lex.bg Open in urlscan Pro
95.43.224.11  Public Scan

28 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

1. http://lex.bg/ HTTP 301
   https://lex.bg/ Page URL
   

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2

• https://www.lex.bg/assets/js/add.js HTTP 301
• https://lex.bg/assets/js/add.js

Request Chain 3

• https://www.lex.bg/assets/js/swfobject.js HTTP 301
• https://lex.bg/assets/js/swfobject.js

Request Chain 7

• https://www.lex.bg/assets/js/ui/jquery.autocomplete.css HTTP 301
• https://lex.bg/assets/js/ui/jquery.autocomplete.css

Request Chain 8

• https://www.lex.bg/assets/css/jquery-ui-1.8.13.custom.css HTTP 301
• https://lex.bg/assets/css/jquery-ui-1.8.13.custom.css

Request Chain 30

• https://bg.adocean.pl/_1703713119406/ad.js?id=.4Zcd0jXneZ9Pr7x7YcvM8ijDeyIL6b_mGbFsvFwE17.c7/adov=4.6.2/x=1600/y=1200/lptype=1/nc=0/inner=_ch_mobile%3D0%7C_ch_brands%3D HTTP 301
• https://bg.adocean.pl/__/_1703713119406/ad.js?id=.4Zcd0jXneZ9Pr7x7YcvM8ijDeyIL6b_mGbFsvFwE17.c7/adov=4.6.2/x=1600/y=1200/lptype=1/nc=0/inner=_ch_mobile%3D0%7C_ch_brands%3D HTTP 301
• https://adbg.hit.gemius.pl/redataredir?url=https%3A%2F%2Fbg.adocean.pl%2F___%2F_1703713119%2Fad.js%3Fhclsdata%3DHCLSDATA%26hcudata%3DHCUDATA%26id%3D.4Zcd0jXneZ9Pr7x7YcvM8ijDeyIL6b_mGbFsvFwE17.c7%2Fadov%3D4.6.2%2Fx%3D1600%2Fy%3D1200%2Flptype%3D1%2Fnc%3D0%2Finner%3D_ch_mobile%253D0%257C_ch_brands%253D HTTP 301
• https://adbg.hit.gemius.pl/__/redataredir?url=https%3A%2F%2Fbg.adocean.pl%2F___%2F_1703713119%2Fad.js%3Fhclsdata%3DHCLSDATA%26hcudata%3DHCUDATA%26id%3D.4Zcd0jXneZ9Pr7x7YcvM8ijDeyIL6b_mGbFsvFwE17.c7%2Fadov%3D4.6.2%2Fx%3D1600%2Fy%3D1200%2Flptype%3D1%2Fnc%3D0%2Finner%3D_ch_mobile%253D0%257C_ch_brands%253D HTTP 301
• https://bg.adocean.pl/___/_1703713119/ad.js?hclsdata=&hcudata=AqRwMqc6NDRXfL.h7xGxNAf6lvVd6bbMxJrQOIk3N3j.L7&id=.4Zcd0jXneZ9Pr7x7YcvM8ijDeyIL6b_mGbFsvFwE17.c7/adov=4.6.2/x=1600/y=1200/lptype=1/nc=0/inner=_ch_mobile%3D0%7C_ch_brands%3D

Request Chain 40

• https://www.lex.bg/assets/im/2011/header_bg.png HTTP 301
• https://lex.bg/assets/im/2011/header_bg.png

Request Chain 41

• https://www.lex.bg/assets/im/2011/navigator_bg.png HTTP 301
• https://lex.bg/assets/im/2011/navigator_bg.png

Request Chain 42

• https://www.lex.bg/assets/im/2011/navigator_btn_hover.png HTTP 301
• https://lex.bg/assets/im/2011/navigator_btn_hover.png

Request Chain 43

• https://www.lex.bg/assets/im/2011/container_bg.png HTTP 301
• https://lex.bg/assets/im/2011/container_bg.png

Request Chain 44

• https://www.lex.bg/assets/im/2011/search_big_bg.png HTTP 301
• https://lex.bg/assets/im/2011/search_big_bg.png

Request Chain 58

• https://www.lex.bg/upload/spektar/2439_thumb2.jpg HTTP 301
• https://lex.bg/upload/spektar/2439_thumb2.jpg

Request Chain 59

• https://www.lex.bg/assets/im/2011/search_bg.png HTTP 301
• https://lex.bg/assets/im/2011/search_bg.png

Request Chain 73

• https://www.lex.bg/assets/im/2011/footer_line.png HTTP 301
• https://lex.bg/assets/im/2011/footer_line.png

Request Chain 81

• https://sender.cleverwebserver.com/group/40275?id=772852&ref=aHR0cHM6Ly9sZXguYmcv&ruri=&r=578126683&tok=33419711310201791433&t=1703713120&cmpId=&fb=0&wl=1&furl=0&sf=0&bw=Q2hyb21l&b=0&m=0&p=V2luMTA%3D&res=1600x1200&app=&iv=-1&ctr=DE&sz=1200&landing=1&hei=360.00&ts=0.041 HTTP 301
• https://lp.cleverwebserver.com/betano/de/sports/sports_de/widescreen.html??id=772852&group=40275&tracker=aHR0cHM6Ly9nbWwtZ3JwLmNvbS9DLmFzaHg%2FYnRhZz1hXzc2NGJfMjkzMWNfJmFmZmlkPTQzMSZzaXRlaWQ9NzY0JmFkaWQ9MjkzMSZjPVNOQUFCT1lNU0ZCQUFERQ%3D%3D&ref=aHR0cHM6Ly9sZXguYmcv&r=578126683

Request Chain 90

• https://gml-grp.com/C.ashx?btag=a_764b_2931c_&affid=431&siteid=764&adid=2931&c=SNAABOYMSFBAADE HTTP 302
• https://gml-grp.com/C.ashx?btag=a_764b_2931c_&affid=431&siteid=764&adid=2931&c=SNAABOYMSFBAADE&AutoR=1 HTTP 302
• https://promos.betano.de/willkommenspaket/index.html?btag=a_764b_2931c_SNAABOYMSFBAADE&utm_medium=431&utm_source=2&siteid=764

Request Chain 107

• https://promos.betano.de/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
• https://promos.betano.de/cdn-cgi/challenge-platform/h/g/scripts/jsd/74bd6362/main.js

Request Chain 114

• https://www.googleadservices.com/pagead/conversion/763238947/?url=https%3A%2F%2Fpromos.betano.de%2F&guid=ON&script=0&data= HTTP 302
• https://googleads.g.doubleclick.net/pagead/viewthroughconversion/763238947/?url=https%3A%2F%2Fpromos.betano.de%2F&guid=ON&script=0&data=&ct_cookie_present=false&ocp_id=YJmMZayqMr6r78EPho6uuAo&random=555443401&sscte=1&crd=&pscrd=IhMIrNr2-smwgwMVvtU7Ah0Ghwun HTTP 302
• https://www.google.com/pagead/1p-conversion/763238947/?url=https%3A%2F%2Fpromos.betano.de%2F&guid=ON&script=0&data=&ct_cookie_present=false&random=555443401&sscte=1&crd=&pscrd=IhMIrNr2-smwgwMVvtU7Ah0Ghwun&is_vtc=1&ocp_id=YJmMZayqMr6r78EPho6uuAo&cid=CAQSKQAvHhf_Y4z7EB6H-DYoz8-ePFfCOTro59ev4s7AMzecOElkyzJnx-vj&random=1111483227 HTTP 302
• https://www.google.de/pagead/1p-conversion/763238947/?url=https%3A%2F%2Fpromos.betano.de%2F&guid=ON&script=0&data=&ct_cookie_present=false&random=555443401&sscte=1&crd=&pscrd=IhMIrNr2-smwgwMVvtU7Ah0Ghwun&is_vtc=1&ocp_id=YJmMZayqMr6r78EPho6uuAo&cid=CAQSKQAvHhf_Y4z7EB6H-DYoz8-ePFfCOTro59ev4s7AMzecOElkyzJnx-vj&random=1111483227&ipr=y&ezwbk=AZuM4hCCjY5YzYjujcWLAbe9ppDsAQen0_Xu-2p4vhcGuAz29uR6H5skv76hTLr5YAX-OFhSFaFmWsjwUgX19kXLlFhu

Request Chain 115

• https://12738953.fls.doubleclick.net/activityi;src=12738953;type=despo0;cat=despo0;ord=1782726534;~oref=https%3A%2F%2Fpromos.betano.de%2F HTTP 302
• https://12738953.fls.doubleclick.net/activityi;dc_pre=CKz4-PrJsIMDFSHMOwIdcesBPg;src=12738953;type=despo0;cat=despo0;ord=1782726534;~oref=https%3A%2F%2Fpromos.betano.de%2F

Request Chain 130

• https://12738953.fls.doubleclick.net/activityi;src=12738953;type=despo0;cat=despo0;ord=4538833517712;gtm=45He3bt0v79977643;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fpromos.betano.de%2Fwillkommenspaket%2Findex.html%3Fbtag%3Da_764b_2931c_SNAABOYMSFBAADE%26utm_medium%3D431%26utm_source%3D2%26siteid%3D764 HTTP 302
• https://12738953.fls.doubleclick.net/activityi;dc_pre=CLub-_rJsIMDFQTJOwIdle0HAQ;src=12738953;type=despo0;cat=despo0;ord=4538833517712;gtm=45He3bt0v79977643;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fpromos.betano.de%2Fwillkommenspaket%2Findex.html%3Fbtag%3Da_764b_2931c_SNAABOYMSFBAADE%26utm_medium%3D431%26utm_source%3D2%26siteid%3D764

Request Chain 131

• https://12738953.fls.doubleclick.net/activityi;src=12738953;type=deaff0;cat=deaff0;ord=5698056261175;gtm=45He3bt0v79977643;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fpromos.betano.de%2Fwillkommenspaket%2Findex.html%3Fbtag%3Da_764b_2931c_SNAABOYMSFBAADE%26utm_medium%3D431%26utm_source%3D2%26siteid%3D764 HTTP 302
• https://12738953.fls.doubleclick.net/activityi;dc_pre=COK5-_rJsIMDFQvCmgodeucLiw;src=12738953;type=deaff0;cat=deaff0;ord=5698056261175;gtm=45He3bt0v79977643;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fpromos.betano.de%2Fwillkommenspaket%2Findex.html%3Fbtag%3Da_764b_2931c_SNAABOYMSFBAADE%26utm_medium%3D431%26utm_source%3D2%26siteid%3D764

Request Chain 186

• https://s2.adform.net/Serving/TrackPoint/?pm=2776363&ADFPageName=betano.de%7CSportsbook&ADFdivider=%7C&ord=693865658226&ADFtpmode=2&itm=eyJ2YXIxIjoidW5kZWZpbmVkIn0&loc=https%3A%2F%2Fpromos.betano.de%2Fwillkommenspaket%2Findex.html%3Fbtag%3Da_764b_2931c_SNAABOYMSFBAADE%26utm_medium%3D431%26utm_source%3D2%26siteid%3D764&CPref=https%3A%2F%2Flp.cleverwebserver.com%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24 HTTP 301
• https://track.adform.net/Serving/TrackPoint/?pm=2776363&ADFPageName=betano.de%7CSportsbook&ADFdivider=%7C&ord=693865658226&ADFtpmode=2&itm=eyJ2YXIxIjoidW5kZWZpbmVkIn0&loc=https%3A%2F%2Fpromos.betano.de%2Fwillkommenspaket%2Findex.html%3Fbtag%3Da_764b_2931c_SNAABOYMSFBAADE%26utm_medium%3D431%26utm_source%3D2%26siteid%3D764&CPref=https%3A%2F%2Flp.cleverwebserver.com%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24 HTTP 302
• https://track.adform.net/Serving/TrackPoint/?CC=1&pm=2776363&ADFPageName=betano.de%7CSportsbook&ADFdivider=%7C&ord=693865658226&ADFtpmode=2&itm=eyJ2YXIxIjoidW5kZWZpbmVkIn0&loc=https%3A%2F%2Fpromos.betano.de%2Fwillkommenspaket%2Findex.html%3Fbtag%3Da_764b_2931c_SNAABOYMSFBAADE%26utm_medium%3D431%26utm_source%3D2%26siteid%3D764&CPref=https%3A%2F%2Flp.cleverwebserver.com%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24

Request Chain 187

• https://track.adform.net/Serving/TrackPoint/?pm=2776363&ADFPageName=DE%20Affilaite%20Remarketing&ADFdivider=%7C&ord=592639105877&ADFtpmode=2&loc=https%3A%2F%2Fpromos.betano.de%2Fwillkommenspaket%2Findex.html%3Fbtag%3Da_764b_2931c_SNAABOYMSFBAADE%26utm_medium%3D431%26utm_source%3D2%26siteid%3D764&CPref=https%3A%2F%2Flp.cleverwebserver.com%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24 HTTP 302
• https://track.adform.net/Serving/TrackPoint/?CC=1&pm=2776363&ADFPageName=DE%20Affilaite%20Remarketing&ADFdivider=%7C&ord=592639105877&ADFtpmode=2&loc=https%3A%2F%2Fpromos.betano.de%2Fwillkommenspaket%2Findex.html%3Fbtag%3Da_764b_2931c_SNAABOYMSFBAADE%26utm_medium%3D431%26utm_source%3D2%26siteid%3D764&CPref=https%3A%2F%2Flp.cleverwebserver.com%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24

Request Chain 188

• https://visuals.kaizengaming.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
• https://visuals.kaizengaming.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/74bd6362/main.js

Request Chain 294

• https://www.google.com/pagead/drt/ui HTTP 302
• https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 295

• https://googleads.g.doubleclick.net/pagead/adview?ai=C6ZaBY5mMZbOTHvStkdUP_qu9yAHOqvz5dNbS1JDaEYfgor3AARABIOaX1iVglfrwgYwHoAGG19e9A8gBAqkCcrTddUWhsj6oAwHIA8kEqgS-AU_QD25J-ngawJ7JJ_1HH7Eu1OMujXFfvWAo3-c2J6zGUHbzUsKBz155BGzcGn4SMnMCiD979anmkC2NDJHoX9lXysLEFUA7wWAFCGcok_TUsdy4vNrp0uNhaTiApmvXQC5tfRe3jIlUDhLai54aj7NwyzavyOjDIujT_wFfSmwy_htbXgL8IFYoAhNoGzyScucJ7LUzy7SvW0BZkw0MZfYlaMmpH7bR21pP72YHQ8RmnTG6r7md_8Sb9K2E4DXABJHt8uDBBIgF6YSzkkySBQQIBBgBkgUECAUYBKAGAoAH4qioQqgH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcB0ggfCIDhgBAQARgAMgKqAjoCgEBIvf3BOliBpqf8ybCDA_IIDmJpZGRlci0zNDQ5MDQ0mgk8aHR0cHM6Ly93d3cubGlsaWVudGhhbC5iZXJsaW4vaDAxLTEwOC1iMDIzYXM_dm91Y2hlcj1zcGVjaWFsgAoEyAsBogwgKh4KHOS0sQLutbECtbixAqy6sQLktLEC7rWxAru7sQLYEw3QFQGAFwGyFwgKBggAEgAYAA&sigh=PcKqcDY8fok&uach_m=%5BUACH%5D&ase=2&nis=4&pr=10:0.420581&cid=CAQSKQAvHhf_cssmzU0YphfHhRU_phtgXXRtSi9WJiKPLuCw6j8MuQWhusvyGAE&cbvp=2&vis=1 HTTP 302
• https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%226497157457149680375%22,%22debug_reporting%22:true,%22destination%22:%22https://lilienthal.berlin%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22934669190%22],%2222%22:[%22true%22],%224%22:[%2212-27%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2210517775071022794321%22}&andc=true

