it.dir.bg Open in urlscan Pro
172.67.71.201 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://it.dir.bg/web/rusiya-globi-google-s-2-5-detsiliona-dolara-tova-sa-usd2-500-000-000-000-000-000-000-000-000...
Submission: On October 30 via api (October 30th 2024, 3:17:02 pm UTC) from DE — Scanned from IT

Summary HTTP 248 Redirects Links 100 Behaviour Indicators

Summary

This website contacted 48 IPs in 9 countries across 28 domains to perform 248 HTTP transactions. The main IP is 172.67.71.201, located in United States and belongs to CLOUDFLARENET, US. The main domain is it.dir.bg.
TLS certificate: Issued by WE1 on September 24th 2024. Valid for: 3 months.

This is the only time it.dir.bg was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
5	172.67.71.201 172.67.71.201	13335 (CLOUDFLAR...) (CLOUDFLARENET)
47	194.145.63.126 194.145.63.126	8860 (DELTA-BG-AS) (DELTA-BG-AS)
10	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
2	188.114.97.3 188.114.97.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	142.250.184.232 142.250.184.232	15169 (GOOGLE) (GOOGLE)
4	88.203.154.237 88.203.154.237	8717 (A1) (A1)
3	141.95.49.8 141.95.49.8	16276 (OVH) (OVH)
1	149.202.118.64 149.202.118.64	16276 (OVH) (OVH)
3	194.145.63.12 194.145.63.12	8860 (DELTA-BG-AS) (DELTA-BG-AS)
1	142.250.185.138 142.250.185.138	15169 (GOOGLE) (GOOGLE)
1 6	78.128.6.34 78.128.6.34	31083 (TELEPOINT) (TELEPOINT)
1	116.203.212.0 116.203.212.0	24940 (HETZNER-AS) (HETZNER-AS)
1	172.67.138.21 172.67.138.21	13335 (CLOUDFLAR...) (CLOUDFLARENET)
19	142.250.186.142 142.250.186.142	15169 (GOOGLE) (GOOGLE)
2	13.107.253.45 13.107.253.45	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	157.240.0.6 157.240.0.6	32934 (FACEBOOK) (FACEBOOK)
1	195.168.10.173 195.168.10.173	5578 (AS-BENEST...) (AS-BENESTRA Bratislava)
4	104.16.160.145 104.16.160.145	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	216.58.212.162 216.58.212.162	15169 (GOOGLE) (GOOGLE)
1	146.59.30.100 146.59.30.100	16276 (OVH) (OVH)
20	188.165.21.156 188.165.21.156	16276 (OVH) (OVH)
4	188.40.115.112 188.40.115.112	24940 (HETZNER-AS) (HETZNER-AS)
6	216.58.206.78 216.58.206.78	15169 (GOOGLE) (GOOGLE)
2	64.233.167.154 64.233.167.154	15169 (GOOGLE) (GOOGLE)
2	142.250.185.162 142.250.185.162	15169 (GOOGLE) (GOOGLE)
2	172.217.16.206 172.217.16.206	15169 (GOOGLE) (GOOGLE)
1	172.67.73.79 172.67.73.79	13335 (CLOUDFLAR...) (CLOUDFLARENET)
39	151.101.193.44 151.101.193.44	54113 (FASTLY) (FASTLY)
2	157.240.252.35 157.240.252.35	32934 (FACEBOOK) (FACEBOOK)
3	142.250.185.97 142.250.185.97	15169 (GOOGLE) (GOOGLE)
3	4.153.72.49 4.153.72.49	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	151.101.1.44 151.101.1.44	54113 (FASTLY) (FASTLY)
3	142.250.184.202 142.250.184.202	15169 (GOOGLE) (GOOGLE)
1	151.101.1.229 151.101.1.229	54113 (FASTLY) (FASTLY)
8	185.106.33.48 185.106.33.48	200478 (TABOOLA-AS) (TABOOLA-AS)
1 8	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
1	20.157.217.65 20.157.217.65	8069 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	216.58.212.130 216.58.212.130	15169 (GOOGLE) (GOOGLE)
1	172.217.18.6 172.217.18.6	15169 (GOOGLE) (GOOGLE)
1	142.250.185.195 142.250.185.195	15169 (GOOGLE) (GOOGLE)
3	163.5.194.33 163.5.194.33	12189 (AS12189) (AS12189)
4	162.19.138.83 162.19.138.83	16276 (OVH) (OVH)
2	162.19.138.82 162.19.138.82	16276 (OVH) (OVH)
1 2	13.74.129.1 13.74.129.1	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	204.79.197.237 204.79.197.237	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	172.217.18.1 172.217.18.1	15169 (GOOGLE) (GOOGLE)
1	142.250.185.196 142.250.185.196	15169 (GOOGLE) (GOOGLE)
1	163.5.194.36 163.5.194.36	12189 (AS12189) (AS12189)
248	48

5 172.67.71.201 (United States)

ASN13335 (CLOUDFLARENET, US)

it.dir.bg	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

47 194.145.63.126 (Sofia, Bulgaria)

ASN8860 (DELTA-BG-AS, BG)
PTR: station126.bdata.bg

static.dir.bg	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 188.114.97.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

pahtag.tech	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 142.250.184.232 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 88.203.154.237 (Sofia, Bulgaria)

ASN8717 (A1, BG)

webapi.dir.bg	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 141.95.49.8 (France)

ASN16276 (OVH, FR)
PTR: vh11.eris-m.of.pl

video.onnetwork.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 149.202.118.64 (France)

ASN16276 (OVH, FR)
PTR: vh11.eris-j.of.pl

video.onnetwork.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 194.145.63.12 (Sofia, Bulgaria)

ASN8860 (DELTA-BG-AS, BG)
PTR: dir.bg

i.dir.bg	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.138 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f10.1e100.net

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 78.128.6.34 (Bulgaria) 1 redirects

ASN31083 (TELEPOINT, BG)
PTR: ip-6-34.telehouse.bg

gabg.hit.gemius.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 116.203.212.0 (Munich, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.0.212.203.116.clients.your-server.de

cdn.onthe.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.138.21 (United States)

ASN13335 (CLOUDFLARENET, US)

palibzh.tech	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 142.250.186.142 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.107.253.45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 157.240.0.6 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-fra3.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 195.168.10.173 (Dolný Kubín, Slovakia)

ASN5578 (AS-BENESTRA Bratislava, Slovak Republic, SK)
PTR: a45.etarget.sh.cust.gts.sk

bg.search.etargetnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.16.160.145 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.212.162 (United States)

ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f2.1e100.net

pubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.59.30.100 (France)

ASN16276 (OVH, FR)
PTR: ip100.ip-146-59-30.eu

ls.hit.gemius.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 188.165.21.156 (France)

ASN16276 (OVH, FR)
PTR: vh11b.eris-w13.of.pl

cdn.onnetwork.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdnt.onnetwork.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 188.40.115.112 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.112.115.40.188.clients.your-server.de

tt.onthe.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 216.58.206.78 (United States)

ASN15169 (GOOGLE, US)
PTR: mil07s08-in-f14.1e100.net

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 64.233.167.154 (United States)

ASN15169 (GOOGLE, US)
PTR: wl-in-f154.1e100.net

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net

td.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.16.206 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f206.1e100.net

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.73.79 (United States)

ASN13335 (CLOUDFLARENET, US)

etargetcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

39 151.101.193.44 (San Francisco, United States)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pm-widget.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
beacon.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vidstat.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
images.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vidstatb.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
wf.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 157.240.252.35 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-01-fra3.facebook.com

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.185.97 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f1.1e100.net

dcd4f76b77ad35947ee38d0cd584be32.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 4.153.72.49 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

i.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.1.44 (San Francisco, United States)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
imprammp.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.184.202 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f10.1e100.net

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.1.229 (San Francisco, United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 185.106.33.48 (Israel)

ASN200478 (TABOOLA-AS, IL)

il-trc-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 141.226.228.48 (Netherlands) 1 redirects

ASN200478 (TABOOLA-AS, IL)

sync.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
am-match.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
am-vid-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
am-wf.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 20.157.217.65 (Dublin, Ireland)

ASN8069 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.temu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 216.58.212.130 (United States)

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.18.6 (United States)

ASN15169 (GOOGLE, US)
PTR: fra02s19-in-f6.1e100.net

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.195 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 163.5.194.33 (Amsterdam, Netherlands)

ASN12189 (AS12189, US)

prebid.a-mo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 162.19.138.83 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31532338.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.19.138.82 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31532337.ip-162-19-138.eu

lb.eu-1-id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.74.129.1 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 204.79.197.237 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.18.1 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s28-in-f1.1e100.net

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.196 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 163.5.194.36 (Amsterdam, Netherlands)

ASN12189 (AS12189, US)

prebid.a-mo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
59	dir.bg it.dir.bg static.dir.bg — Cisco Umbrella Rank: 404411 webapi.dir.bg i.dir.bg	2 MB
57	taboola.com 1 redirects cdn.taboola.com — Cisco Umbrella Rank: 862 pm-widget.taboola.com — Cisco Umbrella Rank: 2616 beacon.taboola.com — Cisco Umbrella Rank: 2054 trc.taboola.com — Cisco Umbrella Rank: 686 vidstat.taboola.com — Cisco Umbrella Rank: 3473 il-trc-events.taboola.com — Cisco Umbrella Rank: 31782 images.taboola.com — Cisco Umbrella Rank: 1715 sync.taboola.com — Cisco Umbrella Rank: 1107 imprammp.taboola.com — Cisco Umbrella Rank: 30936 am-match.taboola.com — Cisco Umbrella Rank: 30827 am-vid-events.taboola.com — Cisco Umbrella Rank: 28366 vidstatb.taboola.com — Cisco Umbrella Rank: 5158 wf.taboola.com — Cisco Umbrella Rank: 3516 am-wf.taboola.com — Cisco Umbrella Rank: 33614	950 KB
24	onnetwork.tv video.onnetwork.tv — Cisco Umbrella Rank: 74701 cdn.onnetwork.tv — Cisco Umbrella Rank: 68915 cdnt.onnetwork.tv — Cisco Umbrella Rank: 97220	261 KB
17	google.com analytics.google.com — Cisco Umbrella Rank: 147 fundingchoicesmessages.google.com — Cisco Umbrella Rank: 682 www.google.com — Cisco Umbrella Rank: 3	76 KB
15	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 215 pubads.g.doubleclick.net — Cisco Umbrella Rank: 441 stats.g.doubleclick.net — Cisco Umbrella Rank: 136 td.doubleclick.net — Cisco Umbrella Rank: 192	354 KB
9	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 34	22 KB
9	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	754 KB
8	googlesyndication.com dcd4f76b77ad35947ee38d0cd584be32.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 116 tpc.googlesyndication.com — Cisco Umbrella Rank: 163	34 KB
7	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 634 i.clarity.ms — Cisco Umbrella Rank: 15648 c.clarity.ms — Cisco Umbrella Rank: 1236	30 KB
7	gemius.pl 1 redirects gabg.hit.gemius.pl — Cisco Umbrella Rank: 239893 ls.hit.gemius.pl — Cisco Umbrella Rank: 30967	23 KB
5	onthe.io cdn.onthe.io — Cisco Umbrella Rank: 31803 tt.onthe.io — Cisco Umbrella Rank: 27901	19 KB
4	id5-sync.com id5-sync.com — Cisco Umbrella Rank: 522	2 KB
4	a-mo.net prebid.a-mo.net — Cisco Umbrella Rank: 777	227 B
4	onesignal.com cdn.onesignal.com — Cisco Umbrella Rank: 5396 onesignal.com — Cisco Umbrella Rank: 1637	83 KB
4	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 412 imasdk.googleapis.com — Cisco Umbrella Rank: 501	213 KB
2	eu-1-id5-sync.com lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 917	561 B
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 113	3 KB
2	youtube.com www.youtube.com — Cisco Umbrella Rank: 77	12 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 180	76 KB
2	pahtag.tech pahtag.tech — Cisco Umbrella Rank: 196252	5 KB
1	bing.com 1 redirects c.bing.com — Cisco Umbrella Rank: 190	771 B
1	gstatic.com fonts.gstatic.com	56 KB
1	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 364	17 KB
1	temu.com www.temu.com — Cisco Umbrella Rank: 1995	367 B
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 311	126 KB
1	etargetcdn.com etargetcdn.com — Cisco Umbrella Rank: 305876	15 KB
1	etargetnet.com bg.search.etargetnet.com — Cisco Umbrella Rank: 292126	3 KB
1	palibzh.tech palibzh.tech — Cisco Umbrella Rank: 76904	117 KB
248	28

	Domain	Requested by
47	static.dir.bg	it.dir.bg static.dir.bg
19	cdn.onnetwork.tv	video.onnetwork.tv it.dir.bg cdn.onnetwork.tv
11	images.taboola.com	it.dir.bg
10	fundingchoicesmessages.google.com	securepubads.g.doubleclick.net
10	securepubads.g.doubleclick.net	it.dir.bg securepubads.g.doubleclick.net imasdk.googleapis.com
9	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com cdn.onnetwork.tv it.dir.bg
9	www.googletagmanager.com	it.dir.bg www.googletagmanager.com www.google-analytics.com cdn.onnetwork.tv
8	il-trc-events.taboola.com	cdn.taboola.com
8	vidstat.taboola.com	cdn.taboola.com vidstat.taboola.com
8	beacon.taboola.com	cdn.taboola.com
6	cdn.taboola.com	palibzh.tech cdn.taboola.com it.dir.bg
6	analytics.google.com	www.googletagmanager.com
6	gabg.hit.gemius.pl	1 redirects it.dir.bg gabg.hit.gemius.pl cdn.onnetwork.tv
5	it.dir.bg	it.dir.bg static.dir.bg
4	id5-sync.com	vidstat.taboola.com
4	prebid.a-mo.net	vidstat.taboola.com
4	tt.onthe.io	cdn.onthe.io
4	video.onnetwork.tv	it.dir.bg video.onnetwork.tv cdn.onnetwork.tv
4	webapi.dir.bg	it.dir.bg webapi.dir.bg ajax.googleapis.com
3	am-wf.taboola.com	vidstat.taboola.com
3	am-vid-events.taboola.com	it.dir.bg vidstat.taboola.com
3	pagead2.googlesyndication.com	imasdk.googleapis.com securepubads.g.doubleclick.net
3	imasdk.googleapis.com	it.dir.bg imasdk.googleapis.com
3	i.clarity.ms	www.clarity.ms
3	dcd4f76b77ad35947ee38d0cd584be32.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
3	i.dir.bg	webapi.dir.bg
2	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
2	c.clarity.ms	1 redirects
2	lb.eu-1-id5-sync.com	vidstat.taboola.com
2	wf.taboola.com	vidstat.taboola.com
2	trc.taboola.com	cdn.taboola.com
2	pm-widget.taboola.com	cdn.taboola.com pm-widget.taboola.com
2	onesignal.com	cdn.onesignal.com
2	www.facebook.com	it.dir.bg
2	www.youtube.com	bg.search.etargetnet.com www.youtube.com
2	td.doubleclick.net	www.googletagmanager.com
2	stats.g.doubleclick.net	www.googletagmanager.com
2	cdn.onesignal.com	www.googletagmanager.com cdn.onesignal.com
2	connect.facebook.net	it.dir.bg connect.facebook.net
2	www.clarity.ms	www.googletagmanager.com www.clarity.ms
2	pahtag.tech	it.dir.bg
1	www.google.com	tpc.googlesyndication.com
1	c.bing.com	1 redirects
1	vidstatb.taboola.com	it.dir.bg
1	fonts.gstatic.com	cdn.onnetwork.tv
1	am-match.taboola.com	vidstat.taboola.com
1	imprammp.taboola.com	vidstat.taboola.com
1	cdnt.onnetwork.tv	cdn.onnetwork.tv
1	s0.2mdn.net	imasdk.googleapis.com
1	www.temu.com	it.dir.bg
1	sync.taboola.com	1 redirects
1	cdn.jsdelivr.net	it.dir.bg
1	etargetcdn.com	bg.search.etargetnet.com
1	ls.hit.gemius.pl	gabg.hit.gemius.pl
1	pubads.g.doubleclick.net	it.dir.bg
1	bg.search.etargetnet.com	www.googletagmanager.com
1	palibzh.tech	pahtag.tech
1	cdn.onthe.io	it.dir.bg
1	ajax.googleapis.com	webapi.dir.bg
248	59

This site contains links to these domains. Also see Links.

Domain
dir.bg
games.dir.bg
photo.dir.bg
dnes.dir.bg
life.dir.bg
corner.dir.bg
business.dir.bg
impressio.dir.bg
auto.dir.bg
news.dir.bg
fun.dir.bg
vkusniistorii.dir.bg
vkusotii.dir.bg
vremezamen.dir.bg
vremeto.dir.bg
gallery.dir.bg
dom.dir.bg
zodiac.dir.bg
kino.dir.bg
clubs.dir.bg
tv.dir.bg
trip.dir.bg
covid.dir.bg
urbn.dir.bg
worktalent.com
market.dir.bg
mail.dir.bg
ticket.dir.bg
direct.dir.bg
3e-news.net
www.nasamnatam.com
realtimefuture.bg
greentransition.bg
www.lostbulgaria.com
webreport.bg
www.worktalent.com
www.wnesstv.com
soulandpepper.tv
profile.dir.bg

Subject Issuer	Validity	Valid
dir.bg WE1	`2024-09-24` - `2024-12-23`	3 months	crt.sh
*.dir.bg Sectigo RSA Domain Validation Secure Server CA	`2023-11-24` - `2024-12-19`	a year	crt.sh
*.g.doubleclick.net WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
pahtag.tech WE1	`2024-10-14` - `2025-01-12`	3 months	crt.sh
*.google-analytics.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
webapi.dir.bg R10	`2024-09-02` - `2024-12-01`	3 months	crt.sh
onnetwork.tv R10	`2024-10-19` - `2025-01-17`	3 months	crt.sh
upload.video.google.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
*.hit.gemius.pl Sectigo ECC Domain Validation Secure Server CA	`2024-09-12` - `2025-09-25`	a year	crt.sh
*.onthe.io Sectigo ECC Domain Validation Secure Server CA	`2024-05-07` - `2025-06-07`	a year	crt.sh
palibzh.tech WE1	`2024-10-04` - `2025-01-02`	3 months	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2024-09-04` - `2025-09-04`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-08-08` - `2024-11-06`	3 months	crt.sh
sk.search.etargetnet.com R11	`2024-08-14` - `2024-11-12`	3 months	crt.sh
*.onesignal.com WE1	`2024-09-02` - `2024-12-01`	3 months	crt.sh
*.google.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
*.doubleclick.net WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
etargetcdn.com WE1	`2024-10-06` - `2025-01-04`	3 months	crt.sh
*.taboola.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-07-30` - `2024-12-31`	5 months	crt.sh
onesignal.com WE1	`2024-09-02` - `2024-12-01`	3 months	crt.sh
a.clarity.ms Microsoft Azure RSA TLS Issuing CA 08	`2024-06-23` - `2025-06-18`	a year	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2024 Q3	`2024-07-30` - `2025-08-31`	a year	crt.sh
*.gstatic.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
*.a-mo.net R11	`2024-09-02` - `2024-12-01`	3 months	crt.sh
*.id5-sync.com E5	`2024-09-01` - `2024-11-30`	3 months	crt.sh
*.eu-1-id5-sync.com R10	`2024-09-01` - `2024-11-30`	3 months	crt.sh
tpc.googlesyndication.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
www.google.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh

This page contains 20 frames:

Primary Page: https://it.dir.bg/web/rusiya-globi-google-s-2-5-detsiliona-dolara-tova-sa-usd2-500-000-000-000-000-000-000-000-000-000-000
Frame ID: AF27BD6EBB37DC6DC550E55D7127B367
Requests: 184 HTTP requests in this frame

Frame: https://webapi.dir.bg/worktalent
Frame ID: 3B505BE7C158C60F11597EB3266DB930
Requests: 10 HTTP requests in this frame

Frame: https://video.onnetwork.tv/widgets/widget_playlist_list.php?nl=1&iid=88245371561721&widget=815&cId=pid88245371561721
Frame ID: 09229F010FB4859AFFF8472517B1D513
Requests: 1 HTTP requests in this frame

Frame: https://ls.hit.gemius.pl/lsget.html
Frame ID: A55D031B5E80DD52BD7E973E0B032F67
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/ga/rul?tid=G-74752H7V8Z&gacid=1863221803.1730301405&gtm=45je4as0v9126415660z8810347154za200zb810347154&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101533422~101823848~101878899~101878944~101925629&z=1402150017
Frame ID: 6E3A5D2A39121A3E2DC5C6AB00827C8B
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/ga/rul?tid=G-B1XSRWSHN4&gacid=1863221803.1730301405&gtm=45je4as0v9122851342z8810347154za200zb810347154&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101533421~101823848~101878899~101878944~101925629&z=926401566
Frame ID: 88EB37C4C13098844DDDA36D6A706407
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/static/topics/topics_frame.html
Frame ID: CD0B744AE7AA0386504CE10412ABE596
Requests: 1 HTTP requests in this frame

Frame: https://dcd4f76b77ad35947ee38d0cd584be32.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: F45DCD4C6EE80E0414A935735E21637A
Requests: 1 HTTP requests in this frame

Frame: https://cdn.taboola.com/libtrc/static/topics/taboola-browsing-topics.html
Frame ID: B6651310AB3D621099CBC5243D3CDD93
Requests: 1 HTTP requests in this frame

Frame: https://cdn.onnetwork.tv/css/player86.css?s=1727857639
Frame ID: 98556D1059A8401E4A20940A8C5682CC
Requests: 37 HTTP requests in this frame

Frame: https://dcd4f76b77ad35947ee38d0cd584be32.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 5D3C0C5EFE6A5907C6D076A636F61332
Requests: 1 HTTP requests in this frame

Frame: https://www.temu.com/api/adx/cm/pixel-taboola?id=40177a16-8cb2-47ff-810b-df5ed9a1a652-tucte1bd361
Frame ID: 5A15AEF049A270A305A00900CAA9AF1F
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.674.1_bg.html
Frame ID: 68FCEBE801C8AF45F9D9D47592F057A1
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 1B1F2718684FAAC8D7E26C93F205A3AF
Requests: 1 HTTP requests in this frame

Frame: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V9Io0CABYDAH7WNfkZYp4tBAB-1jX5GWKeLQUAAAAABgYA9AcAJLFx2BbGhWGtcZhWa9FyZltLbJ6VW7Iyzoajkc0xWliGAEASG4dtYVwY1hqHabUWLWe2tcTmWbklK-NsOBrZHKOFZQoAIMZymQxqgYJselnuDtPT7jNIWGa_76CgnJ4es8sNAHpoOh0-171eabqLnJa7xOfXvSx-yevzdD7cOrPf4nTr_H6f2eXWvCVr1VrkMn2eZqff7nCL_GaH5eEW_W0Pt-bhVn1OlrVqMFgLBoO1YDBYCwaDtWAwWAsGg7VgMFgLBoO1YDBYCwaDtWAwmAMAAAAAwAPA____PwQAAAAAQAQAAAAAgAQAAAAAAAVAQAXAvwWAwAUAAAAAAAbA____vwYAANoGgEAzyQFQ0E6zw-4PAAAAAAAQAAAAAAASAACE5c8SAICYrfUTgP__________GIAB-swbGYD_____GwCDHgCABx8AgAchAAAAAJMhACBUipzYf4skIgAAgRGoIgBGAAAAAAC5xj6TRwCTADoBoAKwqAL4___vtwIAuAIAAAiQ9Aagsc8C0B2UeAsDAAAAEBgDWKCHxe83O-wav9tlAP__________ZgD_ZwD_aABCNbhSaQBBEwo9agC_gAAAawC_gAAAbADqBgAA8AYQAAcQdAAErRgMVgcQELMDAAAAALgD-P___9cDAKmFxbPcDWcrh82wWAxnq5lntpp4TCbHwrdYDYbbA3j91-j-XBCA6AMQCbLpZbk7TE-7zyBhmf2-g4JyenrMLoP4oGFYTgbB_AAmbDFaTSab5XC2XEwGw9FwNNofwEBsBgMEoGjJYrUcrnaTxWizWEyWu-FoMkEAihYNJqvRaLKYDFejyWq2XOx2GwSgaNVqNtoMhqvZZLbbrYaD4XI0QoAJW4xWk8lmOZwtF5PBcDQcjYYIABOO4cRiWq3cIt_MtRatXLa1wuUyrUWeyWQ5GGxmNs9mLXp9TC_HxOSZDbYIIBiwuBfJ0yKdaFau5WC53BhXi81kt5vZRqbBbOKyrGwek2fmskzEEs3JIp3ILvvWwuJZ7oazlcNmWCyGs9XMM1tNPCaTY-FbrAbDfcMxnFhMq5Vb5Ju51qKVy7ZWuFymtcgzmSwHg83M5tmsRa-P6eWYmDyzwb6x2ww2g8VoMNw3dpvBZrAYDYb7Dp3hu_qcjebfwvExSX2foUN6Mx0ULoPFu5iYdt_O8GCtFoxOmzO07O6Mfr_f7_f7_X6_32_Qeg5mg8I3LiwrtufYas1JtAWxweA5WAyKWCK4SCdK08lpufh8lrfMMdtMRovdbiKWKE0X6USve1n8ktfn6Xy4dWa_xenW-f0-s8uteUvWqrXIZfo8zU6_3eEW-c0Oy8Mt-tsebs3DrfqcLGvVYLAWDAZrwWCwFgwGa8FgsBYMBmvBYLAWDAZrwWCwFgwGa8FgMBFLBKeLdCJ6GU8X9R8BHGK4miuWw7lsMleMdqsEAAAAAAAAAACwBLAJAAAAAMAJYFC72WixWifAwUw2o91ytVwAgAsAJV0AYBAAAAAAAIBdADCXeMhw2STYY4CJNJ2clovPZ3nLHLPNZLTY7aYMACBRR8MMsBngMwBBrNVqWQMAAAAIYAMAAAAEcAPoBuANINBMjgMAAAAI0AMAAADQ7wMAZQEAAAAAAPADFMhgN1vtHwBAgEKs1Wp1u7FWqxUQUDCr2WQ3gYD___9_ggAAAAAAAICojoIAAAAAAACApVmEAIFtNyGgQoDBEC1_t8sLAR0CAGbpOvknC3AeAgAAAiS9AWgIAA!&cmcv=&pix=undefined&cb=1730301409654&uv=3445&tms=1730301409654&abt=adxsub-out_vA!adxsub-out_vB!agqp4c_vC!flradc_vA!ufm_vD!vdprc_vC&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=1ca6a8a0-ca45-49f6-bf3e-2e8684df14a2&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Frame ID: 40DF6B3BFE5BAE233A43AD62F89EC54F
Requests: 1 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V9Io0CABYDAH7WNfkZYp4tBAB-1jX5GWKeLQUAAAAABgYA9AcAJLFx2BbGhWGtcZhWa9FyZltLbJ6VW7Iyzoajkc0xWliGAEASG4dtYVwY1hqHabUWLWe2tcTmWbklK-NsOBrZHKOFZQoAIMZymQxqgYJselnuDtPT7jNIWGa_76CgnJ4es8sNAHpoOh0-171eabqLnJa7xOfXvSx-yevzdD7cOrPf4nTr_H6f2eXWvCVr1VrkMn2eZqff7nCL_GaH5eEW_W0Pt-bhVn1OlrVqMFgLBoO1YDBYCwaDtWAwWAsGg7VgMFgLBoO1YDBYCwaDtWAwmAMAAAAAwAPA____PwQAAAAAQAQAAAAAgAQAAAAAAAVAQAXAvwWAwAUAAAAAAAbA____vwYAANoGgEAzyQFQ0E6zw-4PAAAAAAAQAAAAAAASAACE5c8SAICYrfUTgP__________GIAB-swbGYD_____GwCDHgCABx8AgAchAAAAAJMhACBUipzYf4skIgAAgRGoIgBGAAAAAAC5xj6TRwCTADoBoAKwqAL4___vtwIAuAIAAAiQ9Aagsc8C0B2UeAsDAAAAEBgDWKCHxe83O-wav9tlAP__________ZgD_ZwD_aABCNbhSaQBBEwo9agC_gAAAawC_gAAAbADqBgAA8AYQAAcQdAAErRgMVgcQELMDAAAAALgD-P___9cDAKmFxbPcDWcrh82wWAxnq5lntpp4TCbHwrdYDYbbA3j91-j-XBCA6AMQCbLpZbk7TE-7zyBhmf2-g4JyenrMLoP4oGFYTgbB_AAmbDFaTSab5XC2XEwGw9FwNNofwEBsBgMEoGjJYrUcrnaTxWizWEyWu-FoMkEAihYNJqvRaLKYDFejyWq2XOx2GwSgaNVqNtoMhqvZZLbbrYaD4XI0QoAJW4xWk8lmOZwtF5PBcDQcjYYIABOO4cRiWq3cIt_MtRatXLa1wuUyrUWeyWQ5GGxmNs9mLXp9TC_HxOSZDbYIIBiwuBfJ0yKdaFau5WC53BhXi81kt5vZRqbBbOKyrGwek2fmskzEEs3JIp3ILvvWwuJZ7oazlcNmWCyGs9XMM1tNPCaTY-FbrAbDfcMxnFhMq5Vb5Ju51qKVy7ZWuFymtcgzmSwHg83M5tmsRa-P6eWYmDyzwb6x2ww2g8VoMNw3dpvBZrAYDYb7Dp3hu_qcjebfwvExSX2foUN6Mx0ULoPFu5iYdt_O8GCtFoxOmzO07O6Mfr_f7_f7_X6_32_Qeg5mg8I3LiwrtufYas1JtAWxweA5WAyKWCK4SCdK08lpufh8lrfMMdtMRovdbiKWKE0X6USve1n8ktfn6Xy4dWa_xenW-f0-s8uteUvWqrXIZfo8zU6_3eEW-c0Oy8Mt-tsebs3DrfqcLGvVYLAWDAZrwWCwFgwGa8FgsBYMBmvBYLAWDAZrwWCwFgwGa8FgMBFLBKeLdCJ6GU8X9R8BHGK4miuWw7lsMleMdqsEAAAAAAAAAACwBLAJAAAAAMAJYFC72WixWifAwUw2o91ytVwAgAsAJV0AYBAAAAAAAIBdADCXeMhw2STYY4CJNJ2clovPZ3nLHLPNZLTY7aYMACBRR8MMsBngMwBBrNVqWQMAAAAIYAMAAAAEcAPoBuANINBMjgMAAAAI0AMAAADQ7wMAZQEAAAAAAPADFMhgN1vtHwBAgEKs1Wp1u7FWqxUQUDCr2WQ3gYD___9_ggAAAAAAAICojoIAAAAAAACApVmEAIFtNyGgQoDBEC1_t8sLAR0CAGbpOvknC3AeAgAAAiS9AWgIAA!&excid=22&docw=0&cijs=1&nlb=false
Frame ID: 5280B4F54639E4D22996FF7383322151
Requests: 1 HTTP requests in this frame

Frame: https://dcd4f76b77ad35947ee38d0cd584be32.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 54AF5EFF7F8D10A03FC12CBAF5B7D151
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/232/runner.html
Frame ID: E3428129645A40EF9667EF8D98B3C462
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 8DD6BA41F1F5D88F69B2DB284EB8970E
Requests: 1 HTTP requests in this frame

Frame: https://prebid.a-mo.net/isyn?gdpr_consent=&gdpr=0&us_privacy=&gpp=&gpp_sid=
Frame ID: E1620EC2359B9896C8B5149131BFFB4F
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Русия глоби Google с 2,5 децилиона долара. Това са $2 500 000 000 000 000 000 000 000 000 000 000 | it.dir.bg

Detected technologies

Laravel (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Gemius (Analytics) Expand

Overall confidence: 100%
Detected patterns

hit\.gemius\.pl/xgemius\.js
hit\.gemius\.pl
xgemius\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OWL Carousel (Widgets) Expand

Overall confidence: 100%
Detected patterns

owl\.carousel.*\.js

OneSignal (Marketing automation) Expand

Overall confidence: 100%
Detected patterns

cdn\.onesignal\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

248
Requests

98 %
HTTPS

0 %
IPv6

28
Domains

59
Subdomains

48
IPs

9
Countries

4872 kB
Transfer

13928 kB
Size

84
Cookies

100 Outgoing links

These are links going to different origins than the main page.

URL: https://dir.bg/
Title: Начало /

Search URL Search Domain Scan URL

URL: https://games.dir.bg/
Title: Games

Search URL Search Domain Scan URL

URL: https://photo.dir.bg/weather
Title: Фото

Search URL Search Domain Scan URL

URL: https://dnes.dir.bg/
Title: Днес

Search URL Search Domain Scan URL

URL: https://life.dir.bg/
Title: Лайф

Search URL Search Domain Scan URL

URL: https://corner.dir.bg/
Title: Корнер

Search URL Search Domain Scan URL

URL: https://business.dir.bg/
Title: Бизнес

Search URL Search Domain Scan URL

URL: https://impressio.dir.bg/
Title: Impressio

Search URL Search Domain Scan URL

URL: http://auto.dir.bg/
Title: Авто

Search URL Search Domain Scan URL

URL: https://dnes.dir.bg/poll
Title: Анкети

Search URL Search Domain Scan URL

URL: http://news.dir.bg/
Title: Новини от БГ уеб

Search URL Search Domain Scan URL

URL: http://fun.dir.bg/
Title: Вицове

Search URL Search Domain Scan URL

URL: https://vkusniistorii.dir.bg/
Title: Вкусни истории

Search URL Search Domain Scan URL

URL: http://vkusotii.dir.bg/
Title: Вкусотии

Search URL Search Domain Scan URL

URL: https://vremezamen.dir.bg/
Title: #Време за мен

Search URL Search Domain Scan URL

URL: https://vremeto.dir.bg/
Title: Времето

Search URL Search Domain Scan URL

URL: http://gallery.dir.bg/
Title: Галерия

Search URL Search Domain Scan URL

URL: http://dom.dir.bg/
Title: Дом

Search URL Search Domain Scan URL

URL: https://dir.bg/topic/zdraveto-ni
Title: #Здравето ни

Search URL Search Domain Scan URL

URL: https://zodiac.dir.bg/
Title: Зодиак

Search URL Search Domain Scan URL

URL: http://kino.dir.bg/
Title: Кино

Search URL Search Domain Scan URL

URL: http://clubs.dir.bg/
Title: Клубове

Search URL Search Domain Scan URL

URL: http://tv.dir.bg/
Title: ТВ

Search URL Search Domain Scan URL

URL: https://trip.dir.bg/
Title: Trip

Search URL Search Domain Scan URL

URL: https://photo.dir.bg/
Title: Фото

Search URL Search Domain Scan URL

URL: https://covid.dir.bg/
Title: COVID-19

Search URL Search Domain Scan URL

URL: https://urbn.dir.bg/
Title: #URBN

Search URL Search Domain Scan URL

URL: http://worktalent.com/
Title: Обяви за работа

Search URL Search Domain Scan URL

URL: https://market.dir.bg/
Title: Market

Search URL Search Domain Scan URL

URL: https://mail.dir.bg/
Title: Поща

Search URL Search Domain Scan URL

URL: https://ticket.dir.bg/
Title: Билети

Search URL Search Domain Scan URL

URL: http://direct.dir.bg/
Title: Direct Реклама

Search URL Search Domain Scan URL

URL: https://dnes.dir.bg/sofia
Title: София

Search URL Search Domain Scan URL

URL: https://dnes.dir.bg/plovdiv
Title: Пловдив

Search URL Search Domain Scan URL

URL: https://dnes.dir.bg/varna
Title: Варна

Search URL Search Domain Scan URL

URL: https://dnes.dir.bg/burgas
Title: Бургас

Search URL Search Domain Scan URL

URL: https://dnes.dir.bg/ruse
Title: Русе

Search URL Search Domain Scan URL

URL: https://3e-news.net/
Title: 3e-news.net

Search URL Search Domain Scan URL

URL: https://www.nasamnatam.com/
Title: nasamnatam.com

Search URL Search Domain Scan URL

URL: https://realtimefuture.bg/
Title: realtimefuture.bg

Search URL Search Domain Scan URL

URL: https://greentransition.bg/
Title: greentransition.bg

Search URL Search Domain Scan URL

URL: http://www.lostbulgaria.com/
Title: lostbulgaria.com

Search URL Search Domain Scan URL

URL: https://webreport.bg/
Title: webreport.bg

Search URL Search Domain Scan URL

URL: https://www.worktalent.com/
Title: worktalent.com

Search URL Search Domain Scan URL

URL: https://www.wnesstv.com/
Title: wnesstv.com

Search URL Search Domain Scan URL

URL: https://soulandpepper.tv/
Title: soulandpepper.tv

Search URL Search Domain Scan URL

URL: https://profile.dir.bg/login?redirect_url=https://it.dir.bg/web/rusiya-globi-google-s-2-5-detsiliona-dolara-tova-sa-usd2-500-000-000-000-000-000-000-000-000-000-000

Search URL Search Domain Scan URL

URL: https://dnes.dir.bg/obshtestvo
Title: Общество

Search URL Search Domain Scan URL

URL: https://dnes.dir.bg/krimi
Title: Крими

Search URL Search Domain Scan URL

URL: https://dnes.dir.bg/temida
Title: Темида

Search URL Search Domain Scan URL

URL: https://dnes.dir.bg/politika
Title: Политика

Search URL Search Domain Scan URL

URL: https://dnes.dir.bg/intsidenti
Title: Инциденти

Search URL Search Domain Scan URL

URL: https://dnes.dir.bg/svyat
Title: Свят

Search URL Search Domain Scan URL

URL: https://dnes.dir.bg/spektar
Title: Спектър

Search URL Search Domain Scan URL

URL: https://dnes.dir.bg/na-fokus
Title: На фокус

Search URL Search Domain Scan URL

URL: https://dnes.dir.bg/dir-podcast
Title: Dir Podcast

Search URL Search Domain Scan URL

URL: https://dnes.dir.bg/mnenie
Title: Мнение

Search URL Search Domain Scan URL

URL: https://dnes.dir.bg/direktno
Title: ДИРектно

Search URL Search Domain Scan URL

URL: https://dnes.dir.bg/pr-zone
Title: PR Zone

Search URL Search Domain Scan URL

URL: https://dnes.dir.bg/ovladey-diabeta
Title: Овладей диабета

Search URL Search Domain Scan URL

URL: https://dnes.dir.bg/patyat-na-zdraveto
Title: Пътят на здравето

Search URL Search Domain Scan URL

URL: https://life.dir.bg/zvezdi
Title: Звезди

Search URL Search Domain Scan URL

URL: https://life.dir.bg/shou
Title: Шоу

Search URL Search Domain Scan URL

URL: https://life.dir.bg/moda
Title: Мода

Search URL Search Domain Scan URL

URL: https://life.dir.bg/zdrave-i-krasota
Title: Здраве и красота

Search URL Search Domain Scan URL

URL: https://life.dir.bg/otnovo-v-chas
Title: Отново в час

Search URL Search Domain Scan URL

URL: https://life.dir.bg/mama
Title: Мама

Search URL Search Domain Scan URL

URL: https://life.dir.bg/dom
Title: Дом

Search URL Search Domain Scan URL

URL: https://life.dir.bg/lyubopitno
Title: Любопитно

Search URL Search Domain Scan URL

URL: https://life.dir.bg/vyarafied
Title: VЯRAFIED

Search URL Search Domain Scan URL

URL: https://life.dir.bg/day-lapa
Title: Дай лапа

Search URL Search Domain Scan URL

URL: https://life.dir.bg/lyubov-i-seks
Title: Любов и секс

Search URL Search Domain Scan URL

URL: https://life.dir.bg/shopping
Title: Шопинг

Search URL Search Domain Scan URL

URL: https://life.dir.bg/pr-zone
Title: PR Zone

Search URL Search Domain Scan URL

URL: https://life.dir.bg/razgovori-za-sanya
Title: Разговори за съня

Search URL Search Domain Scan URL

URL: https://life.dir.bg/testvahme-za-vas
Title: Тествахме за вас...

Search URL Search Domain Scan URL

URL: https://corner.dir.bg/futbol
Title: Футбол

Search URL Search Domain Scan URL

URL: https://corner.dir.bg/topic/trite-macha

Search URL Search Domain Scan URL

URL: https://corner.dir.bg/tenis
Title: Тенис

Search URL Search Domain Scan URL

URL: https://corner.dir.bg/voleybol
Title: Волейбол

Search URL Search Domain Scan URL

URL: https://corner.dir.bg/basketbol
Title: Баскетбол

Search URL Search Domain Scan URL

URL: https://corner.dir.bg/formula1
Title: F1

Search URL Search Domain Scan URL

URL: https://corner.dir.bg/sektor-k
Title: Сектор К

Search URL Search Domain Scan URL

URL: https://corner.dir.bg/lyubopitno
Title: Любопитно

Search URL Search Domain Scan URL

URL: https://corner.dir.bg/v-mishenata
Title: В мишената

Search URL Search Domain Scan URL

URL: https://corner.dir.bg/rezultati
Title: Резултати

Search URL Search Domain Scan URL

URL: https://corner.dir.bg/boyni
Title: Бойни

Search URL Search Domain Scan URL

URL: https://corner.dir.bg/shampionite
Title: Шампионите

Search URL Search Domain Scan URL

URL: https://corner.dir.bg/ekstremni
Title: Екстремни

Search URL Search Domain Scan URL

URL: https://corner.dir.bg/motorni
Title: Моторни

Search URL Search Domain Scan URL

URL: https://corner.dir.bg/v-agala
Title: В ъгъла

Search URL Search Domain Scan URL

URL: https://corner.dir.bg/pr-zone
Title: pr-zone

Search URL Search Domain Scan URL

URL: https://corner.dir.bg/drugi
Title: Други

Search URL Search Domain Scan URL

URL: https://business.dir.bg/ikonomika
Title: Икономика

Search URL Search Domain Scan URL

URL: https://business.dir.bg/banki-i-finansi
Title: Банки и финанси

Search URL Search Domain Scan URL

URL: https://business.dir.bg/energien-pazar
Title: Енергиен пазар

Search URL Search Domain Scan URL

URL: https://business.dir.bg/kompanii
Title: Компании

Search URL Search Domain Scan URL

URL: https://business.dir.bg/karieri
Title: Кариери

Search URL Search Domain Scan URL

URL: https://business.dir.bg/pazari
Title: Пазари

Search URL Search Domain Scan URL

URL: https://business.dir.bg/imoti
Title: Имоти

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 88

https://gabg.hit.gemius.pl/_1730301405935/rexdot.js?l=100&sendf=24&id=ctiaBobs4_uHyfFUwGseIacVzZaIb1sjsS6.Xxb1TUv.F7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&tz=-60&fv=-&href=https%3A%2F%2Fit.dir.bg%2Fweb%2Frusiya-globi-google-s-2-5-detsiliona-dolara-tova-sa-usd2-500-000-000-000-000-000-000-000-000-000-000&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=O7SKAD5MSVouO_ZWg8ApIpq4nZlv8DlF8H28RkWrkrX.97LXvPLz4yCFuI7CbND8kM73875daXdOlBo9ZX0.bU8ZZ00h/Xfh_LNh8T3Uue/&fpdata=rNZnn4IKOBGDyEGc6eB4FqVhigRQ_fLac6Xxi6mENlb.r7%7C1730301404%7C2&ltime=1265&fr=1&ref=&inner=_ver%3D355%7C_ch_mobile%3D0%7C_ch_wow64%3D0%7C_ch_brands%3D&exid=67224ddc254f8f96&brts=1730301405&fpcap= HTTP 301
https://gabg.hit.gemius.pl/__/_1730301405935/rexdot.js?l=100&sendf=24&id=ctiaBobs4_uHyfFUwGseIacVzZaIb1sjsS6.Xxb1TUv.F7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&tz=-60&fv=-&href=https%3A%2F%2Fit.dir.bg%2Fweb%2Frusiya-globi-google-s-2-5-detsiliona-dolara-tova-sa-usd2-500-000-000-000-000-000-000-000-000-000-000&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=O7SKAD5MSVouO_ZWg8ApIpq4nZlv8DlF8H28RkWrkrX.97LXvPLz4yCFuI7CbND8kM73875daXdOlBo9ZX0.bU8ZZ00h/Xfh_LNh8T3Uue/&fpdata=rNZnn4IKOBGDyEGc6eB4FqVhigRQ_fLac6Xxi6mENlb.r7%7C1730301404%7C2&ltime=1265&fr=1&ref=&inner=_ver%3D355%7C_ch_mobile%3D0%7C_ch_wow64%3D0%7C_ch_brands%3D&exid=67224ddc254f8f96&brts=1730301405&fpcap=

Request Chain 163

https://sync.taboola.com/sg/temurtbnative-network/1/rtb/ HTTP 302
https://www.temu.com/api/adx/cm/pixel-taboola?id=40177a16-8cb2-47ff-810b-df5ed9a1a652-tucte1bd361

Request Chain 221

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=2DB0DB673AE34E5CA7B5385F0F5A7210&RedC=c.clarity.ms&MXFR=0BEC27187C2A6D6C2DC33230782A6335 HTTP 302
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=2DB0DB673AE34E5CA7B5385F0F5A7210&MUID=07D18576062464223237905E076D6504

248 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request rusiya-globi-google-s-2-5-detsiliona-dolara-tova-sa-usd2-500-000-000-000-000-000-000-000-000-000-000 Show response
it.dir.bg/web/ 345 KB
45 KB 724ms
156ms Document
text/html 172.67.71.201
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://it.dir.bg/web/rusiya-globi-google-s-2-5-detsiliona-dolara-tova-sa-usd2-500-000-000-000-000-000-000-000-000-000-000

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

172.67.71.201 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ffc32b1a5c653898d629be50628bfa72f70cac406bc082b4443600081da46e71

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8dac5e2f9bf1279b-LYS
content-encoding: br
content-type: text/html; charset=UTF-8
date: Wed, 30 Oct 2024 15:16:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2Bo%2B3KNIlCkSRPXZW9kewToaqToFvPpqAcdb8nuLPbIVqYZ75TwOuZYzdpjAodiiTM06OHLHS189VzIi4%2F%2F7NGUx%2FRyyqwJmXbnmYBcUQ6YeWDuaBVAONZVII9w%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=63072000
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: DENY
x-web: 2
x-xss-protection: 1; mode=block

GET
H2 200 all.css
static.dir.bg/css/desktop/ 291 KB
43 KB 949ms
230ms Stylesheet
text/css 194.145.63.126
DELTA-BG-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://static.dir.bg/css/desktop/all.css?_=1730119760
Requested by: Host: it.dir.bg
URL: https://it.dir.bg/web/rusiya-globi-google-s-2-5-detsiliona-dolara-tova-sa-usd2-500-000-000-000-000-000-000-000-000-000-000
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 194.145.63.126 Sofia, Bulgaria, ASN8860 (DELTA-BG-AS, BG),
Reverse DNS: station126.bdata.bg
Software: nginx /
Resource Hash: ccbfbdfc47289a7f92f56d75486f4cddabe809ff4a91c293188718ed5393ad9e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://it.dir.bg/

Response headers

access-control-max-age: 172800
cache-control: max-age=2592000
content-encoding: gzip
etag: W/"671f8850-48bcd"
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
expires: Fri, 29 Nov 2024 14:48:45 GMT
access-control-allow-origin: *
date: Wed, 30 Oct 2024 14:48:45 GMT
content-type: text/css
vary: Accept-Encoding, Origin
server: nginx
last-modified: Mon, 28 Oct 2024 12:49:20 GMT
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H2 200 it-all.css
static.dir.bg/css/desktop/ 69 KB
12 KB 920ms
201ms Stylesheet
text/css 194.145.63.126
DELTA-BG-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://static.dir.bg/css/desktop/it-all.css?_=1730119750
Requested by: Host: it.dir.bg
URL: https://it.dir.bg/web/rusiya-globi-google-s-2-5-detsiliona-dolara-tova-sa-usd2-500-000-000-000-000-000-000-000-000-000-000
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 194.145.63.126 Sofia, Bulgaria, ASN8860 (DELTA-BG-AS, BG),
Reverse DNS: station126.bdata.bg
Software: nginx /
Resource Hash: eab5ef44dfc7032d4a9273d3750685ca3413aada1dc391e8e45c4f5abeea778d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://it.dir.bg/

Response headers

access-control-max-age: 172800
cache-control: max-age=2592000
content-encoding: gzip
etag: W/"671f8846-1141b"
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
expires: Fri, 29 Nov 2024 15:03:16 GMT
access-control-allow-origin: *
date: Wed, 30 Oct 2024 15:03:16 GMT
content-type: text/css
vary: Accept-Encoding, Origin
server: nginx
last-modified: Mon, 28 Oct 2024 12:49:10 GMT
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 106 KB
33 KB 1199ms
81ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: it.dir.bg
URL: https://it.dir.bg/web/rusiya-globi-google-s-2-5-detsiliona-dolara-tova-sa-usd2-500-000-000-000-000-000-000-000-000-000-000

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

fe7c2df0e7e6e53bcc8dce017b23e6126984e613d1b9005ec25ad66568ebe568

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://it.dir.bg/

Response headers

content-encoding: br
etag: 232 / 20026 / 31088558 / config-hash: 17750436895191193847
x-content-type-options: nosniff
expires: Wed, 30 Oct 2024 15:16:43 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Wed, 30 Oct 2024 15:16:43 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 33753
x-xss-protection: 0
server: cafe

GET
H2 200 dir.bg.js Show response
pahtag.tech/c/ 46 KB
5 KB 1193ms
76ms Script
application/javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pahtag.tech/c/dir.bg.js
Requested by: Host: it.dir.bg
URL: https://it.dir.bg/web/rusiya-globi-google-s-2-5-detsiliona-dolara-tova-sa-usd2-500-000-000-000-000-000-000-000-000-000-000
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6ad2e6e18b794883e69a31f63cd2cc9f49e17e92ceb5749c7430d358009c9e37

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://it.dir.bg/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: "cc63a089fdc7953d6def188c1aa40f18"
age: 1542
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=L5ShDrzPo%2BNgwsOAacgv7QITOLxL4yCJriSEYSHnygq3ayIlAX%2ByibpFARaWTDEj0F5UnWqHO9hIuNtwf8je3nYZL%2FW5VAPS9fnd3hAH0UxGXi47b%2Buhfe4FOq9NZg%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=20946&sent=7&recv=9&lost=0&retrans=0&sent_bytes=3929&recv_bytes=2131&delivery_rate=157271&cwnd=253&unsent_bytes=0&cid=17d2972ae936490b&ts=719&x=0"
date: Wed, 30 Oct 2024 15:16:43 GMT
content-type: application/javascript
last-modified: Thu, 03 Oct 2024 10:52:10 GMT
vary: Accept-Encoding
x-amz-id-2: mH/nRYV1OBtpwqqqy0ac0edd2QkbJdJikBMC8se0w1trzBxRisQW//hzH7//pyLpead0dYYY2wjGsVzsWNIPUujXIleh8aFWIv5ahcwBhIw=
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: WH3Z7RQ4RCM59QD8
cf-ray: 8dac5e3e2cbe0219-ZRH
accept-ranges: bytes
content-length: 3801
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H2 200 email-decode.min.js Show response
it.dir.bg/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 113ms
111ms Script
application/javascript 172.67.71.201
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://it.dir.bg/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: it.dir.bg
URL: https://it.dir.bg/web/rusiya-globi-google-s-2-5-detsiliona-dolara-tova-sa-usd2-500-000-000-000-000-000-000-000-000-000-000

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

172.67.71.201 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://it.dir.bg/web/rusiya-globi-google-s-2-5-detsiliona-dolara-tova-sa-usd2-500-000-000-000-000-000-000-000-000-000-000

Response headers

x-frame-options: DENY
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: max-age=172800, public
content-encoding: gzip
etag: W/"671bcbe9-4d7"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2Ft3Qgwtc%2F2h%2FCWYESEiWxC39%2FXKcm2vNJTbW2lZ8gXKBYP2KHVrzncxD%2FEXswhlvz%2FLwhUk4cheHgjY7Xfov2JzN6rZvVTLUGnCaGEwzKVk98dYMBNTHByTJsA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
cf-ray: 8dac5e35bbf3279b-LYS
expires: Fri, 01 Nov 2024 15:16:42 GMT
date: Wed, 30 Oct 2024 15:16:42 GMT
content-type: application/javascript
last-modified: Fri, 25 Oct 2024 16:48:41 GMT
server: cloudflare
vary: Accept-Encoding

GET
H2 200 all.js Show response
static.dir.bg/js/desktop/ 588 KB
181 KB 297ms
296ms Script
application/javascript 194.145.63.126
DELTA-BG-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://static.dir.bg/js/desktop/all.js?_=1730119781
Requested by: Host: it.dir.bg
URL: https://it.dir.bg/web/rusiya-globi-google-s-2-5-detsiliona-dolara-tova-sa-usd2-500-000-000-000-000-000-000-000-000-000-000
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 194.145.63.126 Sofia, Bulgaria, ASN8860 (DELTA-BG-AS, BG),
Reverse DNS: station126.bdata.bg
Software: nginx /
Resource Hash: 086c5c6deed0d7744cea43c54cafcce9f8e27b4f4980d907d20563222381db22

