rokgrupi.start.bg Open in urlscan Pro
194.12.229.104 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://rokgrupi.start.bg/
Submission: On December 22 via api (December 22nd 2024, 2:05:40 pm UTC) from US — Scanned from CA

Summary HTTP 130 Redirects Links 46 Behaviour Indicators

Summary

This website contacted 36 IPs in 6 countries across 24 domains to perform 130 HTTP transactions. The main IP is 194.12.229.104, located in Sofia, Bulgaria and belongs to EVOLINK-AS Evolink AD, BG. The main domain is rokgrupi.start.bg.
TLS certificate: Issued by R11 on October 18th 2024. Valid for: 3 months.

This is the only time rokgrupi.start.bg was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
60	194.12.229.104 194.12.229.104	8262 (EVOLINK-A...) (EVOLINK-AS Evolink AD)
5	142.250.65.226 142.250.65.226	15169 (GOOGLE) (GOOGLE)
2 4	194.12.229.102 194.12.229.102	8262 (EVOLINK-A...) (EVOLINK-AS Evolink AD)
1 3	52.209.34.152 52.209.34.152	16509 (AMAZON-02) (AMAZON-02)
2	31.13.65.7 31.13.65.7	32934 (FACEBOOK) (FACEBOOK)
3	151.101.129.44 151.101.129.44	54113 (FASTLY) (FASTLY)
3	142.250.64.104 142.250.64.104	15169 (GOOGLE) (GOOGLE)
3	142.250.81.238 142.250.81.238	15169 (GOOGLE) (GOOGLE)
14	142.250.80.110 142.250.80.110	15169 (GOOGLE) (GOOGLE)
2	74.119.117.17 74.119.117.17	19750 (AS-CRITEO) (AS-CRITEO)
1	151.101.1.44 151.101.1.44	54113 (FASTLY) (FASTLY)
1	64.233.180.84 64.233.180.84	15169 (GOOGLE) (GOOGLE)
1 4	78.128.6.42 78.128.6.42	31083 (Telepoint...) (Telepoint Telepoint Ltd)
2	31.13.65.36 31.13.65.36	32934 (FACEBOOK) (FACEBOOK)
2	216.239.34.181 216.239.34.181	15169 (GOOGLE) (GOOGLE)
1	142.250.31.155 142.250.31.155	15169 (GOOGLE) (GOOGLE)
1	142.251.40.130 142.251.40.130	15169 (GOOGLE) (GOOGLE)
1	142.250.80.3 142.250.80.3	15169 (GOOGLE) (GOOGLE)
1	151.101.129.229 151.101.129.229	54113 (FASTLY) (FASTLY)
1	104.18.28.101 104.18.28.101	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.96.70.87 34.96.70.87	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	108.138.128.46 108.138.128.46	16509 (AMAZON-02) (AMAZON-02)
1	104.22.53.86 104.22.53.86	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	18.164.109.182 18.164.109.182	16509 (AMAZON-02) (AMAZON-02)
1	34.102.146.192 34.102.146.192	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	74.119.117.4 74.119.117.4	19750 (AS-CRITEO) (AS-CRITEO)
3	142.251.40.161 142.251.40.161	15169 (GOOGLE) (GOOGLE)
1	162.19.138.119 162.19.138.119	16276 (OVH OVH SAS) (OVH OVH SAS)
1	142.250.65.194 142.250.65.194	15169 (GOOGLE) (GOOGLE)
1	52.45.239.128 52.45.239.128	14618 (AMAZON-AES) (AMAZON-AES)
1	146.59.30.96 146.59.30.96	16276 (OVH OVH SAS) (OVH OVH SAS)
1	35.190.39.111 35.190.39.111	15169 (GOOGLE) (GOOGLE)
1	142.250.64.98 142.250.64.98	15169 (GOOGLE) (GOOGLE)
2	142.251.41.1 142.251.41.1	15169 (GOOGLE) (GOOGLE)
1	142.250.80.100 142.250.80.100	15169 (GOOGLE) (GOOGLE)
130	36

60 194.12.229.104 (Sofia, Bulgaria)

ASN8262 (EVOLINK-AS Evolink AD, BG)
PTR: www.start.bg

rokgrupi.start.bg	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
start.bg	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.65.226 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s73-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 194.12.229.102 (Sofia, Bulgaria) 2 redirects

ASN8262 (EVOLINK-AS Evolink AD, BG)

dnes.bg	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.dnes.bg	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.209.34.152 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-209-34-152.eu-west-1.compute.amazonaws.com

secure-it.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 31.13.65.7 (Lithia Springs, United States)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-atl3.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.129.44 (San Francisco, United States)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.64.104 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s31-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.81.238 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s74-in-f14.1e100.net

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 142.250.80.110 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s36-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 74.119.117.17 (United States)

ASN19750 (AS-CRITEO, US)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.1.44 (San Francisco, United States)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.233.180.84 (United States)

ASN15169 (GOOGLE, US)
PTR: on-in-f84.1e100.net

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 78.128.6.42 (Bulgaria) 1 redirects

ASN31083 (Telepoint Telepoint Ltd, BG)
PTR: ip-6-42.telehouse.bg

gabg.hit.gemius.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 31.13.65.36 (Lithia Springs, United States)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-01-atl3.facebook.com

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.239.34.181 (United States)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.31.155 (United States)

ASN15169 (GOOGLE, US)
PTR: bj-in-f155.1e100.net

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.40.130 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s80-in-f2.1e100.net

td.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.80.3 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s33-in-f3.1e100.net

www.google.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.129.229 (San Francisco, United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.28.101 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn-ima.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.70.87 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 87.70.96.34.bc.googleusercontent.com

invstatic101.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.128.46 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-128-46.jfk50.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.22.53.86 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.164.109.182 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-109-182.jfk50.r.cloudfront.net

cdn.prod.uidapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com

oa.openxcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.119.117.4 (United States)

ASN19750 (AS-CRITEO, US)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.251.40.161 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s81-in-f1.1e100.net

96be86e24598c8b1d2cfc3e50bb8e199.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.119 (Frankfurt am Main, Germany)

ASN16276 (OVH OVH SAS, FR)
PTR: ns31533570.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.65.194 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s72-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.45.239.128 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-45-239-128.compute-1.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.59.30.96 (France)

ASN16276 (OVH OVH SAS, FR)
PTR: ip96.ip-146-59-30.eu

ls.hit.gemius.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.39.111 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 111.39.190.35.bc.googleusercontent.com

esp.rtbhouse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.64.98 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s31-in-f2.1e100.net

ep1.adtrafficquality.google	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.41.1 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s40-in-f1.1e100.net

ep2.adtrafficquality.google	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.80.100 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s36-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
60	start.bg rokgrupi.start.bg start.bg — Cisco Umbrella Rank: 482951	204 KB
17	google.com apis.google.com — Cisco Umbrella Rank: 121 fundingchoicesmessages.google.com — Cisco Umbrella Rank: 695 accounts.google.com — Cisco Umbrella Rank: 17 analytics.google.com — Cisco Umbrella Rank: 142 www.google.com — Cisco Umbrella Rank: 3	185 KB
7	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 218 stats.g.doubleclick.net — Cisco Umbrella Rank: 135 td.doubleclick.net — Cisco Umbrella Rank: 182	280 KB
5	gemius.pl 1 redirects gabg.hit.gemius.pl — Cisco Umbrella Rank: 222774 ls.hit.gemius.pl — Cisco Umbrella Rank: 28536	22 KB
4	googlesyndication.com 96be86e24598c8b1d2cfc3e50bb8e199.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 110	76 B
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 36	21 KB
4	taboola.com cdn.taboola.com — Cisco Umbrella Rank: 934	227 KB
4	dnes.bg 2 redirects dnes.bg — Cisco Umbrella Rank: 504851 www.dnes.bg — Cisco Umbrella Rank: 731090	15 KB
3	adtrafficquality.google ep1.adtrafficquality.google — Cisco Umbrella Rank: 389 ep2.adtrafficquality.google — Cisco Umbrella Rank: 403	20 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	290 KB
3	imrworldwide.com 1 redirects secure-it.imrworldwide.com — Cisco Umbrella Rank: 65908	5 KB
2	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 1004 id5-sync.com — Cisco Umbrella Rank: 533	30 KB
2	crwdcntrl.net tags.crwdcntrl.net — Cisco Umbrella Rank: 1010 bcp.crwdcntrl.net — Cisco Umbrella Rank: 1026	13 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 120	214 B
2	criteo.com gum.criteo.com — Cisco Umbrella Rank: 450	710 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 192	75 KB
1	rtbhouse.com esp.rtbhouse.com — Cisco Umbrella Rank: 4214	505 B
1	criteo.net static.criteo.net — Cisco Umbrella Rank: 793	13 KB
1	openxcdn.net oa.openxcdn.net — Cisco Umbrella Rank: 2357	8 KB
1	uidapi.com cdn.prod.uidapi.com — Cisco Umbrella Rank: 4220	4 KB
1	creativecdn.com invstatic101.creativecdn.com — Cisco Umbrella Rank: 2700	2 KB
1	33across.com cdn-ima.33across.com — Cisco Umbrella Rank: 1329	7 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 318	851 B
1	google.ca www.google.ca — Cisco Umbrella Rank: 11557	63 B
130	24

	Domain	Requested by
38	rokgrupi.start.bg	rokgrupi.start.bg
22	start.bg	rokgrupi.start.bg start.bg
10	fundingchoicesmessages.google.com	securepubads.g.doubleclick.net
5	securepubads.g.doubleclick.net	rokgrupi.start.bg securepubads.g.doubleclick.net
4	gabg.hit.gemius.pl	1 redirects rokgrupi.start.bg gabg.hit.gemius.pl
4	www.google-analytics.com	rokgrupi.start.bg www.googletagmanager.com www.google-analytics.com
4	cdn.taboola.com	rokgrupi.start.bg cdn.taboola.com
3	96be86e24598c8b1d2cfc3e50bb8e199.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
3	apis.google.com	rokgrupi.start.bg apis.google.com
3	www.googletagmanager.com	rokgrupi.start.bg www.googletagmanager.com
3	secure-it.imrworldwide.com	1 redirects rokgrupi.start.bg
2	ep2.adtrafficquality.google	securepubads.g.doubleclick.net ep2.adtrafficquality.google
2	analytics.google.com	www.googletagmanager.com
2	www.facebook.com	rokgrupi.start.bg
2	gum.criteo.com	cdn.taboola.com static.criteo.net
2	connect.facebook.net	rokgrupi.start.bg connect.facebook.net
2	www.dnes.bg	rokgrupi.start.bg
2	dnes.bg	2 redirects
1	www.google.com	ep2.adtrafficquality.google
1	ep1.adtrafficquality.google	securepubads.g.doubleclick.net
1	esp.rtbhouse.com	invstatic101.creativecdn.com
1	ls.hit.gemius.pl	gabg.hit.gemius.pl
1	bcp.crwdcntrl.net	tags.crwdcntrl.net
1	pagead2.googlesyndication.com
1	id5-sync.com	cdn.id5-sync.com
1	static.criteo.net	securepubads.g.doubleclick.net
1	oa.openxcdn.net	securepubads.g.doubleclick.net
1	cdn.prod.uidapi.com	securepubads.g.doubleclick.net
1	cdn.id5-sync.com	securepubads.g.doubleclick.net
1	tags.crwdcntrl.net	securepubads.g.doubleclick.net
1	invstatic101.creativecdn.com	securepubads.g.doubleclick.net
1	cdn-ima.33across.com	securepubads.g.doubleclick.net
1	cdn.jsdelivr.net	securepubads.g.doubleclick.net
1	www.google.ca	rokgrupi.start.bg
1	td.doubleclick.net	www.googletagmanager.com
1	stats.g.doubleclick.net	www.googletagmanager.com
1	accounts.google.com	apis.google.com
130	37

This site contains links to these domains. Also see Links.

Domain
www.ibg.bg
www.dnes.bg
www.investor.bg
www.bloombergtv.bg
www.bgonair.bg
www.gol.bg
www.tialoto.bg
www.az-jenata.bg
www.puls.bg
www.teenproblem.net
www.imoti.net
www.az-deteto.bg
www.automedia.bg
www.start.bg
www.blog.bg
www.posoka.com
www.boec.bg
katalog.start.bg
abv.start.bg
regioni.start.bg
aerosmith.start.bg
help.start.bg
start.start.bg
start.bg
ibg.bg
reklama.investor.bg

Subject Issuer	Validity	Valid
*.start.bg R11	`2024-10-18` - `2025-01-16`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-12-02` - `2025-02-24`	3 months	crt.sh
*.imrworldwide.com GlobalSign RSA OV SSL CA 2018	`2024-05-16` - `2025-02-02`	9 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-09-30` - `2024-12-29`	3 months	crt.sh
*.taboola.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-12-01` - `2025-12-31`	a year	crt.sh
*.google-analytics.com WR2	`2024-12-02` - `2025-02-24`	3 months	crt.sh
*.apis.google.com WR2	`2024-12-02` - `2025-02-24`	3 months	crt.sh
*.google.com WR2	`2024-12-02` - `2025-02-24`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-12-03` - `2025-03-03`	3 months	crt.sh
accounts.google.com WR2	`2024-12-02` - `2025-02-24`	3 months	crt.sh
*.hit.gemius.pl Sectigo ECC Domain Validation Secure Server CA	`2024-09-12` - `2025-09-25`	a year	crt.sh
*.doubleclick.net WR2	`2024-12-02` - `2025-02-24`	3 months	crt.sh
*.google.ca WR2	`2024-12-02` - `2025-02-24`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2024 Q3	`2024-07-30` - `2025-08-31`	a year	crt.sh
*.33across.com Sectigo RSA Domain Validation Secure Server CA	`2024-09-05` - `2025-09-30`	a year	crt.sh
invstatic101.creativecdn.com WR3	`2024-12-14` - `2025-03-14`	3 months	crt.sh
*.crwdcntrl.net Amazon RSA 2048 M02	`2024-09-07` - `2025-10-07`	a year	crt.sh
id5-sync.com WE1	`2024-11-28` - `2025-02-26`	3 months	crt.sh
cdn.prod.uidapi.com Amazon RSA 2048 M03	`2024-11-20` - `2025-12-20`	a year	crt.sh
oa.openxcdn.net WR3	`2024-11-13` - `2025-02-11`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-11-29` - `2025-02-25`	3 months	crt.sh
esp.rtbhouse.com WR3	`2024-12-19` - `2025-03-19`	3 months	crt.sh
adtrafficquality.google WR2	`2024-12-02` - `2025-02-24`	3 months	crt.sh

This page contains 13 frames:

Primary Page: https://rokgrupi.start.bg/
Frame ID: CC691938F8A549A46A0118DA30036010
Requests: 118 HTTP requests in this frame

Frame: https://apis.google.com/u/0/se/0/_/+1/fastbutton?usegapi=1&size=medium&origin=https%3A%2F%2Frokgrupi.start.bg&url=https%3A%2F%2Frokgrupi.start.bg%2F&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.eXGUr_3hPjA.O%2Fd%3D1%2Frs%3DAHpOoo-g8reFxkIuQ1pTpW4rHM0-Devz-A%2Fm%3D__features__
Frame ID: AF62460603F9D67016D4576B1953DB18
Requests: 1 HTTP requests in this frame

Frame: https://cdn.taboola.com/libtrc/static/topics/taboola-browsing-topics.html
Frame ID: BC5D6046E429C4CD3AA793CAAF762419
Requests: 1 HTTP requests in this frame

Frame: https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Frokgrupi.start.bg&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.eXGUr_3hPjA.O%2Fd%3D1%2Frs%3DAHpOoo-g8reFxkIuQ1pTpW4rHM0-Devz-A%2Fm%3D__features__
Frame ID: 702EFAAD856E2E3FC2C4025F465BD9B6
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/ga/rul?tid=G-QPK7X91FPK&gacid=991067755.1734876334&gtm=45je4cc1v896316010z89174316107za200zb9174316107&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101925629~102067555~102067808~102081485~102198178&z=22125630
Frame ID: 73812DBA2077387DD641B21D9880250C
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/static/topics/topics_frame.html
Frame ID: 58E1CD2A0AB57F5D46FD8119689A9481
Requests: 1 HTTP requests in this frame

Frame: https://96be86e24598c8b1d2cfc3e50bb8e199.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: F8EB39B470E8304B3A8BFD62EE2C0828
Requests: 1 HTTP requests in this frame

Frame: https://96be86e24598c8b1d2cfc3e50bb8e199.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 7F3A061EA777231C4FB99F35F8C15683
Requests: 1 HTTP requests in this frame

Frame: https://96be86e24598c8b1d2cfc3e50bb8e199.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 77DAC2E3C4CE09F58D56B6E0E46882ED
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=rokgrupi.start.bg&gdpr=0&gdpr_consent=
Frame ID: 70A435CD46BC07E6536AEA58855F63D2
Requests: 1 HTTP requests in this frame

Frame: https://ls.hit.gemius.pl/lsget.html
Frame ID: B767D1DF39542598998B30DE7F99C308
Requests: 1 HTTP requests in this frame

Frame: https://ep2.adtrafficquality.google/sodar/sodar2/232/runner.html
Frame ID: 1CD678D25303252F68AEAD9A3B845F63
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 5163E57DBC0C469745C326CA3AC1AC26
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Рок групи: Pinkfloyd, Deep Purple, Aerosmith, Theatre of Tragedy, Him, Tribute bands

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Gemius (Analytics) Expand

Overall confidence: 100%
Detected patterns

hit\.gemius\.pl/xgemius\.js
hit\.gemius\.pl
xgemius\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Plus (Widgets) Expand

Overall confidence: 100%
Detected patterns

apis\.google\.com/js/[a-z]*\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

130
Requests

95 %
HTTPS

0 %
IPv6

24
Domains

37
Subdomains

36
IPs

6
Countries

1422 kB
Transfer

4429 kB
Size

34
Cookies

46 Outgoing links

These are links going to different origins than the main page.

URL: https://www.ibg.bg/?utm_source=start&utm_medium=link&utm_campaign=lenta

Search URL Search Domain Scan URL

URL: https://www.dnes.bg/?utm_source=start&utm_medium=link&utm_campaign=lenta
Title: Dnes

Search URL Search Domain Scan URL

URL: https://www.investor.bg/?utm_source=start&utm_medium=link&utm_campaign=lenta
Title: Investor

Search URL Search Domain Scan URL

URL: https://www.bloombergtv.bg/?utm_source=start&utm_medium=link&utm_campaign=lenta
Title: Bloombergtv.bg

Search URL Search Domain Scan URL

URL: https://www.bgonair.bg/?utm_source=start&utm_medium=link&utm_campaign=lenta
Title: Bulgaria On Air

Search URL Search Domain Scan URL

URL: https://www.gol.bg/?utm_source=start&utm_medium=link&utm_campaign=lenta
Title: Gol

Search URL Search Domain Scan URL

URL: https://www.tialoto.bg/?utm_source=start&utm_medium=link&utm_campaign=lenta
Title: Tialoto

Search URL Search Domain Scan URL

URL: https://www.az-jenata.bg/?utm_source=start&utm_medium=link&utm_campaign=lenta
Title: Az-jenata

Search URL Search Domain Scan URL

URL: https://www.puls.bg/?utm_source=start&utm_medium=link&utm_campaign=lenta
Title: Puls

Search URL Search Domain Scan URL

URL: https://www.teenproblem.net/?utm_source=start&utm_medium=link&utm_campaign=lenta
Title: Teenproblem

Search URL Search Domain Scan URL

URL: https://www.imoti.net/?utm_source=start&utm_medium=link&utm_campaign=lenta
Title: Imoti.net

Search URL Search Domain Scan URL

URL: https://www.az-deteto.bg/?utm_source=start&utm_medium=link&utm_campaign=lenta
Title: Az-deteto

Search URL Search Domain Scan URL

URL: https://www.automedia.bg/?utm_source=start&utm_medium=link&utm_campaign=lenta
Title: Automedia

Search URL Search Domain Scan URL

URL: https://www.start.bg/?utm_source=start&utm_medium=link&utm_campaign=lenta
Title: Start

Search URL Search Domain Scan URL

URL: https://www.blog.bg/?utm_source=start&utm_medium=link&utm_campaign=lenta
Title: Blog

Search URL Search Domain Scan URL

URL: https://www.posoka.com/?utm_source=start&utm_medium=link&utm_campaign=lenta
Title: Posoka

Search URL Search Domain Scan URL

URL: https://www.boec.bg/?utm_source=start&utm_medium=link&utm_campaign=lenta
Title: Boec

Search URL Search Domain Scan URL

URL: https://www.start.bg/tools/mail.php?TB_iframe=true&height=350&width=400

Search URL Search Domain Scan URL

URL: https://www.start.bg/

Search URL Search Domain Scan URL

URL: https://katalog.start.bg/
Title: Тематичен каталог

Search URL Search Domain Scan URL

URL: https://abv.start.bg/
Title: Азбучен каталог

Search URL Search Domain Scan URL

URL: https://regioni.start.bg/
Title: Регионален каталог

Search URL Search Domain Scan URL

URL: https://www.start.bg/lenta/tv-programa/all.html
Title: Телевизия

Search URL Search Domain Scan URL

URL: https://www.start.bg/lenta/horoskopi.html
Title: Хороскопи

Search URL Search Domain Scan URL

URL: https://katalog.start.bg/%D0%9C%D1%83%D0%B7%D0%B8%D0%BA%D0%B0/
Title: Музика

Search URL Search Domain Scan URL

URL: https://katalog.start.bg/%D0%9C%D1%83%D0%B7%D0%B8%D0%BA%D0%B0/#c132
Title: Рок и Хеви метъл

Search URL Search Domain Scan URL

URL: https://aerosmith.start.bg/
Title: Рок групи

Search URL Search Domain Scan URL

URL: http://help.start.bg/?p=7
Title: Често задавани въпроси

Search URL Search Domain Scan URL

URL: https://start.start.bg/%D0%96%D0%B5%D0%BB%D0%B0%D0%B5%D1%82%D0%B5+%D0%B4%D0%B0+%D0%B4%D0%BE%D0%B1%D0%B0%D0%B2%D0%B8%D1%82%D0%B5+%D0%BB%D0%B8%D0%BD%D0%BA+%D0%B2+%D0%BA%D0%B0%D1%82%D0%B0%D0%BB%D0%BE%D0%B3%D0%B0%2C+%D0%B8%D0%B7%D0%BF%D1%80%D0%B0%D1%82%D0%B5%D1%82%D0%B5+%D0%BD%D0%B8+%D0%B3%D0%BE+%D0%B8+%D0%BD%D0%B8%D0%B5+%D1%89%D0%B5+%D0%B3%D0%BE+%D0%B4%D0%BE%D0%B1%D0%B0%D0%B2%D0%B8%D0%BC-21027
Title: Предложи линк

Search URL Search Domain Scan URL

URL: http://start.bg/vip/main.php?mode=choose_page&pid=2040
Title: Купи VIP линк

Search URL Search Domain Scan URL

URL: http://www.dnes.bg/index.php?cat=454?utm_source=start&utm_medium=rssbox_dnes&utm_campaign=tema

Search URL Search Domain Scan URL

URL: https://www.dnes.bg/a/454-rok/625256-dnes-kiril-marichkov-shteshe-da-bade-na-80-g-dokato-ima-shturtsi-ima-nadezhda?utm_source=start&utm_medium=rssbox_dnes&utm_campaign=tema

