2/cmp-3.0.0.min.js
Frame ID: ABAEEFB78A7F0D3B7BBBB353B895EBC0
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Портал Рак 2022

Page URL History Show full URLs

  1. http://bul.ba-homecare.com/ HTTP 301
    https://bul.ba-homecare.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • ([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js
Overall confidence: 100%
Detected patterns
  • mc\.yandex\.ru/metrika/(?:tag|watch)\.js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

33
Requests

94 %
HTTPS

70 %
IPv6

10
Domains

11
Subdomains

10
IPs

5
Countries

1493 kB
Transfer

3707 kB
Size

11
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://bul.ba-homecare.com/ HTTP 301
    https://bul.ba-homecare.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 23
  • https://mc.yandex.com/sync_cookie_image_check HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9737.LBXjzTUGV9t9FZv1RjeFGQWbeSNLyG5z-n1ee4A4teX3tu8aES6EHncclN8F6vh-.7yjiu42GslMLzfABQMHxwzlHJ_w%2C HTTP 302
  • https://mc.yandex.com/sync_cookie_image_decide?token=9737.mUlfE400tmHDydgtAKmJyOJNSD-7YVgkA7EXMM1VP4Yl2RxSePdjqddGWHD6-EKFU1mB3Ny_x8_QO0zBPBGklw%2C%2C.uoRAr52-sqGI-Al8B4akFqQnT6k%2C
Request Chain 29
  • https://mc.yandex.com/watch/65879380?wmode=7&page-url=https%3A%2F%2Fbul.ba-homecare.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Anlzej4hetqp77kpsc2e48%3Afp%3A299%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A870%3Acn%3A1%3Adp%3A0%3Als%3A1266209218171%3Ahid%3A1064904304%3Az%3A0%3Ai%3A20220821200649%3Aet%3A1661112410%3Ac%3A1%3Arn%3A1013017319%3Arqn%3A1%3Au%3A1661112410638475466%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1661112409083%3Ads%3A0%2C25%2C55%2C4%2C33%2C0%2C%2C203%2C22%2C%2C%2C%2C320%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1661112410%3At%3A%D0%9F%D0%BE%D1%80%D1%82%D0%B0%D0%BB%20%D0%A0%D0%B0%D0%BA%202022&t=gdpr(14)clc(0-0-0)aw(1)rqnt(1)rqnl(1)ti(2) HTTP 302
  • https://mc.yandex.com/watch/65879380/1?wmode=7&page-url=https%3A%2F%2Fbul.ba-homecare.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Anlzej4hetqp77kpsc2e48%3Afp%3A299%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A870%3Acn%3A1%3Adp%3A0%3Als%3A1266209218171%3Ahid%3A1064904304%3Az%3A0%3Ai%3A20220821200649%3Aet%3A1661112410%3Ac%3A1%3Arn%3A1013017319%3Arqn%3A1%3Au%3A1661112410638475466%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1661112409083%3Ads%3A0%2C25%2C55%2C4%2C33%2C0%2C%2C203%2C22%2C%2C%2C%2C320%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1661112410%3At%3A%D0%9F%D0%BE%D1%80%D1%82%D0%B0%D0%BB%20%D0%A0%D0%B0%D0%BA%202022&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29rqnl%281%29ti%282%29

33 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
bul.ba-homecare.com/
Redirect Chain
  • http://bul.ba-homecare.com/
  • https://bul.ba-homecare.com/
31 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bul.ba-homecare.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:1522 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a947b5dd39b1b81144e996ef6b67fbc63d12b00fe55af17045436457eae0a1bf

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=604800
cf-cache-status
DYNAMIC
cf-ray
73e5fdcd2f3b9bda-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Sun, 21 Aug 2022 20:06:49 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
Sun, 28 Aug 2022 20:06:49 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bvHfV4ghMMihlJ9LF9DPi8RPBMsZs2pWXgOlBQhHucMwPZFaHeYUpyIEHTSDcgyApGX8VTol6FCfHZeq5Tbbq3X%2FA2QGaUTVuZI6lCoJnghD%2FOeKgyQ3IzNSPoN9Qx3K7173OcBCI6XsClKPSD2uaKlT"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