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://it.dir.bg/

Response headers

access-control-max-age: 172800
cache-control: max-age=2592000
content-encoding: gzip
etag: W/"671f8865-92e21"
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
expires: Fri, 29 Nov 2024 14:48:45 GMT
access-control-allow-origin: *
date: Wed, 30 Oct 2024 14:48:45 GMT
content-type: application/javascript
vary: Accept-Encoding, Origin
server: nginx
last-modified: Mon, 28 Oct 2024 12:49:41 GMT
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H2 200 owl.carousel.min.css
static.dir.bg/owl-carousel/ 3 KB
2 KB 257ms
256ms Stylesheet
text/css 194.145.63.126
DELTA-BG-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://static.dir.bg/owl-carousel/owl.carousel.min.css
Requested by: Host: it.dir.bg
URL: https://it.dir.bg/web/rusiya-globi-google-s-2-5-detsiliona-dolara-tova-sa-usd2-500-000-000-000-000-000-000-000-000-000-000
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 194.145.63.126 Sofia, Bulgaria, ASN8860 (DELTA-BG-AS, BG),
Reverse DNS: station126.bdata.bg
Software: nginx /
Resource Hash: 521410e1fc44780061e09adc980275fb5ea277fd5d9e538454214ec4379ff4bc

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://it.dir.bg/

Response headers

access-control-max-age: 172800
cache-control: max-age=2592000
content-encoding: gzip
etag: W/"64004ef3-d17"
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
expires: Fri, 29 Nov 2024 14:48:45 GMT
access-control-allow-origin: *
date: Wed, 30 Oct 2024 14:48:45 GMT
content-type: text/css
vary: Accept-Encoding, Origin
server: nginx
last-modified: Thu, 02 Mar 2023 07:23:31 GMT
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H2 200 owl.theme.default.min.css
static.dir.bg/owl-carousel/ 1013 B
1000 B 257ms
257ms Stylesheet
text/css 194.145.63.126
DELTA-BG-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://static.dir.bg/owl-carousel/owl.theme.default.min.css
Requested by: Host: it.dir.bg
URL: https://it.dir.bg/web/rusiya-globi-google-s-2-5-detsiliona-dolara-tova-sa-usd2-500-000-000-000-000-000-000-000-000-000-000
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 194.145.63.126 Sofia, Bulgaria, ASN8860 (DELTA-BG-AS, BG),
Reverse DNS: station126.bdata.bg
Software: nginx /
Resource Hash: 924b0dc630d1c5dff9fa31aead9509775b1d476bfe0a5ac2977b2f11205a26ac

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://it.dir.bg/

Response headers

access-control-max-age: 172800
cache-control: max-age=2592000
content-encoding: gzip
etag: W/"64004ef3-3f5"
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
expires: Fri, 29 Nov 2024 15:03:16 GMT
access-control-allow-origin: *
date: Wed, 30 Oct 2024 15:03:16 GMT
content-type: text/css
vary: Accept-Encoding, Origin
server: nginx
last-modified: Thu, 02 Mar 2023 07:23:31 GMT
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H2 200 owl.carousel.min.js Show response
static.dir.bg/owl-carousel/ 43 KB
12 KB 267ms
266ms Script
application/javascript 194.145.63.126
DELTA-BG-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://static.dir.bg/owl-carousel/owl.carousel.min.js
Requested by: Host: it.dir.bg
URL: https://it.dir.bg/web/rusiya-globi-google-s-2-5-detsiliona-dolara-tova-sa-usd2-500-000-000-000-000-000-000-000-000-000-000
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 194.145.63.126 Sofia, Bulgaria, ASN8860 (DELTA-BG-AS, BG),
Reverse DNS: station126.bdata.bg
Software: nginx /
Resource Hash: a53c43f834b32309b084ea9314df8307e9c78cee2202c6e07f216ae4ae5b704d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://it.dir.bg/

Response headers

access-control-max-age: 172800
cache-control: max-age=2592000
content-encoding: gzip
etag: W/"64004ef3-ad36"
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
expires: Fri, 29 Nov 2024 15:03:16 GMT
access-control-allow-origin: *
date: Wed, 30 Oct 2024 15:03:16 GMT
content-type: application/javascript
vary: Accept-Encoding, Origin
server: nginx
last-modified: Thu, 02 Mar 2023 07:23:31 GMT
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 347 KB
100 KB 1007ms
61ms Script
application/javascript 142.250.184.232
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-W2KMKLG

Requested by

Host: it.dir.bg
URL: https://it.dir.bg/web/rusiya-globi-google-s-2-5-detsiliona-dolara-tova-sa-usd2-500-000-000-000-000-000-000-000-000-000-000

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.232 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

4bcc504ca5f2d5cd6d1c7fb43c97ae24a3a2c5f40505dd4582c10ba84b16a6cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://it.dir.bg/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires: Wed, 30 Oct 2024 15:16:43 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 30 Oct 2024 15:16:43 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Wed, 30 Oct 2024 15:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 101366
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 dir.bg.js Show response
pahtag.tech/c/ 46 KB
0 1174ms
1174ms Script
application/javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pahtag.tech/c/dir.bg.js
Requested by: Host: it.dir.bg
URL: https://it.dir.bg/web/rusiya-globi-google-s-2-5-detsiliona-dolara-tova-sa-usd2-500-000-000-000-000-000-000-000-000-000-000
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6ad2e6e18b794883e69a31f63cd2cc9f49e17e92ceb5749c7430d358009c9e37

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://it.dir.bg/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: "cc63a089fdc7953d6def188c1aa40f18"
age: 1542
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=L5ShDrzPo%2BNgwsOAacgv7QITOLxL4yCJriSEYSHnygq3ayIlAX%2ByibpFARaWTDEj0F5UnWqHO9hIuNtwf8je3nYZL%2FW5VAPS9fnd3hAH0UxGXi47b%2Buhfe4FOq9NZg%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=20946&sent=7&recv=9&lost=0&retrans=0&sent_bytes=3929&recv_bytes=2131&delivery_rate=157271&cwnd=253&unsent_bytes=0&cid=17d2972ae936490b&ts=719&x=0"
date: Wed, 30 Oct 2024 15:16:43 GMT
content-type: application/javascript
last-modified: Thu, 03 Oct 2024 10:52:10 GMT
vary: Accept-Encoding
x-amz-id-2: mH/nRYV1OBtpwqqqy0ac0edd2QkbJdJikBMC8se0w1trzBxRisQW//hzH7//pyLpead0dYYY2wjGsVzsWNIPUujXIleh8aFWIv5ahcwBhIw=
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: WH3Z7RQ4RCM59QD8
cf-ray: 8dac5e3e2cbe0219-ZRH
accept-ranges: bytes
content-length: 3801
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H/1.1 200
OK worktalent Show response
webapi.dir.bg/ Frame 3B50 23 KB
5 KB 317ms
71ms Document
text/html 88.203.154.237
A1

General

Check archive.org

Show headers Download Go to

Full URL: https://webapi.dir.bg/worktalent
Requested by: Host: it.dir.bg
URL: https://it.dir.bg/web/rusiya-globi-google-s-2-5-detsiliona-dolara-tova-sa-usd2-500-000-000-000-000-000-000-000-000-000-000
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 88.203.154.237 Sofia, Bulgaria, ASN8717 (A1, BG),
Reverse DNS
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: 1fd7ffe96568ca9d0a961de7c7ed22c4b4ba0ea05e3ba9e6ae7d5d0d8f079e07

Request headers

Referer: https://it.dir.bg/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

Cache-Control: no-cache, private
Connection: Keep-Alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Wed, 30 Oct 2024 15:16:43 GMT
Keep-Alive: timeout=5, max=100
Server: Apache/2.4.29 (Ubuntu)
Transfer-Encoding: chunked
Vary: Accept-Encoding

GET
H2 200 widget_playlist.php Show response
video.onnetwork.tv/widget/ 3 KB
3 KB 304ms
73ms Script
text/html 141.95.49.8
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://video.onnetwork.tv/widget/widget_playlist.php?widget=815

Requested by

Host: it.dir.bg
URL: https://it.dir.bg/web/rusiya-globi-google-s-2-5-detsiliona-dolara-tova-sa-usd2-500-000-000-000-000-000-000-000-000-000-000

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

141.95.49.8 , France, ASN16276 (OVH, FR),

Reverse DNS

vh11.eris-m.of.pl

Software

XO.webservant /

Resource Hash

0817a8ea1198e785ba0c94f90919f1ce6d81e9b6e1a8a10ddc2a32117b18ae14

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"
Referer: https://it.dir.bg/

Response headers

strict-transport-security: max-age=31536000
cache-control: no-store, no-cache, must-revalidate, post-check=1, pre-check=1
pragma: no-cache
expires: Wed, 30 Oct 2024 15:16:42 GMT
p3p: CP="ALL CAO DSP COR IVD IVA PSD PSA TEL TAI CUS ADM CUR CON SAM OUR IND"
content-length: 3007
date: Wed, 30 Oct 2024 15:16:43 GMT
last-modified: Wed, 30 Oct 2024 15:16:43 GMT
content-type: text/html; charset=utf-8
server: XO.webservant

GET
H2 200 hamburger-icon.svg
static.dir.bg/images/ 569 B
877 B 85ms
84ms Image
image/svg+xml 194.145.63.126
DELTA-BG-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.dir.bg/images/hamburger-icon.svg
Requested by: Host: static.dir.bg
URL: https://static.dir.bg/css/desktop/all.css?_=1730119760
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 194.145.63.126 Sofia, Bulgaria, ASN8860 (DELTA-BG-AS, BG),
Reverse DNS: station126.bdata.bg
Software: nginx /
Resource Hash: 8aaf48090e1e50aea288dbe3a617ddbdf04513e3becdf15c613dd92a65140464

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://static.dir.bg/css/desktop/all.css?_=1730119760

Response headers

access-control-max-age: 172800
cache-control: max-age=2592000
content-encoding: gzip
etag: W/"6405df08-239"
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
expires: Fri, 29 Nov 2024 14:48:46 GMT
access-control-allow-origin: *
date: Wed, 30 Oct 2024 14:48:46 GMT
content-type: image/svg+xml
vary: Accept-Encoding, Origin
server: nginx
last-modified: Mon, 06 Mar 2023 12:39:36 GMT
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H2 200 Repo-Medium.otf
static.dir.bg/fonts/ 98 KB
70 KB 494ms
214ms Font
application/x-font-opentype 194.145.63.126
DELTA-BG-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://static.dir.bg/fonts/Repo-Medium.otf
Requested by: Host: static.dir.bg
URL: https://static.dir.bg/css/desktop/all.css?_=1730119760
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 194.145.63.126 Sofia, Bulgaria, ASN8860 (DELTA-BG-AS, BG),
Reverse DNS: station126.bdata.bg
Software: nginx /
Resource Hash: aa5ab198a4dc6bd735732c995e91fc85cab8fd41d5ec9cfba80490c6d3eaa38a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://it.dir.bg
Referer: https://static.dir.bg/css/desktop/all.css?_=1730119760

Response headers

access-control-max-age: 172800
cache-control: max-age=2592000
content-encoding: gzip
etag: W/"6334614a-18954"
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
expires: Fri, 29 Nov 2024 14:48:46 GMT
access-control-allow-origin: *
date: Wed, 30 Oct 2024 14:48:46 GMT
content-type: application/x-font-opentype
vary: Accept-Encoding, Origin
server: nginx
last-modified: Wed, 28 Sep 2022 14:59:22 GMT
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H2 200 Repo-Regular.otf
static.dir.bg/fonts/ 98 KB
69 KB 605ms
324ms Font
application/x-font-opentype 194.145.63.126
DELTA-BG-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://static.dir.bg/fonts/Repo-Regular.otf
Requested by: Host: static.dir.bg
URL: https://static.dir.bg/css/desktop/all.css?_=1730119760
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 194.145.63.126 Sofia, Bulgaria, ASN8860 (DELTA-BG-AS, BG),
Reverse DNS: station126.bdata.bg
Software: nginx /
Resource Hash: 50ae46fa7e695109b25176a1174ac6b65cf92735ee0724331b83c54b1ab5e452

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://it.dir.bg
Referer: https://static.dir.bg/css/desktop/all.css?_=1730119760

Response headers

access-control-max-age: 172800
cache-control: max-age=2592000
content-encoding: gzip
etag: W/"6334614a-18754"
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
expires: Fri, 29 Nov 2024 14:48:46 GMT
access-control-allow-origin: *
date: Wed, 30 Oct 2024 14:48:46 GMT
content-type: application/x-font-opentype
vary: Accept-Encoding, Origin
server: nginx
last-modified: Wed, 28 Sep 2022 14:59:22 GMT
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H2 200 icomoon.ttf
static.dir.bg/fonts/ 127 KB
59 KB 595ms
315ms Font
application/x-font-ttf 194.145.63.126
DELTA-BG-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://static.dir.bg/fonts/icomoon.ttf
Requested by: Host: static.dir.bg
URL: https://static.dir.bg/css/desktop/all.css?_=1730119760
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 194.145.63.126 Sofia, Bulgaria, ASN8860 (DELTA-BG-AS, BG),
Reverse DNS: station126.bdata.bg
Software: nginx /
Resource Hash: fcfe6b9b65bd90f718f2f0f80a12dae99a3108cbd3bb2ea32e9ebe0348ace7c5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://it.dir.bg
Referer: https://static.dir.bg/css/desktop/all.css?_=1730119760

Response headers

access-control-max-age: 172800
cache-control: max-age=2592000
content-encoding: gzip
etag: W/"67124d72-1fc08"
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
expires: Fri, 29 Nov 2024 15:03:16 GMT
access-control-allow-origin: *
date: Wed, 30 Oct 2024 15:03:16 GMT
content-type: application/x-font-ttf
vary: Accept-Encoding, Origin
server: nginx
last-modified: Fri, 18 Oct 2024 11:58:42 GMT
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H2 200 Repo-Bold.otf
static.dir.bg/fonts/ 99 KB
70 KB 607ms
327ms Font
application/x-font-opentype 194.145.63.126
DELTA-BG-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://static.dir.bg/fonts/Repo-Bold.otf
Requested by: Host: static.dir.bg
URL: https://static.dir.bg/css/desktop/all.css?_=1730119760
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 194.145.63.126 Sofia, Bulgaria, ASN8860 (DELTA-BG-AS, BG),
Reverse DNS: station126.bdata.bg
Software: nginx /
Resource Hash: 7e944dee615571f80a8bd93892f886d18e735bcc2bca3d4b25dc91f902fe27c7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://it.dir.bg
Referer: https://static.dir.bg/css/desktop/all.css?_=1730119760

Response headers

access-control-max-age: 172800
cache-control: max-age=2592000
content-encoding: gzip
etag: W/"63346149-18d14"
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
expires: Fri, 29 Nov 2024 14:48:46 GMT
access-control-allow-origin: *
date: Wed, 30 Oct 2024 14:48:46 GMT
content-type: application/x-font-opentype
vary: Accept-Encoding, Origin
server: nginx
last-modified: Wed, 28 Sep 2022 14:59:21 GMT
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H2 200 Repo-DemiBold.otf
static.dir.bg/fonts/ 99 KB
70 KB 533ms
254ms Font
application/x-font-opentype 194.145.63.126
DELTA-BG-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://static.dir.bg/fonts/Repo-DemiBold.otf
Requested by: Host: static.dir.bg
URL: https://static.dir.bg/css/desktop/all.css?_=1730119760
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 194.145.63.126 Sofia, Bulgaria, ASN8860 (DELTA-BG-AS, BG),
Reverse DNS: station126.bdata.bg
Software: nginx /
Resource Hash: 82edbdabf49d8335e340a3ff29bf54cbd0e7ff7cf3ecf25e2c1473976ed2e235

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://it.dir.bg
Referer: https://static.dir.bg/css/desktop/all.css?_=1730119760

Response headers

access-control-max-age: 172800
cache-control: max-age=2592000
content-encoding: gzip
etag: W/"6334614a-18a28"
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
expires: Fri, 29 Nov 2024 15:03:16 GMT
access-control-allow-origin: *
date: Wed, 30 Oct 2024 15:03:16 GMT
content-type: application/x-font-opentype
vary: Accept-Encoding, Origin
server: nginx
last-modified: Wed, 28 Sep 2022 14:59:22 GMT
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H2 200 Repo-ExtraBlack.otf
static.dir.bg/fonts/ 95 KB
66 KB 606ms
327ms Font
application/x-font-opentype 194.145.63.126
DELTA-BG-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://static.dir.bg/fonts/Repo-ExtraBlack.otf
Requested by: Host: static.dir.bg
URL: https://static.dir.bg/css/desktop/all.css?_=1730119760
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 194.145.63.126 Sofia, Bulgaria, ASN8860 (DELTA-BG-AS, BG),
Reverse DNS: station126.bdata.bg
Software: nginx /
Resource Hash: b1d09d7511ad5c58bc9acdc903557f78a9ca154b8bf01839b08045cb9fe8b310

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://it.dir.bg
Referer: https://static.dir.bg/css/desktop/all.css?_=1730119760

Response headers

access-control-max-age: 172800
cache-control: max-age=2592000
content-encoding: gzip
etag: W/"6334614a-17d28"
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
expires: Fri, 29 Nov 2024 15:03:16 GMT
access-control-allow-origin: *
date: Wed, 30 Oct 2024 15:03:16 GMT
content-type: application/x-font-opentype
vary: Accept-Encoding, Origin
server: nginx
last-modified: Wed, 28 Sep 2022 14:59:22 GMT
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H2 200 3eNews.svg
static.dir.bg/images/logos/it/ 3 KB
2 KB 98ms
62ms Image
image/svg+xml 194.145.63.126
DELTA-BG-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.dir.bg/images/logos/it/3eNews.svg?_=1672930342
Requested by: Host: it.dir.bg
URL: https://it.dir.bg/web/rusiya-globi-google-s-2-5-detsiliona-dolara-tova-sa-usd2-500-000-000-000-000-000-000-000-000-000-000
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 194.145.63.126 Sofia, Bulgaria, ASN8860 (DELTA-BG-AS, BG),
Reverse DNS: station126.bdata.bg
Software: nginx /
Resource Hash: 00ab97c4c835db9464073d0fca13f42d129767bc79a30af9a23a738e9fde8e1d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://it.dir.bg/

Response headers

access-control-max-age: 172800
cache-control: max-age=2592000
content-encoding: gzip
etag: W/"63b6e426-b3a"
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
expires: Fri, 29 Nov 2024 14:48:46 GMT
access-control-allow-origin: *
date: Wed, 30 Oct 2024 14:48:46 GMT
content-type: image/svg+xml
vary: Accept-Encoding, Origin
server: nginx
last-modified: Thu, 05 Jan 2023 14:52:22 GMT
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H2 200 nasam.svg
static.dir.bg/images/logos/it/ 20 KB
6 KB 98ms
63ms Image
image/svg+xml 194.145.63.126
DELTA-BG-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.dir.bg/images/logos/it/nasam.svg?_=1672930342
Requested by: Host: it.dir.bg
URL: https://it.dir.bg/web/rusiya-globi-google-s-2-5-detsiliona-dolara-tova-sa-usd2-500-000-000-000-000-000-000-000-000-000-000
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 194.145.63.126 Sofia, Bulgaria, ASN8860 (DELTA-BG-AS, BG),
Reverse DNS: station126.bdata.bg
Software: nginx /
Resource Hash: a010b8ae2ebe6624db631065af211edf983cfab405472a6ad0a1ab6f5690e039

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://it.dir.bg/

Response headers

access-control-max-age: 172800
cache-control: max-age=2592000
content-encoding: gzip
etag: W/"63b6e426-4e12"
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
expires: Fri, 29 Nov 2024 15:03:16 GMT
access-control-allow-origin: *
date: Wed, 30 Oct 2024 15:03:16 GMT
content-type: image/svg+xml
vary: Accept-Encoding, Origin
server: nginx
last-modified: Thu, 05 Jan 2023 14:52:22 GMT
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H2 200 rtf.svg
static.dir.bg/images/logos/it/ 5 KB
2 KB 97ms
61ms Image
image/svg+xml 194.145.63.126
DELTA-BG-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.dir.bg/images/logos/it/rtf.svg?_=1672930342
Requested by: Host: it.dir.bg
URL: https://it.dir.bg/web/rusiya-globi-google-s-2-5-detsiliona-dolara-tova-sa-usd2-500-000-000-000-000-000-000-000-000-000-000
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 194.145.63.126 Sofia, Bulgaria, ASN8860 (DELTA-BG-AS, BG),
Reverse DNS: station126.bdata.bg
Software: nginx /
Resource Hash: 5df9a4d557038fac630c413b57fb9b2f00c6a236368f04110c15b4683a3744a7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://it.dir.bg/

Response headers

access-control-max-age: 172800
cache-control: max-age=2592000
content-encoding: gzip
etag: W/"63b6e426-12a9"
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
expires: Fri, 29 Nov 2024 14:48:46 GMT
access-control-allow-origin: *
date: Wed, 30 Oct 2024 14:48:46 GMT
content-type: image/svg+xml
vary: Accept-Encoding, Origin
server: nginx
last-modified: Thu, 05 Jan 2023 14:52:22 GMT
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H2 200 GT.svg
static.dir.bg/images/logos/it/ 12 KB
4 KB 104ms
69ms Image
image/svg+xml 194.145.63.126
DELTA-BG-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.dir.bg/images/logos/it/GT.svg?_=1672930342
Requested by: Host: it.dir.bg
URL: https://it.dir.bg/web/rusiya-globi-google-s-2-5-detsiliona-dolara-tova-sa-usd2-500-000-000-000-000-000-000-000-000-000-000
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 194.145.63.126 Sofia, Bulgaria, ASN8860 (DELTA-BG-AS, BG),
Reverse DNS: station126.bdata.bg
Software: nginx /
Resource Hash: 4310f5f7e052cc8de2b85fbfedf3f7a5343688c9d574485682729fc2c99e6912

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://it.dir.bg/

Response headers

access-control-max-age: 172800
cache-control: max-age=2592000
content-encoding: gzip
etag: W/"63b6e426-30cf"
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
expires: Fri, 29 Nov 2024 15:03:16 GMT
access-control-allow-origin: *
date: Wed, 30 Oct 2024 15:03:16 GMT
content-type: image/svg+xml
vary: Accept-Encoding, Origin
server: nginx
last-modified: Thu, 05 Jan 2023 14:52:22 GMT
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H2 200 izgubenabg.svg
static.dir.bg/images/logos/it/ 6 KB
3 KB 99ms
64ms Image
image/svg+xml 194.145.63.126
DELTA-BG-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.dir.bg/images/logos/it/izgubenabg.svg?_=1672930342
Requested by: Host: it.dir.bg
URL: https://it.dir.bg/web/rusiya-globi-google-s-2-5-detsiliona-dolara-tova-sa-usd2-500-000-000-000-000-000-000-000-000-000-000
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 194.145.63.126 Sofia, Bulgaria, ASN8860 (DELTA-BG-AS, BG),
Reverse DNS: station126.bdata.bg
Software: nginx /
Resource Hash: 4e10ac6971987ed895030639152183f509f082c6953e276412451db4f20c6247

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://it.dir.bg/

Response headers

access-control-max-age: 172800
cache-control: max-age=2592000
content-encoding: gzip
etag: W/"63b6e426-1897"
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
expires: Fri, 29 Nov 2024 14:48:46 GMT
access-control-allow-origin: *
date: Wed, 30 Oct 2024 14:48:46 GMT
content-type: image/svg+xml
vary: Accept-Encoding, Origin
server: nginx
last-modified: Thu, 05 Jan 2023 14:52:22 GMT
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H2 200 WR.svg
static.dir.bg/images/logos/it/ 18 KB
6 KB 104ms
70ms Image
image/svg+xml 194.145.63.126
DELTA-BG-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.dir.bg/images/logos/it/WR.svg?_=1672930342
Requested by: Host: it.dir.bg
URL: https://it.dir.bg/web/rusiya-globi-google-s-2-5-detsiliona-dolara-tova-sa-usd2-500-000-000-000-000-000-000-000-000-000-000
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 194.145.63.126 Sofia, Bulgaria, ASN8860 (DELTA-BG-AS, BG),
Reverse DNS: station126.bdata.bg
Software: nginx /
Resource Hash: 1b1720261d3e2c633f3ac043924ba179a8e8699081228190a2453c78de80af1a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://it.dir.bg/

Response headers

access-control-max-age: 172800
cache-control: max-age=2592000
content-encoding: gzip
etag: W/"63b6e426-48fb"
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
expires: Fri, 29 Nov 2024 15:03:16 GMT
access-control-allow-origin: *
date: Wed, 30 Oct 2024 15:03:16 GMT
content-type: image/svg+xml
vary: Accept-Encoding, Origin
server: nginx
last-modified: Thu, 05 Jan 2023 14:52:22 GMT
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H2 200 worktalent.svg
static.dir.bg/images/logos/it/ 6 KB
3 KB 135ms
104ms Image
image/svg+xml 194.145.63.126
DELTA-BG-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.dir.bg/images/logos/it/worktalent.svg?_=1699526160
Requested by: Host: it.dir.bg
URL: https://it.dir.bg/web/rusiya-globi-google-s-2-5-detsiliona-dolara-tova-sa-usd2-500-000-000-000-000-000-000-000-000-000-000
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 194.145.63.126 Sofia, Bulgaria, ASN8860 (DELTA-BG-AS, BG),
Reverse DNS: station126.bdata.bg
Software: nginx /
Resource Hash: cbe49f1f275e3369ce4bc7c00266c4c0b543c94a44c8701788eac98f8715f32f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://it.dir.bg/

Response headers

access-control-max-age: 172800
cache-control: max-age=2592000
content-encoding: gzip
etag: W/"654cb610-1736"
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
expires: Fri, 29 Nov 2024 15:03:16 GMT
access-control-allow-origin: *
date: Wed, 30 Oct 2024 15:03:16 GMT
content-type: image/svg+xml
vary: Accept-Encoding, Origin
server: nginx
last-modified: Thu, 09 Nov 2023 10:36:00 GMT
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H2 200 wness.svg
static.dir.bg/images/logos/it/ 20 KB
8 KB 132ms
101ms Image
image/svg+xml 194.145.63.126
DELTA-BG-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.dir.bg/images/logos/it/wness.svg?_=1672930342
Requested by: Host: it.dir.bg
URL: https://it.dir.bg/web/rusiya-globi-google-s-2-5-detsiliona-dolara-tova-sa-usd2-500-000-000-000-000-000-000-000-000-000-000
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 194.145.63.126 Sofia, Bulgaria, ASN8860 (DELTA-BG-AS, BG),
Reverse DNS: station126.bdata.bg
Software: nginx /
Resource Hash: 4329f55522d8524eef91e6e8aff555a3b677e95eb964ae091a0bd82a80279c23

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://it.dir.bg/

Response headers

access-control-max-age: 172800
cache-control: max-age=2592000
content-encoding: gzip
etag: W/"63b6e426-5196"
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
expires: Fri, 29 Nov 2024 14:48:46 GMT
access-control-allow-origin: *
date: Wed, 30 Oct 2024 14:48:46 GMT
content-type: image/svg+xml
vary: Accept-Encoding, Origin
server: nginx
last-modified: Thu, 05 Jan 2023 14:52:22 GMT
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H2 200 soulpp.svg
static.dir.bg/images/logos/it/ 20 KB
10 KB 222ms
193ms Image
image/svg+xml 194.145.63.126
DELTA-BG-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.dir.bg/images/logos/it/soulpp.svg?_=1672930342
Requested by: Host: it.dir.bg
URL: https://it.dir.bg/web/rusiya-globi-google-s-2-5-detsiliona-dolara-tova-sa-usd2-500-000-000-000-000-000-000-000-000-000-000
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 194.145.63.126 Sofia, Bulgaria, ASN8860 (DELTA-BG-AS, BG),
Reverse DNS: station126.bdata.bg
Software: nginx /
Resource Hash: 4e8502369d93afce35fc90d72056e6385b8139fcb0cb43e7cfb3f7a0bf624879

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://it.dir.bg/

Response headers

access-control-max-age: 172800
cache-control: max-age=2592000
content-encoding: gzip
etag: W/"63b6e426-51c2"
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
expires: Fri, 29 Nov 2024 15:03:16 GMT
access-control-allow-origin: *
date: Wed, 30 Oct 2024 15:03:16 GMT
content-type: image/svg+xml
vary: Accept-Encoding, Origin
server: nginx
last-modified: Thu, 05 Jan 2023 14:52:22 GMT
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H2 200 market-orange.svg
static.dir.bg/images/ 4 KB
2 KB 142ms
113ms Image
image/svg+xml 194.145.63.126
DELTA-BG-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.dir.bg/images/market-orange.svg?_=1664377176
Requested by: Host: it.dir.bg
URL: https://it.dir.bg/web/rusiya-globi-google-s-2-5-detsiliona-dolara-tova-sa-usd2-500-000-000-000-000-000-000-000-000-000-000
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 194.145.63.126 Sofia, Bulgaria, ASN8860 (DELTA-BG-AS, BG),
Reverse DNS: station126.bdata.bg
Software: nginx /
Resource Hash: 606c81c4a0710a30c2a0cc0b9925b652b105b5fd85c98c39223e61fc4a9f88d1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://it.dir.bg/

Response headers

access-control-max-age: 172800
cache-control: max-age=2592000
content-encoding: gzip
etag: W/"63346158-1007"
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
expires: Fri, 29 Nov 2024 14:48:46 GMT
access-control-allow-origin: *
date: Wed, 30 Oct 2024 14:48:46 GMT
content-type: image/svg+xml
vary: Accept-Encoding, Origin
server: nginx
last-modified: Wed, 28 Sep 2022 14:59:36 GMT
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H2 200 market-orange-hover.svg
static.dir.bg/images/ 4 KB
2 KB 196ms
168ms Image
image/svg+xml 194.145.63.126
DELTA-BG-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.dir.bg/images/market-orange-hover.svg?_=1664377176
Requested by: Host: it.dir.bg
URL: https://it.dir.bg/web/rusiya-globi-google-s-2-5-detsiliona-dolara-tova-sa-usd2-500-000-000-000-000-000-000-000-000-000-000
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 194.145.63.126 Sofia, Bulgaria, ASN8860 (DELTA-BG-AS, BG),
Reverse DNS: station126.bdata.bg
Software: nginx /
Resource Hash: 1d874078e6f1d48bc3dbab689a212081a7cf455e9041bf8466f3b07055bd15a5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://it.dir.bg/

Response headers

access-control-max-age: 172800
cache-control: max-age=2592000
content-encoding: gzip
etag: W/"63346158-1014"
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
expires: Fri, 29 Nov 2024 15:03:16 GMT
access-control-allow-origin: *
date: Wed, 30 Oct 2024 15:03:16 GMT
content-type: image/svg+xml
vary: Accept-Encoding, Origin
server: nginx
last-modified: Wed, 28 Sep 2022 14:59:36 GMT
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H2 200 three-matches-normal.svg
static.dir.bg/images/ 4 KB
2 KB 141ms
113ms Image
image/svg+xml 194.145.63.126
DELTA-BG-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.dir.bg/images/three-matches-normal.svg?_=1664377178
Requested by: Host: it.dir.bg
URL: https://it.dir.bg/web/rusiya-globi-google-s-2-5-detsiliona-dolara-tova-sa-usd2-500-000-000-000-000-000-000-000-000-000-000
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 194.145.63.126 Sofia, Bulgaria, ASN8860 (DELTA-BG-AS, BG),
Reverse DNS: station126.bdata.bg
Software: nginx /
Resource Hash: 8bd16ff33fa7406a27fa4667c77fa1f2ffd27d87a55bb7a9c18f3260c4e04936

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://it.dir.bg/

Response headers

access-control-max-age: 172800
cache-control: max-age=2592000
content-encoding: gzip
etag: W/"6334615a-1058"
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
expires: Fri, 29 Nov 2024 14:48:46 GMT
access-control-allow-origin: *
date: Wed, 30 Oct 2024 14:48:46 GMT
content-type: image/svg+xml
vary: Accept-Encoding, Origin
server: nginx
last-modified: Wed, 28 Sep 2022 14:59:38 GMT
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H2 200 three-matches-hover.svg
static.dir.bg/images/ 4 KB
2 KB 193ms
168ms Image
image/svg+xml 194.145.63.126
DELTA-BG-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.dir.bg/images/three-matches-hover.svg?_=1664377178
Requested by: Host: it.dir.bg
URL: https://it.dir.bg/web/rusiya-globi-google-s-2-5-detsiliona-dolara-tova-sa-usd2-500-000-000-000-000-000-000-000-000-000-000
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 194.145.63.126 Sofia, Bulgaria, ASN8860 (DELTA-BG-AS, BG),
Reverse DNS: station126.bdata.bg
Software: nginx /
Resource Hash: 902c7c323004930723b138955e53ca73a7483efb8c419a84e800887d05d0dd2c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://it.dir.bg/

Response headers

access-control-max-age: 172800
cache-control: max-age=2592000
content-encoding: gzip
etag: W/"6334615a-f07"
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
expires: Fri, 29 Nov 2024 15:03:16 GMT
access-control-allow-origin: *
date: Wed, 30 Oct 2024 15:03:16 GMT
content-type: image/svg+xml
vary: Accept-Encoding, Origin
server: nginx
last-modified: Wed, 28 Sep 2022 14:59:38 GMT
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H2 200 logo-cat.svg
static.dir.bg/images/ 2 KB
1 KB 137ms
113ms Image
image/svg+xml 194.145.63.126
DELTA-BG-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.dir.bg/images/logo-cat.svg?_=1715085981
Requested by: Host: it.dir.bg
URL: https://it.dir.bg/web/rusiya-globi-google-s-2-5-detsiliona-dolara-tova-sa-usd2-500-000-000-000-000-000-000-000-000-000-000
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 194.145.63.126 Sofia, Bulgaria, ASN8860 (DELTA-BG-AS, BG),
Reverse DNS: station126.bdata.bg
Software: nginx /
Resource Hash: 49dd4046728bbc2bf3b18f8ec2b828507163ff7e081a985ab9c97cba3f2f4609

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://it.dir.bg/

Response headers

access-control-max-age: 172800
cache-control: max-age=2592000
content-encoding: gzip
etag: W/"663a229d-783"
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
expires: Fri, 29 Nov 2024 14:48:46 GMT
access-control-allow-origin: *
date: Wed, 30 Oct 2024 14:48:46 GMT
content-type: image/svg+xml
vary: Accept-Encoding, Origin
server: nginx
last-modified: Tue, 07 May 2024 12:46:21 GMT
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H2 200 1366x768.jpg
static.dir.bg/uploads/images/2024/10/30/2818894/ 215 KB
216 KB 157ms
137ms Image
image/jpeg 194.145.63.126
DELTA-BG-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.dir.bg/uploads/images/2024/10/30/2818894/1366x768.jpg?_=1730297134
Requested by: Host: it.dir.bg
URL: https://it.dir.bg/web/rusiya-globi-google-s-2-5-detsiliona-dolara-tova-sa-usd2-500-000-000-000-000-000-000-000-000-000-000
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 194.145.63.126 Sofia, Bulgaria, ASN8860 (DELTA-BG-AS, BG),
Reverse DNS: station126.bdata.bg
Software: nginx /
Resource Hash: 09927bd9b2fa386b64a1b49e07412547a0b979b07452d096982eb2946a64c4f7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://it.dir.bg/

Response headers

access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-max-age: 172800
cache-control: max-age=2592000
accept-language: bytes
etag: "67223d2e-35d80"
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
expires: Fri, 29 Nov 2024 15:03:16 GMT
access-control-allow-origin: *
content-length: 220544
date: Wed, 30 Oct 2024 15:03:16 GMT
content-type: image/jpeg
last-modified: Wed, 30 Oct 2024 14:05:34 GMT
server: nginx
vary: Origin

GET
H2 200 384x216.jpg
static.dir.bg/uploads/images/2024/10/29/2818646/ 19 KB
20 KB 173ms
156ms Image
image/jpeg 194.145.63.126
DELTA-BG-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.dir.bg/uploads/images/2024/10/29/2818646/384x216.jpg?_=1730224625
Requested by: Host: it.dir.bg
URL: https://it.dir.bg/web/rusiya-globi-google-s-2-5-detsiliona-dolara-tova-sa-usd2-500-000-000-000-000-000-000-000-000-000-000
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 194.145.63.126 Sofia, Bulgaria, ASN8860 (DELTA-BG-AS, BG),
Reverse DNS: station126.bdata.bg
Software: nginx /
Resource Hash: 02c257dae1f6efc6c288d9c0d9982cad06057e2babb61a4e66e58934019cebf3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://it.dir.bg/

Response headers

access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-max-age: 172800
cache-control: max-age=2592000
accept-language: bytes
etag: "672121f1-4df1"
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
expires: Fri, 29 Nov 2024 14:48:46 GMT
access-control-allow-origin: *
content-length: 19953
date: Wed, 30 Oct 2024 14:48:46 GMT
content-type: image/jpeg
last-modified: Tue, 29 Oct 2024 17:57:05 GMT
server: nginx
vary: Origin

GET
H2 200 384x216.jpg
static.dir.bg/uploads/images/2024/03/25/2656063/ 13 KB
14 KB 118ms
101ms Image
image/jpeg 194.145.63.126
DELTA-BG-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.dir.bg/uploads/images/2024/03/25/2656063/384x216.jpg?_=1711354746
Requested by: Host: it.dir.bg
URL: https://it.dir.bg/web/rusiya-globi-google-s-2-5-detsiliona-dolara-tova-sa-usd2-500-000-000-000-000-000-000-000-000-000-000
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 194.145.63.126 Sofia, Bulgaria, ASN8860 (DELTA-BG-AS, BG),
Reverse DNS: station126.bdata.bg
Software: nginx /
Resource Hash: 73a2a6fee49beaf372d9c9d1515111350375d4592b1b96a7feac2e1b16135cd9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://it.dir.bg/

Response headers

access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-max-age: 172800
cache-control: max-age=2592000
accept-language: bytes
etag: "6601337a-3538"
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
expires: Fri, 29 Nov 2024 15:03:16 GMT
access-control-allow-origin: *
content-length: 13624
date: Wed, 30 Oct 2024 15:03:16 GMT
content-type: image/jpeg
last-modified: Mon, 25 Mar 2024 08:19:06 GMT
server: nginx
vary: Origin

GET
H2 200 384x216.jpg
static.dir.bg/uploads/images/2024/10/29/2818637/ 23 KB
23 KB 120ms
112ms Image
image/jpeg 194.145.63.126
DELTA-BG-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.dir.bg/uploads/images/2024/10/29/2818637/384x216.jpg?_=1730218735
Requested by: Host: it.dir.bg
URL: https://it.dir.bg/web/rusiya-globi-google-s-2-5-detsiliona-dolara-tova-sa-usd2-500-000-000-000-000-000-000-000-000-000-000
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 194.145.63.126 Sofia, Bulgaria, ASN8860 (DELTA-BG-AS, BG),
Reverse DNS: station126.bdata.bg
Software: nginx /
Resource Hash: 675273ab840af8730e36111c7aaa472430744df37db6585a9a4781a60cbf7e66

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://it.dir.bg/

Response headers

access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-max-age: 172800
cache-control: max-age=2592000
accept-language: bytes
etag: "67210aef-5acb"
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
expires: Fri, 29 Nov 2024 14:48:46 GMT
access-control-allow-origin: *
content-length: 23243
date: Wed, 30 Oct 2024 14:48:46 GMT
content-type: image/jpeg
last-modified: Tue, 29 Oct 2024 16:18:55 GMT
server: nginx
vary: Origin

GET
H2 200 384x216.jpg
static.dir.bg/uploads/images/2024/10/30/2818713/ 13 KB
14 KB 196ms
189ms Image
image/jpeg 194.145.63.126
DELTA-BG-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.dir.bg/uploads/images/2024/10/30/2818713/384x216.jpg?_=1730268342
Requested by: Host: it.dir.bg
URL: https://it.dir.bg/web/rusiya-globi-google-s-2-5-detsiliona-dolara-tova-sa-usd2-500-000-000-000-000-000-000-000-000-000-000
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 194.145.63.126 Sofia, Bulgaria, ASN8860 (DELTA-BG-AS, BG),
Reverse DNS: station126.bdata.bg
Software: nginx /
Resource Hash: aaedb5d7e4175b9d1b6d27aec5266c74459881278ae1c9c693030acb6a16883e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://it.dir.bg/

Response headers

access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-max-age: 172800
cache-control: max-age=2592000
accept-language: bytes
etag: "6721ccb6-359b"
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
expires: Fri, 29 Nov 2024 15:03:16 GMT
access-control-allow-origin: *
content-length: 13723
date: Wed, 30 Oct 2024 15:03:16 GMT
content-type: image/jpeg
last-modified: Wed, 30 Oct 2024 06:05:42 GMT
server: nginx
vary: Origin

GET
H2 200 384x216.jpg
static.dir.bg/uploads/images/2024/10/30/2818746/ 24 KB
25 KB 251ms
244ms Image
image/jpeg 194.145.63.126
DELTA-BG-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.dir.bg/uploads/images/2024/10/30/2818746/384x216.jpg?_=1730286862
Requested by: Host: it.dir.bg
URL: https://it.dir.bg/web/rusiya-globi-google-s-2-5-detsiliona-dolara-tova-sa-usd2-500-000-000-000-000-000-000-000-000-000-000
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 194.145.63.126 Sofia, Bulgaria, ASN8860 (DELTA-BG-AS, BG),
Reverse DNS: station126.bdata.bg
Software: nginx /
Resource Hash: c523fa9424cf69a0550f92a7cf1497ecb6c629ec77bb3e5ae69e2098cc8a9ded

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://it.dir.bg/

Response headers

access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-max-age: 172800
cache-control: max-age=2592000
accept-language: bytes
etag: "6722150e-618e"
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
expires: Fri, 29 Nov 2024 14:48:46 GMT
access-control-allow-origin: *
content-length: 24974
date: Wed, 30 Oct 2024 14:48:46 GMT
content-type: image/jpeg
last-modified: Wed, 30 Oct 2024 11:14:22 GMT
server: nginx
vary: Origin

GET
H2 200 384x216.jpg
static.dir.bg/uploads/images/2024/10/29/2818576/ 23 KB
24 KB 213ms
207ms Image
image/jpeg 194.145.63.126
DELTA-BG-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.dir.bg/uploads/images/2024/10/29/2818576/384x216.jpg?_=1730213428
Requested by: Host: it.dir.bg
URL: https://it.dir.bg/web/rusiya-globi-google-s-2-5-detsiliona-dolara-tova-sa-usd2-500-000-000-000-000-000-000-000-000-000-000
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 194.145.63.126 Sofia, Bulgaria, ASN8860 (DELTA-BG-AS, BG),
Reverse DNS: station126.bdata.bg
Software: nginx /
Resource Hash: 6ae43f83b6230109a5385b7ad5999186e33f758a3b7258cfad621472a76cdc4e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://it.dir.bg/

Response headers

access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-max-age: 172800
cache-control: max-age=2592000
accept-language: bytes
etag: "6720f634-5c70"
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
expires: Fri, 29 Nov 2024 15:03:16 GMT
access-control-allow-origin: *
content-length: 23664
date: Wed, 30 Oct 2024 15:03:16 GMT
content-type: image/jpeg
last-modified: Tue, 29 Oct 2024 14:50:28 GMT
server: nginx
vary: Origin

GET
H2 200 384x216.jpg
static.dir.bg/uploads/images/2024/10/16/2814720/ 18 KB
19 KB 228ms
221ms Image
image/jpeg 194.145.63.126
DELTA-BG-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.dir.bg/uploads/images/2024/10/16/2814720/384x216.jpg?_=1729094863
Requested by: Host: it.dir.bg
URL: https://it.dir.bg/web/rusiya-globi-google-s-2-5-detsiliona-dolara-tova-sa-usd2-500-000-000-000-000-000-000-000-000-000-000
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 194.145.63.126 Sofia, Bulgaria, ASN8860 (DELTA-BG-AS, BG),
Reverse DNS: station126.bdata.bg
Software: nginx /
Resource Hash: 24729bcc117eb0bb8aa67414fc1f85c571ed2d36391ef9b7eb28e5b78e22a184

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://it.dir.bg/

Response headers

access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-max-age: 172800
cache-control: max-age=2592000
accept-language: bytes
etag: "670fe4cf-483a"
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
expires: Fri, 29 Nov 2024 14:48:46 GMT
access-control-allow-origin: *
content-length: 18490
date: Wed, 30 Oct 2024 14:48:46 GMT
content-type: image/jpeg
last-modified: Wed, 16 Oct 2024 16:07:43 GMT
server: nginx
vary: Origin

GET
H2 200 384x216.jpg
static.dir.bg/uploads/images/2022/02/16/2312051/ 14 KB
14 KB 243ms
236ms Image
image/jpeg 194.145.63.126
DELTA-BG-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.dir.bg/uploads/images/2022/02/16/2312051/384x216.jpg?_=1645015228
Requested by: Host: it.dir.bg
URL: https://it.dir.bg/web/rusiya-globi-google-s-2-5-detsiliona-dolara-tova-sa-usd2-500-000-000-000-000-000-000-000-000-000-000
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 194.145.63.126 Sofia, Bulgaria, ASN8860 (DELTA-BG-AS, BG),
Reverse DNS: station126.bdata.bg
Software: nginx /
Resource Hash: 1e10fae6e98f6bb2f350e3c0743bed0a6c9befe1b650fdd9fb8e58311923170c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://it.dir.bg/

Response headers

access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-max-age: 172800
cache-control: max-age=2592000
accept-language: bytes
etag: "620cf0bc-3673"
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
expires: Fri, 29 Nov 2024 15:03:16 GMT
access-control-allow-origin: *
content-length: 13939
date: Wed, 30 Oct 2024 15:03:16 GMT
content-type: image/jpeg
last-modified: Wed, 16 Feb 2022 12:40:28 GMT
server: nginx
vary: Origin

GET
H2 200 384x216.jpg
static.dir.bg/uploads/images/2024/10/30/2818835/ 13 KB
14 KB 241ms
235ms Image
image/jpeg 194.145.63.126
DELTA-BG-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.dir.bg/uploads/images/2024/10/30/2818835/384x216.jpg?_=1730280868
Requested by: Host: it.dir.bg
URL: https://it.dir.bg/web/rusiya-globi-google-s-2-5-detsiliona-dolara-tova-sa-usd2-500-000-000-000-000-000-000-000-000-000-000
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 194.145.63.126 Sofia, Bulgaria, ASN8860 (DELTA-BG-AS, BG),
Reverse DNS: station126.bdata.bg
Software: nginx /
Resource Hash: 02aa9c10f662c5290d2e484d2e5fc8e849745b16026b2f387ca7ba047bee9617

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://it.dir.bg/

Response headers

access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-max-age: 172800
cache-control: max-age=2592000
accept-language: bytes
etag: "6721fda4-341e"
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
expires: Fri, 29 Nov 2024 14:48:46 GMT
access-control-allow-origin: *
content-length: 13342
date: Wed, 30 Oct 2024 14:48:46 GMT
content-type: image/jpeg
last-modified: Wed, 30 Oct 2024 09:34:28 GMT
server: nginx
vary: Origin

GET
H2 200 widget_playlist_list.php
video.onnetwork.tv/widgets/ Frame 0922 0
0 413ms
88ms Document
text/html 149.202.118.64
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://video.onnetwork.tv/widgets/widget_playlist_list.php?nl=1&iid=88245371561721&widget=815&cId=pid88245371561721

Requested by

Host: video.onnetwork.tv
URL: https://video.onnetwork.tv/widget/widget_playlist.php?widget=815

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

149.202.118.64 , France, ASN16276 (OVH, FR),

Reverse DNS

vh11.eris-j.of.pl

Software

XO.webservant /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://it.dir.bg/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

cache-control: no-store, no-cache, must-revalidate, post-check=1, pre-check=1
content-type: text/html; charset=utf-8
date: Wed, 30 Oct 2024 15:16:43 GMT
expires: Wed, 30 Oct 2024 15:16:44 GMT
last-modified: Wed, 30 Oct 2024 15:16:43 GMT
p3p: CP="ALL CAO DSP COR IVD IVA PSD PSA TEL TAI CUS ADM CUR CON SAM OUR IND"
pragma: no-cache
server: XO.webservant
strict-transport-security: max-age=31536000

GET
H2 200 owl.carousel.min.css
i.dir.bg/designs/owl-carousel/assets/ Frame 3B50 3 KB
1 KB 635ms
107ms Stylesheet
text/css 194.145.63.12
DELTA-BG-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://i.dir.bg/designs/owl-carousel/assets/owl.carousel.min.css

Requested by

Host: webapi.dir.bg
URL: https://webapi.dir.bg/worktalent

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

194.145.63.12 Sofia, Bulgaria, ASN8860 (DELTA-BG-AS, BG),

Reverse DNS

dir.bg

Software

nginx/1.2.1 /

Resource Hash

521410e1fc44780061e09adc980275fb5ea277fd5d9e538454214ec4379ff4bc

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://webapi.dir.bg/

Response headers

cache-control: max-age=157680000
content-encoding: gzip
expires: Mon, 29 Oct 2029 15:16:44 GMT
date: Wed, 30 Oct 2024 15:16:44 GMT
x-xss-protection: 1; mode=block
content-type: text/css
last-modified: Tue, 24 Mar 2020 14:22:35 GMT
server: nginx/1.2.1

GET
H2 200 owl.theme.default.min.css
i.dir.bg/designs/owl-carousel/assets/ Frame 3B50 1013 B
705 B 634ms
107ms Stylesheet
text/css 194.145.63.12
DELTA-BG-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://i.dir.bg/designs/owl-carousel/assets/owl.theme.default.min.css

Requested by

Host: webapi.dir.bg
URL: https://webapi.dir.bg/worktalent

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

194.145.63.12 Sofia, Bulgaria, ASN8860 (DELTA-BG-AS, BG),

Reverse DNS

dir.bg

Software

nginx/1.2.1 /

Resource Hash

924b0dc630d1c5dff9fa31aead9509775b1d476bfe0a5ac2977b2f11205a26ac

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://webapi.dir.bg/

Response headers

cache-control: max-age=157680000
content-encoding: gzip
expires: Mon, 29 Oct 2029 15:16:44 GMT
date: Wed, 30 Oct 2024 15:16:44 GMT
x-xss-protection: 1; mode=block
content-type: text/css
last-modified: Tue, 24 Mar 2020 14:22:35 GMT
server: nginx/1.2.1

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/2.2.0/ Frame 3B50 84 KB
30 KB 670ms
132ms Script
text/javascript 142.250.185.138
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/2.2.0/jquery.min.js

Requested by

Host: webapi.dir.bg
URL: https://webapi.dir.bg/worktalent

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.138 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f10.1e100.net

Software

sffe /

Resource Hash

8a102873a33f24f7eb22221e6b23c4f718e29f85168ecc769a35bfaed9b12cce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://webapi.dir.bg/

Response headers

content-encoding: gzip
age: 82296
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
x-content-type-options: nosniff
expires: Wed, 29 Oct 2025 16:25:08 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 29 Oct 2024 16:25:08 GMT
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
accept-ranges: bytes
access-control-allow-origin: *
content-length: 30089
x-xss-protection: 0
server: sffe

GET
H2 200 owl.carousel.min.js Show response
i.dir.bg/designs/owl-carousel/ Frame 3B50 43 KB
12 KB 698ms
171ms Script
application/x-javascript 194.145.63.12
DELTA-BG-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://i.dir.bg/designs/owl-carousel/owl.carousel.min.js

Requested by

Host: webapi.dir.bg
URL: https://webapi.dir.bg/worktalent

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

194.145.63.12 Sofia, Bulgaria, ASN8860 (DELTA-BG-AS, BG),

Reverse DNS

dir.bg

Software

nginx/1.2.1 /

Resource Hash

a53c43f834b32309b084ea9314df8307e9c78cee2202c6e07f216ae4ae5b704d

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://webapi.dir.bg/

Response headers

cache-control: max-age=157680000
content-encoding: gzip
expires: Mon, 29 Oct 2029 15:16:44 GMT
access-control-allow-origin: *
date: Wed, 30 Oct 2024 15:16:44 GMT
x-xss-protection: 1; mode=block
content-type: application/x-javascript
last-modified: Tue, 24 Mar 2020 14:22:31 GMT
server: nginx/1.2.1

GET
H2 200 icon-ads-01.svg
static.dir.bg/images/ 2 KB
1 KB 177ms
98ms Image
image/svg+xml 194.145.63.126
DELTA-BG-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.dir.bg/images/icon-ads-01.svg
Requested by: Host: static.dir.bg
URL: https://static.dir.bg/css/desktop/all.css?_=1730119760
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 194.145.63.126 Sofia, Bulgaria, ASN8860 (DELTA-BG-AS, BG),
Reverse DNS: station126.bdata.bg
Software: nginx /
Resource Hash: e230ff12616d4d17cff047ecd25f0b17f06fe822e772a60ccb2a7c769eecfd2a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://static.dir.bg/css/desktop/all.css?_=1730119760