Search URL Search Domain Scan URL

URL: https://www.dnes.bg/a/454-rok/625202-meri-boys-bend-predstavi-klipa-na-zdravey?utm_source=start&utm_medium=rssbox_dnes&utm_campaign=tema

Search URL Search Domain Scan URL

URL: http://help.start.bg/za_startbg
Title: За Start.bg

Search URL Search Domain Scan URL

URL: http://help.start.bg/za_reklama
Title: За реклама

Search URL Search Domain Scan URL

URL: http://start.bg/vip/
Title: VIP линкове

Search URL Search Domain Scan URL

URL: https://start.start.bg/%D0%A1%D0%B8%D0%B3%D0%BD%D0%B0%D0%BB%D0%B8%D0%B7%D0%B8%D1%80%D0%B0%D0%B9+%D0%B7%D0%B0+%D0%B3%D1%80%D0%B5%D1%88%D0%BA%D0%B0-21029
Title: Сигнализирай за грешка

Search URL Search Domain Scan URL

URL: https://start.start.bg/%D0%9F%D0%B8%D1%88%D0%B8+%D0%B4%D0%BE+Start.bg-21028
Title: Пиши на Start.bg

Search URL Search Domain Scan URL

URL: http://help.start.bg/stani_redaktor
Title: Стани редактор

Search URL Search Domain Scan URL

URL: http://www.ibg.bg/
Title: Инвестор.БГ АД

Search URL Search Domain Scan URL

URL: http://www.start.bg/
Title: Start.bg

Search URL Search Domain Scan URL

URL: http://ibg.bg/id-157/
Title: Условия за ползванеt

Search URL Search Domain Scan URL

URL: http://reklama.investor.bg/#start
Title: Реклама

Search URL Search Domain Scan URL

URL: http://ibg.bg/id-148/%D0%9A%D0%B0%D1%80%D0%B8%D0%B5%D1%80%D0%B8.html
Title: Кариери

Search URL Search Domain Scan URL

URL: http://ibg.bg/id-209/%D0%9F%D0%BE%D0%BB%D0%B8%D1%82%D0%B8%D0%BA%D0%B0%20%D0%B7%D0%B0%20%D0%BF%D0%BE%D0%B2%D0%B5%D1%80%D0%B8%D1%82%D0%B5%D0%BB%D0%BD%D0%BE%D1%81%D1%82.html
Title: Поверителност

Search URL Search Domain Scan URL

URL: http://reklama.investor.bg/setLanguage-3/#start
Title: Advertising

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 22

https://dnes.bg/media/files/resized/article/200x113/625/625-0000625256.jpg HTTP 301
https://www.dnes.bg/media/files/resized/article/200x113/625/625-0000625256.jpg

Request Chain 23

https://dnes.bg/media/files/resized/article/200x113/625/625-0000625202.jpg HTTP 301
https://www.dnes.bg/media/files/resized/article/200x113/625/625-0000625202.jpg

Request Chain 78

https://secure-it.imrworldwide.com/cgi-bin/m?rnd=1734876333536&ci=bg-investorbg&cg=0&cc=1&ts=v53f.js&sr=1600x1200&cd=24&lg=en-CA&je=n&ck=y&tz=-8&fl=-1&si=https%3A//rokgrupi.start.bg/&rp= HTTP 302
https://secure-it.imrworldwide.com/cgi-bin/m?rnd=1734876333536&ci=bg-investorbg&cg=0&cc=1&ts=v53f.js&sr=1600x1200&cd=24&lg=en-CA&je=n&ck=y&tz=-8&fl=-1&si=https%3A//rokgrupi.start.bg/&rp=&ja=1

Request Chain 121

https://gabg.hit.gemius.pl/_1734876335814/rexdot.js?l=100&sendf=24&id=nd.rsncd7FXOxaUpOCyDmuW0zZTdOJt0WgWWrkFiqB7.C7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&tz=480&fv=-&href=https%3A%2F%2Frokgrupi.start.bg%2F&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=6gywqhXY7JxuWBQNGbseSu6CrQv42zGReFuOQ8hmSKD.x7bCP6_zQ9dV5E91Ojwc7CpvrLSKFOr1Jk2YNNmp8x1WdyfB/aEKAhwoT4hb7a/&fpdata=38bLAj.1QIVerV_0pKq5EfS45xBku98aBgWa1Irt4Rn.Q7%7C1734876335%7C2%7C%7C%7C8%2C3%2C32&ltime=583&fr=1&ref=&inner=_ver%3D355%7C_ch_mobile%3D0%7C_ch_wow64%3D0%7C_ch_brands%3D&exid=67681caf0d935e3a&brts=1734876335&fpcap= HTTP 301
https://gabg.hit.gemius.pl/__/_1734876335814/rexdot.js?l=100&sendf=24&id=nd.rsncd7FXOxaUpOCyDmuW0zZTdOJt0WgWWrkFiqB7.C7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&tz=480&fv=-&href=https%3A%2F%2Frokgrupi.start.bg%2F&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=6gywqhXY7JxuWBQNGbseSu6CrQv42zGReFuOQ8hmSKD.x7bCP6_zQ9dV5E91Ojwc7CpvrLSKFOr1Jk2YNNmp8x1WdyfB/aEKAhwoT4hb7a/&fpdata=38bLAj.1QIVerV_0pKq5EfS45xBku98aBgWa1Irt4Rn.Q7%7C1734876335%7C2%7C%7C%7C8%2C3%2C32&ltime=583&fr=1&ref=&inner=_ver%3D355%7C_ch_mobile%3D0%7C_ch_wow64%3D0%7C_ch_brands%3D&exid=67681caf0d935e3a&brts=1734876335&fpcap=

130 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
rokgrupi.start.bg/ 91 KB
16 KB 17652ms
604ms Document
text/html 194.12.229.104
EVOLINK-AS Evolin...

General

Check archive.org

Show headers Download Go to

Full URL: https://rokgrupi.start.bg/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 194.12.229.104 Sofia, Bulgaria, ASN8262 (EVOLINK-AS Evolink AD, BG),
Reverse DNS: www.start.bg
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 2e795984995d6af898f0a3c4b55d3463955589486c00db98060e142d402ff4ad

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

cache-control: private
content-encoding: gzip
content-length: 15730
content-type: text/html; charset=utf-8
date: Sun, 22 Dec 2024 14:05:32 GMT
debug: unk
server: Apache/2.2.15 (CentOS)
vary: Accept-Encoding
x-powered-by: PHP/5.3.3

GET
H2 200 main.css
rokgrupi.start.bg/templates/css/ 7 KB
2 KB 216ms
213ms Stylesheet
text/css 194.12.229.104
EVOLINK-AS Evolin...

General

Check archive.org

Show headers Download Go to

Full URL: https://rokgrupi.start.bg/templates/css/main.css??v=20120629
Requested by: Host: rokgrupi.start.bg
URL: https://rokgrupi.start.bg/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 194.12.229.104 Sofia, Bulgaria, ASN8262 (EVOLINK-AS Evolink AD, BG),
Reverse DNS: www.start.bg
Software: Apache/2.2.15 (CentOS) /
Resource Hash: d8c308c8e8d4fec2b79b87acf07310644d07f405a9373da2245b6b4b2f2363f0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://rokgrupi.start.bg/

Response headers

content-encoding: gzip
etag: "420fe9-1c53-56630faa6add8"
accept-ranges: bytes
content-length: 1890
date: Sun, 22 Dec 2024 14:05:32 GMT
last-modified: Tue, 27 Feb 2018 12:43:53 GMT
vary: Accept-Encoding
server: Apache/2.2.15 (CentOS)
content-type: text/css

GET
H2 200 thickbox.css
rokgrupi.start.bg/templates/css/ 4 KB
1 KB 139ms
137ms Stylesheet
text/css 194.12.229.104
EVOLINK-AS Evolin...

General

Check archive.org

Show headers Download Go to

Full URL: https://rokgrupi.start.bg/templates/css/thickbox.css
Requested by: Host: rokgrupi.start.bg
URL: https://rokgrupi.start.bg/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 194.12.229.104 Sofia, Bulgaria, ASN8262 (EVOLINK-AS Evolink AD, BG),
Reverse DNS: www.start.bg
Software: Apache/2.2.15 (CentOS) /
Resource Hash: a3f7630a388a10102b76ac0ebbe3a332a5fade9468e3358fd6bdc17c40c520ae

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://rokgrupi.start.bg/

Response headers

content-encoding: gzip
etag: "421022-fac-56630faa8c119"
accept-ranges: bytes
content-length: 1039
date: Sun, 22 Dec 2024 14:05:32 GMT
last-modified: Tue, 27 Feb 2018 12:43:53 GMT
vary: Accept-Encoding
server: Apache/2.2.15 (CentOS)
content-type: text/css

GET
H2 200 index.css
start.bg/templates/css/ 15 KB
4 KB 350ms
342ms Stylesheet
text/css 194.12.229.104
EVOLINK-AS Evolin...

General

Check archive.org

Show headers Download Go to

Full URL: https://start.bg/templates/css/index.css
Requested by: Host: rokgrupi.start.bg
URL: https://rokgrupi.start.bg/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 194.12.229.104 Sofia, Bulgaria, ASN8262 (EVOLINK-AS Evolink AD, BG),
Reverse DNS: www.start.bg
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 42f2b7b01ddd149db084dbc4fc90edc676ed2d7248ea0d925c5b33216645bf27

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://rokgrupi.start.bg/

Response headers

cache-control: private
content-encoding: gzip
etag: "421010-3b0a-56630faa5cf31"
accept-ranges: bytes
content-length: 3510
date: Sun, 22 Dec 2024 14:05:32 GMT
last-modified: Tue, 27 Feb 2018 12:43:53 GMT
vary: Accept-Encoding
server: Apache/2.2.15 (CentOS)
content-type: text/css

GET
H2 200 themes.php
start.bg/templates/css/ 56 KB
5 KB 406ms
399ms Stylesheet
text/css 194.12.229.104
EVOLINK-AS Evolin...

General

Check archive.org

Show headers Download Go to

Full URL: https://start.bg/templates/css/themes.php
Requested by: Host: rokgrupi.start.bg
URL: https://rokgrupi.start.bg/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 194.12.229.104 Sofia, Bulgaria, ASN8262 (EVOLINK-AS Evolink AD, BG),
Reverse DNS: www.start.bg
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 156b6b0763f4c83731c954e5181a938a32c789fa9941244fe02cedd3d2b3c33b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://rokgrupi.start.bg/

Response headers

cache-control: private
content-encoding: gzip
etag: 6cb914a4c30db4e733ce49ecef5a9150
debug: unk
content-length: 4505
date: Sun, 22 Dec 2024 14:05:32 GMT
content-type: text/css;charset=utf-8
x-powered-by: PHP/5.3.3
server: Apache/2.2.15 (CentOS)
vary: Accept-Encoding

GET
H2 200 ui.tabs.css
start.bg/templates/css/ 4 KB
2 KB 398ms
391ms Stylesheet
text/css 194.12.229.104
EVOLINK-AS Evolin...

General

Check archive.org

Show headers Download Go to

Full URL: https://start.bg/templates/css/ui.tabs.css
Requested by: Host: rokgrupi.start.bg
URL: https://rokgrupi.start.bg/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 194.12.229.104 Sofia, Bulgaria, ASN8262 (EVOLINK-AS Evolink AD, BG),
Reverse DNS: www.start.bg
Software: Apache/2.2.15 (CentOS) /
Resource Hash: ee0024bfc7bbcc8cc7182cbf067b2e52b307768d0f1598c4cafcc9b21d564d5c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://rokgrupi.start.bg/

Response headers

cache-control: private
content-encoding: gzip
etag: "42101a-ef6-56630faa8e440"
accept-ranges: bytes
content-length: 1365
date: Sun, 22 Dec 2024 14:05:32 GMT
last-modified: Tue, 27 Feb 2018 12:43:53 GMT
vary: Accept-Encoding
server: Apache/2.2.15 (CentOS)
content-type: text/css

GET
H2 200 bcrumbs.css
start.bg/templates/css/ 947 B
604 B 350ms
343ms Stylesheet
text/css 194.12.229.104
EVOLINK-AS Evolin...

General

Check archive.org

Show headers Download Go to

Full URL: https://start.bg/templates/css/bcrumbs.css
Requested by: Host: rokgrupi.start.bg
URL: https://rokgrupi.start.bg/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 194.12.229.104 Sofia, Bulgaria, ASN8262 (EVOLINK-AS Evolink AD, BG),
Reverse DNS: www.start.bg
Software: Apache/2.2.15 (CentOS) /
Resource Hash: bb9c6b82a8d12b6809f51679b9d9522d396d838b5a5461f8051bd3fe54b1a422

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://rokgrupi.start.bg/

Response headers

cache-control: private
content-encoding: gzip
etag: "421012-3b3-56630faa561d0"
accept-ranges: bytes
content-length: 365
date: Sun, 22 Dec 2024 14:05:32 GMT
last-modified: Tue, 27 Feb 2018 12:43:53 GMT
vary: Accept-Encoding
server: Apache/2.2.15 (CentOS)
content-type: text/css

GET
H2 200 page.php
rokgrupi.start.bg/templates/css/ 355 B
439 B 273ms
271ms Stylesheet
text/css 194.12.229.104
EVOLINK-AS Evolin...

General

Check archive.org

Show headers Download Go to

Full URL: https://rokgrupi.start.bg/templates/css/page.php
Requested by: Host: rokgrupi.start.bg
URL: https://rokgrupi.start.bg/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 194.12.229.104 Sofia, Bulgaria, ASN8262 (EVOLINK-AS Evolink AD, BG),
Reverse DNS: www.start.bg
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: d4440f225bfeb5f4a1075539b8f98e16e9ccf13e3875b16e5011d955cab91e71

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://rokgrupi.start.bg/

Response headers

content-encoding: gzip
etag: 4f985a50b3cfe5b056ccafcd7871e6db
debug: unk
content-length: 222
date: Sun, 22 Dec 2024 14:05:32 GMT
content-type: text/css;charset=utf-8
x-powered-by: PHP/5.3.3
server: Apache/2.2.15 (CentOS)
vary: Accept-Encoding

GET
H2 200 jquery-latest.pack.js Show response
rokgrupi.start.bg/templates/js/ 56 KB
56 KB 138ms
136ms Script
text/javascript 194.12.229.104
EVOLINK-AS Evolin...

General

Check archive.org

Show headers Download Go to

Full URL: https://rokgrupi.start.bg/templates/js/jquery-latest.pack.js
Requested by: Host: rokgrupi.start.bg
URL: https://rokgrupi.start.bg/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 194.12.229.104 Sofia, Bulgaria, ASN8262 (EVOLINK-AS Evolink AD, BG),
Reverse DNS: www.start.bg
Software: Apache/2.2.15 (CentOS) /
Resource Hash: c8370a2d050359e9d505acc411e6f457a49b21360a21e6cbc9229bad3a767899

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://rokgrupi.start.bg/

Response headers

accept-ranges: bytes
content-length: 57254
date: Sun, 22 Dec 2024 14:05:32 GMT
etag: "42102b-dfa6-56630fc03b568"
last-modified: Tue, 27 Feb 2018 12:44:16 GMT
content-type: text/javascript
server: Apache/2.2.15 (CentOS)

GET
H2 200 thickbox.js Show response
rokgrupi.start.bg/templates/js/ 6 KB
6 KB 404ms
403ms Script
text/javascript 194.12.229.104
EVOLINK-AS Evolin...

General

Check archive.org

Show headers Download Go to

Full URL: https://rokgrupi.start.bg/templates/js/thickbox.js
Requested by: Host: rokgrupi.start.bg
URL: https://rokgrupi.start.bg/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 194.12.229.104 Sofia, Bulgaria, ASN8262 (EVOLINK-AS Evolink AD, BG),
Reverse DNS: www.start.bg
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 2b495183f1d33f0d72803519ed4435d7406e752680e36b71d6a0ba349fb3d582

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://rokgrupi.start.bg/

Response headers

accept-ranges: bytes
content-length: 5967
date: Sun, 22 Dec 2024 14:05:32 GMT
etag: "421066-174f-56630fc04d290"
last-modified: Tue, 27 Feb 2018 12:44:16 GMT
content-type: text/javascript
server: Apache/2.2.15 (CentOS)

GET
H2 200 index.js Show response
start.bg/templates/js/ 5 KB
5 KB 273ms
267ms Script
text/javascript 194.12.229.104
EVOLINK-AS Evolin...

General

Check archive.org

Show headers Download Go to

Full URL: https://start.bg/templates/js/index.js
Requested by: Host: rokgrupi.start.bg
URL: https://rokgrupi.start.bg/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 194.12.229.104 Sofia, Bulgaria, ASN8262 (EVOLINK-AS Evolink AD, BG),
Reverse DNS: www.start.bg
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 527412200223eb596a853ff75f18825ed99d502e55984816cded4be72ca7cc6e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://rokgrupi.start.bg/

Response headers

cache-control: private
etag: "42106a-132d-56630fc038a8b"
accept-ranges: bytes
content-length: 4909
date: Sun, 22 Dec 2024 14:05:32 GMT
last-modified: Tue, 27 Feb 2018 12:44:16 GMT
content-type: text/javascript
server: Apache/2.2.15 (CentOS)

GET
H2 200 ui.tabs.pack.js Show response
start.bg/templates/js/ 6 KB
7 KB 275ms
269ms Script
text/javascript 194.12.229.104
EVOLINK-AS Evolin...

General

Check archive.org

Show headers Download Go to

Full URL: https://start.bg/templates/js/ui.tabs.pack.js
Requested by: Host: rokgrupi.start.bg
URL: https://rokgrupi.start.bg/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 194.12.229.104 Sofia, Bulgaria, ASN8262 (EVOLINK-AS Evolink AD, BG),
Reverse DNS: www.start.bg
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 73d75726636e22d3a2142a52c147745860f0df8fcbee338036db9c67c3cc92e9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://rokgrupi.start.bg/

Response headers

cache-control: private
etag: "421031-196f-56630fc04f5d3"
accept-ranges: bytes
content-length: 6511
date: Sun, 22 Dec 2024 14:05:32 GMT
last-modified: Tue, 27 Feb 2018 12:44:16 GMT
content-type: text/javascript
server: Apache/2.2.15 (CentOS)

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 105 KB
33 KB 129ms
57ms Script
text/javascript 142.250.65.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: rokgrupi.start.bg
URL: https://rokgrupi.start.bg/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.226 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s73-in-f2.1e100.net

Software

cafe /

Resource Hash

01486cea718f0071a2b6c27932aa0f4c02b27777244565c6ce6354786a9c409d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://rokgrupi.start.bg/

Response headers

content-encoding: br
etag: 17 / 20079 / m202412090101 / config-hash: 16775640167977932469
x-content-type-options: nosniff
expires: Sun, 22 Dec 2024 14:05:33 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Sun, 22 Dec 2024 14:05:33 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 34033
x-xss-protection: 0
server: cafe

GET
H2 200 start_logo.png
rokgrupi.start.bg/i/ 12 KB
12 KB 276ms
275ms Image
image/png 194.12.229.104
EVOLINK-AS Evolin...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rokgrupi.start.bg/i/start_logo.png
Requested by: Host: rokgrupi.start.bg
URL: https://rokgrupi.start.bg/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 194.12.229.104 Sofia, Bulgaria, ASN8262 (EVOLINK-AS Evolink AD, BG),
Reverse DNS: www.start.bg
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 37301383e2a60f92d2eda0653720a86faec584aafdd48d69b887119c332fed57

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://rokgrupi.start.bg/

Response headers

accept-ranges: bytes
content-length: 11778
date: Sun, 22 Dec 2024 14:05:32 GMT
etag: "3809f2-2e02-57ff4dfdd53c1"
last-modified: Mon, 21 Jan 2019 09:56:28 GMT
content-type: image/png
server: Apache/2.2.15 (CentOS)

GET
H2 200 arrows_m.gif
rokgrupi.start.bg/templates/i/00/ 51 B
205 B 350ms
349ms Image
image/gif 194.12.229.104
EVOLINK-AS Evolin...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rokgrupi.start.bg/templates/i/00/arrows_m.gif
Requested by: Host: rokgrupi.start.bg
URL: https://rokgrupi.start.bg/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 194.12.229.104 Sofia, Bulgaria, ASN8262 (EVOLINK-AS Evolink AD, BG),
Reverse DNS: www.start.bg
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 1bd2f2daf400d07d59fb08d08ff63580436cb504cd54907d461235bd0fc8c64b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://rokgrupi.start.bg/

Response headers

accept-ranges: bytes
content-length: 51
date: Sun, 22 Dec 2024 14:05:32 GMT
etag: "5a08d5-33-56630faa990c9"
last-modified: Tue, 27 Feb 2018 12:43:53 GMT
content-type: image/gif
server: Apache/2.2.15 (CentOS)

GET
H2 200 icon_faq.png
rokgrupi.start.bg/templates/i/ 455 B
611 B 139ms
137ms Image
image/png 194.12.229.104
EVOLINK-AS Evolin...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rokgrupi.start.bg/templates/i/icon_faq.png
Requested by: Host: rokgrupi.start.bg
URL: https://rokgrupi.start.bg/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 194.12.229.104 Sofia, Bulgaria, ASN8262 (EVOLINK-AS Evolink AD, BG),
Reverse DNS: www.start.bg
Software: Apache/2.2.15 (CentOS) /
Resource Hash: fd1bca0d6bb51e2a525c852e50dffbb0c735f4d30a3575cb15533030f06c47f5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://rokgrupi.start.bg/

Response headers

accept-ranges: bytes
content-length: 455
date: Sun, 22 Dec 2024 14:05:33 GMT
etag: "5a0960-1c7-56630fae10775"
last-modified: Tue, 27 Feb 2018 12:43:57 GMT
content-type: image/png
server: Apache/2.2.15 (CentOS)

GET
H2 200 icon_offer_link.png
rokgrupi.start.bg/templates/i/ 1 KB
1 KB 143ms
134ms Image
image/png 194.12.229.104
EVOLINK-AS Evolin...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rokgrupi.start.bg/templates/i/icon_offer_link.png
Requested by: Host: rokgrupi.start.bg
URL: https://rokgrupi.start.bg/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 194.12.229.104 Sofia, Bulgaria, ASN8262 (EVOLINK-AS Evolink AD, BG),
Reverse DNS: www.start.bg
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 31743348e6a804068252e1e77da67d44534cf81a0339141bc305b88798356b8b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://rokgrupi.start.bg/

Response headers

accept-ranges: bytes
content-length: 1178
date: Sun, 22 Dec 2024 14:05:33 GMT
etag: "5a0696-49a-56630fae15590"
last-modified: Tue, 27 Feb 2018 12:43:57 GMT
content-type: image/png
server: Apache/2.2.15 (CentOS)

GET
H2 200 icon_vip.png
rokgrupi.start.bg/templates/i/ 494 B
650 B 194ms
185ms Image
image/png 194.12.229.104
EVOLINK-AS Evolin...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rokgrupi.start.bg/templates/i/icon_vip.png
Requested by: Host: rokgrupi.start.bg
URL: https://rokgrupi.start.bg/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 194.12.229.104 Sofia, Bulgaria, ASN8262 (EVOLINK-AS Evolink AD, BG),
Reverse DNS: www.start.bg
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 86f065c43bbbbbf69d1e981963ae01c814c57eee5629e9d725705bef754df5ff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://rokgrupi.start.bg/

Response headers

accept-ranges: bytes
content-length: 494
date: Sun, 22 Dec 2024 14:05:33 GMT
etag: "5a0860-1ee-56630fae1c2d8"
last-modified: Tue, 27 Feb 2018 12:43:57 GMT
content-type: image/png
server: Apache/2.2.15 (CentOS)

GET
H2 200 icon_rss.png
rokgrupi.start.bg/templates/i/ 2 KB
2 KB 191ms
183ms Image
image/png 194.12.229.104
EVOLINK-AS Evolin...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rokgrupi.start.bg/templates/i/icon_rss.png
Requested by: Host: rokgrupi.start.bg
URL: https://rokgrupi.start.bg/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 194.12.229.104 Sofia, Bulgaria, ASN8262 (EVOLINK-AS Evolink AD, BG),
Reverse DNS: www.start.bg
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3f5b9261dd293dea6792b58a5310556e642f9eb62dc227015ff558553f301f94

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://rokgrupi.start.bg/

Response headers

accept-ranges: bytes
content-length: 1750
date: Sun, 22 Dec 2024 14:05:33 GMT
etag: "5a0624-6d6-56630fae18459"
last-modified: Tue, 27 Feb 2018 12:43:57 GMT
content-type: image/png
server: Apache/2.2.15 (CentOS)

GET
H2 200 arrow_big.gif
rokgrupi.start.bg/templates/i/00/ 70 B
224 B 193ms
185ms Image
image/gif 194.12.229.104
EVOLINK-AS Evolin...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rokgrupi.start.bg/templates/i/00/arrow_big.gif
Requested by: Host: rokgrupi.start.bg
URL: https://rokgrupi.start.bg/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 194.12.229.104 Sofia, Bulgaria, ASN8262 (EVOLINK-AS Evolink AD, BG),
Reverse DNS: www.start.bg
Software: Apache/2.2.15 (CentOS) /
Resource Hash: df462206b7485c121c040e9de22ed0f2d63c55df4972df52a7019a68d7c2138e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://rokgrupi.start.bg/

Response headers

accept-ranges: bytes
content-length: 70
date: Sun, 22 Dec 2024 14:05:33 GMT
etag: "5a08e4-46-56630faa95588"
last-modified: Tue, 27 Feb 2018 12:43:53 GMT
content-type: image/gif
server: Apache/2.2.15 (CentOS)

GET
H2 200 icon_video.png
rokgrupi.start.bg/templates/i/ 3 KB
4 KB 192ms
184ms Image
image/png 194.12.229.104
EVOLINK-AS Evolin...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rokgrupi.start.bg/templates/i/icon_video.png
Requested by: Host: rokgrupi.start.bg
URL: https://rokgrupi.start.bg/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 194.12.229.104 Sofia, Bulgaria, ASN8262 (EVOLINK-AS Evolink AD, BG),
Reverse DNS: www.start.bg
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 809b4a4ed0ed1213b724e915af303111e9cdefcbc3f53d6bd3205e331f6356b9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://rokgrupi.start.bg/

Response headers

accept-ranges: bytes
content-length: 3508
date: Sun, 22 Dec 2024 14:05:33 GMT
etag: "5a0959-db4-56630fae1b339"
last-modified: Tue, 27 Feb 2018 12:43:57 GMT
content-type: image/png
server: Apache/2.2.15 (CentOS)

GET
H2 200 common_rss_boxes.css
rokgrupi.start.bg/templates/css/rss_special/ 3 KB
1 KB 138ms
136ms Stylesheet
text/css 194.12.229.104
EVOLINK-AS Evolin...