CF-RAY
73e5fdccdacb9bee-FRA
Cache-Control
max-age=3600
Connection
keep-alive
Date
Sun, 21 Aug 2022 20:06:49 GMT
Expires
Sun, 21 Aug 2022 21:06:49 GMT
Location
https://bul.ba-homecare.com/
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rrBh%2Bq8Sy19p4LN5Yem5vHlYG2lp7awzu%2B2DcQvPr5uQkRv4TfZbg6Ym0V%2FQGAa8VZ%2BjI1FPBt5ZqlPHZwNKlT3NAAZcvoa2X9ZuyTBNIrZ%2BS3L1sQgLmPZPfSHKinkinIghLyHi2L4GZ26kWXsOS4jS"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
css
fonts.googleapis.com/ 		8 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Noto+Serif:400,400italic,700,700italic
Requested by
Host: bul.ba-homecare.com
URL: https://bul.ba-homecare.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400a:808::200a Zurich, Switzerland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b12d66fc78de78893e51b8ab59ece06934a1a1df8e12b31466812337a9fd4815
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bul.ba-homecare.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 21 Aug 2022 19:34:31 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Sun, 21 Aug 2022 20:06:49 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 21 Aug 2022 20:06:49 GMT
css
fonts.googleapis.com/ 		2 KB
596 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Raleway:900
Requested by
Host: bul.ba-homecare.com
URL: https://bul.ba-homecare.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400a:808::200a Zurich, Switzerland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
25bce5af4eb1cc99310d78a4e37368ab78946f8b83d0962f95a91253f97dfee8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bul.ba-homecare.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 21 Aug 2022 19:36:29 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Sun, 21 Aug 2022 20:06:49 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 21 Aug 2022 20:06:49 GMT
css
fonts.googleapis.com/ 		26 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:300,300i,400,400i,600,600i,700,700i,800,800i
Requested by
Host: bul.ba-homecare.com
URL: https://bul.ba-homecare.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400a:808::200a Zurich, Switzerland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
47a7dd0cada3c63b3d5981848b65973772a3f5ccc578d16ed90e3aa1b74056ab
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bul.ba-homecare.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 21 Aug 2022 19:52:31 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Sun, 21 Aug 2022 20:06:49 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 21 Aug 2022 20:06:49 GMT
font-awesome.css
bul.ba-homecare.com/template/beacon/css/ 		25 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bul.ba-homecare.com/template/beacon/css/font-awesome.css
Requested by
Host: bul.ba-homecare.com
URL: https://bul.ba-homecare.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:1522 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc7be13b6c7e0cded144299ac8f655fdcee22507d7c17a8456ffef02e9834672

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bul.ba-homecare.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 20:06:49 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 29 Aug 2018 12:28:24 GMT
server
cloudflare
etag
W/"64be-5749218392a00-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lAuclAJIs5J9H2cSt3MPv4Q7Vctu1INMt7wj6eqvOvYW4J%2FeN2qE%2BaQffNzGdtXw%2FDqXzd2JcuULa7rRHeoGJvSDGAh2eg8gn8vaw4fpS5y24KgxFyOjGSErF7jAcOjHtjxZrTM4Ra1vC8Y6g%2BnroKCV"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
73e5fdcda8439bda-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Sun, 28 Aug 2022 20:06:49 GMT
bootstrap.min.css
bul.ba-homecare.com/template/beacon/css/ 		126 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bul.ba-homecare.com/template/beacon/css/bootstrap.min.css
Requested by
Host: bul.ba-homecare.com
URL: https://bul.ba-homecare.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:1522 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f12d27fdacc4ec715f16bdfa5eb10e761f97fc05727ec9317648a74fefe94887

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bul.ba-homecare.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 20:06:49 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 24 Jul 2020 14:53:40 GMT
server
cloudflare
etag
W/"1f847-5ab3123726500-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Gle%2FFra2mG8NxEj7ugTWYAJldW69RZ%2B3zxP1dw%2FJtcUWpxO4pQEQWK4zYCiI7Q%2FxqpfSLDpGOfl8OTNcfxwRM0bLbUQ1UCR1APecFGclob%2BnmJcA31jPmzeNX8q1dz6o4VROsa%2B4ZIsVIxEC28haII6P"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
73e5fdcda8459bda-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Sun, 28 Aug 2022 20:06:49 GMT
style.min.css
bul.ba-homecare.com/template/beacon/css/ 		162 KB
23 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bul.ba-homecare.com/template/beacon/css/style.min.css
Requested by
Host: bul.ba-homecare.com
URL: https://bul.ba-homecare.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:1522 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
28da0fee41f7bbdfa17641e3eaecc23306a56cf8a52a862dfda433dcf93b2dcd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bul.ba-homecare.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 20:06:49 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 24 Jul 2020 15:11:29 GMT
server
cloudflare
etag
W/"286d6-5ab31632a0a40-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MBCCyQz5IMZMdM5gULZxQE%2FwUB40KtbJUmkVahdj%2F5a2cDZHMjLSWprzUD0lmPXfvl4BAUQaF%2FmpQNXJD%2Fiz%2BUQeRwCrIP07uNb9x60T7U3LbX%2BuzBMbSTtH7O0SIw8cqcDL7eMjEFjUJ3%2FDzwDVIr0x"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
73e5fdcda8469bda-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Sun, 28 Aug 2022 20:06:49 GMT
/
op06.biz/ 		13 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://op06.biz/?pu=mrqtgzdfgu5ha3ddf4ztsnrx
Requested by
Host: bul.ba-homecare.com
URL: https://bul.ba-homecare.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.177.92.179 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
ip-185-177-92-179.ah-server.com
Software
nginx /
Resource Hash
4a8937715d9e8db02bcc4ef07079b3eb6c80b0304e55ce0e11e76f171a26b9a1
Security Headers
Name Value
Content-Security-Policy img-src https: data:; upgrade-insecure-requests
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bul.ba-homecare.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sun, 21 Aug 2022 20:06:49 GMT
server
nginx
content-security-policy
img-src https: data:; upgrade-insecure-requests
strict-transport-security
max-age=31536000
content-type
application/javascript; charset=UTF-8
0780fbf8-42da-4008-90c1-de4c489518b6.min.js
cmp.optad360.io/items/ 		253 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cmp.optad360.io/items/0780fbf8-42da-4008-90c1-de4c489518b6.min.js
Requested by
Host: bul.ba-homecare.com
URL: https://bul.ba-homecare.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:3c00:6:b871:4f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
984b08d83e4e2b4d970369230e3e1f0c6668f6fbc03a7a4ae3577865b82aab74