Response headers

access-control-max-age: 172800
cache-control: max-age=2592000
content-encoding: gzip
etag: W/"6523af6e-687"
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
expires: Fri, 29 Nov 2024 15:03:17 GMT
access-control-allow-origin: *
date: Wed, 30 Oct 2024 15:03:17 GMT
content-type: image/svg+xml
vary: Accept-Encoding, Origin
server: nginx
last-modified: Mon, 09 Oct 2023 07:44:46 GMT
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H2 200 256x144.jpg
static.dir.bg/uploads/images/2024/08/22/2798981/ 8 KB
8 KB 132ms
112ms Image
image/jpeg 194.145.63.126
DELTA-BG-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.dir.bg/uploads/images/2024/08/22/2798981/256x144.jpg?_=1724322431
Requested by: Host: it.dir.bg
URL: https://it.dir.bg/web/rusiya-globi-google-s-2-5-detsiliona-dolara-tova-sa-usd2-500-000-000-000-000-000-000-000-000-000-000
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 194.145.63.126 Sofia, Bulgaria, ASN8860 (DELTA-BG-AS, BG),
Reverse DNS: station126.bdata.bg
Software: nginx /
Resource Hash: 079a335a75150516814bfd7ba09040e2974ace63551a4254d71d04a2a5aa0421

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://it.dir.bg/

Response headers

access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-max-age: 172800
cache-control: max-age=2592000
accept-language: bytes
etag: "66c7127f-1f49"
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
expires: Fri, 29 Nov 2024 14:48:47 GMT
access-control-allow-origin: *
content-length: 8009
date: Wed, 30 Oct 2024 14:48:47 GMT
content-type: image/jpeg
last-modified: Thu, 22 Aug 2024 10:27:11 GMT
server: nginx
vary: Origin

GET
H2 200 256x144.jpg
static.dir.bg/uploads/images/2024/10/30/2818836/ 12 KB
13 KB 131ms
111ms Image
image/jpeg 194.145.63.126
DELTA-BG-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.dir.bg/uploads/images/2024/10/30/2818836/256x144.jpg?_=1730280971
Requested by: Host: it.dir.bg
URL: https://it.dir.bg/web/rusiya-globi-google-s-2-5-detsiliona-dolara-tova-sa-usd2-500-000-000-000-000-000-000-000-000-000-000
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 194.145.63.126 Sofia, Bulgaria, ASN8860 (DELTA-BG-AS, BG),
Reverse DNS: station126.bdata.bg
Software: nginx /
Resource Hash: a7dfb55d99ad45a314e07728ffdf31897336d4a787d15b621d8c5f6add40ae9f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://it.dir.bg/

Response headers

access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-max-age: 172800
cache-control: max-age=2592000
accept-language: bytes
etag: "6721fe0b-3083"
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
expires: Fri, 29 Nov 2024 15:03:17 GMT
access-control-allow-origin: *
content-length: 12419
date: Wed, 30 Oct 2024 15:03:17 GMT
content-type: image/jpeg
last-modified: Wed, 30 Oct 2024 09:36:11 GMT
server: nginx
vary: Origin

GET
H2 200 256x144.jpg
static.dir.bg/uploads/images/2024/10/30/2818894/ 15 KB
16 KB 141ms
127ms Image
image/jpeg 194.145.63.126
DELTA-BG-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.dir.bg/uploads/images/2024/10/30/2818894/256x144.jpg?_=1730297135
Requested by: Host: it.dir.bg
URL: https://it.dir.bg/web/rusiya-globi-google-s-2-5-detsiliona-dolara-tova-sa-usd2-500-000-000-000-000-000-000-000-000-000-000
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 194.145.63.126 Sofia, Bulgaria, ASN8860 (DELTA-BG-AS, BG),
Reverse DNS: station126.bdata.bg
Software: nginx /
Resource Hash: a5ba8bb49381a7680d39e719466e2d64e61fd60f174c701809e8a8e32b639397

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://it.dir.bg/

Response headers

access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-max-age: 172800
cache-control: max-age=2592000
accept-language: bytes
etag: "67223d2f-3d90"
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
expires: Fri, 29 Nov 2024 14:48:47 GMT
access-control-allow-origin: *
content-length: 15760
date: Wed, 30 Oct 2024 14:48:47 GMT
content-type: image/jpeg
last-modified: Wed, 30 Oct 2024 14:05:35 GMT
server: nginx
vary: Origin

GET
H2 200 256x144.jpg
static.dir.bg/uploads/images/2023/03/24/2451399/ 12 KB
13 KB 123ms
112ms Image
image/jpeg 194.145.63.126
DELTA-BG-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.dir.bg/uploads/images/2023/03/24/2451399/256x144.jpg?_=1679647512
Requested by: Host: it.dir.bg
URL: https://it.dir.bg/web/rusiya-globi-google-s-2-5-detsiliona-dolara-tova-sa-usd2-500-000-000-000-000-000-000-000-000-000-000
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 194.145.63.126 Sofia, Bulgaria, ASN8860 (DELTA-BG-AS, BG),
Reverse DNS: station126.bdata.bg
Software: nginx /
Resource Hash: 0e4461134509ed487e2f27433d6adaf4d0b6d81331266382289ded4f4b56f68f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://it.dir.bg/

Response headers

access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-max-age: 172800
cache-control: max-age=2592000
accept-language: bytes
etag: "641d6318-3059"
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
expires: Fri, 29 Nov 2024 15:03:17 GMT
access-control-allow-origin: *
content-length: 12377
date: Wed, 30 Oct 2024 15:03:17 GMT
content-type: image/jpeg
last-modified: Fri, 24 Mar 2023 08:45:12 GMT
server: nginx
vary: Origin

GET
H2 200 256x144.jpg
static.dir.bg/uploads/images/2024/10/30/2818694/ 7 KB
8 KB 122ms
111ms Image
image/jpeg 194.145.63.126
DELTA-BG-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.dir.bg/uploads/images/2024/10/30/2818694/256x144.jpg?_=1730265935
Requested by: Host: it.dir.bg
URL: https://it.dir.bg/web/rusiya-globi-google-s-2-5-detsiliona-dolara-tova-sa-usd2-500-000-000-000-000-000-000-000-000-000-000
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 194.145.63.126 Sofia, Bulgaria, ASN8860 (DELTA-BG-AS, BG),
Reverse DNS: station126.bdata.bg
Software: nginx /
Resource Hash: f0b3a7bcec27601aa8a0c8fbe6f89b3addf845e2ca0f4f4e55189cefc1caae83

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://it.dir.bg/

Response headers

access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-max-age: 172800
cache-control: max-age=2592000
accept-language: bytes
etag: "6721c34f-1d19"
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
expires: Fri, 29 Nov 2024 14:48:47 GMT
access-control-allow-origin: *
content-length: 7449
date: Wed, 30 Oct 2024 14:48:47 GMT
content-type: image/jpeg
last-modified: Wed, 30 Oct 2024 05:25:35 GMT
server: nginx
vary: Origin

GET
H2 200 xgemius.js Show response
gabg.hit.gemius.pl/ 70 KB
20 KB 452ms
122ms Script
application/x-javascript 78.128.6.34
TELEPOINT

General

Check archive.org

Show headers Download Go to

Full URL: https://gabg.hit.gemius.pl/xgemius.js
Requested by: Host: it.dir.bg
URL: https://it.dir.bg/web/rusiya-globi-google-s-2-5-detsiliona-dolara-tova-sa-usd2-500-000-000-000-000-000-000-000-000-000-000
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 78.128.6.34 , Bulgaria, ASN31083 (TELEPOINT, BG),
Reverse DNS: ip-6-34.telehouse.bg
Software: GHC /
Resource Hash: adabd389d3390337abf62cc9935c593988a55a1ec75a648241afbb9e74e87090

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://it.dir.bg/

Response headers

cache-control: max-age=43200
content-encoding: gzip
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor
cross-origin-resource-policy: cross-origin
expires: Thu, 31 Oct 2024 03:16:44 GMT
accept-ranges: none
p3p: CP="NOI DSP COR NID PSAo OUR IND"
content-length: 20492
date: Wed, 30 Oct 2024 15:16:44 GMT
last-modified: Wed, 18 Sep 2024 07:46:14 GMT
vary: Accept-Encoding,Origin
server: GHC
content-type: application/x-javascript

GET
H/1.1 200
OK 9iqtAeEspwts Show response
cdn.onthe.io/io.js/ 55 KB
18 KB 606ms
154ms Script
text/javascript 116.203.212.0
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onthe.io/io.js/9iqtAeEspwts
Requested by: Host: it.dir.bg
URL: https://it.dir.bg/web/rusiya-globi-google-s-2-5-detsiliona-dolara-tova-sa-usd2-500-000-000-000-000-000-000-000-000-000-000
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 116.203.212.0 Munich, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.0.212.203.116.clients.your-server.de
Software: nginx /
Resource Hash: 9d49ffb2d1eb78628166257bad0f24a773b8b6d9b227e668e19f629059555bf9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://it.dir.bg/

Response headers

Transfer-Encoding: chunked
Cache-Control: max-age=86400
Content-Encoding: gzip
ETag: W/"60e6fb90-dce2"
Connection: keep-alive
Expires: Thu, 31 Oct 2024 15:16:44 GMT
Date: Wed, 30 Oct 2024 15:16:44 GMT
Content-Type: text/javascript
Last-Modified: Thu, 08 Jul 2021 13:20:16 GMT
Server: nginx

GET
H2 200 projectagora.min.js Show response
palibzh.tech/libs/ 423 KB
117 KB 761ms
124ms Script
application/javascript 172.67.138.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://palibzh.tech/libs/projectagora.min.js
Requested by: Host: pahtag.tech
URL: https://pahtag.tech/c/dir.bg.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.138.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f4a5087b40606dda226f932518ab9c926f9f61d3f7628f4e0dfa4c743e7416af

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://it.dir.bg/

Response headers

content-encoding: gzip
x-amz-meta-version: 3.45.0
etag: "308f438e53adcabf9652e7142d95c979"
age: 4587
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eG%2FGISVNZlqMm0f0vOJRf6VlDKIPvbh50otYQ3POg%2FyKiyNAbtxw2TcsnTkmr9OFPmMiyaxTAt7eLtK2dlO2LWPvtf7K1%2F0lFr9Njf1WtsX56hBADg0TjutZ2HoWKIA%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=34190&sent=6&recv=6&lost=0&retrans=0&sent_bytes=3914&recv_bytes=2141&delivery_rate=85044&cwnd=253&unsent_bytes=0&cid=836ed13fc639d30f&ts=273&x=0"
date: Wed, 30 Oct 2024 15:16:44 GMT
content-type: application/javascript
last-modified: Wed, 30 Oct 2024 09:59:28 GMT
vary: Accept-Encoding
x-amz-id-2: X/gBOJwkusR4Bjq81BUWjUZpnTWLxbyj6FCjJEh/z1Ka7RmxFf2Nf6qB+IGS7mWjcVTPLus8bensNVshokXPUA==
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: HN03ZKYTPJPC91N5
cf-ray: 8dac5e43ff051298-MRS
accept-ranges: bytes
access-control-allow-origin: *
content-length: 119329
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H2 200 init Show response
it.dir.bg/ 100 B
1 KB 201ms
201ms XHR
application/json 172.67.71.201
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://it.dir.bg/init?article_id=40540616

Requested by

Host: static.dir.bg
URL: https://static.dir.bg/js/desktop/all.js?_=1730119781

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

172.67.71.201 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3244a6013359f166b6c5cb3f2f4b8def9be52dc11a734970d67f8d9a664f3c87

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://it.dir.bg/web/rusiya-globi-google-s-2-5-detsiliona-dolara-tova-sa-usd2-500-000-000-000-000-000-000-000-000-000-000
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: application/json, text/javascript, */*; q=0.01

Response headers

x-web: 2
content-encoding: gzip
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=o3%2FkrH698WFDVQilPkKqQBjEDvaTF6JX0xKUM6Gp%2BZb0NasYOATBdOOTJDRdK8kgFO0U0LhJw3oLjCXOrDfhVbrkCYc3iPvL2249NMRdACJ0Cl8ZpdPxOvU6gQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
date: Wed, 30 Oct 2024 15:16:44 GMT
content-type: application/json
vary: Accept-Encoding
x-frame-options: DENY
strict-transport-security: max-age=63072000
cache-control: no-cache
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8dac5e403b02279b-LYS
access-control-allow-origin: *
x-xss-protection: 1; mode=block
server: cloudflare

GET
H/1.1 200
OK worktalent-jobdesktop.png
webapi.dir.bg/webapi/worktalent/ Frame 3B50 124 KB
124 KB 129ms
73ms Image
image/png 88.203.154.237
A1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://webapi.dir.bg/webapi/worktalent/worktalent-jobdesktop.png
Requested by: Host: webapi.dir.bg
URL: https://webapi.dir.bg/worktalent
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 88.203.154.237 Sofia, Bulgaria, ASN8717 (A1, BG),
Reverse DNS
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: 66f9d28a146b1531e511a9d08af2064962a3cd05389dca6524d5aadc9710069d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://webapi.dir.bg/worktalent

Response headers

ETag: "1ee76-6201a9d69a255"
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 126582
Keep-Alive: timeout=5, max=99
Date: Wed, 30 Oct 2024 15:16:44 GMT
Last-Modified: Tue, 20 Aug 2024 10:09:02 GMT
Content-Type: image/png
Server: Apache/2.4.29 (Ubuntu)

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 322 KB
107 KB 221ms
127ms Script
application/javascript 142.250.184.232
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-B1XSRWSHN4&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W2KMKLG

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.232 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

abe84fb0dd2465151983b50314688b1c0193cddc1167a2fe6ed312fc40ffc523

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://it.dir.bg/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Wed, 30 Oct 2024 15:16:44 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 30 Oct 2024 15:16:44 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 109312
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 282 KB
99 KB 140ms
47ms Script
application/javascript 142.250.184.232
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-74752H7V8Z&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W2KMKLG

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.232 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

01d7d866a3c8fd49ac882c92e7b426970d228edd3d75d6791352ee05f1b899d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://it.dir.bg/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Wed, 30 Oct 2024 15:16:44 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 30 Oct 2024 15:16:44 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 100581
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 974ms
36ms Script
text/javascript 142.250.186.142
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W2KMKLG

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.142 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://it.dir.bg/

Response headers

content-encoding: gzip
age: 6630
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],}
x-content-type-options: nosniff
expires: Wed, 30 Oct 2024 15:26:15 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 30 Oct 2024 13:26:15 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
content-type: text/javascript
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 20994
server: Golfe2

GET
H2 200 ntvk3i0dci Show response
www.clarity.ms/tag/ 751 B
1 KB 1356ms
419ms Script
application/x-javascript 13.107.253.45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/ntvk3i0dci?ref=gtm
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W2KMKLG
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 13.107.253.45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 1bcfdfe9266940aded2d46060ba667d0067727f9fd65982d7f9e34e41271f5ad

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://it.dir.bg/

Response headers

cache-control: no-cache, no-store
request-context: appId=cid-v1:e55edbbe-e22b-46b4-8313-9ee2a4e71d12
expires: -1
accept-ranges: bytes
x-cache: CONFIG_NOCACHE
content-length: 751
date: Wed, 30 Oct 2024 15:16:45 GMT
content-type: application/x-javascript
x-azure-ref: 20241030T151645Z-er1fbb6595fxl96rtye5wpz2g800000006sg000000006fuw

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 229 KB
61 KB 908ms
102ms Script
application/x-javascript 157.240.0.6
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: it.dir.bg
URL: https://it.dir.bg/web/rusiya-globi-google-s-2-5-detsiliona-dolara-tova-sa-usd2-500-000-000-000-000-000-000-000-000-000-000

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-fra3.fbcdn.net

Software

Resource Hash

668c6828672fa8600b7a0632cb328ee63a31361be6734987b04985fcd9d08d4f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src 'nonce-18OyN3sT' .fbcdn.net .facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://it.dir.bg/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Wed, 30 Oct 2024 15:16:45 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-18OyN3sT' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=34, rtx=0, c=13, mss=1288, tbw=2899, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma: public
x-fb-debug: POlhjHBxAbydS+6DsKMgqPt4ZPbVaT+Ftq7RW1Wh3RgWlLQWebFgqs2i+lkrSIYSXkgrP5hoq5rP9s1lq9puYQ==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
content-length: 59722
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H/1.1 200
OK uni.php Show response
bg.search.etargetnet.com/generic/ 6 KB
3 KB 513ms
124ms Script
text/html 195.168.10.173
AS-BENESTRA Brati...

General

Check archive.org

Show headers Download Go to

Full URL: https://bg.search.etargetnet.com/generic/uni.php?g=ref:80582
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W2KMKLG
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 195.168.10.173 Dolný Kubín, Slovakia, ASN5578 (AS-BENESTRA Bratislava, Slovak Republic, SK),
Reverse DNS: a45.etarget.sh.cust.gts.sk
Software: nginx /
Resource Hash: f96415feb68462fc5e05472263b04bc5c9b2288ada5186b5891aecb0bccf5e60

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://it.dir.bg/

Response headers

Transfer-Encoding: chunked
Y-Protected-By: Bulbasaur/blade2-08.etarget.sk
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Content-Encoding: gzip
Pragma: no-cache
Connection: keep-alive
access-control-allow-credentials: true
X-Protected-By: Bee/0.68
access-control-allow-origin: https://it.dir.bg
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM", policyref="/w3c/p3p.xml"
Date: Wed, 30 Oct 2024 15:16:44 GMT
Content-Type: text/html; charset=UTF-8
Vary: Accept-Encoding
Server: nginx

GET
H2 200 OneSignalSDK.js Show response
cdn.onesignal.com/sdks/ 9 KB
3 KB 974ms
72ms Script
application/javascript 104.16.160.145
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.onesignal.com/sdks/OneSignalSDK.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W2KMKLG

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.160.145 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ec8b1b07980996f574075e1b7e895d5d47794b9dcf345a68d60fbb17034f7bef

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://it.dir.bg/

Response headers

strict-transport-security: max-age=15552000; includeSubDomains
cache-control: public, max-age=259200
content-encoding: br
cf-cache-status: HIT
etag: W/"09282956186c8515ef0d208902803581"
age: 2849
via: 1.1 google
cf-ray: 8dac5e46ee03bb0b-MXP
expires: Sat, 02 Nov 2024 15:16:45 GMT
alt-svc: h3=":443"; ma=86400
date: Wed, 30 Oct 2024 15:16:45 GMT
content-type: application/javascript
vary: Accept-Encoding
server: cloudflare
access-control-allow-headers: OneSignal-Subscription-Id

GET
H2 200 DFPAudiencePixel;ord=6704124132494751;dc_seg=6844236660
pubads.g.doubleclick.net/activity;dc_iu=/118570770/ 42 B
542 B 969ms
66ms Image
image/gif 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pubads.g.doubleclick.net/activity;dc_iu=/118570770/DFPAudiencePixel;ord=6704124132494751;dc_seg=6844236660?

Requested by

Host: it.dir.bg
URL: https://it.dir.bg/web/rusiya-globi-google-s-2-5-detsiliona-dolara-tova-sa-usd2-500-000-000-000-000-000-000-000-000-000-000

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://it.dir.bg/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 42
date: Wed, 30 Oct 2024 15:16:45 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202410280101/ 483 KB
150 KB 83ms
41ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202410280101/pubads_impl.js?cb=31088558

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

346c66e4f479f4a17ed1401f493c41c4c36b694580749098da5224e7707ed994

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://it.dir.bg/

Response headers

content-encoding: br
etag: 2396380646379452942
age: 917
x-content-type-options: nosniff
expires: Thu, 30 Oct 2025 15:01:27 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Wed, 30 Oct 2024 15:01:27 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 153075
x-xss-protection: 0
server: cafe

GET
H2 200 embed.php Show response
video.onnetwork.tv/ 3 KB
2 KB 95ms
68ms Script
text/javascript 141.95.49.8
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://video.onnetwork.tv/embed.php?mid=NTc3NjQ1LDE2eDksMywwLDE3NzMsNzA1NiwxLDAsMiwwLDAsMCwyLDAsNCwxLDAsMCwxLDAsMCwwLDAsMCwwLDMsMSwtMTstMTsyMDsyMDtCUjsyMDsyMDsyMDs1NiwwLDYwLDAsMCwwLDA7MDswOzA7MDswOzAsMA==&iid=88245371561721&cId=pid88245371561721&widget=815

Requested by

Host: video.onnetwork.tv
URL: https://video.onnetwork.tv/widget/widget_playlist.php?widget=815

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

141.95.49.8 , France, ASN16276 (OVH, FR),

Reverse DNS

vh11.eris-m.of.pl

Software

XO.webservant /

Resource Hash

2af908ce6e25fcb29cbc1e5a4d79209089e4d37e9f4e3bb792b8ad9d712ea417

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://it.dir.bg/

Response headers

server: XO.webservant
strict-transport-security: max-age=31536000
cache-control: no-store, no-cache, must-revalidate, post-check=1, pre-check=1
content-encoding: gzip
pragma: no-cache
content-type: text/javascript;charset=utf-8
expires: Wed, 30 Oct 2024 15:16:43 GMT
p3p: CP="ALL CAO DSP COR IVD IVA PSD PSA TEL TAI CUS ADM CUR CON SAM OUR IND"
content-length: 1520
date: Wed, 30 Oct 2024 15:16:44 GMT
last-modified: Wed, 30 Oct 2024 15:16:43 GMT
feature-policy: fullscreen *; autoplay; encrypted-media *;
vary: Accept-Encoding
permission-policy: encrypted-media=(self https://video.onnetwork.tv https://video1.onnetwork.tv);

GET
H2 200 fpdata.js Show response
gabg.hit.gemius.pl/ 277 B
392 B 110ms
94ms Script
application/x-javascript 78.128.6.34
TELEPOINT

General

Check archive.org

Show headers Download Go to

Full URL: https://gabg.hit.gemius.pl/fpdata.js?href=it.dir.bg
Requested by: Host: gabg.hit.gemius.pl
URL: https://gabg.hit.gemius.pl/xgemius.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 78.128.6.34 , Bulgaria, ASN31083 (TELEPOINT, BG),
Reverse DNS: ip-6-34.telehouse.bg
Software: GHC /
Resource Hash: aaf94c00c035a03afa3dc57fc64c5a58f18f889985f0a352f528c32e16d461f5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://it.dir.bg/

Response headers

cache-control: private, max-age=2592000
etag: PRIVATE7520710249
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor
cross-origin-resource-policy: cross-origin
expires: Fri, 29 Nov 2024 15:16:44 GMT
accept-ranges: none
p3p: CP="NOI DSP COR NID PSAo OUR IND"
content-length: 277
date: Wed, 30 Oct 2024 15:16:44 GMT
last-modified: Mon, 16 Jul 2012 10:03:40 GMT
content-type: application/x-javascript
server: GHC

GET
H2 200 lsget.html
ls.hit.gemius.pl/ Frame A55D 0
0 603ms
50ms Document
text/html 146.59.30.100
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://ls.hit.gemius.pl/lsget.html
Requested by: Host: gabg.hit.gemius.pl
URL: https://gabg.hit.gemius.pl/xgemius.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 146.59.30.100 , France, ASN16276 (OVH, FR),
Reverse DNS: ip100.ip-146-59-30.eu
Software: GHC /
Resource Hash

Request headers

Referer: https://it.dir.bg/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor
accept-ranges: none
cache-control: private, max-age=2592000
content-encoding: gzip
content-length: 2815
content-type: text/html;charset=utf-8
cross-origin-resource-policy: cross-origin
date: Wed, 30 Oct 2024 15:16:45 GMT
etag: PRIVATE7520710249
expires: Fri, 29 Nov 2024 15:16:45 GMT
last-modified: Mon, 16 Jul 2012 10:03:40 GMT
p3p: CP="NOI DSP COR NID PSAo OUR IND"
server: GHC
vary: Accept-Encoding,Origin,User-Agent

GET
H2 200 embed.min.js Show response
cdn.onnetwork.tv/js/player90/ 96 KB
32 KB 379ms
111ms Script
application/javascript 188.165.21.156
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.onnetwork.tv/js/player90/embed.min.js?s=1730124084

Requested by

Host: video.onnetwork.tv
URL: https://video.onnetwork.tv/embed.php?mid=NTc3NjQ1LDE2eDksMywwLDE3NzMsNzA1NiwxLDAsMiwwLDAsMCwyLDAsNCwxLDAsMCwxLDAsMCwwLDAsMCwwLDMsMSwtMTstMTsyMDsyMDtCUjsyMDsyMDsyMDs1NiwwLDYwLDAsMCwwLDA7MDswOzA7MDswOzAsMA==&iid=88245371561721&cId=pid88245371561721&widget=815

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

188.165.21.156 , France, ASN16276 (OVH, FR),

Reverse DNS

vh11b.eris-w13.of.pl

Software

XO.webservantpro /

Resource Hash

2375bbf1b1dba1c40f4e5544a08b3ddcc5eda294e10a854b15eb2a729f5cc8a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://it.dir.bg
Referer

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=17280000, public
content-encoding: gzip
etag: W/"671f9934-18175"
pragma: public
access-control-allow-methods: GET, POST, OPTIONS
expires: Sun, 18 May 2025 15:16:44 GMT
access-control-allow-origin: *
date: Wed, 30 Oct 2024 15:16:44 GMT
content-type: application/javascript
last-modified: Mon, 28 Oct 2024 14:01:24 GMT
server: XO.webservantpro
vary: Accept-Encoding

GET
H2 200 a_cntg.png
cdn.onnetwork.tv/cnt/ 126 B
332 B 359ms
86ms Image
image/png 188.165.21.156
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.onnetwork.tv/cnt/a_cntg.png?ts=1730301404673&d=7056&wsc=00&typ=embed&mobile=0&c=43
Requested by: Host: it.dir.bg
URL: https://it.dir.bg/web/rusiya-globi-google-s-2-5-detsiliona-dolara-tova-sa-usd2-500-000-000-000-000-000-000-000-000-000-000
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 188.165.21.156 , France, ASN16276 (OVH, FR),
Reverse DNS: vh11b.eris-w13.of.pl
Software: XO.webservantpro /
Resource Hash: a607b3c3e0d09d7f339e0035f16f99bf93637dee0eb27b2b9c447701fefa2ace

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://it.dir.bg/

Response headers

cache-control: no-cache
access-control-allow-methods: GET, POST, OPTIONS
accept-ranges: bytes
access-control-allow-origin: *
content-length: 126
date: Wed, 30 Oct 2024 15:16:44 GMT
content-type: image/png
last-modified: Wednesday, 30-Oct-2024 15:16:44 GMT
server: XO.webservantpro

GET
H/1.1 200
OK webapiworktalent Show response
webapi.dir.bg/api/ Frame 3B50 163 KB
163 KB 113ms
108ms XHR
application/json 88.203.154.237
A1

General

Check archive.org

Show headers Download Go to

Full URL: https://webapi.dir.bg/api/webapiworktalent
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/2.2.0/jquery.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 88.203.154.237 Sofia, Bulgaria, ASN8717 (A1, BG),
Reverse DNS
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: 4a32751e0ab1f6ceadf364a168f8a8011c13be44a2d5e86ddf9222571b7a0e1e

Request headers

Referer: https://webapi.dir.bg/worktalent
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: application/json, text/javascript, */*; q=0.01

Response headers

Transfer-Encoding: chunked
Cache-Control: no-cache, private
Connection: Keep-Alive
X-RateLimit-Remaining: 59
Access-Control-Allow-Origin: *
Keep-Alive: timeout=5, max=98
Date: Wed, 30 Oct 2024 15:16:44 GMT
X-RateLimit-Limit: 60
Content-Type: application/json
Server: Apache/2.4.29 (Ubuntu)

GET
H/1.1 200
OK / Show response
tt.onthe.io/ 0
287 B 488ms
42ms XHR
text/javascript 188.40.115.112
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tt.onthe.io/?k[]=25984:uniques_instantly[url:%2Fweb%2Frusiya-globi-google-s-2-5-detsiliona-dolara-tova-sa-usd2-500-000-000-000-000-000-000-000-000-000-000,domain:it.dir.bg,page:%D0%A0%D1%83%D1%81%D0%B8%D1%8F%20%D0%B3%D0%BB%D0%BE%D0%B1%D0%B8%20Google%20%D1%81%202%2C5%20%D0%B4%D0%B5%D1%86%D0%B8%D0%BB%D0%B8%D0%BE%D0%BD%D0%B0%20%D0%B4%D0%BE%D0%BB%D0%B0%D1%80%D0%B0.%20%D0%A2%D0%BE%D0%B2%D0%B0%20%D1%81%D0%B0%20%242%20500%20000%20000%20000%20000%20000%20000%20000%20000%20000%20000%20%7C%20IT.dir.bg,page_type:article,author:%D0%A1%D1%82%D0%BE%D1%8F%D0%BD%20%D0%93%D0%BE%D0%B3%D0%BE%D0%B2,category:Web,language:bg,type_article:image,reference_time:279,pub_date:Wed%2C%2030%20Oct%2024%2016%3A02%3A42%20%2B0200,user_agent:Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F130.0.0.0%20Safari%2F537.36,device:desktop,browser_version:Chrome%20130,browser:Chrome,depth:1,user_type:new,user_id:70e4f10fc.cd86bf426_1730301404796,session_id:8322707c8.ceb067002_1730301404798,cdn_version:27]&s=82e9c82c1a072e9873484057dab96e77&1730301404804
Requested by: Host: cdn.onthe.io
URL: https://cdn.onthe.io/io.js/9iqtAeEspwts
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 188.40.115.112 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.112.115.40.188.clients.your-server.de
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://it.dir.bg/

Response headers

Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Access-Control-Allow-Origin: *
Content-Length: 0
Date: Wed, 30 Oct 2024 15:16:45 GMT
Content-Type: text/javascript
Server: nginx

GET
H/1.1 200
OK / Show response
tt.onthe.io/ 0
287 B 481ms
41ms XHR
text/javascript 188.40.115.112
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tt.onthe.io/?k[]=25984:visits_instantly[url:%2Fweb%2Frusiya-globi-google-s-2-5-detsiliona-dolara-tova-sa-usd2-500-000-000-000-000-000-000-000-000-000-000,domain:it.dir.bg,page:%D0%A0%D1%83%D1%81%D0%B8%D1%8F%20%D0%B3%D0%BB%D0%BE%D0%B1%D0%B8%20Google%20%D1%81%202%2C5%20%D0%B4%D0%B5%D1%86%D0%B8%D0%BB%D0%B8%D0%BE%D0%BD%D0%B0%20%D0%B4%D0%BE%D0%BB%D0%B0%D1%80%D0%B0.%20%D0%A2%D0%BE%D0%B2%D0%B0%20%D1%81%D0%B0%20%242%20500%20000%20000%20000%20000%20000%20000%20000%20000%20000%20000%20%7C%20IT.dir.bg,page_type:article,author:%D0%A1%D1%82%D0%BE%D1%8F%D0%BD%20%D0%93%D0%BE%D0%B3%D0%BE%D0%B2,category:Web,language:bg,type_article:image,reference_time:279,pub_date:Wed%2C%2030%20Oct%2024%2016%3A02%3A42%20%2B0200,user_agent:Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F130.0.0.0%20Safari%2F537.36,device:desktop,browser_version:Chrome%20130,browser:Chrome,depth:1,user_type:new,user_id:70e4f10fc.cd86bf426_1730301404796,session_id:8322707c8.ceb067002_1730301404798,cdn_version:27]&s=82e9c82c1a072e9873484057dab96e77&__io=70e4f10fc.cd86bf426_1730301404796&1730301404809
Requested by: Host: cdn.onthe.io
URL: https://cdn.onthe.io/io.js/9iqtAeEspwts
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 188.40.115.112 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.112.115.40.188.clients.your-server.de
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://it.dir.bg/

Response headers

Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Access-Control-Allow-Origin: *
Content-Length: 0
Date: Wed, 30 Oct 2024 15:16:45 GMT
Content-Type: text/javascript
Server: nginx

GET
H/1.1 200
OK / Show response
tt.onthe.io/ 0
287 B 487ms
51ms XHR
text/javascript 188.40.115.112
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tt.onthe.io/?k[]=25984:pageviews[url:%2Fweb%2Frusiya-globi-google-s-2-5-detsiliona-dolara-tova-sa-usd2-500-000-000-000-000-000-000-000-000-000-000,domain:it.dir.bg,page:%D0%A0%D1%83%D1%81%D0%B8%D1%8F%20%D0%B3%D0%BB%D0%BE%D0%B1%D0%B8%20Google%20%D1%81%202%2C5%20%D0%B4%D0%B5%D1%86%D0%B8%D0%BB%D0%B8%D0%BE%D0%BD%D0%B0%20%D0%B4%D0%BE%D0%BB%D0%B0%D1%80%D0%B0.%20%D0%A2%D0%BE%D0%B2%D0%B0%20%D1%81%D0%B0%20%242%20500%20000%20000%20000%20000%20000%20000%20000%20000%20000%20000%20%7C%20IT.dir.bg,page_type:article,author:%D0%A1%D1%82%D0%BE%D1%8F%D0%BD%20%D0%93%D0%BE%D0%B3%D0%BE%D0%B2,category:Web,language:bg,type_article:image,reference_time:279,pub_date:Wed%2C%2030%20Oct%2024%2016%3A02%3A42%20%2B0200,user_agent:Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F130.0.0.0%20Safari%2F537.36,device:desktop,browser_version:Chrome%20130,browser:Chrome,depth:1,user_type:new,user_id:70e4f10fc.cd86bf426_1730301404796,session_id:8322707c8.ceb067002_1730301404798,cdn_version:27]&s=82e9c82c1a072e9873484057dab96e77&1730301404814
Requested by: Host: cdn.onthe.io
URL: https://cdn.onthe.io/io.js/9iqtAeEspwts
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 188.40.115.112 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.112.115.40.188.clients.your-server.de
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://it.dir.bg/

Response headers

Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Access-Control-Allow-Origin: *
Content-Length: 0
Date: Wed, 30 Oct 2024 15:16:45 GMT
Content-Type: text/javascript
Server: nginx

POST
H2 204 collect
analytics.google.com/g/ 0
0 565ms
79ms Fetch
text/plain 216.58.206.78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-74752H7V8Z&gtm=45je4as0v9126415660z8810347154za200zb810347154&_p=1730301402719&_gaz=1&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101533422~101823848~101878899~101878944~101925629&cid=1863221803.1730301405&ul=it-it&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_eu=EA&_s=1&sid=1730301404&sct=1&seg=0&dl=https%3A%2F%2Fit.dir.bg%2Fweb%2Frusiya-globi-google-s-2-5-detsiliona-dolara-tova-sa-usd2-500-000-000-000-000-000-000-000-000-000-000&dt=%D0%A0%D1%83%D1%81%D0%B8%D1%8F%20%D0%B3%D0%BB%D0%BE%D0%B1%D0%B8%20Google%20%D1%81%202%2C5%20%D0%B4%D0%B5%D1%86%D0%B8%D0%BB%D0%B8%D0%BE%D0%BD%D0%B0%20%D0%B4%D0%BE%D0%BB%D0%B0%D1%80%D0%B0.%20%D0%A2%D0%BE%D0%B2%D0%B0%20%D1%81%D0%B0%20%242%20500%20000%20000%20000%20000%20000%20000%20000%20000%20000%20000%20%7C%20it.dir.bg&en=page_view&_fv=1&_nsi=1&_ss=1&ep.gtm_id=GTM-W2KMKLG&ep.gtm_version=127&ep.article_author=%D0%A1%D1%82%D0%BE%D1%8F%D0%BD%20%D0%93%D0%BE%D0%B3%D0%BE%D0%B2&ep.article_tags=%D0%9D%D0%B0%D1%87%D0%B0%D0%BB%D0%BE%20%2F&ep.article_creation_time=16%3A02%20%7C%2030%20%D0%BE%D0%BA%D1%82%D0%BE%D0%BC%D0%B2%D1%80%D0%B8%202024%20&tfd=4001
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-74752H7V8Z&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.58.206.78 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: mil07s08-in-f14.1e100.net
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://it.dir.bg/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://it.dir.bg
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 30 Oct 2024 15:16:45 GMT
content-type: text/plain
server: Golfe2

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
541 B 576ms
87ms Ping
text/plain 64.233.167.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-74752H7V8Z&cid=1863221803.1730301405&gtm=45je4as0v9126415660z8810347154za200zb810347154&aip=1&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=101533422~101823848~101878899~101878944~101925629
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-74752H7V8Z&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 64.233.167.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: wl-in-f154.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://it.dir.bg/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://it.dir.bg
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 30 Oct 2024 15:16:45 GMT
content-type: text/plain
server: Golfe2

GET
H2 200 rul
td.doubleclick.net/td/ga/ Frame 6E3A 0
0 827ms
74ms Document
text/html 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/ga/rul?tid=G-74752H7V8Z&gacid=1863221803.1730301405&gtm=45je4as0v9126415660z8810347154za200zb810347154&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101533422~101823848~101878899~101878944~101925629&z=1402150017

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-74752H7V8Z&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://it.dir.bg/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 30 Oct 2024 15:16:45 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 collect
analytics.google.com/g/ 0
0 483ms
108ms Fetch
text/plain 216.58.206.78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-B1XSRWSHN4&gtm=45je4as0v9122851342z8810347154za200zb810347154&_p=1730301402719&_gaz=1&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101533421~101823848~101878899~101878944~101925629&cid=1863221803.1730301405&ul=it-it&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_s=1&sid=1730301404&sct=1&seg=0&dl=https%3A%2F%2Fit.dir.bg%2Fweb%2Frusiya-globi-google-s-2-5-detsiliona-dolara-tova-sa-usd2-500-000-000-000-000-000-000-000-000-000-000&dt=%D0%A0%D1%83%D1%81%D0%B8%D1%8F%20%D0%B3%D0%BB%D0%BE%D0%B1%D0%B8%20Google%20%D1%81%202%2C5%20%D0%B4%D0%B5%D1%86%D0%B8%D0%BB%D0%B8%D0%BE%D0%BD%D0%B0%20%D0%B4%D0%BE%D0%BB%D0%B0%D1%80%D0%B0.%20%D0%A2%D0%BE%D0%B2%D0%B0%20%D1%81%D0%B0%20%242%20500%20000%20000%20000%20000%20000%20000%20000%20000%20000%20000%20%7C%20it.dir.bg&en=page_view&_fv=1&_ss=1&ep.gtm_id=GTM-W2KMKLG&ep.gtm_version=127&ep.article_author=%D0%A1%D1%82%D0%BE%D1%8F%D0%BD%20%D0%93%D0%BE%D0%B3%D0%BE%D0%B2&ep.article_tags=%D0%9D%D0%B0%D1%87%D0%B0%D0%BB%D0%BE%20%2F&ep.article_creation_time=16%3A02%20%7C%2030%20%D0%BE%D0%BA%D1%82%D0%BE%D0%BC%D0%B2%D1%80%D0%B8%202024%20&tfd=4113
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-B1XSRWSHN4&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.58.206.78 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: mil07s08-in-f14.1e100.net
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://it.dir.bg/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://it.dir.bg
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 30 Oct 2024 15:16:45 GMT
content-type: text/plain
server: Golfe2

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
48 B 453ms
75ms Ping
text/plain 64.233.167.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-B1XSRWSHN4&cid=1863221803.1730301405&gtm=45je4as0v9122851342z8810347154za200zb810347154&aip=1&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=101533421~101823848~101878899~101878944~101925629
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-B1XSRWSHN4&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 64.233.167.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: wl-in-f154.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://it.dir.bg/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://it.dir.bg
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 30 Oct 2024 15:16:45 GMT
content-type: text/plain
server: Golfe2

GET
H2 200 rul
td.doubleclick.net/td/ga/ Frame 88EB 0
0 772ms
72ms Document
text/html 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/ga/rul?tid=G-B1XSRWSHN4&gacid=1863221803.1730301405&gtm=45je4as0v9122851342z8810347154za200zb810347154&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101533421~101823848~101878899~101878944~101925629&z=926401566

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-B1XSRWSHN4&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://it.dir.bg/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 30 Oct 2024 15:16:45 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 118570770 Show response
fundingchoicesmessages.google.com/i/ 195 KB
64 KB 720ms
114ms Script
application/javascript 142.250.186.142
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/118570770?ers=3

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202410280101/pubads_impl.js?cb=31088558

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.142 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f14.1e100.net

Software

ESF /

Resource Hash

75f411aa19f3ef920633e5dac846299b246e21931b02dd42e104897a34ed7b5e

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-001rca6nURdiqeDeSKp1Tg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://it.dir.bg/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 30 Oct 2024 15:16:46 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjytDikmLw1pBikPj6kkkLiJ3SZ7CGAHHrzXOs04E46d951hIgdte6yOoPxIYKl1idgdix6BKrJxCr9lxiNQfi--susT4H4iKJK6wtQHy76QrrYyBm-HqFlQOIhXg47s3u3Mkm0DHv-ARGJY2k_ML45Py8kqLMpNKS_KK05LTU4tSistSieCMDIxNDAyMLPQPD-AIDAHXVP5g"
content-security-policy: script-src 'report-sample' 'nonce-001rca6nURdiqeDeSKp1Tg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin: *
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

GET
H2 200 Repo-Bold.otf
static.dir.bg/fonts/ Frame 3B50 99 KB
392 B 187ms
99ms Font
application/x-font-opentype 194.145.63.126
DELTA-BG-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://static.dir.bg/fonts/Repo-Bold.otf
Requested by: Host: it.dir.bg
URL: https://it.dir.bg/web/rusiya-globi-google-s-2-5-detsiliona-dolara-tova-sa-usd2-500-000-000-000-000-000-000-000-000-000-000
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 194.145.63.126 Sofia, Bulgaria, ASN8860 (DELTA-BG-AS, BG),
Reverse DNS: station126.bdata.bg
Software: nginx /
Resource Hash: 7e944dee615571f80a8bd93892f886d18e735bcc2bca3d4b25dc91f902fe27c7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://webapi.dir.bg
Referer: https://webapi.dir.bg/

Response headers

access-control-max-age: 172800
cache-control: max-age=2592000
content-encoding: gzip
etag: W/"63346149-18d14"
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
expires: Fri, 29 Nov 2024 14:48:46 GMT
access-control-allow-origin: *
date: Wed, 30 Oct 2024 15:03:19 GMT
last-modified: Wed, 28 Sep 2022 14:59:21 GMT
vary: Origin
server: nginx
content-type: application/x-font-opentype
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H2 200 Repo-Medium.otf
static.dir.bg/fonts/ Frame 3B50 98 KB
392 B 185ms
97ms Font
application/x-font-opentype 194.145.63.126
DELTA-BG-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://static.dir.bg/fonts/Repo-Medium.otf
Requested by: Host: it.dir.bg
URL: https://it.dir.bg/web/rusiya-globi-google-s-2-5-detsiliona-dolara-tova-sa-usd2-500-000-000-000-000-000-000-000-000-000-000
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 194.145.63.126 Sofia, Bulgaria, ASN8860 (DELTA-BG-AS, BG),
Reverse DNS: station126.bdata.bg
Software: nginx /
Resource Hash: aa5ab198a4dc6bd735732c995e91fc85cab8fd41d5ec9cfba80490c6d3eaa38a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://webapi.dir.bg
Referer: https://webapi.dir.bg/

Response headers

access-control-max-age: 172800
cache-control: max-age=2592000
content-encoding: gzip
etag: W/"6334614a-18954"
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
expires: Fri, 29 Nov 2024 14:48:46 GMT
access-control-allow-origin: *
date: Wed, 30 Oct 2024 14:48:49 GMT
last-modified: Wed, 28 Sep 2022 14:59:22 GMT
vary: Origin
server: nginx
content-type: application/x-font-opentype
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H/1.1 200
OK worktalent-logo.png
webapi.dir.bg/webapi/worktalent/ Frame 3B50 8 KB
8 KB 181ms
160ms Image
image/png 88.203.154.237
A1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://webapi.dir.bg/webapi/worktalent/worktalent-logo.png
Requested by: Host: it.dir.bg
URL: https://it.dir.bg/web/rusiya-globi-google-s-2-5-detsiliona-dolara-tova-sa-usd2-500-000-000-000-000-000-000-000-000-000-000
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 88.203.154.237 Sofia, Bulgaria, ASN8717 (A1, BG),
Reverse DNS
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: 44addf4d12141260ee5bb6781276706bfda259fa8cd46aa91e6b276d01549eed

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://webapi.dir.bg/worktalent

Response headers

ETag: "204f-6201a9d69a255"
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 8271
Keep-Alive: timeout=5, max=97
Date: Wed, 30 Oct 2024 15:16:45 GMT
Last-Modified: Tue, 20 Aug 2024 10:09:02 GMT
Content-Type: image/png
Server: Apache/2.4.29 (Ubuntu)

GET
H2

200

rexdot.js Show response
gabg.hit.gemius.pl/__/_1730301405935/
Redirect Chain

https://gabg.hit.gemius.pl/_1730301405935/rexdot.js?l=100&sendf=24&id=ctiaBobs4_uHyfFUwGseIacVzZaIb1sjsS6.Xxb1TUv.F7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&tz=-60&fv=-&href=https%3A%2F%2Fit.di...
https://gabg.hit.gemius.pl/__/_1730301405935/rexdot.js?l=100&sendf=24&id=ctiaBobs4_uHyfFUwGseIacVzZaIb1sjsS6.Xxb1TUv.F7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&tz=-60&fv=-&href=https%3A%2F%2Fit...