General

Check archive.org

Show headers Download Go to

Full URL: https://rokgrupi.start.bg/templates/css/rss_special/common_rss_boxes.css
Requested by: Host: rokgrupi.start.bg
URL: https://rokgrupi.start.bg/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 194.12.229.104 Sofia, Bulgaria, ASN8262 (EVOLINK-AS Evolink AD, BG),
Reverse DNS: www.start.bg
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e94d43a8c6ea8fe550535421f53fd6a89fe38c681d2d3a08f93c93a28d2d3836

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://rokgrupi.start.bg/

Response headers

content-encoding: gzip
etag: "420fee-b99-56630faa7ac68"
accept-ranges: bytes
content-length: 938
date: Sun, 22 Dec 2024 14:05:33 GMT
last-modified: Tue, 27 Feb 2018 12:43:53 GMT
vary: Accept-Encoding
server: Apache/2.2.15 (CentOS)
content-type: text/css

GET
H2 200 rss_boxes_dnes.css
rokgrupi.start.bg/templates/css/rss_special/ 3 KB
1005 B 145ms
135ms Stylesheet
text/css 194.12.229.104
EVOLINK-AS Evolin...

General

Check archive.org

Show headers Download Go to

Full URL: https://rokgrupi.start.bg/templates/css/rss_special/rss_boxes_dnes.css
Requested by: Host: rokgrupi.start.bg
URL: https://rokgrupi.start.bg/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 194.12.229.104 Sofia, Bulgaria, ASN8262 (EVOLINK-AS Evolink AD, BG),
Reverse DNS: www.start.bg
Software: Apache/2.2.15 (CentOS) /
Resource Hash: f732e1ff1556e303eae65488753c0a9700e50436e1c4bb4b74cd23f9e70ae34a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://rokgrupi.start.bg/

Response headers

content-encoding: gzip
etag: "42100b-ab8-56630faa7ea40"
accept-ranges: bytes
content-length: 805
date: Sun, 22 Dec 2024 14:05:33 GMT
last-modified: Tue, 27 Feb 2018 12:43:53 GMT
vary: Accept-Encoding
server: Apache/2.2.15 (CentOS)
content-type: text/css

GET
H2

200

625-0000625256.jpg
www.dnes.bg/media/files/resized/article/200x113/625/
Redirect Chain

https://dnes.bg/media/files/resized/article/200x113/625/625-0000625256.jpg
https://www.dnes.bg/media/files/resized/article/200x113/625/625-0000625256.jpg

5 KB
6 KB

164ms
137ms

Image
image/jpeg

194.12.229.102
EVOLINK-AS Evolin...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.dnes.bg/media/files/resized/article/200x113/625/625-0000625256.jpg
Requested by: Host: rokgrupi.start.bg
URL: https://rokgrupi.start.bg/
Protocol: H2
Server: 194.12.229.102 Sofia, Bulgaria, ASN8262 (EVOLINK-AS Evolink AD, BG),
Reverse DNS
Software: Apache /
Resource Hash: c169bd613a8b17acec4304e2e2e14782ec7e5efdbe9570f40b7161b997170553

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://rokgrupi.start.bg/

Response headers

cache-control: max-age=604800, private
etag: "159d-627f8dbf68684"
expires: Sun, 29 Dec 2024 14:05:33 GMT
accept-ranges: bytes
content-length: 5533
date: Sun, 22 Dec 2024 14:05:33 GMT
last-modified: Thu, 28 Nov 2024 13:14:16 GMT
vary: *
server: Apache
content-type: image/jpeg

Redirect headers

expires: Sun, 22 Dec 2024 14:05:34 GMT
cache-control: max-age=1, private
location: https://www.dnes.bg/media/files/resized/article/200x113/625/625-0000625256.jpg
content-length: 286
date: Sun, 22 Dec 2024 14:05:33 GMT
content-type: text/html; charset=iso-8859-1
server: Apache

GET
H2

200

625-0000625202.jpg
www.dnes.bg/media/files/resized/article/200x113/625/
Redirect Chain

https://dnes.bg/media/files/resized/article/200x113/625/625-0000625202.jpg
https://www.dnes.bg/media/files/resized/article/200x113/625/625-0000625202.jpg

8 KB
8 KB

169ms
139ms

Image
image/jpeg

194.12.229.102
EVOLINK-AS Evolin...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.dnes.bg/media/files/resized/article/200x113/625/625-0000625202.jpg
Requested by: Host: rokgrupi.start.bg
URL: https://rokgrupi.start.bg/
Protocol: H2
Server: 194.12.229.102 Sofia, Bulgaria, ASN8262 (EVOLINK-AS Evolink AD, BG),
Reverse DNS
Software: Apache /
Resource Hash: 909e34677ef6cb135b93dfeed89ab216624ae9a79429b31e4de75c0117fea2bb

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://rokgrupi.start.bg/

Response headers

cache-control: max-age=604800, private
etag: "1fcc-627f8dbf6c8ec"
expires: Sun, 29 Dec 2024 14:05:33 GMT
accept-ranges: bytes
content-length: 8140
date: Sun, 22 Dec 2024 14:05:33 GMT
last-modified: Thu, 28 Nov 2024 13:14:16 GMT
vary: *
server: Apache
content-type: image/jpeg

Redirect headers

expires: Sun, 22 Dec 2024 14:05:34 GMT
cache-control: max-age=1, private
location: https://www.dnes.bg/media/files/resized/article/200x113/625/625-0000625202.jpg
content-length: 286
date: Sun, 22 Dec 2024 14:05:33 GMT
content-type: text/html; charset=iso-8859-1
server: Apache

GET
H2 200 icon_recommend_link.png
rokgrupi.start.bg/templates/i/ 3 KB
3 KB 193ms
186ms Image
image/png 194.12.229.104
EVOLINK-AS Evolin...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rokgrupi.start.bg/templates/i/icon_recommend_link.png
Requested by: Host: rokgrupi.start.bg
URL: https://rokgrupi.start.bg/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 194.12.229.104 Sofia, Bulgaria, ASN8262 (EVOLINK-AS Evolink AD, BG),
Reverse DNS: www.start.bg
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 18491c66d5e5c390695457ad2671b234d78cd882e39477f7d71cb9d77255f76e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://rokgrupi.start.bg/

Response headers

accept-ranges: bytes
content-length: 3310
date: Sun, 22 Dec 2024 14:05:33 GMT
etag: "5a02ff-cee-56630fae174b8"
last-modified: Tue, 27 Feb 2018 12:43:57 GMT
content-type: image/png
server: Apache/2.2.15 (CentOS)

GET
H2 200 img-logo-footer.png
rokgrupi.start.bg/ 5 KB
5 KB 193ms
186ms Image
image/png 194.12.229.104
EVOLINK-AS Evolin...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rokgrupi.start.bg/img-logo-footer.png
Requested by: Host: rokgrupi.start.bg
URL: https://rokgrupi.start.bg/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 194.12.229.104 Sofia, Bulgaria, ASN8262 (EVOLINK-AS Evolink AD, BG),
Reverse DNS: www.start.bg
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 74417638953acb52a67fefb8217c24c9823fbbb3953ba9942362be7d3425f586

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://rokgrupi.start.bg/

Response headers

accept-ranges: bytes
content-length: 4825
date: Sun, 22 Dec 2024 14:05:33 GMT
etag: "382b9a-12d9-5a2385d63a21b"
last-modified: Wed, 01 Apr 2020 10:44:12 GMT
content-type: image/png
server: Apache/2.2.15 (CentOS)

GET
H2 200 v53f.js Show response
secure-it.imrworldwide.com/ 13 KB
4 KB 481ms
119ms Script
application/javascript 52.209.34.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure-it.imrworldwide.com/v53f.js
Requested by: Host: rokgrupi.start.bg
URL: https://rokgrupi.start.bg/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.209.34.152 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-209-34-152.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: c38f81a65e43f2a7e3a74f32ba5f2cc38a0ab21c96edc96309b76e7729575ef3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://rokgrupi.start.bg/

Response headers

content-encoding: gzip
etag: "67506a6c-e26"
accept-ch: Sec-Ch-Ua-Model, Sec-Ch-Ua-Platform, Sec-Ch-Ua-Platform-Version
cross-origin-resource-policy: cross-origin
access-control-allow-methods: POST, OPTIONS
access-control-allow-origin: *
content-length: 3622
date: Sun, 22 Dec 2024 14:05:33 GMT
content-type: application/javascript
last-modified: Wed, 04 Dec 2024 14:42:52 GMT
server: nginx

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 239 KB
61 KB 112ms
53ms Script
application/x-javascript 31.13.65.7
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: rokgrupi.start.bg
URL: https://rokgrupi.start.bg/

Protocol

Security

QUIC, , AES_128_GCM

Server

31.13.65.7 Lithia Springs, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-atl3.fbcdn.net

Software

Resource Hash

24751cbae618f6fbeb532498fd1ceeda5350f30085086cd5426961a2695e3d9f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src 'nonce-EmvO1cMt' .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://rokgrupi.start.bg/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Sun, 22 Dec 2024 14:05:33 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: *;script-src 'nonce-EmvO1cMt' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: GOOD; q=0.7, rtt=51, rtx=0, c=23, mss=1232, tbw=4515, tp=9, tpl=0, uplat=0, ullat=-1
pragma: public
x-fb-debug: YXXidWH1fdMXXsEmvhYE53AN6pJs+PALKHV3uCR26eoF6TnhuZvH6trO/P1fxl3cx/AT26t212JdHjZEc72nCw==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
content-length: 62282
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H2 200 loader.js Show response
cdn.taboola.com/libtrc/investorgroup-startbg/ 145 KB
44 KB 95ms
48ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/investorgroup-startbg/loader.js
Requested by: Host: rokgrupi.start.bg
URL: https://rokgrupi.start.bg/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 40fc0d69875ba7ef2b0d54d1d93716b53a73f670c36a003e18f9dc6ab37df85f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://rokgrupi.start.bg/

Response headers

content-encoding: gzip
etag: "e51758ae702a9cf63ce7a34987b1fae4"
x-amz-version-id: EUOMCHJnCys2UnFHYGJKxTprIqtnWR07
age: 0
x-cache: HIT
date: Sun, 22 Dec 2024 14:05:33 GMT
last-modified: Wed, 01 May 2024 13:19:56 GMT
x-served-by: cache-yyz4526-YYZ
x-cache-hits: 0
content-type: application/javascript; charset=utf-8
x-amz-id-2: GsOgXKTcJ2FJbGA3l1hZAZ8HzfeeM/TmcbsUVpIZ5GxZsqGKWZ6S3W5tldnW8jVokInoJcG9vcw=
vary: Accept-Encoding
x-amz-replication-status: FAILED
cache-control: private,max-age=14401
x-timer: S1734876333.092119,VS0,VE29
via: 1.1 varnish
x-amz-request-id: 2FR1APP46JP8GGJK
accept-ranges: bytes
access-control-allow-origin: *
abp: 90
content-length: 44864
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 206 KB
73 KB 128ms
53ms Script
application/javascript 142.250.64.104
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-K72V3KFX

Requested by

Host: rokgrupi.start.bg
URL: https://rokgrupi.start.bg/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.64.104 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s31-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

a7c602458281beeb1c9bf6c37595c1e84f5992a990bc1159ac6cf9b7b6e756af

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://rokgrupi.start.bg/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires: Sun, 22 Dec 2024 14:05:33 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 22 Dec 2024 14:05:33 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Sun, 22 Dec 2024 12:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 74422
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 plusone.js Show response
apis.google.com/js/ 63 KB
24 KB 224ms
114ms Script
text/javascript 142.250.81.238
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/plusone.js

Requested by

Host: rokgrupi.start.bg
URL: https://rokgrupi.start.bg/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.81.238 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s74-in-f14.1e100.net

Software

sffe /

Resource Hash

96b335b41362fd966c7e5e547db375ef0be7dcb2aec66bf3646782eeaed4b2cf

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://rokgrupi.start.bg/

Response headers

content-encoding: gzip
etag: "8a9123f6cf0cb51d"
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
x-content-type-options: nosniff
expires: Sun, 22 Dec 2024 14:05:33 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 22 Dec 2024 14:05:33 GMT
content-type: text/javascript
vary: Accept-Encoding
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
cache-control: private, max-age=1800, stale-while-revalidate=1800
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="gapi-team"
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
content-length: 24179
x-xss-protection: 0
server: sffe

GET
H2 200 links_line_new_back_2.png
rokgrupi.start.bg/templates/i/ 23 KB
23 KB 185ms
183ms Image
image/png 194.12.229.104
EVOLINK-AS Evolin...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rokgrupi.start.bg/templates/i/links_line_new_back_2.png
Requested by: Host: rokgrupi.start.bg
URL: https://rokgrupi.start.bg/templates/css/main.css??v=20120629
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 194.12.229.104 Sofia, Bulgaria, ASN8262 (EVOLINK-AS Evolink AD, BG),
Reverse DNS: www.start.bg
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 9391d8a655b4fe04db6263f98dd65317efc78868a64a30c0a4c678177cf104c0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://rokgrupi.start.bg/templates/css/main.css??v=20120629

Response headers

accept-ranges: bytes
content-length: 23419
date: Sun, 22 Dec 2024 14:05:33 GMT
etag: "5a08f2-5b7b-56630fae210f8"
last-modified: Tue, 27 Feb 2018 12:43:57 GMT
content-type: image/png
server: Apache/2.2.15 (CentOS)

GET
H2 200 nll_inv_logo_2.png
rokgrupi.start.bg/templates/i/ 3 KB
3 KB 181ms
178ms Image
image/png 194.12.229.104
EVOLINK-AS Evolin...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rokgrupi.start.bg/templates/i/nll_inv_logo_2.png
Requested by: Host: rokgrupi.start.bg
URL: https://rokgrupi.start.bg/templates/css/main.css??v=20120629
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 194.12.229.104 Sofia, Bulgaria, ASN8262 (EVOLINK-AS Evolink AD, BG),
Reverse DNS: www.start.bg
Software: Apache/2.2.15 (CentOS) /
Resource Hash: eb79a6b8caef93bbea6b219738b68127fb1f7daba128565fc3b17dc576be7284

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://rokgrupi.start.bg/templates/css/main.css??v=20120629

Response headers

accept-ranges: bytes
content-length: 3091
date: Sun, 22 Dec 2024 14:05:33 GMT
etag: "5a0935-c13-56630fae6bc49"
last-modified: Tue, 27 Feb 2018 12:43:57 GMT
content-type: image/png
server: Apache/2.2.15 (CentOS)

GET
H2 200 nll_curr_back_2.png
rokgrupi.start.bg/templates/i/ 3 KB
3 KB 179ms
176ms Image
image/png 194.12.229.104
EVOLINK-AS Evolin...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rokgrupi.start.bg/templates/i/nll_curr_back_2.png
Requested by: Host: rokgrupi.start.bg
URL: https://rokgrupi.start.bg/templates/css/main.css??v=20120629
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 194.12.229.104 Sofia, Bulgaria, ASN8262 (EVOLINK-AS Evolink AD, BG),
Reverse DNS: www.start.bg
Software: Apache/2.2.15 (CentOS) /
Resource Hash: f70f27072692ae38d6ce555af2df626b6183cb878903a6998e42224788e785b1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://rokgrupi.start.bg/templates/css/main.css??v=20120629

Response headers

accept-ranges: bytes
content-length: 2842
date: Sun, 22 Dec 2024 14:05:33 GMT
etag: "5a0655-b1a-56630fae6aca8"
last-modified: Tue, 27 Feb 2018 12:43:57 GMT
content-type: image/png
server: Apache/2.2.15 (CentOS)

GET
H2 200 nll_curr_back.png
rokgrupi.start.bg/templates/i/ 4 KB
4 KB 179ms
177ms Image
image/png 194.12.229.104
EVOLINK-AS Evolin...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rokgrupi.start.bg/templates/i/nll_curr_back.png
Requested by: Host: rokgrupi.start.bg
URL: https://rokgrupi.start.bg/templates/css/main.css??v=20120629
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 194.12.229.104 Sofia, Bulgaria, ASN8262 (EVOLINK-AS Evolink AD, BG),
Reverse DNS: www.start.bg
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 404c2285b21d7174de5bdb390b2fe8397c6f96c925ccaae7590280eea6d09c4c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://rokgrupi.start.bg/templates/css/main.css??v=20120629

Response headers

accept-ranges: bytes
content-length: 3757
date: Sun, 22 Dec 2024 14:05:33 GMT
etag: "5a0393-ead-56630fae69920"
last-modified: Tue, 27 Feb 2018 12:43:57 GMT
content-type: image/png
server: Apache/2.2.15 (CentOS)

GET
H2 200 nav_catalogs.png
start.bg/templates/i/00/ 7 KB
7 KB 177ms
175ms Image
image/png 194.12.229.104
EVOLINK-AS Evolin...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://start.bg/templates/i/00/nav_catalogs.png
Requested by: Host: start.bg
URL: https://start.bg/templates/css/themes.php
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 194.12.229.104 Sofia, Bulgaria, ASN8262 (EVOLINK-AS Evolink AD, BG),
Reverse DNS: www.start.bg
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 93ff925ba5cf9fed235e2853ea2eaaa62a2124f3ac4b4b483b3c5a78ce76eec8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://start.bg/templates/css/themes.php

Response headers

accept-ranges: bytes
content-length: 6915
date: Sun, 22 Dec 2024 14:05:33 GMT
etag: "5a08d8-1b03-56630faaa76b6"
last-modified: Tue, 27 Feb 2018 12:43:53 GMT
content-type: image/png
server: Apache/2.2.15 (CentOS)

GET
H2 200 menu-left-orange.png
rokgrupi.start.bg/templates/i/ 2 KB
2 KB 180ms
178ms Image
image/png 194.12.229.104
EVOLINK-AS Evolin...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rokgrupi.start.bg/templates/i/menu-left-orange.png
Requested by: Host: rokgrupi.start.bg
URL: https://rokgrupi.start.bg/templates/css/main.css??v=20120629
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 194.12.229.104 Sofia, Bulgaria, ASN8262 (EVOLINK-AS Evolink AD, BG),
Reverse DNS: www.start.bg
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 20112116cdf4366ecb204de75be331df18bedb0112ce118c54e5727ff6a10457

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://rokgrupi.start.bg/templates/css/main.css??v=20120629

Response headers

accept-ranges: bytes
content-length: 1652
date: Sun, 22 Dec 2024 14:05:33 GMT
etag: "5a0862-674-56630fae42438"
last-modified: Tue, 27 Feb 2018 12:43:57 GMT
content-type: image/png
server: Apache/2.2.15 (CentOS)

GET
H2 200 menu-right.png
start.bg/templates/i/00/ 926 B
1 KB 180ms
178ms Image
image/png 194.12.229.104
EVOLINK-AS Evolin...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://start.bg/templates/i/00/menu-right.png
Requested by: Host: start.bg
URL: https://start.bg/templates/css/themes.php
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 194.12.229.104 Sofia, Bulgaria, ASN8262 (EVOLINK-AS Evolink AD, BG),
Reverse DNS: www.start.bg
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 2920ba8ae352ff014d4770161ac9983ccaf6227b3d4fb1c281bc15d1f84bc23c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://start.bg/templates/css/themes.php

Response headers

accept-ranges: bytes
content-length: 926
date: Sun, 22 Dec 2024 14:05:33 GMT
etag: "5a08d6-39e-56630faaa5759"
last-modified: Tue, 27 Feb 2018 12:43:53 GMT
content-type: image/png
server: Apache/2.2.15 (CentOS)

GET
H2 200 box_search.png
start.bg/templates/i/00/ 2 KB
2 KB 170ms
167ms Image
image/png 194.12.229.104
EVOLINK-AS Evolin...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://start.bg/templates/i/00/box_search.png
Requested by: Host: start.bg
URL: https://start.bg/templates/css/themes.php
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 194.12.229.104 Sofia, Bulgaria, ASN8262 (EVOLINK-AS Evolink AD, BG),
Reverse DNS: www.start.bg
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 6442b54b203d16098ffbe14e66b99eaa4f511e237f3f4527b6838155bc042a5f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://start.bg/templates/css/themes.php