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bul.ba-homecare.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 19:50:16 GMT
content-encoding
gzip
last-modified
Wed, 14 Apr 2021 09:11:13 GMT
server
AmazonS3
age
994
etag
W/"9427cc71693f059949782f71627ce380"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 c7015d60d4f8f2170aaaa75e69e40618.cloudfront.net (CloudFront)
cache-control
public, max-age=3600
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
AGjOojyo7LHpWUVESnRU7y5TAlhDB3ADdn31Olpo6uYIfIYiNtu40A==
plugin.min.js
get.optad360.io/sf/8f751082-17c0-4e33-bc39-414ab274dbae/ 		277 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://get.optad360.io/sf/8f751082-17c0-4e33-bc39-414ab274dbae/plugin.min.js
Requested by
Host: bul.ba-homecare.com
URL: https://bul.ba-homecare.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:6a00:11:a4de:2580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
cec878b914572083e159d4a3697e8c67bfde4a9f5140a23a31a249d5eb10ebe0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bul.ba-homecare.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 20:06:18 GMT
content-encoding
gzip
last-modified
Tue, 31 May 2022 10:19:18 GMT
server
AmazonS3
age
32
etag
W/"27b60b15dbe6654897c26f3244bd1f24"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 e1e056e45a0f8d6bc22b223900511170.cloudfront.net (CloudFront)
cache-control
public, max-age=3600
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
DA1mtCx1r3FH1lH8Y4UgJeIzPV9ys1hQNvkngwP_NleMRl2FFE7w8w==
logo-p.png
bul.ba-homecare.com/template/beacon/img/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bul.ba-homecare.com/template/beacon/img/logo-p.png
Requested by
Host: bul.ba-homecare.com
URL: https://bul.ba-homecare.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:1522 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc36201995ace6bc58d5911a0622f92bed5bde7260d747c5d92b7e1abbcc7e38

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bul.ba-homecare.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 20:06:49 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
32
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
8860
last-modified
Fri, 24 Jul 2020 14:38:19 GMT
server
cloudflare
etag
"229c-5ab30ec8d0cc0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DVoMtccmabC61L3dM1jTJXQ7qud8maiYJXoCFpOsFMQ4GMw43eGET3HL%2BHMEvTFIkTx8%2Bs2VDrVNsA96FdBAyXa2mXwCGIHf3vID%2BCB0p2s1Y7zRLV2QYeIpaQBb0iT9%2F%2BM4ZWodG4VPLWTHmMaeg91s"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
73e5fdcddf72926e-FRA
expires
Tue, 20 Sep 2022 20:06:17 GMT
logo-s.png
bul.ba-homecare.com/template/beacon/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bul.ba-homecare.com/template/beacon/img/logo-s.png
Requested by
Host: bul.ba-homecare.com
URL: https://bul.ba-homecare.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:1522 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e1c376184b23f016a8bc9162124b8aabfeafeacea93024be67208685a5d5e779

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bul.ba-homecare.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 20:06:49 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
32
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
7727
last-modified
Fri, 24 Jul 2020 14:39:12 GMT
server
cloudflare
etag
"1e2f-5ab30efb5c400"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gFYIKDC%2FBjB9wa06ZVS0thcECRiuUH%2F8MIF06VLWmoIeCfkU71iUO1yY7sLxcxhC0jQjiU69qZ6%2FXpEqApxQ4G8vkPDOEs3UeI3pf6uvmI%2FuxJK93V6dfYThMGmCus3DvpJ2MXvAKpN04x1pHudkxQNR"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
73e5fdcddf73926e-FRA
expires
Tue, 20 Sep 2022 20:06:17 GMT
jquery-1.11.2.min.js
bul.ba-homecare.com/template/beacon/js/ 		94 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bul.ba-homecare.com/template/beacon/js/jquery-1.11.2.min.js
Requested by
Host: bul.ba-homecare.com
URL: https://bul.ba-homecare.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:1522 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2ecd295d295bec062cedebe177e54b9d6b19fc0a841dc5c178c654c9ccff09c0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bul.ba-homecare.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 20:06:49 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
32
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 29 Aug 2018 12:28:31 GMT
server
cloudflare
etag
W/"176bb-5749218a3f9c0-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Rt8IMTxnpX9L2mC6umL4Y3vfjxSUmgEMl7bT9AuXQ%2BYqJlLIDLnkjvKcPasz%2FwT7AfykNR3UX%2FclaDctR4iv%2F3vQgt7IvR97DKfg8ntJln52jJibOK3T1k2ucZRm2WK8wJtO%2F5O8HGTiN805BVrflW%2BT"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=604800
cf-ray
73e5fdcddf66926e-FRA
expires
Sun, 28 Aug 2022 20:06:17 GMT
modernizr.min.js
bul.ba-homecare.com/template/beacon/js/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bul.ba-homecare.com/template/beacon/js/modernizr.min.js
Requested by
Host: bul.ba-homecare.com
URL: https://bul.ba-homecare.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:1522 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d2b82e612d2a812e8be2a57300dab8923c4f2edbe7a799e7da70791b595646fe

