urlscan.io logo urlscan.io
SecurityTrails logo

e-service.electrohold.bg Open in urlscan Pro
213.91.170.91  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://e-service.electrohold.bg/
Effective URL: https://e-service.electrohold.bg/es/es.php
Submission: On April 23 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 3 countries across 5 domains to perform 31 HTTP transactions. The main IP is 213.91.170.91, located in Bulgaria and belongs to VIVACOM-AS BULGARIA, BG. The main domain is e-service.electrohold.bg.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on April 3rd 2024. Valid for: a year.
This is the only time e-service.electrohold.bg was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 23 213.91.170.91 8866 (VIVACOM-A...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a04:4e42:400... 54113 (FASTLY)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
6 2a00:1450:400... 15169 (GOOGLE)
31 5
23    213.91.170.91 (Bulgaria)

ASN8866 (VIVACOM-AS BULGARIA, BG)
PTR: 213-91-170-91.ip.btc-net.bg
e-service.electrohold.bg
1    2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a04:4e42:400::649 (United States)

ASN54113 (FASTLY, US)
code.jquery.com
1    2606:4700:20::681a:6dc (United States)

ASN13335 (CLOUDFLARENET, US)
www.freeprivacypolicy.com
6    2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Apex Domain
Subdomains		 Transfer
23 electrohold.bg
e-service.electrohold.bg
3 MB
6 gstatic.com
fonts.gstatic.com
76 KB
1 freeprivacypolicy.com
www.freeprivacypolicy.com — Cisco Umbrella Rank: 85152
56 KB
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 767
81 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 33
1 KB
31 5
Domain Requested by
23 e-service.electrohold.bg 1 redirects e-service.electrohold.bg
6 fonts.gstatic.com fonts.googleapis.com
1 www.freeprivacypolicy.com e-service.electrohold.bg
1 code.jquery.com e-service.electrohold.bg
1 fonts.googleapis.com e-service.electrohold.bg
31 5

This site contains links to these domains. Also see Links.

Domain
electrohold.bg
www.mi.government.bg
chrome.google.com
Subject Issuer Validity Valid
e-service.electrohold.bg
Sectigo RSA Domain Validation Secure Server CA		 2024-04-03 -
2025-05-03		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2024-03-18 -
2024-06-10		 3 months crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2023-07-11 -
2024-07-14		 a year crt.sh
freeprivacypolicy.com
E1		 2024-03-04 -
2024-06-02		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2024-03-18 -
2024-06-10		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://e-service.electrohold.bg/es/es.php
Frame ID: 043006F6D6E1AA1E287B7DAD4DE3AD70
Requests: 31 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

„Електрохолд продажби“ ЕАД

Page URL History Show full URLs

  1. http://e-service.electrohold.bg/ HTTP 307
    https://e-service.electrohold.bg/ HTTP 302
    https://e-service.electrohold.bg/es/es.php Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery-ui.*\.js

Page Statistics

31
Requests

100 %
HTTPS

80 %
IPv6

5
Domains

5
Subdomains

5
IPs

3
Countries

3330 kB
Transfer

3664 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://e-service.electrohold.bg/ HTTP 307
    https://e-service.electrohold.bg/ HTTP 302
    https://e-service.electrohold.bg/es/es.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

31 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request es.php
e-service.electrohold.bg/es/
Redirect Chain
  • http://e-service.electrohold.bg/
  • https://e-service.electrohold.bg/
  • https://e-service.electrohold.bg/es/es.php
42 KB
43 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://e-service.electrohold.bg/es/es.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.91.170.91 , Bulgaria, ASN8866 (VIVACOM-AS BULGARIA, BG),
Reverse DNS
213-91-170-91.ip.btc-net.bg
Software
Nothing here :) Nothing here :) / C3PIO & R2D2
Resource Hash
b150fe644dd8a41fdd0d9039fec6dd8595b54be293ddb16b08298cf1db1c3237
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=31536000; includeSubDomains;
X-Content-Type-Options nosniff nosniff
X-Frame-Options DENY Deny
X-Xss-Protection 1; mode=block
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Cache-Control
private, no-store, max-age=0, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
close
Content-Length
42672
Content-Security-Policy
default-src https: data: 'unsafe-inline' 'unsafe-eval'
Content-Type
text/html; charset=UTF-8
Date
Tue, 23 Apr 2024 10:25:05 GMT
Expect-CT
max-age=7776000, enforce
Expires
Tue, 23 Apr 2024 09:25:06 GMT
Last-Modified
Tue, 23 Apr 2024 10:25:06 GMT
Permissions-Policy
fullscreen=()
Pragma
no-cache
Referrer-Policy
origin
Server
Nothing here :) Nothing here :)
Strict-Transport-Security
max-age=31536000; includeSubDomains;
Tihomir
малък дебил
X-Content-Type-Options
nosniff nosniff
X-Frame-Options
DENY Deny
X-Powered-By
C3PIO & R2D2
X-XSS-Protection
1; mode=block
X-Xss-Protection
1; mode=block