Response headers

accept-ranges: bytes
content-length: 1797
date: Sun, 22 Dec 2024 14:05:33 GMT
etag: "5a08ea-705-56630faaa2c61"
last-modified: Tue, 27 Feb 2018 12:43:53 GMT
content-type: image/png
server: Apache/2.2.15 (CentOS)

GET
H2 200 button_small.png
start.bg/templates/i/00/ 527 B
683 B 251ms
250ms Image
image/png 194.12.229.104
EVOLINK-AS Evolin...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://start.bg/templates/i/00/button_small.png
Requested by: Host: start.bg
URL: https://start.bg/templates/css/themes.php
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 194.12.229.104 Sofia, Bulgaria, ASN8262 (EVOLINK-AS Evolink AD, BG),
Reverse DNS: www.start.bg
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 9d9628fbd913c958e9421cd8ae6faee72c3dced1f6d77476785d1dabaa322de0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://start.bg/templates/css/themes.php

Response headers

accept-ranges: bytes
content-length: 527
date: Sun, 22 Dec 2024 14:05:33 GMT
etag: "5a08db-20f-56630faaa3819"
last-modified: Tue, 27 Feb 2018 12:43:53 GMT
content-type: image/png
server: Apache/2.2.15 (CentOS)

GET
H2 200 bmenu-top.png
start.bg/templates/i/00/ 2 KB
2 KB 169ms
167ms Image
image/png 194.12.229.104
EVOLINK-AS Evolin...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://start.bg/templates/i/00/bmenu-top.png
Requested by: Host: start.bg
URL: https://start.bg/templates/css/themes.php
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 194.12.229.104 Sofia, Bulgaria, ASN8262 (EVOLINK-AS Evolink AD, BG),
Reverse DNS: www.start.bg
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3a4b306243e0054e1b9b962b0d24ac2ece1a46f048db8d5bab104def02b8f41e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://start.bg/templates/css/themes.php

Response headers

accept-ranges: bytes
content-length: 1608
date: Sun, 22 Dec 2024 14:05:33 GMT
etag: "5a08e2-648-56630faa9c777"
last-modified: Tue, 27 Feb 2018 12:43:53 GMT
content-type: image/png
server: Apache/2.2.15 (CentOS)

GET
H2 200 bmenu-main.png
start.bg/templates/i/00/ 190 B
345 B 248ms
247ms Image
image/png 194.12.229.104
EVOLINK-AS Evolin...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://start.bg/templates/i/00/bmenu-main.png
Requested by: Host: start.bg
URL: https://start.bg/templates/css/themes.php
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 194.12.229.104 Sofia, Bulgaria, ASN8262 (EVOLINK-AS Evolink AD, BG),
Reverse DNS: www.start.bg
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 47e6e112949ea41afc6f274a343a9e8a9e33b0ce265830a718c043bd873a19a3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://start.bg/templates/css/themes.php

Response headers

accept-ranges: bytes
content-length: 190
date: Sun, 22 Dec 2024 14:05:33 GMT
etag: "5a08e6-be-56630faa9bbc1"
last-modified: Tue, 27 Feb 2018 12:43:53 GMT
content-type: image/png
server: Apache/2.2.15 (CentOS)

GET
H2 200 arrow_small.gif
start.bg/templates/i/00/ 49 B
203 B 194ms
191ms Image
image/gif 194.12.229.104
EVOLINK-AS Evolin...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://start.bg/templates/i/00/arrow_small.gif
Requested by: Host: start.bg
URL: https://start.bg/templates/css/themes.php
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 194.12.229.104 Sofia, Bulgaria, ASN8262 (EVOLINK-AS Evolink AD, BG),
Reverse DNS: www.start.bg
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 2ca05ee865dcc496c308e6bca47dde3e6bd6f00ba7b10c2491630ac92dd9fc07

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://start.bg/templates/css/themes.php

Response headers

accept-ranges: bytes
content-length: 49
date: Sun, 22 Dec 2024 14:05:33 GMT
etag: "5a08d4-31-56630faa96529"
last-modified: Tue, 27 Feb 2018 12:43:53 GMT
content-type: image/gif
server: Apache/2.2.15 (CentOS)

GET
H2 200 bmenu-bottom.png
start.bg/templates/i/00/ 1 KB
1 KB 251ms
249ms Image
image/png 194.12.229.104
EVOLINK-AS Evolin...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://start.bg/templates/i/00/bmenu-bottom.png
Requested by: Host: start.bg
URL: https://start.bg/templates/css/themes.php
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 194.12.229.104 Sofia, Bulgaria, ASN8262 (EVOLINK-AS Evolink AD, BG),
Reverse DNS: www.start.bg
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 8c93adc8f75a2e34e0c80f069597c85db9818651179f4ce114155bc594b9d2d1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://start.bg/templates/css/themes.php

Response headers

accept-ranges: bytes
content-length: 1249
date: Sun, 22 Dec 2024 14:05:33 GMT
etag: "5a08dd-4e1-56630faa9ac39"
last-modified: Tue, 27 Feb 2018 12:43:53 GMT
content-type: image/png
server: Apache/2.2.15 (CentOS)

GET
H2 200 path_left.png
start.bg/templates/i/00/ 754 B
910 B 171ms
168ms Image
image/png 194.12.229.104
EVOLINK-AS Evolin...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://start.bg/templates/i/00/path_left.png
Requested by: Host: start.bg
URL: https://start.bg/templates/css/themes.php
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 194.12.229.104 Sofia, Bulgaria, ASN8262 (EVOLINK-AS Evolink AD, BG),
Reverse DNS: www.start.bg
Software: Apache/2.2.15 (CentOS) /
Resource Hash: db19fbf67e063b0635293ccd8fda99fce44108fc1544c8069aadb0f0939633ac

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://start.bg/templates/css/themes.php

Response headers

accept-ranges: bytes
content-length: 754
date: Sun, 22 Dec 2024 14:05:33 GMT
etag: "5a08e0-2f2-56630faaa8a20"
last-modified: Tue, 27 Feb 2018 12:43:53 GMT
content-type: image/png
server: Apache/2.2.15 (CentOS)

GET
H2 200 path_m.png
start.bg/templates/i/00/ 179 B
334 B 170ms
168ms Image
image/png 194.12.229.104
EVOLINK-AS Evolin...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://start.bg/templates/i/00/path_m.png
Requested by: Host: start.bg
URL: https://start.bg/templates/css/themes.php
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 194.12.229.104 Sofia, Bulgaria, ASN8262 (EVOLINK-AS Evolink AD, BG),
Reverse DNS: www.start.bg
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 229f33fcfc02b0197d9e8687697576f73d939e7ca6674351d9fed23d8d50e8d5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://start.bg/templates/css/themes.php

Response headers

accept-ranges: bytes
content-length: 179
date: Sun, 22 Dec 2024 14:05:33 GMT
etag: "5a08e8-b3-56630faaaa190"
last-modified: Tue, 27 Feb 2018 12:43:53 GMT
content-type: image/png
server: Apache/2.2.15 (CentOS)

GET
H2 200 path_right.png
start.bg/templates/i/00/ 839 B
995 B 251ms
249ms Image
image/png 194.12.229.104
EVOLINK-AS Evolin...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://start.bg/templates/i/00/path_right.png
Requested by: Host: start.bg
URL: https://start.bg/templates/css/themes.php
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 194.12.229.104 Sofia, Bulgaria, ASN8262 (EVOLINK-AS Evolink AD, BG),
Reverse DNS: www.start.bg
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 65da8aa6933d1b90699ef2b565bb3152c6df2608c479bb0719ac2c32c75ecadc

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://start.bg/templates/css/themes.php

Response headers

accept-ranges: bytes
content-length: 839
date: Sun, 22 Dec 2024 14:05:33 GMT
etag: "5a08e9-347-56630faaab130"
last-modified: Tue, 27 Feb 2018 12:43:53 GMT
content-type: image/png
server: Apache/2.2.15 (CentOS)

GET
H2 200 box_head.png
start.bg/templates/i/00/ 1 KB
2 KB 252ms
252ms Image
image/png 194.12.229.104
EVOLINK-AS Evolin...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://start.bg/templates/i/00/box_head.png
Requested by: Host: start.bg
URL: https://start.bg/templates/css/themes.php
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 194.12.229.104 Sofia, Bulgaria, ASN8262 (EVOLINK-AS Evolink AD, BG),
Reverse DNS: www.start.bg
Software: Apache/2.2.15 (CentOS) /
Resource Hash: c07794d44a289400d06220ce8ccdd97a0e8a1df20f78acf4c462b23b8ee7d8af

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://start.bg/templates/css/themes.php

Response headers

accept-ranges: bytes
content-length: 1420
date: Sun, 22 Dec 2024 14:05:33 GMT
etag: "5a08e5-58c-56630faaa11af"
last-modified: Tue, 27 Feb 2018 12:43:53 GMT
content-type: image/png
server: Apache/2.2.15 (CentOS)

GET
H2 200 box_grid_left.png
start.bg/templates/i/00/ 133 B
288 B 252ms
251ms Image
image/png 194.12.229.104
EVOLINK-AS Evolin...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://start.bg/templates/i/00/box_grid_left.png
Requested by: Host: start.bg
URL: https://start.bg/templates/css/themes.php
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 194.12.229.104 Sofia, Bulgaria, ASN8262 (EVOLINK-AS Evolink AD, BG),
Reverse DNS: www.start.bg
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 93f09b2968b8723fbe0664fc26b4148f7d6b1e0c559789b69ab675fea6019570

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://start.bg/templates/css/themes.php

Response headers

accept-ranges: bytes
content-length: 133
date: Sun, 22 Dec 2024 14:05:33 GMT
etag: "5a08d7-85-56630faa9f289"
last-modified: Tue, 27 Feb 2018 12:43:53 GMT
content-type: image/png
server: Apache/2.2.15 (CentOS)

GET
H2 200 delimiter.png
rokgrupi.start.bg/templates/i/ 126 B
281 B 176ms
174ms Image
image/png 194.12.229.104
EVOLINK-AS Evolin...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rokgrupi.start.bg/templates/i/delimiter.png
Requested by: Host: rokgrupi.start.bg
URL: https://rokgrupi.start.bg/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 194.12.229.104 Sofia, Bulgaria, ASN8262 (EVOLINK-AS Evolink AD, BG),
Reverse DNS: www.start.bg
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 2df119bf8eef628db986393ed21bddea8ae60e4ff65147fb6afc17241c3794a2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://rokgrupi.start.bg/

Response headers

accept-ranges: bytes
content-length: 126
date: Sun, 22 Dec 2024 14:05:33 GMT
etag: "5a0390-7e-56630fae09228"
last-modified: Tue, 27 Feb 2018 12:43:57 GMT
content-type: image/png
server: Apache/2.2.15 (CentOS)

GET
H2 200 box_grid_right.png
start.bg/templates/i/00/ 136 B
291 B 254ms
253ms Image
image/png 194.12.229.104
EVOLINK-AS Evolin...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://start.bg/templates/i/00/box_grid_right.png
Requested by: Host: start.bg
URL: https://start.bg/templates/css/themes.php
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 194.12.229.104 Sofia, Bulgaria, ASN8262 (EVOLINK-AS Evolink AD, BG),
Reverse DNS: www.start.bg
Software: Apache/2.2.15 (CentOS) /
Resource Hash: ff0d3373258f5aa69671c5971030f5484b741384c7ef545da1118f58f8b1b980

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://start.bg/templates/css/themes.php

Response headers

accept-ranges: bytes
content-length: 136
date: Sun, 22 Dec 2024 14:05:33 GMT
etag: "5a08df-88-56630faa9fe42"
last-modified: Tue, 27 Feb 2018 12:43:53 GMT
content-type: image/png
server: Apache/2.2.15 (CentOS)

GET
H2 200 box_foot.png
start.bg/templates/i/00/ 1 KB
1 KB 253ms
252ms Image
image/png 194.12.229.104
EVOLINK-AS Evolin...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://start.bg/templates/i/00/box_foot.png
Requested by: Host: start.bg
URL: https://start.bg/templates/css/themes.php
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 194.12.229.104 Sofia, Bulgaria, ASN8262 (EVOLINK-AS Evolink AD, BG),
Reverse DNS: www.start.bg
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 5dd78d76ed72dfd7c8300d8cb5825fab9a8fd9f5e60d5730506e72c4fc17af99

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://start.bg/templates/css/themes.php

Response headers

accept-ranges: bytes
content-length: 1242
date: Sun, 22 Dec 2024 14:05:33 GMT
etag: "5a08de-4da-56630faa9d718"
last-modified: Tue, 27 Feb 2018 12:43:53 GMT
content-type: image/png
server: Apache/2.2.15 (CentOS)

GET
H2 200 box_grid.gif
start.bg/templates/i/00/ 152 B
307 B 248ms
247ms Image
image/gif 194.12.229.104
EVOLINK-AS Evolin...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://start.bg/templates/i/00/box_grid.gif
Requested by: Host: start.bg
URL: https://start.bg/templates/css/themes.php
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 194.12.229.104 Sofia, Bulgaria, ASN8262 (EVOLINK-AS Evolink AD, BG),
Reverse DNS: www.start.bg
Software: Apache/2.2.15 (CentOS) /
Resource Hash: dedf23db5cf5db6cb6e94c7b3e46411de6d3f0e6115e3e269f40fb199b818df4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://start.bg/templates/css/themes.php

Response headers

accept-ranges: bytes
content-length: 152
date: Sun, 22 Dec 2024 14:05:33 GMT
etag: "5a08dc-98-56630faa9e2d0"
last-modified: Tue, 27 Feb 2018 12:43:53 GMT
content-type: image/gif
server: Apache/2.2.15 (CentOS)

GET
H2 200 impl.20240501-14-RELEASE.js Show response
cdn.taboola.com/libtrc/ 895 KB
182 KB 20ms
19ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/impl.20240501-14-RELEASE.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/investorgroup-startbg/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 4f05d3fd1d449339620ac8db820125dd2aa778bd8eefbfec55a200d28f45f264

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://rokgrupi.start.bg/

Response headers

content-encoding: br
etag: "251e2ddbcfcb2ede0c83eb9a23694fdd"
x-amz-version-id: Hwar2hiHXrpHhJdzmFcOrBdmudt3P_5s
age: 13782
x-cache: HIT
date: Sun, 22 Dec 2024 14:05:33 GMT
last-modified: Thu, 02 May 2024 08:54:50 GMT
content-type: application/javascript
x-served-by: cache-yyz4526-YYZ
x-cache-hits: 12
x-amz-id-2: Kd8BESbjHGbrrOQI0G6MGsQIjGRpbSbLmMeLiQdzlTQvyC6YIQRZmxD3FZQcW7sgGHFZxjfniiY=
vary: Accept-Encoding
cache-control: private,max-age=31536000
x-timer: S1734876333.201692,VS0,VE0
via: 1.1 varnish
x-amz-request-id: X0MPXCZJY182QEZ9
accept-ranges: bytes
access-control-allow-origin: *
abp: 71
content-length: 185778
server: AmazonS3-br
x-amz-server-side-encryption: AES256

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412090101/ 492 KB
153 KB 34ms
33ms Script
text/javascript 142.250.65.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412090101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.226 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s73-in-f2.1e100.net

Software

cafe /

Resource Hash

04d85fdaa240e9c6964c1b3afe75b8802720a8d9a98e6c35f346f599b1113af4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://rokgrupi.start.bg/

Response headers

content-encoding: br
etag: 5395541545685299795
age: 37741
x-content-type-options: nosniff
expires: Mon, 22 Dec 2025 03:36:32 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Sun, 22 Dec 2024 03:36:32 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 156760
x-xss-protection: 0
server: cafe

GET
H2 200 counter.php
rokgrupi.start.bg/ 0
193 B 139ms
137ms Image
text/html 194.12.229.104
EVOLINK-AS Evolin...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rokgrupi.start.bg/counter.php?_pid=2040&_js=1&_c=Y&_r=&_rand=529
Requested by: Host: rokgrupi.start.bg
URL: https://rokgrupi.start.bg/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 194.12.229.104 Sofia, Bulgaria, ASN8262 (EVOLINK-AS Evolink AD, BG),
Reverse DNS: www.start.bg
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://rokgrupi.start.bg/

Response headers

content-encoding: gzip
content-length: 20
date: Sun, 22 Dec 2024 14:05:33 GMT
content-type: text/html; charset=utf-8
x-powered-by: PHP/5.3.3
server: Apache/2.2.15 (CentOS)
vary: Accept-Encoding

GET
H2 200 ibox_back_cnt.png
rokgrupi.start.bg/templates/i/rss_special/common/ 232 B
387 B 140ms
135ms Image
image/png 194.12.229.104
EVOLINK-AS Evolin...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rokgrupi.start.bg/templates/i/rss_special/common/ibox_back_cnt.png
Requested by: Host: rokgrupi.start.bg
URL: https://rokgrupi.start.bg/templates/css/rss_special/common_rss_boxes.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 194.12.229.104 Sofia, Bulgaria, ASN8262 (EVOLINK-AS Evolink AD, BG),
Reverse DNS: www.start.bg
Software: Apache/2.2.15 (CentOS) /
Resource Hash: eb05426766d492bec056403a7293ca69bf317144d054dc39d9ba4de649fd513a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://rokgrupi.start.bg/templates/css/rss_special/common_rss_boxes.css

Response headers

accept-ranges: bytes
content-length: 232
date: Sun, 22 Dec 2024 14:05:33 GMT
etag: "5a05bf-e8-56630faeba618"
last-modified: Tue, 27 Feb 2018 12:43:57 GMT
content-type: image/png
server: Apache/2.2.15 (CentOS)

GET
H2 200 ibox_title_back.png
rokgrupi.start.bg/templates/i/rss_special/common/ 208 B
363 B 141ms
136ms Image
image/png 194.12.229.104
EVOLINK-AS Evolin...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rokgrupi.start.bg/templates/i/rss_special/common/ibox_title_back.png
Requested by: Host: rokgrupi.start.bg
URL: https://rokgrupi.start.bg/templates/css/rss_special/common_rss_boxes.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 194.12.229.104 Sofia, Bulgaria, ASN8262 (EVOLINK-AS Evolink AD, BG),
Reverse DNS: www.start.bg
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 4eea43e4bfce4f24fd26b52d057b0be7f75e6fea7c639b6eaf42381df36c2edb

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://rokgrupi.start.bg/templates/css/rss_special/common_rss_boxes.css

Response headers

accept-ranges: bytes
content-length: 208
date: Sun, 22 Dec 2024 14:05:33 GMT
etag: "5a05a9-d0-56630faebf06c"
last-modified: Tue, 27 Feb 2018 12:43:57 GMT
content-type: image/png
server: Apache/2.2.15 (CentOS)

GET
H2 200 ibox_dnes.png
rokgrupi.start.bg/templates/i/rss_special/dnes/ 1 KB
1 KB 197ms
192ms Image
image/png 194.12.229.104
EVOLINK-AS Evolin...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rokgrupi.start.bg/templates/i/rss_special/dnes/ibox_dnes.png
Requested by: Host: rokgrupi.start.bg
URL: https://rokgrupi.start.bg/templates/css/rss_special/rss_boxes_dnes.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 194.12.229.104 Sofia, Bulgaria, ASN8262 (EVOLINK-AS Evolink AD, BG),
Reverse DNS: www.start.bg
Software: Apache/2.2.15 (CentOS) /
Resource Hash: fdad421d6b195047d70c6029df3ed29c8abb25e72926d7bfe3e0a0cab57fbf28

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://rokgrupi.start.bg/templates/css/rss_special/rss_boxes_dnes.css

Response headers

accept-ranges: bytes
content-length: 1039
date: Sun, 22 Dec 2024 14:05:33 GMT
etag: "5a0501-40f-56630faed0d78"
last-modified: Tue, 27 Feb 2018 12:43:57 GMT
content-type: image/png
server: Apache/2.2.15 (CentOS)

GET
H2 200 ibox_item_back.png
rokgrupi.start.bg/templates/i/rss_special/common/ 212 B
367 B 199ms
194ms Image
image/png 194.12.229.104
EVOLINK-AS Evolin...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rokgrupi.start.bg/templates/i/rss_special/common/ibox_item_back.png
Requested by: Host: rokgrupi.start.bg
URL: https://rokgrupi.start.bg/templates/css/rss_special/common_rss_boxes.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 194.12.229.104 Sofia, Bulgaria, ASN8262 (EVOLINK-AS Evolink AD, BG),
Reverse DNS: www.start.bg
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 6d4e84792908fb3b79de67241216f3529866cc6bfe750859ee5edcae344951d8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://rokgrupi.start.bg/templates/css/rss_special/common_rss_boxes.css

Response headers

accept-ranges: bytes
content-length: 212
date: Sun, 22 Dec 2024 14:05:33 GMT
etag: "5a05aa-d4-56630faebd4f9"
last-modified: Tue, 27 Feb 2018 12:43:57 GMT
content-type: image/png
server: Apache/2.2.15 (CentOS)

GET
H2 200 ibox_but_dns_left.png
rokgrupi.start.bg/templates/i/rss_special/dnes/ 811 B
967 B 197ms
193ms Image
image/png 194.12.229.104
EVOLINK-AS Evolin...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rokgrupi.start.bg/templates/i/rss_special/dnes/ibox_but_dns_left.png
Requested by: Host: rokgrupi.start.bg
URL: https://rokgrupi.start.bg/templates/css/rss_special/rss_boxes_dnes.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 194.12.229.104 Sofia, Bulgaria, ASN8262 (EVOLINK-AS Evolink AD, BG),
Reverse DNS: www.start.bg
Software: Apache/2.2.15 (CentOS) /
Resource Hash: ed98dd22ef82ad3d9c3ccd3a9ef2d6952b486bc07eb61e063be85f3a580ae2f5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://rokgrupi.start.bg/templates/css/rss_special/rss_boxes_dnes.css

Response headers

accept-ranges: bytes
content-length: 811
date: Sun, 22 Dec 2024 14:05:33 GMT
etag: "5a0500-32b-56630faecee38"
last-modified: Tue, 27 Feb 2018 12:43:57 GMT
content-type: image/png
server: Apache/2.2.15 (CentOS)

GET
H2 200 ibox_but_dns_right.png
rokgrupi.start.bg/templates/i/rss_special/dnes/ 622 B
778 B 195ms
191ms Image
image/png 194.12.229.104
EVOLINK-AS Evolin...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rokgrupi.start.bg/templates/i/rss_special/dnes/ibox_but_dns_right.png
Requested by: Host: rokgrupi.start.bg
URL: https://rokgrupi.start.bg/templates/css/rss_special/rss_boxes_dnes.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 194.12.229.104 Sofia, Bulgaria, ASN8262 (EVOLINK-AS Evolink AD, BG),
Reverse DNS: www.start.bg
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 4b65048fac368839dde37eb9b461b41c08adf3a033c0dfbfed6077b93d7fed42

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://rokgrupi.start.bg/templates/css/rss_special/rss_boxes_dnes.css

Response headers

accept-ranges: bytes
content-length: 622
date: Sun, 22 Dec 2024 14:05:33 GMT
etag: "5a0502-26e-56630faecfdd9"
last-modified: Tue, 27 Feb 2018 12:43:57 GMT
content-type: image/png
server: Apache/2.2.15 (CentOS)