295 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
5 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response lex.bg/ Redirect Chain http://lex.bg/ https://lex.bg/	57 KB 16 KB	825ms 724ms	Document text/html	95.43.224.11 VIVACOM-AS BULGARIA
General Check archive.org Show headers Download Go to Full URL https://lex.bg/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 95.43.224.11 , Bulgaria, ASN8866 (VIVACOM-AS BULGARIA, BG), Reverse DNS 95-43-224-11.ip.btc-net.bg Software Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.6.40 / PHP/5.6.40 Resource Hash 6b000c5b9f82377d4672fddcda2c7e060ada39a3fb94b6cce6b98ddf5012997f Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Cache-Control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Connection Keep-Alive Content-Encoding gzip Content-Length 15125 Content-Type text/html; charset=windows-1251 Date Wed, 27 Dec 2023 21:27:41 GMT Expires Thu, 19 Nov 1981 08:52:00 GMT Keep-Alive timeout=5, max=100 Pragma no-cache Server Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.6.40 Vary Accept-Encoding X-Powered-By PHP/5.6.40 Redirect headers Connection Keep-Alive Content-Length 223 Content-Type text/html; charset=iso-8859-1 Date Wed, 27 Dec 2023 21:27:41 GMT Keep-Alive timeout=5, max=100 Location https://lex.bg/ Server Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.6.40
GET H2	200	js Show response www.googletagmanager.com/gtag/	274 KB 91 KB	51ms 28ms	Script application/javascript	2a00:1450:4001:80f::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-16F1C2CEKH Requested by Host: lex.bg URL: https://lex.bg/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 577ffb453adaf34a30aa4abc9e1f37a7616a38018a2f570ac949e9b372c9dad2 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://lex.bg/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Wed, 27 Dec 2023 21:38:39 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 93024 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Wed, 27 Dec 2023 21:38:39 GMT
GET H/1.1	200 OK	style.css lex.bg/assets/css/	30 KB 30 KB	59ms 32ms	Stylesheet text/css	95.43.224.11 VIVACOM-AS BULGARIA
General Check archive.org Show headers Download Go to Full URL https://lex.bg/assets/css/style.css?ver=3 Requested by Host: lex.bg URL: https://lex.bg/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 95.43.224.11 , Bulgaria, ASN8866 (VIVACOM-AS BULGARIA, BG), Reverse DNS 95-43-224-11.ip.btc-net.bg Software Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.6.40 / Resource Hash d453169987b7b1141576c7918ed5eb7f61de756a2ee39423b749149fba863373 Request headers accept-language de-DE,de;q=0.9 Referer https://lex.bg/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers Date Wed, 27 Dec 2023 21:27:42 GMT Last-Modified Wed, 29 Nov 2023 14:00:30 GMT Server Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.6.40 ETag "7845-60b4af53c6a8d" Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 30789
GET H/1.1	200 OK	add.js Show response lex.bg/assets/js/ Redirect Chain https://www.lex.bg/assets/js/add.js https://lex.bg/assets/js/add.js	2 KB 3 KB	38ms 38ms	Script application/javascript	95.43.224.11 VIVACOM-AS BULGARIA
General Check archive.org Show headers Download Go to Full URL https://lex.bg/assets/js/add.js Requested by Host: lex.bg URL: https://lex.bg/ Protocol HTTP/1.1 Server 95.43.224.11 , Bulgaria, ASN8866 (VIVACOM-AS BULGARIA, BG), Reverse DNS 95-43-224-11.ip.btc-net.bg Software Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.6.40 / Resource Hash 84e99c07423b0b559d79197d46d5ae3db599a8993ce0071d7d1e0897d7370715 Request headers accept-language de-DE,de;q=0.9 Referer https://lex.bg/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers Date Wed, 27 Dec 2023 21:27:42 GMT Last-Modified Wed, 05 Aug 2009 08:01:38 GMT Server Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.6.40 ETag "923-47060699e5c80" Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=97 Content-Length 2339 Redirect headers Location https://lex.bg/assets/js/add.js Date Wed, 27 Dec 2023 21:27:42 GMT Server Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.6.40 Connection Keep-Alive Keep-Alive timeout=5, max=100 Content-Length 239 Content-Type text/html; charset=iso-8859-1
GET H/1.1	200 OK	swfobject.js Show response lex.bg/assets/js/ Redirect Chain https://www.lex.bg/assets/js/swfobject.js https://lex.bg/assets/js/swfobject.js	6 KB 6 KB	42ms 41ms	Script application/javascript	95.43.224.11 VIVACOM-AS BULGARIA
General Check archive.org Show headers Download Go to Full URL https://lex.bg/assets/js/swfobject.js Requested by Host: lex.bg URL: https://lex.bg/ Protocol HTTP/1.1 Server 95.43.224.11 , Bulgaria, ASN8866 (VIVACOM-AS BULGARIA, BG), Reverse DNS 95-43-224-11.ip.btc-net.bg Software Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.6.40 / Resource Hash 936364cf0e6b209a489c1cd44e392b0029122b80e40289727ebb771b090957ce Request headers accept-language de-DE,de;q=0.9 Referer https://lex.bg/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers Date Wed, 27 Dec 2023 21:27:42 GMT Last-Modified Tue, 17 Mar 2009 16:38:52 GMT Server Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.6.40 ETag "17e4-4655333c3bf00" Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=96 Content-Length 6116 Redirect headers Location https://lex.bg/assets/js/swfobject.js Date Wed, 27 Dec 2023 21:27:42 GMT Server Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.6.40 Connection Keep-Alive Keep-Alive timeout=5, max=100 Content-Length 245 Content-Type text/html; charset=iso-8859-1
GET H2	200	plusone.js Show response apis.google.com/js/	56 KB 22 KB	39ms 17ms	Script text/javascript	2a00:1450:4001:81c::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://apis.google.com/js/plusone.js Requested by Host: lex.bg URL: https://lex.bg/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5c8aa2a3f11c98a965938267f743e26504d3127d68cc425821c8a8a1f523a670 Security Headers Name Value Content-Security-Policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://lex.bg/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers content-security-policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team content-encoding gzip x-content-type-options nosniff date Wed, 27 Dec 2023 21:38:39 GMT p3p CP="This is not a P3P policy! See g.co/p3phelp for more info." cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 21932 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="gapi-team" etag "da0cdea429f205a7" vary Accept-Encoding report-to {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]} content-type text/javascript access-control-allow-origin * cache-control private, max-age=1800, stale-while-revalidate=1800 accept-ranges bytes timing-allow-origin * expires Wed, 27 Dec 2023 21:38:39 GMT
GET H/1.1	200 OK	jquery-1.6.1.min.js Show response lex.bg/assets/js/	89 KB 90 KB	92ms 32ms	Script application/javascript	95.43.224.11 VIVACOM-AS BULGARIA
General Check archive.org Show headers Download Go to Full URL https://lex.bg/assets/js/jquery-1.6.1.min.js Requested by Host: lex.bg URL: https://lex.bg/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 95.43.224.11 , Bulgaria, ASN8866 (VIVACOM-AS BULGARIA, BG), Reverse DNS 95-43-224-11.ip.btc-net.bg Software Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.6.40 / Resource Hash 25f72640cbd56f335ebd149a88e176849967e31294cf5621529372ed71e38108 Request headers accept-language de-DE,de;q=0.9 Referer https://lex.bg/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers Date Wed, 27 Dec 2023 21:27:42 GMT Last-Modified Wed, 25 May 2011 15:39:01 GMT Server Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.6.40 ETag "164ce-4a41b80ee0f40" Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 91342
GET H/1.1	200 OK	jquery-ui1.8.0.min.js Show response lex.bg/assets/js/ui/	202 KB 203 KB	92ms 31ms	Script application/javascript	95.43.224.11 VIVACOM-AS BULGARIA
General Check archive.org Show headers Download Go to Full URL https://lex.bg/assets/js/ui/jquery-ui1.8.0.min.js Requested by Host: lex.bg URL: https://lex.bg/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 95.43.224.11 , Bulgaria, ASN8866 (VIVACOM-AS BULGARIA, BG), Reverse DNS 95-43-224-11.ip.btc-net.bg Software Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.6.40 / Resource Hash 8b59592d67eadc703af6cdd5ba8d077f9f9485d01fb6405555614335f89be99b Request headers accept-language de-DE,de;q=0.9 Referer https://lex.bg/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers Date Wed, 27 Dec 2023 21:27:42 GMT Last-Modified Sun, 29 May 2011 23:56:38 GMT Server Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.6.40 ETag "32948-4a472ebe93980" Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 207176
GET H/1.1	404 Not Found	jquery.autocomplete.css lex.bg/assets/js/ui/ Redirect Chain https://www.lex.bg/assets/js/ui/jquery.autocomplete.css https://lex.bg/assets/js/ui/jquery.autocomplete.css	0 0	32ms 31ms	Stylesheet text/html	95.43.224.11 VIVACOM-AS BULGARIA
General Check archive.org Show headers Download Go to Full URL https://lex.bg/assets/js/ui/jquery.autocomplete.css Requested by Host: lex.bg URL: https://lex.bg/ Protocol HTTP/1.1 Server 95.43.224.11 , Bulgaria, ASN8866 (VIVACOM-AS BULGARIA, BG), Reverse DNS 95-43-224-11.ip.btc-net.bg Software Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.6.40 / Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer https://lex.bg/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers Date Wed, 27 Dec 2023 21:27:42 GMT Server Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.6.40 Connection Keep-Alive Keep-Alive timeout=5, max=99 Content-Length 234 Content-Type text/html; charset=iso-8859-1 Redirect headers Location https://lex.bg/assets/js/ui/jquery.autocomplete.css Date Wed, 27 Dec 2023 21:27:42 GMT Server Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.6.40 Connection Keep-Alive Keep-Alive timeout=5, max=100 Content-Length 259 Content-Type text/html; charset=iso-8859-1
GET H/1.1	200 OK	jquery-ui-1.8.13.custom.css lex.bg/assets/css/ Redirect Chain https://www.lex.bg/assets/css/jquery-ui-1.8.13.custom.css https://lex.bg/assets/css/jquery-ui-1.8.13.custom.css	27 KB 27 KB	38ms 38ms	Stylesheet text/css	95.43.224.11 VIVACOM-AS BULGARIA
General Check archive.org Show headers Download Go to Full URL https://lex.bg/assets/css/jquery-ui-1.8.13.custom.css Requested by Host: lex.bg URL: https://lex.bg/ Protocol HTTP/1.1 Server 95.43.224.11 , Bulgaria, ASN8866 (VIVACOM-AS BULGARIA, BG), Reverse DNS 95-43-224-11.ip.btc-net.bg Software Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.6.40 / Resource Hash df00d66c73e10c8dca8dd82c04784e1d54bbc750b6f2c7a718a855b5251546c7 Request headers accept-language de-DE,de;q=0.9 Referer https://lex.bg/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers Date Wed, 27 Dec 2023 21:27:42 GMT Last-Modified Thu, 02 Jun 2011 04:25:06 GMT Server Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.6.40 ETag "6b53-4a4b3058bec80" Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 27475 Redirect headers Location https://lex.bg/assets/css/jquery-ui-1.8.13.custom.css Date Wed, 27 Dec 2023 21:27:42 GMT Server Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.6.40 Connection Keep-Alive Keep-Alive timeout=5, max=100 Content-Length 261 Content-Type text/html; charset=iso-8859-1
GET H2	200	cookieconsent.min.css cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/	4 KB 2 KB	32ms 15ms	Stylesheet text/css	2606:4700::6811:180e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.css Requested by Host: lex.bg URL: https://lex.bg/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 79b378e8f3c1fece39a1472a2e7d920ab80eb5881525a1622d9dbaa954aa23c3 Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://lex.bg/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Wed, 27 Dec 2023 21:38:39 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=15780000 age 4290608 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 975 last-modified Mon, 04 May 2020 16:09:17 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "5eb03e2d-fe0" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZToZMR92KeW4m3a%2Be%2FpUdApA5lMCl7ZrF%2Fv%2BT78yvLrpluJmHPyqGP%2B2DveNrLO%2BlsKoR2sCNx1mSauHQbXN%2FfFCsdNtv1yMSsuCuMYcb7Q3HH8w7I7tPpS4Fpw%2F7RpqiClTyS5USo6cpJfEI47iUDj6"}],"group":"cf-nel","max_age":604800} content-type text/css; charset=utf-8 access-control-allow-origin * cache-control public, max-age=30672000 accept-ranges bytes timing-allow-origin * cf-ray 83c4b6328c0a9007-FRA expires Mon, 16 Dec 2024 21:38:39 GMT
GET H2	200	cookieconsent.min.js Show response cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/	20 KB 6 KB	37ms 20ms	Script application/javascript	2606:4700::6811:180e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js Requested by Host: lex.bg URL: https://lex.bg/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash cb41292903f6bd996333bdfe6fbc58e1dbdb6109074505ee3ea46373bb23be70 Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://lex.bg/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Wed, 27 Dec 2023 21:38:39 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=15780000 age 1647153 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 5978 last-modified Mon, 04 May 2020 16:09:17 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "5eb03e2d-5148" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6tXmgXAvQP%2BWgH4ymc0686R0TIOEIsi24EZRRD90OhU8kG2JmFH0F4dmBaUCfytTa%2BNJpIsMsk2QG%2Fza2JybBa4krAS8VRFCg0N5cZeR5q2QnXY6WmRCFB9U6Z%2Fxheb0z4HCd6suuj%2F%2Bq5r1X8ivcAFn"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=30672000 accept-ranges bytes timing-allow-origin * cf-ray 83c4b6328c0d9007-FRA expires Mon, 16 Dec 2024 21:38:39 GMT
GET H2	200	ado.js Show response bg.adocean.pl/files/js/	90 KB 34 KB	126ms 32ms	Script application/x-javascript	78.128.6.41 TELEPOINT
General Check archive.org Show headers Download Go to Full URL https://bg.adocean.pl/files/js/ado.js Requested by Host: lex.bg URL: https://lex.bg/ Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 78.128.6.41 , Bulgaria, ASN31083 (TELEPOINT, BG), Reverse DNS ip-6-41.telehouse.bg Software GAD / Resource Hash 551c9151f4816e93d37fc2a6be317ae002389f4733c7c9a732960ceda32078d6 Request headers accept-language de-DE,de;q=0.9 Referer https://lex.bg/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Wed, 27 Dec 2023 21:38:39 GMT content-encoding gzip last-modified Wed, 22 Nov 2023 13:03:51 GMT server GAD accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 etag "00016974A49E6EAF" vary Accept-Encoding,Origin p3p CP="NOI DSP COR NID PSAo OUR IND" content-type application/x-javascript cache-control public, must-revalidate, max-age=14400 cross-origin-resource-policy cross-origin accept-ranges bytes content-length 34506 expires Thu, 28 Dec 2023 01:38:39 GMT
GET H2	200	adsbygoogle.js Show response pagead2.googlesyndication.com/pagead/js/	145 KB 51 KB	120ms 98ms	Script text/javascript	2a00:1450:4001:827::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js Requested by Host: lex.bg URL: https://lex.bg/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e1c6239dcb10e9c53eed63417727fa5d46aacad141383e65a86fe3cf1a9b78f0 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://lex.bg/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Wed, 27 Dec 2023 21:38:39 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 51284 x-xss-protection 0 server cafe etag 3823028313488287371 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=3600, stale-while-revalidate=3600 timing-allow-origin * expires Wed, 27 Dec 2023 21:38:39 GMT
GET H/1.1	200 OK	logo.png lex.bg/assets/im/	5 KB 6 KB	92ms 32ms	Image image/png	95.43.224.11 VIVACOM-AS BULGARIA
General Check archive.org Show headers Download Go to Show image Full URL https://lex.bg/assets/im/logo.png Requested by Host: lex.bg URL: https://lex.bg/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 95.43.224.11 , Bulgaria, ASN8866 (VIVACOM-AS BULGARIA, BG), Reverse DNS 95-43-224-11.ip.btc-net.bg Software Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.6.40 / Resource Hash 8dc98fef5ff7e7862c30ea85a59b568e6f1ca16923d99606e3d6afc39dd5d72c Request headers accept-language de-DE,de;q=0.9 Referer https://lex.bg/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers Date Wed, 27 Dec 2023 21:27:42 GMT Last-Modified Mon, 27 Dec 2010 07:54:02 GMT Server Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.6.40 ETag "15d2-4985fa3aa3a80" Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 5586
GET H/1.1	200 OK	registration_btn.png lex.bg/assets/im//	3 KB 4 KB	92ms 32ms	Image image/png	95.43.224.11 VIVACOM-AS BULGARIA
General Check archive.org Show headers Download Go to Show image Full URL https://lex.bg/assets/im//registration_btn.png Requested by Host: lex.bg URL: https://lex.bg/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 95.43.224.11 , Bulgaria, ASN8866 (VIVACOM-AS BULGARIA, BG), Reverse DNS 95-43-224-11.ip.btc-net.bg Software Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.6.40 / Resource Hash c4e0cbaefce0c3426172756f2be83b1f70cf4422f351ef89daead46300f6ff64 Request headers accept-language de-DE,de;q=0.9 Referer https://lex.bg/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers Date Wed, 27 Dec 2023 21:27:42 GMT Last-Modified Mon, 27 Dec 2010 08:01:40 GMT Server Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.6.40 ETag "dd6-4985fbef6c100" Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 3542
GET H/1.1	200 OK	entrance_btn.png lex.bg/assets/im//	2 KB 3 KB	31ms 31ms	Image image/png	95.43.224.11 VIVACOM-AS BULGARIA
General Check archive.org Show headers Download Go to Show image Full URL https://lex.bg/assets/im//entrance_btn.png Requested by Host: lex.bg URL: https://lex.bg/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 95.43.224.11 , Bulgaria, ASN8866 (VIVACOM-AS BULGARIA, BG), Reverse DNS 95-43-224-11.ip.btc-net.bg Software Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.6.40 / Resource Hash bad16496c23d5d5778dd735220f94d6738fee23848cd53cc161c1aacaaf66163 Request headers accept-language de-DE,de;q=0.9 Referer https://lex.bg/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers Date Wed, 27 Dec 2023 21:27:42 GMT Last-Modified Mon, 27 Dec 2010 08:00:40 GMT Server Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.6.40 ETag "91a-4985fbb633a00" Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 2330
GET H/1.1	200 OK	home_btn.png lex.bg/assets/im//	783 B 1 KB	33ms 33ms	Image image/png	95.43.224.11 VIVACOM-AS BULGARIA
General Check archive.org Show headers Download Go to Show image Full URL https://lex.bg/assets/im//home_btn.png Requested by Host: lex.bg URL: https://lex.bg/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 95.43.224.11 , Bulgaria, ASN8866 (VIVACOM-AS BULGARIA, BG), Reverse DNS 95-43-224-11.ip.btc-net.bg Software Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.6.40 / Resource Hash a268f13d414a6be9610fa25bf02a7a740ca8cc040094e5143e925a59c3c8b369 Request headers accept-language de-DE,de;q=0.9 Referer https://lex.bg/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers Date Wed, 27 Dec 2023 21:27:42 GMT Last-Modified Mon, 27 Dec 2010 08:11:22 GMT Server Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.6.40 ETag "30f-4985fe1a75e80" Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 783
GET H/1.1	200 OK	jquery.multiselect.min.js Show response lex.bg/assets/js/	10 KB 10 KB	35ms 35ms	Script application/javascript	95.43.224.11 VIVACOM-AS BULGARIA
General Check archive.org Show headers Download Go to Full URL https://lex.bg/assets/js/jquery.multiselect.min.js Requested by Host: lex.bg URL: https://lex.bg/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 95.43.224.11 , Bulgaria, ASN8866 (VIVACOM-AS BULGARIA, BG), Reverse DNS 95-43-224-11.ip.btc-net.bg Software Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.6.40 / Resource Hash 41e43f2cd9a4ac52d0cbb61d08fd740c9d6028f9335feaf3ef7f61e9de3d11f7 Request headers accept-language de-DE,de;q=0.9 Referer https://lex.bg/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers Date Wed, 27 Dec 2023 21:27:42 GMT Last-Modified Wed, 01 Jun 2011 17:31:01 GMT Server Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.6.40 ETag "2782-4a4a9e25cbf40" Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=98 Content-Length 10114
GET H/1.1	200 OK	jquery.multiselect.css lex.bg/assets/css/	2 KB 2 KB	31ms 31ms	Stylesheet text/css	95.43.224.11 VIVACOM-AS BULGARIA
General Check archive.org Show headers Download Go to Full URL https://lex.bg/assets/css/jquery.multiselect.css Requested by Host: lex.bg URL: https://lex.bg/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 95.43.224.11 , Bulgaria, ASN8866 (VIVACOM-AS BULGARIA, BG), Reverse DNS 95-43-224-11.ip.btc-net.bg Software Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.6.40 / Resource Hash acfa6d30568762880e01f4182fd27fbf303595f71c5a603d2f77d0c70663c78a Request headers accept-language de-DE,de;q=0.9 Referer https://lex.bg/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers Date Wed, 27 Dec 2023 21:27:42 GMT Last-Modified Wed, 01 Jun 2011 09:34:50 GMT Server Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.6.40 ETag "62f-4a4a33b65e280" Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=98 Content-Length 1583
GET H/1.1	200 OK	lupa.png lex.bg/assets/im//	327 B 641 B	31ms 31ms	Image image/png	95.43.224.11 VIVACOM-AS BULGARIA
General Check archive.org Show headers Download Go to Show image Full URL https://lex.bg/assets/im//lupa.png Requested by Host: lex.bg URL: https://lex.bg/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 95.43.224.11 , Bulgaria, ASN8866 (VIVACOM-AS BULGARIA, BG), Reverse DNS 95-43-224-11.ip.btc-net.bg Software Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.6.40 / Resource Hash 7da5f8bca0963dcdf3147026f35c5c4ba33fa664c83b2aad42613fabf12e111a Request headers accept-language de-DE,de;q=0.9 Referer https://lex.bg/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers Date Wed, 27 Dec 2023 21:27:42 GMT Last-Modified Mon, 27 Dec 2010 08:33:48 GMT Server Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.6.40 ETag "147-4986031e1b300" Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=97 Content-Length 327
GET H/1.1	200 OK	arrow3.png lex.bg/assets/im//	427 B 741 B	31ms 31ms	Image image/png	95.43.224.11 VIVACOM-AS BULGARIA
General Check archive.org Show headers Download Go to Show image Full URL https://lex.bg/assets/im//arrow3.png Requested by Host: lex.bg URL: https://lex.bg/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 95.43.224.11 , Bulgaria, ASN8866 (VIVACOM-AS BULGARIA, BG), Reverse DNS 95-43-224-11.ip.btc-net.bg Software Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.6.40 / Resource Hash c6fdee40c8b7a41c244bee5742033e6b1c90088df0023b919a22150264480c28 Request headers accept-language de-DE,de;q=0.9 Referer https://lex.bg/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers Date Wed, 27 Dec 2023 21:27:43 GMT Last-Modified Mon, 27 Dec 2010 08:05:04 GMT Server Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.6.40 ETag "1ab-4985fcb1f8c00" Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=95 Content-Length 427
GET H/1.1	200 OK	header_bidding.php Show response bg.search.etargetnet.com/generic/	15 KB 4 KB	62ms 23ms	Script text/javascript	195.168.10.173 AS-BENESTRA Brati...
General Check archive.org Show headers Download Go to Full URL https://bg.search.etargetnet.com/generic/header_bidding.php?ref=82158 Requested by Host: lex.bg URL: https://lex.bg/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 195.168.10.173 Žilina, Slovakia, ASN5578 (AS-BENESTRA Bratislava, Slovak Republic, SK), Reverse DNS a45.etarget.sh.cust.gts.sk Software nginx / Resource Hash 00c02283127eae10609a48aee1ea4c95f7625a0d2cf095834a285b44ce21f175 Request headers accept-language de-DE,de;q=0.9 Referer https://lex.bg/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers Pragma cache Date Wed, 27 Dec 2023 21:38:39 GMT Content-Encoding gzip Server nginx Transfer-Encoding chunked Vary Accept-Encoding Content-Type text/javascript;charset=UTF-8 access-control-allow-origin * Y-Protected-By Bulbasaur/mblade01-01-b X-Protected-By Bee/0.42 Cache-Control max-age=18000 P3P CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM", policyref="/w3c/p3p.xml" Connection keep-alive Expires Thu, 28 Dec 2023 02:38:39 GMT
GET H/1.1	200 OK	arrow1.png lex.bg/assets/im//	187 B 500 B	34ms 32ms	Image image/png	95.43.224.11 VIVACOM-AS BULGARIA
General Check archive.org Show headers Download Go to Show image Full URL https://lex.bg/assets/im//arrow1.png Requested by Host: lex.bg URL: https://lex.bg/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 95.43.224.11 , Bulgaria, ASN8866 (VIVACOM-AS BULGARIA, BG), Reverse DNS 95-43-224-11.ip.btc-net.bg Software Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.6.40 / Resource Hash 6f25fc4dd8aee89848e5d1b973b19dbbaa9e3d4aefd087096278c68e18fd0c4d Request headers accept-language de-DE,de;q=0.9 Referer https://lex.bg/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers Date Wed, 27 Dec 2023 21:27:43 GMT Last-Modified Mon, 27 Dec 2010 08:44:58 GMT Server Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.6.40 ETag "bb-4986059d11680" Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=98 Content-Length 187
GET H/1.1	200 OK	ac Show response diff3.smartadserver.com/	16 B 320 B	364ms 140ms	Script application/javascript	185.86.138.122 SMARTADSERVER
General Check archive.org Show headers Download Go to Full URL https://diff3.smartadserver.com/ac?pgid=182746&insid=5121835&tmstp=[timestamp]&out=js&clcturl=[countgoEncoded] Requested by Host: lex.bg URL: https://lex.bg/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 185.86.138.122 , France, ASN201081 (SMARTADSERVER, FR), Reverse DNS Software / Resource Hash efded6408c7e64cd48c00b10bdd63b79539c5bb13a396b9f3773f71fe2d5a606 Request headers accept-language de-DE,de;q=0.9 Referer https://lex.bg/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers pragma no-cache date Wed, 27 Dec 2023 21:38:38 GMT content-encoding br transfer-encoding chunked vary Accept-Encoding p3p CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo" content-type application/javascript; charset=UTF-8 cache-control no-cache,no-store
GET H/1.1	200 OK	ac Show response diff3.smartadserver.com/	16 B 320 B	209ms 19ms	Script application/javascript	185.86.138.122 SMARTADSERVER
General Check archive.org Show headers Download Go to Full URL https://diff3.smartadserver.com/ac?pgid=182746&insid=4678148&tmstp=[timestamp]&clcturl=[countgo] Requested by Host: lex.bg URL: https://lex.bg/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 185.86.138.122 , France, ASN201081 (SMARTADSERVER, FR), Reverse DNS Software / Resource Hash efded6408c7e64cd48c00b10bdd63b79539c5bb13a396b9f3773f71fe2d5a606 Request headers accept-language de-DE,de;q=0.9 Referer https://lex.bg/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers pragma no-cache date Wed, 27 Dec 2023 21:38:39 GMT content-encoding br transfer-encoding chunked vary Accept-Encoding p3p CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo" content-type application/javascript; charset=UTF-8 cache-control no-cache,no-store
GET H/1.1	200 OK	cielalogo-lex-sidebar.png lex.bg/assets/images/	5 KB 5 KB	35ms 34ms	Image image/png	95.43.224.11 VIVACOM-AS BULGARIA