Redirect headers

Cache-Control
no-store, no-cache, must-revalidate, max-age=0,post-check=0, pre-check=0
Connection
close
Content-Length
2
Content-Security-Policy
default-src https: data: 'unsafe-inline' 'unsafe-eval'
Content-Type
text/html; charset=UTF-8
Date
Tue, 23 Apr 2024 10:25:05 GMT
Expect-CT
max-age=7776000, enforce
Expires
Sat, 26 Jul 2019 05:00:00 GMT
Last-Modified
Tue, 23 Apr 2024 10:25:05 GMT
Location
./es/es.php
Pragma
no-cache
Server
Nothing here :) Nothing here :)
Strict-Transport-Security
max-age=31536000; includeSubDomains;
Tiho
fack you in the ass
X-Content-Type-Options
nosniff nosniff
X-Frame-Options
DENY Deny
X-Powered-By
C3PIO & R2D2
X-XSS-Protection
1; mode=block
X-Xss-Protection
1; mode=block
all.css
e-service.electrohold.bg/es/fontawesome-pro-5.15.3-web/css/ 		208 KB
209 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://e-service.electrohold.bg/es/fontawesome-pro-5.15.3-web/css/all.css
Requested by
Host: e-service.electrohold.bg
URL: https://e-service.electrohold.bg/es/es.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.91.170.91 , Bulgaria, ASN8866 (VIVACOM-AS BULGARIA, BG),
Reverse DNS
213-91-170-91.ip.btc-net.bg
Software
Nothing here :) / C3PIO & R2D2
Resource Hash
e002d314a0061fc6245d04ff673d9f2796edbde74ef5c02fe735f23947a25243
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=31536000; includeSubDomains;
X-Content-Type-Options nosniff
X-Frame-Options Deny
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://e-service.electrohold.bg/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Content-Security-Policy
default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security
max-age=31536000; includeSubDomains;
X-Content-Type-Options
nosniff
Referrer-Policy
origin
Last-Modified
Tue, 16 Mar 2021 13:15:14 GMT
Server
Nothing here :)
Date
Tue, 23 Apr 2024 10:25:06 GMT
ETag
"09d8966661ad71:0"
X-Powered-By
C3PIO & R2D2
X-Frame-Options
Deny
Content-Type
text/css
Permissions-Policy
fullscreen=()
Accept-Ranges
bytes
Content-Length
213221
X-Xss-Protection
1; mode=block
css2
fonts.googleapis.com/ 		9 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@300;400;500;700&display=swap
Requested by
Host: e-service.electrohold.bg
URL: https://e-service.electrohold.bg/es/es.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
af9e52b1788e243b0a07ba97a3de75df5845d00b896f1b83f38c42702a7ba690
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://e-service.electrohold.bg/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Tue, 23 Apr 2024 10:25:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 23 Apr 2024 08:49:05 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 23 Apr 2024 10:25:06 GMT
mdb.min.css
e-service.electrohold.bg/es/mdb5/css/ 		320 KB
321 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://e-service.electrohold.bg/es/mdb5/css/mdb.min.css
Requested by
Host: e-service.electrohold.bg
URL: https://e-service.electrohold.bg/es/es.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.91.170.91 , Bulgaria, ASN8866 (VIVACOM-AS BULGARIA, BG),
Reverse DNS
213-91-170-91.ip.btc-net.bg
Software
Nothing here :) / C3PIO & R2D2
Resource Hash
1743ddd77e445b002dfa02a117ee210f851ddfdb8dcf6bfff012ee21ea2c1aa0
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=31536000; includeSubDomains;
X-Content-Type-Options nosniff
X-Frame-Options Deny
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://e-service.electrohold.bg/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Content-Security-Policy
default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security
max-age=31536000; includeSubDomains;
X-Content-Type-Options
nosniff
Referrer-Policy
origin
Last-Modified
Mon, 22 Nov 2021 06:38:20 GMT
Server
Nothing here :)
Date
Tue, 23 Apr 2024 10:25:06 GMT
ETag
"0d6f8896bdfd71:0"
X-Powered-By
C3PIO & R2D2
X-Frame-Options
Deny
Content-Type
text/css
Permissions-Policy
fullscreen=()
Accept-Ranges
bytes
Content-Length
327732
X-Xss-Protection
1; mode=block
style.css
e-service.electrohold.bg/es/mdb5/css/ 		3 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://e-service.electrohold.bg/es/mdb5/css/style.css
Requested by
Host: e-service.electrohold.bg
URL: https://e-service.electrohold.bg/es/es.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.91.170.91 , Bulgaria, ASN8866 (VIVACOM-AS BULGARIA, BG),
Reverse DNS
213-91-170-91.ip.btc-net.bg
Software
Nothing here :) / C3PIO & R2D2
Resource Hash
d0ec9c3c5a7303379b68ea608c68c67ef21abdeb877d6efb19d4155c6b222b7b
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=31536000; includeSubDomains;
X-Content-Type-Options nosniff
X-Frame-Options Deny
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://e-service.electrohold.bg/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Content-Security-Policy
default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security
max-age=31536000; includeSubDomains;
X-Content-Type-Options
nosniff
Referrer-Policy
origin
Last-Modified
Mon, 20 Dec 2021 11:52:57 GMT
Server
Nothing here :)
Date
Tue, 23 Apr 2024 10:25:06 GMT
ETag
"a9c7b02198f5d71:0"
X-Powered-By
C3PIO & R2D2
X-Frame-Options
Deny
Content-Type
text/css
Permissions-Policy
fullscreen=()
Accept-Ranges
bytes
Content-Length
2642
X-Xss-Protection
1; mode=block
jquery-ui.css
e-service.electrohold.bg/es/css/ 		36 KB