169 B
707 B

209ms
134ms

Script
application/x-javascript

78.128.6.34
TELEPOINT

General

Check archive.org

Show headers Download Go to

Full URL: https://gabg.hit.gemius.pl/__/_1730301405935/rexdot.js?l=100&sendf=24&id=ctiaBobs4_uHyfFUwGseIacVzZaIb1sjsS6.Xxb1TUv.F7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&tz=-60&fv=-&href=https%3A%2F%2Fit.dir.bg%2Fweb%2Frusiya-globi-google-s-2-5-detsiliona-dolara-tova-sa-usd2-500-000-000-000-000-000-000-000-000-000-000&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=O7SKAD5MSVouO_ZWg8ApIpq4nZlv8DlF8H28RkWrkrX.97LXvPLz4yCFuI7CbND8kM73875daXdOlBo9ZX0.bU8ZZ00h/Xfh_LNh8T3Uue/&fpdata=rNZnn4IKOBGDyEGc6eB4FqVhigRQ_fLac6Xxi6mENlb.r7%7C1730301404%7C2&ltime=1265&fr=1&ref=&inner=_ver%3D355%7C_ch_mobile%3D0%7C_ch_wow64%3D0%7C_ch_brands%3D&exid=67224ddc254f8f96&brts=1730301405&fpcap=
Requested by: Host: it.dir.bg
URL: https://it.dir.bg/web/rusiya-globi-google-s-2-5-detsiliona-dolara-tova-sa-usd2-500-000-000-000-000-000-000-000-000-000-000
Protocol: H2
Server: 78.128.6.34 , Bulgaria, ASN31083 (TELEPOINT, BG),
Reverse DNS: ip-6-34.telehouse.bg
Software: GHC /
Resource Hash: 7845caed98658fb3ae49a1e2990a9034175fcc6fe0299e149a8b6e87a87d8ff2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://it.dir.bg/

Response headers

cache-control: no-store, no-cache, must-revalidate, max-age=0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor
cross-origin-resource-policy: cross-origin
expires: Tue, 29 Oct 2024 15:16:46 GMT
accept-ranges: none
p3p: CP="NOI DSP COR NID PSAo OUR IND"
content-length: 169
date: Wed, 30 Oct 2024 15:16:46 GMT
content-type: application/x-javascript
server: GHC

Redirect headers

cache-control: no-store, no-cache, must-revalidate, max-age=0
location: /__/_1730301405935/rexdot.js?l=100&sendf=24&id=ctiaBobs4_uHyfFUwGseIacVzZaIb1sjsS6.Xxb1TUv.F7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&tz=-60&fv=-&href=https%3A%2F%2Fit.dir.bg%2Fweb%2Frusiya-globi-google-s-2-5-detsiliona-dolara-tova-sa-usd2-500-000-000-000-000-000-000-000-000-000-000&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=O7SKAD5MSVouO_ZWg8ApIpq4nZlv8DlF8H28RkWrkrX.97LXvPLz4yCFuI7CbND8kM73875daXdOlBo9ZX0.bU8ZZ00h/Xfh_LNh8T3Uue/&fpdata=rNZnn4IKOBGDyEGc6eB4FqVhigRQ_fLac6Xxi6mENlb.r7%7C1730301404%7C2&ltime=1265&fr=1&ref=&inner=_ver%3D355%7C_ch_mobile%3D0%7C_ch_wow64%3D0%7C_ch_brands%3D&exid=67224ddc254f8f96&brts=1730301405&fpcap=
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor
cross-origin-resource-policy: cross-origin
expires: Tue, 29 Oct 2024 15:16:45 GMT
accept-ranges: none
p3p: CP="NOI DSP COR NID PSAo OUR IND"
content-length: 0
date: Wed, 30 Oct 2024 15:16:45 GMT
server: GHC

GET
H2 200 iframe_api Show response
www.youtube.com/ 993 B
2 KB 724ms
88ms Script
text/javascript 172.217.16.206
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: bg.search.etargetnet.com
URL: https://bg.search.etargetnet.com/generic/uni.php?g=ref:80582

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.206 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f206.1e100.net

Software

ESF /

Resource Hash

62537c22a68afd8f5a3c2cc01c47f17aa579f4e8c89236870450209a7b316ad9

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://it.dir.bg/

Response headers

content-encoding: br
origin-trial: AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
x-content-type-options: nosniff
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
expires: Wed, 30 Oct 2024 15:16:46 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=it for more info."
date: Wed, 30 Oct 2024 15:16:46 GMT
content-type: text/javascript; charset=utf-8
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
content-security-policy: require-trusted-types-for 'script'
cache-control: private, max-age=0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
x-xss-protection: 0
server: ESF

GET
H2 200 eplayaV5.32.js Show response
etargetcdn.com/embed/ 56 KB
15 KB 730ms
95ms Script
application/javascript 172.67.73.79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://etargetcdn.com/embed/eplayaV5.32.js
Requested by: Host: bg.search.etargetnet.com
URL: https://bg.search.etargetnet.com/generic/uni.php?g=ref:80582
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.73.79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 13be9007734de4893f91088187df172f6457850de7e7c7f13d6f9d1a028b07de

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://it.dir.bg/

Response headers

access-control-expose-headers: Content-Length,Content-Range
content-encoding: br
cf-bgj: minify
etag: W/"659c08e3-1388e"
age: 58867
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FyaF2UykyCY1dYpElA0dtUMhr%2BKAdY5SPNz%2Bn4ArtsRtxBlHeRvXUlUmIEEECK8EvF5Kt9FU%2FufhOkDr3113pgICF4qfyh13e9xDpi1Ackzn0Y%2Fq6uY6qzveUHmN%2BS0l"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET, POST, OPTIONS
expires: Wed, 30 Oct 2024 22:55:40 GMT
cf-polished: origSize=80014
date: Wed, 30 Oct 2024 15:16:46 GMT
content-type: application/javascript
last-modified: Mon, 08 Jan 2024 14:38:27 GMT
vary: Accept-Encoding, Origin
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
cache-control: max-age=86400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: cache
cf-ray: 8dac5e4f2dcd0f82-MXP
access-control-allow-origin: *
server: cloudflare

GET
H2 200 a_cntg.png
cdn.onnetwork.tv/cnt/ 126 B
331 B 49ms
49ms Image
image/png 188.165.21.156
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.onnetwork.tv/cnt/a_cntg.png?ts=1730301405951&d=7056&wsc=00&typ=embed&mobile=0&c=47
Requested by: Host: it.dir.bg
URL: https://it.dir.bg/web/rusiya-globi-google-s-2-5-detsiliona-dolara-tova-sa-usd2-500-000-000-000-000-000-000-000-000-000-000
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 188.165.21.156 , France, ASN16276 (OVH, FR),
Reverse DNS: vh11b.eris-w13.of.pl
Software: XO.webservantpro /
Resource Hash: a607b3c3e0d09d7f339e0035f16f99bf93637dee0eb27b2b9c447701fefa2ace

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://it.dir.bg/

Response headers

cache-control: no-cache
access-control-allow-methods: GET, POST, OPTIONS
accept-ranges: bytes
access-control-allow-origin: *
content-length: 126
date: Wed, 30 Oct 2024 15:16:46 GMT
content-type: image/png
last-modified: Wednesday, 30-Oct-2024 15:16:46 GMT
server: XO.webservantpro

GET
H2 200 a_cntg.png
cdn.onnetwork.tv/cnt/ 126 B
331 B 72ms
50ms Image
image/png 188.165.21.156
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.onnetwork.tv/cnt/a_cntg.png?ts=1730301406010&d=7056&wsc=00&typ=embed&mobile=0&c=40
Requested by: Host: it.dir.bg
URL: https://it.dir.bg/web/rusiya-globi-google-s-2-5-detsiliona-dolara-tova-sa-usd2-500-000-000-000-000-000-000-000-000-000-000
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 188.165.21.156 , France, ASN16276 (OVH, FR),
Reverse DNS: vh11b.eris-w13.of.pl
Software: XO.webservantpro /
Resource Hash: a607b3c3e0d09d7f339e0035f16f99bf93637dee0eb27b2b9c447701fefa2ace

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://it.dir.bg/

Response headers

cache-control: no-cache
access-control-allow-methods: GET, POST, OPTIONS
accept-ranges: bytes
access-control-allow-origin: *
content-length: 126
date: Wed, 30 Oct 2024 15:16:46 GMT
content-type: image/png
last-modified: Wednesday, 30-Oct-2024 15:16:46 GMT
server: XO.webservantpro

GET
H2 200 loader.js Show response
cdn.taboola.com/libtrc/itdirbggr-f16324177/ 1 MB
264 KB 361ms
133ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/itdirbggr-f16324177/loader.js
Requested by: Host: palibzh.tech
URL: https://palibzh.tech/libs/projectagora.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 60c0d15fc1b264271df7312a5b967236f7b059dc861f1f855630e6c3133014d4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://it.dir.bg/

Response headers

content-encoding: gzip
etag: "2a1c03da90901500e38765e4ee8751de"
x-amz-version-id: nU1ycw5fLQVLN2CDqKQU3cs_4emcrUED
age: 25490
x-cache: HIT
date: Wed, 30 Oct 2024 15:16:46 GMT
last-modified: Wed, 30 Oct 2024 08:01:40 GMT
x-served-by: cache-mxp6936-MXP
x-cache-hits: 0
content-type: application/javascript; charset=utf-8
x-amz-id-2: WK1HrGACMSaOeWNG23IQEgw/wCMeO8ztp+BwwQy6NzlXz8nGLZnX0xitGketMk4q6XlsBcpPEtY=
vary: Accept-Encoding
x-amz-replication-status: FAILED
cache-control: private,max-age=14401
x-timer: S1730301406.441795,VS0,VE1
via: 1.1 varnish
x-amz-request-id: EQKEFMAGRQ5CQEG8
accept-ranges: bytes
access-control-allow-origin: *
abp: 86
content-length: 269448
server: AmazonS3
x-amz-server-side-encryption: AES256

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
417 B 80ms
79ms XHR
text/plain 142.250.186.142
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1838144635&t=pageview&_s=1&dl=https%3A%2F%2Fit.dir.bg%2Fweb%2Frusiya-globi-google-s-2-5-detsiliona-dolara-tova-sa-usd2-500-000-000-000-000-000-000-000-000-000-000&ul=it-it&de=UTF-8&dt=%D0%A0%D1%83%D1%81%D0%B8%D1%8F%20%D0%B3%D0%BB%D0%BE%D0%B1%D0%B8%20Google%20%D1%81%202%2C5%20%D0%B4%D0%B5%D1%86%D0%B8%D0%BB%D0%B8%D0%BE%D0%BD%D0%B0%20%D0%B4%D0%BE%D0%BB%D0%B0%D1%80%D0%B0.%20%D0%A2%D0%BE%D0%B2%D0%B0%20%D1%81%D0%B0%20%242%20500%20000%20000%20000%20000%20000%20000%20000%20000%20000%20000%20%7C%20it.dir.bg&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAAABAAAAACAAI~&jid=33687115&gjid=1356545918&cid=1863221803.1730301405&tid=UA-436010-11&_gid=1140941664.1730301406&_r=1&_slc=1&gtm=45He4as0n81W2KMKLGv810347154za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101533422~101823848~101878899~101878944~101925629&z=76669922

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.142 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://it.dir.bg/

Response headers

report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:175:0"}],}
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 30 Oct 2024 15:16:46 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
content-type: text/plain
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:175:0
access-control-allow-origin: https://it.dir.bg
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 3
server: Golfe2

POST
H2 200 collect Show response
www.google-analytics.com/j/ 15 B
86 B 76ms
75ms XHR
text/plain 142.250.186.142
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1838144635&t=pageview&_s=1&dl=https%3A%2F%2Fit.dir.bg%2Fweb%2Frusiya-globi-google-s-2-5-detsiliona-dolara-tova-sa-usd2-500-000-000-000-000-000-000-000-000-000-000&ul=it-it&de=UTF-8&dt=%D0%A0%D1%83%D1%81%D0%B8%D1%8F%20%D0%B3%D0%BB%D0%BE%D0%B1%D0%B8%20Google%20%D1%81%202%2C5%20%D0%B4%D0%B5%D1%86%D0%B8%D0%BB%D0%B8%D0%BE%D0%BD%D0%B0%20%D0%B4%D0%BE%D0%BB%D0%B0%D1%80%D0%B0.%20%D0%A2%D0%BE%D0%B2%D0%B0%20%D1%81%D0%B0%20%242%20500%20000%20000%20000%20000%20000%20000%20000%20000%20000%20000%20%7C%20it.dir.bg&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAAABAAAAACAAI~&jid=1664793613&gjid=360673372&cid=1863221803.1730301405&tid=UA-436010-32&_gid=1140941664.1730301406&_r=1&_slc=1&gtm=45He4as0n81W2KMKLGv810347154za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101533422~101823848~101878899~101878944~101925629&z=1157020839

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.142 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

ffb1f5425f371e9637f9624cf12df4fb6af972e901bb8cb3fb25e291b1b8cf93

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://it.dir.bg/

Response headers

report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:175:0"}],}
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 30 Oct 2024 15:16:46 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
content-type: text/plain
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:175:0
access-control-allow-origin: https://it.dir.bg
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 15
server: Golfe2

GET
H2 200 691519781247680 Show response
connect.facebook.net/signals/config/ 76 KB
15 KB 67ms
65ms Script
application/x-javascript 157.240.0.6
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/691519781247680?v=2.9.174&r=stable&domain=it.dir.bg&hme=ead923021ccd3483ef3b9b04703d0a78b943fbdc01e8d7cec21c5059f1f4a5e9&ex_m=70%2C121%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C172%2C175%2C187%2C183%2C184%2C186%2C29%2C101%2C53%2C77%2C185%2C167%2C170%2C180%2C181%2C188%2C131%2C41%2C189%2C190%2C34%2C143%2C15%2C50%2C194%2C193%2C133%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C168%2C171%2C140%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-fra3.fbcdn.net

Software

Resource Hash

cd4669ffc288f7dab848ac5dc7970336917530b49d415914bb8876b5e9dfaea1

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src 'nonce-cogE0WDQ' .fbcdn.net .facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://it.dir.bg/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Wed, 30 Oct 2024 15:16:46 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-cogE0WDQ' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=20, rtx=0, c=63, mss=1288, tbw=65320, tp=-1, tpl=-1, uplat=1, ullat=-1
pragma: public
x-fb-debug: L1A3kmSoti5vLBXIFzm7R0ooXcpeNE1z2UdIe67nC+cRjZz4qsEp3VU3DYXutfp/A3Y5Bd+drOeT9RAEl/VYFA==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
content-length: 15056
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H2 200 OneSignalPageSDKES6.js Show response
cdn.onesignal.com/sdks/ 284 KB
68 KB 170ms
110ms Script
application/javascript 104.16.160.145
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151606

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.160.145 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

785d3e9ea187b7242e1a4365a48c3fd95dd7a469245d24c6769b8d46c4ef4b81

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://it.dir.bg/

Response headers

strict-transport-security: max-age=15552000; includeSubDomains
cache-control: public, max-age=259200
content-encoding: br
cf-cache-status: HIT
etag: W/"7e91359b46e1da637080a03b759164fa"
age: 31
via: 1.1 google
cf-ray: 8dac5e4dae1abb0b-MXP
expires: Sat, 02 Nov 2024 15:16:46 GMT
alt-svc: h3=":443"; ma=86400
date: Wed, 30 Oct 2024 15:16:46 GMT
content-type: application/javascript
vary: Accept-Encoding
server: cloudflare
access-control-allow-headers: OneSignal-Subscription-Id

GET
H2 200 clarity.js Show response
www.clarity.ms/s/0.7.49/ 64 KB
27 KB 170ms
125ms Script
application/javascript 13.107.253.45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/s/0.7.49/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/ntvk3i0dci?ref=gtm
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 13.107.253.45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 09fa04e84d7038cc32f19bedcba454b9e637a35f4de496e8ec9148c47550f0fc

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://it.dir.bg/

Response headers

x-azure-ref: 20241030T151646Z-er1fbb6595fxl96rtye5wpz2g800000006sg000000006fwa
cache-control: public, max-age=86400
x-ms-version: 2018-03-28
content-encoding: br
etag: W/"0x8DCF3CA14C9A428"
x-fd-int-roxy-purgeid: 51562430
x-ms-request-id: 3092fbed-601e-0050-0551-26ec8b000000
access-control-allow-origin: *
x-cache: TCP_HIT
date: Wed, 30 Oct 2024 15:16:46 GMT
content-type: application/javascript;charset=utf-8
vary: Accept-Encoding
last-modified: Thu, 24 Oct 2024 01:20:43 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 286 KB
100 KB 120ms
77ms Script
application/javascript 142.250.184.232
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-74752H7V8Z&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.232 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

76fdd26bde513ce5d0f0608f6a61a2e83cf7be2072306fc38737a32fbe733e61

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://it.dir.bg/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Wed, 30 Oct 2024 15:16:46 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 30 Oct 2024 15:16:46 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 102293
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 /
www.facebook.com/tr/ 0
274 B 900ms
72ms Image
text/plain 157.240.252.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?batch=1&events[0]=id%3D691519781247680%26ev%3DPageView%26dl%3Dhttps%253A%252F%252Fit.dir.bg%252Fweb%252Frusiya-globi-google-s-2-5-detsiliona-dolara-tova-sa-usd2-500-000-000-000-000-000-000-000-000-000-000%26rl%3D%26if%3Dfalse%26ts%3D1730301406512%26sw%3D1600%26sh%3D1200%26v%3D2.9.174%26r%3Dstable%26ec%3D0%26o%3D12318%26fbp%3Dfb.1.1730301406486.38347366838220096%26cs_est%3Dtrue%26ler%3Dempty%26cdl%3DAPI_unavailable%26it%3D1730301406266%26coo%3Dfalse%26exp%3Df1&rqm=GET

Requested by

Host: it.dir.bg
URL: https://it.dir.bg/web/rusiya-globi-google-s-2-5-detsiliona-dolara-tova-sa-usd2-500-000-000-000-000-000-000-000-000-000-000

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.252.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-fra3.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://it.dir.bg/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=29, rtx=0, c=10, mss=1288, tbw=2926, tp=-1, tpl=-1, uplat=0, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Wed, 30 Oct 2024 15:16:47 GMT
content-type: text/plain
server: proxygen-bolt

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
3 KB 1082ms
255ms Image
image/png 157.240.252.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=691519781247680&ev=PageView&dl=https%3A%2F%2Fit.dir.bg%2Fweb%2Frusiya-globi-google-s-2-5-detsiliona-dolara-tova-sa-usd2-500-000-000-000-000-000-000-000-000-000-000&rl=&if=false&ts=1730301406512&sw=1600&sh=1200&v=2.9.174&r=stable&ec=0&o=12318&fbp=fb.1.1730301406486.38347366838220096&cs_est=true&ler=empty&cdl=API_unavailable&it=1730301406266&coo=false&exp=f1&rqm=FGET

Requested by

Host: it.dir.bg
URL: https://it.dir.bg/web/rusiya-globi-google-s-2-5-detsiliona-dolara-tova-sa-usd2-500-000-000-000-000-000-000-000-000-000-000

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.252.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-fra3.facebook.com

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://it.dir.bg/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7431587955302647849"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Wed, 30 Oct 2024 15:16:47 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: a40H0RhnArtEV0BTpvRrEHtSwOgdxdERW2YlDNM73zHyVGv6ypMCVAtbrCtwxJP2sPbd/HMHnS5xEiqYDL4wIQ==
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7431587955302647849", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=32, rtx=0, c=10, mss=1288, tbw=3244, tp=-1, tpl=-1, uplat=184, ullat=0
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?0

GET
H2 200 AGSKWxVIC4je1NEdImBFDfaYH_qtYgQjFuZ0osThUIPn4yqRDcu4McscdV3GaMIjZ0FHd-64_Bem58k92ODH_IJ9OmlrRKqPqyZvy16U3_Vb59VXUEjrobI7UGskTMe2N1EUQZ7er8_t6Q== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 154ms
138ms Script
application/javascript 142.250.186.142
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxVIC4je1NEdImBFDfaYH_qtYgQjFuZ0osThUIPn4yqRDcu4McscdV3GaMIjZ0FHd-64_Bem58k92ODH_IJ9OmlrRKqPqyZvy16U3_Vb59VXUEjrobI7UGskTMe2N1EUQZ7er8_t6Q==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzMwMzAxNDA3LDc3MDAwMDAwXSxudWxsLG51bGwsbnVsbCxbbnVsbCxbN11dLCJodHRwczovL2l0LmRpci5iZy93ZWIvcnVzaXlhLWdsb2JpLWdvb2dsZS1zLTItNS1kZXRzaWxpb25hLWRvbGFyYS10b3ZhLXNhLXVzZDItNTAwLTAwMC0wMDAtMDAwLTAwMC0wMDAtMDAwLTAwMC0wMDAtMDAwLTAwMCIsbnVsbCxbWzgsImp3WW4wQWhKYnVjIl0sWzksIml0Il0sWzE5LCIyIl0sWzE3LCJbMF0iXV1d

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.it.jwYn0AhJbuc.es5.O/am=DgY/d=1/rs=AJlcJMzahr52guhcRIuttP5sNckzECei4A/m=kernel_loader,loader_js_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.142 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f14.1e100.net

Software

ESF /

Resource Hash

594b7ba2d6b9573b8cef9246ce03b69effadd5fbc7f7bcfe34f3003c760be201

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-oVIe1FGB2EG83gplfdmpow' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://it.dir.bg/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 30 Oct 2024 15:16:47 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjytDikmJw15BikPj6kkkLiJ3SZ7CGAHHrzXOs04E46d951hIgdte6yOoPxIYKl1idgdix6BKrJxCr9lxiNQfi--susT4H4iKJK6wtQHy76QrrYyBm-HqFlQOIhbg57s_u3MkmsGHGjggljaT8wvjk_LySosyk0pL8orTktNTi1KKy1KJ4IwMjE0MDIws9A8P4AgMAPBw_bg"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-oVIe1FGB2EG83gplfdmpow' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin: *
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

GET
H2 200 topics_frame.html
securepubads.g.doubleclick.net/static/topics/ Frame CD0B 0
0 650ms
84ms Document
text/html 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/static/topics/topics_frame.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202410280101/pubads_impl.js?cb=31088558

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://it.dir.bg/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 1481
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3000, stale-while-revalidate=3600
content-encoding: br
content-length: 29488
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 30 Oct 2024 14:52:06 GMT
expires: Wed, 30 Oct 2024 15:42:06 GMT
last-modified: Mon, 28 Oct 2024 19:44:21 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 963 B
1009 B 158ms
121ms Fetch
text/plain 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1030738129488711&correlator=4218224208686768&eid=31088371%2C31088535%2C31088558&output=ldjh&gdfp_req=1&vrg=202410280101&ptt=17&impl=fif&gdpr=0&iu_parts=118570770%2CIt_Desktop%2CIt_Rich_Media_Desktop&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=1&didk=426732768&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1730301407438&lmt=1730301407&adxs=800&adys=0&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fit.dir.bg%2Fweb%2Frusiya-globi-google-s-2-5-detsiliona-dolara-tova-sa-usd2-500-000-000-000-000-000-000-000-000-000-000&vis=1&psz=1600x6100&msz=1600x0&fws=0&ohw=0&td=1&egid=26267&tan=f5ac8c10-200d-46f3-aef7-10383827089e&tdf=2&topics=9&tps=9&htps=10&nt=1&psd=WzE1LFtdLG51bGwsM10.&dlt=1730301401683&idt=3536&prev_scp=Device%3Ddesktop&cust_params=siteName%3Dit%26url%3Dhttps%253A%252F%252Fit.dir.bg%252Fweb%252Frusiya-globi-google-s-2-5-detsiliona-dolara-tova-sa-usd2-500-000-000-000-000-000-000-000-000-000-000%26device%3Ddesktop%26articleid%3D40540616%26page%3Darticle%26catid%3D108%26otherSectionIds%3D%26Cities%3D%26topicIds%3D%26isGallery%3D0%26themeId%3D0%26themeIds%3D%26Adult%3Dno%26URBNsection%3D0&adks=1322125264&frm=20&eoidce=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202410280101/pubads_impl.js?cb=31088558

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

ed13419b010c8657dd97ff2bdd59b1a74653ed9d47c0debfdce58c8e3a7a6114

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://it.dir.bg/

Response headers

content-encoding: br
google-lineitem-id: -2
x-content-type-options: nosniff
google-mediationtag-id: -2
google-mediationgroup-id: -2
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Wed, 30 Oct 2024 15:16:47 GMT
content-type: text/plain; charset=UTF-8
google-creative-id: -2
cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin: https://it.dir.bg
content-length: 514
x-xss-protection: 0
server: cafe

GET
H2 200 container.html
dcd4f76b77ad35947ee38d0cd584be32.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame F45D 0
0 627ms
116ms Document
text/html 142.250.185.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://dcd4f76b77ad35947ee38d0cd584be32.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202410280101/pubads_impl.js?cb=31088558

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f1.1e100.net

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://it.dir.bg/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 30 Oct 2024 15:16:48 GMT
expires: Wed, 30 Oct 2024 15:16:48 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 www-widgetapi.js Show response
www.youtube.com/s/player/76c7a082/www-widgetapi.vflset/ 30 KB
10 KB 82ms
57ms Script
text/javascript 172.217.16.206
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/76c7a082/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.206 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f206.1e100.net

Software

sffe /

Resource Hash

635b2814dbecb78302d05c529bf175ef815ef51e7c344769247896504843b731

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://it.dir.bg/

Response headers

content-encoding: br
age: 3994
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
x-content-type-options: nosniff
expires: Thu, 30 Oct 2025 14:10:13 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 30 Oct 2024 14:10:13 GMT
last-modified: Mon, 28 Oct 2024 04:23:48 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
content-length: 10143
x-xss-protection: 0
server: sffe

GET
H2 200 web Show response
onesignal.com/api/v1/sync/11dc07cd-8a97-48ca-ae9a-3a5d26b71293/ 7 KB
2 KB 598ms
127ms Script
text/javascript 104.16.160.145
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onesignal.com/api/v1/sync/11dc07cd-8a97-48ca-ae9a-3a5d26b71293/web?callback=__jp0

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151606

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.160.145 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

612f5671b497785b099aa6c3b4d99f3e42ab3914f9d2a3a59d3b75825442c009

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://it.dir.bg/

Response headers

x-request-id: c2fad1a5-f342-423e-8607-05c12f7f0ee4
content-encoding: br
cf-cache-status: HIT
etag: W/"612f5671b497785b099aa6c3b4d99f3e"
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
expires: Wed, 30 Oct 2024 16:16:48 GMT
alt-svc: h3=":443"; ma=86400
date: Wed, 30 Oct 2024 15:16:48 GMT
content-type: text/javascript; charset=utf-8
vary: Origin, Accept-Encoding
x-runtime: 0.038398
access-control-allow-headers: SDK-Version
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains
cache-control: public, max-age=3600
referrer-policy: strict-origin-when-cross-origin
x-download-options: noopen
via: 1.1 google
cf-ray: 8dac5e58b9f84bf5-MXP
access-control-allow-origin: *
x-xss-protection: 1; mode=block
server: cloudflare

POST
H/1.1 204
No Content collect Show response
i.clarity.ms/ 0
273 B 701ms
138ms XHR
text/plain 4.153.72.49
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://i.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.49/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 4.153.72.49 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: application/x-clarity-gzip
Referer: https://it.dir.bg/

Response headers

Request-Context: appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d
Access-Control-Allow-Origin: https://it.dir.bg
Date: Wed, 30 Oct 2024 15:16:48 GMT
Vary: Origin
Server: nginx
Connection: keep-alive
Access-Control-Allow-Credentials: true

GET
H2 200 frame86.php Show response
video.onnetwork.tv/ 45 KB
11 KB 138ms
128ms Fetch
text/html 141.95.49.8
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://video.onnetwork.tv/frame86.php?id=ffONNPaa0307bf7bab45a7b5a00c5a6ec7acab17303014059521&iid=88245371561721&e=1&widget=815&lang=21&onnsfonn=1&mid=NTc3NjQ1LDE2eDksMywwLDE3NzMsNzA1NiwxLDAsMiwwLDAsMCwyLDAsNCwxLDAsMCwxLDAsMCwwLDAsMCwwLDMsMSwtMTstMTsyMDsyMDtCUjsyMDsyMDsyMDs1NiwwLDYwLDAsMCwwLDA7MDswOzA7MDswOzAsMA%3D%3D&wtop=https%253A%252F%252Fit.dir.bg%252Fweb%252Frusiya-globi-google-s-2-5-detsiliona-dolara-tova-sa-usd2-500-000-000-000-000-000-000-000-000-000-000&apop=0&vpop=0&apopa=0&vpopa=0&cId=pid88245371561721&rrpt=%7B%22siteName%22%3A%5B%22it%22%5D%2C%22url%22%3A%5B%22https%3A%2F%2Fit.dir.bg%2Fweb%2Frusiya-globi-google-s-2-5-detsiliona-dolara-tova-sa-usd2-500-000-000-000-000-000-000-000-000-000-000%22%5D%2C%22device%22%3A%5B%22desktop%22%5D%2C%22articleid%22%3A%5B%2240540616%22%5D%2C%22page%22%3A%5B%22article%22%5D%2C%22catid%22%3A%5B%22108%22%5D%2C%22otherSectionIds%22%3A%5B%5D%2C%22Cities%22%3A%5B%5D%2C%22topicIds%22%3A%5B%5D%2C%22isGallery%22%3A%5B%220%22%5D%2C%22themeId%22%3A%5B%220%22%5D%2C%22themeIds%22%3A%5B%5D%2C%22Adult%22%3A%5B%22no%22%5D%2C%22URBNsection%22%3A%5B%220%22%5D%2C%22CxSegments%22%3Anull%7D

Requested by

Host: cdn.onnetwork.tv
URL: https://cdn.onnetwork.tv/js/player90/embed.min.js?s=1730124084

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

141.95.49.8 , France, ASN16276 (OVH, FR),

Reverse DNS

vh11.eris-m.of.pl

Software

XO.webservant /

Resource Hash

e594de944b401a1541582548f83ce8790d4a5628a7dcac9094f8a4b056ecfc63

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://it.dir.bg/

Response headers

server: XO.webservant
strict-transport-security: max-age=31536000
cache-control: no-store, no-cache, must-revalidate, post-check=1, pre-check=1
content-encoding: gzip
pragma: no-cache
access-control-allow-credentials: true
expires: Wed, 30 Oct 2024 15:16:48 GMT
access-control-allow-origin: https://it.dir.bg
p3p: CP="ALL CAO DSP COR IVD IVA PSD PSA TEL TAI CUS ADM CUR CON SAM OUR IND"
date: Wed, 30 Oct 2024 15:16:47 GMT
last-modified: Wed, 30 Oct 2024 15:16:47 GMT
feature-policy: fullscreen *; autoplay;
vary: Accept-Encoding
content-type: text/html; charset=utf-8

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 98 KB
46 KB 518ms
512ms Fetch
text/plain 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1030738129488711&correlator=4218224208686768&eid=31088371%2C31088535%2C31088558&output=ldjh&gdfp_req=1&vrg=202410280101&ptt=17&impl=fif&gdpr=0&iu_parts=118570770%2CIT_Desktop%2CIT_Sidebar_1_Desktop&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=336x280%7C250x250%7C240x400%7C300x600%7C300x250%7C300x800%7C320x480%7C120x600&ifi=2&didk=605302878&sfv=1-0-40&sc=1&lrm=0&cookie_enabled=1&abxe=1&dt=1730301407801&lmt=1730301407&adxs=1163&adys=417&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fit.dir.bg%2Fweb%2Frusiya-globi-google-s-2-5-detsiliona-dolara-tova-sa-usd2-500-000-000-000-000-000-000-000-000-000-000&vis=1&psz=300x0&msz=300x0&fws=0&ohw=0&td=1&egid=26267&tan=f5ac8c10-200d-46f3-aef7-1038382708a5&tdf=2&topics=9&tps=9&htps=10&nt=1&psd=WzE1LFtdLG51bGwsM10.&dlt=1730301401683&idt=3536&prev_scp=Device%3Ddesktop&cust_params=siteName%3Dit%26url%3Dhttps%253A%252F%252Fit.dir.bg%252Fweb%252Frusiya-globi-google-s-2-5-detsiliona-dolara-tova-sa-usd2-500-000-000-000-000-000-000-000-000-000-000%26device%3Ddesktop%26articleid%3D40540616%26page%3Darticle%26catid%3D108%26otherSectionIds%3D%26Cities%3D%26topicIds%3D%26isGallery%3D0%26themeId%3D0%26themeIds%3D%26Adult%3Dno%26URBNsection%3D0&adks=3459460001&frm=20&eoidce=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202410280101/pubads_impl.js?cb=31088558

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

c2a025d30e2117e1751c68b261151e00f7fde103a650827c1d2ad4aa86a62008

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://it.dir.bg/

Response headers

content-encoding: br
google-lineitem-id: -1
observe-browsing-topics: ?1
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Wed, 30 Oct 2024 15:16:48 GMT
content-type: text/plain; charset=UTF-8
google-creative-id: -1
cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin: https://it.dir.bg
content-length: 46618
x-xss-protection: 0
server: cafe

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 66 KB
16 KB 740ms
738ms Fetch
text/plain 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1030738129488711&correlator=4218224208686768&eid=31088371%2C31088535%2C31088558&output=ldjh&gdfp_req=1&vrg=202410280101&ptt=17&impl=fif&gdpr=0&iu_parts=118570770%2CIT_Desktop%2CIT_In_Article_1_Desktop&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50%7C580x400%7C640x360&fluid=height&ifi=3&didk=4252077430&sfv=1-0-40&sc=1&lrm=0&cookie_enabled=1&abxe=1&dt=1730301407856&lmt=1730301407&adxs=227&adys=1367&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fit.dir.bg%2Fweb%2Frusiya-globi-google-s-2-5-detsiliona-dolara-tova-sa-usd2-500-000-000-000-000-000-000-000-000-000-000&vis=1&psz=829x0&msz=829x0&fws=0&ohw=0&td=1&egid=26267&tan=f5ac8c10-200d-46f3-aef7-1038382708a0&tdf=2&topics=9&tps=9&htps=10&nt=1&psd=WzE1LFtdLG51bGwsM10.&dlt=1730301401683&idt=3536&prev_scp=Device%3Ddesktop&cust_params=siteName%3Dit%26url%3Dhttps%253A%252F%252Fit.dir.bg%252Fweb%252Frusiya-globi-google-s-2-5-detsiliona-dolara-tova-sa-usd2-500-000-000-000-000-000-000-000-000-000-000%26device%3Ddesktop%26articleid%3D40540616%26page%3Darticle%26catid%3D108%26otherSectionIds%3D%26Cities%3D%26topicIds%3D%26isGallery%3D0%26themeId%3D0%26themeIds%3D%26Adult%3Dno%26URBNsection%3D0&adks=2541777374&frm=20&eoidce=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202410280101/pubads_impl.js?cb=31088558

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

99c1f5e177c86e97f413f7fa3e49cedcd293a91f29e310193084d66958b75fa8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://it.dir.bg/

Response headers

access-control-expose-headers: x-google-amp-ad-validated-version
content-encoding: br
google-lineitem-id: -1
observe-browsing-topics: ?1
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Wed, 30 Oct 2024 15:16:48 GMT
content-type: text/plain; charset=UTF-8
google-creative-id: -1
cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin: https://it.dir.bg
content-length: 16268
x-xss-protection: 0
server: cafe

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 67 KB
16 KB 1062ms
1058ms Fetch
text/plain 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1030738129488711&correlator=4218224208686768&eid=31088371%2C31088535%2C31088558&output=ldjh&gdfp_req=1&vrg=202410280101&ptt=17&impl=fif&gdpr=0&iu_parts=118570770%2CIT_Desktop%2CIT_In_Article_2_Desktop&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50%7C580x400&fluid=height&ifi=4&didk=1752176013&sfv=1-0-40&sc=1&lrm=0&cookie_enabled=1&abxe=1&dt=1730301407884&lmt=1730301407&adxs=227&adys=1829&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=2&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fit.dir.bg%2Fweb%2Frusiya-globi-google-s-2-5-detsiliona-dolara-tova-sa-usd2-500-000-000-000-000-000-000-000-000-000-000&vis=1&psz=829x0&msz=829x0&fws=0&ohw=0&td=1&egid=26267&tan=f5ac8c10-200d-46f3-aef7-1038382708a1&tdf=2&topics=9&tps=9&htps=10&nt=1&psd=WzE1LFtdLG51bGwsM10.&dlt=1730301401683&idt=3536&prev_scp=Device%3Ddesktop&cust_params=siteName%3Dit%26url%3Dhttps%253A%252F%252Fit.dir.bg%252Fweb%252Frusiya-globi-google-s-2-5-detsiliona-dolara-tova-sa-usd2-500-000-000-000-000-000-000-000-000-000-000%26device%3Ddesktop%26articleid%3D40540616%26page%3Darticle%26catid%3D108%26otherSectionIds%3D%26Cities%3D%26topicIds%3D%26isGallery%3D0%26themeId%3D0%26themeIds%3D%26Adult%3Dno%26URBNsection%3D0&adks=503157206&frm=20&eoidce=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202410280101/pubads_impl.js?cb=31088558

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

ea73c732d420c5e904169ab4571f2a2dfd96fd64dbcab7d0223180eff02ca569

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://it.dir.bg/

Response headers

access-control-expose-headers: x-google-amp-ad-validated-version
content-encoding: br
google-lineitem-id: -1
observe-browsing-topics: ?1
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Wed, 30 Oct 2024 15:16:48 GMT
content-type: text/plain; charset=UTF-8
google-creative-id: -1
cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin: https://it.dir.bg
content-length: 16307
x-xss-protection: 0
server: cafe

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 98 KB
45 KB 1348ms
1346ms Fetch
text/plain 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1030738129488711&correlator=4218224208686768&eid=31088371%2C31088535%2C31088558&output=ldjh&gdfp_req=1&vrg=202410280101&ptt=17&impl=fif&gdpr=0&iu_parts=118570770%2CIT_Desktop%2CIT_Sidebar_2_Desktop&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x800%7C320x480%7C240x400%7C300x600%7C336x280%7C250x250%7C300x250&ifi=5&didk=2450309574&sfv=1-0-40&sc=1&lrm=0&cookie_enabled=1&abxe=1&dt=1730301407901&lmt=1730301407&adxs=1163&adys=1159&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fit.dir.bg%2Fweb%2Frusiya-globi-google-s-2-5-detsiliona-dolara-tova-sa-usd2-500-000-000-000-000-000-000-000-000-000-000&vis=1&psz=300x20&msz=300x20&fws=0&ohw=0&td=1&egid=26267&tan=f5ac8c10-200d-46f3-aef7-1038382708a6&tdf=2&topics=9&tps=9&htps=10&nt=1&psd=WzE1LFtdLG51bGwsM10.&dlt=1730301401683&idt=3536&prev_scp=Device%3Ddesktop&cust_params=siteName%3Dit%26url%3Dhttps%253A%252F%252Fit.dir.bg%252Fweb%252Frusiya-globi-google-s-2-5-detsiliona-dolara-tova-sa-usd2-500-000-000-000-000-000-000-000-000-000-000%26device%3Ddesktop%26articleid%3D40540616%26page%3Darticle%26catid%3D108%26otherSectionIds%3D%26Cities%3D%26topicIds%3D%26isGallery%3D0%26themeId%3D0%26themeIds%3D%26Adult%3Dno%26URBNsection%3D0&adks=2449035907&frm=20&eoidce=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202410280101/pubads_impl.js?cb=31088558

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

2f4786d2f252a031c191224845760d72646c0cbd42b7a049485735f80b6c11e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://it.dir.bg/

Response headers

content-encoding: br
google-lineitem-id: -1
observe-browsing-topics: ?1
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Wed, 30 Oct 2024 15:16:49 GMT
content-type: text/plain; charset=UTF-8
google-creative-id: -1
cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin: https://it.dir.bg
content-length: 46450
x-xss-protection: 0
server: cafe

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 98 KB
45 KB 1755ms
1755ms Fetch
text/plain 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1030738129488711&correlator=4218224208686768&eid=31088371%2C31088535%2C31088558&output=ldjh&gdfp_req=1&vrg=202410280101&ptt=17&impl=fif&gdpr=0&iu_parts=118570770%2CIT_Desktop%2CIT_Header_Desktop&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=980x120%7C960x90%7C1330x250%7C970x66%7C980x250%7C1300x90%7C980x200%7C970x90%7C728x90%7C980x100%7C590x90%7C1330x300%7C980x175%7C930x180%7C590x80%7C750x300%7C980x90%7C950x90%7C1330x150%7C750x100%7C970x250&ifi=6&didk=1013569360&sfv=1-0-40&sc=1&lrm=0&cookie_enabled=1&abxe=1&dt=1730301407938&lmt=1730301407&adxs=310&adys=95&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fit.dir.bg%2Fweb%2Frusiya-globi-google-s-2-5-detsiliona-dolara-tova-sa-usd2-500-000-000-000-000-000-000-000-000-000-000&vis=1&psz=1600x400&msz=1600x0&fws=0&ohw=0&td=1&egid=26267&tan=f5ac8c10-200d-46f3-aef7-10383827089f&tdf=2&topics=9&tps=9&htps=10&nt=1&psd=WzE1LFtdLG51bGwsM10.&dlt=1730301401683&idt=3536&prev_scp=Device%3Ddesktop&cust_params=siteName%3Dit%26url%3Dhttps%253A%252F%252Fit.dir.bg%252Fweb%252Frusiya-globi-google-s-2-5-detsiliona-dolara-tova-sa-usd2-500-000-000-000-000-000-000-000-000-000-000%26device%3Ddesktop%26articleid%3D40540616%26page%3Darticle%26catid%3D108%26otherSectionIds%3D%26Cities%3D%26topicIds%3D%26isGallery%3D0%26themeId%3D0%26themeIds%3D%26Adult%3Dno%26URBNsection%3D0&adks=376466474&frm=20&eoidce=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202410280101/pubads_impl.js?cb=31088558

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

a433bb9fee025a71010336e57c615461ed456d8f25f74e991512861059508ebf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://it.dir.bg/

Response headers

content-encoding: br
google-lineitem-id: -1
observe-browsing-topics: ?1
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Wed, 30 Oct 2024 15:16:49 GMT
content-type: text/plain; charset=UTF-8
google-creative-id: -1
cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin: https://it.dir.bg
content-length: 46316
x-xss-protection: 0
server: cafe

GET
H2 200 AGSKWxXCqO-PVNwqXIILHyJuQuGE6SuOlmtB_r3Lo2cHlOxarew07DdH0I6OoHS9lVnvNScKuTeKr4QRlxXQdKyLp1aVksAIGPW-m72ZRQAr-wSHnqf0kdlH9p9ItK3KGGp1FKhzaXH15g== Show response
fundingchoicesmessages.google.com/f/ 10 KB
5 KB 88ms
74ms Script
application/javascript 142.250.186.142
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXCqO-PVNwqXIILHyJuQuGE6SuOlmtB_r3Lo2cHlOxarew07DdH0I6OoHS9lVnvNScKuTeKr4QRlxXQdKyLp1aVksAIGPW-m72ZRQAr-wSHnqf0kdlH9p9ItK3KGGp1FKhzaXH15g==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzMwMzAxNDA4LDY4MDAwMDAwXSxudWxsLG51bGwsbnVsbCxbbnVsbCxbNyw5XSxudWxsLDIsbnVsbCwiYmciXSwiaHR0cHM6Ly9pdC5kaXIuYmcvd2ViL3J1c2l5YS1nbG9iaS1nb29nbGUtcy0yLTUtZGV0c2lsaW9uYS1kb2xhcmEtdG92YS1zYS11c2QyLTUwMC0wMDAtMDAwLTAwMC0wMDAtMDAwLTAwMC0wMDAtMDAwLTAwMC0wMDAiLG51bGwsW1s4LCJqd1luMEFoSmJ1YyJdLFs5LCJpdCJdLFsxOSwiMiJdLFsxNywiWzBdIl1dXQ

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.142 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f14.1e100.net

Software

ESF /

Resource Hash

d46267017907a9f4de45a4d9fbd2621e61ee1771e7c788f1ea3ede87f89d512e

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-DQzHItggQajfHtNp6c3a3w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://it.dir.bg/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 30 Oct 2024 15:16:48 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjytDikmJw15BikPj6kkkLiJ3SZ7CGAHHrzXOs04E46d951hIgdte6yOoPxIYKl1idgdix6BKrJxCr9lxiNQfi--susT4H4iKJK6wtQHy76QrrYyBm-HqFlQOIhbg5Hszu3Mkm8OH3QWcljaT8wvjk_LySosyk0pL8orTktNTi1KKy1KJ4IwMjE0MDIws9A8P4AgMAVzxABg"
content-security-policy: script-src 'report-sample' 'nonce-DQzHItggQajfHtNp6c3a3w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin: *
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

GET
H2 200 taboola-browsing-topics.html
cdn.taboola.com/libtrc/static/topics/ Frame B665 0
0 246ms
65ms Document
text/html 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/static/topics/taboola-browsing-topics.html
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/itdirbggr-f16324177/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://it.dir.bg/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

abp: 87
accept-ranges: bytes
access-control-allow-origin: *
age: 56840
cache-control: private,max-age=31536000
content-encoding: gzip
content-length: 340
content-type: text/html
date: Wed, 30 Oct 2024 15:16:48 GMT
etag: "8b140f0f0f6e1a0f986cc7d6dfd74d65"
last-modified: Tue, 13 Feb 2024 13:15:59 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 varnish
x-amz-id-2: kD6IRUu5RNLJmTY2KX/PeSqupFSUbRHx/ngM6wMRD4c63LcHN5fIRVc5unFVU55AtoBkoIaE/z0=
x-amz-replication-status: COMPLETED
x-amz-request-id: XHQ0ZT7JA8ZW48G7
x-amz-server-side-encryption: AES256
x-amz-version-id: 4MpQ_aQntJKuJTBB3LGK3B7cfa8k5k0b
x-cache: HIT
x-cache-hits: 36055
x-served-by: cache-mxp6931-MXP
x-timer: S1730301409.511517,VS0,VE0

GET
H2 200 load.js Show response
pm-widget.taboola.com/itdirbggr-f16324177/ 3 KB
1 KB 400ms
398ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://pm-widget.taboola.com/itdirbggr-f16324177/load.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/itdirbggr-f16324177/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cb8a888b0d989640632bbab7932e1439eccbef5b3afe44715caee7325314f4f6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://it.dir.bg/

Response headers

content-encoding: gzip
x-amz-version-id: FVzNPWe46Zk2MTdcdk2gIwD1t_08wsh8
etag: "58eefeb39d33772cc8dc961874726bad"
age: 0
x-cache: HIT
date: Wed, 30 Oct 2024 15:16:48 GMT
last-modified: Wed, 06 Mar 2024 09:00:53 GMT
x-served-by: cache-mxp6936-MXP
x-cache-hits: 0
content-type: application/javascript; charset=utf-8
x-amz-id-2: Xjn+QFmLGu0ur0mPQ0xQM6tU683JkXG+tvU2XqUii+sgqNpWqUlfCJTv2KSeQL2sli9iBfUn3xA=
vary: Accept-Encoding,
cache-control: max-age=3600
x-timer: S1730301408.269360,VS0,VE346
via: 1.1 varnish
x-amz-request-id: GCBAGM4AEP2WQ5N0
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1140
server: AmazonS3

POST
H2 204 / Show response
beacon.taboola.com/ 0
162 B 125ms
69ms XHR
text/plain 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://beacon.taboola.com/?ab=trecs&pub=itdirbggr-f16324177&trecsImpl=before&start=0&end=0
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/itdirbggr-f16324177/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://it.dir.bg/

Response headers

cache-control: private, no-store
retry-after: 0
x-timer: S1730301408.371101,VS0,VE0
access-control-allow-credentials: true
access-control-allow-methods: GET, POST
via: 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: https://it.dir.bg
x-cache: HIT
date: Wed, 30 Oct 2024 15:16:48 GMT
content-type
x-served-by: cache-mxp6936-MXP
server: Varnish
x-cache-hits: 0

POST
H2 200 json Show response
trc.taboola.com/itdirbggr-f16324177/trc/3/ 66 KB
22 KB 543ms
524ms XHR
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/itdirbggr-f16324177/trc/3/json?llvl=2&tim=16%3A16%3A48.260&lti=trecs&pubit=i&t=1&data=%7B%22cmps%22%3A2%2C%22id%22%3A%2233038%22%2C%22sd%22%3A%22%22%2C%22ui%22%3A%22%22%2C%22ii%22%3A%22%2Fweb%2Frusiya-globi-google-s-2-5-detsiliona-dolara-tova-sa-usd2-500-000-000-000-000-000-000-000-000-000-000%22%2C%22it%22%3A%22text%22%2C%22vi%22%3A1730301408260%2C%22cv%22%3A%2220241027-33-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fit.dir.bg%2Fweb%2Frusiya-globi-google-s-2-5-detsiliona-dolara-tova-sa-usd2-500-000-000-000-000-000-000-000-000-000-000%22%2C%22qs%22%3A%22%22%2C%22bv%22%3A%220%22%2C%22btv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22cos%22%3A%224g%22%2C%22bu%22%3A%22https%3A%2F%2Fit.dir.bg%2Fweb%2Frusiya-globi-google-s-2-5-detsiliona-dolara-tova-sa-usd2-500-000-000-000-000-000-000-000-000-000-000%22%2C%22vpi%22%3A%22%2Fweb%2Frusiya-globi-google-s-2-5-detsiliona-dolara-tova-sa-usd2-500-000-000-000-000-000-000-000-000-000-000%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A6101%2C%22sde%22%3A%221.000%22%2C%22lt%22%3A%22trecs%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22uip%22%3A%22Alternating%20Below%20Article%22%2C%22orig_uip%22%3A%22Alternating%20Below%20Article%22%2C%22s%22%3A0%2C%22uim%22%3A%22alternating-itdir%3Aabp%3D0%22%2C%22cd%22%3A4225.09%2C%22mw%22%3A1009%7D%5D%2C%22uad%22%3A%7B%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D%2C%22cacheKey%22%3A%22text%3D%2Fweb%2Frusiya-globi-google-s-2-5-detsiliona-dolara-tova-sa-usd2-500-000-000-000-000-000-000-000-000-000-000%2CAlternating%20Below%20Article%3Dalternating-itdir%3Aabp%3D0%22%2C%22_cn%22%3A%22tions_1%22%2C%22lbt%22%3A1730275293080%2C%22wc%22%3Atrue%2C%22pa%22%3A%7B%22en%22%3Atrue%2C%22su%22%3Atrue%7D%7D
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/itdirbggr-f16324177/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 95cff06b2188e9fb38c774b3c871801062faa87b79059b947a642558f937c713

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://it.dir.bg/

Response headers

content-encoding: gzip
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-log-content-encoding: gzip
date: Wed, 30 Oct 2024 15:16:48 GMT
content-type: application/javascript; charset=utf-8
x-served-by: cache-mxp6936-MXP
x-cache-hits: 0
vary: Accept-Encoding
x-fastly-to-nlb-rtt: 67797
x-timer: S1730301408.398079,VS0,VE455
x-vcl-time-ms: 455
access-control-allow-credentials: true
via: 1.1 varnish
cpu: 0.8514583333333333
accept-ranges: bytes
access-control-allow-origin: https://it.dir.bg
x-service-version: v1
server: nginx

GET
H2 200 player86.css
cdn.onnetwork.tv/css/ Frame 9855 49 KB
12 KB 292ms
283ms Stylesheet
text/css 188.165.21.156
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.onnetwork.tv/css/player86.css?s=1727857639

Requested by

Host: cdn.onnetwork.tv
URL: https://cdn.onnetwork.tv/js/player90/embed.min.js?s=1730124084

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

188.165.21.156 , France, ASN16276 (OVH, FR),

Reverse DNS

vh11b.eris-w13.of.pl

Software

XO.webservantpro /

Resource Hash

856b3145e02f0e524c57ac7238edd80b1d73cf0377724f0ed003a7bd3bb27485

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://it.dir.bg/

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=17280000, public
content-encoding: gzip
etag: W/"66fd03e7-c41e"
pragma: public
access-control-allow-methods: GET, POST, OPTIONS
expires: Sun, 18 May 2025 15:16:48 GMT
access-control-allow-origin: *
date: Wed, 30 Oct 2024 15:16:48 GMT
content-type: text/css
last-modified: Wed, 02 Oct 2024 08:27:19 GMT
server: XO.webservantpro
vary: Accept-Encoding

GET
H2 200 roboto.css
cdn.onnetwork.tv/css/ Frame 9855 6 KB
999 B 292ms
284ms Stylesheet
text/css 188.165.21.156
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.onnetwork.tv/css/roboto.css

Requested by

Host: cdn.onnetwork.tv
URL: https://cdn.onnetwork.tv/js/player90/embed.min.js?s=1730124084

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

188.165.21.156 , France, ASN16276 (OVH, FR),

Reverse DNS

vh11b.eris-w13.of.pl

Software

XO.webservantpro /

Resource Hash

939919488f3ad816cb78b5d032ae673c1c02c88b238cfdb6e1328cd5d04d7947

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://it.dir.bg/

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=17280000, public
content-encoding: gzip
etag: W/"60dd8078-194c"
pragma: public
access-control-allow-methods: GET, POST, OPTIONS
expires: Sun, 18 May 2025 15:16:48 GMT
access-control-allow-origin: *
date: Wed, 30 Oct 2024 15:16:48 GMT
content-type: text/css
last-modified: Thu, 01 Jul 2021 08:44:40 GMT
server: XO.webservantpro
vary: Accept-Encoding

GET
H2 200 OneSignalSDKStyles.css
onesignal.com/sdks/ 82 KB
9 KB 86ms
85ms Stylesheet
text/css 104.16.160.145
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onesignal.com/sdks/OneSignalSDKStyles.css?v=2

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151606

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.160.145 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://it.dir.bg/

Response headers

strict-transport-security: max-age=15552000; includeSubDomains
cache-control: public, max-age=2592000
content-encoding: br
cf-cache-status: HIT
etag: W/"4e9aaefffd5f8ae7dc83361aa2294190"
age: 3408
via: 1.1 google
cf-ray: 8dac5e5b5ebf4bf5-MXP
expires: Fri, 29 Nov 2024 15:16:48 GMT
alt-svc: h3=":443"; ma=86400
date: Wed, 30 Oct 2024 15:16:48 GMT
content-type: text/css
vary: Accept-Encoding
server: cloudflare
access-control-allow-headers: OneSignal-Subscription-Id

GET
H2 200 container.html
dcd4f76b77ad35947ee38d0cd584be32.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 5D3C 0
0 0ms
0ms Document
text/html 142.250.185.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://dcd4f76b77ad35947ee38d0cd584be32.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202410280101/pubads_impl.js?cb=31088558

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f1.1e100.net

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://it.dir.bg/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 30 Oct 2024 15:16:48 GMT
expires: Wed, 30 Oct 2024 15:16:48 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 collect
analytics.google.com/g/ 0
0 58ms
57ms Fetch
text/plain 216.58.206.78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-B1XSRWSHN4&gtm=45je4as0v9122851342z8810347154za200zb810347154&_p=1730301402719&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101533421~101823848~101878899~101878944~101925629&cid=1863221803.1730301405&ul=it-it&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_s=2&sid=1730301404&sct=1&seg=0&dl=https%3A%2F%2Fit.dir.bg%2Fweb%2Frusiya-globi-google-s-2-5-detsiliona-dolara-tova-sa-usd2-500-000-000-000-000-000-000-000-000-000-000&dt=%D0%A0%D1%83%D1%81%D0%B8%D1%8F%20%D0%B3%D0%BB%D0%BE%D0%B1%D0%B8%20Google%20%D1%81%202%2C5%20%D0%B4%D0%B5%D1%86%D0%B8%D0%BB%D0%B8%D0%BE%D0%BD%D0%B0%20%D0%B4%D0%BE%D0%BB%D0%B0%D1%80%D0%B0.%20%D0%A2%D0%BE%D0%B2%D0%B0%20%D1%81%D0%B0%20%242%20500%20000%20000%20000%20000%20000%20000%20000%20000%20000%20000%20%7C%20it.dir.bg&en=single_article_visible&ep.gtm_id=GTM-W2KMKLG&ep.gtm_version=127&ep.article_author=%D0%A1%D1%82%D0%BE%D1%8F%D0%BD%20%D0%93%D0%BE%D0%B3%D0%BE%D0%B2&ep.article_tags=%D0%9D%D0%B0%D1%87%D0%B0%D0%BB%D0%BE%20%2F&ep.article_creation_time=16%3A02%20%7C%2030%20%D0%BE%D0%BA%D1%82%D0%BE%D0%BC%D0%B2%D1%80%D0%B8%202024%20&ep.location=dir-home&_et=1651&tfd=7733
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-B1XSRWSHN4&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.58.206.78 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: mil07s08-in-f14.1e100.net
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://it.dir.bg/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://it.dir.bg
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 30 Oct 2024 15:16:48 GMT
content-type: text/plain
server: Golfe2

GET
H2 200 pmk-20220605.3.js Show response
pm-widget.taboola.com/itdirbggr-f16324177/ 84 KB
24 KB 362ms
61ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://pm-widget.taboola.com/itdirbggr-f16324177/pmk-20220605.3.js
Requested by: Host: pm-widget.taboola.com
URL: https://pm-widget.taboola.com/itdirbggr-f16324177/load.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2d25662a3c32460cfb691858a85f6c11956413c9d2c2a4506569140ab404dbb7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://it.dir.bg
Referer: https://it.dir.bg/

Response headers

content-encoding: gzip
x-amz-version-id: JXEFkRGmWHuvkX5oHJdLlGFzuGnjQo_g
etag: "de13fc0e14bf2e834a1f105e9e58016b"
age: 650493
access-control-allow-methods: GET,POST,PUT
x-cache: HIT
date: Wed, 30 Oct 2024 15:16:48 GMT
last-modified: Wed, 06 Mar 2024 09:00:53 GMT
x-served-by: cache-mxp6946-MXP
x-cache-hits: 0
content-type: application/javascript; charset=utf-8
x-amz-id-2: m25LHTqteqhqMQUiDurLg789zbVtdrW2ZTt+RK5HN2pIdae4Yf2qlk5LxLT5czf3eDRDEezufgQ=
vary: Accept-Encoding, ,Origin
cache-control: max-age=31536000
x-timer: S1730301409.975789,VS0,VE1
via: 1.1 varnish
x-amz-request-id: X833NJVJTAW8WB0T
accept-ranges: bytes
access-control-allow-origin: *
content-length: 24221
server: AmazonS3

GET
H2 200 player_utils.js Show response
cdn.onnetwork.tv/js/player86/ Frame 9855 16 KB
5 KB 67ms
65ms Script
application/javascript 188.165.21.156
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.onnetwork.tv/js/player86/player_utils.js?s=1730050408

Requested by

Host: it.dir.bg
URL: https://it.dir.bg/web/rusiya-globi-google-s-2-5-detsiliona-dolara-tova-sa-usd2-500-000-000-000-000-000-000-000-000-000-000

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

188.165.21.156 , France, ASN16276 (OVH, FR),

Reverse DNS

vh11b.eris-w13.of.pl

Software

XO.webservantpro /

Resource Hash

5702c27ea7b32888e99a2c14b172f9bcd56928d9674c1ca6a86d594c6b6fbdd3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://it.dir.bg/

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=17280000, public
content-encoding: gzip
etag: W/"671e7968-4043"
pragma: public
access-control-allow-methods: GET, POST, OPTIONS
expires: Sun, 18 May 2025 15:16:48 GMT
access-control-allow-origin: *
date: Wed, 30 Oct 2024 15:16:48 GMT
content-type: application/javascript
last-modified: Sun, 27 Oct 2024 17:33:28 GMT
server: XO.webservantpro
vary: Accept-Encoding

GET
H2 200 gpt_proxy.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 9855 109 KB
39 KB 526ms
47ms Script
text/javascript 142.250.184.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/gpt_proxy.js