General Check archive.org Show headers Download Go to Show image Full URL https://lex.bg/assets/images/cielalogo-lex-sidebar.png Requested by Host: lex.bg URL: https://lex.bg/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 95.43.224.11 , Bulgaria, ASN8866 (VIVACOM-AS BULGARIA, BG), Reverse DNS 95-43-224-11.ip.btc-net.bg Software Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.6.40 / Resource Hash 1bfddcf9ecfabca29714f89b130900d1e60bd2922e5b6885f32f4b2fbc463599 Request headers accept-language de-DE,de;q=0.9 Referer https://lex.bg/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers Date Wed, 27 Dec 2023 21:27:43 GMT Last-Modified Fri, 21 Jun 2019 10:56:18 GMT Server Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.6.40 ETag "123b-58bd34fe8b704" Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=96 Content-Length 4667
GET H/1.1	200 OK	rss.png lex.bg/assets/im//	424 B 738 B	34ms 33ms	Image image/png	95.43.224.11 VIVACOM-AS BULGARIA
General Check archive.org Show headers Download Go to Show image Full URL https://lex.bg/assets/im//rss.png Requested by Host: lex.bg URL: https://lex.bg/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 95.43.224.11 , Bulgaria, ASN8866 (VIVACOM-AS BULGARIA, BG), Reverse DNS 95-43-224-11.ip.btc-net.bg Software Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.6.40 / Resource Hash 569120845cc792f7fb9d276c8d2e8eeb5c1db5aa052bb24242734f68a108269e Request headers accept-language de-DE,de;q=0.9 Referer https://lex.bg/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers Date Wed, 27 Dec 2023 21:27:43 GMT Last-Modified Mon, 27 Dec 2010 08:04:10 GMT Server Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.6.40 ETag "1a8-4985fc7e79280" Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=98 Content-Length 424
GET H/1.1	200 OK	header_bidding.php Show response bg.search.etargetnet.com/generic/	15 KB 4 KB	21ms 20ms	Script text/javascript	195.168.10.173 AS-BENESTRA Brati...
General Check archive.org Show headers Download Go to Full URL https://bg.search.etargetnet.com/generic/header_bidding.php?ref=84094 Requested by Host: lex.bg URL: https://lex.bg/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 195.168.10.173 Žilina, Slovakia, ASN5578 (AS-BENESTRA Bratislava, Slovak Republic, SK), Reverse DNS a45.etarget.sh.cust.gts.sk Software nginx / Resource Hash 2996157ec77bf3913a594bfd6353b4f6966d02e1cff3807fec8826772af7cab3 Request headers accept-language de-DE,de;q=0.9 Referer https://lex.bg/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers Pragma cache Date Wed, 27 Dec 2023 21:38:39 GMT Content-Encoding gzip Server nginx Transfer-Encoding chunked Vary Accept-Encoding Content-Type text/javascript;charset=UTF-8 access-control-allow-origin * Y-Protected-By Bulbasaur/mblade01-01-b X-Protected-By Bee/0.42 Cache-Control max-age=18000 P3P CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM", policyref="/w3c/p3p.xml" Connection keep-alive Expires Thu, 28 Dec 2023 02:38:39 GMT
POST H2	204	collect region1.google-analytics.com/g/	0 248 B	36ms 15ms	Ping text/plain	2001:4860:4802:32::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.google-analytics.com/g/collect?v=2&tid=G-16F1C2CEKH&gtm=45je3bt0v9130039543&_p=1703713119118&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=996336727.1703713119&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1703713119&sct=1&seg=0&dl=https%3A%2F%2Flex.bg%2F&dt=Lex.bg%20-%20%D0%91%D1%8A%D0%BB%D0%B3%D0%B0%D1%80%D1%81%D0%BA%D0%B8%D1%8F%D1%82%20%D0%BF%D1%80%D0%B0%D0%B2%D0%B5%D0%BD%20%D0%BF%D0%BE%D1%80%D1%82%D0%B0%D0%BB&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1028 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-16F1C2CEKH Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://lex.bg/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers pragma no-cache date Wed, 27 Dec 2023 21:38:39 GMT server Golfe2 content-type text/plain access-control-allow-origin https://lex.bg cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	cb=gapi.loaded_0 Show response apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.Vfl3xXWFLmk.O/m=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo86I-Lz9xExGf4hsd4WDA5L6jMrIA/	158 KB 55 KB	8ms 7ms	Script text/javascript	2a00:1450:4001:81c::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.Vfl3xXWFLmk.O/m=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo86I-Lz9xExGf4hsd4WDA5L6jMrIA/cb=gapi.loaded_0?le=scs Requested by Host: apis.google.com URL: https://apis.google.com/js/plusone.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 266d386b294c2a628ca6c650a288b58c6ee6e652a1ee32de8bfcb38020f6439a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://lex.bg/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Thu, 21 Dec 2023 20:30:52 GMT content-encoding gzip x-content-type-options nosniff age 522467 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 55902 x-xss-protection 0 last-modified Wed, 06 Dec 2023 19:05:16 GMT server sffe cross-origin-opener-policy same-origin; report-to="social-frontend-mpm-access" vary Accept-Encoding report-to {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes expires Fri, 20 Dec 2024 20:30:52 GMT
GET H2	200	ad.js Show response bg.adocean.pl/___/_1703713119/ Redirect Chain https://bg.adocean.pl/_1703713119406/ad.js?id=.4Zcd0jXneZ9Pr7x7YcvM8ijDeyIL6b_mGbFsvFwE17.c7/adov=4.6.2/x=1600/y=1200/lptype=1/nc=0/inner=_ch_mobile%3D0%7C_ch_brands%3D https://bg.adocean.pl/__/_1703713119406/ad.js?id=.4Zcd0jXneZ9Pr7x7YcvM8ijDeyIL6b_mGbFsvFwE17.c7/adov=4.6.2/x=1600/y=1200/lptype=1/nc=0/inner=_ch_mobile%3D0%7C_ch_brands%3D https://adbg.hit.gemius.pl/redataredir?url=https%3A%2F%2Fbg.adocean.pl%2F___%2F_1703713119%2Fad.js%3Fhclsdata%3DHCLSDATA%26hcudata%3DHCUDATA%26id%3D.4Zcd0jXneZ9Pr7x7YcvM8ijDeyIL6b_mGbFsvFwE17.c7%2F... https://adbg.hit.gemius.pl/__/redataredir?url=https%3A%2F%2Fbg.adocean.pl%2F___%2F_1703713119%2Fad.js%3Fhclsdata%3DHCLSDATA%26hcudata%3DHCUDATA%26id%3D.4Zcd0jXneZ9Pr7x7YcvM8ijDeyIL6b_mGbFsvFwE17.c7... https://bg.adocean.pl/___/_1703713119/ad.js?hclsdata=&hcudata=AqRwMqc6NDRXfL.h7xGxNAf6lvVd6bbMxJrQOIk3N3j.L7&id=.4Zcd0jXneZ9Pr7x7YcvM8ijDeyIL6b_mGbFsvFwE17.c7/adov=4.6.2/x=1600/y=1200/lptype=1/nc=0...	11 KB 4 KB	31ms 31ms	Script application/x-javascript	78.128.6.41 TELEPOINT
General Check archive.org Show headers Download Go to Full URL https://bg.adocean.pl/___/_1703713119/ad.js?hclsdata=&hcudata=AqRwMqc6NDRXfL.h7xGxNAf6lvVd6bbMxJrQOIk3N3j.L7&id=.4Zcd0jXneZ9Pr7x7YcvM8ijDeyIL6b_mGbFsvFwE17.c7/adov=4.6.2/x=1600/y=1200/lptype=1/nc=0/inner=_ch_mobile%3D0%7C_ch_brands%3D Requested by Host: lex.bg URL: https://lex.bg/ Protocol H2 Server 78.128.6.41 , Bulgaria, ASN31083 (TELEPOINT, BG), Reverse DNS ip-6-41.telehouse.bg Software GAD / Resource Hash 858929ffc7fea629c2ec69c65180e025330b6704919b88818b800e520748af64 Request headers accept-language de-DE,de;q=0.9 Referer https://lex.bg/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers pragma no-cache date Wed, 27 Dec 2023 21:38:39 GMT content-encoding gzip server GAD accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 vary Accept-Encoding,Origin p3p CP="NOI DSP COR NID PSAo OUR IND" content-type application/x-javascript cache-control no-cache, must-revalidate, max-age=0 cross-origin-resource-policy cross-origin accept-ranges none content-length 3429 expires Tue, 26 Dec 2023 21:38:39 GMT Redirect headers pragma no-cache date Wed, 27 Dec 2023 21:38:39 GMT server GHC accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 p3p CP="NOI DSP COR NID PSAo OUR IND" location https://bg.adocean.pl/___/_1703713119/ad.js?hclsdata=&hcudata=AqRwMqc6NDRXfL.h7xGxNAf6lvVd6bbMxJrQOIk3N3j.L7&id=.4Zcd0jXneZ9Pr7x7YcvM8ijDeyIL6b_mGbFsvFwE17.c7/adov=4.6.2/x=1600/y=1200/lptype=1/nc=0/inner=_ch_mobile%3D0%7C_ch_brands%3D cache-control no-store, no-cache, must-revalidate, max-age=0 cross-origin-resource-policy cross-origin accept-ranges none content-length 0 expires Tue, 26 Dec 2023 21:38:39 GMT
GET H2	200	fbevents.js Show response connect.facebook.net/en_US/	202 KB 54 KB	25ms 8ms	Script application/x-javascript	2a03:2880:f083:9:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/fbevents.js Requested by Host: lex.bg URL: https://lex.bg/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8 Security Headers Name Value Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://lex.bg/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers permissions-policy-report-only autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=() content-security-policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; preload; includeSubDomains date Wed, 27 Dec 2023 21:38:39 GMT document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 54273 x-xss-protection 0 reporting-endpoints pragma public x-fb-debug WRn1QqivXQW5aF+DQ+n+/jSK1eKz+beZSkdYjctXnjCI89jFI4e89QcEgU+5jyk6qmr8hyhAhggYfGcJVGZeSQ== cross-origin-opener-policy same-origin-allow-popups vary Accept-Encoding x-frame-options DENY content-type application/x-javascript; charset=utf-8 cache-control public, max-age=1200 permissions-policy accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=() timing-allow-origin * expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	gtm.js Show response www.googletagmanager.com/	157 KB 57 KB	24ms 23ms	Script application/javascript	2a00:1450:4001:80f::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-WJG2W4 Requested by Host: lex.bg URL: https://lex.bg/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash b759d7e398c3c312ba2e8b789715f8a9bc694efd8015682bdb1c6a4ed838ec8e Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://lex.bg/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Wed, 27 Dec 2023 21:38:39 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 58698 x-xss-protection 0 last-modified Wed, 27 Dec 2023 21:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Wed, 27 Dec 2023 21:38:39 GMT
POST H2	200	extra=; adbg.hit.gemius.pl/_1703713119764/redot.js/id=chuaCE8s29YTjNysVFIJJqQ9zeCu45tGDNq3JbHrirT.s7/nc=0/stparam=vncjhirkcl/fastid=effhbtkjlipcggmvmpycnrcupikj/sarg=658C995F835478AE;/inner=_ch_mobile%3D0%...	2 B 426 B	32ms 31ms	Ping application/x-javascript	78.128.6.44 TELEPOINT
General Check archive.org Show headers Download Go to Full URL https://adbg.hit.gemius.pl/_1703713119764/redot.js/id=chuaCE8s29YTjNysVFIJJqQ9zeCu45tGDNq3JbHrirT.s7/nc=0/stparam=vncjhirkcl/fastid=effhbtkjlipcggmvmpycnrcupikj/sarg=658C995F835478AE;/inner=_ch_mobile%3D0%7C_ch_brands%3D%7C;/extra=; Requested by Host: bg.adocean.pl URL: https://bg.adocean.pl/files/js/ado.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 78.128.6.44 , Bulgaria, ASN31083 (TELEPOINT, BG), Reverse DNS ip-6-44.telehouse.bg Software GHC / Resource Hash 75a11da44c802486bc6f65640aa48a730f0f684c5c07a42ba3cd1735eb3fb070 Request headers Referer https://lex.bg/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers pragma no-cache date Wed, 27 Dec 2023 21:38:39 GMT server GHC accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 p3p CP="NOI DSP COR NID PSAo OUR IND" access-control-allow-origin https://lex.bg content-type application/x-javascript cache-control no-store, no-cache, must-revalidate, max-age=0 access-control-allow-credentials true cross-origin-resource-policy cross-origin accept-ranges none content-length 2 expires Tue, 26 Dec 2023 21:38:39 GMT
GET H2	200	bgimage_gao_lib.js Show response bg.adocean.pl/files/js/	7 KB 2 KB	30ms 30ms	Script application/x-javascript	78.128.6.41 TELEPOINT
General Check archive.org Show headers Download Go to Full URL https://bg.adocean.pl/files/js/bgimage_gao_lib.js Requested by Host: bg.adocean.pl URL: https://bg.adocean.pl/_1703713119406/ad.js?id=.4Zcd0jXneZ9Pr7x7YcvM8ijDeyIL6b_mGbFsvFwE17.c7/adov=4.6.2/x=1600/y=1200/lptype=1/nc=0/inner=_ch_mobile%3D0%7C_ch_brands%3D Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 78.128.6.41 , Bulgaria, ASN31083 (TELEPOINT, BG), Reverse DNS ip-6-41.telehouse.bg Software GAD / Resource Hash 70d1604f65c7c0e1d55b24ea55e6a0cb87429f39a5380dd35839e3037b4dd993 Request headers Referer https://lex.bg/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Intervention <https://www.chromestatus.com/feature/5718547946799104>; level="warning" Response headers date Wed, 27 Dec 2023 21:38:39 GMT content-encoding gzip last-modified Tue, 01 Aug 2023 07:28:14 GMT server GAD accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 etag "64C8B40E00001BD3EAE7E6BB" vary Accept-Encoding,Origin p3p CP="NOI DSP COR NID PSAo OUR IND" content-type application/x-javascript cache-control public, must-revalidate, max-age=432000 cross-origin-resource-policy cross-origin accept-ranges bytes content-length 2344 expires Mon, 01 Jan 2024 21:38:39 GMT
POST H2	200	extra=; adbg.hit.gemius.pl/_1703713119803/redot.js/id=.cCbuStDJJpZ_qA4S3V_3rb.HXJk7sevxiNIrdAnTZn.n7/nc=0/stparam=xjimhlqlmj/fastid=mrzucecnosxrkoacowoskfoaxdme/sarg=658C995F835478AE;/inner=_ch_mobile%3D0%...	2 B 294 B	71ms 71ms	Ping application/x-javascript	78.128.6.44 TELEPOINT
General Check archive.org Show headers Download Go to Full URL https://adbg.hit.gemius.pl/_1703713119803/redot.js/id=.cCbuStDJJpZ_qA4S3V_3rb.HXJk7sevxiNIrdAnTZn.n7/nc=0/stparam=xjimhlqlmj/fastid=mrzucecnosxrkoacowoskfoaxdme/sarg=658C995F835478AE;/inner=_ch_mobile%3D0%7C_ch_brands%3D%7C;/extra=; Requested by Host: bg.adocean.pl URL: https://bg.adocean.pl/files/js/ado.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 78.128.6.44 , Bulgaria, ASN31083 (TELEPOINT, BG), Reverse DNS ip-6-44.telehouse.bg Software GHC / Resource Hash 75a11da44c802486bc6f65640aa48a730f0f684c5c07a42ba3cd1735eb3fb070 Request headers Referer https://lex.bg/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers pragma no-cache date Wed, 27 Dec 2023 21:38:39 GMT server GHC accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 p3p CP="NOI DSP COR NID PSAo OUR IND" access-control-allow-origin https://lex.bg content-type application/x-javascript cache-control no-store, no-cache, must-revalidate, max-age=0 access-control-allow-credentials true cross-origin-resource-policy cross-origin accept-ranges none content-length 2 expires Tue, 26 Dec 2023 21:38:39 GMT
POST H2	200	extra=; adbg.hit.gemius.pl/_1703713119805/redot.js/id=chuaCE8s29YTjNysVFIJJqQ9zeCu45tGDNq3JbHrirT.s7/nc=0/stparam=tfmifuomkx/fastid=effhbtkjlipcggmvmpycnrcupikj/sarg=658C995F835478AE;/inner=_ch_mobile%3D0%...	2 B 293 B	70ms 70ms	Ping application/x-javascript	78.128.6.44 TELEPOINT
General Check archive.org Show headers Download Go to Full URL https://adbg.hit.gemius.pl/_1703713119805/redot.js/id=chuaCE8s29YTjNysVFIJJqQ9zeCu45tGDNq3JbHrirT.s7/nc=0/stparam=tfmifuomkx/fastid=effhbtkjlipcggmvmpycnrcupikj/sarg=658C995F835478AE;/inner=_ch_mobile%3D0%7C_ch_brands%3D%7C;/extra=; Requested by Host: bg.adocean.pl URL: https://bg.adocean.pl/files/js/ado.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 78.128.6.44 , Bulgaria, ASN31083 (TELEPOINT, BG), Reverse DNS ip-6-44.telehouse.bg Software GHC / Resource Hash 75a11da44c802486bc6f65640aa48a730f0f684c5c07a42ba3cd1735eb3fb070 Request headers Referer https://lex.bg/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers pragma no-cache date Wed, 27 Dec 2023 21:38:39 GMT server GHC accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 p3p CP="NOI DSP COR NID PSAo OUR IND" access-control-allow-origin https://lex.bg content-type application/x-javascript cache-control no-store, no-cache, must-revalidate, max-age=0 access-control-allow-credentials true cross-origin-resource-policy cross-origin accept-ranges none content-length 2 expires Tue, 26 Dec 2023 21:38:39 GMT
GET H2	200	init2.0.js Show response etargetcdn.com/hb/	32 KB 10 KB	45ms 15ms	Script application/javascript	2606:4700:20::681a:6d9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://etargetcdn.com/hb/init2.0.js Requested by Host: bg.search.etargetnet.com URL: https://bg.search.etargetnet.com/generic/header_bidding.php?ref=82158 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:6d9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8a5471b47d09d9ef790e5ef95090d1c44ccc42575adb9cdb49d877b30004b931 Request headers accept-language de-DE,de;q=0.9 Referer https://lex.bg/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Wed, 27 Dec 2023 21:38:39 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 3689 cf-polished origSize=56052 cf-bgj minify last-modified Wed, 27 Sep 2023 11:02:50 GMT server cloudflare etag W/"65140bda-daf4" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V7yfbqF3h8rb40R1Zjtvyq%2BU0gKMr5ehbk4bYwGJu%2FJQfB3D6%2BlgpINK5Q8MbruC%2BzvOxn2rk4mKMgHV9BX%2FLTTO7njc51%2FBzcYfmLs4DLnc2Uf86nJkekSJi6HjT3qgfV19nA8fw2tGeeCP"}],"group":"cf-nel","max_age":604800} content-type application/javascript y-protected-by Bulbasaur/mblade01-01-a cache-control max-age=14400 cf-ray 83c4b636f9b01c15-FRA
GET H2	200	billboard_v2_gao_lib.js Show response bg.adocean.pl/files/js/	18 KB 7 KB	31ms 30ms	Script application/x-javascript	78.128.6.41 TELEPOINT
General Check archive.org Show headers Download Go to Full URL https://bg.adocean.pl/files/js/billboard_v2_gao_lib.js Requested by Host: bg.adocean.pl URL: https://bg.adocean.pl/_1703713119406/ad.js?id=.4Zcd0jXneZ9Pr7x7YcvM8ijDeyIL6b_mGbFsvFwE17.c7/adov=4.6.2/x=1600/y=1200/lptype=1/nc=0/inner=_ch_mobile%3D0%7C_ch_brands%3D Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 78.128.6.41 , Bulgaria, ASN31083 (TELEPOINT, BG), Reverse DNS ip-6-41.telehouse.bg Software GAD / Resource Hash 61ff1056c081d072ece5ab9b97235e5162d1023db19d058937bd278e0b2f2107 Request headers Referer https://lex.bg/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Intervention <https://www.chromestatus.com/feature/5718547946799104>; level="warning" Response headers date Wed, 27 Dec 2023 21:38:39 GMT content-encoding gzip last-modified Tue, 01 Aug 2023 07:28:17 GMT server GAD accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 etag "64C8B4110000475CCE814B60" vary Accept-Encoding,Origin p3p CP="NOI DSP COR NID PSAo OUR IND" content-type application/x-javascript cache-control public, must-revalidate, max-age=432000 cross-origin-resource-policy cross-origin accept-ranges bytes content-length 7010 expires Mon, 01 Jan 2024 21:38:39 GMT
GET H2	200	lex-x-honor-wallpaper2.jpg bg.adocean.pl/files/x/mmc/injmiro/lefeckemtf/	189 KB 189 KB	32ms 31ms	Image image/jpeg	78.128.6.41 TELEPOINT
General Check archive.org Show headers Download Go to Show image Full URL https://bg.adocean.pl/files/x/mmc/injmiro/lefeckemtf/lex-x-honor-wallpaper2.jpg Requested by Host: lex.bg URL: https://lex.bg/ Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 78.128.6.41 , Bulgaria, ASN31083 (TELEPOINT, BG), Reverse DNS ip-6-41.telehouse.bg Software GAD / Resource Hash 480506c0c367d8d68cfbe7b377ee4e2e388732f53957b57c2c936a356fdac157 Request headers accept-language de-DE,de;q=0.9 Referer https://lex.bg/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Wed, 27 Dec 2023 21:38:39 GMT last-modified Wed, 20 Dec 2023 14:27:46 GMT server GAD accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 etag "6582F9E20002F4801AEA49FD" vary Accept-Encoding,Origin p3p CP="NOI DSP COR NID PSAo OUR IND" content-type image/jpeg cache-control public, must-revalidate, max-age=4320000 cross-origin-resource-policy cross-origin accept-ranges bytes content-length 193664 expires Thu, 15 Feb 2024 21:38:39 GMT
GET H/1.1	200 OK	header_bg.png lex.bg/assets/im/2011/ Redirect Chain https://www.lex.bg/assets/im/2011/header_bg.png https://lex.bg/assets/im/2011/header_bg.png	4 KB 4 KB	35ms 35ms	Image image/png	95.43.224.11 VIVACOM-AS BULGARIA
General Check archive.org Show headers Download Go to Show image Full URL https://lex.bg/assets/im/2011/header_bg.png Requested by Host: lex.bg URL: https://lex.bg/assets/css/style.css?ver=3 Protocol HTTP/1.1 Server 95.43.224.11 , Bulgaria, ASN8866 (VIVACOM-AS BULGARIA, BG), Reverse DNS 95-43-224-11.ip.btc-net.bg Software Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.6.40 / Resource Hash 9e4167729fa399c721e633d59ef526a6e339da811976253304a48dc70a817636 Request headers accept-language de-DE,de;q=0.9 Referer https://lex.bg/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers Date Wed, 27 Dec 2023 21:27:43 GMT Last-Modified Mon, 27 Dec 2010 08:13:44 GMT Server Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.6.40 ETag "e8d-4985fea1e1e00" Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=98 Content-Length 3725 Redirect headers Location https://lex.bg/assets/im/2011/header_bg.png Date Wed, 27 Dec 2023 21:27:43 GMT Server Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.6.40 Connection Keep-Alive Keep-Alive timeout=5, max=99 Content-Length 251 Content-Type text/html; charset=iso-8859-1
GET H/1.1	200 OK	navigator_bg.png lex.bg/assets/im/2011/ Redirect Chain https://www.lex.bg/assets/im/2011/navigator_bg.png https://lex.bg/assets/im/2011/navigator_bg.png	154 B 467 B	32ms 32ms	Image image/png	95.43.224.11 VIVACOM-AS BULGARIA
General Check archive.org Show headers Download Go to Show image Full URL https://lex.bg/assets/im/2011/navigator_bg.png Requested by Host: lex.bg URL: https://lex.bg/assets/css/style.css?ver=3 Protocol HTTP/1.1 Server 95.43.224.11 , Bulgaria, ASN8866 (VIVACOM-AS BULGARIA, BG), Reverse DNS 95-43-224-11.ip.btc-net.bg Software Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.6.40 / Resource Hash ff965b1dd97c7aa244dfc14cc6f83a62db755f5c0094f3f906ab6eecd89b6b2c Request headers accept-language de-DE,de;q=0.9 Referer https://lex.bg/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers Date Wed, 27 Dec 2023 21:27:43 GMT Last-Modified Wed, 29 Dec 2010 08:35:18 GMT Server Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.6.40 ETag "9a-4988872edbd80" Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=96 Content-Length 154 Redirect headers Location https://lex.bg/assets/im/2011/navigator_bg.png Date Wed, 27 Dec 2023 21:27:43 GMT Server Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.6.40 Connection Keep-Alive Keep-Alive timeout=5, max=99 Content-Length 254 Content-Type text/html; charset=iso-8859-1
GET H/1.1	200 OK	navigator_btn_hover.png lex.bg/assets/im/2011/ Redirect Chain https://www.lex.bg/assets/im/2011/navigator_btn_hover.png https://lex.bg/assets/im/2011/navigator_btn_hover.png	198 B 511 B	37ms 37ms	Image image/png	95.43.224.11 VIVACOM-AS BULGARIA
General Check archive.org Show headers Download Go to Show image Full URL https://lex.bg/assets/im/2011/navigator_btn_hover.png Requested by Host: lex.bg URL: https://lex.bg/assets/css/style.css?ver=3 Protocol HTTP/1.1 Server 95.43.224.11 , Bulgaria, ASN8866 (VIVACOM-AS BULGARIA, BG), Reverse DNS 95-43-224-11.ip.btc-net.bg Software Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.6.40 / Resource Hash a848bc982acb76d3fcbd32ce8a5cd3aef3b8bf8ad44d055a415df5519f94e420 Request headers accept-language de-DE,de;q=0.9 Referer https://lex.bg/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers Date Wed, 27 Dec 2023 21:27:43 GMT Last-Modified Wed, 29 Dec 2010 08:38:26 GMT Server Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.6.40 ETag "c6-498887e226480" Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=94 Content-Length 198 Redirect headers Location https://lex.bg/assets/im/2011/navigator_btn_hover.png Date Wed, 27 Dec 2023 21:27:43 GMT Server Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.6.40 Connection Keep-Alive Keep-Alive timeout=5, max=99 Content-Length 261 Content-Type text/html; charset=iso-8859-1
GET H/1.1	404 Not Found	container_bg.png lex.bg/assets/im/2011/ Redirect Chain https://www.lex.bg/assets/im/2011/container_bg.png https://lex.bg/assets/im/2011/container_bg.png	229 B 229 B	36ms 36ms	Image text/html	95.43.224.11 VIVACOM-AS BULGARIA
General Check archive.org Show headers Download Go to Show image Full URL https://lex.bg/assets/im/2011/container_bg.png Requested by Host: lex.bg URL: https://lex.bg/assets/css/style.css?ver=3 Protocol HTTP/1.1 Server 95.43.224.11 , Bulgaria, ASN8866 (VIVACOM-AS BULGARIA, BG), Reverse DNS 95-43-224-11.ip.btc-net.bg Software Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.6.40 / Resource Hash 301c308338402f141db06e999a046eaee9936c83e2d073c4cec14f55ffdebf62 Request headers accept-language de-DE,de;q=0.9 Referer https://lex.bg/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers Date Wed, 27 Dec 2023 21:27:43 GMT Server Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.6.40 Connection Keep-Alive Keep-Alive timeout=5, max=94 Content-Length 229 Content-Type text/html; charset=iso-8859-1 Redirect headers Location https://lex.bg/assets/im/2011/container_bg.png Date Wed, 27 Dec 2023 21:27:43 GMT Server Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.6.40 Connection Keep-Alive Keep-Alive timeout=5, max=99 Content-Length 254 Content-Type text/html; charset=iso-8859-1
GET H/1.1	200 OK	search_big_bg.png lex.bg/assets/im/2011/ Redirect Chain https://www.lex.bg/assets/im/2011/search_big_bg.png https://lex.bg/assets/im/2011/search_big_bg.png	530 B 844 B	31ms 31ms	Image image/png	95.43.224.11 VIVACOM-AS BULGARIA
General Check archive.org Show headers Download Go to Show image Full URL https://lex.bg/assets/im/2011/search_big_bg.png Requested by Host: lex.bg URL: https://lex.bg/assets/css/style.css?ver=3 Protocol HTTP/1.1 Server 95.43.224.11 , Bulgaria, ASN8866 (VIVACOM-AS BULGARIA, BG), Reverse DNS 95-43-224-11.ip.btc-net.bg Software Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.6.40 / Resource Hash 834a601cbfa1dc5d610a7ce53677f750c6ded4e12cd38fc8a1b00e971fe6af62 Request headers accept-language de-DE,de;q=0.9 Referer https://lex.bg/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers Date Wed, 27 Dec 2023 21:27:43 GMT Last-Modified Tue, 28 Dec 2010 13:37:12 GMT Server Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.6.40 ETag "212-498788cc41200" Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=93 Content-Length 530 Redirect headers Location https://lex.bg/assets/im/2011/search_big_bg.png Date Wed, 27 Dec 2023 21:27:43 GMT Server Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.6.40 Connection Keep-Alive Keep-Alive timeout=5, max=98 Content-Length 255 Content-Type text/html; charset=iso-8859-1
GET H/1.1	200 OK	sprite.png lex.bg/assets/im//	8 KB 8 KB	32ms 32ms	Image image/png	95.43.224.11 VIVACOM-AS BULGARIA
General Check archive.org Show headers Download Go to Show image Full URL https://lex.bg/assets/im//sprite.png Requested by Host: lex.bg URL: https://lex.bg/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 95.43.224.11 , Bulgaria, ASN8866 (VIVACOM-AS BULGARIA, BG), Reverse DNS 95-43-224-11.ip.btc-net.bg Software Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.6.40 / Resource Hash cee537aadd046c6ea2d8461b926a5dc3bf913254dde92d3121294a4f37f69bd9 Request headers accept-language de-DE,de;q=0.9 Referer https://lex.bg/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers Date Wed, 27 Dec 2023 21:27:43 GMT Last-Modified Wed, 01 Jun 2011 08:53:31 GMT Server Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.6.40 ETag "1e6c-4a4a2a7a358c0" Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=95 Content-Length 7788
GET H/1.1	200 OK	%D0%B8%D0%B2%D0%BE-%D1%80%D0%B0%D0%B4%D0%B5%D0%B2-2.jpg news.lex.bg/wp-content/uploads/2019/08/	14 KB 14 KB	321ms 51ms	Image image/webp	193.192.48.170 ASP-AS
General Check archive.org Show headers Download Go to Show image Full URL https://news.lex.bg/wp-content/uploads/2019/08/%D0%B8%D0%B2%D0%BE-%D1%80%D0%B0%D0%B4%D0%B5%D0%B2-2.jpg Requested by Host: lex.bg URL: https://lex.bg/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 193.192.48.170 , Bulgaria, ASN35480 (ASP-AS, BG), Reverse DNS Software Apache/2.4.25 (Debian) / Resource Hash 6eb3626ef3b37959a59d7a36fad6204edc78fca3f9e94f7d22de9d6ee17d5c0e Request headers accept-language de-DE,de;q=0.9 Referer https://lex.bg/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers Date Wed, 27 Dec 2023 21:38:40 GMT Last-Modified Thu, 08 Aug 2019 13:36:57 GMT Server Apache/2.4.25 (Debian) ETag "372a-58f9b26d0604f" Content-Type image/webp Connection close Accept-Ranges bytes Content-Length 14122