37 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://e-service.electrohold.bg/es/css/jquery-ui.css
Requested by
Host: e-service.electrohold.bg
URL: https://e-service.electrohold.bg/es/es.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.91.170.91 , Bulgaria, ASN8866 (VIVACOM-AS BULGARIA, BG),
Reverse DNS
213-91-170-91.ip.btc-net.bg
Software
Nothing here :) / C3PIO & R2D2
Resource Hash
109718dd18b4d6980db9bf8278834bec268cab060f20bbc8308a80e2d9a4b47b
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=31536000; includeSubDomains;
X-Content-Type-Options nosniff
X-Frame-Options Deny
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://e-service.electrohold.bg/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Content-Security-Policy
default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security
max-age=31536000; includeSubDomains;
X-Content-Type-Options
nosniff
Referrer-Policy
origin
Last-Modified
Wed, 30 Dec 2020 11:13:36 GMT
Server
Nothing here :)
Date
Tue, 23 Apr 2024 10:25:06 GMT
ETag
"03032d19cded61:0"
X-Powered-By
C3PIO & R2D2
X-Frame-Options
Deny
Content-Type
text/css
Permissions-Policy
fullscreen=()
Accept-Ranges
bytes
Content-Length
37282
X-Xss-Protection
1; mode=block
toastr.css
e-service.electrohold.bg/es/css/ 		8 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://e-service.electrohold.bg/es/css/toastr.css
Requested by
Host: e-service.electrohold.bg
URL: https://e-service.electrohold.bg/es/es.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.91.170.91 , Bulgaria, ASN8866 (VIVACOM-AS BULGARIA, BG),
Reverse DNS
213-91-170-91.ip.btc-net.bg
Software
Nothing here :) / C3PIO & R2D2
Resource Hash
d3e96ccebb45c34719adbcb66edcc98b9410b779c5ad924a8ad9654ceb9f4c67
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=31536000; includeSubDomains;
X-Content-Type-Options nosniff
X-Frame-Options Deny
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://e-service.electrohold.bg/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Content-Security-Policy
default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security
max-age=31536000; includeSubDomains;
X-Content-Type-Options
nosniff
Referrer-Policy
origin
Last-Modified
Thu, 01 Jul 2021 10:57:36 GMT
Server
Nothing here :)
Date
Tue, 23 Apr 2024 10:25:06 GMT
ETag
"01096e6676ed71:0"
X-Powered-By
C3PIO & R2D2
X-Frame-Options
Deny
Content-Type
text/css
Permissions-Policy
fullscreen=()
Accept-Ranges
bytes
Content-Length
7801
X-Xss-Protection
1; mode=block
logo13.png
e-service.electrohold.bg/es/ 		57 KB
57 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e-service.electrohold.bg/es/logo13.png
Requested by
Host: e-service.electrohold.bg
URL: https://e-service.electrohold.bg/es/es.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.91.170.91 , Bulgaria, ASN8866 (VIVACOM-AS BULGARIA, BG),
Reverse DNS
213-91-170-91.ip.btc-net.bg
Software
Nothing here :) / C3PIO & R2D2
Resource Hash
b4cd042e0e71388401a9554210dea231dc2ff01e0b89bec9cc83c70f5a14419d
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=31536000; includeSubDomains;
X-Content-Type-Options nosniff
X-Frame-Options Deny
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://e-service.electrohold.bg/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Content-Security-Policy
default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security
max-age=31536000; includeSubDomains;
X-Content-Type-Options
nosniff
Referrer-Policy
origin
Last-Modified
Thu, 21 Apr 2022 06:27:56 GMT
Server
Nothing here :)
Date
Tue, 23 Apr 2024 10:25:06 GMT
ETag
"63934ef04855d81:0"
X-Powered-By
C3PIO & R2D2
X-Frame-Options
Deny
Content-Type
image/png
Permissions-Policy
fullscreen=()
Accept-Ranges
bytes
Content-Length
58045
X-Xss-Protection
1; mode=block
simple-php-captcha.php
e-service.electrohold.bg/es/p-captcha/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e-service.electrohold.bg/es/p-captcha/simple-php-captcha.php?_CAPTCHA&t=0.08153200+1713867906
Requested by
Host: e-service.electrohold.bg
URL: https://e-service.electrohold.bg/es/es.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.91.170.91 , Bulgaria, ASN8866 (VIVACOM-AS BULGARIA, BG),
Reverse DNS
213-91-170-91.ip.btc-net.bg
Software
Nothing here :) / C3PIO & R2D2
Resource Hash
feaed001fe128096572217bf747a9c207fa1bd3673085f29b07ef7dcd20ad78e
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=31536000; includeSubDomains;
X-Content-Type-Options nosniff
X-Frame-Options Deny
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://e-service.electrohold.bg/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Pragma
no-cache
Content-Security-Policy
default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security
max-age=31536000; includeSubDomains;
X-Content-Type-Options
nosniff
Referrer-Policy
origin
Server
Nothing here :)
Date
Tue, 23 Apr 2024 10:25:06 GMT
X-Powered-By
C3PIO & R2D2
X-Frame-Options
Deny
Content-Type
image/png
Cache-Control
no-store, no-cache, must-revalidate
Permissions-Policy
fullscreen=()
Content-Length
1648
X-Xss-Protection
1; mode=block
Expires
Thu, 19 Nov 1981 08:52:00 GMT
jquery-3.4.1.js
code.jquery.com/ 		274 KB
81 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.4.1.js
Requested by
Host: e-service.electrohold.bg
URL: https://e-service.electrohold.bg/es/es.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
5a93a88493aa32aab228bf4571c01207d3b42b0002409a454d404b4d8395bd55