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bul.ba-homecare.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 20:06:49 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
32
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 29 Aug 2018 12:28:31 GMT
server
cloudflare
etag
W/"2b4c-5749218a3f9c0-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Fd6NYcDlM314GBUWDocpIzc%2F4qpejPokXKjWObj7zQlhRWLgQi%2BWO8APGUj8%2FU2hXL%2BFQeOBC10BSSNBOAdJ1HLdaR8CiD87i%2FqAAhIxt8Zfp3lLfqGsJ3RbKR7IBHuIHgqWwdaDYtec6T8c4cms22Ih"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=604800
cf-ray
73e5fdcddf6d926e-FRA
expires
Sun, 28 Aug 2022 20:06:17 GMT
bootstrap.js
bul.ba-homecare.com/template/beacon/js/ 		66 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bul.ba-homecare.com/template/beacon/js/bootstrap.js
Requested by
Host: bul.ba-homecare.com
URL: https://bul.ba-homecare.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:1522 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
41af969ee00e8132a0040094db2b1a79a15b4d9b7e2bb485012970fdf7b5c455

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bul.ba-homecare.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 20:06:49 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
32
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 29 Aug 2018 12:28:31 GMT
server
cloudflare
etag
W/"107da-5749218a3f9c0-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3rVk8g42cFOxHx1ZLDUhDH%2B%2FEeVap0cIclB7o%2B5B%2BQYpaxXqoOhDs23LK5lcO2FN%2BRpgQCU3kq9tjIycVeL1eXiHykyg2TE%2BL2q8sI6G179gfIJ%2FUG1x%2FoYZMX%2Bfx84MYsHezeE8ik5Bgqp7EmSqknUW"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=604800
cf-ray
73e5fdcddf6e926e-FRA
expires
Sun, 28 Aug 2022 20:06:17 GMT
script.min.js
bul.ba-homecare.com/template/beacon/js/ 		161 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bul.ba-homecare.com/template/beacon/js/script.min.js
Requested by
Host: bul.ba-homecare.com
URL: https://bul.ba-homecare.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:1522 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a3897c456e0268eb935bf4569f5666c8001af0e19a2fddc83ac2e11fcd751d6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bul.ba-homecare.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 20:06:49 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
32
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 29 Aug 2018 12:28:31 GMT
server
cloudflare
etag
W/"28268-5749218a3f9c0-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T2M76viLhr55hUsm4LYPmj%2BGWyBAFbKcJ7xo8wcRI7jsNrdiwpsVBCSvJXfAGv59duYqi7JqWWEBJeN9b9G7sOabEtVb4l%2BivpJgrZJb1PoDDfiQlCRWmvL4mdm4TYd6fGjbDdfg7nHJkpo62ZzWncEz"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=604800
cf-ray
73e5fdcddf6f926e-FRA
expires
Sun, 28 Aug 2022 20:06:17 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSumu1aB.woff2
fonts.gstatic.com/s/opensans/v34/ 		26 KB
26 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSumu1aB.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,300i,400,400i,600,600i,700,700i,800,800i
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
59bd288e64c57e034672999e33ebda6eb5ad1575945eb563dbfb5b44f226e1e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://bul.ba-homecare.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 15 Aug 2022 19:02:00 GMT
x-content-type-options
nosniff
age
522289
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26240
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 18:14:37 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 15 Aug 2023 19:02:00 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/ 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,300i,400,400i,600,600i,700,700i,800,800i
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://bul.ba-homecare.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 15 Aug 2022 18:50:34 GMT
x-content-type-options
nosniff
age
522975
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44856
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 18:20:18 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 15 Aug 2023 18:50:34 GMT
ga6Vaw1J5X9T9RW6j9bNfFIu0RWud-VMCoY.woff2
fonts.gstatic.com/s/notoserif/v21/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notoserif/v21/ga6Vaw1J5X9T9RW6j9bNfFIu0RWud-VMCoY.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Serif:400,400italic,700,700italic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5d7adeb47b30e489473e64cb7b78b97f3013abfa66c5f39ba71daa14a3cffa80
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://bul.ba-homecare.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 15 Aug 2022 14:10:04 GMT
x-content-type-options
nosniff
age
539805
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18736
x-xss-protection
0
last-modified
Mon, 09 May 2022 19:52:22 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 15 Aug 2023 14:10:04 GMT
fontawesome-webfont.woff2
bul.ba-homecare.com/template/beacon/css/ 		55 KB
56 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://bul.ba-homecare.com/template/beacon/css/fontawesome-webfont.woff2
Requested by
Host: bul.ba-homecare.com
URL: https://bul.ba-homecare.com/template/beacon/css/font-awesome.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:1522 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c