GET
H2 200 bmenu_bgr_out.png
rokgrupi.start.bg/templates/i/ 119 B
274 B 194ms
192ms Image
image/png 194.12.229.104
EVOLINK-AS Evolin...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rokgrupi.start.bg/templates/i/bmenu_bgr_out.png
Requested by: Host: rokgrupi.start.bg
URL: https://rokgrupi.start.bg/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 194.12.229.104 Sofia, Bulgaria, ASN8262 (EVOLINK-AS Evolink AD, BG),
Reverse DNS: www.start.bg
Software: Apache/2.2.15 (CentOS) /
Resource Hash: eb48844406676216bbb15a54b442ac5dc74609f10041e09635ff5809698003c5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://rokgrupi.start.bg/

Response headers

accept-ranges: bytes
content-length: 119
date: Sun, 22 Dec 2024 14:05:33 GMT
etag: "5a060c-77-56630fada3929"
last-modified: Tue, 27 Feb 2018 12:43:56 GMT
content-type: image/png
server: Apache/2.2.15 (CentOS)

GET
H2 200 bmenu_left.png
rokgrupi.start.bg/templates/i/ 270 B
426 B 194ms
191ms Image
image/png 194.12.229.104
EVOLINK-AS Evolin...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rokgrupi.start.bg/templates/i/bmenu_left.png
Requested by: Host: rokgrupi.start.bg
URL: https://rokgrupi.start.bg/templates/css/main.css??v=20120629
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 194.12.229.104 Sofia, Bulgaria, ASN8262 (EVOLINK-AS Evolink AD, BG),
Reverse DNS: www.start.bg
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3c0ca7291b988591188905fdbb0f1d3cd89fd90316f703be37c56e8897bc92cd

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://rokgrupi.start.bg/templates/css/main.css??v=20120629

Response headers

accept-ranges: bytes
content-length: 270
date: Sun, 22 Dec 2024 14:05:33 GMT
etag: "5a038e-10e-56630fada5098"
last-modified: Tue, 27 Feb 2018 12:43:56 GMT
content-type: image/png
server: Apache/2.2.15 (CentOS)

GET
H2 200 bmenu_bgr_in.png
rokgrupi.start.bg/templates/i/ 132 B
287 B 192ms
190ms Image
image/png 194.12.229.104
EVOLINK-AS Evolin...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rokgrupi.start.bg/templates/i/bmenu_bgr_in.png
Requested by: Host: rokgrupi.start.bg
URL: https://rokgrupi.start.bg/templates/css/main.css??v=20120629
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 194.12.229.104 Sofia, Bulgaria, ASN8262 (EVOLINK-AS Evolink AD, BG),
Reverse DNS: www.start.bg
Software: Apache/2.2.15 (CentOS) /
Resource Hash: c0bd6608323599a04108e775357527671266fc71a521425577c36287720c4caf

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://rokgrupi.start.bg/templates/css/main.css??v=20120629

Response headers

accept-ranges: bytes
content-length: 132
date: Sun, 22 Dec 2024 14:05:33 GMT
etag: "5a04a2-84-56630fada29ca"
last-modified: Tue, 27 Feb 2018 12:43:56 GMT
content-type: image/png
server: Apache/2.2.15 (CentOS)

GET
H2 200 bmenu_right.png
rokgrupi.start.bg/templates/i/ 250 B
405 B 196ms
193ms Image
image/png 194.12.229.104
EVOLINK-AS Evolin...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rokgrupi.start.bg/templates/i/bmenu_right.png
Requested by: Host: rokgrupi.start.bg
URL: https://rokgrupi.start.bg/templates/css/main.css??v=20120629
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 194.12.229.104 Sofia, Bulgaria, ASN8262 (EVOLINK-AS Evolink AD, BG),
Reverse DNS: www.start.bg
Software: Apache/2.2.15 (CentOS) /
Resource Hash: bd51626cbfe5a957015ff8cc16a3b75aeeb8fb74c11c61585cacc4291f292242

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://rokgrupi.start.bg/templates/css/main.css??v=20120629

Response headers

accept-ranges: bytes
content-length: 250
date: Sun, 22 Dec 2024 14:05:33 GMT
etag: "5a02fe-fa-56630fada6051"
last-modified: Tue, 27 Feb 2018 12:43:56 GMT
content-type: image/png
server: Apache/2.2.15 (CentOS)

GET
H2 200 bmenu_bgr.png
rokgrupi.start.bg/templates/i/ 110 B
265 B 191ms
189ms Image
image/png 194.12.229.104
EVOLINK-AS Evolin...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rokgrupi.start.bg/templates/i/bmenu_bgr.png
Requested by: Host: rokgrupi.start.bg
URL: https://rokgrupi.start.bg/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 194.12.229.104 Sofia, Bulgaria, ASN8262 (EVOLINK-AS Evolink AD, BG),
Reverse DNS: www.start.bg
Software: Apache/2.2.15 (CentOS) /
Resource Hash: ea3f50c8919a295f70ab139351c0265c5ff72da651f9639dda490ea041fdcad7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://rokgrupi.start.bg/

Response headers

accept-ranges: bytes
content-length: 110
date: Sun, 22 Dec 2024 14:05:33 GMT
etag: "5a0846-6e-56630fad64d40"
last-modified: Tue, 27 Feb 2018 12:43:56 GMT
content-type: image/png
server: Apache/2.2.15 (CentOS)

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 445ms
66ms Script
text/javascript 142.250.80.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: rokgrupi.start.bg
URL: https://rokgrupi.start.bg/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.80.110 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s36-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://rokgrupi.start.bg/

Response headers

content-encoding: gzip
age: 5512
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],}
x-content-type-options: nosniff
expires: Sun, 22 Dec 2024 14:33:41 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 22 Dec 2024 12:33:41 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
content-type: text/javascript
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 20994
server: Golfe2

GET
H3 200 589571394944032 Show response
connect.facebook.net/signals/config/ 69 KB
14 KB 227ms
227ms Script
application/x-javascript 31.13.65.7
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/589571394944032?v=2.9.179&r=stable&domain=rokgrupi.start.bg&hme=b8122d5d96cd6f542162ba4f497489972d1ebe228d24c39d34f560e30ae932ce&ex_m=70%2C122%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C173%2C176%2C188%2C184%2C185%2C187%2C29%2C101%2C53%2C77%2C186%2C168%2C171%2C181%2C182%2C189%2C132%2C41%2C191%2C192%2C34%2C144%2C15%2C50%2C197%2C196%2C134%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C169%2C172%2C141%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

31.13.65.7 Lithia Springs, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-atl3.fbcdn.net

Software

Resource Hash

d4cc3d380a6da5406f64bb58a39eb3d7e32978b96e609bcf650dc268aae69421

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src 'nonce-r4WFewDf' .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://rokgrupi.start.bg/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Sun, 22 Dec 2024 14:05:33 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: *;script-src 'nonce-r4WFewDf' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
x-fb-connection-quality: GOOD; q=0.7, rtt=51, rtx=0, c=77, mss=1232, tbw=70499, tp=65, tpl=0, uplat=119, ullat=0
pragma: public
x-fb-debug: IkdajTuCU4d+58Dan6OmV+rmsdcYpV4qyK/PCz5ONXu4kGnu7JGqbc4Q7WIZKYC6O02tp+W/2/z3Z/wIClB0zA==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H2 200 google-topics-api.20240501-14-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 2 KB
1 KB 22ms
21ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/google-topics-api.20240501-14-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/investorgroup-startbg/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 83e432ca25dfce3834ce0da6b52aefd14fea84af71e9f13efca0063a1ad7e321

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://rokgrupi.start.bg/

Response headers

content-encoding: gzip
etag: "9c8730227a121b3f5eb03defacf0bd16"
x-amz-version-id: szRtXYH2gmEbND8kKMCfcoIn5TtvmzJ7
age: 448774
x-cache: HIT
date: Sun, 22 Dec 2024 14:05:33 GMT
last-modified: Thu, 02 May 2024 08:55:20 GMT
x-served-by: cache-yyz4526-YYZ
x-cache-hits: 78
content-type: application/javascript; charset=utf-8
x-amz-id-2: 7nvwmCiH63jsvyL/W8qZh7EXzzgNQ5272VBGd0YkY5cz4/Z9Hb6zVEIdB7/BvZVfFccudHZGBKQ=
vary: Accept-Encoding
x-amz-replication-status: COMPLETED
cache-control: private,max-age=2629743
x-timer: S1734876333.361974,VS0,VE0
via: 1.1 varnish
x-amz-request-id: BQ8R2JQ6A4A10KF9
accept-ranges: bytes
access-control-allow-origin: *
abp: 79
content-length: 955
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 sync Show response
gum.criteo.com/ 46 B
710 B 115ms
38ms Script
text/javascript 74.119.117.17
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS

Requested by

Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20240501-14-RELEASE.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.117.17 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://rokgrupi.start.bg/

Response headers

strict-transport-security: max-age=31536000; preload;
cache-control: private, max-age=3600
content-encoding: gzip
server-processing-duration-in-ticks: 247853
expires: 60
date: Sun, 22 Dec 2024 14:05:32 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
server: Kestrel

GET
H2 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.eXGUr_3hPjA.O/m=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-g8reFxkIuQ1pTpW4rHM0-Devz-A/ 155 KB
53 KB 34ms
33ms Script
text/javascript 142.250.81.238
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.eXGUr_3hPjA.O/m=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-g8reFxkIuQ1pTpW4rHM0-Devz-A/cb=gapi.loaded_0?le=scs

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/plusone.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.81.238 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s74-in-f14.1e100.net

Software

sffe /

Resource Hash

7c8402330e0ceb87cf473bc11b340d6b824162a6f20ad0d68303117290978bb2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://rokgrupi.start.bg/

Response headers

content-encoding: gzip
age: 177902
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
x-content-type-options: nosniff
expires: Sat, 20 Dec 2025 12:40:31 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 20 Dec 2024 12:40:31 GMT
last-modified: Mon, 02 Dec 2024 19:38:27 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=31536000
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
accept-ranges: bytes
access-control-allow-origin: *
content-length: 54256
x-xss-protection: 0
server: sffe

GET
H2 200 cb=gapi.loaded_1 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.eXGUr_3hPjA.O/m=auth/exm=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-g8reFxkIuQ1pTpW4rHM0-Devz-A/ 99 KB
34 KB 86ms
86ms Script
text/javascript 142.250.81.238
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.eXGUr_3hPjA.O/m=auth/exm=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-g8reFxkIuQ1pTpW4rHM0-Devz-A/cb=gapi.loaded_1?le=scs

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/plusone.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.81.238 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s74-in-f14.1e100.net

Software

sffe /

Resource Hash

9ccbb55b32677ee3d4a6d4238f0e6e3b6af56f9b8a9f9ac8cb2aa67d4a653ea2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://rokgrupi.start.bg/

Response headers

content-encoding: gzip
age: 178482
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
x-content-type-options: nosniff
expires: Sat, 20 Dec 2025 12:30:51 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 20 Dec 2024 12:30:51 GMT
last-modified: Mon, 02 Dec 2024 19:38:27 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=31536000
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
accept-ranges: bytes
access-control-allow-origin: *
content-length: 34882
x-xss-protection: 0
server: sffe

GET fastbutton
apis.google.com/u/0/se/0/_/+1/ Frame AF62 0
0

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 329 KB
109 KB 60ms
59ms Script
application/javascript 142.250.64.104
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-QPK7X91FPK&l=dataLayer&cx=c&gtm=45He4cc1v9174316107za200

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K72V3KFX

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.64.104 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s31-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

25cf987e431553251aeb5b2029c86b08d2ed625d00b5e1faab40602058972e11

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://rokgrupi.start.bg/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Sun, 22 Dec 2024 14:05:33 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 22 Dec 2024 14:05:33 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 110968
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 328 KB
108 KB 69ms
69ms Script
application/javascript 142.250.64.104
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-J0D31ZH87L&l=dataLayer&cx=c&gtm=45He4cc1v9174316107za200

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K72V3KFX

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.64.104 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s31-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

7beb3d5bd3236f320f0bfa4f0d04a41d9027a7f2ec322834e3f50d01fe471305

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://rokgrupi.start.bg/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Sun, 22 Dec 2024 14:05:33 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 22 Dec 2024 14:05:33 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 110813
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 1001631 Show response
fundingchoicesmessages.google.com/i/ 197 KB
65 KB 181ms
75ms Script
application/javascript 142.250.80.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/1001631?ers=3

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412090101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.80.110 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s36-in-f14.1e100.net

Software

ESF /

Resource Hash

14f1701383e88cac8f33e0c9beded263b52950844d7931ac8180984f3d1ec636

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-AaHzrIZWMnwN4NUDzdpAdw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://rokgrupi.start.bg/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 22 Dec 2024 14:05:33 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjKtDikmLw0JBikPj6kkkNiJ3SZ7AGAHHrzXOsk4HYaO15VgcgTvp3nrUAiA0VLrHaA7Fj0SVWTyBW7bnEagzE99ddYn0OxB_qL7P-AOIZ5y-zLgDiIokrrA1AzPD1CisHEAvxcKzduWA3m8CHiXN3MilpJOUXxifn55UUZSaVluQXpSWnpRanFpWlFsUbGRiZGBoZGukZGMYXGAAAgD1FYw"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-AaHzrIZWMnwN4NUDzdpAdw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin: *
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

GET
H2 200 taboola-browsing-topics.html
cdn.taboola.com/libtrc/static/topics/ Frame BC5D 0
0 66ms
19ms Document
text/html 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/static/topics/taboola-browsing-topics.html
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/google-topics-api.20240501-14-RELEASE.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://rokgrupi.start.bg/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

abp: 3
accept-ranges: bytes
access-control-allow-origin: *
age: 23839
cache-control: private,max-age=31536000
content-encoding: gzip
content-length: 340
content-type: text/html
date: Sun, 22 Dec 2024 14:05:33 GMT
etag: "8b140f0f0f6e1a0f986cc7d6dfd74d65"
last-modified: Tue, 13 Feb 2024 13:15:59 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 varnish
x-amz-id-2: oUnEAZW9YnGFtKELlc077HZn8qed7Gh+TbUo1sFSJxCj7Q8L/Y8kWWumU+wXJt6PqAa4Sy9Nf+A=
x-amz-replication-status: COMPLETED
x-amz-request-id: 61NPCKGZW1QK7X1S
x-amz-server-side-encryption: AES256
x-amz-version-id: 4MpQ_aQntJKuJTBB3LGK3B7cfa8k5k0b
x-cache: HIT
x-cache-hits: 3112
x-served-by: cache-yyz4540-YYZ
x-timer: S1734876334.589975,VS0,VE0

GET
H2

200

m
secure-it.imrworldwide.com/cgi-bin/
Redirect Chain

https://secure-it.imrworldwide.com/cgi-bin/m?rnd=1734876333536&ci=bg-investorbg&cg=0&cc=1&ts=v53f.js&sr=1600x1200&cd=24&lg=en-CA&je=n&ck=y&tz=-8&fl=-1&si=https%3A//rokgrupi.start.bg/&rp=
https://secure-it.imrworldwide.com/cgi-bin/m?rnd=1734876333536&ci=bg-investorbg&cg=0&cc=1&ts=v53f.js&sr=1600x1200&cd=24&lg=en-CA&je=n&ck=y&tz=-8&fl=-1&si=https%3A//rokgrupi.start.bg/&rp=&ja=1

44 B
424 B

128ms
127ms

Image
image/gif

52.209.34.152
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-it.imrworldwide.com/cgi-bin/m?rnd=1734876333536&ci=bg-investorbg&cg=0&cc=1&ts=v53f.js&sr=1600x1200&cd=24&lg=en-CA&je=n&ck=y&tz=-8&fl=-1&si=https%3A//rokgrupi.start.bg/&rp=&ja=1
Requested by: Host: rokgrupi.start.bg
URL: https://rokgrupi.start.bg/
Protocol: H2
Server: 52.209.34.152 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-209-34-152.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://rokgrupi.start.bg/

Response headers

cache-control: no-cache
pragma: no-cache
accept-ch: Sec-Ch-Ua-Model, Sec-Ch-Ua-Platform, Sec-Ch-Ua-Platform-Version
cross-origin-resource-policy: cross-origin
access-control-allow-methods: POST, OPTIONS
expires: Thu, 01 Dec 1994 16:00:00 GMT
access-control-allow-origin: *
content-length: 44
p3p: P3P policyref="http://secure-it.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
date: Sun, 22 Dec 2024 14:05:33 GMT
content-type: image/gif
server: nginx

Redirect headers

cache-control: no-cache
location: https://secure-it.imrworldwide.com/cgi-bin/m?rnd=1734876333536&ci=bg-investorbg&cg=0&cc=1&ts=v53f.js&sr=1600x1200&cd=24&lg=en-CA&je=n&ck=y&tz=-8&fl=-1&si=https%3A//rokgrupi.start.bg/&rp=&ja=1
pragma: no-cache
accept-ch: Sec-Ch-Ua-Model, Sec-Ch-Ua-Platform, Sec-Ch-Ua-Platform-Version
cross-origin-resource-policy: cross-origin
access-control-allow-methods: POST, OPTIONS
expires: Thu, 01 Dec 1994 16:00:00 GMT
access-control-allow-origin: *
content-length: 0
p3p: P3P policyref="http://secure-it.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
date: Sun, 22 Dec 2024 14:05:33 GMT
server: nginx

GET
H2 200 postmessageRelay
accounts.google.com/o/oauth2/ Frame 702E 0
0 388ms
56ms Document
text/html 64.233.180.84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Frokgrupi.start.bg&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.eXGUr_3hPjA.O%2Fd%3D1%2Frs%3DAHpOoo-g8reFxkIuQ1pTpW4rHM0-Devz-A%2Fm%3D__features__

Requested by

Host: apis.google.com
URL: https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.eXGUr_3hPjA.O/m=auth/exm=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-g8reFxkIuQ1pTpW4rHM0-Devz-A/cb=gapi.loaded_1?le=scs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.180.84 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

on-in-f84.1e100.net

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /o/cspreport script-src 'report-sample' 'nonce-2PQZDjalMkXujX1EvjbHKQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://rokgrupi.start.bg/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: require-trusted-types-for 'script';report-uri /o/cspreport script-src 'report-sample' 'nonce-2PQZDjalMkXujX1EvjbHKQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
content-type: text/html; charset=utf-8
cross-origin-resource-policy: same-site
date: Sun, 22 Dec 2024 14:05:33 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
server: ESF
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 xgemius.js Show response
gabg.hit.gemius.pl/ 70 KB
20 KB 1440ms
138ms Script
text/javascript 78.128.6.42
Telepoint Telepoi...

General

Check archive.org

Show headers Download Go to

Full URL: https://gabg.hit.gemius.pl/xgemius.js
Requested by: Host: rokgrupi.start.bg
URL: https://rokgrupi.start.bg/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 78.128.6.42 , Bulgaria, ASN31083 (Telepoint Telepoint Ltd, BG),
Reverse DNS: ip-6-42.telehouse.bg
Software: GHC /
Resource Hash: adabd389d3390337abf62cc9935c593988a55a1ec75a648241afbb9e74e87090

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://rokgrupi.start.bg/

Response headers

cache-control: max-age=43200
content-encoding: gzip
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor
cross-origin-resource-policy: cross-origin
expires: Mon, 23 Dec 2024 02:05:34 GMT
accept-ranges: none
p3p: CP="NOI DSP COR NID PSAo OUR IND"
content-length: 20492
date: Sun, 22 Dec 2024 14:05:34 GMT
last-modified: Wed, 11 Dec 2024 07:33:05 GMT
vary: Accept-Encoding,Origin
server: GHC
content-type: text/javascript

GET
H2 200 la.gif
rokgrupi.start.bg/templates/i/ 6 KB
6 KB 137ms
136ms Image
image/gif 194.12.229.104
EVOLINK-AS Evolin...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rokgrupi.start.bg/templates/i/la.gif
Requested by: Host: rokgrupi.start.bg
URL: https://rokgrupi.start.bg/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 194.12.229.104 Sofia, Bulgaria, ASN8262 (EVOLINK-AS Evolink AD, BG),
Reverse DNS: www.start.bg
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e69abd7e0cc82f336e61fea889e406ecbbeb7ece1df960231b7a9ba0d1dd1676

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://rokgrupi.start.bg/

Response headers

accept-ranges: bytes
content-length: 5886
date: Sun, 22 Dec 2024 14:05:33 GMT
etag: "5a06c2-16fe-56630fae1d660"
last-modified: Tue, 27 Feb 2018 12:43:57 GMT
content-type: image/gif
server: Apache/2.2.15 (CentOS)

GET
H3 200 /
www.facebook.com/tr/ 0
16 B 113ms
58ms Image
text/plain 31.13.65.36
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=589571394944032&ev=PageView&dl=https%3A%2F%2Frokgrupi.start.bg%2F&rl=&if=false&ts=1734876333621&sw=1600&sh=1200&v=2.9.179&r=stable&ec=0&o=4126&fbp=fb.1.1734876333619.407490318221064886&ler=empty&cdl=API_unavailable&it=1734876333307&coo=false&rqm=GET

Requested by

Host: rokgrupi.start.bg
URL: https://rokgrupi.start.bg/

Protocol

Security

QUIC, , AES_128_GCM

Server

31.13.65.36 Lithia Springs, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-atl3.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://rokgrupi.start.bg/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: GOOD; q=0.7, rtt=51, rtx=0, c=23, mss=1232, tbw=4531, tp=10, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Sun, 22 Dec 2024 14:05:33 GMT
content-type: text/plain
server: proxygen-bolt
priority: u=3,i

GET
H3 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
198 B 239ms
186ms Image
image/png 31.13.65.36
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=589571394944032&ev=PageView&dl=https%3A%2F%2Frokgrupi.start.bg%2F&rl=&if=false&ts=1734876333621&sw=1600&sh=1200&v=2.9.179&r=stable&ec=0&o=4126&fbp=fb.1.1734876333619.407490318221064886&ler=empty&cdl=API_unavailable&it=1734876333307&coo=false&rqm=FGET

Requested by

Host: rokgrupi.start.bg
URL: https://rokgrupi.start.bg/

Protocol

Security

QUIC, , AES_128_GCM

Server

31.13.65.36 Lithia Springs, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-atl3.facebook.com

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com .facebook.com .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://rokgrupi.start.bg/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7451237113675587438"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Sun, 22 Dec 2024 14:05:33 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: INoKK4mtCMWwmH62OewIc8FuNvujLHYQrgjZJzKi4SRVR8Vt4Xz4nZo5NfIB60exvlLdLMRgTAPe0UOqU/i0Xw==
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7451237113675587438", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-connection-quality: GOOD; q=0.7, rtt=51, rtx=0, c=23, mss=1232, tbw=4851, tp=12, tpl=0, uplat=37, ullat=0
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
cross-origin-opener-policy-report-only: restrict-properties;report-to="coop_report"
x-xss-protection: 0
origin-agent-cluster: ?1

POST
H2 204 collect
www.google-analytics.com/g/ 0
0 86ms
85ms Fetch
text/plain 142.250.80.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-J0D31ZH87L&gtm=45je4cc1v9172705496z89174316107za200zb9174316107&_p=1734876333030&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&cid=991067755.1734876334&ecid=1816620134&ul=en-ca&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1734876333&sct=1&seg=0&dl=https%3A%2F%2Frokgrupi.start.bg%2F&dt=%D0%A0%D0%BE%D0%BA%20%D0%B3%D1%80%D1%83%D0%BF%D0%B8%3A%20Pinkfloyd%2C%20Deep%20Purple%2C%20Aerosmith%2C%20Theatre%20of%20Tragedy%2C%20Him%2C%20Tribute%20bands&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=18781
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-J0D31ZH87L&l=dataLayer&cx=c&gtm=45He4cc1v9174316107za200
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.80.110 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS: lga34s36-in-f14.1e100.net
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://rokgrupi.start.bg/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://rokgrupi.start.bg
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 22 Dec 2024 14:05:33 GMT
content-type: text/plain
server: Golfe2