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://e-service.electrohold.bg/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 23 Apr 2024 10:25:06 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
3623912
x-cache
HIT, HIT
content-length
82889
x-served-by
cache-lga21923-LGA, cache-cph2320050-CPH
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
server
nginx
x-timer
S1713867906.441984,VS0,VE0
etag
W/"28feccc0-4472c"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=604800
accept-ranges
bytes
x-cache-hits
1386, 1821
mdb.min.js
e-service.electrohold.bg/es/mdb5/js/ 		978 KB
979 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://e-service.electrohold.bg/es/mdb5/js/mdb.min.js
Requested by
Host: e-service.electrohold.bg
URL: https://e-service.electrohold.bg/es/es.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.91.170.91 , Bulgaria, ASN8866 (VIVACOM-AS BULGARIA, BG),
Reverse DNS
213-91-170-91.ip.btc-net.bg
Software
Nothing here :) / C3PIO & R2D2
Resource Hash
f4e7371a0c3ba993e28bb3338bcc897d4374593de7da5d604f76f8020f729623
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=31536000; includeSubDomains;
X-Content-Type-Options nosniff
X-Frame-Options Deny
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://e-service.electrohold.bg/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Content-Security-Policy
default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security
max-age=31536000; includeSubDomains;
X-Content-Type-Options
nosniff
Referrer-Policy
origin
Last-Modified
Mon, 22 Nov 2021 06:38:20 GMT
Server
Nothing here :)
Date
Tue, 23 Apr 2024 10:25:06 GMT
ETag
"0d6f8896bdfd71:0"
X-Powered-By
C3PIO & R2D2
X-Frame-Options
Deny
Content-Type
application/javascript
Permissions-Policy
fullscreen=()
Accept-Ranges
bytes
Content-Length
1001734
X-Xss-Protection
1; mode=block
cookie.min.js
e-service.electrohold.bg/es/mdb5/plugins/js/ 		26 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://e-service.electrohold.bg/es/mdb5/plugins/js/cookie.min.js
Requested by
Host: e-service.electrohold.bg
URL: https://e-service.electrohold.bg/es/es.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.91.170.91 , Bulgaria, ASN8866 (VIVACOM-AS BULGARIA, BG),
Reverse DNS
213-91-170-91.ip.btc-net.bg
Software
Nothing here :) / C3PIO & R2D2
Resource Hash
c08fc46e88b414decbaf009e069866a82e7033ca9ba237d74c38deb5091f32f0
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=31536000; includeSubDomains;
X-Content-Type-Options nosniff
X-Frame-Options Deny
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://e-service.electrohold.bg/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Content-Security-Policy
default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security
max-age=31536000; includeSubDomains;
X-Content-Type-Options
nosniff
Referrer-Policy
origin
Last-Modified
Mon, 22 Nov 2021 06:38:20 GMT
Server
Nothing here :)
Date
Tue, 23 Apr 2024 10:25:06 GMT
ETag
"0d6f8896bdfd71:0"
X-Powered-By
C3PIO & R2D2
X-Frame-Options
Deny
Content-Type
application/javascript
Permissions-Policy
fullscreen=()
Accept-Ranges
bytes
Content-Length
26378
X-Xss-Protection
1; mode=block
blockui.js
e-service.electrohold.bg/es/js/ 		20 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://e-service.electrohold.bg/es/js/blockui.js
Requested by
Host: e-service.electrohold.bg
URL: https://e-service.electrohold.bg/es/es.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.91.170.91 , Bulgaria, ASN8866 (VIVACOM-AS BULGARIA, BG),
Reverse DNS
213-91-170-91.ip.btc-net.bg
Software
Nothing here :) / C3PIO & R2D2
Resource Hash
19a659b4a9d935efdc6314ce966b5781b8440b6ecc3b071f24be0f79ee87cc91
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=31536000; includeSubDomains;
X-Content-Type-Options nosniff
X-Frame-Options Deny
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://e-service.electrohold.bg/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Content-Security-Policy
default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security
max-age=31536000; includeSubDomains;
X-Content-Type-Options
nosniff
Referrer-Policy
origin
Last-Modified
Mon, 16 Nov 2020 09:20:20 GMT
Server
Nothing here :)
Date
Tue, 23 Apr 2024 10:25:06 GMT
ETag
"0e249b4f9bbd61:0"
X-Powered-By
C3PIO & R2D2
X-Frame-Options
Deny
Content-Type
application/javascript
Permissions-Policy
fullscreen=()
Accept-Ranges
bytes
Content-Length
20584
X-Xss-Protection
1; mode=block
jquery-ui.js
e-service.electrohold.bg/es/js/ 		527 KB
527 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://e-service.electrohold.bg/es/js/jquery-ui.js
Requested by
Host: e-service.electrohold.bg
URL: https://e-service.electrohold.bg/es/es.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.91.170.91 , Bulgaria, ASN8866 (VIVACOM-AS BULGARIA, BG),
Reverse DNS
213-91-170-91.ip.btc-net.bg
Software
Nothing here :) / C3PIO & R2D2
Resource Hash
0bad7e3a8031272f74e25e91d73f50a3e90f9726df30b38823b94f956ea82c67
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=31536000; includeSubDomains;
X-Content-Type-Options nosniff
X-Frame-Options Deny
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://e-service.electrohold.bg/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Content-Security-Policy
default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security
max-age=31536000; includeSubDomains;
X-Content-Type-Options
nosniff
Referrer-Policy
origin
Last-Modified
Wed, 02 Dec 2020 08:50:56 GMT
Server
Nothing here :)
Date
Tue, 23 Apr 2024 10:25:06 GMT
ETag
"0d8783f88c8d61:0"
X-Powered-By
C3PIO & R2D2
X-Frame-Options
Deny
Content-Type
application/javascript
Permissions-Policy
fullscreen=()
Accept-Ranges
bytes
Content-Length
539419
X-Xss-Protection
1; mode=block
jquery.backstretch.min.2.js
e-service.electrohold.bg/es/js/jquery.backstretch/ 		17 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://e-service.electrohold.bg/es/js/jquery.backstretch/jquery.backstretch.min.2.js