Request headers

Referer
https://bul.ba-homecare.com/template/beacon/css/font-awesome.css
Origin
https://bul.ba-homecare.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 20:06:49 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
32
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
56780
last-modified
Wed, 29 Aug 2018 12:28:32 GMT
server
cloudflare
etag
"ddcc-5749218b33c00"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tuwsdBkk8rJgGXpVx%2FmNOxsbSuIifxD1bHYWXfCA0kdn6YR5dIsqhVsc1zRgHHqMu3wPR9l%2FL5zZCcrEgTQoy0cj35FkJwSCV5RGM3L5V8SWZ52GNwNs5UCK7cr%2BSRDPdVPXdE9%2F4mkvxd81fQ5KiOhP"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
73e5fdce780e926e-FRA
expires
Sun, 28 Aug 2022 20:06:17 GMT
ga6Vaw1J5X9T9RW6j9bNfFIu0RWuc-VM.woff2
fonts.gstatic.com/s/notoserif/v21/ 		24 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notoserif/v21/ga6Vaw1J5X9T9RW6j9bNfFIu0RWuc-VM.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Serif:400,400italic,700,700italic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
63503c22b93ab64970b05909bf8d9c59bf975cd581a5fc5132d738a32a94d746
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://bul.ba-homecare.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 15 Aug 2022 16:38:22 GMT
x-content-type-options
nosniff
age
530907
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24944
x-xss-protection
0
last-modified
Mon, 09 May 2022 19:58:46 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 15 Aug 2023 16:38:22 GMT
tag.js
mc.yandex.ru/metrika/ 		205 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/tag.js
Requested by
Host: bul.ba-homecare.com
URL: https://bul.ba-homecare.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
4feb8a4baf1ab6d4efee5b984ea48ff22af46b19c3b6c21964607fe61eea837c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bul.ba-homecare.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 20:06:49 GMT
content-encoding
br
last-modified
Mon, 15 Aug 2022 15:05:51 GMT
etag
"62fa369f-118b8"
strict-transport-security
max-age=31536000
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
content-length
71864
expires
Sun, 21 Aug 2022 21:06:49 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		83 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/8f751082-17c0-4e33-bc39-414ab274dbae/plugin.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
sffe /
Resource Hash
3d05137d13f5a76da2788bb2da3c0c9c9a08a4c3d490ecd68f2a1da369f33afe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bul.ba-homecare.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 20:06:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28559
x-xss-protection
0
server
sffe
etag
"1310 / 251 of 1000 / last-modified: 1660946906"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 21 Aug 2022 20:06:49 GMT
prebid6.13.0.js
get.optad360.io/sf/ 		527 KB
528 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://get.optad360.io/sf/prebid6.13.0.js
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/8f751082-17c0-4e33-bc39-414ab274dbae/plugin.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:6a00:11:a4de:2580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
710bf3b3a54e164c3bde1c64dd239d2e8cafb6277fecfcfff4bda901d81d377b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bul.ba-homecare.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 11 Apr 2022 08:59:08 GMT
via
1.1 e1e056e45a0f8d6bc22b223900511170.cloudfront.net (CloudFront)
last-modified
Wed, 02 Mar 2022 11:37:42 GMT
server
AmazonS3
age
11444862
etag
"9880469287264dec1b2db80d6f0c4c98"
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=360000000
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
content-length
539768
x-amz-cf-id
2xFmdbwBzPFfZt7T7kk7XCqFkbOL2wxkt2fl-GknGSOzuxou36j0CQ==
sync_cookie_image_decide
mc.yandex.com/
Redirect Chain
  • https://mc.yandex.com/sync_cookie_image_check
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9737.LBXjzTUGV9t9FZv1RjeFGQWbeSNLyG5z-n1ee4A4teX3tu8aES6EHncclN8F6vh-.7yjiu42GslMLzfABQMHxwzlHJ_w%2C
  • https://mc.yandex.com/sync_cookie_image_decide?token=9737.mUlfE400tmHDydgtAKmJyOJNSD-7YVgkA7EXMM1VP4Yl2RxSePdjqddGWHD6-EKFU1mB3Ny_x8_QO0zBPBGklw%2C%2C.uoRAr52-sqGI-Al8B4akFqQnT6k%2C
75 B
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/sync_cookie_image_decide?token=9737.mUlfE400tmHDydgtAKmJyOJNSD-7YVgkA7EXMM1VP4Yl2RxSePdjqddGWHD6-EKFU1mB3Ny_x8_QO0zBPBGklw%2C%2C.uoRAr52-sqGI-Al8B4akFqQnT6k%2C
Requested by
Host: bul.ba-homecare.com
URL: https://bul.ba-homecare.com/
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bul.ba-homecare.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 20:06:49 GMT
strict-transport-security
max-age=31536000
content-length
75
x-xss-protection
1; mode=block
content-type
text/html; charset=utf-8