Requested by

Host: it.dir.bg
URL: https://it.dir.bg/web/rusiya-globi-google-s-2-5-detsiliona-dolara-tova-sa-usd2-500-000-000-000-000-000-000-000-000-000-000

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.202 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f10.1e100.net

Software

sffe /

Resource Hash

c387cbd6f40acc8d2de4be4f8fabe5995705777fa082ac165d0e29855b4c7e5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://it.dir.bg/

Response headers

content-encoding: gzip
age: 445
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
x-content-type-options: nosniff
expires: Wed, 30 Oct 2024 15:24:24 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 30 Oct 2024 15:09:24 GMT
last-modified: Tue, 22 Oct 2024 18:57:02 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: public, max-age=900
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 39139
x-xss-protection: 0
server: sffe

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 9855 423 KB
145 KB 608ms
129ms Script
text/javascript 142.250.184.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: it.dir.bg
URL: https://it.dir.bg/web/rusiya-globi-google-s-2-5-detsiliona-dolara-tova-sa-usd2-500-000-000-000-000-000-000-000-000-000-000

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.202 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f10.1e100.net

Software

sffe /

Resource Hash

3c782c22111e19f40582e08353f33f78fc0b10bbaeec1a782636838b416851b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://it.dir.bg/

Response headers

cache-control: private, max-age=900, stale-while-revalidate=3600
content-encoding: gzip
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
x-content-type-options: nosniff
expires: Wed, 30 Oct 2024 15:16:49 GMT
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 147824
date: Wed, 30 Oct 2024 15:16:49 GMT
x-xss-protection: 0
content-type: text/javascript
vary: Accept-Encoding
server: sffe

GET
H2 200 hls.min.js Show response
cdn.jsdelivr.net/npm/hls.js@1.5.7/dist/ Frame 9855 403 KB
126 KB 509ms
71ms Script
application/javascript 151.101.1.229
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/hls.js@1.5.7/dist/hls.min.js

Requested by

Host: it.dir.bg
URL: https://it.dir.bg/web/rusiya-globi-google-s-2-5-detsiliona-dolara-tova-sa-usd2-500-000-000-000-000-000-000-000-000-000-000

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.229 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

a78b3603d762428caba2ef21674e4d47fbc4e7496292b28f845ba7372849360b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://it.dir.bg/

Response headers

access-control-expose-headers: *
content-encoding: br
etag: W/"64abf-vgfbu5ZZclLuU0WSFYlWULnyUCQ"
age: 3212147
x-content-type-options: nosniff
x-jsd-version-type: version
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: HIT, HIT
date: Wed, 30 Oct 2024 15:16:49 GMT
content-type: application/javascript; charset=utf-8
x-served-by: cache-fra-etou8220127-FRA, cache-mxp6951-MXP
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
content-length: 128380
x-jsd-version: 1.5.7

GET
H2 200 player.js Show response
cdn.onnetwork.tv/js/player86/ Frame 9855 358 KB
96 KB 104ms
103ms Script
application/javascript 188.165.21.156
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.onnetwork.tv/js/player86/player.js?s=1730050408

Requested by

Host: it.dir.bg
URL: https://it.dir.bg/web/rusiya-globi-google-s-2-5-detsiliona-dolara-tova-sa-usd2-500-000-000-000-000-000-000-000-000-000-000

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

188.165.21.156 , France, ASN16276 (OVH, FR),

Reverse DNS

vh11b.eris-w13.of.pl

Software

XO.webservantpro /

Resource Hash

ccbbf6259b19d6bc08cca109137b661e362c77646920aadd27bf9289d7747351

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://it.dir.bg
Referer: https://it.dir.bg/

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=17280000, public
content-encoding: gzip
etag: W/"671e7968-5971c"
pragma: public
access-control-allow-methods: GET, POST, OPTIONS
expires: Sun, 18 May 2025 15:16:48 GMT
access-control-allow-origin: *
date: Wed, 30 Oct 2024 15:16:48 GMT
content-type: application/javascript
last-modified: Sun, 27 Oct 2024 17:33:28 GMT
server: XO.webservantpro
vary: Accept-Encoding

GET
H2 200 a_cntg.png
cdn.onnetwork.tv/cnt/ Frame 9855 126 B
331 B 66ms
66ms Image
image/png 188.165.21.156
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.onnetwork.tv/cnt/a_cntg.png?ts=1730301408666&d=7056&wsc=00&typ=embed&mobile=0&c=44
Requested by: Host: it.dir.bg
URL: https://it.dir.bg/web/rusiya-globi-google-s-2-5-detsiliona-dolara-tova-sa-usd2-500-000-000-000-000-000-000-000-000-000-000
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 188.165.21.156 , France, ASN16276 (OVH, FR),
Reverse DNS: vh11b.eris-w13.of.pl
Software: XO.webservantpro /
Resource Hash: a607b3c3e0d09d7f339e0035f16f99bf93637dee0eb27b2b9c447701fefa2ace

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://it.dir.bg/

Response headers

cache-control: no-cache
access-control-allow-methods: GET, POST, OPTIONS
accept-ranges: bytes
access-control-allow-origin: *
content-length: 126
date: Wed, 30 Oct 2024 15:16:48 GMT
content-type: image/png
last-modified: Wednesday, 30-Oct-2024 15:16:48 GMT
server: XO.webservantpro

GET
H2 200 fraud-detect.js Show response
cdn.taboola.com/scripts/ 121 B
490 B 92ms
85ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/scripts/fraud-detect.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/itdirbggr-f16324177/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 392c32f20b9f867852a946a6ed1c5e21476df9619083548b6585d80a3b5f9bd4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://it.dir.bg
Referer: https://it.dir.bg/

Response headers

content-encoding: gzip
etag: "f7a185d92ac2162dc0bc36c5d7ef7dfe"
x-amz-version-id: vOXBAr_FxKHpU348.XTQhP6DWnVyKple
age: 19803
x-cache: HIT
date: Wed, 30 Oct 2024 15:16:49 GMT
last-modified: Thu, 15 Dec 2022 16:50:08 GMT
x-served-by: cache-mxp6946-MXP
x-cache-hits: 52615
content-type: application/javascript
x-amz-id-2: BvznVYpK/uNhqoujGvzsoVc6cYASXBIuVRL0iX8fS/C/5wqMwvTwEUBh2sZvFNefJPz2vEg9Wzg=
vary: Accept-Encoding
x-amz-replication-status: COMPLETED
cache-control: private,max-age=14400
x-timer: S1730301409.018530,VS0,VE0
via: 1.1 varnish
x-amz-request-id: 4FQGZ21MY0AMG2SK
accept-ranges: bytes
access-control-allow-origin: *
abp: 7
content-length: 125
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 cds-pips.js Show response
cdn.taboola.com/scripts/ 3 KB
2 KB 85ms
84ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/scripts/cds-pips.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/itdirbggr-f16324177/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bce4b47b8fc12de49fac0a00e9039e38aa568aba0ee9154b93d20465f0289cfa

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://it.dir.bg
Referer: https://it.dir.bg/

Response headers

content-encoding: gzip
etag: "c52aa1ea682aef8ad5ebf7aff9662e35"
x-amz-version-id: uLMchp7BESXZGZqPSJ8.FcfKBYdWFxIf
age: 2263
x-cache: HIT
date: Wed, 30 Oct 2024 15:16:49 GMT
last-modified: Sun, 29 Oct 2023 14:06:32 GMT
x-served-by: cache-mxp6946-MXP
x-cache-hits: 6646
content-type: application/javascript
x-amz-id-2: Ixid3fhC8DEHCG1OGdHSgbGHqOewi5E3hsZojrzj/GeYuAnRabuCMfkDeqVGUtEnyk2fK3ZhCqI=
vary: Accept-Encoding
x-amz-replication-status: COMPLETED
cache-control: private, max-age=3600
x-timer: S1730301409.018550,VS0,VE0
via: 1.1 varnish
x-amz-request-id: FX82T375Y1W9P8TV
accept-ranges: bytes
access-control-allow-origin: *
abp: 76
content-length: 1347
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 UnitFeedManagerDesktop.min.js Show response
vidstat.taboola.com/lite-unit/5.0.6/ 107 KB
30 KB 47ms
46ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/lite-unit/5.0.6/UnitFeedManagerDesktop.min.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/itdirbggr-f16324177/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 70f3ed2a91f047582239d5f8a2938a7e789adc9b12a4cc669b82e83c5afbae3f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://it.dir.bg/

Response headers

content-encoding: gzip
etag: "a6540f2ba51160a903fad7c9499e2f1f"
age: 707231
access-control-allow-methods: GET, OPTIONS, HEAD
x-cache: Hit from cloudfront, HIT
x-amz-cf-id: ICH1DHsl8XDYQR2XJs3mbhhzEhUf9AhCAwxX2xxsQJEBILrsAM4ICQ==
date: Wed, 30 Oct 2024 15:16:49 GMT
content-type: application/javascript
x-served-by: cache-mxp6936-MXP
x-cache-hits: 42263
last-modified: Tue, 22 Oct 2024 09:01:08 GMT
vary: Accept-Encoding
access-control-allow-headers: *
cache-control: public, max-age=2592000
x-timer: S1730301409.018380,VS0,VE0
via: 1.1 c998e38ed4ce49918421e82943649a88.cloudfront.net (CloudFront), 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 29994
x-amz-cf-pop: MXP53-P3
server: AmazonS3
x-amz-server-side-encryption: AES256

POST
H2 204 debug
il-trc-events.taboola.com/itdirbggr-f16324177/log/2/ 0
124 B 359ms
87ms Ping
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://il-trc-events.taboola.com/itdirbggr-f16324177/log/2/debug?type=warn&msg=Taboola%20Push%20Option%20modes%20%22alternating-itdir%22%20not%20present%20in%20Publisher%20Config%20modes.&lt=trecs&tvi48=19330&tvi50=20765&tvi61=19379&tim=16%3A16%3A48.983&id=8097&cv=20241027-33-RELEASE&llvl=2
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/itdirbggr-f16324177/loader.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Referer: https://it.dir.bg/

Response headers

access-control-allow-origin: https://it.dir.bg
x-fastly-to-nlb-rtt: 52154
date: Wed, 30 Oct 2024 15:16:49 GMT
server: nginx
access-control-allow-credentials: true

POST
H2 204 debug
il-trc-events.taboola.com/itdirbggr-f16324177/log/2/ 0
124 B 357ms
87ms Ping
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://il-trc-events.taboola.com/itdirbggr-f16324177/log/2/debug?type=warn&msg=Placement%20doesn%27t%20have%20Publisher%20Mode%20Config%3A%20organic-thumbs-feed-hero-oc-3oc&lt=trecs&tvi48=19330&tvi50=20765&tvi61=19379&tim=16%3A16%3A48.983&id=29400&cv=20241027-33-RELEASE&llvl=2
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/itdirbggr-f16324177/loader.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Referer: https://it.dir.bg/

Response headers

access-control-allow-origin: https://it.dir.bg
x-fastly-to-nlb-rtt: 52154
date: Wed, 30 Oct 2024 15:16:49 GMT
server: nginx
access-control-allow-credentials: true

POST
H2 204 debug
il-trc-events.taboola.com/itdirbggr-f16324177/log/2/ 0
125 B 355ms
86ms Ping
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://il-trc-events.taboola.com/itdirbggr-f16324177/log/2/debug?type=warn&msg=Placement%20doesn%27t%20have%20Publisher%20Mode%20Config%3A%20organic-thumbs-feed-hero-oc-3oc&lt=trecs&tvi48=19330&tvi50=20765&tvi61=19379&tim=16%3A16%3A48.983&id=11630&cv=20241027-33-RELEASE&llvl=2
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/itdirbggr-f16324177/loader.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Referer: https://it.dir.bg/

Response headers

access-control-allow-origin: https://it.dir.bg
x-fastly-to-nlb-rtt: 52154
date: Wed, 30 Oct 2024 15:16:49 GMT
server: nginx
access-control-allow-credentials: true

POST
H2 204 metrics
il-trc-events.taboola.com/itdirbggr-f16324177/log/3/ 0
242 B 400ms
142ms Ping
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://il-trc-events.taboola.com/itdirbggr-f16324177/log/3/metrics?route=AM%3AIL%3AV&lti=trecs
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/itdirbggr-f16324177/loader.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Referer: https://it.dir.bg/

Response headers

access-control-allow-origin: https://it.dir.bg
cache-control: no-cache
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
date: Wed, 30 Oct 2024 15:16:49 GMT
pragma: no-cache
server: nginx
access-control-allow-credentials: true

GET
H2 200 f89e1763-220d-4e09-ba69-9e040548fb7a.svg
cdn.taboola.com/static/f8/ 4 KB
2 KB 45ms
41ms Image
image/svg+xml 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.taboola.com/static/f8/f89e1763-220d-4e09-ba69-9e040548fb7a.svg
Requested by: Host: it.dir.bg
URL: https://it.dir.bg/web/rusiya-globi-google-s-2-5-detsiliona-dolara-tova-sa-usd2-500-000-000-000-000-000-000-000-000-000-000
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://it.dir.bg/

Response headers

content-encoding: gzip
etag: "b8b410e4b18d45aa2f3d9bc09cd335fb"
x-amz-version-id: cMrDKn.emLmm9kiiOOF64ulDT4DRy6LK
age: 40
access-control-allow-methods: GET
x-cache: HIT
date: Wed, 30 Oct 2024 15:16:49 GMT
last-modified: Wed, 07 Feb 2018 11:15:52 GMT
x-served-by: cache-mxp6936-MXP
x-cache-hits: 42
content-type: image/svg+xml
x-amz-id-2: UaVDbAgMMcXoI/iEfhAtsgErZWxMplqfqHiKvJmYhUnqkeio8llmUz0M41MSgYysidsbTejtXm0=
access-control-allow-headers: *
vary: Accept-Encoding
x-amz-replication-status: COMPLETED
cache-control: private,max-age=31536000
x-timer: S1730301409.104025,VS0,VE0
via: 1.1 varnish
x-amz-request-id: CVB1B16HWXZ5THPS
accept-ranges: bytes
access-control-allow-origin: *
abp: 66
content-length: 1758
server: AmazonS3

GET
H2 200 1366x768.jpg%3F_%3D1728458017
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_278%2Cw_500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//static.dir.bg/uploads/images/2018/02/22/430900/ 19 KB
19 KB 51ms
47ms Image
image/webp 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_278%2Cw_500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//static.dir.bg/uploads/images/2018/02/22/430900/1366x768.jpg%3F_%3D1728458017
Requested by: Host: it.dir.bg
URL: https://it.dir.bg/web/rusiya-globi-google-s-2-5-detsiliona-dolara-tova-sa-usd2-500-000-000-000-000-000-000-000-000-000-000
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: ac19768203fc63f4d181c59b00f5831d6ac5757b37db381fe2896de5275ee195

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://it.dir.bg/

Response headers

x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_278%2Cw_500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//static.dir.bg/uploads/images/2018/02/22/430900/1366x768.jpg%3F_%3D1728458017
etag: "f31d4399994602be0884b6692b2a035b"
surrogate-reporting: width=500,height=278,bytes=30175,owidth=1366,oheight=768,obytes=151447,ef=(1,13,17,23,30)
cache-tag: 296309625331431719210056455195838932883,321542333818713782252267784064847624608,29ecf9b93bbf306179626feeda1fab70
age: 624949
x-cache: Miss from cloudfront, MISS, MISS, MISS, HIT, HIT
date: Wed, 30 Oct 2024 15:16:49 GMT
content-type: image/webp
last-modified: Thu, 10 Oct 2024 09:58:10 GMT
x-served-by: cache-iad-kiad7000061-IAD, cache-iad-kiad7000061-IAD, cache-lga21965-LGA, cache-iad-kiad7000044-IAD, cache-mxp6936-MXP
x-cache-hits: 0, 0, 0, 35, 2
access-control-allow-headers: X-Requested-With
vary: ImageFormat
edge-cache-tag: 296309625331431719210056455195838932883,321542333818713782252267784064847624608,29ecf9b93bbf306179626feeda1fab70
cache-control: public, max-age=31536000
timing-allow-origin: *
x-envoy-upstream-service-time: 980
x-timer: S1730301409.104526,VS0,VE0
x-orig-request-id: 032cfe6dbdb0c9c04bda573f16a985e8
x-ratelimit-reset: 1
expiration: expiry-date="Sun, 10 Nov 2024 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
via: 1.1 varnish, 1.1 varnish
x-ratelimit-remaining: 100
x-vcl-time-ms: 0
accept-ranges: bytes
access-control-allow-origin: *
req-referer: https://it.dir.bg/
content-length: 19064
x-ratelimit-limit: 101
server: nginx

GET
H2 200 1366x768.jpg%3F_%3D1694764821
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_130%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//static.dir.bg/uploads/images/2023/09/15/2602290/ 5 KB
6 KB 46ms
43ms Image
image/webp 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_130%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//static.dir.bg/uploads/images/2023/09/15/2602290/1366x768.jpg%3F_%3D1694764821
Requested by: Host: it.dir.bg
URL: https://it.dir.bg/web/rusiya-globi-google-s-2-5-detsiliona-dolara-tova-sa-usd2-500-000-000-000-000-000-000-000-000-000-000
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 7479c086219ad4c45c6c56e19449ffb0eb6c4fa95eced8371639f79563a53ffd

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://it.dir.bg/

Response headers

x-request-id: 93171bd3e9cafff78800e2c6bc49ee37
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_130%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//static.dir.bg/uploads/images/2023/09/15/2602290/1366x768.jpg%3F_%3D1694764821
etag: "49bf310d4028872068c02d15a4688309"
surrogate-reporting: width=220,height=130,bytes=8484,owidth=1366,oheight=768,obytes=155581,ef=(1,13,17,23,30)
cache-tag: 572765935869057079071121766742280951991,611705804638510531275839387012176038151,29ecf9b93bbf306179626feeda1fab70
age: 1845126
status: 200 OK
x-cache: Miss from cloudfront, MISS, MISS, MISS, HIT, HIT
date: Wed, 30 Oct 2024 15:16:49 GMT
content-type: image/webp
last-modified: Tue, 10 Sep 2024 13:06:50 GMT
x-served-by: cache-iad-kcgs7200029-IAD, cache-iad-kcgs7200029-IAD, cache-bur-kbur8200029-BUR, cache-iad-kcgs7200161-IAD, cache-mxp6936-MXP
x-cache-hits: 0, 0, 0, 200, 2
access-control-allow-headers: X-Requested-With
vary: ImageFormat
edge-cache-tag: 572765935869057079071121766742280951991,611705804638510531275839387012176038151,29ecf9b93bbf306179626feeda1fab70
cache-control: public, max-age=31536000
timing-allow-origin: *
x-envoy-upstream-service-time: 1801
x-timer: S1730301409.104518,VS0,VE0
x-orig-request-id: 254734880ef3576f8e3cb8f13495fcd3
x-ratelimit-reset: 1
x-vcl-time-ms: 0
via: 1.1 varnish, 1.1 varnish
x-ratelimit-remaining: 100
accept-ranges: bytes
access-control-allow-origin: *
req-referer: https://it.dir.bg/
content-length: 5134
x-ratelimit-limit: 101
server: nginx

GET
H2 200 1366x768.jpg%3F_%3D1720855094
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_130%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//static.dir.bg/uploads/images/2024/07/13/2787691/ 10 KB
11 KB 55ms
54ms Image
image/webp 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_130%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//static.dir.bg/uploads/images/2024/07/13/2787691/1366x768.jpg%3F_%3D1720855094
Requested by: Host: it.dir.bg
URL: https://it.dir.bg/web/rusiya-globi-google-s-2-5-detsiliona-dolara-tova-sa-usd2-500-000-000-000-000-000-000-000-000-000-000
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: f7fb835bccfe6ea033f86ae1e6967cc155911b2c3548d3dba92149db7fd0eb31

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://it.dir.bg/

Response headers

x-request-id: d778782b92cd6eba9c3d6c110e39d5ea
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_130%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//static.dir.bg/uploads/images/2024/07/13/2787691/1366x768.jpg%3F_%3D1720855094
etag: "f68d96bc64e7cea80de163f57e794d09"
surrogate-reporting: width=220,height=130,bytes=18909,owidth=1366,oheight=768,obytes=304965,ef=(1,13,17,23,30)
cache-tag: 346350636215348446408019379604188417895,611705804638510531275839387012176038151,29ecf9b93bbf306179626feeda1fab70
age: 435750
status: 200 OK
x-cache: Miss from cloudfront, MISS, MISS, MISS, HIT, HIT
date: Wed, 30 Oct 2024 15:16:49 GMT
content-type: image/webp
last-modified: Fri, 25 Oct 2024 13:49:31 GMT
x-served-by: cache-iad-kiad7000037-IAD, cache-iad-kiad7000037-IAD, cache-lax-kwhp1940143-LAX, cache-iad-kcgs7200096-IAD, cache-mxp6936-MXP
x-cache-hits: 0, 0, 0, 73, 0
access-control-allow-headers: X-Requested-With
vary: ImageFormat
edge-cache-tag: 346350636215348446408019379604188417895,611705804638510531275839387012176038151,29ecf9b93bbf306179626feeda1fab70
cache-control: public, max-age=31536000
timing-allow-origin: *
x-envoy-upstream-service-time: 938
x-timer: S1730301409.104486,VS0,VE1
x-orig-request-id: e7ec2047ce292ead7189f3c8eb8e13cf
x-ratelimit-reset: 1
x-vcl-time-ms: 1
via: 1.1 varnish, 1.1 varnish
x-ratelimit-remaining: 100
accept-ranges: bytes
access-control-allow-origin: *
req-referer: https://it.dir.bg/
content-length: 10690
x-ratelimit-limit: 101
server: nginx

GET
H2 200 1366x768.jpg%3F_%3D1729839561
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_130%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//static.dir.bg/uploads/images/2024/10/25/2817131/ 8 KB
8 KB 108ms
108ms Image
image/webp 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_130%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//static.dir.bg/uploads/images/2024/10/25/2817131/1366x768.jpg%3F_%3D1729839561
Requested by: Host: it.dir.bg
URL: https://it.dir.bg/web/rusiya-globi-google-s-2-5-detsiliona-dolara-tova-sa-usd2-500-000-000-000-000-000-000-000-000-000-000
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: d2098b74818eaafe4cd391aaf3f8128433df2f3fed0a64a78d25c81df15a77eb

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://it.dir.bg/

Response headers

x-request-id: 3bce1c3e190bcedba1117b90a49ed065
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_130%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//static.dir.bg/uploads/images/2024/10/25/2817131/1366x768.jpg%3F_%3D1729839561
etag: "11bdf29dc7844f026867b58d4dd771c2"
surrogate-reporting: width=220,height=130,bytes=11796,owidth=1366,oheight=768,obytes=261194,ef=(1,13,17,23,30)
cache-tag: 472859621072250581233098339709300661393,611705804638510531275839387012176038151,29ecf9b93bbf306179626feeda1fab70
age: 458144
status: 200 OK
x-cache: Miss from cloudfront, MISS, MISS, HIT, HIT, HIT
date: Wed, 30 Oct 2024 15:16:49 GMT
content-type: image/webp
last-modified: Fri, 25 Oct 2024 07:08:39 GMT
x-served-by: cache-iad-kiad7000172-IAD, cache-iad-kiad7000172-IAD, cache-lga21935-LGA, cache-iad-kjyo7100026-IAD, cache-mxp6936-MXP
x-cache-hits: 0, 0, 0, 16, 0
access-control-allow-headers: X-Requested-With
vary: ImageFormat
edge-cache-tag: 472859621072250581233098339709300661393,611705804638510531275839387012176038151,29ecf9b93bbf306179626feeda1fab70
cache-control: public, max-age=31536000
timing-allow-origin: *
x-envoy-upstream-service-time: 1186
x-timer: S1730301409.162827,VS0,VE1
x-orig-request-id: d5081c50076647c5e027e201e6a3904c
x-ratelimit-reset: 1
x-vcl-time-ms: 1
via: 1.1 varnish, 1.1 varnish
x-ratelimit-remaining: 100
accept-ranges: bytes
access-control-allow-origin: *
req-referer: https://it.dir.bg/
content-length: 7926
x-ratelimit-limit: 101
server: nginx

GET
H2 200 00b57948df3021816ee5a21e890beeaa.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_223%2Cw_400%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 19 KB
20 KB 42ms
42ms Image
image/webp 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_223%2Cw_400%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/00b57948df3021816ee5a21e890beeaa.jpeg
Requested by: Host: it.dir.bg
URL: https://it.dir.bg/web/rusiya-globi-google-s-2-5-detsiliona-dolara-tova-sa-usd2-500-000-000-000-000-000-000-000-000-000-000
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 517186720a3a19c9d0c308555336b46fe6604261baa99812dadbc5661bd908fe

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://it.dir.bg/

Response headers

x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_223%2Cw_400%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/00b57948df3021816ee5a21e890beeaa.jpeg
etag: "0b008d385291cdb89017df9728b35a03"
surrogate-reporting: width=400,height=223,bytes=31829,owidth=1344,oheight=896,obytes=158659,ef=(1,13,17,23,30)
cache-tag: 581557000010091738445739387389541389075,507842782944220752304688722208192589828,29ecf9b93bbf306179626feeda1fab70
age: 1300325
x-cache: Miss from cloudfront, MISS, HIT, MISS, HIT, HIT
date: Wed, 30 Oct 2024 15:16:49 GMT
content-type: image/webp
last-modified: Fri, 20 Sep 2024 20:25:49 GMT
x-served-by: cache-iad-kjyo7100049-IAD, cache-iad-kjyo7100049-IAD, cache-lga21971-LGA, cache-iad-kjyo7100167-IAD, cache-mxp6936-MXP
x-cache-hits: 0, 1, 0, 214, 4
access-control-allow-headers: X-Requested-With
vary: ImageFormat
edge-cache-tag: 581557000010091738445739387389541389075,507842782944220752304688722208192589828,29ecf9b93bbf306179626feeda1fab70
cache-control: public, max-age=31536000
timing-allow-origin: *
x-envoy-upstream-service-time: 94
x-timer: S1730301409.163098,VS0,VE0
x-orig-request-id: 0c1218b37d70005b7262e9049f4c75cb
x-ratelimit-reset: 1
expiration: expiry-date="Mon, 21 Oct 2024 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
via: 1.1 varnish, 1.1 varnish
x-ratelimit-remaining: 100
x-vcl-time-ms: 0
accept-ranges: bytes
access-control-allow-origin: *
req-referer: https://esports.as.com/
content-length: 19628
x-ratelimit-limit: 101
server: nginx

GET
H2 200 53e7fd2493717cb6512a15333a6fca54.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_223%2Cw_400%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 11 KB
12 KB 110ms
109ms Image
image/webp 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_223%2Cw_400%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/53e7fd2493717cb6512a15333a6fca54.jpg
Requested by: Host: it.dir.bg
URL: https://it.dir.bg/web/rusiya-globi-google-s-2-5-detsiliona-dolara-tova-sa-usd2-500-000-000-000-000-000-000-000-000-000-000
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 463095508653741346dd8625315cf169d5617d637079219a562e715d0e0230cf

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://it.dir.bg/

Response headers

x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_223%2Cw_400%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/53e7fd2493717cb6512a15333a6fca54.jpg
etag: "c92459ae374fa7286f71f95b7221d4a0"
surrogate-reporting: width=400,height=223,bytes=21384,owidth=1257,oheight=835,obytes=185581,ef=(1,13,17,23,30)
cache-tag: 548106032730119153476542231852639390054,507842782944220752304688722208192589828,29ecf9b93bbf306179626feeda1fab70
age: 3630372
x-cache: Miss from cloudfront, MISS, MISS, MISS, HIT, HIT
date: Wed, 30 Oct 2024 15:16:49 GMT
content-type: image/webp
last-modified: Fri, 06 Sep 2024 11:59:23 GMT
x-served-by: cache-iad-kcgs7200089-IAD, cache-iad-kcgs7200089-IAD, cache-lga21967-LGA, cache-iad-kcgs7200108-IAD, cache-mxp6936-MXP
x-cache-hits: 0, 0, 0, 124, 15
access-control-allow-headers: X-Requested-With
vary: ImageFormat
edge-cache-tag: 548106032730119153476542231852639390054,507842782944220752304688722208192589828,29ecf9b93bbf306179626feeda1fab70
cache-control: public, max-age=31536000
timing-allow-origin: *
x-envoy-upstream-service-time: 155
x-timer: S1730301409.176298,VS0,VE0
x-orig-request-id: b90e68cc473a0e429836c8077bf48554
x-ratelimit-reset: 1
expiration: expiry-date="Mon, 07 Oct 2024 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
via: 1.1 varnish, 1.1 varnish
x-ratelimit-remaining: 100
x-vcl-time-ms: 0
accept-ranges: bytes
access-control-allow-origin: *
req-referer: https://www.quinewsvaldichiana.it/
content-length: 11554
x-ratelimit-limit: 101
server: nginx

GET
H2 200 OpenSans-Regular.ttf
static.dir.bg/fonts/ 95 KB
59 KB 110ms
109ms Font
application/x-font-ttf 194.145.63.126
DELTA-BG-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://static.dir.bg/fonts/OpenSans-Regular.ttf
Requested by: Host: static.dir.bg
URL: https://static.dir.bg/css/desktop/all.css?_=1730119760
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 194.145.63.126 Sofia, Bulgaria, ASN8860 (DELTA-BG-AS, BG),
Reverse DNS: station126.bdata.bg
Software: nginx /
Resource Hash: 037236ed4bf58a85f67074c165d308260fd6be01c86d7df4e79ea16eb273f8c5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://it.dir.bg
Referer: https://static.dir.bg/css/desktop/all.css?_=1730119760

Response headers

access-control-max-age: 172800
cache-control: max-age=2592000
content-encoding: gzip
etag: W/"63346149-17aa4"
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
expires: Fri, 29 Nov 2024 14:48:52 GMT
access-control-allow-origin: *
date: Wed, 30 Oct 2024 14:48:52 GMT
content-type: application/x-font-ttf
vary: Accept-Encoding, Origin
server: nginx
last-modified: Wed, 28 Sep 2022 14:59:21 GMT
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H2 200 1c4f9ef66ac74f579679ae246632de25.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_223%2Cw_400%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 7 KB
7 KB 39ms
37ms Image
image/webp 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_223%2Cw_400%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/1c4f9ef66ac74f579679ae246632de25.png
Requested by: Host: it.dir.bg
URL: https://it.dir.bg/web/rusiya-globi-google-s-2-5-detsiliona-dolara-tova-sa-usd2-500-000-000-000-000-000-000-000-000-000-000
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 1ff99e35dfa6c7a652a0048c9db5d2ea77348d82bdc063b96064584cbeee91f4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://it.dir.bg/

Response headers

x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_223%2Cw_400%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/1c4f9ef66ac74f579679ae246632de25.png
etag: "14fcd9625bb25640a744894872d8602b"
surrogate-reporting: width=400,height=223,bytes=10629,owidth=1200,oheight=800,obytes=1002222,ef=(1,13,17,23,30)
cache-tag: 540662111208919042824857457379803118543,507842782944220752304688722208192589828,29ecf9b93bbf306179626feeda1fab70
age: 1332302
x-cache: Miss from cloudfront, MISS, MISS, MISS, HIT, HIT
date: Wed, 30 Oct 2024 15:16:49 GMT
content-type: image/webp
last-modified: Mon, 16 Sep 2024 15:11:08 GMT
x-served-by: cache-iad-kcgs7200113-IAD, cache-iad-kcgs7200113-IAD, cache-ewr-kewr1740025-EWR, cache-iad-kjyo7100168-IAD, cache-mxp6936-MXP
x-cache-hits: 0, 0, 0, 67, 1970
access-control-allow-headers: X-Requested-With
vary: ImageFormat
edge-cache-tag: 540662111208919042824857457379803118543,507842782944220752304688722208192589828,29ecf9b93bbf306179626feeda1fab70
cache-control: public, max-age=31536000
timing-allow-origin: *
x-envoy-upstream-service-time: 231
x-timer: S1730301409.277344,VS0,VE0
x-orig-request-id: 5de7c056ea47a28ea5628519ec1a319b
x-ratelimit-reset: 1
expiration: expiry-date="Thu, 17 Oct 2024 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
via: 1.1 varnish, 1.1 varnish
x-ratelimit-remaining: 100
x-vcl-time-ms: 0
accept-ranges: bytes
access-control-allow-origin: *
req-referer: https://www.prealpina.it/
content-length: 6800
x-ratelimit-limit: 101
server: nginx

GET
H2 200 1920x1080.jpg%3F_%3D1624951651
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_223%2Cw_400%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//static.dir.bg/uploads/images/2021/06/29/2221572/ 4 KB
5 KB 38ms
37ms Image
image/webp 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_223%2Cw_400%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//static.dir.bg/uploads/images/2021/06/29/2221572/1920x1080.jpg%3F_%3D1624951651
Requested by: Host: it.dir.bg
URL: https://it.dir.bg/web/rusiya-globi-google-s-2-5-detsiliona-dolara-tova-sa-usd2-500-000-000-000-000-000-000-000-000-000-000
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: d4d18e8a76cf114e4e855801c3afd746bc7c67ac727be659800dae087d622053

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://it.dir.bg/

Response headers

x-request-id: 398f4aa951787539cc3675b7df2936bc
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_223%2Cw_400%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//static.dir.bg/uploads/images/2021/06/29/2221572/1920x1080.jpg%3F_%3D1624951651
etag: "fe62adc8b8af13bf07bd6d10adef9215"
surrogate-reporting: width=400,height=223,bytes=13139,owidth=1920,oheight=1080,obytes=106185,ef=(1,13,17,23,30)
cache-tag: 363858286995122508303961551989408923695,507842782944220752304688722208192589828,29ecf9b93bbf306179626feeda1fab70
age: 1288114
status: 200 OK
x-cache: Miss from cloudfront, MISS, MISS, MISS, HIT, HIT
date: Wed, 30 Oct 2024 15:16:49 GMT
content-type: image/webp
last-modified: Tue, 15 Oct 2024 14:58:48 GMT
x-served-by: cache-iad-kcgs7200069-IAD, cache-iad-kcgs7200069-IAD, cache-lga21928-LGA, cache-iad-kcgs7200166-IAD, cache-mxp6936-MXP
x-cache-hits: 0, 0, 0, 35, 2
access-control-allow-headers: X-Requested-With
vary: ImageFormat
edge-cache-tag: 363858286995122508303961551989408923695,507842782944220752304688722208192589828,29ecf9b93bbf306179626feeda1fab70
cache-control: public, max-age=31536000
timing-allow-origin: *
x-envoy-upstream-service-time: 1181
x-timer: S1730301409.277831,VS0,VE0
x-orig-request-id: 216e768815bba442b44f3d05e9805d8d
x-ratelimit-reset: 1
x-vcl-time-ms: 0
via: 1.1 varnish, 1.1 varnish
x-ratelimit-remaining: 100
accept-ranges: bytes
access-control-allow-origin: *
req-referer: https://it.dir.bg/
content-length: 4562
x-ratelimit-limit: 101
server: nginx

GET
H2 200 1366x768.jpg%3F_%3D1700573679
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_223%2Cw_400%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//static.dir.bg/uploads/images/2023/11/21/2623059/ 10 KB
11 KB 39ms
38ms Image
image/webp 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_223%2Cw_400%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//static.dir.bg/uploads/images/2023/11/21/2623059/1366x768.jpg%3F_%3D1700573679
Requested by: Host: it.dir.bg
URL: https://it.dir.bg/web/rusiya-globi-google-s-2-5-detsiliona-dolara-tova-sa-usd2-500-000-000-000-000-000-000-000-000-000-000
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e04e5f4c1b8166c7b1f1257af27a56ad5a1ac203b9af771a99eb83afc3a9d271

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://it.dir.bg/

Response headers

x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_223%2Cw_400%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//static.dir.bg/uploads/images/2023/11/21/2623059/1366x768.jpg%3F_%3D1700573679
etag: "83ac01dd8268da9c7dfdfa5a2d9bf5d1"
surrogate-reporting: width=400,height=223,bytes=17009,owidth=1366,oheight=768,obytes=95944,ef=(1,13,17,23,30)
cache-tag: 303579326774392606817654636068566870006,507842782944220752304688722208192589828,29ecf9b93bbf306179626feeda1fab70
age: 1136420
x-cache: Miss from cloudfront, MISS, HIT, MISS, MISS, HIT
date: Wed, 30 Oct 2024 15:16:49 GMT
content-type: image/webp
last-modified: Thu, 03 Oct 2024 04:39:50 GMT
x-served-by: cache-iad-kjyo7100034-IAD, cache-iad-kjyo7100034-IAD, cache-bur-kbur8200173-BUR, cache-iad-kjyo7100144-IAD, cache-mxp6936-MXP
x-cache-hits: 0, 2, 0, 0, 0
access-control-allow-headers: X-Requested-With
vary: ImageFormat
edge-cache-tag: 303579326774392606817654636068566870006,507842782944220752304688722208192589828,29ecf9b93bbf306179626feeda1fab70
cache-control: public, max-age=31536000
timing-allow-origin: *
x-envoy-upstream-service-time: 1457
x-timer: S1730301409.278478,VS0,VE1
x-orig-request-id: 43c9c5828e30061da18991e27cee9bc5
x-ratelimit-reset: 1
expiration: expiry-date="Sun, 03 Nov 2024 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
via: 1.1 varnish, 1.1 varnish
x-ratelimit-remaining: 100
x-vcl-time-ms: 1
accept-ranges: bytes
access-control-allow-origin: *
req-referer: https://it.dir.bg/
content-length: 10118
x-ratelimit-limit: 101
server: nginx

GET
H2 200 1366x768.jpg%3F_%3D1679647512
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_223%2Cw_400%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//static.dir.bg/uploads/images/2023/03/24/2451399/ 22 KB
23 KB 40ms
39ms Image
image/webp 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_223%2Cw_400%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//static.dir.bg/uploads/images/2023/03/24/2451399/1366x768.jpg%3F_%3D1679647512
Requested by: Host: it.dir.bg
URL: https://it.dir.bg/web/rusiya-globi-google-s-2-5-detsiliona-dolara-tova-sa-usd2-500-000-000-000-000-000-000-000-000-000-000
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 4cba72939763503c249de189f7c92adb22f4395d28f8cffd4e2c60b67d5e824d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://it.dir.bg/

Response headers

x-request-id: b9bfdef60533d9b2be7b7ae745796e67
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_223%2Cw_400%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//static.dir.bg/uploads/images/2023/03/24/2451399/1366x768.jpg%3F_%3D1679647512
etag: "c9f0ec0a6e5d176d1ed61568e004942d"
surrogate-reporting: width=400,height=223,bytes=23947,owidth=1366,oheight=768,obytes=202359,ef=(1,13,17,23,30)
cache-tag: 508104929011735239318781192980962390449,507842782944220752304688722208192589828,29ecf9b93bbf306179626feeda1fab70
age: 11138
status: 200 OK
x-cache: Miss from cloudfront, MISS, MISS, MISS, HIT, HIT
date: Wed, 30 Oct 2024 15:16:49 GMT
content-type: image/webp
last-modified: Wed, 30 Oct 2024 08:11:04 GMT
x-served-by: cache-iad-kjyo7100082-IAD, cache-iad-kjyo7100082-IAD, cache-lax-kwhp1940029-LAX, cache-iad-kiad7000159-IAD, cache-mxp6936-MXP
x-cache-hits: 0, 0, 0, 4, 0
access-control-allow-headers: X-Requested-With
vary: ImageFormat
edge-cache-tag: 508104929011735239318781192980962390449,507842782944220752304688722208192589828,29ecf9b93bbf306179626feeda1fab70
cache-control: public, max-age=31536000
timing-allow-origin: *
x-envoy-upstream-service-time: 2064
x-timer: S1730301409.291043,VS0,VE1
x-orig-request-id: 63c56fed96be489a0992c68b86f285de
x-ratelimit-reset: 1
x-vcl-time-ms: 1
via: 1.1 varnish, 1.1 varnish
x-ratelimit-remaining: 100
accept-ranges: bytes
access-control-allow-origin: *
req-referer: https://it.dir.bg/
content-length: 22390
x-ratelimit-limit: 101
server: nginx

GET
H2 200 607214b8-0f90-447e-89a1-97e9f028670c__nGwsD4xs.jpg
images.taboola.com/taboola/image/fetch/c_crop%2Cf_jpg%2Cq_auto%2Ce_sharpen%2Car_1.7778%2Cw_2275%2Cx_593%2Cy_340/c_fill%2Cw_1220%2Ch_678/http%3A//cdn.taboola.com/libtrc/static/thumbnails/STABLE_DIFF... 43 KB
44 KB 52ms
49ms Image
image/webp 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/c_crop%2Cf_jpg%2Cq_auto%2Ce_sharpen%2Car_1.7778%2Cw_2275%2Cx_593%2Cy_340/c_fill%2Cw_1220%2Ch_678/http%3A//cdn.taboola.com/libtrc/static/thumbnails/STABLE_DIFFUSION_OUTCROP/ESD/607214b8-0f90-447e-89a1-97e9f028670c__nGwsD4xs.jpg
Requested by: Host: it.dir.bg
URL: https://it.dir.bg/web/rusiya-globi-google-s-2-5-detsiliona-dolara-tova-sa-usd2-500-000-000-000-000-000-000-000-000-000-000
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: eeb7bcad621ca7e0801ec0fcd8c6e76bba49a49349e9b75539d73934d4646a17

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://it.dir.bg/

Response headers

x-debug: /taboola/image/fetch/c_crop%2Cf_jpg%2Cq_auto%2Ce_sharpen%2Car_1.7778%2Cw_2275%2Cx_593%2Cy_340/c_fill%2Cw_1220%2Ch_678/http%3A//cdn.taboola.com/libtrc/static/thumbnails/STABLE_DIFFUSION_OUTCROP/ESD/607214b8-0f90-447e-89a1-97e9f028670c__nGwsD4xs.jpg
etag: "9d2da37673cab2ce97cee4053198ba33"
surrogate-reporting: width=1220,height=678,bytes=95263,owidth=3413,oheight=1920,obytes=543575,ef=(1,13,17,23,30)
cache-tag: 520990177513487036918139343195985403135,410339677634056508360329767833368676969,29ecf9b93bbf306179626feeda1fab70
age: 722155
x-cache: Miss from cloudfront, MISS, MISS, HIT, HIT, HIT
date: Wed, 30 Oct 2024 15:16:49 GMT
content-type: image/webp
last-modified: Thu, 10 Oct 2024 17:53:50 GMT
x-served-by: cache-iad-kcgs7200036-IAD, cache-iad-kcgs7200036-IAD, cache-lga21942-LGA, cache-iad-kiad7000105-IAD, cache-mxp6936-MXP
x-cache-hits: 0, 0, 0, 7, 0
access-control-allow-headers: X-Requested-With
vary: ImageFormat
edge-cache-tag: 520990177513487036918139343195985403135,410339677634056508360329767833368676969,29ecf9b93bbf306179626feeda1fab70
cache-control: public, max-age=31536000
timing-allow-origin: *
x-envoy-upstream-service-time: 159
x-timer: S1730301409.325961,VS0,VE1
x-orig-request-id: 58d1cd2d59b6438f6fdea856f93335e8
x-ratelimit-reset: 1
expiration: expiry-date="Sun, 10 Nov 2024 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
via: 1.1 varnish, 1.1 varnish
x-ratelimit-remaining: 100
x-vcl-time-ms: 1
accept-ranges: bytes
access-control-allow-origin: *
req-referer: https://www.ynet.co.il/
content-length: 44422
x-ratelimit-limit: 101
server: nginx

POST
H2 204 metrics
il-trc-events.taboola.com/itdirbggr-f16324177/log/3/ 0
242 B 110ms
107ms Ping
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://il-trc-events.taboola.com/itdirbggr-f16324177/log/3/metrics?route=AM%3AIL%3AV&lti=trecs
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/itdirbggr-f16324177/loader.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Referer: https://it.dir.bg/

Response headers

access-control-allow-origin: https://it.dir.bg
cache-control: no-cache
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
date: Wed, 30 Oct 2024 15:16:49 GMT
pragma: no-cache
server: nginx
access-control-allow-credentials: true

POST
H2 204 / Show response
beacon.taboola.com/ 0
45 B 52ms
43ms XHR
text/plain 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://beacon.taboola.com/?ab=trecs&pub=itdirbggr-f16324177&ui=a18bb45e-d7f5-4ee6-aee4-d3229003ff33-tucte1bd360&eventType=metrics&extraData=%7B%22placementModeGroupsId%22%3A%22Alternating%20Below%20Article%20%7C%20Card%202_653887055%22%2C%22eventName%22%3A%22ResponsiveWidget-event-checking_overflowing_cards%22%7D
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/itdirbggr-f16324177/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://it.dir.bg/

Response headers

cache-control: private, no-store
retry-after: 0
x-timer: S1730301409.161693,VS0,VE0
access-control-allow-credentials: true
access-control-allow-methods: GET, POST
via: 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: https://it.dir.bg
x-cache: HIT
date: Wed, 30 Oct 2024 15:16:49 GMT
content-type
x-served-by: cache-mxp6936-MXP
server: Varnish
x-cache-hits: 0

POST
H2 204 / Show response
beacon.taboola.com/ 0
45 B 53ms
44ms XHR
text/plain 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://beacon.taboola.com/?ab=trecs&pub=itdirbggr-f16324177&ui=a18bb45e-d7f5-4ee6-aee4-d3229003ff33-tucte1bd360&eventType=metrics&extraData=%7B%22placementModeGroupsId%22%3A%22Alternating%20Below%20Article%20%7C%20Card%202_653887055%22%2C%22eventName%22%3A%22ResponsiveWidget-event-checking_overflowing_cards%22%7D
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/itdirbggr-f16324177/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://it.dir.bg/

Response headers

cache-control: private, no-store
retry-after: 0
x-timer: S1730301409.161652,VS0,VE0
access-control-allow-credentials: true
access-control-allow-methods: GET, POST
via: 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: https://it.dir.bg
x-cache: HIT
date: Wed, 30 Oct 2024 15:16:49 GMT
content-type
x-served-by: cache-mxp6936-MXP
server: Varnish
x-cache-hits: 0

POST
H2 204 / Show response
beacon.taboola.com/ 0
45 B 52ms
44ms XHR
text/plain 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://beacon.taboola.com/?ab=trecs&pub=itdirbggr-f16324177&ui=a18bb45e-d7f5-4ee6-aee4-d3229003ff33-tucte1bd360&eventType=metrics&extraData=%7B%22placementModeGroupsId%22%3A%22Alternating%20Below%20Article%20%7C%20Card%202_653887055%22%2C%22eventName%22%3A%22ResponsiveWidget-event-checking_overflowing_cards%22%7D
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/itdirbggr-f16324177/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://it.dir.bg/

Response headers

cache-control: private, no-store
retry-after: 0
x-timer: S1730301409.161633,VS0,VE0
access-control-allow-credentials: true
access-control-allow-methods: GET, POST
via: 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: https://it.dir.bg
x-cache: HIT
date: Wed, 30 Oct 2024 15:16:49 GMT
content-type
x-served-by: cache-mxp6936-MXP
server: Varnish
x-cache-hits: 0

POST
H2 204 metrics
il-trc-events.taboola.com/itdirbggr-f16324177/log/3/ 0
242 B 111ms
108ms Ping
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://il-trc-events.taboola.com/itdirbggr-f16324177/log/3/metrics?route=AM%3AIL%3AV&lti=trecs
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/itdirbggr-f16324177/loader.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Referer: https://it.dir.bg/

Response headers

access-control-allow-origin: https://it.dir.bg
cache-control: no-cache
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
date: Wed, 30 Oct 2024 15:16:49 GMT
pragma: no-cache
server: nginx
access-control-allow-credentials: true

POST
H2 204 / Show response
beacon.taboola.com/ 0
45 B 51ms
44ms XHR
text/plain 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://beacon.taboola.com/?ab=trecs&pub=itdirbggr-f16324177&ui=a18bb45e-d7f5-4ee6-aee4-d3229003ff33-tucte1bd360&eventType=metrics&extraData=%7B%22placementModeGroupsId%22%3A%22Alternating%20Below%20Article%20%7C%20Card%203_2412480%22%2C%22eventName%22%3A%22ResponsiveWidget-event-checking_overflowing_cards%22%7D
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/itdirbggr-f16324177/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://it.dir.bg/

Response headers

cache-control: private, no-store
retry-after: 0
x-timer: S1730301409.161622,VS0,VE0
access-control-allow-credentials: true
access-control-allow-methods: GET, POST
via: 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: https://it.dir.bg
x-cache: HIT
date: Wed, 30 Oct 2024 15:16:49 GMT
content-type
x-served-by: cache-mxp6936-MXP
server: Varnish
x-cache-hits: 0

POST
H2 204 / Show response
beacon.taboola.com/ 0
45 B 52ms
45ms XHR
text/plain 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://beacon.taboola.com/?ab=trecs&pub=itdirbggr-f16324177&ui=a18bb45e-d7f5-4ee6-aee4-d3229003ff33-tucte1bd360&eventType=metrics&extraData=%7B%22placementModeGroupsId%22%3A%22Alternating%20Below%20Article%20%7C%20Card%203_2412480%22%2C%22eventName%22%3A%22ResponsiveWidget-event-checking_overflowing_cards%22%7D
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/itdirbggr-f16324177/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://it.dir.bg/

Response headers

cache-control: private, no-store
retry-after: 0
x-timer: S1730301409.161576,VS0,VE0
access-control-allow-credentials: true
access-control-allow-methods: GET, POST
via: 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: https://it.dir.bg
x-cache: HIT
date: Wed, 30 Oct 2024 15:16:49 GMT
content-type
x-served-by: cache-mxp6936-MXP
server: Varnish
x-cache-hits: 0

POST
H2 204 / Show response
beacon.taboola.com/ 0
45 B 51ms
45ms XHR
text/plain 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://beacon.taboola.com/?ab=trecs&pub=itdirbggr-f16324177&ui=a18bb45e-d7f5-4ee6-aee4-d3229003ff33-tucte1bd360&eventType=metrics&extraData=%7B%22placementModeGroupsId%22%3A%22Alternating%20Below%20Article%20%7C%20Card%203_2412480%22%2C%22eventName%22%3A%22ResponsiveWidget-event-checking_overflowing_cards%22%7D
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/itdirbggr-f16324177/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://it.dir.bg/

Response headers

cache-control: private, no-store
retry-after: 0
x-timer: S1730301409.161557,VS0,VE0
access-control-allow-credentials: true
access-control-allow-methods: GET, POST
via: 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: https://it.dir.bg
x-cache: HIT
date: Wed, 30 Oct 2024 15:16:49 GMT
content-type
x-served-by: cache-mxp6936-MXP
server: Varnish
x-cache-hits: 0

POST
H2 204 metrics
il-trc-events.taboola.com/itdirbggr-f16324177/log/3/ 0
242 B 112ms
109ms Ping
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://il-trc-events.taboola.com/itdirbggr-f16324177/log/3/metrics?route=AM%3AIL%3AV&lti=trecs
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/itdirbggr-f16324177/loader.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Referer: https://it.dir.bg/

Response headers

access-control-allow-origin: https://it.dir.bg
cache-control: no-cache
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
date: Wed, 30 Oct 2024 15:16:49 GMT
pragma: no-cache
server: nginx
access-control-allow-credentials: true

POST
H2 204 / Show response
beacon.taboola.com/ 0
181 B 48ms
45ms XHR
text/plain 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://beacon.taboola.com/?ab=trecs&pub=itdirbggr-f16324177&ui=a18bb45e-d7f5-4ee6-aee4-d3229003ff33-tucte1bd360&eventType=metrics&extraData=%7B%22placementModeGroupsId%22%3A%22Alternating%20Below%20Article%20%7C%20Card%204_3593966747%22%2C%22eventName%22%3A%22ResponsiveWidget-event-checking_overflowing_cards%22%7D
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/itdirbggr-f16324177/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://it.dir.bg/

Response headers

cache-control: private, no-store
retry-after: 0
x-timer: S1730301409.161511,VS0,VE0
access-control-allow-credentials: true
access-control-allow-methods: GET, POST
via: 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: https://it.dir.bg
x-cache: HIT
date: Wed, 30 Oct 2024 15:16:49 GMT
content-type
x-served-by: cache-mxp6936-MXP
server: Varnish
x-cache-hits: 0

POST
H2 204 metrics
il-trc-events.taboola.com/itdirbggr-f16324177/log/3/ 0
242 B 113ms
109ms Ping
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://il-trc-events.taboola.com/itdirbggr-f16324177/log/3/metrics?route=AM%3AIL%3AV&lti=trecs
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/itdirbggr-f16324177/loader.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Referer: https://it.dir.bg/

Response headers

access-control-allow-origin: https://it.dir.bg
cache-control: no-cache
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
date: Wed, 30 Oct 2024 15:16:49 GMT
pragma: no-cache
server: nginx
access-control-allow-credentials: true

GET
H2

200

pixel-taboola
www.temu.com/api/adx/cm/ Frame 5A15
Redirect Chain

https://sync.taboola.com/sg/temurtbnative-network/1/rtb/
https://www.temu.com/api/adx/cm/pixel-taboola?id=40177a16-8cb2-47ff-810b-df5ed9a1a652-tucte1bd361

0
367 B

685ms
183ms

Image
text/plain

20.157.217.65
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.temu.com/api/adx/cm/pixel-taboola?id=40177a16-8cb2-47ff-810b-df5ed9a1a652-tucte1bd361

Requested by

Host: it.dir.bg
URL: https://it.dir.bg/web/rusiya-globi-google-s-2-5-detsiliona-dolara-tova-sa-usd2-500-000-000-000-000-000-000-000-000-000-000

Protocol

Server

20.157.217.65 Dublin, Ireland, ASN8069 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security: max-age=31536000
yak-timeinfo: 1730301410430|2
content-security-policy-report-only: default-src 'none';script-src 'report-sample';report-uri /api/sec-csp/110000007/sec-gif
x-gateway-request-id: 1730301410430-00534f2dff80ed801b335d9c477d57f7
cip: 185.198.62.147
alt-svc: h3=":443"; ma=604800
content-length: 0
date: Wed, 30 Oct 2024 15:16:50 GMT
server: nginx

Redirect headers

x-fastly-to-nlb-rtt: 25078
location: https://www.temu.com/api/adx/cm/pixel-taboola?id=40177a16-8cb2-47ff-810b-df5ed9a1a652-tucte1bd361
date: Wed, 30 Oct 2024 15:16:49 GMT
server: nginx
access-control-allow-credentials: true

GET
H2 200 _.swf Show response
fundingchoicesmessages.google.com/f/AGSKWxXwMNUsRYEYMPC5vQjtjp4Zh9BA_PiYI2iizZrekGNrYOZ0AA1EQiuP0X-w0fHwMAQMY2Epdwh4CFT1pTwA7nkAQtsQP96rVPfSsqRTT-ve3WmLLiEx1w5-99Qky79vwOUVKB2g_0h-fCgEAPEQHGWLhz6Lu... 54 B
539 B 64ms
62ms Script
application/javascript 142.250.186.142
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXwMNUsRYEYMPC5vQjtjp4Zh9BA_PiYI2iizZrekGNrYOZ0AA1EQiuP0X-w0fHwMAQMY2Epdwh4CFT1pTwA7nkAQtsQP96rVPfSsqRTT-ve3WmLLiEx1w5-99Qky79vwOUVKB2g_0h-fCgEAPEQHGWLhz6LuOsdxDx7OevhMB-4nDK5P7L8snIva0zE/_.swf?click=/120-600./adserver?/ad.premium-/ads/popup.