GET H/1.1	200 OK	mainnewsbg.png lex.bg/assets/images/	3 KB 3 KB	32ms 31ms	Image image/png	95.43.224.11 VIVACOM-AS BULGARIA
General Check archive.org Show headers Download Go to Show image Full URL https://lex.bg/assets/images/mainnewsbg.png Requested by Host: lex.bg URL: https://lex.bg/assets/css/style.css?ver=3 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 95.43.224.11 , Bulgaria, ASN8866 (VIVACOM-AS BULGARIA, BG), Reverse DNS 95-43-224-11.ip.btc-net.bg Software Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.6.40 / Resource Hash 91078d8466b4ee6bd718bd7002716b577754036db1f0f7321992803ad4438605 Request headers accept-language de-DE,de;q=0.9 Referer https://lex.bg/assets/css/style.css?ver=3 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers Date Wed, 27 Dec 2023 21:27:43 GMT Last-Modified Tue, 25 May 2021 12:28:25 GMT Server Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.6.40 ETag "b16-5c326a997e832" Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=97 Content-Length 2838
GET H/1.1	200 OK	%D0%BF%D1%80%D0%B0%D0%B2%D0%BE-%D0%BF%D1%80%D0%B0%D0%B2%D0%BE%D1%81%D1%8A%D0%B4%D0%B8%D0%B5-%D0%B2%D0%B5%D0%B7%D0%BD%D0%B8.jpg news.lex.bg/wp-content/uploads/2022/08/	421 KB 421 KB	318ms 50ms	Image image/jpeg	193.192.48.170 ASP-AS
General Check archive.org Show headers Download Go to Show image Full URL https://news.lex.bg/wp-content/uploads/2022/08/%D0%BF%D1%80%D0%B0%D0%B2%D0%BE-%D0%BF%D1%80%D0%B0%D0%B2%D0%BE%D1%81%D1%8A%D0%B4%D0%B8%D0%B5-%D0%B2%D0%B5%D0%B7%D0%BD%D0%B8.jpg Requested by Host: lex.bg URL: https://lex.bg/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 193.192.48.170 , Bulgaria, ASN35480 (ASP-AS, BG), Reverse DNS Software Apache/2.4.25 (Debian) / Resource Hash 5a18d6b716f5acee1a6ad24c2c39817321d2e869eb65c55b6f2542285255f340 Request headers accept-language de-DE,de;q=0.9 Referer https://lex.bg/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers Date Wed, 27 Dec 2023 21:38:40 GMT Last-Modified Wed, 10 Aug 2022 13:04:07 GMT Server Apache/2.4.25 (Debian) ETag "6933e-5e5e2af2a5d84" Content-Type image/jpeg Connection close Accept-Ranges bytes Content-Length 430910
GET H/1.1	200 OK	%D0%B2%D0%BB%D0%B0%D0%B4%D0%B8%D0%BC%D0%B8%D1%80-%D1%87%D0%B0%D0%B2%D0%B4%D0%B0%D1%80%D0%BE%D0%B2.jpeg news.lex.bg/wp-content/uploads/2023/12/	3 MB 3 MB	320ms 53ms	Image image/jpeg	193.192.48.170 ASP-AS
General Check archive.org Show headers Download Go to Show image Full URL https://news.lex.bg/wp-content/uploads/2023/12/%D0%B2%D0%BB%D0%B0%D0%B4%D0%B8%D0%BC%D0%B8%D1%80-%D1%87%D0%B0%D0%B2%D0%B4%D0%B0%D1%80%D0%BE%D0%B2.jpeg Requested by Host: lex.bg URL: https://lex.bg/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 193.192.48.170 , Bulgaria, ASN35480 (ASP-AS, BG), Reverse DNS Software Apache/2.4.25 (Debian) / Resource Hash d8fa39bfd09bb80513e9ad0e1d800df17b27ea9df9e26c79eb582806e0fbeeca Request headers accept-language de-DE,de;q=0.9 Referer https://lex.bg/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers Date Wed, 27 Dec 2023 21:38:40 GMT Last-Modified Fri, 22 Dec 2023 08:32:33 GMT Server Apache/2.4.25 (Debian) ETag "2edb76-60d150ecb573d" Content-Type image/jpeg Connection close Accept-Ranges bytes Content-Length 3070838
GET H/1.1	200 OK	%D0%92%D0%A1%D0%A1-%D0%91%D0%A2%D0%90.jpeg news.lex.bg/wp-content/uploads/2023/12/	8 MB 8 MB	317ms 50ms	Image image/jpeg	193.192.48.170 ASP-AS
General Check archive.org Show headers Download Go to Show image Full URL https://news.lex.bg/wp-content/uploads/2023/12/%D0%92%D0%A1%D0%A1-%D0%91%D0%A2%D0%90.jpeg Requested by Host: lex.bg URL: https://lex.bg/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 193.192.48.170 , Bulgaria, ASN35480 (ASP-AS, BG), Reverse DNS Software Apache/2.4.25 (Debian) / Resource Hash e6d5543205cfb5c8ea2921e4620ceb2744119f66931bb3697b1f00439ead5f22 Request headers accept-language de-DE,de;q=0.9 Referer https://lex.bg/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers Date Wed, 27 Dec 2023 21:38:40 GMT Last-Modified Thu, 21 Dec 2023 14:08:44 GMT Server Apache/2.4.25 (Debian) ETag "7b3535-60d05a336b1fb" Content-Type image/jpeg Connection close Accept-Ranges bytes Content-Length 8074549
GET H/1.1	200 OK	nexo-%D0%BD%D0%B5%D0%BA%D1%81%D0%BE.png news.lex.bg/wp-content/uploads/2023/12/	939 KB 940 KB	323ms 54ms	Image image/png	193.192.48.170 ASP-AS
General Check archive.org Show headers Download Go to Show image Full URL https://news.lex.bg/wp-content/uploads/2023/12/nexo-%D0%BD%D0%B5%D0%BA%D1%81%D0%BE.png Requested by Host: lex.bg URL: https://lex.bg/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 193.192.48.170 , Bulgaria, ASN35480 (ASP-AS, BG), Reverse DNS Software Apache/2.4.25 (Debian) / Resource Hash 534b48d2f85f80b3d54131396face07203626b39286270602f91319abe9cdabf Request headers accept-language de-DE,de;q=0.9 Referer https://lex.bg/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers Date Wed, 27 Dec 2023 21:38:40 GMT Last-Modified Fri, 22 Dec 2023 13:49:02 GMT Server Apache/2.4.25 (Debian) ETag "eaddc-60d197a94367a" Content-Type image/png Connection close Accept-Ranges bytes Content-Length 962012
GET H/1.1	200 OK	%D1%84%D1%80%D0%B8%D0%B7%D1%8C%D0%BE%D1%80.jpg news.lex.bg/wp-content/uploads/2023/12/	111 KB 112 KB	323ms 54ms	Image image/jpeg	193.192.48.170 ASP-AS
General Check archive.org Show headers Download Go to Show image Full URL https://news.lex.bg/wp-content/uploads/2023/12/%D1%84%D1%80%D0%B8%D0%B7%D1%8C%D0%BE%D1%80.jpg Requested by Host: lex.bg URL: https://lex.bg/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 193.192.48.170 , Bulgaria, ASN35480 (ASP-AS, BG), Reverse DNS Software Apache/2.4.25 (Debian) / Resource Hash 6bd54cffa50ab7b226752c5351a5a2bec20bb1952a3fd1fbcb60571f4ea7c740 Request headers accept-language de-DE,de;q=0.9 Referer https://lex.bg/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers Date Wed, 27 Dec 2023 21:38:40 GMT Last-Modified Thu, 21 Dec 2023 10:57:52 GMT Server Apache/2.4.25 (Debian) ETag "1bd37-60d02f89cd35f" Content-Type image/jpeg Connection close Accept-Ranges bytes Content-Length 113975
GET H/1.1	200 OK	%D0%BF%D0%B0%D0%B2%D0%BB%D0%B8%D0%BD%D0%B0-%D0%BF%D0%B0%D0%BD%D0%BE%D0%B2%D0%B0-%D1%81%D0%B4%D0%B5%D0%BB%D0%BA%D0%B0-%D1%81%D0%B3%D1%80%D0%B0%D0%B4%D0%B0-%D0%9A%D0%BE%D0%BD%D1%81%D1%82%D0%B8%D1%82%... news.lex.bg/wp-content/uploads/2023/12/	2 MB 2 MB	144ms 56ms	Image image/jpeg	193.192.48.170 ASP-AS
General Check archive.org Show headers Download Go to Show image Full URL https://news.lex.bg/wp-content/uploads/2023/12/%D0%BF%D0%B0%D0%B2%D0%BB%D0%B8%D0%BD%D0%B0-%D0%BF%D0%B0%D0%BD%D0%BE%D0%B2%D0%B0-%D1%81%D0%B4%D0%B5%D0%BB%D0%BA%D0%B0-%D1%81%D0%B3%D1%80%D0%B0%D0%B4%D0%B0-%D0%9A%D0%BE%D0%BD%D1%81%D1%82%D0%B8%D1%82%D1%83%D1%86%D0%B8%D0%BE%D0%BD%D0%B5%D0%BD-%D1%81%D1%8A%D0%B4.jpg Requested by Host: lex.bg URL: https://lex.bg/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 193.192.48.170 , Bulgaria, ASN35480 (ASP-AS, BG), Reverse DNS Software Apache/2.4.25 (Debian) / Resource Hash a4055175c65d584a55269b1cfef06cdda8f39fad9e205af61596cccacbccf9bd Request headers accept-language de-DE,de;q=0.9 Referer https://lex.bg/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers Date Wed, 27 Dec 2023 21:38:40 GMT Last-Modified Thu, 21 Dec 2023 11:32:40 GMT Server Apache/2.4.25 (Debian) ETag "1b2905-60d0375191913" Content-Type image/jpeg Connection close Accept-Ranges bytes Content-Length 1779973
GET H/1.1	200 OK	%D0%BF%D0%B0%D0%BF%D0%BA%D0%B8-%D0%B4%D0%BE%D0%BA%D1%83%D0%BC%D0%B5%D0%BD%D1%82%D0%B8.jpg news.lex.bg/wp-content/uploads/2018/02/	43 KB 43 KB	155ms 50ms	Image image/webp	193.192.48.170 ASP-AS
General Check archive.org Show headers Download Go to Show image Full URL https://news.lex.bg/wp-content/uploads/2018/02/%D0%BF%D0%B0%D0%BF%D0%BA%D0%B8-%D0%B4%D0%BE%D0%BA%D1%83%D0%BC%D0%B5%D0%BD%D1%82%D0%B8.jpg Requested by Host: lex.bg URL: https://lex.bg/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 193.192.48.170 , Bulgaria, ASN35480 (ASP-AS, BG), Reverse DNS Software Apache/2.4.25 (Debian) / Resource Hash 3670efbd7b7c58e8f8ebc990f3ee5cee7bf51befe81bd0638ec11d786987513d Request headers accept-language de-DE,de;q=0.9 Referer https://lex.bg/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers Date Wed, 27 Dec 2023 21:38:40 GMT Last-Modified Tue, 27 Feb 2018 07:53:27 GMT Server Apache/2.4.25 (Debian) ETag "ab36-5662cebf93021" Content-Type image/webp Connection close Accept-Ranges bytes Content-Length 43830
GET H/1.1	200 OK	%D0%BA%D0%BE%D0%BD%D1%81%D1%82%D0%B8%D1%82%D1%83%D1%86%D0%B8%D0%BE%D0%BD%D0%B5%D0%BD-%D1%81%D1%8A%D0%B4-%D1%82%D0%B0%D0%B1%D0%B5%D0%BB%D0%B0.jpg news.lex.bg/wp-content/uploads/2018/11/	72 KB 73 KB	138ms 50ms	Image image/webp	193.192.48.170 ASP-AS
General Check archive.org Show headers Download Go to Show image Full URL https://news.lex.bg/wp-content/uploads/2018/11/%D0%BA%D0%BE%D0%BD%D1%81%D1%82%D0%B8%D1%82%D1%83%D1%86%D0%B8%D0%BE%D0%BD%D0%B5%D0%BD-%D1%81%D1%8A%D0%B4-%D1%82%D0%B0%D0%B1%D0%B5%D0%BB%D0%B0.jpg Requested by Host: lex.bg URL: https://lex.bg/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 193.192.48.170 , Bulgaria, ASN35480 (ASP-AS, BG), Reverse DNS Software Apache/2.4.25 (Debian) / Resource Hash cbc4dc750560b5debcdf73adc9fe6fd3e9bec03de3312afa0fa13ab1b806cf08 Request headers accept-language de-DE,de;q=0.9 Referer https://lex.bg/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers Date Wed, 27 Dec 2023 21:38:40 GMT Last-Modified Tue, 13 Nov 2018 10:30:25 GMT Server Apache/2.4.25 (Debian) ETag "12142-57a894e43c07f" Content-Type image/webp Connection close Accept-Ranges bytes Content-Length 74050
GET H/1.1	200 OK	%D0%B0%D0%BD%D1%82%D0%BE%D0%BD-%D1%81%D0%BB%D0%B0%D0%B2%D1%87%D0%B5%D0%B2.jpeg news.lex.bg/wp-content/uploads/2023/12/	1 MB 1 MB	143ms 55ms	Image image/jpeg	193.192.48.170 ASP-AS
General Check archive.org Show headers Download Go to Show image Full URL https://news.lex.bg/wp-content/uploads/2023/12/%D0%B0%D0%BD%D1%82%D0%BE%D0%BD-%D1%81%D0%BB%D0%B0%D0%B2%D1%87%D0%B5%D0%B2.jpeg Requested by Host: lex.bg URL: https://lex.bg/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 193.192.48.170 , Bulgaria, ASN35480 (ASP-AS, BG), Reverse DNS Software Apache/2.4.25 (Debian) / Resource Hash 3753e192d321c54d765a1372c5655f96df1abe9ffd63234375eaa30316234b6e Request headers accept-language de-DE,de;q=0.9 Referer https://lex.bg/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers Date Wed, 27 Dec 2023 21:38:40 GMT Last-Modified Wed, 20 Dec 2023 12:03:27 GMT Server Apache/2.4.25 (Debian) ETag "124eaa-60cefc54dc8f7" Content-Type image/jpeg Connection close Accept-Ranges bytes Content-Length 1199786
GET H/1.1	200 OK	spectrebg.png lex.bg/assets/images/	8 KB 8 KB	34ms 33ms	Image image/png	95.43.224.11 VIVACOM-AS BULGARIA
General Check archive.org Show headers Download Go to Show image Full URL https://lex.bg/assets/images/spectrebg.png Requested by Host: lex.bg URL: https://lex.bg/assets/css/style.css?ver=3 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 95.43.224.11 , Bulgaria, ASN8866 (VIVACOM-AS BULGARIA, BG), Reverse DNS 95-43-224-11.ip.btc-net.bg Software Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.6.40 / Resource Hash caa2b22aafd8d924cdc8a58c2fdd55280ebbbce8bc7e81645f841b5a99da5169 Request headers accept-language de-DE,de;q=0.9 Referer https://lex.bg/assets/css/style.css?ver=3 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers Date Wed, 27 Dec 2023 21:27:43 GMT Last-Modified Wed, 26 May 2021 13:20:57 GMT Server Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.6.40 ETag "1f10-5c33b8354a182" Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=97 Content-Length 7952
GET H/1.1	200 OK	2439_thumb2.jpg lex.bg/upload/spektar/ Redirect Chain https://www.lex.bg/upload/spektar/2439_thumb2.jpg https://lex.bg/upload/spektar/2439_thumb2.jpg	205 KB 205 KB	31ms 31ms	Image image/jpeg	95.43.224.11 VIVACOM-AS BULGARIA
General Check archive.org Show headers Download Go to Show image Full URL https://lex.bg/upload/spektar/2439_thumb2.jpg Requested by Host: lex.bg URL: https://lex.bg/ Protocol HTTP/1.1 Server 95.43.224.11 , Bulgaria, ASN8866 (VIVACOM-AS BULGARIA, BG), Reverse DNS 95-43-224-11.ip.btc-net.bg Software Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.6.40 / Resource Hash 215b0b0963e2041f7d36ac92ee994e3771a595665259fd1d7866693fd5dfc96d Request headers accept-language de-DE,de;q=0.9 Referer https://lex.bg/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers Date Wed, 27 Dec 2023 21:27:43 GMT Last-Modified Tue, 19 Dec 2023 12:13:33 GMT Server Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.6.40 ETag "33204-60cdbcb9df8ad" Content-Type image/jpeg Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=93 Content-Length 209412 Redirect headers Location https://lex.bg/upload/spektar/2439_thumb2.jpg Date Wed, 27 Dec 2023 21:27:43 GMT Server Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.6.40 Connection Keep-Alive Keep-Alive timeout=5, max=98 Content-Length 253 Content-Type text/html; charset=iso-8859-1
GET H/1.1	200 OK	search_bg.png lex.bg/assets/im/2011/ Redirect Chain https://www.lex.bg/assets/im/2011/search_bg.png https://lex.bg/assets/im/2011/search_bg.png	692 B 1006 B	32ms 32ms	Image image/png	95.43.224.11 VIVACOM-AS BULGARIA
General Check archive.org Show headers Download Go to Show image Full URL https://lex.bg/assets/im/2011/search_bg.png Requested by Host: lex.bg URL: https://lex.bg/assets/css/style.css?ver=3 Protocol HTTP/1.1 Server 95.43.224.11 , Bulgaria, ASN8866 (VIVACOM-AS BULGARIA, BG), Reverse DNS 95-43-224-11.ip.btc-net.bg Software Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.6.40 / Resource Hash 5eae4d1b415d06beeb6ac7f668d4399f6128046b64d65111424676921da20f6c Request headers accept-language de-DE,de;q=0.9 Referer https://lex.bg/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers Date Wed, 27 Dec 2023 21:27:43 GMT Last-Modified Mon, 27 Dec 2010 08:33:14 GMT Server Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.6.40 ETag "2b4-498602fdae680" Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=92 Content-Length 692 Redirect headers Location https://lex.bg/assets/im/2011/search_bg.png Date Wed, 27 Dec 2023 21:27:43 GMT Server Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.6.40 Connection Keep-Alive Keep-Alive timeout=5, max=98 Content-Length 251 Content-Type text/html; charset=iso-8859-1
GET H2	200	show_ads_impl_with_ama_fy2021.js Show response pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/	399 KB 135 KB	65ms 65ms	Script text/javascript	2a00:1450:4001:827::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9092264232006105&plah=lex.bg Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 4e0f351f431dcdbea162a8ca26037e87f1d433f95178d93d02defb9a9a9aefde Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://lex.bg/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Wed, 27 Dec 2023 21:38:39 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 137959 x-xss-protection 0 server cafe etag 4102392105596158091 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=3600, stale-while-revalidate=3600 timing-allow-origin * expires Wed, 27 Dec 2023 21:38:39 GMT
GET H2	200	zrt_lookup_fy2021.html Show response googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/ Frame 8D99	9 KB 4 KB	29ms 7ms	Document text/html	2a00:1450:4001:800::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/zrt_lookup_fy2021.html Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://lex.bg/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers age 28141 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=1209600 content-encoding br content-length 4130 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Wed, 27 Dec 2023 13:49:38 GMT etag 5585625838579639069 expires Wed, 10 Jan 2024 13:49:38 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H2	200	301498060891897 Show response connect.facebook.net/signals/config/	141 KB 37 KB	9ms 9ms	Script application/x-javascript	2a03:2880:f083:9:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/config/301498060891897?v=2.9.138&r=stable&domain=lex.bg Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/fbevents.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash aebc091fde8a311783d5b58e2c48e369534d55d381a355d0d9c752f69ec7986b Security Headers Name Value Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://lex.bg/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers permissions-policy-report-only autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=() content-security-policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; preload; includeSubDomains date Wed, 27 Dec 2023 21:38:39 GMT document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 37242 x-xss-protection 0 reporting-endpoints pragma public x-fb-debug X9evYYJoY5mIzwMAirf6ITyWlNI+Oby1EWJlyDC1k6WhuzPvIoK3XU44xLURdXiiQIXB16jmkNf8BKglEXJp+g== cross-origin-opener-policy same-origin-allow-popups vary Accept-Encoding x-frame-options DENY content-type application/x-javascript; charset=utf-8 cache-control public, max-age=1200 permissions-policy accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=() timing-allow-origin * expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	ciela-normi300x250-2022-01-3.jpg bg.adocean.pl/files/x/veg/fjthsef/odonomkhck/	36 KB 36 KB	49ms 49ms	Image image/jpeg	78.128.6.41 TELEPOINT
General Check archive.org Show headers Download Go to Show image Full URL https://bg.adocean.pl/files/x/veg/fjthsef/odonomkhck/ciela-normi300x250-2022-01-3.jpg Requested by Host: lex.bg URL: https://lex.bg/ Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 78.128.6.41 , Bulgaria, ASN31083 (TELEPOINT, BG), Reverse DNS ip-6-41.telehouse.bg Software GAD / Resource Hash c18861ee981ea909ce11d0a52fb3c28f5dd5f9af1c9c5c397d7bb6dd8af7f7fc Request headers accept-language de-DE,de;q=0.9 Referer https://lex.bg/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Wed, 27 Dec 2023 21:38:39 GMT last-modified Thu, 30 Nov 2023 13:30:08 GMT server GAD accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 etag "65688E60000091642F4873F4" vary Accept-Encoding,Origin p3p CP="NOI DSP COR NID PSAo OUR IND" content-type image/jpeg cache-control public, must-revalidate, max-age=4320000 cross-origin-resource-policy cross-origin accept-ranges bytes content-length 37220 expires Thu, 15 Feb 2024 21:38:39 GMT
POST H2	200	extra=; adbg.hit.gemius.pl/_1703713119852/redot.js/id=.WCbuyrTpCRZdGA9uer4R7b.fST8FQeLnRRoGIvRd3T.87/nc=0/stparam=tmfejopgzj/fastid=kydtxqubmvgebqjvivgunuocwfmz/sarg=658C995F835478AE;/inner=_ch_mobile%3D0%...	2 B 295 B	72ms 72ms	Ping application/x-javascript	78.128.6.44 TELEPOINT
General Check archive.org Show headers Download Go to Full URL https://adbg.hit.gemius.pl/_1703713119852/redot.js/id=.WCbuyrTpCRZdGA9uer4R7b.fST8FQeLnRRoGIvRd3T.87/nc=0/stparam=tmfejopgzj/fastid=kydtxqubmvgebqjvivgunuocwfmz/sarg=658C995F835478AE;/inner=_ch_mobile%3D0%7C_ch_brands%3D%7C;/extra=; Requested by Host: bg.adocean.pl URL: https://bg.adocean.pl/files/js/ado.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 78.128.6.44 , Bulgaria, ASN31083 (TELEPOINT, BG), Reverse DNS ip-6-44.telehouse.bg Software GHC / Resource Hash 75a11da44c802486bc6f65640aa48a730f0f684c5c07a42ba3cd1735eb3fb070 Request headers Referer https://lex.bg/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers pragma no-cache date Wed, 27 Dec 2023 21:38:39 GMT server GHC accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 p3p CP="NOI DSP COR NID PSAo OUR IND" access-control-allow-origin https://lex.bg content-type application/x-javascript cache-control no-store, no-cache, must-revalidate, max-age=0 access-control-allow-credentials true cross-origin-resource-policy cross-origin accept-ranges none content-length 2 expires Tue, 26 Dec 2023 21:38:39 GMT
GET H2	200	ad.js Show response bg.adocean.pl/_1703713119853/	2 KB 1 KB	49ms 49ms	Script application/x-javascript	78.128.6.41 TELEPOINT
General Check archive.org Show headers Download Go to Full URL https://bg.adocean.pl/_1703713119853/ad.js?id=p4Lgn.radyY0Jlv8oxRLuym0.CYAtPAW5d5Zkn4yYJH.g7/adov=4.6.2/x=1600/y=1200/lptype=1/nc=0/inner=_ch_mobile%3D0%7C_ch_wow64%3D0%7C_ch_brands%3D Requested by Host: bg.adocean.pl URL: https://bg.adocean.pl/files/js/ado.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 78.128.6.41 , Bulgaria, ASN31083 (TELEPOINT, BG), Reverse DNS ip-6-41.telehouse.bg Software GAD / Resource Hash 8bdbd90bd43e178ece79ae5f26d4e4a07382ce9ce1f3bdd5bd5509ce8e45bf5c Request headers Referer https://lex.bg/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Intervention <https://www.chromestatus.com/feature/5718547946799104>; level="warning" Response headers pragma no-cache date Wed, 27 Dec 2023 21:38:39 GMT content-encoding gzip server GAD accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 vary Accept-Encoding,Origin p3p CP="NOI DSP COR NID PSAo OUR IND" content-type application/x-javascript cache-control no-cache, must-revalidate, max-age=0 cross-origin-resource-policy cross-origin accept-ranges none content-length 1342 expires Tue, 26 Dec 2023 21:38:39 GMT
GET H2	200	/ www.facebook.com/tr/	0 185 B	30ms 12ms	Image text/plain	2a03:2880:f176:181:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=301498060891897&ev=PageView&dl=https%3A%2F%2Flex.bg%2F&rl=&if=false&ts=1703713119858&sw=1600&sh=1200&v=2.9.138&r=stable&ec=0&o=4126&fbp=fb.1.1703713119857.1391375332&cs_est=true&ler=empty&it=1703713119837&coo=false&rqm=GET Requested by Host: lex.bg URL: https://lex.bg/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://lex.bg/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains date Wed, 27 Dec 2023 21:38:39 GMT server proxygen-bolt content-type text/plain access-control-allow-origin access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 0
GET H2	200	prebid7.34.0.js Show response etargetcdn.com/hb/	339 KB 103 KB	23ms 23ms	Script application/javascript	2606:4700:20::681a:6d9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://etargetcdn.com/hb/prebid7.34.0.js Requested by Host: etargetcdn.com URL: https://etargetcdn.com/hb/init2.0.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:6d9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b6e78101f87094984d7296f864dc85c9a655fac54e2a8f3ee35003b0445931c2 Request headers accept-language de-DE,de;q=0.9 Referer https://lex.bg/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Wed, 27 Dec 2023 21:38:39 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 2497 cf-polished origSize=347372 cf-bgj minify last-modified Fri, 09 Jun 2023 09:07:06 GMT server cloudflare etag W/"6482ebba-54cec" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d00nc%2BYtcv4P%2Bc5pK839X%2Fr7Xr1s432lbEK%2BAtRvq6vDKfISc3ubjpBjSGAD8dOZA4m0bure3%2Bd1twVvRPy4jWwev%2BFyBCP0MWqOtODWS4lsL5EpI3E3qe6bhemCTvQrVTDgbpui200F8qIC"}],"group":"cf-nel","max_age":604800} content-type application/javascript y-protected-by Bulbasaur/mblade01-01-b cache-control max-age=14400 cf-ray 83c4b63729dd1c15-FRA
POST H2	200	extra=; adbg.hit.gemius.pl/_1703713119932/redot.js/id=chuaCE8s29YTjNysVFIJJqQ9zeCu45tGDNq3JbHrirT.s7/nc=0/stparam=pfphbmkqwv/fastid=effhbtkjlipcggmvmpycnrcupikj/sarg=658C995F835478AE;/inner=_ch_mobile%3D0%...	2 B 295 B	30ms 30ms	Ping application/x-javascript	78.128.6.44 TELEPOINT
General Check archive.org Show headers Download Go to Full URL https://adbg.hit.gemius.pl/_1703713119932/redot.js/id=chuaCE8s29YTjNysVFIJJqQ9zeCu45tGDNq3JbHrirT.s7/nc=0/stparam=pfphbmkqwv/fastid=effhbtkjlipcggmvmpycnrcupikj/sarg=658C995F835478AE;/inner=_ch_mobile%3D0%7C_ch_wow64%3D0%7C_ch_brands%3D%7C;/extra=; Requested by Host: bg.adocean.pl URL: https://bg.adocean.pl/files/js/ado.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 78.128.6.44 , Bulgaria, ASN31083 (TELEPOINT, BG), Reverse DNS ip-6-44.telehouse.bg Software GHC / Resource Hash 75a11da44c802486bc6f65640aa48a730f0f684c5c07a42ba3cd1735eb3fb070 Request headers Referer https://lex.bg/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers pragma no-cache date Wed, 27 Dec 2023 21:38:39 GMT server GHC accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 p3p CP="NOI DSP COR NID PSAo OUR IND" access-control-allow-origin https://lex.bg content-type application/x-javascript cache-control no-store, no-cache, must-revalidate, max-age=0 access-control-allow-credentials true cross-origin-resource-policy cross-origin accept-ranges none content-length 2 expires Tue, 26 Dec 2023 21:38:39 GMT
GET H/1.1	200 OK	arrow3.png lex.bg/assets/im//	427 B 741 B	32ms 32ms	Image image/png	95.43.224.11 VIVACOM-AS BULGARIA
General Check archive.org Show headers Download Go to Show image Full URL https://lex.bg/assets/im//arrow3.png Requested by Host: lex.bg URL: https://lex.bg/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 95.43.224.11 , Bulgaria, ASN8866 (VIVACOM-AS BULGARIA, BG), Reverse DNS 95-43-224-11.ip.btc-net.bg Software Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.6.40 / Resource Hash c6fdee40c8b7a41c244bee5742033e6b1c90088df0023b919a22150264480c28 Request headers accept-language de-DE,de;q=0.9 Referer https://lex.bg/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers Date Wed, 27 Dec 2023 21:27:43 GMT Last-Modified Mon, 27 Dec 2010 08:05:04 GMT Server Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.6.40 ETag "1ab-4985fcb1f8c00" Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=97 Content-Length 427
GET H2	200	xgemius.js Show response gabg.hit.gemius.pl/	68 KB 19 KB	54ms 31ms	Script application/x-javascript	78.128.6.44 TELEPOINT
General Check archive.org Show headers Download Go to Full URL https://gabg.hit.gemius.pl/xgemius.js Requested by Host: lex.bg URL: https://lex.bg/ Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 78.128.6.44 , Bulgaria, ASN31083 (TELEPOINT, BG), Reverse DNS ip-6-44.telehouse.bg Software GHC / Resource Hash 91efa3ec9b68793d9d8114ec0dde9359391dc8f4789c9d80ca80c44950937df6 Request headers accept-language de-DE,de;q=0.9 Referer https://lex.bg/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Wed, 27 Dec 2023 21:38:39 GMT content-encoding gzip last-modified Fri, 15 Dec 2023 12:14:58 GMT server GHC accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 vary Accept-Encoding,Origin p3p CP="NOI DSP COR NID PSAo OUR IND" content-type application/x-javascript cache-control max-age=43200 cross-origin-resource-policy cross-origin accept-ranges none content-length 19528 expires Thu, 28 Dec 2023 09:38:39 GMT
GET H3	200	all.js Show response connect.facebook.net/bg_BG/	3 KB 2 KB	8ms 8ms	Script application/x-javascript	2a03:2880:f083:9:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/bg_BG/all.js Requested by Host: lex.bg URL: https://lex.bg/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 4d9b6b3ea4c66f5bd57f29edb574d8025310128490ca318f73b783d9e4d78383 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY Request headers accept-language de-DE,de;q=0.9 Referer https://lex.bg/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers permissions-policy-report-only autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=() strict-transport-security max-age=31536000; preload; includeSubDomains content-encoding gzip x-content-type-options nosniff date Wed, 27 Dec 2023 21:38:39 GMT content-md5 ITqXisROZhQX91WRLW0vkg== document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 1684 reporting-endpoints x-fb-debug j8xAeh6sN0X/s3lpSfZYbietUbd1L5RfZcXa4sgJONSSM3IeNWB4kHln+3APY1+QH3XsK2CzZnj6ZlqJ5S8yaA== x-fb-content-md5 48725726992029d0ca3d6f7d269d223b cross-origin-opener-policy same-origin-allow-popups etag "3486893c4c6ee40b23840e4abd11a4f6" vary Accept-Encoding x-frame-options DENY content-type application/x-javascript; charset=utf-8 access-control-allow-origin * access-control-expose-headers X-FB-Content-MD5 cache-control public,max-age=1200,stale-while-revalidate=3600 permissions-policy accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=() timing-allow-origin * priority u=3,i expires Wed, 27 Dec 2023 21:39:23 GMT