Redirect headers

location
https://mc.yandex.com/sync_cookie_image_decide?token=9737.mUlfE400tmHDydgtAKmJyOJNSD-7YVgkA7EXMM1VP4Yl2RxSePdjqddGWHD6-EKFU1mB3Ny_x8_QO0zBPBGklw%2C%2C.uoRAr52-sqGI-Al8B4akFqQnT6k%2C
date
Sun, 21 Aug 2022 20:06:49 GMT
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
advert.gif
mc.yandex.com/metrika/ 		43 B
112 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/metrika/advert.gif
Requested by
Host: bul.ba-homecare.com
URL: https://bul.ba-homecare.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bul.ba-homecare.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 20:06:49 GMT
last-modified
Mon, 15 Aug 2022 15:05:51 GMT
etag
"62fa369f-2b"
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
content-length
43
expires
Sun, 21 Aug 2022 21:06:49 GMT
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20220821
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid6.13.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
0ea2697dd2d0350ed84ce89be6bc75e8462ad5d56e0d70d53c869df80ab8236a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://bul.ba-homecare.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
age
18352
x-jsd-version
1.0.1439
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
926
etag
W/"669-U3xo+2ctiPtvj8ftIPnQBFf1f4E"
x-served-by
cache-fra19173-FRA
x-jsd-version-type
version
date
Sun, 21 Aug 2022 20:06:49 GMT
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
pubads_impl_2022081801.js
securepubads.g.doubleclick.net/gpt/ 		384 KB
131 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081801.js?cb=31069060
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
sffe /
Resource Hash
c921b4351a1ae90dcc7a30a01fbc1e169d57e9f4451d55a840438fb13e7c1cc6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bul.ba-homecare.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 15:43:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
15785
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
133681
x-xss-protection
0
last-modified
Thu, 18 Aug 2022 08:36:47 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 21 Aug 2023 15:43:44 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		79 B
102 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=bul.ba-homecare.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
fba571240558fc4dc305782c61594cc6762521ad001c6ebe94a211f559a8bc10
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bul.ba-homecare.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 21 Aug 2022 20:06:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
77
x-xss-protection
0
expires
Sun, 21 Aug 2022 20:06:49 GMT
en.json
optad360.mgr.consensu.org/cmp/v2/translations/v4/ 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://optad360.mgr.consensu.org/cmp/v2/translations/v4/en.json
Requested by
Host: cmp.optad360.io
URL: https://cmp.optad360.io/items/0780fbf8-42da-4008-90c1-de4c489518b6.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-123.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
71f69541ed2861a7065f461bf9748bb263e0f8d517d0987c6619241d9d13597d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bul.ba-homecare.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 10:40:58 GMT
content-encoding
gzip
last-modified
Thu, 29 Oct 2020 12:24:15 GMT
server
AmazonS3
age
33952
etag
W/"e3fe984dfb883f99b54c331403be617b"
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=360000000
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
oRM_147uj5n7evSjxNYcz7DF6_CC4hAG0GaXLJJ5vHIYwmNz3y-bZQ==
via
1.1 882f747f39885162595630c95dd0012c.cloudfront.net (CloudFront)
1
mc.yandex.com/watch/65879380/
Redirect Chain
  • https://mc.yandex.com/watch/65879380?wmode=7&page-url=https%3A%2F%2Fbul.ba-homecare.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Anlzej4hetqp77kpsc2e48%3Afp%3A299%3Afu%3A0%3Aen%3Autf-...
  • https://mc.yandex.com/watch/65879380/1?wmode=7&page-url=https%3A%2F%2Fbul.ba-homecare.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Anlzej4hetqp77kpsc2e48%3Afp%3A299%3Afu%3A0%3Aen%3Aut...
331 B
485 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/65879380/1?wmode=7&page-url=https%3A%2F%2Fbul.ba-homecare.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Anlzej4hetqp77kpsc2e48%3Afp%3A299%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A870%3Acn%3A1%3Adp%3A0%3Als%3A1266209218171%3Ahid%3A1064904304%3Az%3A0%3Ai%3A20220821200649%3Aet%3A1661112410%3Ac%3A1%3Arn%3A1013017319%3Arqn%3A1%3Au%3A1661112410638475466%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1661112409083%3Ads%3A0%2C25%2C55%2C4%2C33%2C0%2C%2C203%2C22%2C%2C%2C%2C320%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1661112410%3At%3A%D0%9F%D0%BE%D1%80%D1%82%D0%B0%D0%BB%20%D0%A0%D0%B0%D0%BA%202022&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29rqnl%281%29ti%282%29
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
7711c43f84692dc6820f037a4f07f1530b124f3735e5c80a740b31d3fde3cd4b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bul.ba-homecare.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Aug 2022 20:06:50 GMT
x-content-type-options
nosniff
last-modified
Sun, 21-Aug-2022 20:06:50 GMT
strict-transport-security
max-age=31536000
content-type
application/json; charset=utf-8
access-control-allow-origin
https://bul.ba-homecare.com
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
331
x-xss-protection
1; mode=block
expires
Sun, 21-Aug-2022 20:06:50 GMT