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.it.jwYn0AhJbuc.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMymyhrtJzDzEDlWcQYMUCM_CXpBTw/m=ad_blocking_detection_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.142 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f14.1e100.net

Software

ESF /

Resource Hash

3441ca9bd1f9a6a653bbfc4cf5c2f93ee33e525b9f3e5fd112beb2cc67e82c42

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-BWqkK1AlYSwWATuasm2y5w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://it.dir.bg/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 30 Oct 2024 15:16:49 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjKtHikmJw05BiWMS_i-nkrdtMF4FY4utLJi0gdkqfwRoCxK03z7FOB-Kkf-dZS4DYXesiqz8QGypcYnUGYseiS6yeQKzac4nVHIjvr7vE-hyIiySusLYA8e2mK6yPgZjh6xVWDiAW4uF4OLtzJ5tAw7RVmxiVNJLyC-OT8_NKijKTSkvyi9KS01KLU4vKUovijQyMTAwNjCz0DAzjCwwAhwJGDA"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-BWqkK1AlYSwWATuasm2y5w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

GET
H2 200 google_top_exp.js Show response
pagead2.googlesyndication.com/pagead/js/ 47 B
328 B 588ms
124ms Script
text/javascript 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/google_top_exp.js?fcd=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

cafe /

Resource Hash

ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://it.dir.bg/

Response headers

content-encoding: br
etag: 13036835877489095579
age: 61634
x-content-type-options: nosniff
expires: Tue, 12 Nov 2024 22:09:35 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Tue, 29 Oct 2024 22:09:35 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=1209600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 42
x-xss-protection: 0
server: cafe

POST
H2 204 AGSKWxWOjT76USg8a3cCn8B4r35xt6ie34i_OQoDZKRzT_ArlrDTj1tGuS8KVfQVVhPTns-4OCxV2NiQjrS12u8OUSlnhfjWZneieGIWBV2FtR4RYxDOexbgcFlJBnvjNXBmSdSYz9qPow== Show response
fundingchoicesmessages.google.com/el/ 0
1 KB 693ms
208ms XHR
text/html 142.250.186.142
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWOjT76USg8a3cCn8B4r35xt6ie34i_OQoDZKRzT_ArlrDTj1tGuS8KVfQVVhPTns-4OCxV2NiQjrS12u8OUSlnhfjWZneieGIWBV2FtR4RYxDOexbgcFlJBnvjNXBmSdSYz9qPow==

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.142 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-B1Yc1O7TVwGMUsYvBWMLFw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://it.dir.bg/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 30 Oct 2024 15:16:49 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmJw1JBicEqfwRoCxO5aF1n9gZjh6xVWDiAW4uF4OLtzJ5tAx9Xzc5mVXJLyC-OT8_NKUvNKdBNTinVB7KLMpNKS_CIUdmoZSEVOfnp6Zl56vJGBkYmhgZGFnoFpfIEBACnrKLg"
content-security-policy: script-src 'report-sample' 'nonce-B1Yc1O7TVwGMUsYvBWMLFw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://it.dir.bg
content-length: 0
x-xss-protection: 0
server: ESF

POST
H2 204 AGSKWxWOjT76USg8a3cCn8B4r35xt6ie34i_OQoDZKRzT_ArlrDTj1tGuS8KVfQVVhPTns-4OCxV2NiQjrS12u8OUSlnhfjWZneieGIWBV2FtR4RYxDOexbgcFlJBnvjNXBmSdSYz9qPow== Show response
fundingchoicesmessages.google.com/el/ 0
360 B 574ms
184ms XHR
text/html 142.250.186.142
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWOjT76USg8a3cCn8B4r35xt6ie34i_OQoDZKRzT_ArlrDTj1tGuS8KVfQVVhPTns-4OCxV2NiQjrS12u8OUSlnhfjWZneieGIWBV2FtR4RYxDOexbgcFlJBnvjNXBmSdSYz9qPow==

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.142 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-1Vve7CSrPgYuVb-D3KfzAg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://it.dir.bg/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 30 Oct 2024 15:16:49 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmLw0JBicEqfwRoCxO5aF1n9gZjh6xVWDiAW4uF4OLtzJ5vAg4Vz5jEruSTlF8Yn5-eVpOaV6CamFOuC2EWZSaUl-UUo7NQykIqc_PT0zLz0eCMDIxNDAyMLPQPT-AIDACl4KLE"
content-security-policy: script-src 'report-sample' 'nonce-1Vve7CSrPgYuVb-D3KfzAg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://it.dir.bg
content-length: 0
x-xss-protection: 0
server: ESF

GET
H2 200 ima_ppub_config Show response
securepubads.g.doubleclick.net/pagead/ Frame 9855 875 B
739 B 762ms
123ms XHR
application/json 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ima_ppub_config?ippd=https%3A%2F%2Fit.dir.bg%2Fweb%2Frusiya-globi-google-s-2-5-detsiliona-dolara-tova-sa-usd2-500-000-000-000-000-000-000-000-000-000-000

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

c9305d08078287e373ca1e0121e5b275d15668c6d5cc28257a26a5004aa03202

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://it.dir.bg/

Response headers

cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
content-encoding: br
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Wed, 30 Oct 2024 15:16:50 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 196
date: Wed, 30 Oct 2024 15:16:50 GMT
x-xss-protection: 0
content-type: application/json; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H2 200 player_gemius.js Show response
cdn.onnetwork.tv/js/player86/ Frame 9855 10 KB
3 KB 48ms
38ms Script
application/javascript 188.165.21.156
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.onnetwork.tv/js/player86/player_gemius.js?s=1730050408

Requested by

Host: cdn.onnetwork.tv
URL: https://cdn.onnetwork.tv/js/player86/player.js?s=1730050408

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

188.165.21.156 , France, ASN16276 (OVH, FR),

Reverse DNS

vh11b.eris-w13.of.pl

Software

XO.webservantpro /

Resource Hash

f439ac264af641a6a0bc606abec9ecba41d51dc67e86e8f4134d45f6669bbad7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://it.dir.bg
Referer: https://cdn.onnetwork.tv/js/player86/player.js?s=1730050408

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=17280000, public
content-encoding: gzip
etag: W/"671e7968-28be"
pragma: public
access-control-allow-methods: GET, POST, OPTIONS
expires: Sun, 18 May 2025 15:16:49 GMT
access-control-allow-origin: *
date: Wed, 30 Oct 2024 15:16:49 GMT
content-type: application/javascript
last-modified: Sun, 27 Oct 2024 17:33:28 GMT
server: XO.webservantpro
vary: Accept-Encoding

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame 9855 52 KB
0 1ms
1ms Script
text/javascript 142.250.186.142
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: cdn.onnetwork.tv
URL: https://cdn.onnetwork.tv/js/player86/player.js?s=1730050408

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.142 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://it.dir.bg/

Response headers

content-encoding: gzip
age: 6630
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],}
x-content-type-options: nosniff
expires: Wed, 30 Oct 2024 15:26:15 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 30 Oct 2024 13:26:15 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 20994
server: Golfe2

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ Frame 9855 136 KB
52 KB 62ms
59ms Script
application/javascript 142.250.184.232
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js

Requested by

Host: cdn.onnetwork.tv
URL: https://cdn.onnetwork.tv/js/player86/player.js?s=1730050408

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.232 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

0d27ce1d6ad9d75eae40b873db98cbc0e0cb31bfd5fbe99f6ea0a115ee8d2b40

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://it.dir.bg/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Wed, 30 Oct 2024 15:16:49 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 30 Oct 2024 15:16:49 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Wed, 30 Oct 2024 15:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 52655
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 bridge3.674.1_bg.html
imasdk.googleapis.com/js/core/ Frame 68FC 0
0 1098ms
176ms Document
text/html 142.250.184.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.674.1_bg.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.202 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f10.1e100.net

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://it.dir.bg/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 78503
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 257988
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Tue, 29 Oct 2024 17:28:27 GMT
expires: Wed, 29 Oct 2025 17:28:27 GMT
last-modified: Tue, 22 Oct 2024 18:52:20 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ Frame 9855 44 KB
17 KB 1106ms
411ms Script
text/javascript 172.217.18.6
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.6 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f6.1e100.net

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://it.dir.bg/

Response headers

cache-control: private, max-age=900
content-encoding: gzip
cross-origin-resource-policy: cross-origin
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
x-content-type-options: nosniff
expires: Wed, 30 Oct 2024 15:16:50 GMT
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
content-length: 16746
date: Wed, 30 Oct 2024 15:16:50 GMT
x-xss-protection: 0
content-type: text/javascript
vary: Accept-Encoding
server: sffe

GET
H2 200 577645_6.jpg
cdnt.onnetwork.tv/poster/5/7/ Frame 9855 91 KB
91 KB 87ms
83ms Image
image/jpeg 188.165.21.156
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdnt.onnetwork.tv/poster/5/7/577645_6.jpg

Requested by

Host: cdn.onnetwork.tv
URL: https://cdn.onnetwork.tv/js/player86/player.js?s=1730050408

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

188.165.21.156 , France, ASN16276 (OVH, FR),

Reverse DNS

vh11b.eris-w13.of.pl

Software

XO.webservantpro /

Resource Hash

3e452fabf33339a3fb6444f8189f5332d6f50bd965755a0adf60f90c1591baae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://it.dir.bg/

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=17280000
etag: "62095f4b-16a17"
expires: Sun, 18 May 2025 15:16:49 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 92695
date: Wed, 30 Oct 2024 15:16:49 GMT
content-type: image/jpeg
last-modified: Sun, 13 Feb 2022 19:43:07 GMT
server: XO.webservantpro

GET
H2 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 1B1F 40 KB
14 KB 252ms
76ms Script
text/javascript 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

sffe /

Resource Hash

5b9cfa0283d9a9f6a909df2b61c9933c11130343f08aec96cdd8f49c29972526

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: gzip
age: 1027
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
x-content-type-options: nosniff
expires: Wed, 30 Oct 2024 15:59:42 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 30 Oct 2024 14:59:42 GMT
last-modified: Thu, 11 Apr 2024 19:10:13 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: public, max-age=3600
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
accept-ranges: bytes
content-length: 13943
x-xss-protection: 0
server: sffe

GET
H2 200 a_cnti.png
cdn.onnetwork.tv/cnt/ Frame 9855 126 B
331 B 270ms
269ms Image
image/png 188.165.21.156
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.onnetwork.tv/cnt/a_cnti.png?ts=1730301409611&event=plimpression&d=7056&vs=0&aps=3&playerVisible=0&plist=1773&widget=815&initap=3&currap=3&ab=0&cbs=1&co=0&vc=0&pod=0&ppos=0&muted=1&mobile=0&lls=0&acount=0
Requested by: Host: it.dir.bg
URL: https://it.dir.bg/web/rusiya-globi-google-s-2-5-detsiliona-dolara-tova-sa-usd2-500-000-000-000-000-000-000-000-000-000-000
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 188.165.21.156 , France, ASN16276 (OVH, FR),
Reverse DNS: vh11b.eris-w13.of.pl
Software: XO.webservantpro /
Resource Hash: a607b3c3e0d09d7f339e0035f16f99bf93637dee0eb27b2b9c447701fefa2ace

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://it.dir.bg/

Response headers

cache-control: no-cache
access-control-allow-methods: GET, POST, OPTIONS
accept-ranges: bytes
access-control-allow-origin: *
content-length: 126
date: Wed, 30 Oct 2024 15:16:49 GMT
content-type: image/png
last-modified: Wednesday, 30-Oct-2024 15:16:49 GMT
server: XO.webservantpro

GET
H2 200 a_cntm.png
cdn.onnetwork.tv/cnt/ Frame 9855 126 B
331 B 275ms
274ms Image
image/png 188.165.21.156
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.onnetwork.tv/cnt/a_cntm.png?ts=1730301409617&i=577645&d=7056&wsc=av&plist=1773&widget=815&initap=3&currap=3&ab=0&cbs=1&co=0&vc=0&pod=0&ppos=0&muted=1&mobile=0&lls=0&typ=embed&ap=3&vs=303
Requested by: Host: it.dir.bg
URL: https://it.dir.bg/web/rusiya-globi-google-s-2-5-detsiliona-dolara-tova-sa-usd2-500-000-000-000-000-000-000-000-000-000-000
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 188.165.21.156 , France, ASN16276 (OVH, FR),
Reverse DNS: vh11b.eris-w13.of.pl
Software: XO.webservantpro /
Resource Hash: a607b3c3e0d09d7f339e0035f16f99bf93637dee0eb27b2b9c447701fefa2ace

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://it.dir.bg/

Response headers

cache-control: no-cache
access-control-allow-methods: GET, POST, OPTIONS
accept-ranges: bytes
access-control-allow-origin: *
content-length: 126
date: Wed, 30 Oct 2024 15:16:49 GMT
content-type: image/png
last-modified: Wednesday, 30-Oct-2024 15:16:49 GMT
server: XO.webservantpro

GET
H2 200 a_cntg.png
cdn.onnetwork.tv/cnt/ Frame 9855 126 B
331 B 275ms
275ms Image
image/png 188.165.21.156
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.onnetwork.tv/cnt/a_cntg.png?ts=1730301409617&d=7056&wsc=av&typ=embed&mobile=0&c=45
Requested by: Host: it.dir.bg
URL: https://it.dir.bg/web/rusiya-globi-google-s-2-5-detsiliona-dolara-tova-sa-usd2-500-000-000-000-000-000-000-000-000-000-000
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 188.165.21.156 , France, ASN16276 (OVH, FR),
Reverse DNS: vh11b.eris-w13.of.pl
Software: XO.webservantpro /
Resource Hash: a607b3c3e0d09d7f339e0035f16f99bf93637dee0eb27b2b9c447701fefa2ace

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://it.dir.bg/

Response headers

cache-control: no-cache
access-control-allow-methods: GET, POST, OPTIONS
accept-ranges: bytes
access-control-allow-origin: *
content-length: 126
date: Wed, 30 Oct 2024 15:16:49 GMT
content-type: image/png
last-modified: Wednesday, 30-Oct-2024 15:16:49 GMT
server: XO.webservantpro

GET
H2 206 black2.mp4
cdn.onnetwork.tv/img/ Frame 9855 2 KB
2 KB 257ms
236ms Media
video/mp4 188.165.21.156
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.onnetwork.tv/img/black2.mp4

Requested by

Host: it.dir.bg
URL: https://it.dir.bg/web/rusiya-globi-google-s-2-5-detsiliona-dolara-tova-sa-usd2-500-000-000-000-000-000-000-000-000-000-000

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

188.165.21.156 , France, ASN16276 (OVH, FR),

Reverse DNS

vh11b.eris-w13.of.pl

Software

XO.webservantpro /

Resource Hash

6212a4c6fd9be62d0795e3957471693cb344af6f21c2bbe0e957f3ed82520f1b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://it.dir.bg/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Range: bytes=0-

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=17280000, public
etag: "63738ce2-8be"
pragma: public
Content-Range: bytes 0-2237/2238
access-control-allow-methods: GET, POST, OPTIONS
expires: Sun, 18 May 2025 15:16:49 GMT
access-control-allow-origin: *
Content-Length: 2238
date: Wed, 30 Oct 2024 15:16:49 GMT
content-type: video/mp4
last-modified: Tue, 15 Nov 2022 12:58:10 GMT
server: XO.webservantpro

GET
H2 200 st
imprammp.taboola.com/ Frame 40DF 0
0 85ms
84ms Document
text/plain 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V9Io0CABYDAH7WNfkZYp4tBAB-1jX5GWKeLQUAAAAABgYA9AcAJLFx2BbGhWGtcZhWa9FyZltLbJ6VW7Iyzoajkc0xWliGAEASG4dtYVwY1hqHabUWLWe2tcTmWbklK-NsOBrZHKOFZQoAIMZymQxqgYJselnuDtPT7jNIWGa_76CgnJ4es8sNAHpoOh0-171eabqLnJa7xOfXvSx-yevzdD7cOrPf4nTr_H6f2eXWvCVr1VrkMn2eZqff7nCL_GaH5eEW_W0Pt-bhVn1OlrVqMFgLBoO1YDBYCwaDtWAwWAsGg7VgMFgLBoO1YDBYCwaDtWAwmAMAAAAAwAPA____PwQAAAAAQAQAAAAAgAQAAAAAAAVAQAXAvwWAwAUAAAAAAAbA____vwYAANoGgEAzyQFQ0E6zw-4PAAAAAAAQAAAAAAASAACE5c8SAICYrfUTgP__________GIAB-swbGYD_____GwCDHgCABx8AgAchAAAAAJMhACBUipzYf4skIgAAgRGoIgBGAAAAAAC5xj6TRwCTADoBoAKwqAL4___vtwIAuAIAAAiQ9Aagsc8C0B2UeAsDAAAAEBgDWKCHxe83O-wav9tlAP__________ZgD_ZwD_aABCNbhSaQBBEwo9agC_gAAAawC_gAAAbADqBgAA8AYQAAcQdAAErRgMVgcQELMDAAAAALgD-P___9cDAKmFxbPcDWcrh82wWAxnq5lntpp4TCbHwrdYDYbbA3j91-j-XBCA6AMQCbLpZbk7TE-7zyBhmf2-g4JyenrMLoP4oGFYTgbB_AAmbDFaTSab5XC2XEwGw9FwNNofwEBsBgMEoGjJYrUcrnaTxWizWEyWu-FoMkEAihYNJqvRaLKYDFejyWq2XOx2GwSgaNVqNtoMhqvZZLbbrYaD4XI0QoAJW4xWk8lmOZwtF5PBcDQcjYYIABOO4cRiWq3cIt_MtRatXLa1wuUyrUWeyWQ5GGxmNs9mLXp9TC_HxOSZDbYIIBiwuBfJ0yKdaFau5WC53BhXi81kt5vZRqbBbOKyrGwek2fmskzEEs3JIp3ILvvWwuJZ7oazlcNmWCyGs9XMM1tNPCaTY-FbrAbDfcMxnFhMq5Vb5Ju51qKVy7ZWuFymtcgzmSwHg83M5tmsRa-P6eWYmDyzwb6x2ww2g8VoMNw3dpvBZrAYDYb7Dp3hu_qcjebfwvExSX2foUN6Mx0ULoPFu5iYdt_O8GCtFoxOmzO07O6Mfr_f7_f7_X6_32_Qeg5mg8I3LiwrtufYas1JtAWxweA5WAyKWCK4SCdK08lpufh8lrfMMdtMRovdbiKWKE0X6USve1n8ktfn6Xy4dWa_xenW-f0-s8uteUvWqrXIZfo8zU6_3eEW-c0Oy8Mt-tsebs3DrfqcLGvVYLAWDAZrwWCwFgwGa8FgsBYMBmvBYLAWDAZrwWCwFgwGa8FgMBFLBKeLdCJ6GU8X9R8BHGK4miuWw7lsMleMdqsEAAAAAAAAAACwBLAJAAAAAMAJYFC72WixWifAwUw2o91ytVwAgAsAJV0AYBAAAAAAAIBdADCXeMhw2STYY4CJNJ2clovPZ3nLHLPNZLTY7aYMACBRR8MMsBngMwBBrNVqWQMAAAAIYAMAAAAEcAPoBuANINBMjgMAAAAI0AMAAADQ7wMAZQEAAAAAAPADFMhgN1vtHwBAgEKs1Wp1u7FWqxUQUDCr2WQ3gYD___9_ggAAAAAAAICojoIAAAAAAACApVmEAIFtNyGgQoDBEC1_t8sLAR0CAGbpOvknC3AeAgAAAiS9AWgIAA!&cmcv=&pix=undefined&cb=1730301409654&uv=3445&tms=1730301409654&abt=adxsub-out_vA!adxsub-out_vB!agqp4c_vC!flradc_vA!ufm_vD!vdprc_vC&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=1ca6a8a0-ca45-49f6-bf3e-2e8684df14a2&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/5.0.6/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Referer: https://it.dir.bg/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
content-length: 0
date: Wed, 30 Oct 2024 15:16:49 GMT
server: nginx
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-served-by: cache-mxp6931-MXP
x-timer: S1730301410.725680,VS0,VE28

GET
H2 200 sync
am-match.taboola.com/ Frame 5280 0
0 769ms
169ms Document
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-match.taboola.com/sync?dast=V9Io0CABYDAH7WNfkZYp4tBAB-1jX5GWKeLQUAAAAABgYA9AcAJLFx2BbGhWGtcZhWa9FyZltLbJ6VW7Iyzoajkc0xWliGAEASG4dtYVwY1hqHabUWLWe2tcTmWbklK-NsOBrZHKOFZQoAIMZymQxqgYJselnuDtPT7jNIWGa_76CgnJ4es8sNAHpoOh0-171eabqLnJa7xOfXvSx-yevzdD7cOrPf4nTr_H6f2eXWvCVr1VrkMn2eZqff7nCL_GaH5eEW_W0Pt-bhVn1OlrVqMFgLBoO1YDBYCwaDtWAwWAsGg7VgMFgLBoO1YDBYCwaDtWAwmAMAAAAAwAPA____PwQAAAAAQAQAAAAAgAQAAAAAAAVAQAXAvwWAwAUAAAAAAAbA____vwYAANoGgEAzyQFQ0E6zw-4PAAAAAAAQAAAAAAASAACE5c8SAICYrfUTgP__________GIAB-swbGYD_____GwCDHgCABx8AgAchAAAAAJMhACBUipzYf4skIgAAgRGoIgBGAAAAAAC5xj6TRwCTADoBoAKwqAL4___vtwIAuAIAAAiQ9Aagsc8C0B2UeAsDAAAAEBgDWKCHxe83O-wav9tlAP__________ZgD_ZwD_aABCNbhSaQBBEwo9agC_gAAAawC_gAAAbADqBgAA8AYQAAcQdAAErRgMVgcQELMDAAAAALgD-P___9cDAKmFxbPcDWcrh82wWAxnq5lntpp4TCbHwrdYDYbbA3j91-j-XBCA6AMQCbLpZbk7TE-7zyBhmf2-g4JyenrMLoP4oGFYTgbB_AAmbDFaTSab5XC2XEwGw9FwNNofwEBsBgMEoGjJYrUcrnaTxWizWEyWu-FoMkEAihYNJqvRaLKYDFejyWq2XOx2GwSgaNVqNtoMhqvZZLbbrYaD4XI0QoAJW4xWk8lmOZwtF5PBcDQcjYYIABOO4cRiWq3cIt_MtRatXLa1wuUyrUWeyWQ5GGxmNs9mLXp9TC_HxOSZDbYIIBiwuBfJ0yKdaFau5WC53BhXi81kt5vZRqbBbOKyrGwek2fmskzEEs3JIp3ILvvWwuJZ7oazlcNmWCyGs9XMM1tNPCaTY-FbrAbDfcMxnFhMq5Vb5Ju51qKVy7ZWuFymtcgzmSwHg83M5tmsRa-P6eWYmDyzwb6x2ww2g8VoMNw3dpvBZrAYDYb7Dp3hu_qcjebfwvExSX2foUN6Mx0ULoPFu5iYdt_O8GCtFoxOmzO07O6Mfr_f7_f7_X6_32_Qeg5mg8I3LiwrtufYas1JtAWxweA5WAyKWCK4SCdK08lpufh8lrfMMdtMRovdbiKWKE0X6USve1n8ktfn6Xy4dWa_xenW-f0-s8uteUvWqrXIZfo8zU6_3eEW-c0Oy8Mt-tsebs3DrfqcLGvVYLAWDAZrwWCwFgwGa8FgsBYMBmvBYLAWDAZrwWCwFgwGa8FgMBFLBKeLdCJ6GU8X9R8BHGK4miuWw7lsMleMdqsEAAAAAAAAAACwBLAJAAAAAMAJYFC72WixWifAwUw2o91ytVwAgAsAJV0AYBAAAAAAAIBdADCXeMhw2STYY4CJNJ2clovPZ3nLHLPNZLTY7aYMACBRR8MMsBngMwBBrNVqWQMAAAAIYAMAAAAEcAPoBuANINBMjgMAAAAI0AMAAADQ7wMAZQEAAAAAAPADFMhgN1vtHwBAgEKs1Wp1u7FWqxUQUDCr2WQ3gYD___9_ggAAAAAAAICojoIAAAAAAACApVmEAIFtNyGgQoDBEC1_t8sLAR0CAGbpOvknC3AeAgAAAiS9AWgIAA!&excid=22&docw=0&cijs=1&nlb=false
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/5.0.6/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Referer: https://it.dir.bg/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

content-length: 0
date: Wed, 30 Oct 2024 15:16:50 GMT
machineid: 440103
server: nginx

GET
H2 200 cmOsUnit.css
vidstat.taboola.com/vpaid/units/34_4_5/assets/css/ 81 KB
11 KB 49ms
45ms Stylesheet
text/css 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/vpaid/units/34_4_5/assets/css/cmOsUnit.css
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/5.0.6/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: de4b4d887b4960dd252d0905df0bf7f39a309cc6d4fa7f6a7fb9b2252b143c29

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://it.dir.bg/

Response headers

content-encoding: br
etag: "0999e9df7448e92b58e585e5a66aac86"
age: 189848
x-amz-meta-gid: 0
x-amz-meta-mtime: 1730111493
x-amz-meta-mode: 33188
access-control-allow-methods: GET, OPTIONS, HEAD
x-cache: HIT
date: Wed, 30 Oct 2024 15:16:49 GMT
last-modified: Mon, 28 Oct 2024 10:31:35 GMT
content-type: text/css
x-served-by: cache-mxp6936-MXP
x-cache-hits: 88622
x-amz-id-2: 9PDfFa/sBOuwsOey6lxIdOnlgP/rsQCBP0CsYxwZy3hJ+aP/2P1lioM52UGMP6ZFrpFnxRFySMY=
access-control-allow-headers: *
vary: Accept-Encoding
cache-control: public, max-age=2592000
x-timer: S1730301410.685158,VS0,VE0
via: 1.1 varnish
x-amz-request-id: 240D8J3A9CG9ZTD4
x-amz-meta-uid: 0
accept-ranges: bytes
access-control-allow-origin: *
content-length: 10873
x-amz-meta-ctime: 1730111494
server: AmazonS3-br
x-amz-server-side-encryption: AES256

GET
H2 200 cmTagFEED_MANAGER.js Show response
vidstat.taboola.com/vpaid/units/34_4_5/infra/ 499 KB
103 KB 52ms
48ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/vpaid/units/34_4_5/infra/cmTagFEED_MANAGER.js
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/5.0.6/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 96fc0d1e441d5f5e63e08994a1c80ddc5de0e06afd0e9f367ef6347b8ebec886

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://it.dir.bg
Referer: https://it.dir.bg/

Response headers

content-encoding: br
etag: "843fac1768b5e0b3357d3cf2c6c93581"
age: 189842
x-amz-meta-gid: 0
x-amz-meta-mtime: 1730111479
x-amz-meta-mode: 33188
access-control-allow-methods: GET, OPTIONS, HEAD
x-cache: HIT
date: Wed, 30 Oct 2024 15:16:49 GMT
last-modified: Mon, 28 Oct 2024 10:31:21 GMT
content-type: application/javascript
x-served-by: cache-mxp6946-MXP
x-cache-hits: 54799
x-amz-id-2: DqIxN7P5GLslcWuqrPBv8+/PKVlwFe10et0TcojZAiMErJBQzxmeUETMpfbOAdxLnp/zo1t5lUc=
access-control-allow-headers: *
vary: Accept-Encoding
cache-control: public, max-age=2592000
x-timer: S1730301410.687906,VS0,VE0
via: 1.1 varnish
x-amz-request-id: 4S7SPZSQW14TKJJB
x-amz-meta-uid: 0
accept-ranges: bytes
access-control-allow-origin: *
content-length: 105066
x-amz-meta-ctime: 1730111480
server: AmazonS3-br
x-amz-server-side-encryption: AES256

GET
H2 200 st
am-vid-events.taboola.com/ 0
43 B 102ms
73ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-vid-events.taboola.com/st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=66361655&crid=-1&dast=V9Io0CABYDAH7WNfkZYp4tBAB-1jX5GWKeLQUAAAAABgYA9AcAJLFx2BbGhWGtcZhWa9FyZltLbJ6VW7Iyzoajkc0xWliGAEASG4dtYVwY1hqHabUWLWe2tcTmWbklK-NsOBrZHKOFZQoAIMZymQxqgYJselnuDtPT7jNIWGa_76CgnJ4es8sNAHpoOh0-171eabqLnJa7xOfXvSx-yevzdD7cOrPf4nTr_H6f2eXWvCVr1VrkMn2eZqff7nCL_GaH5eEW_W0Pt-bhVn1OlrVqMFgLBoO1YDBYCwaDtWAwWAsGg7VgMFgLBoO1YDBYCwaDtWAwmAMAAAAAwAPA____PwQAAAAAQAQAAAAAgAQAAAAAAAVAQAXAvwWAwAUAAAAAAAbA____vwYAANoGgEAzyQFQ0E6zw-4PAAAAAAAQAAAAAAASAACE5c8SAICYrfUTgP__________GIAB-swbGYD_____GwCDHgCABx8AgAchAAAAAJMhACBUipzYf4skIgAAgRGoIgBGAAAAAAC5xj6TRwCTADoBoAKwqAL4___vtwIAuAIAAAiQ9Aagsc8C0B2UeAsDAAAAEBgDWKCHxe83O-wav9tlAP__________ZgD_ZwD_aABCNbhSaQBBEwo9agC_gAAAawC_gAAAbADqBgAA8AYQAAcQdAAErRgMVgcQELMDAAAAALgD-P___9cDAKmFxbPcDWcrh82wWAxnq5lntpp4TCbHwrdYDYbbA3j91-j-XBCA6AMQCbLpZbk7TE-7zyBhmf2-g4JyenrMLoP4oGFYTgbB_AAmbDFaTSab5XC2XEwGw9FwNNofwEBsBgMEoGjJYrUcrnaTxWizWEyWu-FoMkEAihYNJqvRaLKYDFejyWq2XOx2GwSgaNVqNtoMhqvZZLbbrYaD4XI0QoAJW4xWk8lmOZwtF5PBcDQcjYYIABOO4cRiWq3cIt_MtRatXLa1wuUyrUWeyWQ5GGxmNs9mLXp9TC_HxOSZDbYIIBiwuBfJ0yKdaFau5WC53BhXi81kt5vZRqbBbOKyrGwek2fmskzEEs3JIp3ILvvWwuJZ7oazlcNmWCyGs9XMM1tNPCaTY-FbrAbDfcMxnFhMq5Vb5Ju51qKVy7ZWuFymtcgzmSwHg83M5tmsRa-P6eWYmDyzwb6x2ww2g8VoMNw3dpvBZrAYDYb7Dp3hu_qcjebfwvExSX2foUN6Mx0ULoPFu5iYdt_O8GCtFoxOmzO07O6Mfr_f7_f7_X6_32_Qeg5mg8I3LiwrtufYas1JtAWxweA5WAyKWCK4SCdK08lpufh8lrfMMdtMRovdbiKWKE0X6USve1n8ktfn6Xy4dWa_xenW-f0-s8uteUvWqrXIZfo8zU6_3eEW-c0Oy8Mt-tsebs3DrfqcLGvVYLAWDAZrwWCwFgwGa8FgsBYMBmvBYLAWDAZrwWCwFgwGa8FgMBFLBKeLdCJ6GU8X9R8BHGK4miuWw7lsMleMdqsEAAAAAAAAAACwBLAJAAAAAMAJYFC72WixWifAwUw2o91ytVwAgAsAJV0AYBAAAAAAAIBdADCXeMhw2STYY4CJNJ2clovPZ3nLHLPNZLTY7aYMACBRR8MMsBngMwBBrNVqWQMAAAAIYAMAAAAEcAPoBuANINBMjgMAAAAI0AMAAADQ7wMAZQEAAAAAAPADFMhgN1vtHwBAgEKs1Wp1u7FWqxUQUDCr2WQ3gYD___9_ggAAAAAAAICojoIAAAAAAACApVmEAIFtNyGgQoDBEC1_t8sLAR0CAGbpOvknC3AeAgAAAiS9AWgIAA!&cmcv=&pix=31589837&cb=1730301409654&uv=3445&tms=1730301409654&abt=adxsub-out_vA!adxsub-out_vB!agqp4c_vC!flradc_vA!ufm_vD!vdprc_vC&ft=0&su=3&unm=FEED_MANAGER&debug=pn:!sqg:!torgn:1730301400905!ts:1730301409654&mntl=1
Requested by: Host: it.dir.bg
URL: https://it.dir.bg/web/rusiya-globi-google-s-2-5-detsiliona-dolara-tova-sa-usd2-500-000-000-000-000-000-000-000-000-000-000
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://it.dir.bg/

Response headers

date: Wed, 30 Oct 2024 15:16:49 GMT
server: nginx
content-length: 0

GET
H2 200 a_cnti.png
cdn.onnetwork.tv/cnt/ Frame 9855 126 B
331 B 274ms
262ms Image
image/png 188.165.21.156
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.onnetwork.tv/cnt/a_cnti.png?ts=1730301409709&event=plstarttry&d=7056&vs=0&aps=3&playerVisible=2&plist=1773&widget=815&initap=3&currap=3&ab=0&cbs=1&co=1&vc=0&pod=0&ppos=0&muted=1&mobile=0&lls=0&acount=0
Requested by: Host: it.dir.bg
URL: https://it.dir.bg/web/rusiya-globi-google-s-2-5-detsiliona-dolara-tova-sa-usd2-500-000-000-000-000-000-000-000-000-000-000
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 188.165.21.156 , France, ASN16276 (OVH, FR),
Reverse DNS: vh11b.eris-w13.of.pl
Software: XO.webservantpro /
Resource Hash: a607b3c3e0d09d7f339e0035f16f99bf93637dee0eb27b2b9c447701fefa2ace

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://it.dir.bg/

Response headers

cache-control: no-cache
access-control-allow-methods: GET, POST, OPTIONS
accept-ranges: bytes
access-control-allow-origin: *
content-length: 126
date: Wed, 30 Oct 2024 15:16:49 GMT
content-type: image/png
last-modified: Wednesday, 30-Oct-2024 15:16:49 GMT
server: XO.webservantpro

GET
H2 200 a_cnti.png
cdn.onnetwork.tv/cnt/ Frame 9855 126 B
331 B 284ms
272ms Image
image/png 188.165.21.156
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.onnetwork.tv/cnt/a_cnti.png?ts=1730301409720&event=adsearch&d=7056&vs=0&aps=3&playerVisible=2&plist=1773&widget=815&initap=3&currap=3&ab=0&cbs=1&co=1&vc=0&pod=0&ppos=0&muted=1&mobile=0&lls=0&acount=0
Requested by: Host: it.dir.bg
URL: https://it.dir.bg/web/rusiya-globi-google-s-2-5-detsiliona-dolara-tova-sa-usd2-500-000-000-000-000-000-000-000-000-000-000
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 188.165.21.156 , France, ASN16276 (OVH, FR),
Reverse DNS: vh11b.eris-w13.of.pl
Software: XO.webservantpro /
Resource Hash: a607b3c3e0d09d7f339e0035f16f99bf93637dee0eb27b2b9c447701fefa2ace

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://it.dir.bg/

Response headers

cache-control: no-cache
access-control-allow-methods: GET, POST, OPTIONS
accept-ranges: bytes
access-control-allow-origin: *
content-length: 126
date: Wed, 30 Oct 2024 15:16:49 GMT
content-type: image/png
last-modified: Wednesday, 30-Oct-2024 15:16:49 GMT
server: XO.webservantpro

POST
H2 200 collect Show response
www.google-analytics.com/j/ Frame 9855 15 B
83 B 110ms
109ms XHR
text/plain 142.250.186.142
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&aip=1&a=1399337652&t=pageview&_s=1&dl=https%3A%2F%2Fit.dir.bg%2Fweb%2Frusiya-globi-google-s-2-5-detsiliona-dolara-tova-sa-usd2-500-000-000-000-000-000-000-000-000-000-000&dp=%2Fit_dir_bg%2F7056&ul=it-it&de=UTF-8&dt=Player&sd=24-bit&sr=1600x1200&vp=949x534&je=0&_u=AAEAAAABAAAAACAAsD~&jid=1899942620&gjid=715222290&cid=1863221803.1730301405&tid=UA-135296857-10&_gid=1140941664.1730301406&_r=1&_slc=1&z=2013421287

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.142 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

aa3d5cf005811a8064605669c847e47f3839868168011cf51d506ef5f075f490

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://it.dir.bg/

Response headers

report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:175:0"}],}
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 30 Oct 2024 15:16:49 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
content-type: text/plain
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:175:0
access-control-allow-origin: https://it.dir.bg
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 15
server: Golfe2

POST
H2 200 collect Show response
www.google-analytics.com/j/ Frame 9855 3 B
71 B 104ms
93ms XHR
text/plain 142.250.186.142
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&aip=1&a=1399337652&t=pageview&_s=1&dl=https%3A%2F%2Fit.dir.bg%2Fweb%2Frusiya-globi-google-s-2-5-detsiliona-dolara-tova-sa-usd2-500-000-000-000-000-000-000-000-000-000-000&dp=%2Fav%2Fit_dir_bg&ul=it-it&de=UTF-8&dt=Player&sd=24-bit&sr=1600x1200&vp=949x534&je=0&_u=ACEAAEABAAAAACAAsD~&jid=533514055&gjid=1337584073&cid=1863221803.1730301405&tid=UA-135208802-1&_gid=1140941664.1730301406&_r=1&_slc=1&z=1542466720

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.142 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://it.dir.bg/

Response headers

report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:175:0"}],}
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 30 Oct 2024 15:16:49 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
content-type: text/plain
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:175:0
access-control-allow-origin: https://it.dir.bg
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 3
server: Golfe2

POST
H2 200 collect Show response
www.google-analytics.com/j/ Frame 9855 15 B
83 B 91ms
90ms XHR
text/plain 142.250.186.142
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1399337652&t=pageview&_s=1&dl=https%3A%2F%2Fit.dir.bg%2Fweb%2Frusiya-globi-google-s-2-5-detsiliona-dolara-tova-sa-usd2-500-000-000-000-000-000-000-000-000-000-000&dp=https%3A%2F%2Fit.dir.bg%2Fweb%2Frusiya-globi-google-s-2-5-detsiliona-dolara-tova-sa-usd2-500-000-000-000-000-000-000-000-000-000-000&ul=it-it&de=UTF-8&dt=Player&sd=24-bit&sr=1600x1200&vp=949x534&je=0&_u=ACEAAEABAAAAACAAsD~&jid=1783144258&gjid=158783593&cid=1863221803.1730301405&tid=UA-436010-32&_gid=1140941664.1730301406&_r=1&_slc=1&z=1372929114

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.142 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

ffb1f5425f371e9637f9624cf12df4fb6af972e901bb8cb3fb25e291b1b8cf93

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://it.dir.bg/

Response headers

report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:175:0"}],}
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 30 Oct 2024 15:16:49 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
content-type: text/plain
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:175:0
access-control-allow-origin: https://it.dir.bg
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 15
server: Golfe2

GET
H2 200 collect
www.google-analytics.com/ Frame 9855 35 B
345 B 101ms
100ms Image
image/gif 142.250.186.142
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=1399337652&t=event&ni=1&_s=2&dl=https%3A%2F%2Fit.dir.bg%2Fweb%2Frusiya-globi-google-s-2-5-detsiliona-dolara-tova-sa-usd2-500-000-000-000-000-000-000-000-000-000-000&ul=it-it&de=UTF-8&dt=Player&sd=24-bit&sr=1600x1200&vp=949x534&je=0&ec=video&ea=load&el=577645%20Crypto%20ep.10&ev=0&_u=ACEAAEABAAAAACAAsD~&jid=&gjid=&cid=1863221803.1730301405&tid=UA-436010-32&_gid=1140941664.1730301406&z=723848053

Requested by

Host: it.dir.bg
URL: https://it.dir.bg/web/rusiya-globi-google-s-2-5-detsiliona-dolara-tova-sa-usd2-500-000-000-000-000-000-000-000-000-000-000

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.142 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://it.dir.bg/

Response headers

age: 79613
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:163:0"}],}
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 29 Oct 2024 17:09:56 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:163:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 35
server: Golfe2

GET
H2 200 xgemius.js Show response
gabg.hit.gemius.pl/ Frame 9855 70 KB
0 186ms
186ms Script
application/x-javascript 78.128.6.34
TELEPOINT

General

Check archive.org

Show headers Download Go to

Full URL: https://gabg.hit.gemius.pl/xgemius.js
Requested by: Host: cdn.onnetwork.tv
URL: https://cdn.onnetwork.tv/js/player86/player_gemius.js?s=1730050408
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 78.128.6.34 , Bulgaria, ASN31083 (TELEPOINT, BG),
Reverse DNS: ip-6-34.telehouse.bg
Software: GHC /
Resource Hash: adabd389d3390337abf62cc9935c593988a55a1ec75a648241afbb9e74e87090

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://it.dir.bg/

Response headers

cache-control: max-age=43200
content-encoding: gzip
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor
cross-origin-resource-policy: cross-origin
expires: Thu, 31 Oct 2024 03:16:44 GMT
accept-ranges: none
p3p: CP="NOI DSP COR NID PSAo OUR IND"
content-length: 20492
date: Wed, 30 Oct 2024 15:16:44 GMT
last-modified: Wed, 18 Sep 2024 07:46:14 GMT
vary: Accept-Encoding,Origin
server: GHC
content-type: application/x-javascript

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v27/ Frame 9855 56 KB
56 KB 911ms
68ms Font
font/woff2 142.250.185.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: cdn.onnetwork.tv
URL: https://cdn.onnetwork.tv/css/roboto.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f3.1e100.net

Software

sffe /

Resource Hash

1287b4c6427119cabf899a5ea898f81e831a2742614813a3302f671690b399c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://it.dir.bg
Referer: https://cdn.onnetwork.tv/

Response headers

age: 142397
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Tue, 28 Oct 2025 23:43:34 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 28 Oct 2024 23:43:34 GMT
last-modified: Tue, 21 Sep 2021 23:13:54 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 57116
x-xss-protection: 0
server: sffe

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ Frame 9855 276 KB
97 KB 223ms
213ms Script
application/javascript 142.250.184.232
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-832Y79WHLE&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.232 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

1cce0a559204d832636511c69d7894292fd0e0507671819df68fbaccfcf058d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://it.dir.bg/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Wed, 30 Oct 2024 15:16:50 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 30 Oct 2024 15:16:50 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 99071
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ 254 B
725 B 165ms
164ms Image
image/png 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Requested by: Host: it.dir.bg
URL: https://it.dir.bg/web/rusiya-globi-google-s-2-5-detsiliona-dolara-tova-sa-usd2-500-000-000-000-000-000-000-000-000-000-000
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://it.dir.bg/

Response headers

etag: "dfa7b52c86e56bd67fa4002f6ed19854"
x-amz-version-id: hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
age: 11920
x-cache: HIT
date: Wed, 30 Oct 2024 15:16:50 GMT
last-modified: Wed, 24 Jun 2015 07:14:11 GMT
x-served-by: cache-mxp6936-MXP
x-cache-hits: 4199
content-type: image/png
x-amz-id-2: DzxpDyzJHKSj6X/lvlAuk2VPxEcD0gsLtFyywqGD4dGHk+EC8PAkbkHse16nyoQkT461/SnhUonIbw/U1PngQ0QyanyWMd9J
x-amz-replication-status: COMPLETED
cache-control: private,max-age=31536000
x-amz-meta-s3cmd-attrs: uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer: S1730301410.298576,VS0,VE0
via: 1.1 varnish
x-amz-request-id: PK1QGMM575CD8J7R
accept-ranges: bytes
access-control-allow-origin: *
abp: 65
content-length: 254
server: AmazonS3

POST
H2 204 bulk
trc.taboola.com/itdirbggr-f16324177/log/3/ 0
327 B 306ms
268ms Ping
image/gif 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/itdirbggr-f16324177/log/3/bulk?route=AM%3AIL%3AV&lti=trecs&tvi48=19330&tvi50=20765&tvi61=19379&cv=20241027-33-RELEASE&bulkSize=4
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/itdirbggr-f16324177/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Referer: https://it.dir.bg/

Response headers

x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
date: Wed, 30 Oct 2024 15:16:50 GMT
content-type: image/gif
x-served-by: cache-mxp6936-MXP
x-cache-hits: 0
cache-control: no-cache
x-fastly-to-nlb-rtt: 68315
pragma: no-cache
x-timer: S1730301410.453618,VS0,VE76
x-vcl-time-ms: 76
access-control-allow-credentials: true
via: 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: https://it.dir.bg
x-service-version: v1
server: nginx

GET
H2 200 content_v3.js Show response
vidstat.taboola.com/ 16 KB
5 KB 126ms
108ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/content_v3.js
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/34_4_5/infra/cmTagFEED_MANAGER.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 12af7975664854ca36da674714083fa05297940fce71e42dabf688e2eb19a0f1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://it.dir.bg/

Response headers

content-encoding: gzip
etag: "f7533e747bb02a8eb527ada4f2749620"
age: 2475400
access-control-allow-methods: GET, OPTIONS, HEAD
x-cache: Hit from cloudfront, HIT
x-amz-cf-id: 8vY7BXDTks1nQ24dVLAlNt42HHz9-gZ1gVVWbY1aC-z_Mlx4KU7Oog==
date: Wed, 30 Oct 2024 15:16:50 GMT
content-type: application/javascript
last-modified: Wed, 20 Jul 2022 13:23:50 GMT
x-cache-hits: 45776
x-served-by: cache-mxp6936-MXP
access-control-allow-headers: *
vary: Accept-Encoding
cache-control: public, max-age=2592000
x-timer: S1730301411.589075,VS0,VE0
via: 1.1 c3b526e17f0ff867106b1556090fcd24.cloudfront.net (CloudFront), 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 4839
x-amz-cf-pop: MXP53-P3
server: AmazonS3

GET
H2 200 OvaMediaPlayer.js Show response
vidstat.taboola.com/vpaid/vPlayer/player/v16.9.5/ 458 KB
84 KB 119ms
118ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v16.9.5/OvaMediaPlayer.js
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/34_4_5/infra/cmTagFEED_MANAGER.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: ce77d551725ebfe61cb29c03481707fa6ee98174ab7ed1777d9e42f627de42bd

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://it.dir.bg
Referer: https://it.dir.bg/

Response headers

content-encoding: br
etag: "1142107009d679a4e480c27e3ebdd0c6"
age: 277181
x-amz-meta-gid: 0
x-amz-meta-mtime: 1730023374
x-amz-meta-mode: 33188
access-control-allow-methods: GET, OPTIONS, HEAD
x-cache: HIT
date: Wed, 30 Oct 2024 15:16:50 GMT
last-modified: Sun, 27 Oct 2024 10:03:13 GMT
content-type: application/javascript
x-served-by: cache-mxp6946-MXP
x-cache-hits: 142674
x-amz-id-2: P853XAKVbuB40R05UeZ1jN+7RV6Cx+6DaQ9rgPRNFpcoOXnKkqZcQiSr72AwiSldA3vymUbGpYg=
access-control-allow-headers: *
vary: Accept-Encoding
cache-control: public, max-age=2592000
x-timer: S1730301411.632566,VS0,VE0
via: 1.1 varnish
x-amz-request-id: B1QDTWQPNPER93BV
x-amz-meta-uid: 0
accept-ranges: bytes
access-control-allow-origin: *
content-length: 85876
x-amz-meta-ctime: 1730023392
server: AmazonS3-br
x-amz-server-side-encryption: AES256

GET
H2 200 st
am-vid-events.taboola.com/ 0
43 B 120ms
116ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-vid-events.taboola.com/st?cijs=convusmp&ttype=16&cisd=convusmp&cipid=66361655&crid=-1&dast=V9Io0CABYDAH7WNfkZYp4tBAB-1jX5GWKeLQUAAAAABgYA9AcAJLFx2BbGhWGtcZhWa9FyZltLbJ6VW7Iyzoajkc0xWliGAEASG4dtYVwY1hqHabUWLWe2tcTmWbklK-NsOBrZHKOFZQoAIMZymQxqgYJselnuDtPT7jNIWGa_76CgnJ4es8sNAHpoOh0-171eabqLnJa7xOfXvSx-yevzdD7cOrPf4nTr_H6f2eXWvCVr1VrkMn2eZqff7nCL_GaH5eEW_W0Pt-bhVn1OlrVqMFgLBoO1YDBYCwaDtWAwWAsGg7VgMFgLBoO1YDBYCwaDtWAwmAMAAAAAwAPA____PwQAAAAAQAQAAAAAgAQAAAAAAAVAQAXAvwWAwAUAAAAAAAbA____vwYAANoGgEAzyQFQ0E6zw-4PAAAAAAAQAAAAAAASAACE5c8SAICYrfUTgP__________GIAB-swbGYD_____GwCDHgCABx8AgAchAAAAAJMhACBUipzYf4skIgAAgRGoIgBGAAAAAAC5xj6TRwCTADoBoAKwqAL4___vtwIAuAIAAAiQ9Aagsc8C0B2UeAsDAAAAEBgDWKCHxe83O-wav9tlAP__________ZgD_ZwD_aABCNbhSaQBBEwo9agC_gAAAawC_gAAAbADqBgAA8AYQAAcQdAAErRgMVgcQELMDAAAAALgD-P___9cDAKmFxbPcDWcrh82wWAxnq5lntpp4TCbHwrdYDYbbA3j91-j-XBCA6AMQCbLpZbk7TE-7zyBhmf2-g4JyenrMLoP4oGFYTgbB_AAmbDFaTSab5XC2XEwGw9FwNNofwEBsBgMEoGjJYrUcrnaTxWizWEyWu-FoMkEAihYNJqvRaLKYDFejyWq2XOx2GwSgaNVqNtoMhqvZZLbbrYaD4XI0QoAJW4xWk8lmOZwtF5PBcDQcjYYIABOO4cRiWq3cIt_MtRatXLa1wuUyrUWeyWQ5GGxmNs9mLXp9TC_HxOSZDbYIIBiwuBfJ0yKdaFau5WC53BhXi81kt5vZRqbBbOKyrGwek2fmskzEEs3JIp3ILvvWwuJZ7oazlcNmWCyGs9XMM1tNPCaTY-FbrAbDfcMxnFhMq5Vb5Ju51qKVy7ZWuFymtcgzmSwHg83M5tmsRa-P6eWYmDyzwb6x2ww2g8VoMNw3dpvBZrAYDYb7Dp3hu_qcjebfwvExSX2foUN6Mx0ULoPFu5iYdt_O8GCtFoxOmzO07O6Mfr_f7_f7_X6_32_Qeg5mg8I3LiwrtufYas1JtAWxweA5WAyKWCK4SCdK08lpufh8lrfMMdtMRovdbiKWKE0X6USve1n8ktfn6Xy4dWa_xenW-f0-s8uteUvWqrXIZfo8zU6_3eEW-c0Oy8Mt-tsebs3DrfqcLGvVYLAWDAZrwWCwFgwGa8FgsBYMBmvBYLAWDAZrwWCwFgwGa8FgMBFLBKeLdCJ6GU8X9R8BHGK4miuWw7lsMleMdqsEAAAAAAAAAACwBLAJAAAAAMAJYFC72WixWifAwUw2o91ytVwAgAsAJV0AYBAAAAAAAIBdADCXeMhw2STYY4CJNJ2clovPZ3nLHLPNZLTY7aYMACBRR8MMsBngMwBBrNVqWQMAAAAIYAMAAAAEcAPoBuANINBMjgMAAAAI0AMAAADQ7wMAZQEAAAAAAPADFMhgN1vtHwBAgEKs1Wp1u7FWqxUQUDCr2WQ3gYD___9_ggAAAAAAAICojoIAAAAAAACApVmEAIFtNyGgQoDBEC1_t8sLAR0CAGbpOvknC3AeAgAAAiS9AWgIAA!&cmcv=&pix=31579697&cb=1730301410600&uv=3445&tms=1730301410600&su=3&abt=adxsub-out_vA!adxsub-out_vB!agqp4c_vC!flradc_vA!ufm_vG!vdprc_vC&ft=0&unm=FEED_MANAGER&su=3&
Requested by: Host: it.dir.bg
URL: https://it.dir.bg/web/rusiya-globi-google-s-2-5-detsiliona-dolara-tova-sa-usd2-500-000-000-000-000-000-000-000-000-000-000
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://it.dir.bg/