Requested by
Host: e-service.electrohold.bg
URL: https://e-service.electrohold.bg/es/es.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.91.170.91 , Bulgaria, ASN8866 (VIVACOM-AS BULGARIA, BG),
Reverse DNS
213-91-170-91.ip.btc-net.bg
Software
Nothing here :) / C3PIO & R2D2
Resource Hash
39964cc1cde8eedc51def15fba797433dca4dd26b21a9e38e1e65d2fd4038b56
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=31536000; includeSubDomains;
X-Content-Type-Options nosniff
X-Frame-Options Deny
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://e-service.electrohold.bg/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Content-Security-Policy
default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security
max-age=31536000; includeSubDomains;
X-Content-Type-Options
nosniff
Referrer-Policy
origin
Last-Modified
Fri, 29 May 2020 08:39:40 GMT
Server
Nothing here :)
Date
Tue, 23 Apr 2024 10:25:06 GMT
ETag
"02e4cb19435d61:0"
X-Powered-By
C3PIO & R2D2
X-Frame-Options
Deny
Content-Type
application/javascript
Permissions-Policy
fullscreen=()
Accept-Ranges
bytes
Content-Length
17622
X-Xss-Protection
1; mode=block
sha256-2.js
e-service.electrohold.bg/es/js/ 		9 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://e-service.electrohold.bg/es/js/sha256-2.js
Requested by
Host: e-service.electrohold.bg
URL: https://e-service.electrohold.bg/es/es.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.91.170.91 , Bulgaria, ASN8866 (VIVACOM-AS BULGARIA, BG),
Reverse DNS
213-91-170-91.ip.btc-net.bg
Software
Nothing here :) / C3PIO & R2D2
Resource Hash
b19d716fcae31621d5eb55a918b4dc565e4a1152511f166864a1bb7e441cabbd
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=31536000; includeSubDomains;
X-Content-Type-Options nosniff
X-Frame-Options Deny
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://e-service.electrohold.bg/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Content-Security-Policy
default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security
max-age=31536000; includeSubDomains;
X-Content-Type-Options
nosniff
Referrer-Policy
origin
Last-Modified
Thu, 19 Dec 2019 12:50:32 GMT
Server
Nothing here :)
Date
Tue, 23 Apr 2024 10:25:06 GMT
ETag
"09c11e66ab6d51:0"
X-Powered-By
C3PIO & R2D2
X-Frame-Options
Deny
Content-Type
application/javascript
Permissions-Policy
fullscreen=()
Accept-Ranges
bytes
Content-Length
9025
X-Xss-Protection
1; mode=block
toastr.js
e-service.electrohold.bg/es/js/ 		5 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://e-service.electrohold.bg/es/js/toastr.js
Requested by
Host: e-service.electrohold.bg
URL: https://e-service.electrohold.bg/es/es.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.91.170.91 , Bulgaria, ASN8866 (VIVACOM-AS BULGARIA, BG),
Reverse DNS
213-91-170-91.ip.btc-net.bg
Software
Nothing here :) / C3PIO & R2D2
Resource Hash
c0b7ebc3f913f1977d3539db76818c7c65d6f0f6373eeafceb7bf4137892f6f5
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=31536000; includeSubDomains;
X-Content-Type-Options nosniff
X-Frame-Options Deny
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://e-service.electrohold.bg/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Content-Security-Policy
default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security
max-age=31536000; includeSubDomains;
X-Content-Type-Options
nosniff
Referrer-Policy
origin
Last-Modified
Thu, 01 Jul 2021 10:58:12 GMT
Server
Nothing here :)
Date
Tue, 23 Apr 2024 10:25:06 GMT
ETag
"03abfc676ed71:0"
X-Powered-By
C3PIO & R2D2
X-Frame-Options
Deny
Content-Type
application/javascript
Permissions-Policy
fullscreen=()
Accept-Ranges
bytes
Content-Length
5250
X-Xss-Protection
1; mode=block
purify.js
e-service.electrohold.bg/es/js/ 		54 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://e-service.electrohold.bg/es/js/purify.js
Requested by
Host: e-service.electrohold.bg
URL: https://e-service.electrohold.bg/es/es.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.91.170.91 , Bulgaria, ASN8866 (VIVACOM-AS BULGARIA, BG),
Reverse DNS
213-91-170-91.ip.btc-net.bg
Software
Nothing here :) / C3PIO & R2D2
Resource Hash
9934cac24133b6142edb1b89b8a388449f88491d746985b7c49565c8726e70fb
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=31536000; includeSubDomains;
X-Content-Type-Options nosniff
X-Frame-Options Deny
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://e-service.electrohold.bg/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Content-Security-Policy
default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security
max-age=31536000; includeSubDomains;
X-Content-Type-Options
nosniff
Referrer-Policy
origin
Last-Modified
Mon, 13 Sep 2021 04:52:30 GMT
Server
Nothing here :)
Date
Tue, 23 Apr 2024 10:25:06 GMT
ETag
"03b29285ba8d71:0"
X-Powered-By
C3PIO & R2D2
X-Frame-Options
Deny
Content-Type
application/javascript
Permissions-Policy
fullscreen=()
Accept-Ranges
bytes
Content-Length
54818
X-Xss-Protection
1; mode=block
cookie-consent.js
www.freeprivacypolicy.com/public/cookie-consent/4.0.0/ 		204 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.freeprivacypolicy.com/public/cookie-consent/4.0.0/cookie-consent.js
Requested by
Host: e-service.electrohold.bg
URL: https://e-service.electrohold.bg/es/es.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:6dc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8af04475cf43426ef362c70792c20c4c2a375701fb409168458dbc26fd16970d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://e-service.electrohold.bg/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-priority
5/n
date
Tue, 23 Apr 2024 10:25:06 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
35931
cf-polished
origSize=208402
x-z
5179
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
cf-bgj
minify
last-modified
Mon, 22 Apr 2024 13:31:01 GMT