Redirect headers

pragma
no-cache
date
Sun, 21 Aug 2022 20:06:49 GMT
last-modified
Sun, 21-Aug-2022 20:06:49 GMT
location
/watch/65879380/1?wmode=7&page-url=https%3A%2F%2Fbul.ba-homecare.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Anlzej4hetqp77kpsc2e48%3Afp%3A299%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A870%3Acn%3A1%3Adp%3A0%3Als%3A1266209218171%3Ahid%3A1064904304%3Az%3A0%3Ai%3A20220821200649%3Aet%3A1661112410%3Ac%3A1%3Arn%3A1013017319%3Arqn%3A1%3Au%3A1661112410638475466%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1661112409083%3Ads%3A0%2C25%2C55%2C4%2C33%2C0%2C%2C203%2C22%2C%2C%2C%2C320%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1661112410%3At%3A%D0%9F%D0%BE%D1%80%D1%82%D0%B0%D0%BB%20%D0%A0%D0%B0%D0%BA%202022&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29rqnl%281%29ti%282%29
strict-transport-security
max-age=31536000
access-control-allow-origin
https://bul.ba-homecare.com
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
x-xss-protection
1; mode=block
expires
Sun, 21-Aug-2022 20:06:49 GMT
cmp-3.0.0.min.js
optad360.mgr.consensu.org/cmp/v2/ Frame ABAE 		691 KB
190 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://optad360.mgr.consensu.org/cmp/v2/cmp-3.0.0.min.js
Requested by
Host: cmp.optad360.io
URL: https://cmp.optad360.io/items/0780fbf8-42da-4008-90c1-de4c489518b6.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-123.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
eb16304c17c120cabd2bc9ba56114d31bb2c05114e17c531bcf21a682f8629d2

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 02:31:08 GMT
content-encoding
gzip
last-modified
Wed, 07 Apr 2021 09:53:34 GMT
server
AmazonS3
age
63343
etag
W/"2ea07aea04f56769b6dd53f48dae904d"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 32e3b86ae254a231182567c0124af892.cloudfront.net (CloudFront)
cache-control
public, max-age=604800
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
_7MJC_dpbNnGNgSZiYijvDsaiGb9_3xq99zHNjF-Iqn_YR1qQmoPBQ==
vendor-list.json
optad360.mgr.consensu.org/cmp/v2/ Frame ABAE 		373 KB
50 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://optad360.mgr.consensu.org/cmp/v2/vendor-list.json
Requested by
Host: optad360.mgr.consensu.org
URL: https://optad360.mgr.consensu.org/cmp/v2/cmp-3.0.0.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-123.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
86af650ed3452c03477e710c3d6f094d1198340d6111c0ebd73fefea6b92136c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 07:47:11 GMT
content-encoding
gzip
last-modified
Fri, 19 Aug 2022 01:00:08 GMT
server
AmazonS3
age
44380
etag
W/"d1136a4aecebab44af883071315ae35c"
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=360000000
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
tPOp86OCZiVkb4uhp7qK74Ie4KzghthMIDtwJIxncoxKGLkWlgppjw==
via
1.1 882f747f39885162595630c95dd0012c.cloudfront.net (CloudFront)

Verdicts & Comments Add Verdict or Comment

49 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| Sk function| $ function| jQuery object| html5 object| Modernizr object| jQuery111208026879626959182 function| countUp function| initialize undefined| count undefined| number undefined| options undefined| waypoint undefined| map_canvas function| Headroom object| classie function| UISearch function| Stellar function| Waypoint function| EventEmitter object| eventie function| imagesLoaded function| FastClick function| ym string| e object| AdSlotCollection boolean| __isGoogleAllowed object| googletag object| pbjs325474 object| Ya object| yaCounter65879380 function| pbjs325474Chunk object| _pbjsGlobals object| ADAGIO object| ggeac object| google_tag_data object| google_js_reporting_queue number| 2f1acc6c3a606b082e5eef5e54414ffb function| __tcfapi undefined| google_measure_js_timing