Response headers

date: Wed, 30 Oct 2024 15:16:50 GMT
server: nginx
content-length: 0

POST
H/1.1 204
No Content collect Show response
i.clarity.ms/ 0
273 B 196ms
196ms XHR
text/plain 4.153.72.49
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://i.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.49/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 4.153.72.49 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: application/x-clarity-gzip
Referer: https://it.dir.bg/

Response headers

Request-Context: appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d
Access-Control-Allow-Origin: https://it.dir.bg
Date: Wed, 30 Oct 2024 15:16:50 GMT
Vary: Origin
Server: nginx
Connection: keep-alive
Access-Control-Allow-Credentials: true

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ Frame 9855 286 KB
0 0ms
0ms Script
application/javascript 142.250.184.232
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-74752H7V8Z&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.232 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

76fdd26bde513ce5d0f0608f6a61a2e83cf7be2072306fc38737a32fbe733e61

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://it.dir.bg/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Wed, 30 Oct 2024 15:16:46 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 30 Oct 2024 15:16:46 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 102293
x-xss-protection: 0
server: Google Tag Manager

POST
H2 204 AGSKWxWOjT76USg8a3cCn8B4r35xt6ie34i_OQoDZKRzT_ArlrDTj1tGuS8KVfQVVhPTns-4OCxV2NiQjrS12u8OUSlnhfjWZneieGIWBV2FtR4RYxDOexbgcFlJBnvjNXBmSdSYz9qPow== Show response
fundingchoicesmessages.google.com/el/ 0
362 B 117ms
116ms XHR
text/html 142.250.186.142
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWOjT76USg8a3cCn8B4r35xt6ie34i_OQoDZKRzT_ArlrDTj1tGuS8KVfQVVhPTns-4OCxV2NiQjrS12u8OUSlnhfjWZneieGIWBV2FtR4RYxDOexbgcFlJBnvjNXBmSdSYz9qPow==

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.142 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-wazdxRu8JmvqbvLQZCjhpA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://it.dir.bg/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 30 Oct 2024 15:16:50 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmLw1ZBicEqfwRoCxO5aF1n9gZjh6xVWDiAW4uF4NLtzJ5vAjHnN15iUXJLyC-OT8_NKUvNKdBNTinVB7KLMpNKS_CIUdmoZSEVOfnp6Zl56vJGBkYmhgZGFnoFpfIEBAB5bKIo"
content-security-policy: script-src 'report-sample' 'nonce-wazdxRu8JmvqbvLQZCjhpA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://it.dir.bg
content-length: 0
x-xss-protection: 0
server: ESF

POST
H2 204 AGSKWxWOjT76USg8a3cCn8B4r35xt6ie34i_OQoDZKRzT_ArlrDTj1tGuS8KVfQVVhPTns-4OCxV2NiQjrS12u8OUSlnhfjWZneieGIWBV2FtR4RYxDOexbgcFlJBnvjNXBmSdSYz9qPow== Show response
fundingchoicesmessages.google.com/el/ 0
360 B 172ms
170ms XHR
text/html 142.250.186.142
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWOjT76USg8a3cCn8B4r35xt6ie34i_OQoDZKRzT_ArlrDTj1tGuS8KVfQVVhPTns-4OCxV2NiQjrS12u8OUSlnhfjWZneieGIWBV2FtR4RYxDOexbgcFlJBnvjNXBmSdSYz9qPow==

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.142 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-VoSUnxv1_Cufo0MGA4XFuQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://it.dir.bg/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 30 Oct 2024 15:16:50 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmJw1JBicEqfwRoCxO5aF1n9gZjh6xVWDiAW4uF4NLtzJ5vAin_7XjEpuSTlF8Yn5-eVpOaV6CamFOuC2EWZSaUl-UUo7NQykIqc_PT0zLz0eCMDIxNDAyMLPQPT-AIDAE_-KT0"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-VoSUnxv1_Cufo0MGA4XFuQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://it.dir.bg
content-length: 0
x-xss-protection: 0
server: ESF

GET
H2 200 AGSKWxW4eyRZBTjPsfg3cKIxZC0W7rFFqgT_GrlV1S1c-TWXIa-rLn0r0ZLX0tMIjwn2K57QBjizFeWlF8ql_pvSPISLzmLDZv8VagiEuEWOvggl_EzP2inIUhffC_ubz6XWRty4bFZp2g== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 122ms
122ms Script
application/javascript 142.250.186.142
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxW4eyRZBTjPsfg3cKIxZC0W7rFFqgT_GrlV1S1c-TWXIa-rLn0r0ZLX0tMIjwn2K57QBjizFeWlF8ql_pvSPISLzmLDZv8VagiEuEWOvggl_EzP2inIUhffC_ubz6XWRty4bFZp2g==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzMwMzAxNDEwLDY1NzAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOSw2XSxudWxsLDIsbnVsbCwiYmciLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly9pdC5kaXIuYmcvd2ViL3J1c2l5YS1nbG9iaS1nb29nbGUtcy0yLTUtZGV0c2lsaW9uYS1kb2xhcmEtdG92YS1zYS11c2QyLTUwMC0wMDAtMDAwLTAwMC0wMDAtMDAwLTAwMC0wMDAtMDAwLTAwMC0wMDAiLG51bGwsW1s4LCJqd1luMEFoSmJ1YyJdLFs5LCJpdCJdLFsxOSwiMiJdLFsxNywiWzBdIl1dXQ

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.142 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f14.1e100.net

Software

ESF /

Resource Hash

a7da9d98e20d9a2389b643174a0ccf61416a7fea401c3b2da8803498873df755

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-OdIY-Zy-oXeGCP9GAg9PtQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://it.dir.bg/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 30 Oct 2024 15:16:50 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjytDikmII1pBikPj6kkkLiJ3SZ7CGAHHrzXOs04E46d951hIgdte6yOoPxIYKl1idgdix6BKrJxCr9lxiNQfi--susT4H4iKJK6wtQHy76QrrYyBm-HqFlQOIhXg4Hs3u3MkmcKLh8D0mJY2k_ML45Py8kqLMpNKS_KK05LTU4tSistSieCMDIxNDAyMLPQPD-AIDAI7EQBE"
content-security-policy: script-src 'report-sample' 'nonce-OdIY-Zy-oXeGCP9GAg9PtQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin: *
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

GET
H2 200 container.html
dcd4f76b77ad35947ee38d0cd584be32.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 54AF 0
0 6ms
4ms Document
text/html 142.250.185.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://dcd4f76b77ad35947ee38d0cd584be32.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202410280101/pubads_impl.js?cb=31088558

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f1.1e100.net

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://it.dir.bg/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 30 Oct 2024 15:16:48 GMT
expires: Wed, 30 Oct 2024 15:16:48 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 206 blackScreen5.mp4
vidstatb.taboola.com/vid/ 89 KB
89 KB 86ms
79ms Media
video/mp4 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstatb.taboola.com/vid/blackScreen5.mp4
Requested by: Host: it.dir.bg
URL: https://it.dir.bg/web/rusiya-globi-google-s-2-5-detsiliona-dolara-tova-sa-usd2-500-000-000-000-000-000-000-000-000-000-000
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0407dafc112212a135d1aa4dd9b40ba0208c6bb6b1959f5535af093254189d66

Request headers

Referer: https://it.dir.bg/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Range: bytes=0-

Response headers

etag: "b2b087fe4ae638c533731c347fcd4df8"
age: 1252215
x-amz-meta-mtime: 1497790207
x-amz-meta-gid: 0
x-amz-meta-mode: 33188
access-control-allow-methods: GET, OPTIONS, HEAD
x-cache: Hit from cloudfront, HIT
x-amz-cf-id: fQVVGunXwxHauEvhWrROXAcbHZLIId13ugRc06V101OcDkfg-CaPNQ==
date: Wed, 30 Oct 2024 15:16:50 GMT
content-type: video/mp4
last-modified: Sun, 02 Jul 2017 20:40:57 GMT
x-served-by: cache-mxp6936-MXP
x-cache-hits: 559750
access-control-allow-headers: *
cache-control: public, max-age=2592000
x-timer: S1730301411.788850,VS0,VE0
Content-Range: bytes 0-90783/90784
via: 1.1 4f02e80a6fa43c1c48cfe770bb183bc0.cloudfront.net (CloudFront), 1.1 varnish
x-amz-meta-uid: 0
accept-ranges: bytes
access-control-allow-origin: *
Content-Length: 90784
x-amz-cf-pop: MXP53-P3
server: AmazonS3

GET
H2 200 a_cntg.png
cdn.onnetwork.tv/cnt/ Frame 9855 126 B
331 B 94ms
91ms Image
image/png 188.165.21.156
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.onnetwork.tv/cnt/a_cntg.png?ts=1730301410749&d=7056&wsc=av&typ=embed&mobile=0&c=23
Requested by: Host: it.dir.bg
URL: https://it.dir.bg/web/rusiya-globi-google-s-2-5-detsiliona-dolara-tova-sa-usd2-500-000-000-000-000-000-000-000-000-000-000
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 188.165.21.156 , France, ASN16276 (OVH, FR),
Reverse DNS: vh11b.eris-w13.of.pl
Software: XO.webservantpro /
Resource Hash: a607b3c3e0d09d7f339e0035f16f99bf93637dee0eb27b2b9c447701fefa2ace

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://it.dir.bg/

Response headers

cache-control: no-cache
access-control-allow-methods: GET, POST, OPTIONS
accept-ranges: bytes
access-control-allow-origin: *
content-length: 126
date: Wed, 30 Oct 2024 15:16:50 GMT
content-type: image/png
last-modified: Wednesday, 30-Oct-2024 15:16:50 GMT
server: XO.webservantpro

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ Frame 9855 266 KB
94 KB 89ms
88ms Script
application/javascript 142.250.184.232
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=G-9JWJPCQ37V&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-74752H7V8Z&cx=c&_slc=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.232 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

e3796a05f7941da01a8b3f4aa1ddf511c9ea5d1e659c8b7a2d710e71b4c170a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://it.dir.bg/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcysghrgc:42:0"}],}
expires: Wed, 30 Oct 2024 15:16:50 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 30 Oct 2024 15:16:50 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcysghrgc:42:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 95807
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ Frame 9855 322 KB
107 KB 102ms
101ms Script
application/javascript 142.250.184.232
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=G-B1XSRWSHN4&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-74752H7V8Z&cx=c&_slc=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.232 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

e169f1be2635f22741710d738e2982e267bb15ceebb5ef7e16bcb87fa9d6ca8f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://it.dir.bg/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcysghrgc:42:0"}],}
expires: Wed, 30 Oct 2024 15:16:50 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 30 Oct 2024 15:16:50 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcysghrgc:42:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 109355
x-xss-protection: 0
server: Google Tag Manager

POST
H2 200 VideoBidRequestHandlerServlet Show response
wf.taboola.com/ 8 KB
4 KB 513ms
510ms XHR
application/json 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=-1&noaop=3&sortOrderType=0&cb=1730301410969&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=1&pv=1695&pt=-986716708&tz=60&viewable=true&ddast=V9Io0CABYDAH7WNfkZYp4tBAB-1jX5GWKeLQUAAAAABgYA9AcAJLFx2BbGhWGtcZhWa9FyZltLbJ6VW7Iyzoajkc0xWliGAEASG4dtYVwY1hqHabUWLWe2tcTmWbklK-NsOBrZHKOFZQoAIMZymQxqgYJselnuDtPT7jNIWGa_76CgnJ4es8sNAHpoOh0-171eabqLnJa7xOfXvSx-yevzdD7cOrPf4nTr_H6f2eXWvCVr1VrkMn2eZqff7nCL_GaH5eEW_W0Pt-bhVn1OlrVqMFgLBoO1YDBYCwaDtWAwWAsGg7VgMFgLBoO1YDBYCwaDtWAwmAMAAAAAwAPA____PwQAAAAAQAQAAAAAgAQAAAAAAAVAQAXAvwWAwAUAAAAAAAbA____vwYAANoGgEAzyQFQ0E6zw-4PAAAAAAAQAAAAAAASAACE5c8SAICYrfUTgP__________GIAB-swbGYD_____GwCDHgCABx8AgAchAAAAAJMhACBUipzYf4skIgAAgRGoIgBGAAAAAAC5xj6TRwCTADoBoAKwqAL4___vtwIAuAIAAAiQ9Aagsc8C0B2UeAsDAAAAEBgDWKCHxe83O-wav9tlAP__________ZgD_ZwD_aABCNbhSaQBBEwo9agC_gAAAawC_gAAAbADqBgAA8AYQAAcQdAAErRgMVgcQELMDAAAAALgD-P___9cDAKmFxbPcDWcrh82wWAxnq5lntpp4TCbHwrdYDYbbA3j91-j-XBCA6AMQCbLpZbk7TE-7zyBhmf2-g4JyenrMLoP4oGFYTgbB_AAmbDFaTSab5XC2XEwGw9FwNNofwEBsBgMEoGjJYrUcrnaTxWizWEyWu-FoMkEAihYNJqvRaLKYDFejyWq2XOx2GwSgaNVqNtoMhqvZZLbbrYaD4XI0QoAJW4xWk8lmOZwtF5PBcDQcjYYIABOO4cRiWq3cIt_MtRatXLa1wuUyrUWeyWQ5GGxmNs9mLXp9TC_HxOSZDbYIIBiwuBfJ0yKdaFau5WC53BhXi81kt5vZRqbBbOKyrGwek2fmskzEEs3JIp3ILvvWwuJZ7oazlcNmWCyGs9XMM1tNPCaTY-FbrAbDfcMxnFhMq5Vb5Ju51qKVy7ZWuFymtcgzmSwHg83M5tmsRa-P6eWYmDyzwb6x2ww2g8VoMNw3dpvBZrAYDYb7Dp3hu_qcjebfwvExSX2foUN6Mx0ULoPFu5iYdt_O8GCtFoxOmzO07O6Mfr_f7_f7_X6_32_Qeg5mg8I3LiwrtufYas1JtAWxweA5WAyKWCK4SCdK08lpufh8lrfMMdtMRovdbiKWKE0X6USve1n8ktfn6Xy4dWa_xenW-f0-s8uteUvWqrXIZfo8zU6_3eEW-c0Oy8Mt-tsebs3DrfqcLGvVYLAWDAZrwWCwFgwGa8FgsBYMBmvBYLAWDAZrwWCwFgwGa8FgMBFLBKeLdCJ6GU8X9R8BHGK4miuWw7lsMleMdqsEAAAAAAAAAACwBLAJAAAAAMAJYFC72WixWifAwUw2o91ytVwAgAsAJV0AYBAAAAAAAIBdADCXeMhw2STYY4CJNJ2clovPZ3nLHLPNZLTY7aYMACBRR8MMsBngMwBBrNVqWQMAAAAIYAMAAAAEcAPoBuANINBMjgMAAAAI0AMAAADQ7wMAZQEAAAAAAPADFMhgN1vtHwBAgEKs1Wp1u7FWqxUQUDCr2WQ3gYD___9_ggAAAAAAAICojoIAAAAAAACApVmEAIFtNyGgQoDBEC1_t8sLAR0CAGbpOvknC3AeAgAAAiS9AWgIAA!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=1&ioovp=true&dtagid=3234795&dpubid=576415&abtst=adxsub-out_vA!adxsub-out_vB!agqp4c_vC!flradc_vA!ufm_vG!vdprc_vC&mPre=0.033&cirf=https%3A%2F%2Fit.dir.bg&en=1&subu=3
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/5.0.6/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 1740de693e9dbcecbbd4eb3d019a6d93c19897cdaa8b008a4522ea0b2f8a17af

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-type: text/plain
Referer: https://it.dir.bg/

Response headers

content-encoding: gzip
expires: Sat, 26 Jul 1997 05:00:00 GMT
x-cache: MISS
date: Wed, 30 Oct 2024 15:16:51 GMT
content-type: application/json;charset=utf-8
x-served-by: cache-mxp6936-MXP
x-cache-hits: 0
vary: Accept-Encoding
link: <http://{"bidderRequest">; rel=preconnect
machineid: 140104
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
pragma: no-cache
x-timer: S1730301411.003539,VS0,VE454
access-control-allow-credentials: true
via: 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: https://it.dir.bg
server: nginx

GET
H2 200 TBPrebidHandler.js Show response
vidstat.taboola.com/vpaid/vPlayer/player/v16.9.5/ 232 KB
73 KB 88ms
88ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v16.9.5/TBPrebidHandler.js
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v16.9.5/OvaMediaPlayer.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 795d12439d0e6f0382f8687d6599a2e72cbf51e6806e224069a77281bfd7cbe8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://it.dir.bg/

Response headers

content-encoding: gzip
etag: "68d0c40fe5d02dbd22ed13ed9a7a340d"
age: 277181
x-amz-meta-gid: 0
x-amz-meta-mtime: 1730023374
x-amz-meta-mode: 33188
access-control-allow-methods: GET, OPTIONS, HEAD
x-cache: Hit from cloudfront, HIT
x-amz-cf-id: 2gbabQv6T-mBf_3sWsZDHC19iF0Q3auvsZuxESk8EiriL4UC6V8GFQ==
date: Wed, 30 Oct 2024 15:16:51 GMT
content-type: application/javascript
last-modified: Sun, 27 Oct 2024 10:02:56 GMT
x-served-by: cache-mxp6936-MXP
x-cache-hits: 88010
vary: Accept-Encoding
access-control-allow-headers: *
cache-control: public, max-age=2592000
x-timer: S1730301411.026773,VS0,VE0
via: 1.1 9eea50524ba9fbd8bbcad3e7048d3dac.cloudfront.net (CloudFront), 1.1 varnish
x-amz-meta-uid: 0
accept-ranges: bytes
access-control-allow-origin: *
content-length: 73742
x-amz-cf-pop: MXP53-P3
x-amz-meta-ctime: 1730023374
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 cmAdService.js Show response
vidstat.taboola.com/vpaid/units/34_4_5/infra/ 47 KB
12 KB 115ms
102ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/vpaid/units/34_4_5/infra/cmAdService.js
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/34_4_5/infra/cmTagFEED_MANAGER.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fca6f31e1377cee31da3ef34a8b95a329d7d83eaf72305d89910f29162266472

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://it.dir.bg/

Response headers

content-encoding: gzip
etag: "6edcf250af407a2e0e520ff148b79d65"
age: 189848
x-amz-meta-gid: 0
x-amz-meta-mtime: 1730111486
x-amz-meta-mode: 33188
access-control-allow-methods: GET, OPTIONS, HEAD
x-cache: Hit from cloudfront, HIT
x-amz-cf-id: wq02l1gmnpHOZ_SZKuRjjyRJ5nX8rwMtpqp_Fr8xESVJDEJnfKg3eA==
date: Wed, 30 Oct 2024 15:16:51 GMT
content-type: application/javascript
last-modified: Mon, 28 Oct 2024 10:31:28 GMT
x-served-by: cache-mxp6936-MXP
x-cache-hits: 84844
vary: Accept-Encoding
access-control-allow-headers: *
cache-control: public, max-age=2592000
x-timer: S1730301411.068263,VS0,VE0
via: 1.1 f51291c5ce592ab699c2b2ead5e58134.cloudfront.net (CloudFront), 1.1 varnish
x-amz-meta-uid: 0
accept-ranges: bytes
access-control-allow-origin: *
content-length: 11876
x-amz-cf-pop: MXP53-P3
x-amz-meta-ctime: 1730111486
server: AmazonS3
x-amz-server-side-encryption: AES256

POST
H2 204 collect
www.google-analytics.com/g/ Frame 9855 0
0 118ms
117ms Fetch
text/plain 142.250.186.142
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-9JWJPCQ37V&gtm=45je4as0v9115167932za200zb9126415660&_p=1730301409519&gcs=G1--&gcd=13l3l3l3l5l1&npa=0&dma=0&tcfd=14I54&tag_exp=101533421~101823848~101878899~101878944~101925629&cid=1863221803.1730301405&ul=it-it&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=1&pscdl=noapi&_s=1&sid=1730301411&sct=1&seg=0&dl=https%3A%2F%2Fit.dir.bg%2Fweb%2Frusiya-globi-google-s-2-5-detsiliona-dolara-tova-sa-usd2-500-000-000-000-000-000-000-000-000-000-000&dr=https%3A%2F%2Fit.dir.bg%2Fweb%2Frusiya-globi-google-s-2-5-detsiliona-dolara-tova-sa-usd2-500-000-000-000-000-000-000-000-000-000-000&dt=Player&en=page_view&_fv=1&_ss=1&_ee=1&ep.anonymize_ip=true&tfd=5135
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=G-9JWJPCQ37V&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.186.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s07-in-f14.1e100.net
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://it.dir.bg/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://it.dir.bg
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 30 Oct 2024 15:16:51 GMT
content-type: text/plain
server: Golfe2

POST
H2 204 AGSKWxVtiVIKbXVucuEctfWY_WC9AyC1wToZgR5wiOPDnWKKY-G2Ee4TrQGiNqk3gv4Yqm_UNbCmJiYJH0nX9i2LFyznw8VD5c5RW6d2YH4rjIo2MDUYANUL3K6yHqPvhN2N3u0woBaxmg== Show response
fundingchoicesmessages.google.com/el/ 0
350 B 143ms
141ms XHR
text/html 142.250.186.142
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVtiVIKbXVucuEctfWY_WC9AyC1wToZgR5wiOPDnWKKY-G2Ee4TrQGiNqk3gv4Yqm_UNbCmJiYJH0nX9i2LFyznw8VD5c5RW6d2YH4rjIo2MDUYANUL3K6yHqPvhN2N3u0woBaxmg==

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.142 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-Ngd7Rmy9GyrpIS-KY3XJ1g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://it.dir.bg/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 30 Oct 2024 15:16:51 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmLw0pBicEqfwRoCxO5aF1n9gZjh6xVWDiAW4uZ4PLtzJ5vAj44LsUouSfmF8cn5eSWpeSW6iSnFuiB2UWZSaUl-EQo7tQykIic_PT0zLz3eyMDIxNDAyELPwDS-wAAAFqcoow"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-Ngd7Rmy9GyrpIS-KY3XJ1g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://it.dir.bg
content-length: 0
x-xss-protection: 0
server: ESF

GET
H2 200 TBamxPrebidHandler.js Show response
vidstat.taboola.com/vpaid/vPlayer/player/v16.9.5/ 141 KB
45 KB 45ms
44ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v16.9.5/TBamxPrebidHandler.js
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v16.9.5/OvaMediaPlayer.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 98cdece9a68a5781c34c6b30d9a27b91a90a950107d3f4efda807342675dd196

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://it.dir.bg/

Response headers

content-encoding: gzip
etag: "0c293f998b2daeb487b2e584088f8f62"
age: 277181
x-amz-meta-gid: 0
x-amz-meta-mtime: 1730023374
x-amz-meta-mode: 33188
access-control-allow-methods: GET, OPTIONS, HEAD
x-cache: Miss from cloudfront, HIT
x-amz-cf-id: ViWBzegxd-6wvr-dBJeRg56bJDLOR5_XkclyxFAqTtNRHV0nCDHMVg==
date: Wed, 30 Oct 2024 15:16:51 GMT
content-type: application/javascript
last-modified: Sun, 27 Oct 2024 10:02:57 GMT
x-served-by: cache-mxp6936-MXP
x-cache-hits: 31020
vary: Accept-Encoding
access-control-allow-headers: *
cache-control: public, max-age=2592000
x-timer: S1730301411.323708,VS0,VE0
via: 1.1 940363b5827b3bf7b877f66b1584003e.cloudfront.net (CloudFront), 1.1 varnish
x-amz-meta-uid: 0
accept-ranges: bytes
access-control-allow-origin: *
content-length: 45545
x-amz-cf-pop: MXP53-P3
x-amz-meta-ctime: 1730023374
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 rusiya-globi-google-s-2-5-detsiliona-dolara-tova-sa-usd2-500-000-000-000-000-000-000-000-000-000-000
it.dir.bg/web/ 345 KB
45 KB 117ms
116ms Other
text/html 172.67.71.201
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://it.dir.bg/web/rusiya-globi-google-s-2-5-detsiliona-dolara-tova-sa-usd2-500-000-000-000-000-000-000-000-000-000-000

Requested by

Host: it.dir.bg
URL: https://it.dir.bg/web/rusiya-globi-google-s-2-5-detsiliona-dolara-tova-sa-usd2-500-000-000-000-000-000-000-000-000-000-000

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

172.67.71.201 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9c6e73bb1b9dffc6f1f145be73bbbeaff0a5a5ea3059a0745add02f47e31c833

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://it.dir.bg/web/rusiya-globi-google-s-2-5-detsiliona-dolara-tova-sa-usd2-500-000-000-000-000-000-000-000-000-000-000

Response headers

x-web: 1
content-encoding: br
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pig2P%2FzpfevpE%2BbWRwhI3LY37lLMLbzz%2Fof3Mp5pfQShk9tIThVaXUVO%2BC9Ziw3WshrM%2FuxlyC2oTuCWKg1%2BpP3yZMv%2FosdRAYICVLDUL4JF%2FGGfLE4PJPHvlQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
date: Wed, 30 Oct 2024 15:16:51 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-frame-options: DENY
strict-transport-security: max-age=63072000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8dac5e6ceab0279b-LYS
access-control-allow-origin: *
x-xss-protection: 1; mode=block
server: cloudflare

POST
H2 204 c Show response
prebid.a-mo.net/a/ 0
170 B 415ms
103ms Fetch 163.5.194.33
AS12189

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v16.9.5/TBPrebidHandler.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 163.5.194.33 Amsterdam, Netherlands, ASN12189 (AS12189, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://it.dir.bg/

Response headers

cache-control: max-age=0, private, must-revalidate
access-control-allow-origin: https://it.dir.bg
date: Wed, 30 Oct 2024 15:16:51 GMT
x-envoy-upstream-service-time: 3
vary: origin, accept-encoding, Accept-Encoding
server: envoy
access-control-allow-credentials: true

POST
H2 200 prebid Show response
id5-sync.com/api/config/ 194 B
658 B 461ms
98ms Fetch
application/json 162.19.138.83
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/config/prebid

Requested by

Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v16.9.5/TBPrebidHandler.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.83 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31532338.ip-162-19-138.eu

Software

Resource Hash

c28f77756a621fd01694290c3f16afb99ad9ba2530101829d83b3faa5cdf0d7c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://it.dir.bg/

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-origin: https://it.dir.bg
p3p: CP="CAO PSA OUR"
date: Wed, 30 Oct 2024 15:16:51 GMT
content-type: application/json;charset=UTF-8
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
access-control-allow-credentials: true

POST
H2 204 c Show response
prebid.a-mo.net/a/ 0
17 B 413ms
133ms Fetch 163.5.194.33
AS12189

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v16.9.5/TBPrebidHandler.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 163.5.194.33 Amsterdam, Netherlands, ASN12189 (AS12189, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://it.dir.bg/

Response headers

cache-control: max-age=0, private, must-revalidate
access-control-allow-origin: https://it.dir.bg
date: Wed, 30 Oct 2024 15:16:51 GMT
x-envoy-upstream-service-time: 3
vary: origin, accept-encoding, Accept-Encoding
server: envoy
access-control-allow-credentials: true

GET
H2 200 v1 Show response
lb.eu-1-id5-sync.com/lb/ 45 B
281 B 353ms
100ms Fetch
application/json 162.19.138.82
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://lb.eu-1-id5-sync.com/lb/v1

Requested by

Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v16.9.5/TBPrebidHandler.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.82 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31532337.ip-162-19-138.eu

Software

Resource Hash

800504ae0c6cb20f09431abd11eb43d4568e73e404b4401cd48db7bf1094b095

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://it.dir.bg/

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-origin: https://it.dir.bg
date: Wed, 30 Oct 2024 15:16:51 GMT
content-type: application/json;charset=UTF-8
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin

GET
H2 200 init Show response
it.dir.bg/ 79 B
1 KB 240ms
237ms XHR
application/json 172.67.71.201
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://it.dir.bg/init?game_id=

Requested by

Host: static.dir.bg
URL: https://static.dir.bg/js/desktop/all.js?_=1730119781

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

172.67.71.201 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

52eb832f61eefbfbd7423da4bbd4cca9bf998273c5f4ae13c124bc7e519b3cb3

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://it.dir.bg/web/rusiya-globi-google-s-2-5-detsiliona-dolara-tova-sa-usd2-500-000-000-000-000-000-000-000-000-000-000
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: application/json, text/javascript, */*; q=0.01

Response headers

x-web: 2
content-encoding: gzip
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KinNoqemQmQ3%2BGqgd3BFfn7nPshgtOUlRjeAOgENzTYShbch6P%2B6dy5DYeRXu4OYxW62GeofJJ5Flt3JWA6ZymFLlIE%2FJOj6zOpmGdgp%2Bwj%2BmcNcasHNlSMy4Q%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
date: Wed, 30 Oct 2024 15:16:52 GMT
content-type: application/json
vary: Accept-Encoding
x-frame-options: DENY
strict-transport-security: max-age=63072000
cache-control: no-cache
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8dac5e732a21279b-LYS
access-control-allow-origin: *
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=2DB0DB673AE34E5CA7B5385F0F5A7210&RedC=c.clarity.ms&MXFR=0BEC27187C2A6D6C2DC33230782A6335
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=2DB0DB673AE34E5CA7B5385F0F5A7210&MUID=07D18576062464223237905E076D6504

42 B
465 B

73ms
64ms

Image
image/gif

13.74.129.1
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=2DB0DB673AE34E5CA7B5385F0F5A7210&MUID=07D18576062464223237905E076D6504
Protocol: H2
Server: 13.74.129.1 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://it.dir.bg/

Response headers

cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
etag: "b116c54f951fdb1:0"
accept-ranges: bytes
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
content-length: 42
date: Wed, 30 Oct 2024 15:16:53 GMT
content-type: image/gif
last-modified: Wed, 16 Oct 2024 06:33:28 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET

Redirect headers

cache-control: private, no-cache, proxy-revalidate, no-store
location: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=2DB0DB673AE34E5CA7B5385F0F5A7210&MUID=07D18576062464223237905E076D6504
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 9DA111F5CEA644C48DB550A40E64FFC8 Ref B: BCN30EDGE0417 Ref C: 2024-10-30T15:16:53Z
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
content-length: 0
date: Wed, 30 Oct 2024 15:16:52 GMT
x-powered-by: ASP.NET

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
13 KB 657ms
122ms XHR
application/json 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202410280101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202410280101/pubads_impl.js?cb=31088558

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

cafe /

Resource Hash

87be2c37adc8ce6d9db0190d8b4df1f0c95b334bc4d53346a881576c19437b03

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://it.dir.bg/

Response headers

timing-allow-origin: *
content-encoding: br
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 12746
date: Wed, 30 Oct 2024 15:16:52 GMT
x-xss-protection: 0
content-type: application/json; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H2 200 7.ico
static.dir.bg/icons/ 2 KB
3 KB 154ms
135ms Other
image/x-icon 194.145.63.126
DELTA-BG-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://static.dir.bg/icons/7.ico?_=1664377163
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 194.145.63.126 Sofia, Bulgaria, ASN8860 (DELTA-BG-AS, BG),
Reverse DNS: station126.bdata.bg
Software: nginx /
Resource Hash: 5fd04b1f03d14ca877ea4ca5a7e8eabdd914e48274ab007901c34b5b267e8ba9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://it.dir.bg/

Response headers

access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-max-age: 172800
cache-control: max-age=2592000
accept-language: bytes
etag: "6334614b-9ba"
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
expires: Fri, 29 Nov 2024 14:48:55 GMT
access-control-allow-origin: *
content-length: 2490
date: Wed, 30 Oct 2024 14:48:55 GMT
content-type: image/x-icon
last-modified: Wed, 28 Sep 2022 14:59:23 GMT
server: nginx
vary: Origin

POST
H2 200 246.json Show response
id5-sync.com/g/v2/ 251 B
440 B 86ms
81ms Fetch
application/json 162.19.138.83
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/246.json

Requested by

Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v16.9.5/TBPrebidHandler.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.83 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31532338.ip-162-19-138.eu

Software

Resource Hash

cb76dd99f52d15f4a94f06ef1599c0729fd3d6652cadcbc16230a7a49cf5bcae

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://it.dir.bg/

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-origin: https://it.dir.bg
date: Wed, 30 Oct 2024 15:16:52 GMT
content-type: application/json
vary: Origin
access-control-allow-credentials: true

POST
H/1.1 204
No Content collect Show response
i.clarity.ms/ 0
273 B 170ms
161ms XHR
text/plain 4.153.72.49
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://i.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.49/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 4.153.72.49 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: application/x-clarity-gzip
Referer: https://it.dir.bg/

Response headers

Request-Context: appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d
Access-Control-Allow-Origin: https://it.dir.bg
Date: Wed, 30 Oct 2024 15:16:52 GMT
Vary: Origin
Server: nginx
Connection: keep-alive
Access-Control-Allow-Credentials: true

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 18 KB
7 KB 658ms
46ms Script
text/javascript 172.217.18.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202410280101/pubads_impl.js?cb=31088558

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f1.1e100.net

Software

sffe /

Resource Hash

ff3de130872fe0fb5b770dfa2bc9f0daf8ab320403a34a60d089436f08d24f99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://it.dir.bg/

Response headers

content-encoding: gzip
etag: "1727224258380615"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
x-content-type-options: nosniff
expires: Wed, 30 Oct 2024 15:16:53 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 30 Oct 2024 15:16:53 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: private, max-age=3000
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 6445
x-xss-protection: 0
server: sffe

GET
H2 200 a_cnti.png
cdn.onnetwork.tv/cnt/ Frame 9855 126 B
331 B 207ms
204ms Image
image/png 188.165.21.156
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.onnetwork.tv/cnt/a_cnti.png?ts=1730301413193&event=adnotpresent&d=7056&vs=0&aps=3&playerVisible=2&plist=1773&widget=815&initap=3&currap=3&ab=0&cbs=1&co=1&vc=0&pod=0&ppos=0&muted=2&mobile=0&lls=0&acount=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 188.165.21.156 , France, ASN16276 (OVH, FR),
Reverse DNS: vh11b.eris-w13.of.pl
Software: XO.webservantpro /
Resource Hash: a607b3c3e0d09d7f339e0035f16f99bf93637dee0eb27b2b9c447701fefa2ace

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://it.dir.bg/

Response headers

cache-control: no-cache
access-control-allow-methods: GET, POST, OPTIONS
accept-ranges: bytes
access-control-allow-origin: *
content-length: 126
date: Wed, 30 Oct 2024 15:16:53 GMT
content-type: image/png
last-modified: Wednesday, 30-Oct-2024 15:16:53 GMT
server: XO.webservantpro

GET
H2 200 a_cntn.png
cdn.onnetwork.tv/cnt/ Frame 9855 126 B
331 B 208ms
207ms Image
image/png 188.165.21.156
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.onnetwork.tv/cnt/a_cntn.png?ts=1730301413193&d=7056&mobile=0&bp=0&ap=3&lin=1&muted=1&fna=1&ab=0&co=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 188.165.21.156 , France, ASN16276 (OVH, FR),
Reverse DNS: vh11b.eris-w13.of.pl
Software: XO.webservantpro /
Resource Hash: a607b3c3e0d09d7f339e0035f16f99bf93637dee0eb27b2b9c447701fefa2ace

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://it.dir.bg/

Response headers

cache-control: no-cache
access-control-allow-methods: GET, POST, OPTIONS
accept-ranges: bytes
access-control-allow-origin: *
content-length: 126
date: Wed, 30 Oct 2024 15:16:53 GMT
content-type: image/png
last-modified: Wednesday, 30-Oct-2024 15:16:53 GMT
server: XO.webservantpro

POST
H2 200 VideoBidRequestHandlerServlet Show response
wf.taboola.com/ 8 KB
4 KB 383ms
242ms XHR
application/json 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=-1&noaop=3&sortOrderType=0&cb=1730301413570&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=2&pv=1695&pt=-986716708&tz=60&viewable=true&ddast=V9Io0CABYDAH7WNfkZYp4tBAB-1jX5GWKeLQUAAAAABgYA9AcAJLFx2BbGhWGtcZhWa9FyZltLbJ6VW7Iyzoajkc0xWliGAEASG4dtYVwY1hqHabUWLWe2tcTmWbklK-NsOBrZHKOFZQoAIMZymQxqgYJselnuDtPT7jNIWGa_76CgnJ4es8sNAHpoOh0-171eabqLnJa7xOfXvSx-yevzdD7cOrPf4nTr_H6f2eXWvCVr1VrkMn2eZqff7nCL_GaH5eEW_W0Pt-bhVn1OlrVqMFgLBoO1YDBYCwaDtWAwWAsGg7VgMFgLBoO1YDBYCwaDtWAwmAMAAAAAwAPA____PwQAAAAAQAQAAAAAgAQAAAAAAAVAQAXAvwWAwAUAAAAAAAbA____vwYAANoGgEAzyQFQ0E6zw-4PAAAAAAAQAAAAAAASAACE5c8SAICYrfUTgP__________GIAB-swbGYD_____GwCDHgCABx8AgAchAAAAAJMhACBUipzYf4skIgAAgRGoIgBGAAAAAAC5xj6TRwCTADoBoAKwqAL4___vtwIAuAIAAAiQ9Aagsc8C0B2UeAsDAAAAEBgDWKCHxe83O-wav9tlAP__________ZgD_ZwD_aABCNbhSaQBBEwo9agC_gAAAawC_gAAAbADqBgAA8AYQAAcQdAAErRgMVgcQELMDAAAAALgD-P___9cDAKmFxbPcDWcrh82wWAxnq5lntpp4TCbHwrdYDYbbA3j91-j-XBCA6AMQCbLpZbk7TE-7zyBhmf2-g4JyenrMLoP4oGFYTgbB_AAmbDFaTSab5XC2XEwGw9FwNNofwEBsBgMEoGjJYrUcrnaTxWizWEyWu-FoMkEAihYNJqvRaLKYDFejyWq2XOx2GwSgaNVqNtoMhqvZZLbbrYaD4XI0QoAJW4xWk8lmOZwtF5PBcDQcjYYIABOO4cRiWq3cIt_MtRatXLa1wuUyrUWeyWQ5GGxmNs9mLXp9TC_HxOSZDbYIIBiwuBfJ0yKdaFau5WC53BhXi81kt5vZRqbBbOKyrGwek2fmskzEEs3JIp3ILvvWwuJZ7oazlcNmWCyGs9XMM1tNPCaTY-FbrAbDfcMxnFhMq5Vb5Ju51qKVy7ZWuFymtcgzmSwHg83M5tmsRa-P6eWYmDyzwb6x2ww2g8VoMNw3dpvBZrAYDYb7Dp3hu_qcjebfwvExSX2foUN6Mx0ULoPFu5iYdt_O8GCtFoxOmzO07O6Mfr_f7_f7_X6_32_Qeg5mg8I3LiwrtufYas1JtAWxweA5WAyKWCK4SCdK08lpufh8lrfMMdtMRovdbiKWKE0X6USve1n8ktfn6Xy4dWa_xenW-f0-s8uteUvWqrXIZfo8zU6_3eEW-c0Oy8Mt-tsebs3DrfqcLGvVYLAWDAZrwWCwFgwGa8FgsBYMBmvBYLAWDAZrwWCwFgwGa8FgMBFLBKeLdCJ6GU8X9R8BHGK4miuWw7lsMleMdqsEAAAAAAAAAACwBLAJAAAAAMAJYFC72WixWifAwUw2o91ytVwAgAsAJV0AYBAAAAAAAIBdADCXeMhw2STYY4CJNJ2clovPZ3nLHLPNZLTY7aYMACBRR8MMsBngMwBBrNVqWQMAAAAIYAMAAAAEcAPoBuANINBMjgMAAAAI0AMAAADQ7wMAZQEAAAAAAPADFMhgN1vtHwBAgEKs1Wp1u7FWqxUQUDCr2WQ3gYD___9_ggAAAAAAAICojoIAAAAAAACApVmEAIFtNyGgQoDBEC1_t8sLAR0CAGbpOvknC3AeAgAAAiS9AWgIAA!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=1&ioovp=true&dtagid=3234795&dpubid=576415&abtst=adxsub-out_vA!adxsub-out_vB!agqp4c_vC!flradc_vA!ufm_vG!vdprc_vC&mPre=0.033&cirf=https%3A%2F%2Fit.dir.bg&en=1&subu=3
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/5.0.6/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e105d933db2e23166c26d5bb962a49a4547a506cefe7943d04596b652f24b1d6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-type: text/plain
Referer: https://it.dir.bg/

Response headers

content-encoding: gzip
expires: Sat, 26 Jul 1997 05:00:00 GMT
x-cache: MISS
date: Wed, 30 Oct 2024 15:16:53 GMT
content-type: application/json;charset=utf-8
x-served-by: cache-mxp6936-MXP
x-cache-hits: 0
vary: Accept-Encoding
link: <http://{"bidderRequest">; rel=preconnect
machineid: 140107
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
pragma: no-cache
x-timer: S1730301414.728092,VS0,VE203
access-control-allow-credentials: true
via: 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: https://it.dir.bg
server: nginx

POST
H2 204 collect
analytics.google.com/g/ 0
0 120ms
47ms Fetch
text/plain 216.58.206.78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-B1XSRWSHN4&gtm=45je4as0v9122851342za200zb810347154&_p=1730301402719&gcs=G1--&gcd=13l3l3l3l5l1&npa=0&dma=0&tcfd=10000&tag_exp=101533421~101823848~101878899~101878944~101925629&cid=1863221803.1730301405&ul=it-it&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_eu=AEI&sid=1730301404&sct=1&seg=0&dl=https%3A%2F%2Fit.dir.bg%2Fweb%2Frusiya-globi-google-s-2-5-detsiliona-dolara-tova-sa-usd2-500-000-000-000-000-000-000-000-000-000-000&dt=%D0%A0%D1%83%D1%81%D0%B8%D1%8F%20%D0%B3%D0%BB%D0%BE%D0%B1%D0%B8%20Google%20%D1%81%202%2C5%20%D0%B4%D0%B5%D1%86%D0%B8%D0%BB%D0%B8%D0%BE%D0%BD%D0%B0%20%D0%B4%D0%BE%D0%BB%D0%B0%D1%80%D0%B0.%20%D0%A2%D0%BE%D0%B2%D0%B0%20%D1%81%D0%B0%20%242%20500%20000%20000%20000%20000%20000%20000%20000%20000%20000%20000%20%7C%20it.dir.bg&_s=3&tfd=12734
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-B1XSRWSHN4&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.58.206.78 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: mil07s08-in-f14.1e100.net
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://it.dir.bg/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://it.dir.bg
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 30 Oct 2024 15:16:53 GMT
content-type: text/plain
server: Golfe2

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/232/ Frame E342 0
0 36ms
32ms Document
text/html 172.217.18.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/232/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f1.1e100.net

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://it.dir.bg/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 2625
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3000
content-encoding: gzip
content-length: 5005
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 30 Oct 2024 14:33:08 GMT
expires: Wed, 30 Oct 2024 15:23:08 GMT
last-modified: Mon, 23 Sep 2024 18:12:21 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe
www.google.com/recaptcha/api2/ Frame 8DD6 0
0 64ms
63ms Document
text/html 142.250.185.196
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.196 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f4.1e100.net

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-8o-vnOn6q1jZv3sNRLQhhA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://it.dir.bg/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-8o-vnOn6q1jZv3sNRLQhhA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy-report-only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy: cross-origin
date: Wed, 30 Oct 2024 15:16:53 GMT
expires: Wed, 30 Oct 2024 15:16:53 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server: ESF
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 prebid Show response
id5-sync.com/api/config/ 195 B
469 B 38ms
37ms Fetch
application/json 162.19.138.83
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/config/prebid

Requested by

Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v16.9.5/TBPrebidHandler.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.83 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31532338.ip-162-19-138.eu

Software

Resource Hash

f9eb538f15ae4d2e4cb9ed5e460819a92c66466a1b3fa270a1109819f80695e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://it.dir.bg/

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-origin: https://it.dir.bg
date: Wed, 30 Oct 2024 15:16:53 GMT
content-type: application/json;charset=UTF-8
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
access-control-allow-credentials: true

POST
H2 204 c Show response
prebid.a-mo.net/a/ 0
40 B 60ms
58ms Fetch 163.5.194.33
AS12189

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v16.9.5/TBPrebidHandler.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 163.5.194.33 Amsterdam, Netherlands, ASN12189 (AS12189, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://it.dir.bg/

Response headers

cache-control: max-age=0, private, must-revalidate
access-control-allow-origin: https://it.dir.bg
date: Wed, 30 Oct 2024 15:16:53 GMT
x-envoy-upstream-service-time: 3
vary: origin, accept-encoding, Accept-Encoding
server: envoy
access-control-allow-credentials: true

GET
H2 200 v1 Show response
lb.eu-1-id5-sync.com/lb/ 45 B
280 B 46ms
44ms Fetch
application/json 162.19.138.82
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://lb.eu-1-id5-sync.com/lb/v1

Requested by

Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v16.9.5/TBPrebidHandler.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.82 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31532337.ip-162-19-138.eu

Software

Resource Hash

7d331163f1b3d1f8ff75bcbcdd2abeecf34d4f8f7ed45dcfb5c5236189314fbc

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://it.dir.bg/

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-origin: https://it.dir.bg
date: Wed, 30 Oct 2024 15:16:53 GMT
content-type: application/json;charset=UTF-8
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin

POST
H2 200 246.json Show response
id5-sync.com/g/v2/ 251 B
440 B 46ms
41ms Fetch
application/json 162.19.138.83
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/246.json

Requested by

Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v16.9.5/TBPrebidHandler.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.83 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31532338.ip-162-19-138.eu

Software

Resource Hash

441ced4ec9a868ff6c0ee069edac49f28428bfad7070d7d1eb784ebaf976f1d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://it.dir.bg/

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-origin: https://it.dir.bg
date: Wed, 30 Oct 2024 15:16:54 GMT
content-type: application/json
vary: Origin
access-control-allow-credentials: true

GET
H/1.1 200
OK / Show response
tt.onthe.io/ 0
287 B 111ms
109ms XHR
text/javascript 188.40.115.112
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tt.onthe.io/?k[]=25984:time[url:%2Fweb%2Frusiya-globi-google-s-2-5-detsiliona-dolara-tova-sa-usd2-500-000-000-000-000-000-000-000-000-000-000,device:desktop,type_article:image,user_id:70e4f10fc.cd86bf426_1730301404796,cdn_version:27]&s=82e9c82c1a072e9873484057dab96e77&1730301414852
Requested by: Host: cdn.onthe.io
URL: https://cdn.onthe.io/io.js/9iqtAeEspwts
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 188.40.115.112 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.112.115.40.188.clients.your-server.de
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://it.dir.bg/

Response headers

Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Access-Control-Allow-Origin: *
Content-Length: 0
Date: Wed, 30 Oct 2024 15:16:54 GMT
Content-Type: text/javascript
Server: nginx

GET sodar
pagead2.googlesyndication.com/pagead/ 0
0

GET
H2 204 isyn
prebid.a-mo.net/ Frame E162 0
0 325ms
64ms Document
text/plain 163.5.194.36
AS12189

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/isyn?gdpr_consent=&gdpr=0&us_privacy=&gpp=&gpp_sid=
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v16.9.5/TBPrebidHandler.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 163.5.194.36 Amsterdam, Netherlands, ASN12189 (AS12189, US),
Reverse DNS
Software: envoy /
Resource Hash

Request headers

Referer: https://it.dir.bg/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

cache-control: max-age=0, private, must-revalidate
date: Wed, 30 Oct 2024 15:16:55 GMT
server: envoy
vary: accept-encoding, Accept-Encoding
x-envoy-upstream-service-time: 0

POST
H2 200 OpportunityServlet
am-vid-events.taboola.com/ 1 B
116 B 127ms
98ms Ping
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-vid-events.taboola.com/OpportunityServlet
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/34_4_5/infra/cmTagFEED_MANAGER.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: 5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://it.dir.bg/

Response headers

access-control-allow-origin: https://it.dir.bg
content-length: 1
date: Wed, 30 Oct 2024 15:16:55 GMT
server: nginx
access-control-allow-credentials: true

POST
H2 204 collect
analytics.google.com/g/ Frame 9855 0
0 86ms
85ms Fetch
text/plain 216.58.206.78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-74752H7V8Z&gtm=45je4as0v9126415660za200&_p=1730301409519&gcs=G1--&gcd=13l3l3l3l6l1&npa=0&dma=0&tcfd=14I54&tag_exp=101533421~101823848~101878899~101878944~101925629&ul=it-it&sr=1600x1200&cid=1863221803.1730301405&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=1&pscdl=noapi&_eu=EBAI&dl=https%3A%2F%2Fit.dir.bg%2Fweb%2Frusiya-globi-google-s-2-5-detsiliona-dolara-tova-sa-usd2-500-000-000-000-000-000-000-000-000-000-000&dt=Player&sid=1730301404&sct=1&seg=1&_s=1&tfd=9927
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-74752H7V8Z&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.58.206.78 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: mil07s08-in-f14.1e100.net
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://it.dir.bg/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://it.dir.bg
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 30 Oct 2024 15:16:55 GMT
content-type: text/plain
server: Golfe2