GET H2	200	10597d8e81db0d93a62b0272a03ed95f.js Show response scripts.cleverwebserver.com/	131 KB 48 KB	110ms 83ms	Script application/javascript	2606:4700:4400::6812:2a64 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://scripts.cleverwebserver.com/10597d8e81db0d93a62b0272a03ed95f.js Requested by Host: lex.bg URL: https://lex.bg/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::6812:2a64 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 628550e40f69c26ea21fc9a5bb2aee7d784106432d60d1d20c44ed45f2d32b51 Request headers accept-language de-DE,de;q=0.9 Referer https://lex.bg/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Wed, 27 Dec 2023 21:38:40 GMT x-amz-version-id HoHVxN7zz7hhIaF61v1xH.FqsVkAcJqD content-encoding br cf-cache-status REVALIDATED last-modified Thu, 21 Dec 2023 14:32:31 GMT server cloudflare x-amz-request-id ZN9B2EAK1SGRVS1J etag W/"971cf27a6791a066346e98cfa667a792" vary Accept-Encoding content-type application/javascript cache-control public, max-age=1800 cf-ray 83c4b637cc5565a8-FRA x-amz-id-2 U3EpM5o8KT0ycQGpODwfpWnsEE4TCAN+16XP2fAGEPD4Dt5A42vrc7Zo+QLX/APe9vxs6ITMmsY= expires Wed, 27 Dec 2023 22:08:40 GMT
GET H/1.1	200 OK	footer_line.png lex.bg/assets/im/2011/ Redirect Chain https://www.lex.bg/assets/im/2011/footer_line.png https://lex.bg/assets/im/2011/footer_line.png	3 KB 3 KB	33ms 33ms	Image image/png	95.43.224.11 VIVACOM-AS BULGARIA
General Check archive.org Show headers Download Go to Show image Full URL https://lex.bg/assets/im/2011/footer_line.png Requested by Host: lex.bg URL: https://lex.bg/assets/css/style.css?ver=3 Protocol HTTP/1.1 Server 95.43.224.11 , Bulgaria, ASN8866 (VIVACOM-AS BULGARIA, BG), Reverse DNS 95-43-224-11.ip.btc-net.bg Software Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.6.40 / Resource Hash fce511965bdd28b1060e761978d090a22404327e3d68b042087dbc1b5274e770 Request headers accept-language de-DE,de;q=0.9 Referer https://lex.bg/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers Date Wed, 27 Dec 2023 21:27:43 GMT Last-Modified Wed, 15 Nov 2023 09:59:46 GMT Server Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.6.40 ETag "aea-60a2df68e4ff5" Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=94 Content-Length 2794 Redirect headers Location https://lex.bg/assets/im/2011/footer_line.png Date Wed, 27 Dec 2023 21:27:43 GMT Server Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.6.40 Connection Keep-Alive Keep-Alive timeout=5, max=97 Content-Length 253 Content-Type text/html; charset=iso-8859-1
GET H/1.1	200 OK	ui-bg_flat_75_ffffff_40x100.png lex.bg/assets/css/images/	178 B 491 B	31ms 30ms	Image image/png	95.43.224.11 VIVACOM-AS BULGARIA
General Check archive.org Show headers Download Go to Show image Full URL https://lex.bg/assets/css/images/ui-bg_flat_75_ffffff_40x100.png Requested by Host: lex.bg URL: https://lex.bg/assets/css/jquery-ui-1.8.13.custom.css Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 95.43.224.11 , Bulgaria, ASN8866 (VIVACOM-AS BULGARIA, BG), Reverse DNS 95-43-224-11.ip.btc-net.bg Software Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.6.40 / Resource Hash 39ab7ccd9f4e82579da78a9241265df288d8eb65dbbd7cf48aed2d0129887df5 Request headers accept-language de-DE,de;q=0.9 Referer https://lex.bg/assets/css/jquery-ui-1.8.13.custom.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers Date Wed, 27 Dec 2023 21:27:43 GMT Last-Modified Thu, 02 Jun 2011 04:25:04 GMT Server Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.6.40 ETag "b2-4a4b3056d6800" Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=95 Content-Length 178
GET H3	200	all.js Show response connect.facebook.net/bg_BG/	305 KB 86 KB	22ms 12ms	Script application/x-javascript	2a03:2880:f083:9:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/bg_BG/all.js?hash=0059be339fb3d7f8f7edee928aee7ee5 Requested by Host: connect.facebook.net URL: https://connect.facebook.net/bg_BG/all.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 3e1868750d4c4f2a544f64da5cfac3ebecb09316faccc877d9c9924ade479727 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Referer https://lex.bg/ Origin https://lex.bg accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers permissions-policy-report-only autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=() strict-transport-security max-age=31536000; preload; includeSubDomains content-encoding gzip x-content-type-options nosniff date Wed, 27 Dec 2023 21:38:40 GMT content-md5 sASRP38DZFa+gtmgMjkmwA== document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 87960 reporting-endpoints x-fb-debug YotCJuQJ0wt9KQIM4ntJlN48r5WvEwtzoEaRVlGbL3xKX/af25ruJmt0oYS28G5r2Zi0I/otbxpq5Ug3T2BjvQ== x-fb-content-md5 2e540da2add4dbee8f7b01e3f91841b2 cross-origin-opener-policy same-origin-allow-popups etag "73996279c494878c751678e1a98215fd" vary Accept-Encoding x-frame-options DENY content-type application/x-javascript; charset=utf-8 access-control-allow-origin * access-control-expose-headers X-FB-Content-MD5 cache-control public,max-age=31536000,stale-while-revalidate=3600,immutable permissions-policy accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=() timing-allow-origin * priority u=3,i expires Thu, 26 Dec 2024 20:39:19 GMT
GET H2	200	fpdata.js Show response gabg.hit.gemius.pl/	275 B 413 B	31ms 30ms	Script application/x-javascript	78.128.6.44 TELEPOINT
General Check archive.org Show headers Download Go to Full URL https://gabg.hit.gemius.pl/fpdata.js?href=lex.bg Requested by Host: gabg.hit.gemius.pl URL: https://gabg.hit.gemius.pl/xgemius.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 78.128.6.44 , Bulgaria, ASN31083 (TELEPOINT, BG), Reverse DNS ip-6-44.telehouse.bg Software GHC / Resource Hash b355a29a1d0806aa8581fb8b58fe3a910522a81df1da039862a6c9a350cbd6ac Request headers accept-language de-DE,de;q=0.9 Referer https://lex.bg/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Wed, 27 Dec 2023 21:38:40 GMT last-modified Mon, 16 Jul 2012 10:03:40 GMT server GHC accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 etag PRIVATE7520710249 p3p CP="NOI DSP COR NID PSAo OUR IND" content-type application/x-javascript cache-control private, max-age=2592000 cross-origin-resource-policy cross-origin accept-ranges none content-length 275 expires Fri, 26 Jan 2024 21:38:40 GMT
GET H2	200	lsget.html Show response ls.hit.gemius.pl/ Frame 6C56	5 KB 3 KB	82ms 25ms	Document text/html	145.239.237.56 OVH
General Check archive.org Show headers Download Go to Full URL https://ls.hit.gemius.pl/lsget.html Requested by Host: gabg.hit.gemius.pl URL: https://gabg.hit.gemius.pl/xgemius.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 145.239.237.56 , France, ASN16276 (OVH, FR), Reverse DNS ip56.ip-145-239-237.eu Software GHC / Resource Hash 31a2d6b5fe5b3642ff3d82f6e30a2440ec51d59886692bb6d95ab9b0107877a7 Request headers Referer https://lex.bg/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 accept-ranges none cache-control private, max-age=2592000 content-encoding gzip content-length 2722 content-type text/html;charset=utf-8 cross-origin-resource-policy cross-origin date Wed, 27 Dec 2023 21:38:40 GMT etag PRIVATE7520710249 expires Fri, 26 Jan 2024 21:38:40 GMT last-modified Mon, 16 Jul 2012 10:03:40 GMT p3p CP="NOI DSP COR NID PSAo OUR IND" server GHC vary Accept-Encoding,Origin,User-Agent
GET H2	200	status www.facebook.com/x/oauth/	0 0	116ms 116ms	Fetch text/plain	2a03:2880:f176:181:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://www.facebook.com/x/oauth/status?client_id=105231989568955&input_token&origin=1&redirect_uri=https%3A%2F%2Flex.bg%2F&sdk=joey&wants_cookie_data=false Requested by Host: connect.facebook.net URL: https://connect.facebook.net/bg_BG/all.js?hash=0059be339fb3d7f8f7edee928aee7ee5 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://lex.bg/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers permissions-policy-report-only autoplay=(), clipboard-read=(), clipboard-write=(), encrypted-media=(), fullscreen=(), keyboard-map=() strict-transport-security max-age=15552000; preload date Wed, 27 Dec 2023 21:38:40 GMT x-content-type-options nosniff document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 0 reporting-endpoints default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown" pragma no-cache x-fb-debug pIwlzmR6y9KurwDY2HWm7jMAxY8fG+XrgT+hdLhbd+p1HmvupyeL9Nw+8TdK54krRaQhsJtMvftkeKB0FcFbuw== fb-s unknown report-to {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]} content-type text/plain; charset=UTF-8 access-control-allow-origin https://lex.bg origin-agent-cluster ?0 access-control-expose-headers fb-s cache-control private, no-cache, no-store, must-revalidate access-control-allow-credentials true permissions-policy accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), usb=(), window-management=() expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	ads Show response googleads.g.doubleclick.net/pagead/ Frame 1258	0 188 B	368ms 368ms	Document text/html	2a00:1450:4001:800::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9092264232006105&output=html&adk=1812271804&adf=3025194257&lmt=1703713120&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=260x1080_l%7C260x1080_r&format=0x0&url=https%3A%2F%2Flex.bg%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703713119820&bpp=2&bdt=720&idt=232&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2948846961011&frm=20&pv=2&ga_vid=996336727.1703713119&ga_sid=1703713120&ga_hid=1656201501&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44807406%2C95320884&oid=2&pvsid=3627459136676389&tmod=1763669166&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=244 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9092264232006105&plah=lex.bg Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://lex.bg/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private content-length 0 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Wed, 27 Dec 2023 21:38:40 GMT expires Wed, 27 Dec 2023 21:38:40 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H2	200	/ Show response ui.cleverwebserver.com/	157 B 380 B	33ms 24ms	Script application/javascript	2606:4700:4400::6812:2a64 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ui.cleverwebserver.com/ Requested by Host: lex.bg URL: https://lex.bg/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::6812:2a64 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2abe257fa4a24e5a1ebeefbea0308b078b6af8f0e00b1ef350b4e4843a2a899e Request headers accept-language de-DE,de;q=0.9 Referer https://lex.bg/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Wed, 27 Dec 2023 21:38:40 GMT content-encoding br cf-cache-status DYNAMIC server cloudflare access-control-allow-methods GET, PUT, POST, DELETE, PATCH, OPTIONS content-type application/javascript access-control-allow-origin * access-control-expose-headers * cf-ray 83c4b6388d6565a8-FRA access-control-allow-headers DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
GET H2	200	widescreen.html Show response lp.cleverwebserver.com/betano/de/sports/sports_de/ Frame 9593 Redirect Chain https://sender.cleverwebserver.com/group/40275?id=772852&ref=aHR0cHM6Ly9sZXguYmcv&ruri=&r=578126683&tok=33419711310201791433&t=1703713120&cmpId=&fb=0&wl=1&furl=0&sf=0&bw=Q2hyb21l&b=0&m=0&p=V2luMTA%... https://lp.cleverwebserver.com/betano/de/sports/sports_de/widescreen.html??id=772852&group=40275&tracker=aHR0cHM6Ly9nbWwtZ3JwLmNvbS9DLmFzaHg%2FYnRhZz1hXzc2NGJfMjkzMWNfJmFmZmlkPTQzMSZzaXRlaWQ9NzY0Jm...	2 KB 889 B	113ms 103ms	Document text/html	2606:4700:4400::6812:2a64 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://lp.cleverwebserver.com/betano/de/sports/sports_de/widescreen.html??id=772852&group=40275&tracker=aHR0cHM6Ly9nbWwtZ3JwLmNvbS9DLmFzaHg%2FYnRhZz1hXzc2NGJfMjkzMWNfJmFmZmlkPTQzMSZzaXRlaWQ9NzY0JmFkaWQ9MjkzMSZjPVNOQUFCT1lNU0ZCQUFERQ%3D%3D&ref=aHR0cHM6Ly9sZXguYmcv&r=578126683 Requested by Host: lex.bg URL: https://lex.bg/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::6812:2a64 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e308fec2a319bbb7aa0147b853687af822d76635e627651447e2b5f39f97adaa Request headers Referer https://lex.bg/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers cache-control public, max-age=28800 cf-cache-status MISS cf-ray 83c4b639fec165a8-FRA content-encoding br content-type text/html date Wed, 27 Dec 2023 21:38:40 GMT expires Thu, 28 Dec 2023 05:38:40 GMT last-modified Wed, 27 Dec 2023 14:37:46 GMT server cloudflare vary Accept-Encoding x-amz-id-2 jOMIPtN5Jee7ND0w9GDtUICXULAZprqS3FFsN80P8vdNcHLIKH4Nwpa35AaQC+s5p/pmHsgGabg= x-amz-request-id 6ZM08BR8HJN4MZXV Redirect headers cf-cache-status DYNAMIC cf-ray 83c4b638cd9e65a8-FRA content-type text/html date Wed, 27 Dec 2023 21:38:40 GMT location https://lp.cleverwebserver.com/betano/de/sports/sports_de/widescreen.html??id=772852&group=40275&tracker=aHR0cHM6Ly9nbWwtZ3JwLmNvbS9DLmFzaHg%2FYnRhZz1hXzc2NGJfMjkzMWNfJmFmZmlkPTQzMSZzaXRlaWQ9NzY0JmFkaWQ9MjkzMSZjPVNOQUFCT1lNU0ZCQUFERQ%3D%3D&ref=aHR0cHM6Ly9sZXguYmcv&r=578126683 server cloudflare
GET DATA	200 OK	truncated /	1 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash f0275273984e78ca6824c6944f8d8bebcb3d7e441fbab8ee380508c3991ef347 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	2 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 46336d17bc0deae32fd48d3697163d7845b46f846ef4b247fd01358d7f349a20 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	655 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 9f312aead73c7059dc22bbff1a38210eaacd5e2d7beaaec586a32575c54bc35a Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers Content-Type image/png
GET H2	200	/ call.cleverwebserver.com/	43 B 105 B	42ms 32ms	Image image/gif	2606:4700:4400::6812:2a64 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://call.cleverwebserver.com/?id=40275&c=DE&r=&l=35&b=Chrome&os=Win10&mob=0&v=1.60.12&ref=aHR0cHM6Ly9sZXguYmcv&ruri=&iv=-1&ctr=DE&sz=1200 Requested by Host: lex.bg URL: https://lex.bg/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::6812:2a64 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22 Request headers accept-language de-DE,de;q=0.9 Referer https://lex.bg/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Wed, 27 Dec 2023 21:38:40 GMT cf-cache-status DYNAMIC server cloudflare cf-ray 83c4b638cda165a8-FRA content-length 43 content-type image/gif
GET H2	200	rexdot.js Show response gabg.hit.gemius.pl/_1703713120131/	169 B 572 B	30ms 30ms	Script application/x-javascript	78.128.6.44 TELEPOINT
General Check archive.org Show headers Download Go to Full URL https://gabg.hit.gemius.pl/_1703713120131/rexdot.js?l=100&sendf=24&id=olg1Lz7NwSIOlz0iucqN99VqnBRBGJiLMMo8sjiTS3T.U7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&tz=-60&fv=-&href=https%3A%2F%2Flex.bg%2F&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=Ij8rlu.WHRVBVJvTa2aZYzdAk.OCquwY9L40tVSoL63.87PnxNzULBnYPCsZdHsc6UfCawqw57HEivUnXD6qGebIG6E9/1WXK1Ov4ERbzt/&fpdata=KoXVstyk.23sqODVNzRv_V94GlvbkKGNRpvZKyXO8RP.y7&ltime=97&fr=1&ref=&inner=_ver%3D347%7C_ch_mobile%3D0%7C_ch_wow64%3D0%7C_ch_brands%3D&exid=658c99600171b627&brts=1703713120&fpcap= Requested by Host: gabg.hit.gemius.pl URL: https://gabg.hit.gemius.pl/xgemius.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 78.128.6.44 , Bulgaria, ASN31083 (TELEPOINT, BG), Reverse DNS ip-6-44.telehouse.bg Software GHC / Resource Hash 9db10db22b967cbce14dfb5dae50eb2bfc5fb274f026164d53fb0b936f831397 Request headers accept-language de-DE,de;q=0.9 Referer https://lex.bg/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers pragma no-cache date Wed, 27 Dec 2023 21:38:40 GMT server GHC accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 p3p CP="NOI DSP COR NID PSAo OUR IND" content-type application/x-javascript cache-control no-store, no-cache, must-revalidate, max-age=0 cross-origin-resource-policy cross-origin accept-ranges none content-length 169 expires Tue, 26 Dec 2023 21:38:40 GMT
GET H2	200	bg-1490x300.webp lp.cleverwebserver.com/betano/de/sports/sports_de/imgs/ Frame 9593	40 KB 40 KB	29ms 28ms	Image binary/octet-stream	2606:4700:4400::6812:2a64 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://lp.cleverwebserver.com/betano/de/sports/sports_de/imgs/bg-1490x300.webp?v=33 Requested by Host: lp.cleverwebserver.com URL: https://lp.cleverwebserver.com/betano/de/sports/sports_de/widescreen.html??id=772852&group=40275&tracker=aHR0cHM6Ly9nbWwtZ3JwLmNvbS9DLmFzaHg%2FYnRhZz1hXzc2NGJfMjkzMWNfJmFmZmlkPTQzMSZzaXRlaWQ9NzY0JmFkaWQ9MjkzMSZjPVNOQUFCT1lNU0ZCQUFERQ%3D%3D&ref=aHR0cHM6Ly9sZXguYmcv&r=578126683 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::6812:2a64 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a3ba5c932fea0dd2015bf65c241445b86fe14a0d6ba863f65f6f5585afbe1733 Request headers accept-language de-DE,de;q=0.9 Referer https://lp.cleverwebserver.com/betano/de/sports/sports_de/widescreen.html??id=772852&group=40275&tracker=aHR0cHM6Ly9nbWwtZ3JwLmNvbS9DLmFzaHg%2FYnRhZz1hXzc2NGJfMjkzMWNfJmFmZmlkPTQzMSZzaXRlaWQ9NzY0JmFkaWQ9MjkzMSZjPVNOQUFCT1lNU0ZCQUFERQ%3D%3D&ref=aHR0cHM6Ly9sZXguYmcv&r=578126683 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Wed, 27 Dec 2023 21:38:40 GMT cf-cache-status HIT last-modified Mon, 18 Dec 2023 15:38:45 GMT server cloudflare x-amz-request-id XFEJ3XZ9263R6AET age 20331 etag "36d580ed1582db1c3722787924fc00d3" vary Accept-Encoding content-type binary/octet-stream cache-control public, max-age=28800 accept-ranges bytes cf-ray 83c4b63a9f5e65a8-FRA content-length 41072 x-amz-id-2 koFRS/BTy/X0hgkKYH3SiFTlPfugablY81MySFIRUF33EH3zghDk+2+DD7jxoV2lXp5JFDbBiyA= expires Thu, 28 Dec 2023 05:38:40 GMT
GET H2	200	rocket-loader.min.js Show response lp.cleverwebserver.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ Frame 9593	12 KB 4 KB	10ms 10ms	Script application/javascript	2606:4700:4400::6812:2a64 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://lp.cleverwebserver.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js Requested by Host: lp.cleverwebserver.com URL: https://lp.cleverwebserver.com/betano/de/sports/sports_de/widescreen.html??id=772852&group=40275&tracker=aHR0cHM6Ly9nbWwtZ3JwLmNvbS9DLmFzaHg%2FYnRhZz1hXzc2NGJfMjkzMWNfJmFmZmlkPTQzMSZzaXRlaWQ9NzY0JmFkaWQ9MjkzMSZjPVNOQUFCT1lNU0ZCQUFERQ%3D%3D&ref=aHR0cHM6Ly9sZXguYmcv&r=578126683 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::6812:2a64 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY Request headers accept-language de-DE,de;q=0.9 Referer https://lp.cleverwebserver.com/betano/de/sports/sports_de/widescreen.html??id=772852&group=40275&tracker=aHR0cHM6Ly9nbWwtZ3JwLmNvbS9DLmFzaHg%2FYnRhZz1hXzc2NGJfMjkzMWNfJmFmZmlkPTQzMSZzaXRlaWQ9NzY0JmFkaWQ9MjkzMSZjPVNOQUFCT1lNU0ZCQUFERQ%3D%3D&ref=aHR0cHM6Ly9sZXguYmcv&r=578126683 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Wed, 27 Dec 2023 21:38:40 GMT content-encoding gzip x-content-type-options nosniff last-modified Tue, 19 Dec 2023 14:09:38 GMT server cloudflare etag W/"6581a422-302c" vary Accept-Encoding x-frame-options DENY content-type application/javascript cache-control max-age=172800, public cf-ray 83c4b63a9f6265a8-FRA expires Fri, 29 Dec 2023 21:38:40 GMT
GET H2	200	clever-core-other.js Show response lp.cleverwebserver.com/ Frame 9593	1 KB 847 B	22ms 22ms	Script text/javascript	2606:4700:4400::6812:2a64 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://lp.cleverwebserver.com/clever-core-other.js?v=33 Requested by Host: lp.cleverwebserver.com URL: https://lp.cleverwebserver.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::6812:2a64 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2a5e290f330a473df29695496b8d33d379cb2b17686b63f9356bb23e07f7bd86 Request headers accept-language de-DE,de;q=0.9 Referer https://lp.cleverwebserver.com/betano/de/sports/sports_de/widescreen.html??id=772852&group=40275&tracker=aHR0cHM6Ly9nbWwtZ3JwLmNvbS9DLmFzaHg%2FYnRhZz1hXzc2NGJfMjkzMWNfJmFmZmlkPTQzMSZzaXRlaWQ9NzY0JmFkaWQ9MjkzMSZjPVNOQUFCT1lNU0ZCQUFERQ%3D%3D&ref=aHR0cHM6Ly9sZXguYmcv&r=578126683 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Wed, 27 Dec 2023 21:38:40 GMT content-encoding br cf-cache-status HIT x-amz-request-id XFENKZM6H5F28Y77 age 20241 cf-polished origSize=1799 x-amz-id-2 cHSnzK/xsnnHFrAt1OZnfYomxXfPzjKsiC7gIMX7X9S+UgtomHWNZSbrbMP6v6QZw7BkUE5F4fI= cf-bgj minify last-modified Mon, 18 Dec 2023 15:38:56 GMT server cloudflare etag W/"e5be82211892c5a612ab8274562f1ef2" vary Accept-Encoding content-type text/javascript cache-control public, max-age=28800 cf-ray 83c4b63aaf7165a8-FRA expires Thu, 28 Dec 2023 05:38:40 GMT
GET H2	200	index.html Show response promos.betano.de/willkommenspaket/ Frame 439A Redirect Chain https://gml-grp.com/C.ashx?btag=a_764b_2931c_&affid=431&siteid=764&adid=2931&c=SNAABOYMSFBAADE https://gml-grp.com/C.ashx?btag=a_764b_2931c_&affid=431&siteid=764&adid=2931&c=SNAABOYMSFBAADE&AutoR=1 https://promos.betano.de/willkommenspaket/index.html?btag=a_764b_2931c_SNAABOYMSFBAADE&utm_medium=431&utm_source=2&siteid=764	12 KB 4 KB	105ms 79ms	Document text/html	2606:4700:4400::ac40:9754 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://promos.betano.de/willkommenspaket/index.html?btag=a_764b_2931c_SNAABOYMSFBAADE&utm_medium=431&utm_source=2&siteid=764 Requested by Host: lp.cleverwebserver.com URL: https://lp.cleverwebserver.com/clever-core-other.js?v=33 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::ac40:9754 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a6c6d06bf2bdb1a19de0aae1d5deb9cfc68cfb678efdaf509f552d04e60845f8 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://lp.cleverwebserver.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers access-control-allow-origin * cache-control public, max-age=900, immutable cf-cache-status DYNAMIC cf-ray 83c4b63bdb0f2bac-FRA content-encoding gzip content-md5 uFN4f36vMGzzhOrcv8TbsA== content-type text/html; charset=utf-8 date Wed, 27 Dec 2023 21:38:40 GMT last-modified Wed, 22 Nov 2023 09:55:40 GMT server cloudflare strict-transport-security max-age=15552000; includeSubDomains; preload vary Accept-Encoding x-content-type-options nosniff x-ms-blob-type BlockBlob x-ms-lease-state available x-ms-lease-status unlocked x-ms-request-id 7e644272-201e-0039-4184-26e91e000000 x-ms-version 2014-02-14 Redirect headers access-control-allow-origin * alt-svc h3=":443"; ma=86400 cache-control private cf-cache-status DYNAMIC cf-ray 83c4b63b7bbfd0c5-AMS content-type text/html; charset=utf-8 date Wed, 27 Dec 2023 21:38:40 GMT location https://promos.betano.de/willkommenspaket/index.html?btag=a_764b_2931c_SNAABOYMSFBAADE&utm_medium=431&utm_source=2&siteid=764 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} p3p CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=imnA4oJOTSQtj8Cr1Ok6GzOttH2Go3de3oTSI1WQimRJTlzBTst29%2FFvSj31JZi4P2mCJQI0%2F%2FSvcuOmgtdSHyC9wserj6UwiDptBT%2BOX9mATzJL%2Bo64Cyj9P0VyDz80%2BaLSKPG%2BhWF16w%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding x-aspnet-version 4.0.30319 x-aspnetmvc-version 5.2 x-powered-by ASP.NET x-xss-protection 1; mode=block
GET H2	200	r4JQVZETZTeQtnzawJh5s2Wbw6I.js Show response promos.betano.de/cdn-cgi/apps/head/ Frame 439A	4 KB 2 KB	27ms 25ms	Script application/javascript	2606:4700:4400::ac40:9754 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://promos.betano.de/cdn-cgi/apps/head/r4JQVZETZTeQtnzawJh5s2Wbw6I.js Requested by Host: promos.betano.de URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_764b_2931c_SNAABOYMSFBAADE&utm_medium=431&utm_source=2&siteid=764 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::ac40:9754 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 78882a11de1f82194b521c7a3729eec430b5e5487a978fd8b1059b7adfe8231a Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://promos.betano.de/willkommenspaket/index.html?btag=a_764b_2931c_SNAABOYMSFBAADE&utm_medium=431&utm_source=2&siteid=764 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Wed, 27 Dec 2023 21:38:40 GMT content-encoding gzip x-content-type-options nosniff x-amz-version-id Zh4UFBp5SiovjzqdpTjNO2bLSPAo829H cf-cache-status HIT strict-transport-security max-age=15552000; includeSubDomains; preload x-amz-request-id D92R6MA5XC6HDMYC age 75 content-length 1344 x-amz-id-2 DOT7qNioJIW4eA3w8oXIzQMg92F7jqLaFgcRlIa3zBpKj6NRr5k/gC+ebmWAdButIkC1EkugKjU= last-modified Mon, 16 Oct 2023 09:23:56 GMT server cloudflare etag "30cf280ac36d10da9b831b91729cc23c" vary Accept-Encoding content-type application/javascript; charset=utf-8 cache-control public, max-age=31536000 accept-ranges bytes cf-ray 83c4b63c5b982bac-FRA expires Thu, 26 Dec 2024 21:38:40 GMT
GET H2	200	jquery-3.4.1.min.js Show response code.jquery.com/ Frame 439A	86 KB 30 KB	37ms 7ms	Script application/javascript	2a04:4e42:600::649 FASTLY
General Check archive.org Show headers Download Go to Full URL https://code.jquery.com/jquery-3.4.1.min.js Requested by Host: promos.betano.de URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_764b_2931c_SNAABOYMSFBAADE&utm_medium=431&utm_source=2&siteid=764 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:600::649 , United States, ASN54113 (FASTLY, US), Reverse DNS Software nginx / Resource Hash 0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a Request headers accept-language de-DE,de;q=0.9 Referer https://promos.betano.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Wed, 27 Dec 2023 21:38:40 GMT content-encoding gzip via 1.1 varnish, 1.1 varnish age 8910921 x-cache HIT, HIT content-length 30638 x-served-by cache-lga21965-LGA, cache-fra-eddf8230063-FRA last-modified Fri, 18 Oct 1991 12:00:00 GMT server nginx x-timer S1703713121.729521,VS0,VE0 etag W/"28feccc0-15851" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=604800 accept-ranges bytes x-cache-hits 454, 627148
GET H2	200	slick.min.js Show response cdn.jsdelivr.net/npm/slick-carousel@1.8.1/slick/ Frame 439A	42 KB 11 KB	50ms 31ms	Script application/javascript	2606:4700::6810:5514 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/npm/slick-carousel@1.8.1/slick/slick.min.js Requested by Host: promos.betano.de URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_764b_2931c_SNAABOYMSFBAADE&utm_medium=431&utm_source=2&siteid=764 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://promos.betano.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Wed, 27 Dec 2023 21:38:40 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} age 2483900 x-jsd-version 1.8.1 content-encoding br x-cache HIT cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 x-served-by cache-fra-eddf8230117-FRA x-jsd-version-type version server cloudflare etag W/"a76f-O0GzvJVmhQFaNHoiOOcdsp36Dbs" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6IS%2BB%2FbuOi767qc1bRyIqgpzEWlJVSb5%2FQBUCWMc1BC2%2BR7ZZPs%2FwSoLdVnnSnR9KdJ7P%2B24TPMRm6z%2BiCuJOjbK54XuFlXYubN1bDxN1TwNDtAHnf%2F%2Fsl7mhS%2BIXA8pEGrZTmCqp7Av8WCoiRY%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=31536000, s-maxage=31536000, immutable timing-allow-origin * cf-ray 83c4b63c7daa2c4f-FRA