11 Cookies

Domain/Path Name / Value
.op06.biz/ Name: uuid
Value: ab82f267-7064-4602-947c-82a23825d66a
.ba-homecare.com/ Name: _ym_uid
Value: 1661112410638475466
.ba-homecare.com/ Name: _ym_d
Value: 1661112410
.mc.yandex.com/ Name: sync_cookie_csrf
Value: 455338562fake
.ba-homecare.com/ Name: _ym_isad
Value: 2
.mc.yandex.ru/ Name: sync_cookie_csrf
Value: 3621510344fake
.yandex.com/ Name: yandexuid
Value: 1872805411661112409
.yandex.com/ Name: yuidss
Value: 1872805411661112409
mc.yandex.com/ Name: yabs-sid
Value: 2022443671661112409
.yandex.com/ Name: i
Value: yXpaO1b4+tx3xT6Kz5kRGPHXqAzJTlOnhHW99dB9OGyl4wPdfS696ggGM1kNO6o9EU3wY+5fVtVc7dkALsGDeCiTAXw=
.yandex.com/ Name: ymex
Value: 1692648409.yrts.1661112409#1692648409.yrtsi.1661112409

1 Console Messages

Source Level URL
Text
network error URL: https://mc.yandex.com/sync_cookie_image_decide?token=9737.mUlfE400tmHDydgtAKmJyOJNSD-7YVgkA7EXMM1VP4Yl2RxSePdjqddGWHD6-EKFU1mB3Ny_x8_QO0zBPBGklw%2C%2C.uoRAr52-sqGI-Al8B4akFqQnT6k%2C
Message:
Failed to load resource: the server responded with a status of 400 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bul.ba-homecare.com
cdn.jsdelivr.net
cmp.optad360.io
fonts.googleapis.com
fonts.gstatic.com
get.optad360.io
mc.yandex.com
mc.yandex.ru
op06.biz
optad360.mgr.consensu.org
securepubads.g.doubleclick.net
13.225.78.123
142.250.186.98
185.177.92.179
2600:9000:21f3:3c00:6:b871:4f00:93a1
2600:9000:21f3:6a00:11:a4de:2580:93a1
2606:4700:3031::6815:1522
2a00:1450:4001:80e::2003
2a00:1450:400a:808::200a
2a02:6b8::1:119
2a04:4e42:400::485
0ea2697dd2d0350ed84ce89be6bc75e8462ad5d56e0d70d53c869df80ab8236a
25bce5af4eb1cc99310d78a4e37368ab78946f8b83d0962f95a91253f97dfee8
28da0fee41f7bbdfa17641e3eaecc23306a56cf8a52a862dfda433dcf93b2dcd
2ecd295d295bec062cedebe177e54b9d6b19fc0a841dc5c178c654c9ccff09c0
3d05137d13f5a76da2788bb2da3c0c9c9a08a4c3d490ecd68f2a1da369f33afe
41af969ee00e8132a0040094db2b1a79a15b4d9b7e2bb485012970fdf7b5c455
47a7dd0cada3c63b3d5981848b65973772a3f5ccc578d16ed90e3aa1b74056ab
4a8937715d9e8db02bcc4ef07079b3eb6c80b0304e55ce0e11e76f171a26b9a1
4feb8a4baf1ab6d4efee5b984ea48ff22af46b19c3b6c21964607fe61eea837c
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
59bd288e64c57e034672999e33ebda6eb5ad1575945eb563dbfb5b44f226e1e1
5d7adeb47b30e489473e64cb7b78b97f3013abfa66c5f39ba71daa14a3cffa80
63503c22b93ab64970b05909bf8d9c59bf975cd581a5fc5132d738a32a94d746
710bf3b3a54e164c3bde1c64dd239d2e8cafb6277fecfcfff4bda901d81d377b
71f69541ed2861a7065f461bf9748bb263e0f8d517d0987c6619241d9d13597d
7711c43f84692dc6820f037a4f07f1530b124f3735e5c80a740b31d3fde3cd4b
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
86af650ed3452c03477e710c3d6f094d1198340d6111c0ebd73fefea6b92136c
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
8a3897c456e0268eb935bf4569f5666c8001af0e19a2fddc83ac2e11fcd751d6
984b08d83e4e2b4d970369230e3e1f0c6668f6fbc03a7a4ae3577865b82aab74
a947b5dd39b1b81144e996ef6b67fbc63d12b00fe55af17045436457eae0a1bf
aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c
b12d66fc78de78893e51b8ab59ece06934a1a1df8e12b31466812337a9fd4815
c921b4351a1ae90dcc7a30a01fbc1e169d57e9f4451d55a840438fb13e7c1cc6
cec878b914572083e159d4a3697e8c67bfde4a9f5140a23a31a249d5eb10ebe0
d2b82e612d2a812e8be2a57300dab8923c4f2edbe7a799e7da70791b595646fe
dc36201995ace6bc58d5911a0622f92bed5bde7260d747c5d92b7e1abbcc7e38
dc7be13b6c7e0cded144299ac8f655fdcee22507d7c17a8456ffef02e9834672
e1c376184b23f016a8bc9162124b8aabfeafeacea93024be67208685a5d5e779
eb16304c17c120cabd2bc9ba56114d31bb2c05114e17c531bcf21a682f8629d2
f12d27fdacc4ec715f16bdfa5eb10e761f97fc05727ec9317648a74fefe94887
fba571240558fc4dc305782c61594cc6762521ad001c6ebe94a211f559a8bc10