server
cloudflare
etag
W/"94ea0a346034dc828f3ceb70580a8957"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2Fk0QJ9Hr0b8kmtWscqZ2eQGcctGGp46dR0anXo2rJxSnkVabcS%2FUGY%2FZQCgV1tLe%2FD6UanSdWeoDb2f8UDVYPKUWnEiot%2FV7%2Fsq3m%2F%2FQc187KAxYsaHW6AI0Eg6QT9A9yWp4hEJaEd8JUG5n7FlBuvEFgwo79L0%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
vary
Accept-Encoding
cache-control
public, immutable, max-age=3600
cf-ray
878d25cf5d7165ac-FRA
expires
Mon, 22 Apr 2024 15:31:01 GMT
lacuna-web-pki-2.14.3.min.js
e-service.electrohold.bg/es/content/js/ 		50 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://e-service.electrohold.bg/es/content/js/lacuna-web-pki-2.14.3.min.js
Requested by
Host: e-service.electrohold.bg
URL: https://e-service.electrohold.bg/es/es.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.91.170.91 , Bulgaria, ASN8866 (VIVACOM-AS BULGARIA, BG),
Reverse DNS
213-91-170-91.ip.btc-net.bg
Software
Nothing here :) / C3PIO & R2D2
Resource Hash
3fdd8b17578fc34ab09e66de7c3a4388c72bf2b9b0164731557faeb5a9e695e9
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=31536000; includeSubDomains;
X-Content-Type-Options nosniff
X-Frame-Options Deny
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://e-service.electrohold.bg/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Content-Security-Policy
default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security
max-age=31536000; includeSubDomains;
X-Content-Type-Options
nosniff
Referrer-Policy
origin
Last-Modified
Wed, 11 Nov 2020 12:27:42 GMT
Server
Nothing here :)
Date
Tue, 23 Apr 2024 10:25:06 GMT
ETag
"033fac26b8d61:0"
X-Powered-By
C3PIO & R2D2
X-Frame-Options
Deny
Content-Type
application/javascript
Permissions-Policy
fullscreen=()
Accept-Ranges
bytes
Content-Length
50694
X-Xss-Protection
1; mode=block
signature-form-es2.js
e-service.electrohold.bg/es/content/js/ 		6 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://e-service.electrohold.bg/es/content/js/signature-form-es2.js
Requested by
Host: e-service.electrohold.bg
URL: https://e-service.electrohold.bg/es/es.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.91.170.91 , Bulgaria, ASN8866 (VIVACOM-AS BULGARIA, BG),
Reverse DNS
213-91-170-91.ip.btc-net.bg
Software
Nothing here :) / C3PIO & R2D2
Resource Hash
e5cfd45e0665673f69a7876e663ba6fd6cdd4703b0baaa39551d57e86d0c40d3
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=31536000; includeSubDomains;
X-Content-Type-Options nosniff
X-Frame-Options Deny
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://e-service.electrohold.bg/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Content-Security-Policy
default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security
max-age=31536000; includeSubDomains;
X-Content-Type-Options
nosniff
Referrer-Policy
origin
Last-Modified
Wed, 18 Aug 2021 08:35:26 GMT
Server
Nothing here :)
Date
Tue, 23 Apr 2024 10:25:06 GMT
ETag
"05b23feb94d71:0"
X-Powered-By
C3PIO & R2D2
X-Frame-Options
Deny
Content-Type
application/javascript
Permissions-Policy
fullscreen=()
Accept-Ranges
bytes
Content-Length
6482
X-Xss-Protection
1; mode=block
el.jpg
e-service.electrohold.bg/es/images/show/ 		326 KB
326 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e-service.electrohold.bg/es/images/show/el.jpg
Requested by
Host: e-service.electrohold.bg
URL: https://e-service.electrohold.bg/es/es.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.91.170.91 , Bulgaria, ASN8866 (VIVACOM-AS BULGARIA, BG),
Reverse DNS
213-91-170-91.ip.btc-net.bg
Software
Nothing here :) / C3PIO & R2D2
Resource Hash
78645a7528becf3c307d3991da04add9cb0c09cfb14948b7708f11dbe06ce219
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=31536000; includeSubDomains;
X-Content-Type-Options nosniff
X-Frame-Options Deny
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://e-service.electrohold.bg/es/es.php
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Content-Security-Policy
default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security
max-age=31536000; includeSubDomains;
X-Content-Type-Options
nosniff
Referrer-Policy
origin
Last-Modified
Wed, 22 Dec 2021 10:26:06 GMT
Server
Nothing here :)
Date
Tue, 23 Apr 2024 10:25:06 GMT
ETag
"4fee6b541ef7d71:0"
X-Powered-By
C3PIO & R2D2
X-Frame-Options
Deny
Content-Type
image/jpeg
Permissions-Policy
fullscreen=()
Accept-Ranges
bytes
Content-Length
333697
X-Xss-Protection
1; mode=block
KFOlCnqEu92Fr1MmEU9fABc4EsA.woff2
fonts.gstatic.com/s/roboto/v30/ 		10 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fABc4EsA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@300;400;500;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3728fbdd191d75bad5b83a838dfe2fc15f84c2aaa36ffa573321275847db31a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fonts.googleapis.com/
Origin
https://e-service.electrohold.bg
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 20 Apr 2024 23:07:27 GMT
x-content-type-options
nosniff
age
213460
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9840
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:39 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 20 Apr 2025 23:07:27 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@300;400;500;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fonts.googleapis.com/
Origin
https://e-service.electrohold.bg
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 20 Apr 2024 03:50:46 GMT
x-content-type-options
nosniff
age
282861
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 20 Apr 2025 03:50:46 GMT
fa-solid-900.woff2
e-service.electrohold.bg/es/fontawesome-pro-5.15.3-web/webfonts/ 		134 KB
134 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://e-service.electrohold.bg/es/fontawesome-pro-5.15.3-web/webfonts/fa-solid-900.woff2
Requested by
Host: e-service.electrohold.bg