GET H2	200	Init.js Show response promos.betano.de/willkommenspaket/ Frame 439A	2 KB 877 B	51ms 50ms	Script application/javascript	2606:4700:4400::ac40:9754 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://promos.betano.de/willkommenspaket/Init.js Requested by Host: promos.betano.de URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_764b_2931c_SNAABOYMSFBAADE&utm_medium=431&utm_source=2&siteid=764 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::ac40:9754 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d776482d5387dd66a3354637a3ddf5261dc6f35298b1e67d3f25ddefd5154d66 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://promos.betano.de/willkommenspaket/index.html?btag=a_764b_2931c_SNAABOYMSFBAADE&utm_medium=431&utm_source=2&siteid=764 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Wed, 27 Dec 2023 21:38:40 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT strict-transport-security max-age=15552000; includeSubDomains; preload age 298 content-md5 MU2fLrkr53Ix09vSPFEwZA== x-ms-lease-state available x-ms-lease-status unlocked last-modified Wed, 22 Nov 2023 09:55:41 GMT server cloudflare etag W/"0x8DBEB412FE1A984" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * x-ms-request-id 32283dc8-a01e-0045-4c32-23c7e1000000 cache-control public, max-age=900 x-ms-version 2014-02-14 cf-ray 83c4b63c6b9a2bac-FRA expires Wed, 27 Dec 2023 21:53:40 GMT
GET H2	200	Landing.js Show response promos.betano.de/willkommenspaket/ Frame 439A	614 B 440 B	36ms 35ms	Script application/javascript	2606:4700:4400::ac40:9754 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://promos.betano.de/willkommenspaket/Landing.js Requested by Host: promos.betano.de URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_764b_2931c_SNAABOYMSFBAADE&utm_medium=431&utm_source=2&siteid=764 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::ac40:9754 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8f88d265d4f543754bfda9de4c9549fc41754bfbe3d9e2fb58011aa9d5f8a929 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://promos.betano.de/willkommenspaket/index.html?btag=a_764b_2931c_SNAABOYMSFBAADE&utm_medium=431&utm_source=2&siteid=764 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Wed, 27 Dec 2023 21:38:40 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT strict-transport-security max-age=15552000; includeSubDomains; preload age 298 content-md5 IVOxqm2c5AfGSPYura3A9A== x-ms-lease-state available x-ms-lease-status unlocked last-modified Wed, 22 Nov 2023 09:55:41 GMT server cloudflare etag W/"0x8DBEB412FED1990" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * x-ms-request-id c5a38b45-701e-0069-47d1-212b4e000000 cache-control public, max-age=900 x-ms-version 2014-02-14 cf-ray 83c4b63c6b9b2bac-FRA expires Wed, 27 Dec 2023 21:53:40 GMT
GET H2	200	custom.js Show response promos.betano.de/ Frame 439A	8 KB 3 KB	31ms 31ms	Script application/javascript	2606:4700:4400::ac40:9754 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://promos.betano.de/custom.js Requested by Host: promos.betano.de URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_764b_2931c_SNAABOYMSFBAADE&utm_medium=431&utm_source=2&siteid=764 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::ac40:9754 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6b16426ca00785ca2b259d4305d99b2e6e89a17cc9fa6af3aaa72ec7b16d587f Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://promos.betano.de/willkommenspaket/index.html?btag=a_764b_2931c_SNAABOYMSFBAADE&utm_medium=431&utm_source=2&siteid=764 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Wed, 27 Dec 2023 21:38:40 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT strict-transport-security max-age=15552000; includeSubDomains; preload age 298 content-md5 IACfhqsuxFK5etAGqh7MRA== x-ms-lease-state available x-ms-lease-status unlocked last-modified Fri, 20 Oct 2023 08:33:32 GMT server cloudflare etag W/"0x8DBD1473EA630C7" vary Accept-Encoding content-type application/javascript access-control-allow-origin * x-ms-request-id e268f8c3-f01e-0077-549d-21c796000000 cache-control public, max-age=300 x-ms-version 2014-02-14 cf-ray 83c4b63c6b9d2bac-FRA expires Wed, 27 Dec 2023 21:43:40 GMT
GET H2	200	tagline.png promos.betano.de/willkommenspaket/ Frame 439A	219 KB 220 KB	39ms 38ms	Image image/png	2606:4700:4400::ac40:9754 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://promos.betano.de/willkommenspaket/tagline.png Requested by Host: promos.betano.de URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_764b_2931c_SNAABOYMSFBAADE&utm_medium=431&utm_source=2&siteid=764 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::ac40:9754 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7987ed9a45cb8609048c1f88719a037c46d30d4b7101473326d12e5767a2aa7d Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://promos.betano.de/willkommenspaket/index.html?btag=a_764b_2931c_SNAABOYMSFBAADE&utm_medium=431&utm_source=2&siteid=764 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Wed, 27 Dec 2023 21:38:40 GMT strict-transport-security max-age=15552000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT content-md5 2k9YU1t/lIEgNgYbwdE88A== age 185 content-length 224661 x-ms-lease-state available x-ms-lease-status unlocked last-modified Wed, 22 Nov 2023 09:55:41 GMT server cloudflare etag "0x8DBEB412FFF665B" vary Accept-Encoding content-type image/png access-control-allow-origin * x-ms-request-id 672e5d1e-701e-000b-5f70-22e969000000 cache-control public, max-age=900 x-ms-version 2014-02-14 accept-ranges bytes cf-ray 83c4b63c6b9e2bac-FRA expires Wed, 27 Dec 2023 21:53:40 GMT
GET H2	404	Rectangle.svg promos.betano.de/willkommenspaket/ Frame 439A	215 B 215 B	51ms 50ms	Image application/xml	2606:4700:4400::ac40:9754 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://promos.betano.de/willkommenspaket/Rectangle.svg Requested by Host: promos.betano.de URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_764b_2931c_SNAABOYMSFBAADE&utm_medium=431&utm_source=2&siteid=764 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::ac40:9754 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 58eff8e366e80ece7a1eedad7044767d67950ef0467745b01f4dfb547a3b66a3 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://promos.betano.de/willkommenspaket/index.html?btag=a_764b_2931c_SNAABOYMSFBAADE&utm_medium=431&utm_source=2&siteid=764 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Wed, 27 Dec 2023 21:38:40 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT server cloudflare strict-transport-security max-age=15552000; includeSubDomains; preload age 233 vary Accept-Encoding content-type application/xml access-control-allow-origin * x-ms-request-id dfcbe960-e01e-0026-720c-395a1a000000 cache-control public, max-age=300 x-ms-version 2014-02-14 cf-ray 83c4b63c6b9f2bac-FRA expires Wed, 27 Dec 2023 21:43:40 GMT
GET H2	404	bullet.svg promos.betano.de/willkommenspaket/ Frame 439A	215 B 215 B	40ms 40ms	Image application/xml	2606:4700:4400::ac40:9754 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://promos.betano.de/willkommenspaket/bullet.svg Requested by Host: promos.betano.de URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_764b_2931c_SNAABOYMSFBAADE&utm_medium=431&utm_source=2&siteid=764 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::ac40:9754 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7cc22c9924eb4b3aa1b296eb55084c22152b326f7b25a58bafe7030f33c25121 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://promos.betano.de/willkommenspaket/index.html?btag=a_764b_2931c_SNAABOYMSFBAADE&utm_medium=431&utm_source=2&siteid=764 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Wed, 27 Dec 2023 21:38:40 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT server cloudflare strict-transport-security max-age=15552000; includeSubDomains; preload age 232 vary Accept-Encoding content-type application/xml access-control-allow-origin * x-ms-request-id c5c52ae8-201e-004b-590c-39ee51000000 cache-control public, max-age=300 x-ms-version 2014-02-14 cf-ray 83c4b63cbbf12bac-FRA expires Wed, 27 Dec 2023 21:43:40 GMT
GET H2	404	banner1.png promos.betano.de/willkommenspaket/ Frame 439A	215 B 215 B	37ms 36ms	Image application/xml	2606:4700:4400::ac40:9754 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://promos.betano.de/willkommenspaket/banner1.png Requested by Host: promos.betano.de URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_764b_2931c_SNAABOYMSFBAADE&utm_medium=431&utm_source=2&siteid=764 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::ac40:9754 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 53ca43b8572615ff4d1c438483d278ca8eaf690d46a1e387f7a0048ff153cec0 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://promos.betano.de/willkommenspaket/index.html?btag=a_764b_2931c_SNAABOYMSFBAADE&utm_medium=431&utm_source=2&siteid=764 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Wed, 27 Dec 2023 21:38:40 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT server cloudflare strict-transport-security max-age=15552000; includeSubDomains; preload age 232 vary Accept-Encoding content-type application/xml access-control-allow-origin * x-ms-request-id cb80724b-601e-004a-270c-39b18d000000 cache-control public, max-age=300 x-ms-version 2014-02-14 cf-ray 83c4b63cbbf72bac-FRA expires Wed, 27 Dec 2023 21:43:40 GMT
GET H2	404	banner2.png promos.betano.de/willkommenspaket/ Frame 439A	215 B 215 B	42ms 42ms	Image application/xml	2606:4700:4400::ac40:9754 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://promos.betano.de/willkommenspaket/banner2.png Requested by Host: promos.betano.de URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_764b_2931c_SNAABOYMSFBAADE&utm_medium=431&utm_source=2&siteid=764 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::ac40:9754 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 692232fcf05cd66c8b990859da275831e30ae88a28f8ff4993935fe8eccdb216 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://promos.betano.de/willkommenspaket/index.html?btag=a_764b_2931c_SNAABOYMSFBAADE&utm_medium=431&utm_source=2&siteid=764 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Wed, 27 Dec 2023 21:38:40 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT server cloudflare strict-transport-security max-age=15552000; includeSubDomains; preload age 232 vary Accept-Encoding content-type application/xml access-control-allow-origin * x-ms-request-id a22f534e-701e-0024-600c-39e4a2000000 cache-control public, max-age=300 x-ms-version 2014-02-14 cf-ray 83c4b63cbbf92bac-FRA expires Wed, 27 Dec 2023 21:43:40 GMT
GET H2	404	banner3.png promos.betano.de/willkommenspaket/ Frame 439A	215 B 215 B	33ms 33ms	Image application/xml	2606:4700:4400::ac40:9754 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://promos.betano.de/willkommenspaket/banner3.png Requested by Host: promos.betano.de URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_764b_2931c_SNAABOYMSFBAADE&utm_medium=431&utm_source=2&siteid=764 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::ac40:9754 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash df8485b1ed6da9cb9f53e3f08921bbbd74442b6e38f13d4fb48ab9e0ddaaa7ab Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://promos.betano.de/willkommenspaket/index.html?btag=a_764b_2931c_SNAABOYMSFBAADE&utm_medium=431&utm_source=2&siteid=764 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Wed, 27 Dec 2023 21:38:40 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT server cloudflare strict-transport-security max-age=15552000; includeSubDomains; preload age 232 vary Accept-Encoding content-type application/xml access-control-allow-origin * x-ms-request-id cb8072d2-601e-004a-260c-39b18d000000 cache-control public, max-age=300 x-ms-version 2014-02-14 cf-ray 83c4b63cbbfa2bac-FRA expires Wed, 27 Dec 2023 21:43:40 GMT
GET H3	200	gtm.js Show response www.googletagmanager.com/ Frame 439A	393 KB 114 KB	17ms 17ms	Script application/javascript	2a00:1450:4001:80f::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-MN2KPC6 Requested by Host: lex.bg URL: https://lex.bg/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 11047ff553d2c28261c613d38b7350cc67b02b23ed279271b21ba21c0fdadf61 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://promos.betano.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Wed, 27 Dec 2023 21:38:40 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 117039 x-xss-protection 0 last-modified Wed, 27 Dec 2023 21:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Wed, 27 Dec 2023 21:38:40 GMT
GET H2	200	tags.js Show response dd.betano.de/ Frame 439A	147 KB 27 KB	125ms 20ms	Script text/javascript	18.155.153.13 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://dd.betano.de/tags.js Requested by Host: promos.betano.de URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_764b_2931c_SNAABOYMSFBAADE&utm_medium=431&utm_source=2&siteid=764 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.155.153.13 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-155-153-13.ham50.r.cloudfront.net Software Apache / Resource Hash c54140eac6df64b97abf9bf21e88910bac89ddc973d871fcd33dca119b8b4c24 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://promos.betano.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers strict-transport-security max-age=63072000; includeSubDomains; preload content-encoding gzip via 1.1 6c6df67b2ed9c5a782b5d18f968a4a76.cloudfront.net (CloudFront) date Wed, 27 Dec 2023 21:07:51 GMT x-amz-cf-pop HAM50-P2 age 1849 x-cache Hit from cloudfront content-length 27331 last-modified Wed, 29 Nov 2023 13:37:06 GMT server Apache etag "24cd6-60b4aa18fa3ca-gzip" vary Accept-Encoding content-type text/javascript access-control-allow-origin * cache-control max-age=3600, public accept-ranges bytes x-amz-cf-id PLpD6VNF7LZd0389KCm4nng4cCP5ZCIXGQhE_2aq3h8PPozD458TLg== expires Wed, 27 Dec 2023 22:07:51 GMT
GET H2	404	Rectangle.svg promos.betano.de/willkommenspaket/ Frame 439A	215 B 215 B	45ms 45ms	Image application/xml	2606:4700:4400::ac40:9754 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://promos.betano.de/willkommenspaket/Rectangle.svg Requested by Host: promos.betano.de URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_764b_2931c_SNAABOYMSFBAADE&utm_medium=431&utm_source=2&siteid=764 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::ac40:9754 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 58eff8e366e80ece7a1eedad7044767d67950ef0467745b01f4dfb547a3b66a3 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://promos.betano.de/willkommenspaket/index.html?btag=a_764b_2931c_SNAABOYMSFBAADE&utm_medium=431&utm_source=2&siteid=764 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Wed, 27 Dec 2023 21:38:40 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT server cloudflare strict-transport-security max-age=15552000; includeSubDomains; preload age 233 vary Accept-Encoding content-type application/xml access-control-allow-origin * x-ms-request-id dfcbe960-e01e-0026-720c-395a1a000000 cache-control public, max-age=300 x-ms-version 2014-02-14 cf-ray 83c4b63cbbfc2bac-FRA expires Wed, 27 Dec 2023 21:43:40 GMT
GET H3	200	ns.html Show response www.googletagmanager.com/ Frame A108	692 B 344 B	19ms 19ms	Document text/html	2a00:1450:4001:80f::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/ns.html?id=GTM-MN2KPC6 Requested by Host: promos.betano.de URL: https://promos.betano.de/custom.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash d2d98dd0bc03436731759fd25072ee8ba8362a5b2a2fe9d734b97a546cab02b0 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Referer https://promos.betano.de/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control no-cache, no-store, must-revalidate content-encoding br content-length 322 content-type text/html; charset=UTF-8 cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Wed, 27 Dec 2023 21:38:40 GMT expires Fri, 01 Jan 1990 00:00:00 GMT pragma no-cache server Google Tag Manager strict-transport-security max-age=31536000; includeSubDomains vary * x-xss-protection 0
GET H2	200	main.js Show response promos.betano.de/cdn-cgi/challenge-platform/h/g/scripts/jsd/74bd6362/ Frame D509 Redirect Chain https://promos.betano.de/cdn-cgi/challenge-platform/scripts/jsd/main.js https://promos.betano.de/cdn-cgi/challenge-platform/h/g/scripts/jsd/74bd6362/main.js	7 KB 4 KB	20ms 20ms	Script application/javascript	2606:4700:4400::ac40:9754 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://promos.betano.de/cdn-cgi/challenge-platform/h/g/scripts/jsd/74bd6362/main.js Requested by Host: promos.betano.de URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_764b_2931c_SNAABOYMSFBAADE&utm_medium=431&utm_source=2&siteid=764 Protocol H2 Server 2606:4700:4400::ac40:9754 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3130ca8ae0aa4076b7c0c1944ddc7d5ef05c58b84f1ee462ca26ba27998927ab Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Wed, 27 Dec 2023 21:38:40 GMT content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=15552000; includeSubDomains; preload server cloudflare vary accept-encoding content-type application/javascript; charset=UTF-8 cache-control max-age=14400, public cf-ray 83c4b63cec252bac-FRA Redirect headers date Wed, 27 Dec 2023 21:38:40 GMT content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=15552000; includeSubDomains; preload server cloudflare vary accept-encoding location /cdn-cgi/challenge-platform/h/g/scripts/jsd/74bd6362/main.js access-control-allow-origin * cache-control max-age=300, public cf-ray 83c4b63ccc052bac-FRA
GET H2	200	css-betano.css landingpages.kaizengaming.com/layout/ Frame 439A	266 B 587 B	72ms 33ms	Stylesheet text/css	2606:4700:4400::6812:28b3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://landingpages.kaizengaming.com/layout/css-betano.css Requested by Host: code.jquery.com URL: https://code.jquery.com/jquery-3.4.1.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::6812:28b3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b1bcda979c82fbdb001a058bbcd782235588ba0cf67ec17cb6b406c354049697 Request headers accept-language de-DE,de;q=0.9 Referer https://promos.betano.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Wed, 27 Dec 2023 21:38:40 GMT content-encoding gzip cf-cache-status HIT content-md5 VV0mNMQdoST1edPAjk1m6w== age 875 x-ms-lease-state available x-ms-lease-status unlocked last-modified Thu, 24 Aug 2023 13:27:08 GMT server cloudflare etag W/"0x8DBA4A5D1339F5D" vary Accept-Encoding content-type text/css; charset=utf-8 access-control-allow-origin * x-ms-request-id 13ce387d-d01e-0002-07df-15acba000000 cache-control public, max-age=900, immutable x-ms-version 2014-02-14 cf-ray 83c4b63d082e9237-FRA
GET H2	200	css-theme.css landingpages.kaizengaming.com/de-sport/ Frame 439A	799 B 989 B	71ms 32ms	Stylesheet text/css	2606:4700:4400::6812:28b3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://landingpages.kaizengaming.com/de-sport/css-theme.css Requested by Host: code.jquery.com URL: https://code.jquery.com/jquery-3.4.1.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::6812:28b3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0aa554b7453c36d605833a473df0e1825189dc64c064b472430bbc65078c9312 Request headers accept-language de-DE,de;q=0.9 Referer https://promos.betano.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Wed, 27 Dec 2023 21:38:40 GMT content-encoding gzip cf-cache-status HIT content-md5 kJMidRkqsO72r6TQLkoSKQ== age 543 x-ms-lease-state available x-ms-lease-status unlocked last-modified Mon, 30 Oct 2023 17:20:44 GMT server cloudflare etag W/"0x8DBD96C8C8A3391" vary Accept-Encoding content-type text/css; charset=utf-8 access-control-allow-origin * x-ms-request-id 2b1d9ba8-b01e-002b-0d19-1292ce000000 cache-control public, max-age=900, immutable x-ms-version 2014-02-14 cf-ray 83c4b63d082f9237-FRA
GET H2	200	css-betano_worldcup.css landingpages.kaizengaming.com/layout/ Frame 439A	3 KB 1 KB	77ms 39ms	Stylesheet text/css	2606:4700:4400::6812:28b3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://landingpages.kaizengaming.com/layout/css-betano_worldcup.css Requested by Host: code.jquery.com URL: https://code.jquery.com/jquery-3.4.1.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::6812:28b3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a24f4f105f56838f9beb801ad17aba77b0a225f6e207515d5be5f4bf500fbee4 Request headers accept-language de-DE,de;q=0.9 Referer https://promos.betano.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Wed, 27 Dec 2023 21:38:40 GMT content-encoding gzip cf-cache-status HIT content-md5 k3d6Yiaa8bmwIFFDC1yKKQ== age 598 x-ms-lease-state available x-ms-lease-status unlocked last-modified Thu, 24 Aug 2023 13:27:09 GMT server cloudflare etag W/"0x8DBA4A5D1452901" vary Accept-Encoding content-type text/css; charset=utf-8 access-control-allow-origin * x-ms-request-id 1cf32457-101e-0040-7d23-2e153a000000 cache-control public, max-age=900, immutable x-ms-version 2014-02-14 cf-ray 83c4b63d08319237-FRA
GET H2	200	css-iframe.css landingpages.kaizengaming.com/layout/ Frame 439A	2 KB 794 B	72ms 35ms	Stylesheet text/css	2606:4700:4400::6812:28b3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://landingpages.kaizengaming.com/layout/css-iframe.css Requested by Host: code.jquery.com URL: https://code.jquery.com/jquery-3.4.1.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::6812:28b3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7392d426ac3da3071ebe16fa2ba3003e438842f8368aa9611b7fdcc48239024e Request headers accept-language de-DE,de;q=0.9 Referer https://promos.betano.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Wed, 27 Dec 2023 21:38:40 GMT content-encoding gzip cf-cache-status HIT content-md5 39E7RXrp/bQVuYTQHPOHVg== age 1437 x-ms-lease-state available x-ms-lease-status unlocked last-modified Thu, 24 Aug 2023 13:27:12 GMT server cloudflare etag W/"0x8DBA4A5D385763B" vary Accept-Encoding content-type text/css; charset=utf-8 access-control-allow-origin * x-ms-request-id 1542d511-901e-004e-31cc-213c8a000000 cache-control public, max-age=900, immutable x-ms-version 2014-02-14 cf-ray 83c4b63d08329237-FRA
GET H2	200	Theme.css promos.betano.de/willkommenspaket/ Frame 439A	4 KB 1 KB	31ms 31ms	Stylesheet text/css	2606:4700:4400::ac40:9754 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://promos.betano.de/willkommenspaket/Theme.css Requested by Host: code.jquery.com URL: https://code.jquery.com/jquery-3.4.1.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::ac40:9754 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d30e51042a424e480e0bda151a436d5a50f2e08d939fdb4a0e8553269de1d74a Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://promos.betano.de/willkommenspaket/index.html?btag=a_764b_2931c_SNAABOYMSFBAADE&utm_medium=431&utm_source=2&siteid=764 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Wed, 27 Dec 2023 21:38:40 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT strict-transport-security max-age=15552000; includeSubDomains; preload age 297 content-md5 iEQB/4Da+za49y9++eEi0A== x-ms-lease-state available x-ms-lease-status unlocked last-modified Wed, 22 Nov 2023 09:55:41 GMT server cloudflare etag W/"0x8DBEB412FC9DF39" vary Accept-Encoding content-type text/css; charset=utf-8 access-control-allow-origin * x-ms-request-id cab35f6f-f01e-0077-3241-1dc796000000 cache-control public, max-age=900 x-ms-version 2014-02-14 cf-ray 83c4b63ccc092bac-FRA expires Wed, 27 Dec 2023 21:53:40 GMT
GET H2	200	common.js Show response landingpages.kaizengaming.com/layout/ Frame 439A	7 KB 2 KB	70ms 34ms	Script application/javascript	2606:4700:4400::6812:28b3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://landingpages.kaizengaming.com/layout/common.js Requested by Host: code.jquery.com URL: https://code.jquery.com/jquery-3.4.1.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::6812:28b3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a493de25e0c3a0d6e8cff6840a97dc93226c9d704102d957b1d4ddee13313aa7 Request headers accept-language de-DE,de;q=0.9 Referer https://promos.betano.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Wed, 27 Dec 2023 21:38:40 GMT content-encoding gzip cf-cache-status HIT content-md5 Tt1r+v6iV6U4snwCJhK1bQ== age 850 x-ms-lease-state available x-ms-lease-status unlocked last-modified Thu, 24 Aug 2023 13:27:08 GMT server cloudflare etag W/"0x8DBA4A5D12AEE0B" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * x-ms-request-id e4dede19-201e-0016-5314-24e4d5000000 cache-control public, max-age=900, immutable x-ms-version 2014-02-14 cf-ray 83c4b63d08339237-FRA
GET H2	200	/ www.google.de/pagead/1p-conversion/763238947/ Frame A108 Redirect Chain https://www.googleadservices.com/pagead/conversion/763238947/?url=https%3A%2F%2Fpromos.betano.de%2F&guid=ON&script=0&data= https://googleads.g.doubleclick.net/pagead/viewthroughconversion/763238947/?url=https%3A%2F%2Fpromos.betano.de%2F&guid=ON&script=0&data=&ct_cookie_present=false&ocp_id=YJmMZayqMr6r78EPho6uuAo&rando... https://www.google.com/pagead/1p-conversion/763238947/?url=https%3A%2F%2Fpromos.betano.de%2F&guid=ON&script=0&data=&ct_cookie_present=false&random=555443401&sscte=1&crd=&pscrd=IhMIrNr2-smwgwMVvtU7A... https://www.google.de/pagead/1p-conversion/763238947/?url=https%3A%2F%2Fpromos.betano.de%2F&guid=ON&script=0&data=&ct_cookie_present=false&random=555443401&sscte=1&crd=&pscrd=IhMIrNr2-smwgwMVvtU7Ah...	42 B 108 B	21ms 21ms	Image image/gif	2a00:1450:4001:827::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/pagead/1p-conversion/763238947/?url=https%3A%2F%2Fpromos.betano.de%2F&guid=ON&script=0&data=&ct_cookie_present=false&random=555443401&sscte=1&crd=&pscrd=IhMIrNr2-smwgwMVvtU7Ah0Ghwun&is_vtc=1&ocp_id=YJmMZayqMr6r78EPho6uuAo&cid=CAQSKQAvHhf_Y4z7EB6H-DYoz8-ePFfCOTro59ev4s7AMzecOElkyzJnx-vj&random=1111483227&ipr=y&ezwbk=AZuM4hCCjY5YzYjujcWLAbe9ppDsAQen0_Xu-2p4vhcGuAz29uR6H5skv76hTLr5YAX-OFhSFaFmWsjwUgX19kXLlFhu Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/ns.html?id=GTM-MN2KPC6 Protocol H2 Server 2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.googletagmanager.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers pragma no-cache date Wed, 27 Dec 2023 21:38:41 GMT content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Wed, 27 Dec 2023 21:38:40 GMT content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff server cafe p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" location https://www.google.de/pagead/1p-conversion/763238947/?url=https%3A%2F%2Fpromos.betano.de%2F&guid=ON&script=0&data=&ct_cookie_present=false&random=555443401&sscte=1&crd=&pscrd=IhMIrNr2-smwgwMVvtU7Ah0Ghwun&is_vtc=1&ocp_id=YJmMZayqMr6r78EPho6uuAo&cid=CAQSKQAvHhf_Y4z7EB6H-DYoz8-ePFfCOTro59ev4s7AMzecOElkyzJnx-vj&random=1111483227&ipr=y&ezwbk=AZuM4hCCjY5YzYjujcWLAbe9ppDsAQen0_Xu-2p4vhcGuAz29uR6H5skv76hTLr5YAX-OFhSFaFmWsjwUgX19kXLlFhu content-type image/gif cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET		activityi;dc_pre=CKz4-PrJsIMDFSHMOwIdcesBPg;src=12738953;type=despo0;cat=despo0;ord=1782726534;~oref=https%3A%2F%2Fpromos.betano.de%2F 12738953.fls.doubleclick.net/ Frame BFA7 Redirect Chain https://12738953.fls.doubleclick.net/activityi;src=12738953;type=despo0;cat=despo0;ord=1782726534;~oref=https%3A%2F%2Fpromos.betano.de%2F? https://12738953.fls.doubleclick.net/activityi;dc_pre=CKz4-PrJsIMDFSHMOwIdcesBPg;src=12738953;type=despo0;cat=despo0;ord=1782726534;~oref=https%3A%2F%2Fpromos.betano.de%2F?	0 0