POST
H2 204 collect
analytics.google.com/g/ 0
0 124ms
44ms Fetch
text/plain 216.239.34.181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-QPK7X91FPK&gtm=45je4cc1v896316010z89174316107za200zb9174316107&_p=1734876333030&_gaz=1&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&cid=991067755.1734876334&ul=en-ca&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_s=1&sid=1734876333&sct=1&seg=0&dl=https%3A%2F%2Frokgrupi.start.bg%2F&dt=%D0%A0%D0%BE%D0%BA%20%D0%B3%D1%80%D1%83%D0%BF%D0%B8%3A%20Pinkfloyd%2C%20Deep%20Purple%2C%20Aerosmith%2C%20Theatre%20of%20Tragedy%2C%20Him%2C%20Tribute%20bands&en=page_view&_fv=1&_ss=1&tfd=18820
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-QPK7X91FPK&l=dataLayer&cx=c&gtm=45He4cc1v9174316107za200
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.34.181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://rokgrupi.start.bg/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://rokgrupi.start.bg
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 22 Dec 2024 14:05:33 GMT
content-type: text/plain
server: Golfe2

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
555 B 134ms
52ms Ping
text/plain 142.250.31.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-QPK7X91FPK&cid=991067755.1734876334&gtm=45je4cc1v896316010z89174316107za200zb9174316107&aip=1&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=101925629~102067555~102067808~102081485~102198178
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-QPK7X91FPK&l=dataLayer&cx=c&gtm=45He4cc1v9174316107za200
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.31.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: bj-in-f155.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://rokgrupi.start.bg/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://rokgrupi.start.bg
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 22 Dec 2024 14:05:33 GMT
content-type: text/plain
server: Golfe2

GET
H2 200 rul
td.doubleclick.net/td/ga/ Frame 7381 0
0 1147ms
67ms Document
text/html 142.251.40.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/ga/rul?tid=G-QPK7X91FPK&gacid=991067755.1734876334&gtm=45je4cc1v896316010z89174316107za200zb9174316107&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101925629~102067555~102067808~102081485~102198178&z=22125630

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-QPK7X91FPK&l=dataLayer&cx=c&gtm=45He4cc1v9174316107za200

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.130 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s80-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://rokgrupi.start.bg/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 22 Dec 2024 14:05:34 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 collect
www.google-analytics.com/g/ 0
0 52ms
48ms Fetch
text/plain 142.250.80.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-XVP8NBQ5PQ&gtm=45je4cc1v896316010z89174316107za200zb9174316107&_p=1734876333030&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&cid=991067755.1734876334&ul=en-ca&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1734876333&sct=1&seg=0&dl=https%3A%2F%2Frokgrupi.start.bg%2F&dt=%D0%A0%D0%BE%D0%BA%20%D0%B3%D1%80%D1%83%D0%BF%D0%B8%3A%20Pinkfloyd%2C%20Deep%20Purple%2C%20Aerosmith%2C%20Theatre%20of%20Tragedy%2C%20Him%2C%20Tribute%20bands&en=page_view&_fv=1&_ss=1&tfd=18864
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-QPK7X91FPK&l=dataLayer&cx=c&gtm=45He4cc1v9174316107za200
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.80.110 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS: lga34s36-in-f14.1e100.net
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://rokgrupi.start.bg/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://rokgrupi.start.bg
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 22 Dec 2024 14:05:33 GMT
content-type: text/plain
server: Golfe2

GET
H3 200 ga-audiences
www.google.ca/ads/ 42 B
63 B 431ms
385ms Image
image/gif 142.250.80.3
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-QPK7X91FPK&cid=991067755.1734876334&gtm=45je4cc1v896316010z89174316107za200zb9174316107&aip=1&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=101925629~102067555~102067808~102081485~102198178&tag_exp=101925629~102067555~102067808~102081485~102198178&z=1676707138

Requested by

Host: rokgrupi.start.bg
URL: https://rokgrupi.start.bg/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.3 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s33-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://rokgrupi.start.bg/

Response headers

cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Sun, 22 Dec 2024 14:05:34 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
306 B 51ms
45ms XHR
text/plain 142.250.80.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1055000318&t=pageview&_s=1&dl=https%3A%2F%2Frokgrupi.start.bg%2F&ul=en-ca&de=UTF-8&dt=%D0%A0%D0%BE%D0%BA%20%D0%B3%D1%80%D1%83%D0%BF%D0%B8%3A%20Pinkfloyd%2C%20Deep%20Purple%2C%20Aerosmith%2C%20Theatre%20of%20Tragedy%2C%20Him%2C%20Tribute%20bands&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IADAAAABAAAAACAAI~&jid=1969415957&gjid=2096533870&cid=991067755.1734876334&tid=UA-493074-1&_gid=1149104623.1734876334&_r=1&_slc=1&z=365981130

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.80.110 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s36-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://rokgrupi.start.bg/

Response headers

report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:175:0"}],}
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 22 Dec 2024 14:05:33 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
content-type: text/plain
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:175:0
access-control-allow-origin: https://rokgrupi.start.bg
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 3
server: Golfe2

GET
H2 200 AGSKWxWa93dUQ6YdwN0wvstFob8GE27MCoL2PpxpBkV4bA1Ccv-wN20ThOkEYF86Fg24sIlI1npY130whv-JIZQgMP4rDFwp3XhDzobW0SebyUKySCcFhbjmZeGXMv4joksR6iZ1ZEoKXA== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 93ms
84ms Script
application/javascript 142.250.80.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxWa93dUQ6YdwN0wvstFob8GE27MCoL2PpxpBkV4bA1Ccv-wN20ThOkEYF86Fg24sIlI1npY130whv-JIZQgMP4rDFwp3XhDzobW0SebyUKySCcFhbjmZeGXMv4joksR6iZ1ZEoKXA==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzM0ODc2MzMzLDgzMTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly9yb2tncnVwaS5zdGFydC5iZy8iLG51bGwsW1s4LCJJTXo1N3ljNWhWdyJdLFs5LCJlbi1VUyJdLFsxOSwiMiJdLFsxNywiWzBdIl1dXQ

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.IMz57yc5hVw.es5.O/am=DAY/d=1/rs=AJlcJMw3zS1wjusUi0gw9griloTCXJzNKw/m=kernel_loader,loader_js_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.80.110 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s36-in-f14.1e100.net

Software

ESF /

Resource Hash

cd13d88c44253ca4f73abf6956ff36c4ddc4278b944a9acbf2beb4f7e99ee943

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-43zQPH71hmkdKj_HAKVWiQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://rokgrupi.start.bg/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 22 Dec 2024 14:05:33 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjKtDikmJw0JBikPj6kkkNiJ3SZ7AGAHHrzXOsk4HYaO15VgcgTvp3nrUAiA0VLrHaA7Fj0SVWTyBW7bnEagzE99ddYn0OxB_qL7P-AOIZ5y-zLgDiIokrrA1AzPD1CisHEAvxcKzduWA3m8CGS0_WMCtpJOUXxifn55UUZSaVluQXpSWnpRanFpWlFsUbGRiZGBoZGukZGMYXGAAAhXVFlw"
content-security-policy: script-src 'report-sample' 'nonce-43zQPH71hmkdKj_HAKVWiQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin: *
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

GET
H3 200 topics_frame.html
securepubads.g.doubleclick.net/static/topics/ Frame 58E1 0
0 429ms
32ms Document
text/html 142.250.65.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/static/topics/topics_frame.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412090101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.226 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s73-in-f2.1e100.net

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://rokgrupi.start.bg/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 435
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3000, stale-while-revalidate=3600
content-encoding: br
content-length: 29117
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 22 Dec 2024 13:58:19 GMT
expires: Sun, 22 Dec 2024 14:48:19 GMT
last-modified: Mon, 09 Dec 2024 20:44:42 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 pubcid.min.js Show response
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 732 B
851 B 1095ms
26ms Script
application/javascript 151.101.129.229
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412090101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.229 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://rokgrupi.start.bg/

Response headers

access-control-expose-headers: *
content-encoding: br
etag: W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
age: 4660
x-content-type-options: nosniff
x-jsd-version-type: branch
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: HIT, HIT
date: Sun, 22 Dec 2024 14:05:34 GMT
content-type: application/javascript; charset=utf-8
x-served-by: cache-fra-eddf8230168-FRA, cache-yyz4525-YYZ
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
content-length: 394
x-jsd-version: master

GET
H2 200 ob.js Show response
cdn-ima.33across.com/ 17 KB
7 KB 337ms
28ms Script
application/javascript 104.18.28.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-ima.33across.com/ob.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412090101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.28.101 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9ffa45453324362cbc5cc78288e04513100c2d61baf3a969717ea5df3d0dbb39

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://rokgrupi.start.bg/

Response headers

cache-control: public, max-age=259200
content-encoding: gzip
cf-cache-status: HIT
etag: W/"671a7174-43df"
age: 443601
cf-ray: 8f60aae09c7a39f5-YYZ
expires: Wed, 25 Dec 2024 14:05:34 GMT
date: Sun, 22 Dec 2024 14:05:34 GMT
content-type: application/javascript
last-modified: Thu, 24 Oct 2024 16:10:28 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 encrypted-tag-g.js Show response
invstatic101.creativecdn.com/encrypted-signals/ 2 KB
2 KB 1462ms
126ms Script
text/javascript 34.96.70.87
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412090101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 87.70.96.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: 5d8dac2d4ae43a0b541c160f30e8238951b42b13bb5f01ca2697271b3a804ad2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://rokgrupi.start.bg/

Response headers

etag: e8fb4c5e5648d4012fd13b4c454df319
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1558
date: Sun, 22 Dec 2024 14:05:35 GMT
content-type: text/javascript; charset=utf-8
last-modified: Wed, 11 Dec 2024 20:03:09 GMT
server: Google Frontend
x-cloud-trace-context: 3a15fe8cd477777dfcb6e138feb5ffc9

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16589/ 43 KB
13 KB 1295ms
36ms Script
text/javascript 108.138.128.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412090101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.128.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-128-46.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 30b32e97f2e3e06deb742bf2e19daeb4f4657a956e836c2a25a7df2bc72f7500

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://rokgrupi.start.bg/

Response headers

vary: Accept-Encoding
cache-control: public, max-age=86400
content-encoding: gzip
etag: W/"7db46e1255a018ecf02f47b2c19c26c4"
age: 14011
via: 1.1 dd80355363eac92e0372107558e579a8.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-id: 5Ja0izDbLgQ_QgtSrtpx6p7DkNU_59B8eBv__8n1-NScSDtL6z65LQ==
date: Sun, 22 Dec 2024 10:25:17 GMT
content-type: text/javascript
last-modified: Tue, 20 Aug 2024 18:47:40 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P4
x-amz-server-side-encryption: AES256

GET
H2 200 esp.js Show response
cdn.id5-sync.com/api/1.0/ 101 KB
29 KB 347ms
39ms Script
text/javascript 104.22.53.86
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/esp.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412090101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.53.86 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

04e91b031f9526ff060b6858d2839e93f91b0da5fbd8b8620455837e618e2906

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://rokgrupi.start.bg/

Response headers

x-amz-id-2: hq55imkAb0Vnbj1g+9IQi+uhYfZQKytOO8lo7PhOR/Mt58RL9e4JJPs+XUmB1jymTrQJ1h+7ja811DMkDt3tCI+895Gfmc9lQxfAtv/Gwi0=
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: public, max-age=3600
content-encoding: br
cf-cache-status: HIT
etag: W/"5dcd2f7daade69f0b6f0a4fca81bea12"
age: 1959
x-amz-request-id: YCG530TACW1EBAVQ
cf-ray: 8f60aae099993a05-YYZ
date: Sun, 22 Dec 2024 14:05:34 GMT
content-type: text/javascript;charset=utf-8
last-modified: Wed, 04 Dec 2024 13:37:28 GMT
vary: Accept-Encoding
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H/1.1 200
OK uid2SecureSignal.js Show response
cdn.prod.uidapi.com/ 3 KB
4 KB 138ms
34ms Script
text/javascript 18.164.109.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412090101/pubads_impl.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.109.182 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-109-182.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f0db2da3ee90dcf1f14054ba3c18ccc331993a4f19fd95c56169f3de5047950e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://rokgrupi.start.bg/

Response headers

x-amz-version-id: suVMGQsV8z1neCwtnAwOA2e_FhSjpoa6
ETag: "e264379414c85b18fe5fb338ed4823f8"
Age: 24582
Connection: keep-alive
Via: 1.1 a0be26685e47d6d6220ccd40bc5f0a4e.cloudfront.net (CloudFront)
Accept-Ranges: bytes
X-Cache: Hit from cloudfront
Content-Length: 3117
X-Amz-Cf-Id: VrRx5azchIJefF2cDBYUnKWj-UJ-Ot_lM3j4I3Ko2_O5gloiYA3kow==
Date: Sun, 22 Dec 2024 07:15:52 GMT
Content-Type: text/javascript
Last-Modified: Wed, 11 Dec 2024 19:25:11 GMT
Server: AmazonS3
X-Amz-Cf-Pop: JFK50-P6
x-amz-server-side-encryption: AES256

GET
H2 200 esp.js Show response
oa.openxcdn.net/ 24 KB
8 KB 1093ms
26ms Script
application/javascript 34.102.146.192
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oa.openxcdn.net/esp.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412090101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 192.146.102.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://rokgrupi.start.bg/

Response headers

x-goog-metageneration: 1
content-encoding: gzip
x-goog-hash: crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
etag: "df5542b88bc0e368c6999754a5b9e2ba"
age: 392406
x-goog-stored-content-encoding: gzip
expires: Thu, 18 Dec 2025 01:05:28 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 7927
date: Wed, 18 Dec 2024 01:05:28 GMT
last-modified: Thu, 27 May 2021 18:30:51 GMT
content-type: application/javascript
x-guploader-uploadid: AFiumC7GnkbtI92nwlFmIIjbI9cEhpjPm3-wbyRCTZntftnxvt-2_8PrY39RzBXB4ilct7ES
cache-control: no-transform
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
x-goog-generation: 1622140251693895
content-length: 7927
server: UploadServer

GET
H2 200 publishertag.ids.js Show response
static.criteo.net/js/ld/ 42 KB
13 KB 1321ms
73ms Script
text/javascript 74.119.117.4
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.ids.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412090101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.117.4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

1635d2075d3343c86490d2229c1fb868ad59d92958ef65e04cb65767c703e9f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://rokgrupi.start.bg/

Response headers

strict-transport-security: max-age=31536000; preload;
cache-control: max-age=86400, public
timing-allow-origin: *
content-encoding: gzip
etag: W/"670e3454-a69c"
cross-origin-resource-policy: cross-origin
expires: Mon, 23 Dec 2024 14:05:35 GMT
access-control-allow-origin: *
date: Sun, 22 Dec 2024 14:05:35 GMT
content-type: text/javascript
last-modified: Tue, 15 Oct 2024 09:22:28 GMT
server: nginx

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 263 KB
71 KB 563ms
563ms Fetch
text/plain 142.250.65.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=172479684484990&correlator=3992319329654275&hxva=1&scor=4310868606926587&eid=31089347%2C31084130&output=ldjh&gdfp_req=1&vrg=202412090101&ptt=17&impl=fifs&gdpr=0&iu_parts=1001631%2Cstart.bg%2CSTR_728x90_CPM%2CSTR_300x250_CPM_A%2CSTR_300x250_CPC%2CSTR_Nonstandard&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F3%2C%2F0%2F1%2F4%2C%2F0%2F1%2F5&prev_iu_szs=728x90%7C960x200%7C970x90%7C970x250%2C300x250%7C300x600%2C300x250%7C300x600%2C1x1&ifi=1&sfv=1-0-40&ists=1&sc=1&cookie_enabled=1&abxe=1&dt=1734876333858&lmt=1734876333&adxs=436%2C969%2C971%2C0&adys=32%2C296%2C1260%2C3799&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C1%7C2&ucis=1%7C2%7C3%7C4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-480&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Frokgrupi.start.bg%2F&vis=1&psz=1600x0%7C308x0%7C304x0%7C1600x3799&msz=1600x0%7C308x0%7C304x0%7C1600x0&fws=0%2C0%2C0%2C0&ohw=0%2C0%2C0%2C0&topics=9&tps=9&htps=10&a3p=EhkKCnB1YmNpZC5vcmcYmY7A9b4ySABSAghkEhwKDWNyd2RjbnRybC5uZXQYmo7A9b4ySABSAghkEhkKCnVpZGFwaS5jb20Ymo7A9b4ySABSAghkEhQKBW9wZW54GJqOwPW-MkgAUgIIZBIbCgxpZDUtc3luYy5jb20Ymo7A9b4ySABSAghkEhsKDDMzYWNyb3NzLmNvbRiZjsD1vjJIAFICCGQSHQoOZXNwLmNyaXRlby5jb20Ymo7A9b4ySABSAghkEhcKCHJ0YmhvdXNlGJqOwPW-MkgAUgIIZA..&nt=1&psd=WzE1LFtdLG51bGwsM10.&dlt=1734876332579&idt=860&ppid=17348763330000f772b74dd6944479b5356ef029019767&cust_params=tags%3DPinkfloyd%252C%2520Deep%2520Purple%252C%2520Aerosmith%252C%2520Theatre%2520of%2520Tragedy%252C%2520Him%252C%2520Tribute%2520bands%26start_home%3D2%26start_category%3D%25D0%259C%25D1%2583%25D0%25B7%25D0%25B8%25D0%25BA%25D0%25B0%252C%25D0%25A0%25D0%25BE%25D0%25BA%2520%25D0%25B8%2520%25D0%25A5%25D0%25B5%25D0%25B2%25D0%25B8%2520%25D0%25BC%25D0%25B5%25D1%2582%25D1%258A%25D0%25BB%2520%26start_subdomain%3Drokgrupi&adks=3529182063%2C4211740984%2C2427380126%2C681090352&frm=20&eoidce=1&td=1&egid=198&tan=066dc74a-3e63-47e5-a82e-f81272593c62%2C066dc74a-3e63-47e5-a82e-f81272593c63%2C066dc74a-3e63-47e5-a82e-f81272593c64%2C066dc74a-3e63-47e5-a82e-f81272593c65&tdf=2

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412090101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.226 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s73-in-f2.1e100.net

Software

cafe /

Resource Hash

ea9641ba6bb4a9225c6a1477b83989b45626cb7d03bcc0ef30c034fcb4165a94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://rokgrupi.start.bg/

Response headers

content-encoding: br
google-lineitem-id: -1,-1,-2,-2
observe-browsing-topics: ?1
x-content-type-options: nosniff
google-mediationtag-id: -2
google-mediationgroup-id: -2,-2
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Sun, 22 Dec 2024 14:05:34 GMT
content-type: text/plain; charset=UTF-8
google-creative-id: -1,-1,-2,-2
cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin: https://rokgrupi.start.bg
content-length: 72552
x-xss-protection: 0
server: cafe

GET
H2 200 container.html
96be86e24598c8b1d2cfc3e50bb8e199.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame F8EB 0
0 1275ms
46ms Document
text/html 142.251.40.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://96be86e24598c8b1d2cfc3e50bb8e199.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412090101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.161 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s81-in-f1.1e100.net

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://rokgrupi.start.bg/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 22 Dec 2024 14:05:35 GMT
expires: Sun, 22 Dec 2024 14:05:35 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 gpt
securepubads.g.doubleclick.net/pagead/managed/dict/m202412050101/ 63 KB
22 KB 40ms
39ms Other
text/plain 142.250.65.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/dict/m202412050101/gpt

Requested by

Host: rokgrupi.start.bg
URL: https://rokgrupi.start.bg/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.226 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s73-in-f2.1e100.net

Software

cafe /

Resource Hash

3afadb2c1b557e72372f35ddac45c9638faa3de842363f36e560ab7d1045b32a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: br
etag: 4443559573512225521
age: 66926
x-content-type-options: nosniff
expires: Sun, 22 Dec 2024 19:30:07 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Sat, 21 Dec 2024 19:30:07 GMT
content-type: text/plain; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=86400, stale-while-revalidate=7200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 22952
x-xss-protection: 0
server: cafe
use-as-dictionary: match="/gampad/ads", id="m202412050101"

GET
H2 200 AGSKWxXK9yd8FxgQSO-6Ufrl7fcOqnh7lmuZcnN22V2VCeSp-7pNyC_hWEj8epcUkd-Sbs0ayjEaH5EtKNq8VoBdCQX3zoHETEJ_S4BR8Lg_i5rkCpUQbCGRsJg7KqjlDxd5lFxN45lU_A== Show response
fundingchoicesmessages.google.com/f/ 10 KB
5 KB 70ms
70ms Script
application/javascript 142.250.80.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXK9yd8FxgQSO-6Ufrl7fcOqnh7lmuZcnN22V2VCeSp-7pNyC_hWEj8epcUkd-Sbs0ayjEaH5EtKNq8VoBdCQX3zoHETEJ_S4BR8Lg_i5rkCpUQbCGRsJg7KqjlDxd5lFxN45lU_A==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzM0ODc2MzMzLDkzMzAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOV0sbnVsbCwyLG51bGwsImJnIl0sImh0dHBzOi8vcm9rZ3J1cGkuc3RhcnQuYmcvIixudWxsLFtbOCwiSU16NTd5YzVoVnciXSxbOSwiZW4tVVMiXSxbMTksIjIiXSxbMTcsIlswXSJdXV0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.80.110 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s36-in-f14.1e100.net

Software

ESF /

Resource Hash

8208c9bd7f0ff7350e7ee68568bf16329a4bb5f973ba5058f550cd3d3bba71fc

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-g08VX2ydq6qKSRu5f8oVhw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://rokgrupi.start.bg/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 22 Dec 2024 14:05:33 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjKtDikmLw05BikPj6kkkNiJ3SZ7AGAHHrzXOsk4HYaO15VgcgTvp3nrUAiA0VLrHaA7Fj0SVWTyBW7bnEagzE99ddYn0OxB_qL7P-AOIZ5y-zLgDiIokrrA1AzPD1CisHEAvxcKzduWA3m8CJ9Y0XmJU0kvIL45Pz80qKMpNKS_KL0pLTUotTi8pSi-KNDIxMDI0MjfQMDOMLDACBVEVb"
content-security-policy: script-src 'report-sample' 'nonce-g08VX2ydq6qKSRu5f8oVhw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin: *
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

GET
H2 204 increment Show response
id5-sync.com/api/esp/ 0
233 B 522ms
281ms XHR
text/plain 162.19.138.119
OVH OVH SAS

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/esp/increment?counter=no-config

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.119 Frankfurt am Main, Germany, ASN16276 (OVH OVH SAS, FR),

Reverse DNS

ns31533570.ip-162-19-138.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://rokgrupi.start.bg/

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-origin: https://rokgrupi.start.bg
date: Sun, 22 Dec 2024 14:05:33 GMT
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
access-control-allow-credentials: true

GET
H2 200 container.html
96be86e24598c8b1d2cfc3e50bb8e199.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 7F3A 0
0 653ms
653ms Document
text/html 142.251.40.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://96be86e24598c8b1d2cfc3e50bb8e199.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412090101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.161 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s81-in-f1.1e100.net

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://rokgrupi.start.bg/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 22 Dec 2024 14:05:35 GMT
expires: Sun, 22 Dec 2024 14:05:35 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 container.html
96be86e24598c8b1d2cfc3e50bb8e199.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 77DA 0
0 611ms
611ms Document
text/html 142.251.40.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://96be86e24598c8b1d2cfc3e50bb8e199.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412090101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.161 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s81-in-f1.1e100.net

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://rokgrupi.start.bg/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 22 Dec 2024 14:05:35 GMT
expires: Sun, 22 Dec 2024 14:05:35 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 rightrailgoogleads. Show response
fundingchoicesmessages.google.com/f/AGSKWxV7RKobNfVxfVWvCukSEn_6p93TH9au8Il-odyLj79gNzChrj9OMkXO8h7-fxWIrrkVcWlj0F3PM5pxvG53E3rjWrrVjbasONjdmm189IxLeburcoU2hgK7JHEc_zgq4l6o_phvVUQAhFe8Mi7WPhARFOFn3... 54 B
109 B 57ms
56ms Script
application/javascript 142.250.80.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxV7RKobNfVxfVWvCukSEn_6p93TH9au8Il-odyLj79gNzChrj9OMkXO8h7-fxWIrrkVcWlj0F3PM5pxvG53E3rjWrrVjbasONjdmm189IxLeburcoU2hgK7JHEc_zgq4l6o_phvVUQAhFe8Mi7WPhARFOFn3Q_9WrONCjMK2lav2d7XwwUPLPQNEASR/_/dartcall./ad_home_/mpu-dm.htm&program=revshare&/rightrailgoogleads.