URL: https://e-service.electrohold.bg/es/fontawesome-pro-5.15.3-web/css/all.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.91.170.91 , Bulgaria, ASN8866 (VIVACOM-AS BULGARIA, BG),
Reverse DNS
213-91-170-91.ip.btc-net.bg
Software
Nothing here :) / C3PIO & R2D2
Resource Hash
943efdb4b38963df0653d778f233b55db3e19f44794e4ff944e33b8849dcdb3c
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=31536000; includeSubDomains;
X-Content-Type-Options nosniff
X-Frame-Options Deny
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://e-service.electrohold.bg/
Origin
https://e-service.electrohold.bg
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Content-Security-Policy
default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security
max-age=31536000; includeSubDomains;
X-Content-Type-Options
nosniff
Referrer-Policy
origin
Last-Modified
Tue, 16 Mar 2021 13:15:16 GMT
Server
Nothing here :)
Date
Tue, 23 Apr 2024 10:25:06 GMT
ETag
"0caba67661ad71:0"
X-Powered-By
C3PIO & R2D2
X-Frame-Options
Deny
Content-Type
application/font-woff2
Permissions-Policy
fullscreen=()
Accept-Ranges
bytes
Content-Length
136824
X-Xss-Protection
1; mode=block
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@300;400;500;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fonts.googleapis.com/
Origin
https://e-service.electrohold.bg
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 22 Apr 2024 18:30:08 GMT
x-content-type-options
nosniff
age
57299
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15920
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 22 Apr 2025 18:30:08 GMT
fa-duotone-900.woff2
e-service.electrohold.bg/es/fontawesome-pro-5.15.3-web/webfonts/ 		178 KB
178 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://e-service.electrohold.bg/es/fontawesome-pro-5.15.3-web/webfonts/fa-duotone-900.woff2
Requested by
Host: e-service.electrohold.bg
URL: https://e-service.electrohold.bg/es/fontawesome-pro-5.15.3-web/css/all.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.91.170.91 , Bulgaria, ASN8866 (VIVACOM-AS BULGARIA, BG),
Reverse DNS
213-91-170-91.ip.btc-net.bg
Software
Nothing here :) / C3PIO & R2D2
Resource Hash
3b5176bfadbb42740a51a8defa97dd393a2615dc1bffdcf333ac9d131893817d
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=31536000; includeSubDomains;
X-Content-Type-Options nosniff
X-Frame-Options Deny
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://e-service.electrohold.bg/
Origin
https://e-service.electrohold.bg
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Content-Security-Policy
default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security
max-age=31536000; includeSubDomains;
X-Content-Type-Options
nosniff
Referrer-Policy
origin
Last-Modified
Tue, 16 Mar 2021 13:15:16 GMT
Server
Nothing here :)
Date
Tue, 23 Apr 2024 10:25:06 GMT
ETag
"0caba67661ad71:0"
X-Powered-By
C3PIO & R2D2
X-Frame-Options
Deny
Content-Type
application/font-woff2
Permissions-Policy
fullscreen=()
Accept-Ranges
bytes
Content-Length
181948
X-Xss-Protection
1; mode=block
KFOmCnqEu92Fr1Mu5mxKOzY.woff2
fonts.gstatic.com/s/roboto/v30/ 		9 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu5mxKOzY.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@300;400;500;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
495d38d4b9741e8aa4204002414069e2d8db9f3c60b60e195e4d74381462dee9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fonts.googleapis.com/
Origin
https://e-service.electrohold.bg
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 18 Apr 2024 06:13:41 GMT
x-content-type-options
nosniff
age
447086
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9628
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 18 Apr 2025 06:13:41 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@300;400;500;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fonts.googleapis.com/
Origin
https://e-service.electrohold.bg
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 20 Apr 2024 00:45:23 GMT
x-content-type-options
nosniff
age
293985
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 20 Apr 2025 00:45:23 GMT
KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2
fonts.gstatic.com/s/roboto/v30/ 		9 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@300;400;500;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6a84eeee6a25e7c9a8a03191007a6720566b5a2aa2384d36168fb07f49e97e9e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fonts.googleapis.com/
Origin
https://e-service.electrohold.bg
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 19 Apr 2024 19:27:41 GMT
x-content-type-options
nosniff
age
313047
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9644
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:50 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 19 Apr 2025 19:27:41 GMT
favicon.ico
e-service.electrohold.bg/ 		99 KB
99 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://e-service.electrohold.bg/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.91.170.91 , Bulgaria, ASN8866 (VIVACOM-AS BULGARIA, BG),
Reverse DNS
213-91-170-91.ip.btc-net.bg
Software
Nothing here :) / C3PIO & R2D2
Resource Hash
759757d45d765d341e800fdfd1c2411b4c7af1415a32b8e27b6783bf165ac729
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=31536000; includeSubDomains;
X-Content-Type-Options nosniff
X-Frame-Options Deny
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://e-service.electrohold.bg/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Content-Security-Policy
default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security
max-age=31536000; includeSubDomains;
X-Content-Type-Options
nosniff
Date
Tue, 23 Apr 2024 10:25:08 GMT
Last-Modified
Mon, 21 Mar 2022 12:09:00 GMT
Server
Nothing here :)
ETag
"0d6b0721c3dd81:0"
X-Powered-By
C3PIO & R2D2
X-Frame-Options
Deny
Content-Type
image/x-icon
Accept-Ranges
bytes
Content-Length
101310
X-Xss-Protection
1; mode=block