GET H2	200	slick.css landingpages.kaizengaming.com/layout/ Frame 439A	2 KB 671 B	29ms 28ms	Stylesheet text/css	2606:4700:4400::6812:28b3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://landingpages.kaizengaming.com/layout/slick.css Requested by Host: landingpages.kaizengaming.com URL: https://landingpages.kaizengaming.com/layout/css-betano.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::6812:28b3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash fc0081d5d01c24bef68e2329cfc63cd65ba2516dceb940baeff08b09430e1e62 Request headers accept-language de-DE,de;q=0.9 Referer https://landingpages.kaizengaming.com/layout/css-betano.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Wed, 27 Dec 2023 21:38:40 GMT content-encoding gzip cf-cache-status HIT content-md5 WZ31BB/YyxPVIgu7I3iKsw== age 875 x-ms-lease-state available x-ms-lease-status unlocked last-modified Thu, 24 Aug 2023 13:27:12 GMT server cloudflare etag W/"0x8DBA4A5D32ED756" vary Accept-Encoding content-type text/css; charset=utf-8 access-control-allow-origin * x-ms-request-id 0f2127c3-701e-0079-736a-13ee26000000 cache-control public, max-age=900, immutable x-ms-version 2014-02-14 cf-ray 83c4b63d48569237-FRA
GET H2	200	slick-theme.css landingpages.kaizengaming.com/layout/ Frame 439A	3 KB 981 B	29ms 27ms	Stylesheet text/css	2606:4700:4400::6812:28b3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://landingpages.kaizengaming.com/layout/slick-theme.css Requested by Host: landingpages.kaizengaming.com URL: https://landingpages.kaizengaming.com/layout/css-betano.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::6812:28b3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ed48c2c26ab144483ce6e6cfd207070eaa30dcd7cfe36c14b29d89b343e9df05 Request headers accept-language de-DE,de;q=0.9 Referer https://landingpages.kaizengaming.com/layout/css-betano.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Wed, 27 Dec 2023 21:38:40 GMT content-encoding gzip cf-cache-status HIT content-md5 UpLamLxcSvAJaktpLARRvQ== age 1436 x-ms-lease-state available x-ms-lease-status unlocked last-modified Thu, 24 Aug 2023 13:27:12 GMT server cloudflare etag W/"0x8DBA4A5D316E60C" vary Accept-Encoding content-type text/css; charset=utf-8 access-control-allow-origin * x-ms-request-id 2b341139-f01e-003a-7f12-2e087a000000 cache-control public, max-age=900, immutable x-ms-version 2014-02-14 cf-ray 83c4b63d48579237-FRA
GET H2	200	css-fonts.css landingpages.kaizengaming.com/layout/ Frame 439A	4 KB 502 B	36ms 34ms	Stylesheet text/css	2606:4700:4400::6812:28b3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://landingpages.kaizengaming.com/layout/css-fonts.css Requested by Host: landingpages.kaizengaming.com URL: https://landingpages.kaizengaming.com/layout/css-betano.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::6812:28b3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b7128e23958b3fda5c3c906893ed845791c82b203b643817c854c86f211efbb1 Request headers accept-language de-DE,de;q=0.9 Referer https://landingpages.kaizengaming.com/layout/css-betano.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Wed, 27 Dec 2023 21:38:40 GMT content-encoding gzip cf-cache-status HIT content-md5 pvSNyxtpXpV4jwDcVBs+8g== age 598 x-ms-lease-state available x-ms-lease-status unlocked last-modified Thu, 24 Aug 2023 13:27:09 GMT server cloudflare etag W/"0x8DBA4A5D1600014" vary Accept-Encoding content-type text/css; charset=utf-8 access-control-allow-origin * x-ms-request-id 1dbb2143-801e-0030-2b07-24accd000000 cache-control public, max-age=900, immutable x-ms-version 2014-02-14 cf-ray 83c4b63d48599237-FRA
GET H2	200	css-common.css landingpages.kaizengaming.com/layout/ Frame 439A	944 B 596 B	37ms 36ms	Stylesheet text/css	2606:4700:4400::6812:28b3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://landingpages.kaizengaming.com/layout/css-common.css Requested by Host: landingpages.kaizengaming.com URL: https://landingpages.kaizengaming.com/layout/css-betano.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::6812:28b3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d8a0d356d644b4013aa75e86393844a21bdfaf2a4bd5e99c2ab05c0fe74e3101 Request headers accept-language de-DE,de;q=0.9 Referer https://landingpages.kaizengaming.com/layout/css-betano.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Wed, 27 Dec 2023 21:38:40 GMT content-encoding gzip cf-cache-status HIT content-md5 5eGR2sXfZgOapde0CV8YSg== age 1436 x-ms-lease-state available x-ms-lease-status unlocked last-modified Thu, 24 Aug 2023 13:27:09 GMT server cloudflare etag W/"0x8DBA4A5D14E9D7C" vary Accept-Encoding content-type text/css; charset=utf-8 access-control-allow-origin * x-ms-request-id 678b78ce-201e-0039-2da4-13e91e000000 cache-control public, max-age=900, immutable x-ms-version 2014-02-14 cf-ray 83c4b63d485a9237-FRA
GET H2	200	css-landing.css landingpages.kaizengaming.com/layout/ Frame 439A	8 KB 2 KB	32ms 31ms	Stylesheet text/css	2606:4700:4400::6812:28b3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://landingpages.kaizengaming.com/layout/css-landing.css Requested by Host: landingpages.kaizengaming.com URL: https://landingpages.kaizengaming.com/layout/css-betano.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::6812:28b3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c71752822cfbdf7713731e936ebe7f93fe99c5984e0ddd3c6a8e185c17ff5048 Request headers accept-language de-DE,de;q=0.9 Referer https://landingpages.kaizengaming.com/layout/css-betano.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Wed, 27 Dec 2023 21:38:40 GMT content-encoding gzip cf-cache-status HIT content-md5 JDqCfcVQtN58am64kAmqvg== age 82 x-ms-lease-state available x-ms-lease-status unlocked last-modified Thu, 24 Aug 2023 13:27:09 GMT server cloudflare etag W/"0x8DBA4A5D168B161" vary Accept-Encoding content-type text/css; charset=utf-8 access-control-allow-origin * x-ms-request-id 3507f1fb-401e-0062-7807-24d025000000 cache-control public, max-age=900, immutable x-ms-version 2014-02-14 cf-ray 83c4b63d485c9237-FRA
GET H2	200	css-desktop.css landingpages.kaizengaming.com/layout/ Frame 439A	5 KB 1 KB	35ms 34ms	Stylesheet text/css	2606:4700:4400::6812:28b3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://landingpages.kaizengaming.com/layout/css-desktop.css Requested by Host: landingpages.kaizengaming.com URL: https://landingpages.kaizengaming.com/layout/css-betano.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::6812:28b3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash bf06e66d0b6d12c39860b7a3f1a724397a8bc0267423b64c6627ef0f52a7b27d Request headers accept-language de-DE,de;q=0.9 Referer https://landingpages.kaizengaming.com/layout/css-betano.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Wed, 27 Dec 2023 21:38:40 GMT content-encoding gzip cf-cache-status HIT content-md5 AOVpmo2f/4Wn1SoTquvjVA== age 1436 x-ms-lease-state available x-ms-lease-status unlocked last-modified Thu, 24 Aug 2023 13:27:09 GMT server cloudflare etag W/"0x8DBA4A5D1574ECA" vary Accept-Encoding content-type text/css; charset=utf-8 access-control-allow-origin * x-ms-request-id 2c3f1b82-b01e-0076-0f27-24984a000000 cache-control public, max-age=900, immutable x-ms-version 2014-02-14 cf-ray 83c4b63d485d9237-FRA
GET H2	200	css-tablet.css landingpages.kaizengaming.com/layout/ Frame 439A	4 KB 1 KB	34ms 33ms	Stylesheet text/css	2606:4700:4400::6812:28b3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://landingpages.kaizengaming.com/layout/css-tablet.css Requested by Host: landingpages.kaizengaming.com URL: https://landingpages.kaizengaming.com/layout/css-betano.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::6812:28b3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1172af7570acdb509d41b715ff6f8d2c0e06a3af29b54e76ae681571161e4d5e Request headers accept-language de-DE,de;q=0.9 Referer https://landingpages.kaizengaming.com/layout/css-betano.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Wed, 27 Dec 2023 21:38:40 GMT content-encoding gzip cf-cache-status HIT content-md5 Mr2IdhRK+4IeBy7KcyoBtQ== age 82 x-ms-lease-state available x-ms-lease-status unlocked last-modified Thu, 24 Aug 2023 13:27:09 GMT server cloudflare etag W/"0x8DBA4A5D18E0E3F" vary Accept-Encoding content-type text/css; charset=utf-8 access-control-allow-origin * x-ms-request-id 6541ccd9-901e-004e-5fe0-0b3c8a000000 cache-control public, max-age=900, immutable x-ms-version 2014-02-14 cf-ray 83c4b63d485f9237-FRA
GET H2	200	css-mobile.css landingpages.kaizengaming.com/layout/ Frame 439A	3 KB 1 KB	31ms 30ms	Stylesheet text/css	2606:4700:4400::6812:28b3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://landingpages.kaizengaming.com/layout/css-mobile.css Requested by Host: landingpages.kaizengaming.com URL: https://landingpages.kaizengaming.com/layout/css-betano.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::6812:28b3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash fea86661c5d80146c78c8e112e81c6ebcd3ac8c3f4d81c6fd3419532343c21a0 Request headers accept-language de-DE,de;q=0.9 Referer https://landingpages.kaizengaming.com/layout/css-betano.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Wed, 27 Dec 2023 21:38:40 GMT content-encoding gzip cf-cache-status HIT content-md5 y0J3Tr1dgXYbzTPMrvAM5Q== age 1407 x-ms-lease-state available x-ms-lease-status unlocked last-modified Thu, 24 Aug 2023 13:27:09 GMT server cloudflare etag W/"0x8DBA4A5D171FED7" vary Accept-Encoding content-type text/css; charset=utf-8 access-control-allow-origin * x-ms-request-id bda088e4-501e-0041-72b9-164ae6000000 cache-control public, max-age=900, immutable x-ms-version 2014-02-14 cf-ray 83c4b63d48609237-FRA
GET H2	200	css-betano_theme.css landingpages.kaizengaming.com/layout/ Frame 439A	8 KB 2 KB	23ms 22ms	Stylesheet text/css	2606:4700:4400::6812:28b3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://landingpages.kaizengaming.com/layout/css-betano_theme.css Requested by Host: landingpages.kaizengaming.com URL: https://landingpages.kaizengaming.com/layout/css-betano.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::6812:28b3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash dad7cc652286fe3fcd072159ff6fdc30a62ba200d329d99cc1674f5183406584 Request headers accept-language de-DE,de;q=0.9 Referer https://landingpages.kaizengaming.com/layout/css-betano.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Wed, 27 Dec 2023 21:38:40 GMT content-encoding gzip cf-cache-status HIT content-md5 D6htD+uya4gpW6XLW/HaDw== age 875 x-ms-lease-state available x-ms-lease-status unlocked last-modified Thu, 24 Aug 2023 13:27:09 GMT server cloudflare etag W/"0x8DBA4A5D13C50A6" vary Accept-Encoding content-type text/css; charset=utf-8 access-control-allow-origin * x-ms-request-id 5ef7077e-801e-0030-7b64-0caccd000000 cache-control public, max-age=900, immutable x-ms-version 2014-02-14 cf-ray 83c4b63d48619237-FRA
GET H3	200	js Show response www.googletagmanager.com/gtag/ Frame 439A	271 KB 90 KB	19ms 19ms	Script application/javascript	2a00:1450:4001:80f::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-W0C280Z7PP&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-MN2KPC6 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 210ec924beb333ef788b65ee3c0e6c41a883bce5271d6155076f95abb2352168 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://promos.betano.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Wed, 27 Dec 2023 21:38:40 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 92061 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Wed, 27 Dec 2023 21:38:40 GMT
GET H3	200	js Show response www.googletagmanager.com/gtag/ Frame 439A	263 KB 85 KB	20ms 20ms	Script application/javascript	2a00:1450:4001:80f::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-SJLCV23YJW&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-MN2KPC6 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash ccf642fb309931fcaeb7b8aac8c10b2cdfba8f846e1a8c275c48f6fe9d8e59e4 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://promos.betano.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Wed, 27 Dec 2023 21:38:40 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 87447 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Wed, 27 Dec 2023 21:38:40 GMT
GET H3	200	/ Show response googleads.g.doubleclick.net/pagead/viewthroughconversion/763238947/ Frame 439A	3 KB 1 KB	47ms 46ms	Script text/javascript	2a00:1450:4001:800::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/viewthroughconversion/763238947/?random=1703713120863&cv=11&fst=1703713120863&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v79977643&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fpromos.betano.de%2Fwillkommenspaket%2Findex.html%3Fbtag%3Da_764b_2931c_SNAABOYMSFBAADE%26utm_medium%3D431%26utm_source%3D2%26siteid%3D764&ref=https%3A%2F%2Flp.cleverwebserver.com%2F&top=https%3A%2F%2Flex.bg&hn=www.googleadservices.com&frm=2&tiba=BETANO%20MODE&uamb=0&uaw=0&rfmt=3&fmt=4 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-MN2KPC6 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ec20f3446423b3ed21dca5058cf0775cde89fd70de88d4475e856d041a1936c4 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://promos.betano.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers pragma no-cache date Wed, 27 Dec 2023 21:38:40 GMT content-encoding br x-content-type-options nosniff server cafe content-type text/javascript; charset=UTF-8 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1368 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	analytics.js Show response www.google-analytics.com/ Frame 439A	52 KB 21 KB	32ms 9ms	Script text/javascript	2a00:1450:4001:831::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-MN2KPC6 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://promos.betano.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff date Wed, 27 Dec 2023 19:48:17 GMT last-modified Tue, 12 Dec 2023 18:09:08 GMT server Golfe2 age 6623 vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 20994 expires Wed, 27 Dec 2023 21:48:17 GMT
GET H2	200	scevent.min.js Show response sc-static.net/ Frame 439A	41 KB 18 KB	82ms 37ms	Script application/javascript	54.192.205.246 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://sc-static.net/scevent.min.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-MN2KPC6 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 54.192.205.246 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-54-192-205-246.ham50.r.cloudfront.net Software CloudFront / Resource Hash ab12e815caea6aba8fe2da60e7d298cccb649166f81926ff64e5dc56ea526522 Request headers accept-language de-DE,de;q=0.9 Referer https://promos.betano.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Wed, 27 Dec 2023 21:38:40 GMT content-encoding gzip via 1.1 6bf6848b0a526667291cc03dfcf8febe.cloudfront.net (CloudFront) server CloudFront x-amz-cf-pop HAM50-C3 x-cache Miss from cloudfront content-type application/javascript;charset=utf-8 access-control-allow-origin * cache-control private, s-maxage=0, max-age=600 access-control-allow-headers Content-Type content-length 17610 x-amz-cf-id -Nh_mlr_0etMuDx69Rz1scQflUudYcm14qqnIdnqMMLmkwyLIeOgUA==
GET H3	200	activityi;dc_pre=CLub-_rJsIMDFQTJOwIdle0HAQ;src=12738953;type=despo0;cat=despo0;ord=4538833517712;gtm=45He3bt0v79977643;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;u... Show response 12738953.fls.doubleclick.net/ Frame A336 Redirect Chain https://12738953.fls.doubleclick.net/activityi;src=12738953;type=despo0;cat=despo0;ord=4538833517712;gtm=45He3bt0v79977643;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv... https://12738953.fls.doubleclick.net/activityi;dc_pre=CLub-_rJsIMDFQTJOwIdle0HAQ;src=12738953;type=despo0;cat=despo0;ord=4538833517712;gtm=45He3bt0v79977643;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=...	603 B 391 B	50ms 50ms	Document text/html	216.58.206.38 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://12738953.fls.doubleclick.net/activityi;dc_pre=CLub-_rJsIMDFQTJOwIdle0HAQ;src=12738953;type=despo0;cat=despo0;ord=4538833517712;gtm=45He3bt0v79977643;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fpromos.betano.de%2Fwillkommenspaket%2Findex.html%3Fbtag%3Da_764b_2931c_SNAABOYMSFBAADE%26utm_medium%3D431%26utm_source%3D2%26siteid%3D764? Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-MN2KPC6 Protocol H3 Security QUIC, , AES_128_GCM Server 216.58.206.38 , United States, ASN15169 (GOOGLE, US), Reverse DNS lcfraa-aa-in-f6.1e100.net Software cafe / Resource Hash 7790ab640a0a274ccaec9a0b5e1a69bb4827e86daeed704216cc91fdd74cac53 Security Headers Name Value Strict-Transport-Security max-age=21600 X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://promos.betano.de/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private, max-age=0 content-encoding br content-length 368 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Wed, 27 Dec 2023 21:38:40 GMT expires Wed, 27 Dec 2023 21:38:40 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe strict-transport-security max-age=21600 timing-allow-origin * x-content-type-options nosniff x-xss-protection 0 Redirect headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control no-cache, must-revalidate content-length 0 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Wed, 27 Dec 2023 21:38:40 GMT expires Fri, 01 Jan 1990 00:00:00 GMT follow-only-when-prerender-shown 1 location https://12738953.fls.doubleclick.net/activityi;dc_pre=CLub-_rJsIMDFQTJOwIdle0HAQ;src=12738953;type=despo0;cat=despo0;ord=4538833517712;gtm=45He3bt0v79977643;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fpromos.betano.de%2Fwillkommenspaket%2Findex.html%3Fbtag%3Da_764b_2931c_SNAABOYMSFBAADE%26utm_medium%3D431%26utm_source%3D2%26siteid%3D764? p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" pragma no-cache server cafe strict-transport-security max-age=21600 timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H3	200	activityi;dc_pre=COK5-_rJsIMDFQvCmgodeucLiw;src=12738953;type=deaff0;cat=deaff0;ord=5698056261175;gtm=45He3bt0v79977643;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;u... Show response 12738953.fls.doubleclick.net/ Frame CE69 Redirect Chain https://12738953.fls.doubleclick.net/activityi;src=12738953;type=deaff0;cat=deaff0;ord=5698056261175;gtm=45He3bt0v79977643;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv... https://12738953.fls.doubleclick.net/activityi;dc_pre=COK5-_rJsIMDFQvCmgodeucLiw;src=12738953;type=deaff0;cat=deaff0;ord=5698056261175;gtm=45He3bt0v79977643;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=...	603 B 391 B	51ms 50ms	Document text/html	216.58.206.38 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://12738953.fls.doubleclick.net/activityi;dc_pre=COK5-_rJsIMDFQvCmgodeucLiw;src=12738953;type=deaff0;cat=deaff0;ord=5698056261175;gtm=45He3bt0v79977643;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fpromos.betano.de%2Fwillkommenspaket%2Findex.html%3Fbtag%3Da_764b_2931c_SNAABOYMSFBAADE%26utm_medium%3D431%26utm_source%3D2%26siteid%3D764? Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-MN2KPC6 Protocol H3 Security QUIC, , AES_128_GCM Server 216.58.206.38 , United States, ASN15169 (GOOGLE, US), Reverse DNS lcfraa-aa-in-f6.1e100.net Software cafe / Resource Hash c8b4f6244ec17416dae50ec8ce6ef61c59a200134446154b6bb4abf8ece3123d Security Headers Name Value Strict-Transport-Security max-age=21600 X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://promos.betano.de/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private, max-age=0 content-encoding br content-length 368 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Wed, 27 Dec 2023 21:38:40 GMT expires Wed, 27 Dec 2023 21:38:40 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe strict-transport-security max-age=21600 timing-allow-origin * x-content-type-options nosniff x-xss-protection 0 Redirect headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control no-cache, must-revalidate content-length 0 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Wed, 27 Dec 2023 21:38:40 GMT expires Fri, 01 Jan 1990 00:00:00 GMT follow-only-when-prerender-shown 1 location https://12738953.fls.doubleclick.net/activityi;dc_pre=COK5-_rJsIMDFQvCmgodeucLiw;src=12738953;type=deaff0;cat=deaff0;ord=5698056261175;gtm=45He3bt0v79977643;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fpromos.betano.de%2Fwillkommenspaket%2Findex.html%3Fbtag%3Da_764b_2931c_SNAABOYMSFBAADE%26utm_medium%3D431%26utm_source%3D2%26siteid%3D764? p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" pragma no-cache server cafe strict-transport-security max-age=21600 timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H2	200	trackpoint-async.js Show response s2.adform.net/banners/scripts/st/ Frame 439A	81 KB 31 KB	112ms 21ms	Script application/javascript	37.157.6.235 ADFORM
General Check archive.org Show headers Download Go to Full URL https://s2.adform.net/banners/scripts/st/trackpoint-async.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-MN2KPC6 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 37.157.6.235 , Denmark, ASN198622 (ADFORM, DK), Reverse DNS Software nginx / Resource Hash 99c28ba77690124b83aea8cdbbb17ab1145ba247c791aeb4bad747b4248ac459 Request headers accept-language de-DE,de;q=0.9 Referer https://promos.betano.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Wed, 27 Dec 2023 21:38:40 GMT content-encoding gzip last-modified Tue, 23 May 2023 09:56:34 GMT server nginx x-amz-request-id tx000007146e0b4837b0e1c-00646c8ee1-3295d04c-default etag W/"f937ab3eef01c118930b200e5087d00d" x-cache-status HIT vary Accept-Encoding content-type application/javascript access-control-allow-origin * x-rgw-object-type Normal cache-control public, max-age=604800
GET H3	200	fbevents.js Show response connect.facebook.net/en_US/ Frame 439A	202 KB 53 KB	11ms 10ms	Script application/x-javascript	2a03:2880:f083:9:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/fbevents.js Requested by Host: lex.bg URL: https://lex.bg/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8 Security Headers Name Value Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://promos.betano.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers permissions-policy-report-only autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=() content-security-policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; preload; includeSubDomains date Wed, 27 Dec 2023 21:38:40 GMT document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 54273 x-xss-protection 0 reporting-endpoints pragma public x-fb-debug eUzsLZbwe21GnsNbv2jvZCQqIxmHY0kyDb27n4IXOEk5TynQGFFMuQLYD+lE+VX4FgQEsfO4HIilQikR6iCrZQ== cross-origin-opener-policy same-origin-allow-popups vary Accept-Encoding x-frame-options DENY content-type application/x-javascript; charset=utf-8 origin-agent-cluster ?0 cache-control public, max-age=1200 permissions-policy accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=() timing-allow-origin * priority u=3,i expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	bat.js Show response bat.bing.com/ Frame 439A	45 KB 13 KB	62ms 32ms	Script application/javascript	2620:1ec:c11::200 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://bat.bing.com/bat.js Requested by Host: lex.bg URL: https://lex.bg/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 5e319852607809336b2534ffeb96f6933f26994dd040f535302c84f59cc0a214 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://promos.betano.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains; preload content-encoding gzip date Wed, 27 Dec 2023 21:38:39 GMT last-modified Fri, 10 Nov 2023 20:09:55 GMT accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref Ref A: 11B1E438F0F84B518D803D24477863D8 Ref B: FRA31EDGE0118 Ref C: 2023-12-27T21:38:40Z etag "80abcdf1114da1:0" vary Accept-Encoding x-cache CONFIG_NOCACHE content-type application/javascript cache-control private,max-age=1800 accept-ranges bytes content-length 13175
GET H2	200	mgsensor.js Show response a.mgid.com/ Frame 439A	15 KB 5 KB	177ms 135ms	Script application/javascript	2606:4700:1::6813:854c CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://a.mgid.com/mgsensor.js?d=1703713120883 Requested by Host: lex.bg URL: https://lex.bg/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:1::6813:854c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash fab2f44ed2c54018f566702de911e32e0d0502e41768f5b16227576589f42e68 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://promos.betano.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Wed, 27 Dec 2023 21:38:41 GMT strict-transport-security max-age=15552000; includeSubDomains; preload content-encoding br cf-cache-status DYNAMIC x-mg-request-uuid 85cbee4c-c317-4bc8-9537-fd733d692cfd server cloudflare vary Accept-Encoding content-type application/javascript cf-ray 83c4b63dcde4c31e-VIE alt-svc h3=":443"; ma=86400
POST H2	200	83c4b63bdb0f2bac Show response promos.betano.de/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame D509	0 249 B	42ms 42ms	XHR text/plain	2606:4700:4400::ac40:9754 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://promos.betano.de/cdn-cgi/challenge-platform/h/g/jsd/r/83c4b63bdb0f2bac Requested by Host: promos.betano.de URL: https://promos.betano.de/cdn-cgi/challenge-platform/scripts/jsd/main.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::ac40:9754 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Content-Type application/json Response headers date Wed, 27 Dec 2023 21:38:40 GMT strict-transport-security max-age=15552000; includeSubDomains; preload x-content-type-options nosniff content-encoding gzip server cloudflare cf-ray 83c4b63ded582bac-FRA content-type text/plain; charset=UTF-8
GET H/1.1	200 OK	gdpr.js.php Show response sk.search.etargetnet.com/gdpr/	479 KB 142 KB	79ms 24ms	Script text/javascript	195.168.10.172 AS-BENESTRA Brati...
General Check archive.org Show headers Download Go to Full URL https://sk.search.etargetnet.com/gdpr/gdpr.js.php?ecmp=3&apionly=1&t=1231127 Requested by Host: etargetcdn.com URL: https://etargetcdn.com/hb/init2.0.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 195.168.10.172 Žilina, Slovakia, ASN5578 (AS-BENESTRA Bratislava, Slovak Republic, SK), Reverse DNS a44.etarget.sh.cust.gts.sk Software nginx / Resource Hash 0d455706ee715988bc7fb29cfdf2ced2973f3429e81b735bd313d352154c7297 Request headers accept-language de-DE,de;q=0.9 Referer https://lex.bg/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers Pragma cache Date Wed, 27 Dec 2023 21:38:41 GMT Content-Encoding gzip Server nginx Transfer-Encoding chunked Vary Accept-Encoding Content-Type text/javascript; charset=utf8 access-control-allow-origin https://lex.bg Y-Protected-By Bulbasaur/blade2-06.etarget.sk X-Protected-By Bee/0.66 Cache-Control max-age=86400 access-control-allow-credentials true Connection keep-alive Expires Thu, 28 Dec 2023 21:38:41 GMT
GET H2	200	iframe Show response visuals.kaizengaming.com/scripts/ Frame 90E1	3 KB 2 KB	78ms 53ms	Document text/html	2606:4700:4400::ac40:934d CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://visuals.kaizengaming.com/scripts/iframe?did=5dfcfbaa9ed3c30001234cf0&deeplink=on&preload=off&responsive=on&background=Transparent&a=64ee070c262380ef28e936b2&redirecturl= Requested by Host: code.jquery.com URL: https://code.jquery.com/jquery-3.4.1.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0597baa07b5e22fa6cfc30f996cd69f2409e8b90a4c256830838fc98f99feb34 Request headers Referer https://promos.betano.de/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers access-control-allow-origin * access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding age 3372 cache-control public, max-age=14400 cf-cache-status DYNAMIC cf-ray 83c4b63e1f3cbb85-FRA content-encoding gzip content-md5 pRIJ2/N21dbBjDWXiJP+cQ== content-type text/html date Wed, 27 Dec 2023 21:38:41 GMT expires Thu, 28 Dec 2023 01:38:41 GMT last-modified Wed, 29 Mar 2023 06:31:05 GMT server cloudflare vary Accept-Encoding x-ms-blob-type BlockBlob x-ms-lease-status unlocked x-ms-request-id dc7ad7e8-e01e-006a-6bb5-210dfb000000 x-ms-version 2011-08-18