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.IMz57yc5hVw.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMzvURqnN7XWAIROf2f0Q-7GMaIk_w/m=ad_blocking_detection_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.110 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s36-in-f14.1e100.net

Software

ESF /

Resource Hash

833e494192cd20a0b64cdc243fb54d2983f895f9883988c0625ca97f6e81d3a6

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-zcMieDow7C3ra_An-_YHKA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://rokgrupi.start.bg/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 22 Dec 2024 14:05:34 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjKtDikmJw0pBikPj6kkkNiJ3SZ7AGAHHrzXOsk4HYaO15VgcgTvp3nrUAiA0VLrHaA7Fj0SVWTyBW7bnEagzE99ddYn0OxB_qL7P-AOIZ5y-zLgDiIokrrA1AzPD1CisHEAvxcKzbuWA3m0DDobPXmJQ0kvIL45Pz80qKMpNKS_KL0pLTUotTi8pSi-KNDIxMDI0MjfQMDOMLDAB-REVs"
content-security-policy: script-src 'report-sample' 'nonce-zcMieDow7C3ra_An-_YHKA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

GET
H3 200 osd.js Show response
pagead2.googlesyndication.com/pagead/ 61 B
76 B 104ms
35ms Script
text/javascript 142.250.65.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/osd.js?fcd=true

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.194 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s72-in-f2.1e100.net

Software

cafe /

Resource Hash

c45c8b81ccfcbc08127b74787d1b5974078756233de947986c357e28ed8f13ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://rokgrupi.start.bg/

Response headers

content-encoding: br
etag: 16023549773543154165
age: 1085
x-content-type-options: nosniff
expires: Sun, 22 Dec 2024 14:47:29 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Sun, 22 Dec 2024 13:47:29 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 51
x-xss-protection: 0
server: cafe

POST
H3 204 AGSKWxWBPIMEIiFf1ViTLK7wD3mYHw4v8R2fuVGmYpadFb-hTGKgw7xaodYnC3UBDNCG7FjuZGm812WLxrutG2JL0HB2YABjp0VBDLFNdh8B4omFax3WsbFvMbHIPsVgFHxaINvppafujQ== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 98ms
57ms XHR
text/html 142.250.80.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWBPIMEIiFf1ViTLK7wD3mYHw4v8R2fuVGmYpadFb-hTGKgw7xaodYnC3UBDNCG7FjuZGm812WLxrutG2JL0HB2YABjp0VBDLFNdh8B4omFax3WsbFvMbHIPsVgFHxaINvppafujQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.110 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s36-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-ZVX0kVVssMt6eRTfOYsC6A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://rokgrupi.start.bg/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 22 Dec 2024 14:05:34 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmLw1JBicEqfwRoCxB_qL7P-AGKGr1dYOYBYiIdj3c4Fu9kEdsz49YpJySUpvzA-OT-vJDWvRDcxpVgXxC7KTCotyS9CYaeWgVTk5KenZ-alxxsZGJkYGhka6RmYxRcYAAAPsCsq"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-ZVX0kVVssMt6eRTfOYsC6A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://rokgrupi.start.bg
content-length: 0
x-xss-protection: 0
server: ESF

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWBPIMEIiFf1ViTLK7wD3mYHw4v8R2fuVGmYpadFb-hTGKgw7xaodYnC3UBDNCG7FjuZGm812WLxrutG2JL0HB2YABjp0VBDLFNdh8B4omFax3WsbFvMbHIPsVgFHxaINvppafujQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.110 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s36-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-uw-AyB90_TK-8hY-4gkX0w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://rokgrupi.start.bg/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 22 Dec 2024 14:05:34 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmLw0JBicEqfwRoCxB_qL7P-AGKGr1dYOYBYiIdj3c4Fu9kEZsy98IVJySUpvzA-OT-vJDWvRDcxpVgXxC7KTCotyS9CYaeWgVTk5KenZ-alxxsZGJkYGhka6RmYxRcYAAD-GSru"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-uw-AyB90_TK-8hY-4gkX0w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://rokgrupi.start.bg
content-length: 0
x-xss-protection: 0
server: ESF

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWBPIMEIiFf1ViTLK7wD3mYHw4v8R2fuVGmYpadFb-hTGKgw7xaodYnC3UBDNCG7FjuZGm812WLxrutG2JL0HB2YABjp0VBDLFNdh8B4omFax3WsbFvMbHIPsVgFHxaINvppafujQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.110 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s36-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-yrTrCQBFk7wz1S56rsWuEw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://rokgrupi.start.bg/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 22 Dec 2024 14:05:34 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmII0JBicEqfwRoCxB_qL7P-AGKGr1dYOYBYiIdj3c4Fu9kEPrxa1cOs5JKUXxifnJ9XkppXopuYUqwLYhdlJpWW5BehsFPLQCpy8tPTM_PS440MjEwMjQyN9AzM4gsMAAnjKw4"
content-security-policy: script-src 'report-sample' 'nonce-yrTrCQBFk7wz1S56rsWuEw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://rokgrupi.start.bg
content-length: 0
x-xss-protection: 0
server: ESF

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWBPIMEIiFf1ViTLK7wD3mYHw4v8R2fuVGmYpadFb-hTGKgw7xaodYnC3UBDNCG7FjuZGm812WLxrutG2JL0HB2YABjp0VBDLFNdh8B4omFax3WsbFvMbHIPsVgFHxaINvppafujQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.110 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s36-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-yVZXoMbRySnfrSVtJfJNfA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://rokgrupi.start.bg/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 22 Dec 2024 14:05:34 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmII1JBicEqfwRoCxB_qL7P-AGKGr1dYOYBYiIdj3c4Fu9kEVqxZ0M2s5JKUXxifnJ9XkppXopuYUqwLYhdlJpWW5BehsFPLQCpy8tPTM_PS440MjEwMjQyN9AzM4gsMAOAeKn4"
content-security-policy: script-src 'report-sample' 'nonce-yVZXoMbRySnfrSVtJfJNfA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://rokgrupi.start.bg
content-length: 0
x-xss-protection: 0
server: ESF

GET
H3 200 AGSKWxUITYVbAq9V6K3opsy_nEAz8ZsmK26LhGOAn6NCq4iD3dU3zbxRTCnvizCHoU4i8727Y5CQVIPXYv-g6GGjoVN8VLquF5Ku8zaIF4F5TiI_oC7k2eMVumOr8UIbdW1EWIn7stRwQQ== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 68ms
68ms Script
application/javascript 142.250.80.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxUITYVbAq9V6K3opsy_nEAz8ZsmK26LhGOAn6NCq4iD3dU3zbxRTCnvizCHoU4i8727Y5CQVIPXYv-g6GGjoVN8VLquF5Ku8zaIF4F5TiI_oC7k2eMVumOr8UIbdW1EWIn7stRwQQ==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzM0ODc2MzM0LDc5NjAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOSw2XSxudWxsLDIsbnVsbCwiYmciLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly9yb2tncnVwaS5zdGFydC5iZy8iLG51bGwsW1s4LCJJTXo1N3ljNWhWdyJdLFs5LCJlbi1VUyJdLFsxOSwiMiJdLFsxNywiWzBdIl1dXQ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.110 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s36-in-f14.1e100.net

Software

ESF /

Resource Hash

1b2aa7ef1be07a464ec32db9269eeab1da97f3d01205892b56b04688fd075e0f

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-lr_ABpI1KdCSM4Tywi4T2g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://rokgrupi.start.bg/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 22 Dec 2024 14:05:34 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjqtDikmJw0ZBiOHHrNtMFIJb4-pJJDYid0mewBgBx681zrJOB2GjteVYHIE76d561AIgNFS6x2gOxY9ElVk8gVu25xGoMxPfXXWJ9DsQf6i-z_gDiGecvsy4A4iKJK6wNQMzw9QorBxAL8XCs27lgN5vAiZk_-pmVNJLyC-OT8_NKijKTSkvyi9KS01KLU4vKUovijQyMTAyNDI30DAzjCwwAzcFKgA"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-lr_ABpI1KdCSM4Tywi4T2g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin: *
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

POST
H3 204 AGSKWxUYw8wkgzh2EAwkT4EQl3rMxLa-1jCf1_Ue13IhBab2xKmsFLb1hom-NsNwPRWc4GL9P5RyiqYZd86azsJSCRIUrZ5_VRCqzMvDOHskAH2wNkbnIGadKjIilNErJIvXir7JC0pirQ== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 57ms
56ms XHR
text/html 142.250.80.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUYw8wkgzh2EAwkT4EQl3rMxLa-1jCf1_Ue13IhBab2xKmsFLb1hom-NsNwPRWc4GL9P5RyiqYZd86azsJSCRIUrZ5_VRCqzMvDOHskAH2wNkbnIGadKjIilNErJIvXir7JC0pirQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.110 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s36-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-zwPkNTnrXId95RL_X78qtQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://rokgrupi.start.bg/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 22 Dec 2024 14:05:34 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmJw0JBicEqfwRoCxB_qL7P-AGKGr1dYOYBYiIdj3c4Fu9kENkz-vI5ZySUpvzA-OT-vJDWvRDcxpVgXxC7KTCotyS9CYaeWgVTk5KenZ-alxxsZGJkYGhka6RmYxRcYAAD1TyrS"
content-security-policy: script-src 'report-sample' 'nonce-zwPkNTnrXId95RL_X78qtQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://rokgrupi.start.bg
content-length: 0
x-xss-protection: 0
server: ESF

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ 156 B
590 B 393ms
47ms XHR
application/json 52.45.239.128
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.45.239.128 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-45-239-128.compute-1.amazonaws.com
Software: /
Resource Hash: 240b47b933e476a2e5b4f33cd3362318bcee403f20cff581861c5fdc4f620762

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://rokgrupi.start.bg/

Response headers

cache-control: no-cache
pragma: no-cache
access-control-allow-credentials: true
expires: 0
access-control-allow-origin: https://rokgrupi.start.bg
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
content-length: 156
date: Sun, 22 Dec 2024 14:05:35 GMT
content-type: application/json;charset=utf-8
x-server: 10.40.59.147

GET
H2 200 syncframe
gum.criteo.com/ Frame 70A4 0
0 3257ms
77ms Document
text/html 74.119.117.17
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=rokgrupi.start.bg&gdpr=0&gdpr_consent=

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.117.17 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://rokgrupi.start.bg/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 22 Dec 2024 14:05:38 GMT
server: Kestrel
server-processing-duration-in-ticks: 783769
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
x-robots-tag: noindex

GET
H2 200 fpdata.js Show response
gabg.hit.gemius.pl/ 288 B
426 B 135ms
135ms Script
text/javascript 78.128.6.42
Telepoint Telepoi...

General

Check archive.org

Show headers Download Go to

Full URL: https://gabg.hit.gemius.pl/fpdata.js?href=rokgrupi.start.bg
Requested by: Host: gabg.hit.gemius.pl
URL: https://gabg.hit.gemius.pl/xgemius.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 78.128.6.42 , Bulgaria, ASN31083 (Telepoint Telepoint Ltd, BG),
Reverse DNS: ip-6-42.telehouse.bg
Software: GHC /
Resource Hash: b6cceca474a39f081a0aca85fc7fb198ef9459b189928a88c8842df545682d6a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://rokgrupi.start.bg/

Response headers

cache-control: private, max-age=2592000
etag: PRIVATE7520710249
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor
cross-origin-resource-policy: cross-origin
expires: Tue, 21 Jan 2025 14:05:35 GMT
accept-ranges: none
p3p: CP="NOI DSP COR NID PSAo OUR IND"
content-length: 288
date: Sun, 22 Dec 2024 14:05:35 GMT
last-modified: Mon, 16 Jul 2012 10:03:40 GMT
content-type: text/javascript
server: GHC

GET
H2 200 lsget.html
ls.hit.gemius.pl/ Frame B767 0
0 488ms
134ms Document
text/html 146.59.30.96
OVH OVH SAS

General

Check archive.org

Show headers Download Go to

Full URL: https://ls.hit.gemius.pl/lsget.html
Requested by: Host: gabg.hit.gemius.pl
URL: https://gabg.hit.gemius.pl/xgemius.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 146.59.30.96 , France, ASN16276 (OVH OVH SAS, FR),
Reverse DNS: ip96.ip-146-59-30.eu
Software: GHC /
Resource Hash

Request headers

Referer: https://rokgrupi.start.bg/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor
accept-ranges: none
cache-control: private, max-age=2592000
content-encoding: gzip
content-length: 2803
content-type: text/html;charset=utf-8
cross-origin-resource-policy: cross-origin
date: Sun, 22 Dec 2024 14:05:35 GMT
etag: PRIVATE7520710249
expires: Tue, 21 Jan 2025 14:05:35 GMT
last-modified: Mon, 16 Jul 2012 10:03:40 GMT
p3p: CP="NOI DSP COR NID PSAo OUR IND"
server: GHC
vary: Accept-Encoding,Origin,User-Agent

POST
H2 200 encrypt Show response
esp.rtbhouse.com/ 241 B
505 B 594ms
122ms Fetch
application/json 35.190.39.111
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://esp.rtbhouse.com/encrypt
Requested by: Host: invstatic101.creativecdn.com
URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.39.111 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 111.39.190.35.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: b550fdfef49451bf9da93b1c0288131e2777d937d231bbc047c76c0175e2e339

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://rokgrupi.start.bg/

Response headers

access-control-allow-credentials: true
access-control-allow-methods: POST
via: 1.1 google
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 241
date: Sun, 22 Dec 2024 14:05:35 GMT
content-type: application/json
x-cloud-trace-context: f0291f05969eae8dcdbbf04ba7f2f917
server: Google Frontend
access-control-allow-headers: X-Requested-With

GET
H2

200

rexdot.js Show response
gabg.hit.gemius.pl/__/_1734876335814/
Redirect Chain

https://gabg.hit.gemius.pl/_1734876335814/rexdot.js?l=100&sendf=24&id=nd.rsncd7FXOxaUpOCyDmuW0zZTdOJt0WgWWrkFiqB7.C7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&tz=480&fv=-&href=https%3A%2F%2Frokgr...
https://gabg.hit.gemius.pl/__/_1734876335814/rexdot.js?l=100&sendf=24&id=nd.rsncd7FXOxaUpOCyDmuW0zZTdOJt0WgWWrkFiqB7.C7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&tz=480&fv=-&href=https%3A%2F%2Fro...

167 B
703 B

299ms
297ms

Script
text/javascript

78.128.6.42
Telepoint Telepoi...

General

Check archive.org

Show headers Download Go to

Full URL: https://gabg.hit.gemius.pl/__/_1734876335814/rexdot.js?l=100&sendf=24&id=nd.rsncd7FXOxaUpOCyDmuW0zZTdOJt0WgWWrkFiqB7.C7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&tz=480&fv=-&href=https%3A%2F%2Frokgrupi.start.bg%2F&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=6gywqhXY7JxuWBQNGbseSu6CrQv42zGReFuOQ8hmSKD.x7bCP6_zQ9dV5E91Ojwc7CpvrLSKFOr1Jk2YNNmp8x1WdyfB/aEKAhwoT4hb7a/&fpdata=38bLAj.1QIVerV_0pKq5EfS45xBku98aBgWa1Irt4Rn.Q7%7C1734876335%7C2%7C%7C%7C8%2C3%2C32&ltime=583&fr=1&ref=&inner=_ver%3D355%7C_ch_mobile%3D0%7C_ch_wow64%3D0%7C_ch_brands%3D&exid=67681caf0d935e3a&brts=1734876335&fpcap=
Requested by: Host: rokgrupi.start.bg
URL: https://rokgrupi.start.bg/
Protocol: H2
Server: 78.128.6.42 , Bulgaria, ASN31083 (Telepoint Telepoint Ltd, BG),
Reverse DNS: ip-6-42.telehouse.bg
Software: GHC /
Resource Hash: 8f4fa7694effc4ba6e8960743b4ff41a5fa8e90b21699f15715e5b049fe47e5f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://rokgrupi.start.bg/

Response headers

cache-control: no-store, no-cache, must-revalidate, max-age=0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor
cross-origin-resource-policy: cross-origin
expires: Sat, 21 Dec 2024 14:05:36 GMT
accept-ranges: none
p3p: CP="NOI DSP COR NID PSAo OUR IND"
content-length: 167
date: Sun, 22 Dec 2024 14:05:36 GMT
content-type: text/javascript
server: GHC

Redirect headers

cache-control: no-store, no-cache, must-revalidate, max-age=0
location: /__/_1734876335814/rexdot.js?l=100&sendf=24&id=nd.rsncd7FXOxaUpOCyDmuW0zZTdOJt0WgWWrkFiqB7.C7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&tz=480&fv=-&href=https%3A%2F%2Frokgrupi.start.bg%2F&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=6gywqhXY7JxuWBQNGbseSu6CrQv42zGReFuOQ8hmSKD.x7bCP6_zQ9dV5E91Ojwc7CpvrLSKFOr1Jk2YNNmp8x1WdyfB/aEKAhwoT4hb7a/&fpdata=38bLAj.1QIVerV_0pKq5EfS45xBku98aBgWa1Irt4Rn.Q7%7C1734876335%7C2%7C%7C%7C8%2C3%2C32&ltime=583&fr=1&ref=&inner=_ver%3D355%7C_ch_mobile%3D0%7C_ch_wow64%3D0%7C_ch_brands%3D&exid=67681caf0d935e3a&brts=1734876335&fpcap=
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor
cross-origin-resource-policy: cross-origin
expires: Sat, 21 Dec 2024 14:05:35 GMT
accept-ranges: none
p3p: CP="NOI DSP COR NID PSAo OUR IND"
content-length: 0
date: Sun, 22 Dec 2024 14:05:35 GMT
server: GHC

GET
H3 200 sodar Show response
ep1.adtrafficquality.google/getconfig/ 17 KB
13 KB 171ms
59ms XHR
application/json 142.250.64.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ep1.adtrafficquality.google/getconfig/sodar?sv=200&tid=gpt&tv=m202412090101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412090101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.64.98 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s31-in-f2.1e100.net

Software

cafe /

Resource Hash

810ef122b8acd7d3c36ff098a94b7a5123820314da08541072f4589736d46a95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://rokgrupi.start.bg/

Response headers

timing-allow-origin: *
content-encoding: br
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 13206
date: Sun, 22 Dec 2024 14:05:38 GMT
x-xss-protection: 0
content-type: application/json; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H2 200 favicon.ico
rokgrupi.start.bg/ 4 KB
4 KB 143ms
141ms Other
image/vnd.microsoft.icon 194.12.229.104
EVOLINK-AS Evolin...