Verdicts & Comments Add Verdict or Comment

55 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery number| uidEvent function| Color function| Chart object| mdb function| Cookie function| sha256 function| sha224 object| toastr function| DOMPurify string| _webPkiLicense string| _restPkiEndpoint function| doneInstallPKI object| cookieconsent object| lacunaWebPKIExtension function| LacunaWebPKI object| signatureForm number| count_keps boolean| use_kep boolean| selected_kep string| tokken function| doneRegister function| cancelRegister function| lostp function| lostp2 function| trim function| readCookie function| setCookie function| getwith function| currenttime function| postwith function| getAjaxValues function| redirect function| getRadioButton function| CheckRegistration function| showLogin function| ShowD function| postForm undefined| $this function| doneAuth function| cancelAuth function| inckeps function| onWebPkiReadyES function| refresh function| loadCertificates function| cancelInstallPKI object| pki function| start function| log function| ShowLogin function| checkKEP function| load_kep_library function| DisablingBackFunctionality string| $slt

3 Cookies

Domain/Path Name / Value
e-service.electrohold.bg/es Name: SlTCcK
Value: muve95ke2bj6tl7boull7nqo14obahblpo2ovaaqpm1tu2sva389127qu8e12o7l
e-service.electrohold.bg/ Name: PHPSESSID
Value: muve95ke2bj6tl7boull7nqo14obahblpo2ovaaqpm1tu2sva389127qu8e12o7l
e-service.electrohold.bg/ Name: cookie_consent_level
Value: %7B%22strictly-necessary%22%3Atrue%2C%22functionality%22%3Afalse%2C%22tracking%22%3Afalse%2C%22targeting%22%3Afalse%7D

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=31536000; includeSubDomains;
X-Content-Type-Options nosniff nosniff
X-Frame-Options DENY Deny
X-Xss-Protection 1; mode=block
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

code.jquery.com
e-service.electrohold.bg
fonts.googleapis.com
fonts.gstatic.com
www.freeprivacypolicy.com
213.91.170.91
2606:4700:20::681a:6dc
2a00:1450:4001:800::2003
2a00:1450:4001:829::200a
2a04:4e42:400::649
0bad7e3a8031272f74e25e91d73f50a3e90f9726df30b38823b94f956ea82c67
109718dd18b4d6980db9bf8278834bec268cab060f20bbc8308a80e2d9a4b47b
1743ddd77e445b002dfa02a117ee210f851ddfdb8dcf6bfff012ee21ea2c1aa0
19a659b4a9d935efdc6314ce966b5781b8440b6ecc3b071f24be0f79ee87cc91
3728fbdd191d75bad5b83a838dfe2fc15f84c2aaa36ffa573321275847db31a9
39964cc1cde8eedc51def15fba797433dca4dd26b21a9e38e1e65d2fd4038b56
3b5176bfadbb42740a51a8defa97dd393a2615dc1bffdcf333ac9d131893817d
3fdd8b17578fc34ab09e66de7c3a4388c72bf2b9b0164731557faeb5a9e695e9
495d38d4b9741e8aa4204002414069e2d8db9f3c60b60e195e4d74381462dee9
5a93a88493aa32aab228bf4571c01207d3b42b0002409a454d404b4d8395bd55
6a84eeee6a25e7c9a8a03191007a6720566b5a2aa2384d36168fb07f49e97e9e
759757d45d765d341e800fdfd1c2411b4c7af1415a32b8e27b6783bf165ac729
78645a7528becf3c307d3991da04add9cb0c09cfb14948b7708f11dbe06ce219
8af04475cf43426ef362c70792c20c4c2a375701fb409168458dbc26fd16970d
943efdb4b38963df0653d778f233b55db3e19f44794e4ff944e33b8849dcdb3c
9934cac24133b6142edb1b89b8a388449f88491d746985b7c49565c8726e70fb
af9e52b1788e243b0a07ba97a3de75df5845d00b896f1b83f38c42702a7ba690
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b150fe644dd8a41fdd0d9039fec6dd8595b54be293ddb16b08298cf1db1c3237
b19d716fcae31621d5eb55a918b4dc565e4a1152511f166864a1bb7e441cabbd
b4cd042e0e71388401a9554210dea231dc2ff01e0b89bec9cc83c70f5a14419d
c08fc46e88b414decbaf009e069866a82e7033ca9ba237d74c38deb5091f32f0
c0b7ebc3f913f1977d3539db76818c7c65d6f0f6373eeafceb7bf4137892f6f5
d0ec9c3c5a7303379b68ea608c68c67ef21abdeb877d6efb19d4155c6b222b7b
d3e96ccebb45c34719adbcb66edcc98b9410b779c5ad924a8ad9654ceb9f4c67
e002d314a0061fc6245d04ff673d9f2796edbde74ef5c02fe735f23947a25243
e5cfd45e0665673f69a7876e663ba6fd6cdd4703b0baaa39551d57e86d0c40d3
f4e7371a0c3ba993e28bb3338bcc897d4374593de7da5d604f76f8020f729623
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
feaed001fe128096572217bf747a9c207fa1bd3673085f29b07ef7dcd20ad78e