POST
H2 200 VideoBidRequestHandlerServlet Show response
am-wf.taboola.com/ 4 KB
1 KB 341ms
279ms XHR
application/json 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=-1&noaop=3&sortOrderType=0&cb=1730301416087&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=3&pv=1695&pt=-986716708&tz=60&viewable=true&ddast=V9Io0CABYDAH7WNfkZYp4tBAB-1jX5GWKeLQUAAAAABgYA9AcAJLFx2BbGhWGtcZhWa9FyZltLbJ6VW7Iyzoajkc0xWliGAEASG4dtYVwY1hqHabUWLWe2tcTmWbklK-NsOBrZHKOFZQoAIMZymQxqgYJselnuDtPT7jNIWGa_76CgnJ4es8sNAHpoOh0-171eabqLnJa7xOfXvSx-yevzdD7cOrPf4nTr_H6f2eXWvCVr1VrkMn2eZqff7nCL_GaH5eEW_W0Pt-bhVn1OlrVqMFgLBoO1YDBYCwaDtWAwWAsGg7VgMFgLBoO1YDBYCwaDtWAwmAMAAAAAwAPA____PwQAAAAAQAQAAAAAgAQAAAAAAAVAQAXAvwWAwAUAAAAAAAbA____vwYAANoGgEAzyQFQ0E6zw-4PAAAAAAAQAAAAAAASAACE5c8SAICYrfUTgP__________GIAB-swbGYD_____GwCDHgCABx8AgAchAAAAAJMhACBUipzYf4skIgAAgRGoIgBGAAAAAAC5xj6TRwCTADoBoAKwqAL4___vtwIAuAIAAAiQ9Aagsc8C0B2UeAsDAAAAEBgDWKCHxe83O-wav9tlAP__________ZgD_ZwD_aABCNbhSaQBBEwo9agC_gAAAawC_gAAAbADqBgAA8AYQAAcQdAAErRgMVgcQELMDAAAAALgD-P___9cDAKmFxbPcDWcrh82wWAxnq5lntpp4TCbHwrdYDYbbA3j91-j-XBCA6AMQCbLpZbk7TE-7zyBhmf2-g4JyenrMLoP4oGFYTgbB_AAmbDFaTSab5XC2XEwGw9FwNNofwEBsBgMEoGjJYrUcrnaTxWizWEyWu-FoMkEAihYNJqvRaLKYDFejyWq2XOx2GwSgaNVqNtoMhqvZZLbbrYaD4XI0QoAJW4xWk8lmOZwtF5PBcDQcjYYIABOO4cRiWq3cIt_MtRatXLa1wuUyrUWeyWQ5GGxmNs9mLXp9TC_HxOSZDbYIIBiwuBfJ0yKdaFau5WC53BhXi81kt5vZRqbBbOKyrGwek2fmskzEEs3JIp3ILvvWwuJZ7oazlcNmWCyGs9XMM1tNPCaTY-FbrAbDfcMxnFhMq5Vb5Ju51qKVy7ZWuFymtcgzmSwHg83M5tmsRa-P6eWYmDyzwb6x2ww2g8VoMNw3dpvBZrAYDYb7Dp3hu_qcjebfwvExSX2foUN6Mx0ULoPFu5iYdt_O8GCtFoxOmzO07O6Mfr_f7_f7_X6_32_Qeg5mg8I3LiwrtufYas1JtAWxweA5WAyKWCK4SCdK08lpufh8lrfMMdtMRovdbiKWKE0X6USve1n8ktfn6Xy4dWa_xenW-f0-s8uteUvWqrXIZfo8zU6_3eEW-c0Oy8Mt-tsebs3DrfqcLGvVYLAWDAZrwWCwFgwGa8FgsBYMBmvBYLAWDAZrwWCwFgwGa8FgMBFLBKeLdCJ6GU8X9R8BHGK4miuWw7lsMleMdqsEAAAAAAAAAACwBLAJAAAAAMAJYFC72WixWifAwUw2o91ytVwAgAsAJV0AYBAAAAAAAIBdADCXeMhw2STYY4CJNJ2clovPZ3nLHLPNZLTY7aYMACBRR8MMsBngMwBBrNVqWQMAAAAIYAMAAAAEcAPoBuANINBMjgMAAAAI0AMAAADQ7wMAZQEAAAAAAPADFMhgN1vtHwBAgEKs1Wp1u7FWqxUQUDCr2WQ3gYD___9_ggAAAAAAAICojoIAAAAAAACApVmEAIFtNyGgQoDBEC1_t8sLAR0CAGbpOvknC3AeAgAAAiS9AWgIAA!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=1&ioovp=true&dtagid=3234795&dpubid=576415&abtst=adxsub-out_vA!adxsub-out_vB!agqp4c_vC!flradc_vA!ufm_vG!vdprc_vC&mPre=0.033&cirf=https%3A%2F%2Fit.dir.bg&en=1&subu=3
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/5.0.6/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: c79c17da0cd71ab85cbb54652bb12d3fe6a3c49e5f161c0acf1f38dac83e93ae

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-type: text/plain
Referer: https://it.dir.bg/

Response headers

machineid: 140135
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
content-encoding: gzip
pragma: no-cache
access-control-allow-credentials: true
expires: Sat, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin: https://it.dir.bg
date: Wed, 30 Oct 2024 15:16:56 GMT
content-type: application/json;charset=utf-8
vary: Accept-Encoding
server: nginx

POST
H2 204 collect
analytics.google.com/g/ Frame 9855 0
0 55ms
48ms Fetch
text/plain 216.58.206.78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-B1XSRWSHN4&gtm=45je4as0v9122851342za200zb9126415660&_p=1730301409519&gcs=G1--&gcd=13l3l3l3l5l1&npa=0&dma=0&tcfd=14I54&tag_exp=101533421~101823848~101878899~101878944~101925629&cid=1863221803.1730301405&ul=it-it&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=1&pscdl=noapi&sid=1730301404&sct=1&seg=1&dl=https%3A%2F%2Fit.dir.bg%2Fweb%2Frusiya-globi-google-s-2-5-detsiliona-dolara-tova-sa-usd2-500-000-000-000-000-000-000-000-000-000-000&dr=https%3A%2F%2Fit.dir.bg%2Fweb%2Frusiya-globi-google-s-2-5-detsiliona-dolara-tova-sa-usd2-500-000-000-000-000-000-000-000-000-000-000&dt=Player&_s=1&tfd=10266
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=G-B1XSRWSHN4&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.58.206.78 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: mil07s08-in-f14.1e100.net
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://it.dir.bg/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://it.dir.bg
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 30 Oct 2024 15:16:56 GMT
content-type: text/plain
server: Golfe2

POST
H2 200 VideoBidRequestHandlerServlet Show response
am-wf.taboola.com/ 4 KB
1 KB 324ms
322ms XHR
application/json 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=-1&noaop=3&sortOrderType=0&cb=1730301418630&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=4&pv=1695&pt=-986716708&tz=60&viewable=true&ddast=V9Io0CABYDAH7WNfkZYp4tBAB-1jX5GWKeLQUAAAAABgYA9AcAJLFx2BbGhWGtcZhWa9FyZltLbJ6VW7Iyzoajkc0xWliGAEASG4dtYVwY1hqHabUWLWe2tcTmWbklK-NsOBrZHKOFZQoAIMZymQxqgYJselnuDtPT7jNIWGa_76CgnJ4es8sNAHpoOh0-171eabqLnJa7xOfXvSx-yevzdD7cOrPf4nTr_H6f2eXWvCVr1VrkMn2eZqff7nCL_GaH5eEW_W0Pt-bhVn1OlrVqMFgLBoO1YDBYCwaDtWAwWAsGg7VgMFgLBoO1YDBYCwaDtWAwmAMAAAAAwAPA____PwQAAAAAQAQAAAAAgAQAAAAAAAVAQAXAvwWAwAUAAAAAAAbA____vwYAANoGgEAzyQFQ0E6zw-4PAAAAAAAQAAAAAAASAACE5c8SAICYrfUTgP__________GIAB-swbGYD_____GwCDHgCABx8AgAchAAAAAJMhACBUipzYf4skIgAAgRGoIgBGAAAAAAC5xj6TRwCTADoBoAKwqAL4___vtwIAuAIAAAiQ9Aagsc8C0B2UeAsDAAAAEBgDWKCHxe83O-wav9tlAP__________ZgD_ZwD_aABCNbhSaQBBEwo9agC_gAAAawC_gAAAbADqBgAA8AYQAAcQdAAErRgMVgcQELMDAAAAALgD-P___9cDAKmFxbPcDWcrh82wWAxnq5lntpp4TCbHwrdYDYbbA3j91-j-XBCA6AMQCbLpZbk7TE-7zyBhmf2-g4JyenrMLoP4oGFYTgbB_AAmbDFaTSab5XC2XEwGw9FwNNofwEBsBgMEoGjJYrUcrnaTxWizWEyWu-FoMkEAihYNJqvRaLKYDFejyWq2XOx2GwSgaNVqNtoMhqvZZLbbrYaD4XI0QoAJW4xWk8lmOZwtF5PBcDQcjYYIABOO4cRiWq3cIt_MtRatXLa1wuUyrUWeyWQ5GGxmNs9mLXp9TC_HxOSZDbYIIBiwuBfJ0yKdaFau5WC53BhXi81kt5vZRqbBbOKyrGwek2fmskzEEs3JIp3ILvvWwuJZ7oazlcNmWCyGs9XMM1tNPCaTY-FbrAbDfcMxnFhMq5Vb5Ju51qKVy7ZWuFymtcgzmSwHg83M5tmsRa-P6eWYmDyzwb6x2ww2g8VoMNw3dpvBZrAYDYb7Dp3hu_qcjebfwvExSX2foUN6Mx0ULoPFu5iYdt_O8GCtFoxOmzO07O6Mfr_f7_f7_X6_32_Qeg5mg8I3LiwrtufYas1JtAWxweA5WAyKWCK4SCdK08lpufh8lrfMMdtMRovdbiKWKE0X6USve1n8ktfn6Xy4dWa_xenW-f0-s8uteUvWqrXIZfo8zU6_3eEW-c0Oy8Mt-tsebs3DrfqcLGvVYLAWDAZrwWCwFgwGa8FgsBYMBmvBYLAWDAZrwWCwFgwGa8FgMBFLBKeLdCJ6GU8X9R8BHGK4miuWw7lsMleMdqsEAAAAAAAAAACwBLAJAAAAAMAJYFC72WixWifAwUw2o91ytVwAgAsAJV0AYBAAAAAAAIBdADCXeMhw2STYY4CJNJ2clovPZ3nLHLPNZLTY7aYMACBRR8MMsBngMwBBrNVqWQMAAAAIYAMAAAAEcAPoBuANINBMjgMAAAAI0AMAAADQ7wMAZQEAAAAAAPADFMhgN1vtHwBAgEKs1Wp1u7FWqxUQUDCr2WQ3gYD___9_ggAAAAAAAICojoIAAAAAAACApVmEAIFtNyGgQoDBEC1_t8sLAR0CAGbpOvknC3AeAgAAAiS9AWgIAA!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=1&ioovp=true&dtagid=3234795&dpubid=576415&abtst=adxsub-out_vA!adxsub-out_vB!agqp4c_vC!flradc_vA!ufm_vG!vdprc_vC&mPre=0.033&cirf=https%3A%2F%2Fit.dir.bg&en=1&subu=3
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/5.0.6/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: 0f1fdcc19c664fe64cd7ab8cac56ab50d8555a2aa453bffce61c5bad705a019e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-type: text/plain
Referer: https://it.dir.bg/

Response headers

machineid: 140168
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
content-encoding: gzip
pragma: no-cache
access-control-allow-credentials: true
expires: Sat, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin: https://it.dir.bg
date: Wed, 30 Oct 2024 15:16:58 GMT
content-type: application/json;charset=utf-8
vary: Accept-Encoding
server: nginx

GET
H2 200 rexdot.js Show response
gabg.hit.gemius.pl/_1730301420692/ Frame 9855 169 B
250 B 133ms
131ms Script
application/x-javascript 78.128.6.34
TELEPOINT

General

Check archive.org

Show headers Download Go to

Full URL: https://gabg.hit.gemius.pl/_1730301420692/rexdot.js?l=100&sendf=24&id=zaebiasrbMShtyuK5jfVCqe03_ks0XrIuUfV9yF4B7H.o7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&tz=-60&fv=-&href=https%3A%2F%2Fit.dir.bg%2Fweb%2Frusiya-globi-google-s-2-5-detsiliona-dolara-tova-sa-usd2-500-000-000-000-000-000-000-000-000-000-000&screen=1600x1200r1000&col=24&window=949x534&cmpf=1&vis=1&lsdata=-NOCONSENT&fpdata=-NOCONSENT&fr=2&ref=&inner=_ver%3D355%7C_ch_mobile%3D0%7C_ch_wow64%3D0%7C_ch_brands%3D&nc=1&exid=-NOCONSENT&brts=1730301420
Requested by: Host: gabg.hit.gemius.pl
URL: https://gabg.hit.gemius.pl/xgemius.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 78.128.6.34 , Bulgaria, ASN31083 (TELEPOINT, BG),
Reverse DNS: ip-6-34.telehouse.bg
Software: GHC /
Resource Hash: 997171edfb423b814583106272eaf73b501ca61634e99ddbd63a7315e7b6c0d6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://it.dir.bg/

Response headers

cache-control: no-store, no-cache, must-revalidate, max-age=0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor
cross-origin-resource-policy: cross-origin
expires: Tue, 29 Oct 2024 15:17:00 GMT
accept-ranges: none
p3p: CP="NOI DSP COR NID PSAo OUR IND"
content-length: 169
date: Wed, 30 Oct 2024 15:17:00 GMT
content-type: application/x-javascript
server: GHC

POST
H2 200 VideoBidRequestHandlerServlet Show response
am-wf.taboola.com/ 4 KB
1 KB 143ms
140ms XHR
application/json 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=-1&noaop=3&sortOrderType=0&cb=1730301421642&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=5&pv=1695&pt=-986716708&tz=60&viewable=true&ddast=V9Io0CABYDAH7WNfkZYp4tBAB-1jX5GWKeLQUAAAAABgYA9AcAJLFx2BbGhWGtcZhWa9FyZltLbJ6VW7Iyzoajkc0xWliGAEASG4dtYVwY1hqHabUWLWe2tcTmWbklK-NsOBrZHKOFZQoAIMZymQxqgYJselnuDtPT7jNIWGa_76CgnJ4es8sNAHpoOh0-171eabqLnJa7xOfXvSx-yevzdD7cOrPf4nTr_H6f2eXWvCVr1VrkMn2eZqff7nCL_GaH5eEW_W0Pt-bhVn1OlrVqMFgLBoO1YDBYCwaDtWAwWAsGg7VgMFgLBoO1YDBYCwaDtWAwmAMAAAAAwAPA____PwQAAAAAQAQAAAAAgAQAAAAAAAVAQAXAvwWAwAUAAAAAAAbA____vwYAANoGgEAzyQFQ0E6zw-4PAAAAAAAQAAAAAAASAACE5c8SAICYrfUTgP__________GIAB-swbGYD_____GwCDHgCABx8AgAchAAAAAJMhACBUipzYf4skIgAAgRGoIgBGAAAAAAC5xj6TRwCTADoBoAKwqAL4___vtwIAuAIAAAiQ9Aagsc8C0B2UeAsDAAAAEBgDWKCHxe83O-wav9tlAP__________ZgD_ZwD_aABCNbhSaQBBEwo9agC_gAAAawC_gAAAbADqBgAA8AYQAAcQdAAErRgMVgcQELMDAAAAALgD-P___9cDAKmFxbPcDWcrh82wWAxnq5lntpp4TCbHwrdYDYbbA3j91-j-XBCA6AMQCbLpZbk7TE-7zyBhmf2-g4JyenrMLoP4oGFYTgbB_AAmbDFaTSab5XC2XEwGw9FwNNofwEBsBgMEoGjJYrUcrnaTxWizWEyWu-FoMkEAihYNJqvRaLKYDFejyWq2XOx2GwSgaNVqNtoMhqvZZLbbrYaD4XI0QoAJW4xWk8lmOZwtF5PBcDQcjYYIABOO4cRiWq3cIt_MtRatXLa1wuUyrUWeyWQ5GGxmNs9mLXp9TC_HxOSZDbYIIBiwuBfJ0yKdaFau5WC53BhXi81kt5vZRqbBbOKyrGwek2fmskzEEs3JIp3ILvvWwuJZ7oazlcNmWCyGs9XMM1tNPCaTY-FbrAbDfcMxnFhMq5Vb5Ju51qKVy7ZWuFymtcgzmSwHg83M5tmsRa-P6eWYmDyzwb6x2ww2g8VoMNw3dpvBZrAYDYb7Dp3hu_qcjebfwvExSX2foUN6Mx0ULoPFu5iYdt_O8GCtFoxOmzO07O6Mfr_f7_f7_X6_32_Qeg5mg8I3LiwrtufYas1JtAWxweA5WAyKWCK4SCdK08lpufh8lrfMMdtMRovdbiKWKE0X6USve1n8ktfn6Xy4dWa_xenW-f0-s8uteUvWqrXIZfo8zU6_3eEW-c0Oy8Mt-tsebs3DrfqcLGvVYLAWDAZrwWCwFgwGa8FgsBYMBmvBYLAWDAZrwWCwFgwGa8FgMBFLBKeLdCJ6GU8X9R8BHGK4miuWw7lsMleMdqsEAAAAAAAAAACwBLAJAAAAAMAJYFC72WixWifAwUw2o91ytVwAgAsAJV0AYBAAAAAAAIBdADCXeMhw2STYY4CJNJ2clovPZ3nLHLPNZLTY7aYMACBRR8MMsBngMwBBrNVqWQMAAAAIYAMAAAAEcAPoBuANINBMjgMAAAAI0AMAAADQ7wMAZQEAAAAAAPADFMhgN1vtHwBAgEKs1Wp1u7FWqxUQUDCr2WQ3gYD___9_ggAAAAAAAICojoIAAAAAAACApVmEAIFtNyGgQoDBEC1_t8sLAR0CAGbpOvknC3AeAgAAAiS9AWgIAA!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=1&ioovp=true&dtagid=3234795&dpubid=576415&abtst=adxsub-out_vA!adxsub-out_vB!agqp4c_vC!flradc_vA!ufm_vG!vdprc_vC&mPre=0.033&cirf=https%3A%2F%2Fit.dir.bg&en=1&subu=3
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/5.0.6/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: c0e96f1414cf54d470bbfe273bc19e708714e53e7aea830a14bb44a31da42998

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-type: text/plain
Referer: https://it.dir.bg/

Response headers

machineid: 140103
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
content-encoding: gzip
pragma: no-cache
access-control-allow-credentials: true
expires: Sat, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin: https://it.dir.bg
date: Wed, 30 Oct 2024 15:17:01 GMT
content-type: application/json;charset=utf-8
vary: Accept-Encoding
server: nginx

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=232&t=2&li=gpt_m202410280101&jk=1030738129488711&bg=!KSqlKmXNAAZ-RxQpXkc7ADQBe5WfOHcCdD2LOcH6e3LQFmoekXWG40sGajf498D4Od6MCiRc9vMlcctouUtn5rfE5NMkAgAAAXNSAAAAJGgBB34ANoi0zwb5SX2ECxDpr61o3T43sdlnt_ZaXPaSa8jWp4N-X3_7kNBfJTVwbrXhITZytdUHQTwQcZkCm4uX5eE1NnxODWnewhEbkEMYd5gl2a8asABuaup3gZEcWO8E3xl4auiV_XTSGDIgYEbysM6YsFCJRXf2yrubvarxhoTPWc8ZSLSS1cyPfEZrLd4KeKcNzgB5nPFvXRzbYu_xONtROLLMnID6vWlpPMc2HL4QkPyB_rYn6d3LYvkF5UDmRpiSaJWw9vC91RSJRj_lYKM7jdfpQq_zq2DIpFXu19k2lzQj0O6pnaADcquPifNLMEiTaTxKXYWagGS6GQyozhvZdLZUhsEomDkTCIQYNncVh7c8O2SbzF9vn7Z6d6sTLMFthMy_AZfOplTT_DRXh_PpiBSQKG5Px3cNvdLm5L2z7cYBUSklsQP4J0JbHljs17ar8JFD-bdIILDNUQHMvIZT2mILxJ9karQhxWcPUd3e-3GSlhl2gnmNLUNDX8hWJkJawqlo1kEHUntNv8jiJf4oP9cbd-8wlmQCxMmdVu3yZPUlLLeajEGi40OUyt1pwMQq1eyUPH4XQr1dmU2FEw1FvhrY5SkoHzEuzuMnncikFmg_b4bdCFZOG25tc4Vx_TjGQD5jrnyl0DLNQ-39ChIpnpdb4cCecIMw6tvBbyn6iJ4Ar-KKqEvunOb0VYmxV7as6YgfJzaiUCH_RJ5ZbxEw4-rjfPWaEQXrLuvKcRpSbqELo4MlOpnzUkA8qN4H781W8eMAZlIqmsXTyUghP0kKJDDy6Vqm_VhXjzhwNuIUoHlqc_7AyNc2VZTScQWnoimh2GJ5ZeOQ4DWW_gXIs6bsrHO85_HsAgsxVeOOovi-MA1y86Nnpe2PAwBipZfv_n4pWx1W1lk7KqM3G2t3ULSkCDIBG_zMfYvDQlOU51mGsxU3NhzHJQllxSPKuTkKxzdpvTXV9hs

Verdicts & Comments Add Verdict or Comment

349 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

84 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
webapi.dir.bg/	1970-01-21 00:38:28	Name: XSRF-TOKEN Value: eyJpdiI6InQvVDJXdzEvV0h1MTI0aHFmVHdMamc9PSIsInZhbHVlIjoialFyNWhadXZxaVA5WWRVRkszZ3F3TTRUL2tmOUdXdzZKb1l1Z0NOeXAyK1ZmenZyU2s4c1BTOThyaFQ1WW4xTkZzbXN4ZlU1c0dENnJJVjhVNUdBSC9QK2pTQ3U3THMwdXFMWDYvYzJjSHNveDBMa3RLZmZoOFlVNWFmQnF2WWMiLCJtYWMiOiJkOWM1NzgyYzQ2OTNiZjE5YzZmZjAzOTg0ZTM3ODZiYTc5NjczMmQ1Mjg4YTJmZDlmMjNjMmM2ZjAwMzNkNzMwIiwidGFnIjoiIn0%3D
webapi.dir.bg/	1970-01-21 00:38:28	Name: laravel_session Value: eyJpdiI6InZYZ2FMVHpnTExzQmJqaGI1K0tXV1E9PSIsInZhbHVlIjoiZ0RUbnBVaFJORXBUVzJydUVza0VMeWVCM3doaEVPZy9ha3F6YzlUK3czUnFlcFNYSGNoNS9ZM0NJMDI0c29LRVZOMVdWdjdQWlpOZHo4bENKSjhobnNXRGdZeklFTHliRnpyb3NXajRYMnRJNXFIMXcyYlI0aDR6YjFWQlhuRTIiLCJtYWMiOiI5ZTZiMzU5MGY5ODU1NTlhODk4N2Y0NTFkNGUyNzJiYzcxODAzYWMzYTZkMWM4Nzk4OGMyYTU1YzVlMGJjYTE2IiwidGFnIjoiIn0%3D
.dir.bg/	1970-01-21 00:38:22	Name: __io_d Value: 1_1388642605
it.dir.bg/	1970-01-21 09:23:57	Name: __io_lv Value: 1730301404795
it.dir.bg/	1970-01-21 09:23:57	Name: __io Value: 70e4f10fc.cd86bf426_1730301404796
.dir.bg/	1970-01-21 00:38:23	Name: __io_session_id Value: 8322707c8.ceb067002_1730301404798
.dir.bg/	1970-01-21 00:38:22	Name: __io_nav_state25984 Value: %7B%22current%22%3A%22%2Fweb%2Frusiya-globi-google-s-2-5-detsiliona-dolara-tova-sa-usd2-500-000-000-000-000-000-000-000-000-000-000%22%2C%22currentDomain%22%3A%22it.dir.bg%22%2C%22previousDomain%22%3A%22%22%7D
it.dir.bg/	1970-01-21 09:23:57	Name: __io_unique_25984 Value: 30
it.dir.bg/	1970-01-21 00:38:22	Name: __io_visit_25984 Value: 1
.etargetnet.com/	1970-01-21 00:38:25	Name: p Value: 80582
.etargetnet.com/	1970-01-21 01:22:59	Name: euvh Value: R
.etargetnet.com/	1970-01-21 09:23:57	Name: ckf Value: 1
.onesignal.com/	1970-01-21 00:38:23	Name: __cf_bm Value: GWu2QcIrWYf4XvRw4fJg2mQJtTC2KcC9uv9SPaK9EqA-1730301405-1.0.1.1-jaIh4Wa21dwRJnXPi66RGRZ6g5pwkdLnzc6.oO6dDnwfM9beMd_a8xX1cFWn_OJUmiBwGaBBlQoPPxhIemu5aw
www.clarity.ms/	1970-01-21 09:23:57	Name: CLID Value: 3d7bf492bd164d6e8720f73ac3f64cd7.20241030.20251030
.dir.bg/	1970-01-21 10:07:09	Name: __gfp_64b Value: rNZnn4IKOBGDyEGc6eB4FqVhigRQ_fLac6Xxi6mENlb.r7\|1730301404\|2
.hit.gemius.pl/	1970-01-21 10:07:09	Name: receive-cookie-deprecation Value: 1
.dir.bg/	1970-01-21 00:39:47	Name: _gid Value: GA1.2.1140941664.1730301406
.dir.bg/	1970-01-21 00:38:21	Name: _gat_UA-436010-11 Value: 1
.it.dir.bg/	1970-01-21 10:14:21	Name: _ga Value: GA1.3.1863221803.1730301405
.it.dir.bg/	1970-01-21 00:39:47	Name: _gid Value: GA1.3.1140941664.1730301406
.it.dir.bg/	1970-01-21 00:38:21	Name: _gat_UA-436010-32 Value: 1
.dir.bg/	1970-01-21 02:47:57	Name: _fbp Value: fb.1.1730301406486.38347366838220096
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: QsRVhZ8bEhk
.youtube.com/	1970-01-21 04:57:33	Name: VISITOR_INFO1_LIVE Value: QPpG9qu2L6o
.youtube.com/	1970-01-21 04:57:33	Name: VISITOR_PRIVACY_METADATA Value: CgJVUxIEGgAgRQ%3D%3D
.dir.bg/	1970-01-21 09:23:57	Name: _clck Value: 1keeadq%7C2%7Cfqg%7C0%7C1764
.doubleclick.net/	1970-01-21 10:14:21	Name: IDE Value: AHWqTUk0zjw84OHxGilmtVVvFzrGUUKxa69OCcUqqXHWX_1aquUqdnOTwc6hGb373ts
.dir.bg/	1970-01-21 00:39:47	Name: _clsk Value: pttoqu%7C1730301408504%7C1%7C0%7Ci.clarity.ms%2Fcollect
.doubleclick.net/	1970-01-21 01:21:33	Name: ar_debug Value: 1
.doubleclick.net/	1970-01-21 04:57:33	Name: receive-cookie-deprecation Value: 1
.dir.bg/	1970-01-21 00:38:21	Name: _gat_onn_tracker Value: 1
.dir.bg/	1970-01-21 00:38:21	Name: _gat_itdirbg Value: 1
.adnxs.com/	1970-01-21 10:14:21	Name: receive-cookie-deprecation Value: 1
.dir.bg/	1970-01-21 09:59:57	Name: __gads Value: ID=4d4fe141211f0f17:T=1730301407:RT=1730301407:S=ALNI_Maj3cuV4jWDO7xhoCtT5J3AznHQrA
.dir.bg/	1970-01-21 09:59:57	Name: __gpi Value: UID=00000f632d5e975f:T=1730301407:RT=1730301407:S=ALNI_MYC11wBrYY4Xn2FF0P_sFiQvgiqEg
.dir.bg/	1970-01-21 04:57:33	Name: __eoi Value: ID=1a90958ea5d39a2b:T=1730301407:RT=1730301407:S=AA-AfjZuWMjcjHlSgm2IlF0hMImg
.contextweb.com/	1970-01-21 09:16:45	Name: VP Value: part_fwxc9wJ3a5sz
.contextweb.com/	1970-01-21 09:23:57	Name: pb_rtb_ev_part Value: 3-1uhm\|7Bj.0.CAESEA6OQ35qlQN4vYjJR7gawpk
bh.contextweb.com/	1969-12-31 23:59:59	Name: INGRESSCOOKIE Value: 14a5d0deb4bed00c
.3lift.com/	1970-01-21 02:47:57	Name: tluidp Value: 4514959800768253892963
.3lift.com/	1970-01-21 02:47:57	Name: tluid Value: 4514959800768253892963
.uuidksinc.net/	1970-01-21 09:23:57	Name: jcsuuid Value: KBFB0s7b62pK4U0S67M5
.casalemedia.com/	1970-01-21 02:47:57	Name: CMPS Value: 5072
.adform.net/	1970-01-21 01:22:59	Name: C Value: 1
.casalemedia.com/	1970-01-21 09:23:57	Name: CMID Value: ZyJN4rmqPl4AAGOXAXCTRQAA
.casalemedia.com/	1970-01-21 02:47:57	Name: CMPRO Value: 5072
.adform.net/	1970-01-21 02:04:45	Name: uid Value: 3896061099948909593
.yahoo.com/	1970-01-21 09:24:19	Name: A3 Value: d=AQABBOJNImcCEB-g2DdYygnbEENkZMl7kgcFEgEBAQGfI2csZwAAAAAA_eMAAA&S=AQAAAm2SpUEkqXhYn_YWXYfdTBA
.dir.bg/	1970-01-21 10:14:21	Name: _ga_74752H7V8Z Value: GS1.2.1730301404.1.1.1730301410.54.0.0
.dir.bg/	1970-01-21 10:14:21	Name: _ga_9JWJPCQ37V Value: GS1.1.1730301411.1.0.1730301411.0.0.0
.dir.bg/	1970-01-21 10:14:21	Name: _ga Value: GA1.1.1863221803.1730301405
.dir.bg/	1970-01-21 09:23:57	Name: FCNEC Value: %5B%5B%22AKsRol-8gUrkR515xmN4OuP3k7947HhHtcnkVnpEifP5NIFhtDFRDjgk0LqSi6IBViI8QmE2LJ9pyTEvGrnXkrFNzq0jdUzweJETKqGelmcmItOxQnqOv5K1Syy7JqQ4Ovv3eEZfMwbZr5_YEgyj-4U4nwyR7HqzAQ%3D%3D%22%5D%5D
.dir.bg/	1970-01-21 10:14:21	Name: _ga_B1XSRWSHN4 Value: GS1.1.1730301404.1.1.1730301411.53.0.0
.blismedia.com/	1970-01-21 09:24:01	Name: b Value: 67224DE3D973BF70683C234DBLIS
.media.net/	1970-01-21 09:23:57	Name: visitor-id Value: 3733030117710741000V10
.id5-sync.com/	1970-01-21 02:47:57	Name: id5 Value: 941f4ff3-0197-7c89-8bc5-523c07913136#1730301411900#1
.onnetwork.tv/	1970-01-21 00:38:22	Name: nv32939 Value: 1
.onnetwork.tv/	1970-01-21 00:38:21	Name: nd1403 Value: 1
.onnetwork.tv/	1970-01-21 00:38:22	Name: nv23099 Value: 1
.onnetwork.tv/	1970-01-21 00:38:21	Name: nd1215 Value: 1
.onnetwork.tv/	1970-01-21 00:38:22	Name: nv35455 Value: 1
.onnetwork.tv/	1970-01-21 00:38:21	Name: nd1975 Value: 1
.onnetwork.tv/	1970-01-21 00:38:22	Name: nv27657 Value: 1
.onnetwork.tv/	1970-01-21 00:38:21	Name: nd1697 Value: 1
.onnetwork.tv/	1970-01-21 00:38:22	Name: nv33171 Value: 1
.onnetwork.tv/	1970-01-21 00:38:21	Name: nd1774 Value: 1
.onnetwork.tv/	1970-01-21 00:38:22	Name: nv43731 Value: 1
.onnetwork.tv/	1970-01-21 00:38:21	Name: nd2101 Value: 1
.onnetwork.tv/	1970-01-21 00:38:22	Name: nv25028 Value: 1
.onnetwork.tv/	1970-01-21 00:38:21	Name: nd1321 Value: 1
.dir.bg/	1970-01-21 00:38:28	Name: XSRF-TOKEN Value: eyJpdiI6IkQ5Z2k5Mk14blZHaVhjU2dhWVwvNWN3PT0iLCJ2YWx1ZSI6ImZ6ZE1uaG5RWFNMVURBYUVEK1didW8rTUk5SVROMmplZnR1WWkyTEZLWFQ3OGZNRURPOWNFMkNlaURCa2hZVEtJMDZGV3RrQlZmc1dKc2hQZks1b3dRPT0iLCJtYWMiOiI3ZmRhZjQwYjA3MDkwZDU0OWExMmE0MTFkMjZkZTkwZWM4MTkyMDI4ODQwYmQyNjYzYjczOWNlNDQ0MzE2NTM1In0%3D
.dir.bg/	1970-01-21 00:38:28	Name: dir_session Value: eyJpdiI6Im5oT1hKakphWnA0Sm5QRUVDTXEzQnc9PSIsInZhbHVlIjoiZEQyVk1Jc0xiQ0JxNEZYK2FGS0pPWVRzbHpuZWFnTVlpZkFqU1hGKzYwRkpLQ1VTUFB5XC90QVE0ZGhcL1F5ak9rMjFMaVdLeXFXNlwvdFRsQ3BJSENtUVE9PSIsIm1hYyI6IjA2ZDY1NWM3NjVhODYyZDA4YjkyOGQ1YWZhOTg2ZWQxMjAwMjY3MjBiMDE0MjNjMTFiZDQyMWVjNDEwMWI5M2QifQ%3D%3D
.hit.gemius.pl/	1970-01-21 10:07:09	Name: Gdyn Value: KlSzcMXGQMGGPMwOf0V57X8UssGMF14cL6nxmGtc5kCPbJaUGsRP0eKiGKGGqx6EgGllle82GGUrxFs_fA1GsG..
.hit.gemius.pl/	1970-01-21 10:07:09	Name: Gdynp Value: 1rAhZeIFIKLYRkK2163LRb_15C5CG.FDiYDD4P5DVvD.a7
.bg.adocean.pl/	1970-01-21 10:07:09	Name: GAD Value: KlSnBMGGQMQGv4lapQCW7X8UssGMD14cL6PxGsRP5xlwaGQsG0gRi7yGtoEtFlM1-H8PljxaqS9n8xBGs2Fz04fo8YwGwTodKYFqMmmaierxsG..
.onnetwork.tv/	1970-01-21 00:38:22	Name: nv27959 Value: 1
.onnetwork.tv/	1970-01-21 00:38:21	Name: nd1754 Value: 1
.bing.com/	1970-01-21 09:59:57	Name: MUID Value: 07D18576062464223237905E076D6504
.c.bing.com/	1970-01-21 00:48:26	Name: MR Value: 0
.c.bing.com/	1970-01-21 09:59:57	Name: SRM_B Value: 07D18576062464223237905E076D6504
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-21 09:59:57	Name: MUID Value: 07D18576062464223237905E076D6504
.c.clarity.ms/	1970-01-21 00:48:26	Name: MR Value: 0
.c.clarity.ms/	1970-01-21 00:38:22	Name: ANONCHK Value: 0

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://it.dir.bg/web/rusiya-globi-google-s-2-5-detsiliona-dolara-tova-sa-usd2-500-000-000-000-000-000-000-000-000-000-000(Line 2281) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://video.onnetwork.tv/widget/widget_playlist.php?widget=815, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://it.dir.bg/web/rusiya-globi-google-s-2-5-detsiliona-dolara-tova-sa-usd2-500-000-000-000-000-000-000-000-000-000-000(Line 2281) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://video.onnetwork.tv/widget/widget_playlist.php?widget=815, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
am-match.taboola.com
am-vid-events.taboola.com
am-wf.taboola.com
analytics.google.com
beacon.taboola.com
bg.search.etargetnet.com
c.bing.com
c.clarity.ms
cdn.jsdelivr.net
cdn.onesignal.com
cdn.onnetwork.tv
cdn.onthe.io
cdn.taboola.com
cdnt.onnetwork.tv
connect.facebook.net
dcd4f76b77ad35947ee38d0cd584be32.safeframe.googlesyndication.com
etargetcdn.com
fonts.gstatic.com
fundingchoicesmessages.google.com
gabg.hit.gemius.pl
i.clarity.ms
i.dir.bg
id5-sync.com
il-trc-events.taboola.com
images.taboola.com
imasdk.googleapis.com
imprammp.taboola.com
it.dir.bg
lb.eu-1-id5-sync.com
ls.hit.gemius.pl
onesignal.com
pagead2.googlesyndication.com
pahtag.tech
palibzh.tech
pm-widget.taboola.com
prebid.a-mo.net
pubads.g.doubleclick.net
s0.2mdn.net
securepubads.g.doubleclick.net
static.dir.bg
stats.g.doubleclick.net
sync.taboola.com
td.doubleclick.net
tpc.googlesyndication.com
trc.taboola.com
tt.onthe.io
video.onnetwork.tv
vidstat.taboola.com
vidstatb.taboola.com
webapi.dir.bg
wf.taboola.com
www.clarity.ms
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.temu.com
www.youtube.com
pagead2.googlesyndication.com
104.16.160.145
116.203.212.0
13.107.253.45
13.74.129.1
141.226.228.48
141.95.49.8
142.250.184.202
142.250.184.232
142.250.185.130
142.250.185.138
142.250.185.162
142.250.185.195
142.250.185.196
142.250.185.97
142.250.186.142
146.59.30.100
149.202.118.64
151.101.1.229
151.101.1.44
151.101.193.44
157.240.0.6
157.240.252.35
162.19.138.82
162.19.138.83
163.5.194.33
163.5.194.36
172.217.16.206
172.217.18.1
172.217.18.6
172.67.138.21
172.67.71.201
172.67.73.79
185.106.33.48
188.114.97.3
188.165.21.156
188.40.115.112
194.145.63.12
194.145.63.126
195.168.10.173
20.157.217.65
204.79.197.237
216.58.206.78
216.58.212.130
216.58.212.162
4.153.72.49
64.233.167.154
78.128.6.34
88.203.154.237
00ab97c4c835db9464073d0fca13f42d129767bc79a30af9a23a738e9fde8e1d
01d7d866a3c8fd49ac882c92e7b426970d228edd3d75d6791352ee05f1b899d9
02aa9c10f662c5290d2e484d2e5fc8e849745b16026b2f387ca7ba047bee9617
02c257dae1f6efc6c288d9c0d9982cad06057e2babb61a4e66e58934019cebf3
037236ed4bf58a85f67074c165d308260fd6be01c86d7df4e79ea16eb273f8c5
0407dafc112212a135d1aa4dd9b40ba0208c6bb6b1959f5535af093254189d66
079a335a75150516814bfd7ba09040e2974ace63551a4254d71d04a2a5aa0421
0817a8ea1198e785ba0c94f90919f1ce6d81e9b6e1a8a10ddc2a32117b18ae14
086c5c6deed0d7744cea43c54cafcce9f8e27b4f4980d907d20563222381db22
09927bd9b2fa386b64a1b49e07412547a0b979b07452d096982eb2946a64c4f7
09fa04e84d7038cc32f19bedcba454b9e637a35f4de496e8ec9148c47550f0fc
0d27ce1d6ad9d75eae40b873db98cbc0e0cb31bfd5fbe99f6ea0a115ee8d2b40
0e4461134509ed487e2f27433d6adaf4d0b6d81331266382289ded4f4b56f68f
0f1fdcc19c664fe64cd7ab8cac56ab50d8555a2aa453bffce61c5bad705a019e
1287b4c6427119cabf899a5ea898f81e831a2742614813a3302f671690b399c2
12af7975664854ca36da674714083fa05297940fce71e42dabf688e2eb19a0f1
13be9007734de4893f91088187df172f6457850de7e7c7f13d6f9d1a028b07de
1740de693e9dbcecbbd4eb3d019a6d93c19897cdaa8b008a4522ea0b2f8a17af
1b1720261d3e2c633f3ac043924ba179a8e8699081228190a2453c78de80af1a
1bcfdfe9266940aded2d46060ba667d0067727f9fd65982d7f9e34e41271f5ad
1cce0a559204d832636511c69d7894292fd0e0507671819df68fbaccfcf058d8
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1d874078e6f1d48bc3dbab689a212081a7cf455e9041bf8466f3b07055bd15a5
1e10fae6e98f6bb2f350e3c0743bed0a6c9befe1b650fdd9fb8e58311923170c
1fd7ffe96568ca9d0a961de7c7ed22c4b4ba0ea05e3ba9e6ae7d5d0d8f079e07
1ff99e35dfa6c7a652a0048c9db5d2ea77348d82bdc063b96064584cbeee91f4
2375bbf1b1dba1c40f4e5544a08b3ddcc5eda294e10a854b15eb2a729f5cc8a0
24729bcc117eb0bb8aa67414fc1f85c571ed2d36391ef9b7eb28e5b78e22a184
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2af908ce6e25fcb29cbc1e5a4d79209089e4d37e9f4e3bb792b8ad9d712ea417
2d25662a3c32460cfb691858a85f6c11956413c9d2c2a4506569140ab404dbb7
2f4786d2f252a031c191224845760d72646c0cbd42b7a049485735f80b6c11e0
3244a6013359f166b6c5cb3f2f4b8def9be52dc11a734970d67f8d9a664f3c87
3441ca9bd1f9a6a653bbfc4cf5c2f93ee33e525b9f3e5fd112beb2cc67e82c42
346c66e4f479f4a17ed1401f493c41c4c36b694580749098da5224e7707ed994
392c32f20b9f867852a946a6ed1c5e21476df9619083548b6585d80a3b5f9bd4
39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618
3c782c22111e19f40582e08353f33f78fc0b10bbaeec1a782636838b416851b2
3e452fabf33339a3fb6444f8189f5332d6f50bd965755a0adf60f90c1591baae
4310f5f7e052cc8de2b85fbfedf3f7a5343688c9d574485682729fc2c99e6912
4329f55522d8524eef91e6e8aff555a3b677e95eb964ae091a0bd82a80279c23
441ced4ec9a868ff6c0ee069edac49f28428bfad7070d7d1eb784ebaf976f1d3
44addf4d12141260ee5bb6781276706bfda259fa8cd46aa91e6b276d01549eed
463095508653741346dd8625315cf169d5617d637079219a562e715d0e0230cf
49dd4046728bbc2bf3b18f8ec2b828507163ff7e081a985ab9c97cba3f2f4609
4a32751e0ab1f6ceadf364a168f8a8011c13be44a2d5e86ddf9222571b7a0e1e
4bcc504ca5f2d5cd6d1c7fb43c97ae24a3a2c5f40505dd4582c10ba84b16a6cf
4cba72939763503c249de189f7c92adb22f4395d28f8cffd4e2c60b67d5e824d
4e10ac6971987ed895030639152183f509f082c6953e276412451db4f20c6247
4e8502369d93afce35fc90d72056e6385b8139fcb0cb43e7cfb3f7a0bf624879
50ae46fa7e695109b25176a1174ac6b65cf92735ee0724331b83c54b1ab5e452
517186720a3a19c9d0c308555336b46fe6604261baa99812dadbc5661bd908fe
521410e1fc44780061e09adc980275fb5ea277fd5d9e538454214ec4379ff4bc
52eb832f61eefbfbd7423da4bbd4cca9bf998273c5f4ae13c124bc7e519b3cb3
5702c27ea7b32888e99a2c14b172f9bcd56928d9674c1ca6a86d594c6b6fbdd3
594b7ba2d6b9573b8cef9246ce03b69effadd5fbc7f7bcfe34f3003c760be201
5b9cfa0283d9a9f6a909df2b61c9933c11130343f08aec96cdd8f49c29972526
5df9a4d557038fac630c413b57fb9b2f00c6a236368f04110c15b4683a3744a7
5fd04b1f03d14ca877ea4ca5a7e8eabdd914e48274ab007901c34b5b267e8ba9
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9
606c81c4a0710a30c2a0cc0b9925b652b105b5fd85c98c39223e61fc4a9f88d1
60c0d15fc1b264271df7312a5b967236f7b059dc861f1f855630e6c3133014d4
612f5671b497785b099aa6c3b4d99f3e42ab3914f9d2a3a59d3b75825442c009
6212a4c6fd9be62d0795e3957471693cb344af6f21c2bbe0e957f3ed82520f1b
62537c22a68afd8f5a3c2cc01c47f17aa579f4e8c89236870450209a7b316ad9
635b2814dbecb78302d05c529bf175ef815ef51e7c344769247896504843b731
668c6828672fa8600b7a0632cb328ee63a31361be6734987b04985fcd9d08d4f
66f9d28a146b1531e511a9d08af2064962a3cd05389dca6524d5aadc9710069d
675273ab840af8730e36111c7aaa472430744df37db6585a9a4781a60cbf7e66
6ad2e6e18b794883e69a31f63cd2cc9f49e17e92ceb5749c7430d358009c9e37
6ae43f83b6230109a5385b7ad5999186e33f758a3b7258cfad621472a76cdc4e
70f3ed2a91f047582239d5f8a2938a7e789adc9b12a4cc669b82e83c5afbae3f
73a2a6fee49beaf372d9c9d1515111350375d4592b1b96a7feac2e1b16135cd9
7479c086219ad4c45c6c56e19449ffb0eb6c4fa95eced8371639f79563a53ffd
75f411aa19f3ef920633e5dac846299b246e21931b02dd42e104897a34ed7b5e
76fdd26bde513ce5d0f0608f6a61a2e83cf7be2072306fc38737a32fbe733e61
7845caed98658fb3ae49a1e2990a9034175fcc6fe0299e149a8b6e87a87d8ff2
785d3e9ea187b7242e1a4365a48c3fd95dd7a469245d24c6769b8d46c4ef4b81
795d12439d0e6f0382f8687d6599a2e72cbf51e6806e224069a77281bfd7cbe8
7d331163f1b3d1f8ff75bcbcdd2abeecf34d4f8f7ed45dcfb5c5236189314fbc
7e944dee615571f80a8bd93892f886d18e735bcc2bca3d4b25dc91f902fe27c7
800504ae0c6cb20f09431abd11eb43d4568e73e404b4401cd48db7bf1094b095
82edbdabf49d8335e340a3ff29bf54cbd0e7ff7cf3ecf25e2c1473976ed2e235
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
856b3145e02f0e524c57ac7238edd80b1d73cf0377724f0ed003a7bd3bb27485
87be2c37adc8ce6d9db0190d8b4df1f0c95b334bc4d53346a881576c19437b03
8a102873a33f24f7eb22221e6b23c4f718e29f85168ecc769a35bfaed9b12cce
8aaf48090e1e50aea288dbe3a617ddbdf04513e3becdf15c613dd92a65140464
8bd16ff33fa7406a27fa4667c77fa1f2ffd27d87a55bb7a9c18f3260c4e04936
902c7c323004930723b138955e53ca73a7483efb8c419a84e800887d05d0dd2c
924b0dc630d1c5dff9fa31aead9509775b1d476bfe0a5ac2977b2f11205a26ac
939919488f3ad816cb78b5d032ae673c1c02c88b238cfdb6e1328cd5d04d7947
95cff06b2188e9fb38c774b3c871801062faa87b79059b947a642558f937c713
96fc0d1e441d5f5e63e08994a1c80ddc5de0e06afd0e9f367ef6347b8ebec886
98cdece9a68a5781c34c6b30d9a27b91a90a950107d3f4efda807342675dd196
997171edfb423b814583106272eaf73b501ca61634e99ddbd63a7315e7b6c0d6
99c1f5e177c86e97f413f7fa3e49cedcd293a91f29e310193084d66958b75fa8
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9c6e73bb1b9dffc6f1f145be73bbbeaff0a5a5ea3059a0745add02f47e31c833
9d49ffb2d1eb78628166257bad0f24a773b8b6d9b227e668e19f629059555bf9
a010b8ae2ebe6624db631065af211edf983cfab405472a6ad0a1ab6f5690e039
a433bb9fee025a71010336e57c615461ed456d8f25f74e991512861059508ebf
a53c43f834b32309b084ea9314df8307e9c78cee2202c6e07f216ae4ae5b704d
a5ba8bb49381a7680d39e719466e2d64e61fd60f174c701809e8a8e32b639397
a607b3c3e0d09d7f339e0035f16f99bf93637dee0eb27b2b9c447701fefa2ace
a78b3603d762428caba2ef21674e4d47fbc4e7496292b28f845ba7372849360b
a7da9d98e20d9a2389b643174a0ccf61416a7fea401c3b2da8803498873df755
a7dfb55d99ad45a314e07728ffdf31897336d4a787d15b621d8c5f6add40ae9f
aa3d5cf005811a8064605669c847e47f3839868168011cf51d506ef5f075f490
aa5ab198a4dc6bd735732c995e91fc85cab8fd41d5ec9cfba80490c6d3eaa38a
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
aaedb5d7e4175b9d1b6d27aec5266c74459881278ae1c9c693030acb6a16883e
aaf94c00c035a03afa3dc57fc64c5a58f18f889985f0a352f528c32e16d461f5
abe84fb0dd2465151983b50314688b1c0193cddc1167a2fe6ed312fc40ffc523
ac19768203fc63f4d181c59b00f5831d6ac5757b37db381fe2896de5275ee195
adabd389d3390337abf62cc9935c593988a55a1ec75a648241afbb9e74e87090
b1d09d7511ad5c58bc9acdc903557f78a9ca154b8bf01839b08045cb9fe8b310
bce4b47b8fc12de49fac0a00e9039e38aa568aba0ee9154b93d20465f0289cfa
c0e96f1414cf54d470bbfe273bc19e708714e53e7aea830a14bb44a31da42998
c28f77756a621fd01694290c3f16afb99ad9ba2530101829d83b3faa5cdf0d7c
c2a025d30e2117e1751c68b261151e00f7fde103a650827c1d2ad4aa86a62008
c387cbd6f40acc8d2de4be4f8fabe5995705777fa082ac165d0e29855b4c7e5a
c523fa9424cf69a0550f92a7cf1497ecb6c629ec77bb3e5ae69e2098cc8a9ded
c79c17da0cd71ab85cbb54652bb12d3fe6a3c49e5f161c0acf1f38dac83e93ae
c9305d08078287e373ca1e0121e5b275d15668c6d5cc28257a26a5004aa03202
cb76dd99f52d15f4a94f06ef1599c0729fd3d6652cadcbc16230a7a49cf5bcae
cb8a888b0d989640632bbab7932e1439eccbef5b3afe44715caee7325314f4f6
cbe49f1f275e3369ce4bc7c00266c4c0b543c94a44c8701788eac98f8715f32f
ccbbf6259b19d6bc08cca109137b661e362c77646920aadd27bf9289d7747351
ccbfbdfc47289a7f92f56d75486f4cddabe809ff4a91c293188718ed5393ad9e
ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2
cd4669ffc288f7dab848ac5dc7970336917530b49d415914bb8876b5e9dfaea1
ce77d551725ebfe61cb29c03481707fa6ee98174ab7ed1777d9e42f627de42bd
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d2098b74818eaafe4cd391aaf3f8128433df2f3fed0a64a78d25c81df15a77eb
d46267017907a9f4de45a4d9fbd2621e61ee1771e7c788f1ea3ede87f89d512e
d4d18e8a76cf114e4e855801c3afd746bc7c67ac727be659800dae087d622053
db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
de4b4d887b4960dd252d0905df0bf7f39a309cc6d4fa7f6a7fb9b2252b143c29
e04e5f4c1b8166c7b1f1257af27a56ad5a1ac203b9af771a99eb83afc3a9d271
e105d933db2e23166c26d5bb962a49a4547a506cefe7943d04596b652f24b1d6
e169f1be2635f22741710d738e2982e267bb15ceebb5ef7e16bcb87fa9d6ca8f
e230ff12616d4d17cff047ecd25f0b17f06fe822e772a60ccb2a7c769eecfd2a
e3796a05f7941da01a8b3f4aa1ddf511c9ea5d1e659c8b7a2d710e71b4c170a3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e594de944b401a1541582548f83ce8790d4a5628a7dcac9094f8a4b056ecfc63
ea73c732d420c5e904169ab4571f2a2dfd96fd64dbcab7d0223180eff02ca569
eab5ef44dfc7032d4a9273d3750685ca3413aada1dc391e8e45c4f5abeea778d
ec8b1b07980996f574075e1b7e895d5d47794b9dcf345a68d60fbb17034f7bef
ed13419b010c8657dd97ff2bdd59b1a74653ed9d47c0debfdce58c8e3a7a6114
eeb7bcad621ca7e0801ec0fcd8c6e76bba49a49349e9b75539d73934d4646a17
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0b3a7bcec27601aa8a0c8fbe6f89b3addf845e2ca0f4f4e55189cefc1caae83
f439ac264af641a6a0bc606abec9ecba41d51dc67e86e8f4134d45f6669bbad7
f4a5087b40606dda226f932518ab9c926f9f61d3f7628f4e0dfa4c743e7416af
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
f7fb835bccfe6ea033f86ae1e6967cc155911b2c3548d3dba92149db7fd0eb31
f96415feb68462fc5e05472263b04bc5c9b2288ada5186b5891aecb0bccf5e60
f9eb538f15ae4d2e4cb9ed5e460819a92c66466a1b3fa270a1109819f80695e5
fca6f31e1377cee31da3ef34a8b95a329d7d83eaf72305d89910f29162266472
fcfe6b9b65bd90f718f2f0f80a12dae99a3108cbd3bb2ea32e9ebe0348ace7c5
fe7c2df0e7e6e53bcc8dce017b23e6126984e613d1b9005ec25ad66568ebe568
ff3de130872fe0fb5b770dfa2bc9f0daf8ab320403a34a60d089436f08d24f99
ffb1f5425f371e9637f9624cf12df4fb6af972e901bb8cb3fb25e291b1b8cf93
ffc32b1a5c653898d629be50628bfa72f70cac406bc082b4443600081da46e71

it.dir.bg Open in urlscan Pro 172.67.71.201 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

248 Requests

98 %HTTPS

0 %IPv6

28 Domains

59 Subdomains

48 IPs

9 Countries

4872 kBTransfer

13928 kBSize

84 Cookies

100 Outgoing links

Redirected requests

248 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

it.dir.bg Open in urlscan Pro
172.67.71.201 Public Scan

Screenshot
Live screenshot

Full Image

248
Requests

98 %
HTTPS

0 %
IPv6

28
Domains

59
Subdomains

48
IPs

9
Countries

4872 kB
Transfer

13928 kB
Size

84
Cookies

248 HTTP transactions
0 data transactions