General

Check archive.org

Show headers Download Go to

Full URL: https://rokgrupi.start.bg/favicon.ico
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 194.12.229.104 Sofia, Bulgaria, ASN8262 (EVOLINK-AS Evolink AD, BG),
Reverse DNS: www.start.bg
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 702afa52d996c68ca1476be54c9a53914a8462fb473e4f169a4ad46c05f1ebb6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://rokgrupi.start.bg/

Response headers

accept-ranges: bytes
content-length: 3638
date: Sun, 22 Dec 2024 14:05:38 GMT
etag: "380c16-e36-56630e94cb168"
last-modified: Tue, 27 Feb 2018 12:39:02 GMT
content-type: image/vnd.microsoft.icon
server: Apache/2.2.15 (CentOS)

GET
H2 200 sodar2.js Show response
ep2.adtrafficquality.google/sodar/ 18 KB
7 KB 134ms
55ms Script
text/javascript 142.251.41.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ep2.adtrafficquality.google/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412090101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.41.1 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s40-in-f1.1e100.net

Software

sffe /

Resource Hash

ff3de130872fe0fb5b770dfa2bc9f0daf8ab320403a34a60d089436f08d24f99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://rokgrupi.start.bg/

Response headers

content-encoding: gzip
etag: "1727224258380615"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
x-content-type-options: nosniff
expires: Sun, 22 Dec 2024 14:05:38 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 22 Dec 2024 14:05:38 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: private, max-age=3000
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 6445
x-xss-protection: 0
server: sffe

GET
H2 200 runner.html
ep2.adtrafficquality.google/sodar/sodar2/232/ Frame 1CD6 0
0 108ms
35ms Document
text/html 142.251.41.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ep2.adtrafficquality.google/sodar/sodar2/232/runner.html

Requested by

Host: ep2.adtrafficquality.google
URL: https://ep2.adtrafficquality.google/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.41.1 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s40-in-f1.1e100.net

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://rokgrupi.start.bg/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 19
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3000
content-encoding: gzip
content-length: 5005
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 22 Dec 2024 14:05:20 GMT
expires: Sun, 22 Dec 2024 14:55:20 GMT
last-modified: Mon, 23 Sep 2024 18:12:21 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe
www.google.com/recaptcha/api2/ Frame 5163 0
0 121ms
55ms Document
text/html 142.250.80.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: ep2.adtrafficquality.google
URL: https://ep2.adtrafficquality.google/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.100 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s36-in-f4.1e100.net

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-5wKSQB8q-D6dnu2Hm9icjg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://rokgrupi.start.bg/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-5wKSQB8q-D6dnu2Hm9icjg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy-report-only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy: cross-origin
date: Sun, 22 Dec 2024 14:05:39 GMT
expires: Sun, 22 Dec 2024 14:05:39 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server: ESF
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 collect
analytics.google.com/g/ 0
0 47ms
44ms Fetch
text/plain 216.239.34.181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-QPK7X91FPK&gtm=45je4cc1v896316010za200zb9174316107&_p=1734876333030&gcd=13l3l3l3l1l1&npa=0&dma=0&tcfd=10000&tag_exp=101925629~102067555~102067808~102081485~102198178&cid=991067755.1734876334&ul=en-ca&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_eu=AEI&sid=1734876333&sct=1&seg=0&dl=https%3A%2F%2Frokgrupi.start.bg%2F&dt=%D0%A0%D0%BE%D0%BA%20%D0%B3%D1%80%D1%83%D0%BF%D0%B8%3A%20Pinkfloyd%2C%20Deep%20Purple%2C%20Aerosmith%2C%20Theatre%20of%20Tragedy%2C%20Him%2C%20Tribute%20bands&_s=2&tfd=24685
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-QPK7X91FPK&l=dataLayer&cx=c&gtm=45He4cc1v9174316107za200
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.34.181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://rokgrupi.start.bg/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://rokgrupi.start.bg
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 22 Dec 2024 14:05:39 GMT
content-type: text/plain
server: Golfe2

GET sodar
ep1.adtrafficquality.google/pagead/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: apis.google.com
URL: https://apis.google.com/u/0/se/0/_/+1/fastbutton?usegapi=1&size=medium&origin=https%3A%2F%2Frokgrupi.start.bg&url=https%3A%2F%2Frokgrupi.start.bg%2F&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.eXGUr_3hPjA.O%2Fd%3D1%2Frs%3DAHpOoo-g8reFxkIuQ1pTpW4rHM0-Devz-A%2Fm%3D__features__

Domain: ep1.adtrafficquality.google
URL: https://ep1.adtrafficquality.google/pagead/sodar?id=sodar2&v=232&t=2&li=gpt_m202412090101&jk=172479684484990&bg=!R0SlRAvNAAbtGp3CzRo7ADQBe5WfOJoeqRx82lJjCvmXzTrPXySLIa3XIiEsHW7QMDLuHFPQtvZuutejR1lTpVhn0qsSAgAAAHRSAAAABGgBB34ANmkKT6FPDaD_mLUd1OFmKHOCKdOuIgiI0_7l2HyNfaEhG9hcuzaAAkfUC-lCSdO3DIaxMfiBkAoACNour3Ivsoy7mQKd0jYeSbxawkGT911zkJlHuaDxCdEdWf8YZUUgl6HorykL_skzaSsnzdLnZNwb23U0vGH95YwcLuAOmcpNMNVE1Ner6u7nFtEu2vZXqGUQ1v32428jg8fHiY_Tl5cr8GfdPLOw0NrqNI_GGl3KM26z2_U0_8civs64jJBVarJTfh4GBnxgM3caGAa81to735AAlSn6Et2hrurKTqo7OcoN5e2NcD1uQh_nGN0A-kQTYcJHg_TKw1trOe5ZxPZ_--3rUJwix7cqAkZGe0HRqGLrTMEUIjaziEgApG8L9XmXZVqBXn747O6TVKGWS3Np5_-2DKlRcVxfWGyrJc5nZ2uMzLwvgKDjuCgtVWnzJq4n-JBj3sUuH2h8-ka7pwYUpZm3PRAU1CIw-m8hnla33DXzGBy1xgO61BHCd8sJpyMqWiZ3wWJWPwFPhZttaqhwqUBAVlQq_U7jJtLuK6mWHMAe8PyVD2fTyH-FmwmHbRlSLcERnvX5jyTfl7yflCVEIDA1viDypzZKDCm9Qh5Q1pV__omK6NED9ODWkGgbe_zzUVqFQUBSoJZLUyX7QP6jrpKTrIR9n20okqeKWA3LvPNpYOT-943M1Rp9lPXFemtJXrnEjANqd5CayUAKDKbb4cBCLxnzh0QkzNZMVOzT7Qbfe4OABJlyryO6E-OyLoN83gPhkvVy88lNnOT9GoHZveqDupnf3jvxndLqVKNFKHyBgYYhAS5MkLhrsUwy5yXZP9aZLgXWoZyuwV7jBO0FII-u3j8MVKsNivVPoOaPknmssSS2s9P1DihefF8bcK6fIx437HWN0TkiAyed6_V07VA5EpMnvKCncLZGPKqIS6KJTuxcNCKPbTkoIj9zpfXwPFEZgztO0OEVeDW5uQzt

Verdicts & Comments Add Verdict or Comment

306 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

34 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.start.bg/	1970-01-21 01:55:04	Name: fbnr Value: 1
rokgrupi.start.bg/	1969-12-31 23:59:59	Name: BLOG Value: BLOG
start.bg/	1969-12-31 23:59:59	Name: BLOG Value: BLOG
rokgrupi.start.bg/	1969-12-31 23:59:59	Name: _sct Value: 1
.criteo.com/	1970-01-21 11:16:12	Name: cto_bundle Value: SymqaF9id2FYOWJsMlgweEV5JTJGTDdvN3ljYUc4SyUyRmJLJTJGRENZZmJUUEp6YkRZQ0M2S3ZoblkybnVrQ1VTSmFPRllnTU5OMGhiNkVldnJrdDdkWXU4ZHZnY1BucFQ4RHpsV3hWZXh0Y1VVb2djQlB2cyUzRA
.criteo.com/	1970-01-21 11:16:12	Name: receive-cookie-deprecation Value: 1
.start.bg/	1970-01-21 04:04:12	Name: _fbp Value: fb.1.1734876333619.407490318221064886
.imrworldwide.com/	1970-01-21 11:16:12	Name: IMRID Value: cf6f97a0-c06d-11ef-a13b-1304d6bb2594
.start.bg/	1970-01-21 11:30:36	Name: _ga_J0D31ZH87L Value: GS1.1.1734876333.1.0.1734876333.0.0.1816620134
.start.bg/	1970-01-21 11:30:36	Name: _ga_XVP8NBQ5PQ Value: GS1.1.1734876333.1.0.1734876333.0.0.0
.start.bg/	1970-01-21 11:30:36	Name: _ga Value: GA1.2.991067755.1734876334
.start.bg/	1970-01-21 01:56:02	Name: _gid Value: GA1.2.1149104623.1734876334
.start.bg/	1970-01-21 01:54:36	Name: _gat Value: 1
.start.bg/	1970-01-21 11:16:12	Name: __gads Value: ID=adbe7a08c016600c:T=1734876333:RT=1734876333:S=ALNI_MZnAVApdIaFG45VjnhBDDk33eVv3w
.start.bg/	1970-01-21 11:16:12	Name: __gpi Value: UID=00000fc0a2b79cef:T=1734876333:RT=1734876333:S=ALNI_MYOlt9xzR3IvhnNIZyC981fcnAYPw
.start.bg/	1970-01-21 06:13:48	Name: __eoi Value: ID=4283ca1d17382e7d:T=1734876333:RT=1734876333:S=AA-Afjbf-lTAm9eEx9ucYhj_lkSv
.start.bg/	1970-01-21 11:30:36	Name: _ga_QPK7X91FPK Value: GS1.1.1734876333.1.0.1734876334.59.0.0
.start.bg/	1970-01-21 10:40:12	Name: FCNEC Value: %5B%5B%22AKsRol8nq2fRediKPFekIf5YiHYyp8r6NQs_RUnr43ZOMy0dhK2TkHIlltSrnSsDZeWXprWzpNVY0D8jr_dEWwjoeXbkiBfAGoWX-u5E1_S59joqu657PpddQop5n-LT8fP0CHM-i8s3j-s5SWLu7e6ENsYDbJIGZw%3D%3D%22%5D%5D
.doubleclick.net/	1970-01-21 11:30:36	Name: IDE Value: AHWqTUkXnIGbzbggeLJ4hZ3NTU3HEcdP8TgW_FIyVYxUdW2FlYy27MBPd9Z0n51Vg3A
.googleadservices.com/	1970-01-21 04:04:12	Name: ar_debug Value: 1
.start.bg/	1970-01-21 11:23:24	Name: __gfp_64b Value: 38bLAj.1QIVerV_0pKq5EfS45xBku98aBgWa1Irt4Rn.Q7\|1734876335\|2\|\|\|8,3,32
.crwdcntrl.net/	1970-01-21 08:23:24	Name: _cc_dc Value: 0
.crwdcntrl.net/	1970-01-21 08:23:24	Name: _cc_id Value: cb01162a6264890d3c242da8a741af02
.start.bg/	1970-01-21 01:54:36	Name: lotame_domain_check Value: start.bg
.start.bg/	1970-01-21 08:23:24	Name: _cc_id Value: cb01162a6264890d3c242da8a741af02
.start.bg/	1970-01-21 01:56:02	Name: panoramaId_expiry Value: 1734962735534
.hit.gemius.pl/	1970-01-21 11:23:24	Name: receive-cookie-deprecation Value: 1
.hit.gemius.pl/	1970-01-21 02:04:41	Name: Gtest Value: KlQP1RGGQMGGeWIsQWunGEfUssGMXP8c25nSGmFOkngWXBG.
.hit.gemius.pl/	1970-01-21 11:23:24	Name: Gdyn Value: KlGIaMXGQMGGeWIsQWunGEfUssGMl1gcL6nxmG7B-KmfwJaUGsRPtP7iGKGGq1OEgGb8EoG2GxGK4Fl_2FyGsG..
.hit.gemius.pl/	1970-01-21 11:23:24	Name: Gdynp Value: DmTAwDg1sbnntjw_g8Rja3NsOeGEeBTIOs8vlG9A83v.c7
.mediago.io/	1970-01-21 10:40:12	Name: __mguid_ Value: e94ce74fddf3f4a02loi0100m4zoksh1
gtrace.mediago.io/	1970-01-21 10:40:12	Name: cst_70 Value: ts=1734876336
.criteo.com/	1970-01-21 11:16:12	Name: uid Value: 8f2a2568-906f-4235-b90b-0a64e459d058
.start.bg/	1970-01-21 11:16:12	Name: cto_bundle Value: USkW7l9pQW1yeFklMkZQZzJlSko1MUxGN3FmcklKaVMxQkVBTVRQOCUyRklWeTFzelRpdllhTzRydFNVUmJ0blBwSE56Z2l2Q2xyejdldHA1bWJWcUhBNU1hQVhVRiUyQjdnWlpHVHhtSWV4UUdyalZUSXpnOHNWTUVJY21MUFFKaCUyQllzQm1DMzllZmtkRWFvbHRQM3RCOUNSWjhJUFZFUSUzRCUzRA

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://rokgrupi.start.bg/(Line 416) Message: Mixed Content: The page at 'https://rokgrupi.start.bg/' was loaded over HTTPS, but requested an insecure frame 'http://www.facebook.com/plugins/like.php?locale=bg_BG&href=https%3A%2F%2Frokgrupi.start.bg%2F&layout=button_count&show_faces=false&width=120&action=like&colorscheme=light&height=50'. This request has been blocked; the content must be served over HTTPS.
security	error	URL: https://apis.google.com/js/plusone.js(Line 81) Message: Mixed Content: The page at 'https://rokgrupi.start.bg/' was loaded over HTTPS, but requested an insecure frame 'http://developers.google.com/#_methods=onPlusOne%2C_ready%2C_close%2C_open%2C_resizeMe%2C_renderstart%2Concircled%2Cdrefresh%2Cerefresh&id=I0_1734876333373&_gfid=I0_1734876333373&parent=https%3A%2F%2Frokgrupi.start.bg&pfname=&rpctoken=26852586'. This request has been blocked; the content must be served over HTTPS.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

96be86e24598c8b1d2cfc3e50bb8e199.safeframe.googlesyndication.com
accounts.google.com
analytics.google.com
apis.google.com
bcp.crwdcntrl.net
cdn-ima.33across.com
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.prod.uidapi.com
cdn.taboola.com
connect.facebook.net
dnes.bg
ep1.adtrafficquality.google
ep2.adtrafficquality.google
esp.rtbhouse.com
fundingchoicesmessages.google.com
gabg.hit.gemius.pl
gum.criteo.com
id5-sync.com
invstatic101.creativecdn.com
ls.hit.gemius.pl
oa.openxcdn.net
pagead2.googlesyndication.com
rokgrupi.start.bg
secure-it.imrworldwide.com
securepubads.g.doubleclick.net
start.bg
static.criteo.net
stats.g.doubleclick.net
tags.crwdcntrl.net
td.doubleclick.net
www.dnes.bg
www.facebook.com
www.google-analytics.com
www.google.ca
www.google.com
www.googletagmanager.com
apis.google.com
ep1.adtrafficquality.google
104.18.28.101
104.22.53.86
108.138.128.46
142.250.31.155
142.250.64.104
142.250.64.98
142.250.65.194
142.250.65.226
142.250.80.100
142.250.80.110
142.250.80.3
142.250.81.238
142.251.40.130
142.251.40.161
142.251.41.1
146.59.30.96
151.101.1.44
151.101.129.229
151.101.129.44
162.19.138.119
18.164.109.182
194.12.229.102
194.12.229.104
216.239.34.181
31.13.65.36
31.13.65.7
34.102.146.192
34.96.70.87
35.190.39.111
52.209.34.152
52.45.239.128
64.233.180.84
74.119.117.17
74.119.117.4
78.128.6.42
01486cea718f0071a2b6c27932aa0f4c02b27777244565c6ce6354786a9c409d
04d85fdaa240e9c6964c1b3afe75b8802720a8d9a98e6c35f346f599b1113af4
04e91b031f9526ff060b6858d2839e93f91b0da5fbd8b8620455837e618e2906
14f1701383e88cac8f33e0c9beded263b52950844d7931ac8180984f3d1ec636
156b6b0763f4c83731c954e5181a938a32c789fa9941244fe02cedd3d2b3c33b
1635d2075d3343c86490d2229c1fb868ad59d92958ef65e04cb65767c703e9f6
18491c66d5e5c390695457ad2671b234d78cd882e39477f7d71cb9d77255f76e
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
1b2aa7ef1be07a464ec32db9269eeab1da97f3d01205892b56b04688fd075e0f
1bd2f2daf400d07d59fb08d08ff63580436cb504cd54907d461235bd0fc8c64b
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
20112116cdf4366ecb204de75be331df18bedb0112ce118c54e5727ff6a10457
229f33fcfc02b0197d9e8687697576f73d939e7ca6674351d9fed23d8d50e8d5
240b47b933e476a2e5b4f33cd3362318bcee403f20cff581861c5fdc4f620762
24751cbae618f6fbeb532498fd1ceeda5350f30085086cd5426961a2695e3d9f
25cf987e431553251aeb5b2029c86b08d2ed625d00b5e1faab40602058972e11
2920ba8ae352ff014d4770161ac9983ccaf6227b3d4fb1c281bc15d1f84bc23c
2b495183f1d33f0d72803519ed4435d7406e752680e36b71d6a0ba349fb3d582
2ca05ee865dcc496c308e6bca47dde3e6bd6f00ba7b10c2491630ac92dd9fc07
2df119bf8eef628db986393ed21bddea8ae60e4ff65147fb6afc17241c3794a2
2e795984995d6af898f0a3c4b55d3463955589486c00db98060e142d402ff4ad
30b32e97f2e3e06deb742bf2e19daeb4f4657a956e836c2a25a7df2bc72f7500
31743348e6a804068252e1e77da67d44534cf81a0339141bc305b88798356b8b
37301383e2a60f92d2eda0653720a86faec584aafdd48d69b887119c332fed57
3a4b306243e0054e1b9b962b0d24ac2ece1a46f048db8d5bab104def02b8f41e
3afadb2c1b557e72372f35ddac45c9638faa3de842363f36e560ab7d1045b32a
3c0ca7291b988591188905fdbb0f1d3cd89fd90316f703be37c56e8897bc92cd
3f5b9261dd293dea6792b58a5310556e642f9eb62dc227015ff558553f301f94
404c2285b21d7174de5bdb390b2fe8397c6f96c925ccaae7590280eea6d09c4c
40fc0d69875ba7ef2b0d54d1d93716b53a73f670c36a003e18f9dc6ab37df85f
42f2b7b01ddd149db084dbc4fc90edc676ed2d7248ea0d925c5b33216645bf27
47e6e112949ea41afc6f274a343a9e8a9e33b0ce265830a718c043bd873a19a3
4b65048fac368839dde37eb9b461b41c08adf3a033c0dfbfed6077b93d7fed42
4eea43e4bfce4f24fd26b52d057b0be7f75e6fea7c639b6eaf42381df36c2edb
4f05d3fd1d449339620ac8db820125dd2aa778bd8eefbfec55a200d28f45f264
527412200223eb596a853ff75f18825ed99d502e55984816cded4be72ca7cc6e
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
5d8dac2d4ae43a0b541c160f30e8238951b42b13bb5f01ca2697271b3a804ad2
5dd78d76ed72dfd7c8300d8cb5825fab9a8fd9f5e60d5730506e72c4fc17af99
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3
6442b54b203d16098ffbe14e66b99eaa4f511e237f3f4527b6838155bc042a5f
65da8aa6933d1b90699ef2b565bb3152c6df2608c479bb0719ac2c32c75ecadc
6d4e84792908fb3b79de67241216f3529866cc6bfe750859ee5edcae344951d8
702afa52d996c68ca1476be54c9a53914a8462fb473e4f169a4ad46c05f1ebb6
73d75726636e22d3a2142a52c147745860f0df8fcbee338036db9c67c3cc92e9
74417638953acb52a67fefb8217c24c9823fbbb3953ba9942362be7d3425f586
7beb3d5bd3236f320f0bfa4f0d04a41d9027a7f2ec322834e3f50d01fe471305
7c8402330e0ceb87cf473bc11b340d6b824162a6f20ad0d68303117290978bb2
809b4a4ed0ed1213b724e915af303111e9cdefcbc3f53d6bd3205e331f6356b9
810ef122b8acd7d3c36ff098a94b7a5123820314da08541072f4589736d46a95
8208c9bd7f0ff7350e7ee68568bf16329a4bb5f973ba5058f550cd3d3bba71fc
833e494192cd20a0b64cdc243fb54d2983f895f9883988c0625ca97f6e81d3a6
83e432ca25dfce3834ce0da6b52aefd14fea84af71e9f13efca0063a1ad7e321
86f065c43bbbbbf69d1e981963ae01c814c57eee5629e9d725705bef754df5ff
8c93adc8f75a2e34e0c80f069597c85db9818651179f4ce114155bc594b9d2d1
8f4fa7694effc4ba6e8960743b4ff41a5fa8e90b21699f15715e5b049fe47e5f
909e34677ef6cb135b93dfeed89ab216624ae9a79429b31e4de75c0117fea2bb
9391d8a655b4fe04db6263f98dd65317efc78868a64a30c0a4c678177cf104c0
93f09b2968b8723fbe0664fc26b4148f7d6b1e0c559789b69ab675fea6019570
93ff925ba5cf9fed235e2853ea2eaaa62a2124f3ac4b4b483b3c5a78ce76eec8
96b335b41362fd966c7e5e547db375ef0be7dcb2aec66bf3646782eeaed4b2cf
9ccbb55b32677ee3d4a6d4238f0e6e3b6af56f9b8a9f9ac8cb2aa67d4a653ea2
9d9628fbd913c958e9421cd8ae6faee72c3dced1f6d77476785d1dabaa322de0
9ffa45453324362cbc5cc78288e04513100c2d61baf3a969717ea5df3d0dbb39
a3f7630a388a10102b76ac0ebbe3a332a5fade9468e3358fd6bdc17c40c520ae
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a7c602458281beeb1c9bf6c37595c1e84f5992a990bc1159ac6cf9b7b6e756af
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
adabd389d3390337abf62cc9935c593988a55a1ec75a648241afbb9e74e87090
b550fdfef49451bf9da93b1c0288131e2777d937d231bbc047c76c0175e2e339
b6cceca474a39f081a0aca85fc7fb198ef9459b189928a88c8842df545682d6a
bb9c6b82a8d12b6809f51679b9d9522d396d838b5a5461f8051bd3fe54b1a422
bd51626cbfe5a957015ff8cc16a3b75aeeb8fb74c11c61585cacc4291f292242
c07794d44a289400d06220ce8ccdd97a0e8a1df20f78acf4c462b23b8ee7d8af
c0bd6608323599a04108e775357527671266fc71a521425577c36287720c4caf
c169bd613a8b17acec4304e2e2e14782ec7e5efdbe9570f40b7161b997170553
c38f81a65e43f2a7e3a74f32ba5f2cc38a0ab21c96edc96309b76e7729575ef3
c45c8b81ccfcbc08127b74787d1b5974078756233de947986c357e28ed8f13ac
c8370a2d050359e9d505acc411e6f457a49b21360a21e6cbc9229bad3a767899
cd13d88c44253ca4f73abf6956ff36c4ddc4278b944a9acbf2beb4f7e99ee943
d4440f225bfeb5f4a1075539b8f98e16e9ccf13e3875b16e5011d955cab91e71
d4cc3d380a6da5406f64bb58a39eb3d7e32978b96e609bcf650dc268aae69421
d8c308c8e8d4fec2b79b87acf07310644d07f405a9373da2245b6b4b2f2363f0
db19fbf67e063b0635293ccd8fda99fce44108fc1544c8069aadb0f0939633ac
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
dedf23db5cf5db6cb6e94c7b3e46411de6d3f0e6115e3e269f40fb199b818df4
df462206b7485c121c040e9de22ed0f2d63c55df4972df52a7019a68d7c2138e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e69abd7e0cc82f336e61fea889e406ecbbeb7ece1df960231b7a9ba0d1dd1676
e94d43a8c6ea8fe550535421f53fd6a89fe38c681d2d3a08f93c93a28d2d3836
ea3f50c8919a295f70ab139351c0265c5ff72da651f9639dda490ea041fdcad7
ea9641ba6bb4a9225c6a1477b83989b45626cb7d03bcc0ef30c034fcb4165a94
eb05426766d492bec056403a7293ca69bf317144d054dc39d9ba4de649fd513a
eb48844406676216bbb15a54b442ac5dc74609f10041e09635ff5809698003c5
eb79a6b8caef93bbea6b219738b68127fb1f7daba128565fc3b17dc576be7284
ed98dd22ef82ad3d9c3ccd3a9ef2d6952b486bc07eb61e063be85f3a580ae2f5
ee0024bfc7bbcc8cc7182cbf067b2e52b307768d0f1598c4cafcc9b21d564d5c
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0db2da3ee90dcf1f14054ba3c18ccc331993a4f19fd95c56169f3de5047950e
f70f27072692ae38d6ce555af2df626b6183cb878903a6998e42224788e785b1
f732e1ff1556e303eae65488753c0a9700e50436e1c4bb4b74cd23f9e70ae34a
fd1bca0d6bb51e2a525c852e50dffbb0c735f4d30a3575cb15533030f06c47f5
fdad421d6b195047d70c6029df3ed29c8abb25e72926d7bfe3e0a0cab57fbf28
ff0d3373258f5aa69671c5971030f5484b741384c7ef545da1118f58f8b1b980
ff3de130872fe0fb5b770dfa2bc9f0daf8ab320403a34a60d089436f08d24f99

rokgrupi.start.bg Open in urlscan Pro 194.12.229.104 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

130 Requests

95 %HTTPS

0 %IPv6

24 Domains

37 Subdomains

36 IPs

6 Countries

1422 kBTransfer

4429 kBSize

34 Cookies

46 Outgoing links

Redirected requests

130 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

rokgrupi.start.bg Open in urlscan Pro
194.12.229.104 Public Scan

Screenshot
Live screenshot

Full Image

130
Requests

95 %
HTTPS

0 %
IPv6

24
Domains

37
Subdomains

36
IPs

6
Countries

1422 kB
Transfer

4429 kB
Size

34
Cookies

130 HTTP transactions
0 data transactions