GET H2	200	index.html Show response landingpages.kaizengaming.com/de-sport/ Frame 439A	12 KB 4 KB	77ms 61ms	XHR text/html	2606:4700:4400::6812:28b3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://landingpages.kaizengaming.com/de-sport/index.html Requested by Host: code.jquery.com URL: https://code.jquery.com/jquery-3.4.1.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::6812:28b3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 63bf05d8063d935113887c5f3af7d74b60dcddc3d12e77a8e30fc0378e03f44f Request headers Accept */* Referer https://promos.betano.de/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Wed, 27 Dec 2023 21:38:41 GMT content-encoding gzip cf-cache-status DYNAMIC content-md5 esea11DRZcCjIxk5Z3E7cA== age 503886 x-ms-lease-state available x-ms-lease-status unlocked last-modified Mon, 30 Oct 2023 17:20:43 GMT server cloudflare vary Accept-Encoding content-type text/html; charset=utf-8 access-control-allow-origin * x-ms-request-id 72f75140-501e-0051-6cf7-238f8e000000 cache-control public, max-age=900, immutable x-ms-version 2014-02-14 cf-ray 83c4b63e0e491947-FRA
GET H2	200	/ www.google.com/pagead/1p-user-list/763238947/ Frame 439A	42 B 455 B	35ms 25ms	Image image/gif	2a00:1450:4001:828::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/pagead/1p-user-list/763238947/?random=1703713120863&cv=11&fst=1703710800000&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v79977643&u_w=1600&u_h=1200&url=https%3A%2F%2Fpromos.betano.de%2Fwillkommenspaket%2Findex.html%3Fbtag%3Da_764b_2931c_SNAABOYMSFBAADE%26utm_medium%3D431%26utm_source%3D2%26siteid%3D764&ref=https%3A%2F%2Flp.cleverwebserver.com%2F&frm=2&tiba=BETANO%20MODE&fmt=3&is_vtc=1&cid=CAQSKQAvHhf_OxG5kwcqyVQk3CjaJLM52aaQ9cDAZweQfbLDolFDRvOspiWr&random=1904804991&rmt_tld=0&ipr=y Requested by Host: promos.betano.de URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_764b_2931c_SNAABOYMSFBAADE&utm_medium=431&utm_source=2&siteid=764 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://promos.betano.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers pragma no-cache date Wed, 27 Dec 2023 21:38:40 GMT content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ www.google.de/pagead/1p-user-list/763238947/ Frame 439A	42 B 455 B	42ms 19ms	Image image/gif	2a00:1450:4001:827::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/pagead/1p-user-list/763238947/?random=1703713120863&cv=11&fst=1703710800000&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v79977643&u_w=1600&u_h=1200&url=https%3A%2F%2Fpromos.betano.de%2Fwillkommenspaket%2Findex.html%3Fbtag%3Da_764b_2931c_SNAABOYMSFBAADE%26utm_medium%3D431%26utm_source%3D2%26siteid%3D764&ref=https%3A%2F%2Flp.cleverwebserver.com%2F&frm=2&tiba=BETANO%20MODE&fmt=3&is_vtc=1&cid=CAQSKQAvHhf_OxG5kwcqyVQk3CjaJLM52aaQ9cDAZweQfbLDolFDRvOspiWr&random=1904804991&rmt_tld=1&ipr=y Requested by Host: promos.betano.de URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_764b_2931c_SNAABOYMSFBAADE&utm_medium=431&utm_source=2&siteid=764 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://promos.betano.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers pragma no-cache date Wed, 27 Dec 2023 21:38:40 GMT content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	204	137000673.js Show response bat.bing.com/p/action/ Frame 439A	0 117 B	34ms 34ms	Script text/plain	2620:1ec:c11::200 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://bat.bing.com/p/action/137000673.js Requested by Host: bat.bing.com URL: https://bat.bing.com/bat.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://promos.betano.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains; preload cache-control private,max-age=1800 date Wed, 27 Dec 2023 21:38:40 GMT accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref Ref A: 6AEC79E8D19E434CBAD500B09CF12471 Ref B: FRA31EDGE0118 Ref C: 2023-12-27T21:38:40Z x-cache CONFIG_NOCACHE
GET H2	204	0 bat.bing.com/action/ Frame 439A	0 287 B	81ms 81ms	Image text/plain	2620:1ec:c11::200 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://bat.bing.com/action/0?ti=137000673&Ver=2&mid=6eb4ee3c-4fc6-415b-8276-ab0be19a8b6d&sid=4d3ec150a50011ee8c5a3f539ef40a85&vid=4d3ec5a0a50011eebbbae7b95fa532d7&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=BETANO%20MODE&p=https%3A%2F%2Flp.cleverwebserver.com%2F&r=&lt=308&evt=pageLoad&ifm=1&sv=1&rn=759417 Requested by Host: promos.betano.de URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_764b_2931c_SNAABOYMSFBAADE&utm_medium=431&utm_source=2&siteid=764 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://promos.betano.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers pragma no-cache strict-transport-security max-age=31536000; includeSubDomains; preload date Wed, 27 Dec 2023 21:38:40 GMT accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref Ref A: EF2538F1D01548FC8716F1785BD67EDF Ref B: FRA31EDGE0118 Ref C: 2023-12-27T21:38:40Z x-cache CONFIG_NOCACHE access-control-allow-origin * cache-control no-cache, must-revalidate expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	linkid.js Show response www.google-analytics.com/plugins/ua/ Frame 439A	2 KB 1 KB	8ms 7ms	Script text/javascript	2a00:1450:4001:831::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/plugins/ua/linkid.js Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://promos.betano.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Wed, 27 Dec 2023 21:15:41 GMT content-encoding br x-content-type-options nosniff age 1379 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 697 x-xss-protection 0 last-modified Fri, 30 Jun 2023 18:58:00 GMT server sffe vary Accept-Encoding report-to {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]} content-type text/javascript cache-control public, max-age=3600 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="static-on-bigtable" expires Wed, 27 Dec 2023 22:15:41 GMT
GET BLOB	200 OK	c9569b45-5176-414f-b77e-910edd80c44d https://promos.betano.de/ Frame 439A	597 B 0		Other application/javascript
General Check archive.org Show headers Download Go to Full URL blob:https://promos.betano.de/c9569b45-5176-414f-b77e-910edd80c44d Requested by Host: promos.betano.de URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_764b_2931c_SNAABOYMSFBAADE&utm_medium=431&utm_source=2&siteid=764 Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash 6292d47914f9b1671e0c7b3076ea35aa0127785ed01ae8df56f534171114b08a Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers Content-Length 597 Content-Type application/javascript
GET H2	200	dc_pre=CLub-_rJsIMDFQTJOwIdle0HAQ;src=12738953;type=despo0;cat=despo0;ord=4538833517712;gtm=45He3bt0v79977643;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver... adservice.google.com/ddm/fls/z/ Frame A336	42 B 401 B	72ms 50ms	Image image/gif	2a00:1450:4001:812::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://adservice.google.com/ddm/fls/z/dc_pre=CLub-_rJsIMDFQTJOwIdle0HAQ;src=12738953;type=despo0;cat=despo0;ord=4538833517712;gtm=45He3bt0v79977643;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fpromos.betano.de%2Fwillkommenspaket%2Findex.html%3Fbtag%3Da_764b_2931c_SNAABOYMSFBAADE%26utm_medium%3D431%26utm_source%3D2%26siteid%3D764 Requested by Host: 12738953.fls.doubleclick.net URL: https://12738953.fls.doubleclick.net/activityi;dc_pre=CLub-_rJsIMDFQTJOwIdle0HAQ;src=12738953;type=despo0;cat=despo0;ord=4538833517712;gtm=45He3bt0v79977643;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fpromos.betano.de%2Fwillkommenspaket%2Findex.html%3Fbtag%3Da_764b_2931c_SNAABOYMSFBAADE%26utm_medium%3D431%26utm_source%3D2%26siteid%3D764? Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://12738953.fls.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers pragma no-cache date Wed, 27 Dec 2023 21:38:41 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	dc_pre=COK5-_rJsIMDFQvCmgodeucLiw;src=12738953;type=deaff0;cat=deaff0;ord=5698056261175;gtm=45He3bt0v79977643;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver... adservice.google.com/ddm/fls/z/ Frame CE69	42 B 107 B	72ms 51ms	Image image/gif	2a00:1450:4001:812::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://adservice.google.com/ddm/fls/z/dc_pre=COK5-_rJsIMDFQvCmgodeucLiw;src=12738953;type=deaff0;cat=deaff0;ord=5698056261175;gtm=45He3bt0v79977643;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fpromos.betano.de%2Fwillkommenspaket%2Findex.html%3Fbtag%3Da_764b_2931c_SNAABOYMSFBAADE%26utm_medium%3D431%26utm_source%3D2%26siteid%3D764 Requested by Host: 12738953.fls.doubleclick.net URL: https://12738953.fls.doubleclick.net/activityi;dc_pre=COK5-_rJsIMDFQvCmgodeucLiw;src=12738953;type=deaff0;cat=deaff0;ord=5698056261175;gtm=45He3bt0v79977643;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fpromos.betano.de%2Fwillkommenspaket%2Findex.html%3Fbtag%3Da_764b_2931c_SNAABOYMSFBAADE%26utm_medium%3D431%26utm_source%3D2%26siteid%3D764? Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://12738953.fls.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers pragma no-cache date Wed, 27 Dec 2023 21:38:41 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	234568464078651 Show response connect.facebook.net/signals/config/ Frame 439A	135 KB 35 KB	15ms 15ms	Script application/x-javascript	2a03:2880:f083:9:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/config/234568464078651?v=2.9.138&r=stable&domain=lp.cleverwebserver.com Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/fbevents.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 7d0154c5f3aaa7dcc45abe918902de8df0b30d21fdc9dd916e1932058e1104f1 Security Headers Name Value Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://promos.betano.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers permissions-policy-report-only autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=() content-security-policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; preload; includeSubDomains date Wed, 27 Dec 2023 21:38:41 GMT document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 35668 x-xss-protection 0 reporting-endpoints pragma public x-fb-debug SpMCEwW6jzeRFcw/0XRxmkMJy9MDEPAgWWmneYJgQy0A5VbGyzCzh0XWiETf44uf6+aYw8DRGh51ioSVdrMrhw== cross-origin-opener-policy same-origin-allow-popups vary Accept-Encoding x-frame-options DENY content-type application/x-javascript; charset=utf-8 cache-control public, max-age=1200 permissions-policy accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=() timing-allow-origin * priority u=3,i expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	59013e41-1b63-4d8e-a887-ea6d3795d988.js Show response tr.snapchat.com/config/de/ Frame 439A	177 B 445 B	62ms 20ms	Script application/javascript	35.190.43.134 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tr.snapchat.com/config/de/59013e41-1b63-4d8e-a887-ea6d3795d988.js?v=3.7.3-2312182359 Requested by Host: sc-static.net URL: https://sc-static.net/scevent.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 134.43.190.35.bc.googleusercontent.com Software API Gateway / Resource Hash 6243294ede6a1d16c6c3ff573b8008e7a8bafac047a3f4ad016443ff8efd2f6f Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains Request headers Referer https://promos.betano.de/ Origin https://promos.betano.de accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Wed, 27 Dec 2023 21:38:41 GMT strict-transport-security max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains via 1.1 google server API Gateway content-type application/javascript access-control-allow-origin https://promos.betano.de x-envoy-upstream-service-time 0 access-control-allow-credentials true alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 177
GET H2	200	i Show response tr.snapchat.com/cm/ Frame B986	0 201 B	60ms 19ms	Document text/html	35.190.43.134 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tr.snapchat.com/cm/i?pid=59013e41-1b63-4d8e-a887-ea6d3795d988&u_scsid=c823e580-ae43-498b-bca9-57825e34238e&u_sclid=bbfa4d34-0bf1-4d30-93cb-ffca5ddaafab Requested by Host: sc-static.net URL: https://sc-static.net/scevent.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 134.43.190.35.bc.googleusercontent.com Software API Gateway / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains Request headers Referer https://promos.betano.de/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 content-type text/html date Wed, 27 Dec 2023 21:38:41 GMT server API Gateway strict-transport-security max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains via 1.1 google x-envoy-upstream-service-time 0
GET H2	200	p tr.snapchat.com/ Frame 439A	68 B 300 B	61ms 20ms	Image image/png	35.190.43.134 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tr.snapchat.com/p?pid=59013e41-1b63-4d8e-a887-ea6d3795d988&ev=PAGE_VIEW&intg=gtm&pids=59013e41-1b63-4d8e-a887-ea6d3795d988&u_c1=c987d94a-42ac-46fd-b4e7-700ce5538ce0&u_sclid=bbfa4d34-0bf1-4d30-93cb-ffca5ddaafab&u_scsid=c823e580-ae43-498b-bca9-57825e34238e&bt=1d53c387&d_bvs=%5B%5D&huah=true&if=true&m_dcl=307&m_ic=true&m_pi=302&m_pl=0&m_pv=2&m_rd=625&m_sh=1200&m_sl=1&m_sw=1600&pl=https%3A%2F%2Flp.cleverwebserver.com%2F&rf=https%3A%2F%2Flp.cleverwebserver.com%2F&trackId=b2037311-ba51-4de4-8c4c-555945a40f06&ts=1703713121078&v=3.7.3-2312182359 Requested by Host: promos.betano.de URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_764b_2931c_SNAABOYMSFBAADE&utm_medium=431&utm_source=2&siteid=764 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 134.43.190.35.bc.googleusercontent.com Software API Gateway / Resource Hash 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://promos.betano.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Wed, 27 Dec 2023 21:38:41 GMT strict-transport-security max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains via 1.1 google server API Gateway content-type image/png access-control-allow-origin * cache-control no-cache, no-transform x-envoy-upstream-service-time 1 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 68
GET H2	200	spn_Sporting_CP2_b%201.png landingpages.kaizengaming.com/de-sport/ Frame 439A	19 KB 19 KB	31ms 23ms	Image image/png	2606:4700:4400::6812:28b3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://landingpages.kaizengaming.com/de-sport/spn_Sporting_CP2_b%201.png Requested by Host: promos.betano.de URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_764b_2931c_SNAABOYMSFBAADE&utm_medium=431&utm_source=2&siteid=764 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::6812:28b3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2019d77fa19a331f0e33fb1e0f96103832fdaf49481ef54920e83b59ab68f1e2 Request headers accept-language de-DE,de;q=0.9 Referer https://promos.betano.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Wed, 27 Dec 2023 21:38:41 GMT cf-cache-status HIT content-md5 mwHkbVJHeMadNj4jxLZolA== age 362 content-length 19119 x-ms-lease-state available x-ms-lease-status unlocked last-modified Mon, 30 Oct 2023 17:20:46 GMT server cloudflare etag "0x8DBD96C8DB7630C" vary Accept-Encoding content-type image/png access-control-allow-origin * x-ms-request-id b5b827e4-f01e-0067-6c53-2302fe000000 cache-control public, max-age=900, immutable x-ms-version 2014-02-14 accept-ranges bytes cf-ray 83c4b63ed9719237-FRA
GET H2	200	spn_Benfica_2021_8_13_15_24_29_b%201.png landingpages.kaizengaming.com/de-sport/ Frame 439A	28 KB 28 KB	41ms 33ms	Image image/png	2606:4700:4400::6812:28b3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://landingpages.kaizengaming.com/de-sport/spn_Benfica_2021_8_13_15_24_29_b%201.png Requested by Host: promos.betano.de URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_764b_2931c_SNAABOYMSFBAADE&utm_medium=431&utm_source=2&siteid=764 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::6812:28b3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash aab3b7005f69e9d7c10a94d7f3657277d5c9dae9cfc6bde05617b003a56fa125 Request headers accept-language de-DE,de;q=0.9 Referer https://promos.betano.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Wed, 27 Dec 2023 21:38:41 GMT cf-cache-status HIT content-md5 oEUX3HqfuPUvYFG+QZJ9tQ== age 82 content-length 28849 x-ms-lease-state available x-ms-lease-status unlocked last-modified Mon, 30 Oct 2023 17:20:45 GMT server cloudflare etag "0x8DBD96C8D3463E2" vary Accept-Encoding content-type image/png access-control-allow-origin * x-ms-request-id a6a3b303-201e-0029-33ae-212c76000000 cache-control public, max-age=900, immutable x-ms-version 2014-02-14 accept-ranges bytes cf-ray 83c4b63ed9729237-FRA
GET H2	200	spn_FC_Porto_b%201.png landingpages.kaizengaming.com/de-sport/ Frame 439A	24 KB 24 KB	52ms 44ms	Image image/png	2606:4700:4400::6812:28b3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://landingpages.kaizengaming.com/de-sport/spn_FC_Porto_b%201.png Requested by Host: promos.betano.de URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_764b_2931c_SNAABOYMSFBAADE&utm_medium=431&utm_source=2&siteid=764 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::6812:28b3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 728165191b625a29fc0c1469f93cf17eb62f3595f379c977890974543f7d814d Request headers accept-language de-DE,de;q=0.9 Referer https://promos.betano.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Wed, 27 Dec 2023 21:38:41 GMT cf-cache-status HIT content-md5 jSdk+PY50XexolMJPt5Q0Q== age 362 content-length 24710 x-ms-lease-state available x-ms-lease-status unlocked last-modified Mon, 30 Oct 2023 17:20:45 GMT server cloudflare etag "0x8DBD96C8D6557A8" vary Accept-Encoding content-type image/png access-control-allow-origin * x-ms-request-id 3e65ddf5-601e-0038-34c2-12b6c2000000 cache-control public, max-age=900, immutable x-ms-version 2014-02-14 accept-ranges bytes cf-ray 83c4b63ed9739237-FRA
GET H2	200	spn_osfp210X210_b_b_2019_8_14_8_57_11_b%201.png landingpages.kaizengaming.com/de-sport/ Frame 439A	25 KB 25 KB	41ms 34ms	Image image/png	2606:4700:4400::6812:28b3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://landingpages.kaizengaming.com/de-sport/spn_osfp210X210_b_b_2019_8_14_8_57_11_b%201.png Requested by Host: promos.betano.de URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_764b_2931c_SNAABOYMSFBAADE&utm_medium=431&utm_source=2&siteid=764 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::6812:28b3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash abc9055dec46bd0fe46b5534dee9d9a6411491662f1403df81e6e238389b0b8b Request headers accept-language de-DE,de;q=0.9 Referer https://promos.betano.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Wed, 27 Dec 2023 21:38:41 GMT cf-cache-status HIT content-md5 JhbPFXjZywCGfmkqf6Kweg== age 365 content-length 25859 x-ms-lease-state available x-ms-lease-status unlocked last-modified Mon, 30 Oct 2023 17:20:45 GMT server cloudflare etag "0x8DBD96C8D9E878D" vary Accept-Encoding content-type image/png access-control-allow-origin * x-ms-request-id 3b7653e6-e01e-0044-4b61-13983d000000 cache-control public, max-age=900, immutable x-ms-version 2014-02-14 accept-ranges bytes cf-ray 83c4b63ed9749237-FRA
GET H2	200	spn_Logo_Panathinaikos-01-3%201.png landingpages.kaizengaming.com/de-sport/ Frame 439A	19 KB 20 KB	32ms 24ms	Image image/png	2606:4700:4400::6812:28b3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://landingpages.kaizengaming.com/de-sport/spn_Logo_Panathinaikos-01-3%201.png Requested by Host: promos.betano.de URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_764b_2931c_SNAABOYMSFBAADE&utm_medium=431&utm_source=2&siteid=764 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::6812:28b3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 35eb8dfaab4bf3bac258cec08918ec16f4b23e8d47b5bbaa41fbd28f4660b1de Request headers accept-language de-DE,de;q=0.9 Referer https://promos.betano.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Wed, 27 Dec 2023 21:38:41 GMT cf-cache-status HIT content-md5 XMp6ffG72oNhRO1DDx+D8g== age 365 content-length 19885 x-ms-lease-state available x-ms-lease-status unlocked last-modified Mon, 30 Oct 2023 17:20:45 GMT server cloudflare etag "0x8DBD96C8D862133" vary Accept-Encoding content-type image/png access-control-allow-origin * x-ms-request-id c0f7d6a1-201e-005b-0bfb-232b39000000 cache-control public, max-age=900, immutable x-ms-version 2014-02-14 accept-ranges bytes cf-ray 83c4b63ed9769237-FRA
GET H2	200	spn_stxmn_xorigies_footer_210x210_paok_b_2019_8_14_8_59_31_b%201.png landingpages.kaizengaming.com/de-sport/ Frame 439A	19 KB 20 KB	45ms 38ms	Image image/png	2606:4700:4400::6812:28b3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://landingpages.kaizengaming.com/de-sport/spn_stxmn_xorigies_footer_210x210_paok_b_2019_8_14_8_59_31_b%201.png Requested by Host: promos.betano.de URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_764b_2931c_SNAABOYMSFBAADE&utm_medium=431&utm_source=2&siteid=764 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::6812:28b3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 51da5b73ff056af5a7b6661a72877729acae13288868cf5689e7933f283d8f22 Request headers accept-language de-DE,de;q=0.9 Referer https://promos.betano.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Wed, 27 Dec 2023 21:38:41 GMT cf-cache-status HIT content-md5 ZWskDbpA4tguY75DycNraw== age 365 content-length 19873 x-ms-lease-state available x-ms-lease-status unlocked last-modified Mon, 30 Oct 2023 17:20:46 GMT server cloudflare etag "0x8DBD96C8DBE3FD2" vary Accept-Encoding content-type image/png access-control-allow-origin * x-ms-request-id 281d5ca9-901e-0071-5362-17f429000000 cache-control public, max-age=900, immutable x-ms-version 2014-02-14 accept-ranges bytes cf-ray 83c4b63ed9779237-FRA
GET H2	200	spn_apoel%20footer_b%201.png landingpages.kaizengaming.com/de-sport/ Frame 439A	18 KB 18 KB	47ms 40ms	Image image/png	2606:4700:4400::6812:28b3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://landingpages.kaizengaming.com/de-sport/spn_apoel%20footer_b%201.png Requested by Host: promos.betano.de URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_764b_2931c_SNAABOYMSFBAADE&utm_medium=431&utm_source=2&siteid=764 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::6812:28b3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash fda4c0c8d886d3dc37996a43e3733d5f8433d49283716ea9e7a7316cda7794ba Request headers accept-language de-DE,de;q=0.9 Referer https://promos.betano.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Wed, 27 Dec 2023 21:38:41 GMT cf-cache-status HIT content-md5 bqT5Gi69cDmYsDYa4bEKsQ== age 186 content-length 18469 x-ms-lease-state available x-ms-lease-status unlocked last-modified Mon, 30 Oct 2023 17:20:44 GMT server cloudflare etag "0x8DBD96C8D134C45" vary Accept-Encoding content-type image/png access-control-allow-origin * x-ms-request-id a1037265-701e-000b-03b8-16e969000000 cache-control public, max-age=900, immutable x-ms-version 2014-02-14 accept-ranges bytes cf-ray 83c4b63ed9789237-FRA
GET H2	200	spn_apollon-logo-210x210_b%201.png landingpages.kaizengaming.com/de-sport/ Frame 439A	23 KB 23 KB	32ms 25ms	Image image/png	2606:4700:4400::6812:28b3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://landingpages.kaizengaming.com/de-sport/spn_apollon-logo-210x210_b%201.png Requested by Host: promos.betano.de URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_764b_2931c_SNAABOYMSFBAADE&utm_medium=431&utm_source=2&siteid=764 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::6812:28b3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 21b1fdeba9c263ef576c174286f2d861a4ef9b8b5cb98f34cb568905fb899d86 Request headers accept-language de-DE,de;q=0.9 Referer https://promos.betano.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Wed, 27 Dec 2023 21:38:41 GMT cf-cache-status HIT content-md5 GASNhmiazNjE2gYaQyS6Dg== age 161 content-length 23572 x-ms-lease-state available x-ms-lease-status unlocked last-modified Mon, 30 Oct 2023 17:20:45 GMT server cloudflare etag "0x8DBD96C8D1A0202" vary Accept-Encoding content-type image/png access-control-allow-origin * x-ms-request-id 0b4e1ed2-f01e-0077-4198-16c796000000 cache-control public, max-age=900, immutable x-ms-version 2014-02-14 accept-ranges bytes cf-ray 83c4b63ed9799237-FRA
GET H2	200	spn_fcsb%20210x210%20(1)_b%201.png landingpages.kaizengaming.com/de-sport/ Frame 439A	22 KB 23 KB	36ms 29ms	Image image/png	2606:4700:4400::6812:28b3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://landingpages.kaizengaming.com/de-sport/spn_fcsb%20210x210%20(1)_b%201.png Requested by Host: promos.betano.de URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_764b_2931c_SNAABOYMSFBAADE&utm_medium=431&utm_source=2&siteid=764 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::6812:28b3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6a4aaeb80b8cab44b94d532c946cbaed2a25c8dead8dd54161340d3cc56bc308 Request headers accept-language de-DE,de;q=0.9 Referer https://promos.betano.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Wed, 27 Dec 2023 21:38:41 GMT cf-cache-status HIT content-md5 SBVluZQtT7yiLEiEDAA5aQ== age 1226 content-length 22894 x-ms-lease-state available x-ms-lease-status unlocked last-modified Mon, 30 Oct 2023 17:20:45 GMT server cloudflare etag "0x8DBD96C8D6C5B78" vary Accept-Encoding content-type image/png access-control-allow-origin * x-ms-request-id 63e50a43-a01e-0027-4c61-1305c6000000 cache-control public, max-age=900, immutable x-ms-version 2014-02-14 accept-ranges bytes cf-ray 83c4b63ed97b9237-FRA
GET H2	200	spn_craiova%20fc%20logo_210x210%20(1)_b%201.png landingpages.kaizengaming.com/de-sport/ Frame 439A	18 KB 18 KB	45ms 38ms	Image image/png	2606:4700:4400::6812:28b3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://landingpages.kaizengaming.com/de-sport/spn_craiova%20fc%20logo_210x210%20(1)_b%201.png Requested by Host: promos.betano.de URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_764b_2931c_SNAABOYMSFBAADE&utm_medium=431&utm_source=2&siteid=764 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::6812:28b3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 62abee42f8de35bf84f870156e78a63ef9ac008a94e48924de6101eb335c1856 Request headers accept-language de-DE,de;q=0.9 Referer https://promos.betano.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Wed, 27 Dec 2023 21:38:41 GMT cf-cache-status HIT content-md5 OKKcJspihS+zi860B9s0Bw== age 1226 content-length 18147 x-ms-lease-state available x-ms-lease-status unlocked last-modified Mon, 30 Oct 2023 17:20:45 GMT server cloudflare etag "0x8DBD96C8D4EC5CE" vary Accept-Encoding content-type image/png access-control-allow-origin * x-ms-request-id e6d6671b-a01e-0055-5bb0-170289000000 cache-control public, max-age=900, immutable x-ms-version 2014-02-14 accept-ranges bytes cf-ray 83c4b63ed97d9237-FRA
GET H2	200	spn_Sparta.png landingpages.kaizengaming.com/de-sport/ Frame 439A	5 KB 5 KB	58ms 51ms	Image image/png	2606:4700:4400::6812:28b3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://landingpages.kaizengaming.com/de-sport/spn_Sparta.png Requested by Host: promos.betano.de URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_764b_2931c_SNAABOYMSFBAADE&utm_medium=431&utm_source=2&siteid=764 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::6812:28b3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 62caffb569b2f4b4bf9f4c317c6dfc6ed155304a9bce20f0d12613053f1cc3c1 Request headers accept-language de-DE,de;q=0.9 Referer https://promos.betano.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Wed, 27 Dec 2023 21:38:41 GMT cf-cache-status HIT content-md5 /0mt5FHZVIAjX94uZVR7dA== age 1226 content-length 5318 x-ms-lease-state available x-ms-lease-status unlocked last-modified Mon, 30 Oct 2023 17:20:46 GMT server cloudflare etag "0x8DBD96C8E458419" vary Accept-Encoding content-type image/png access-control-allow-origin * x-ms-request-id 3abbe777-201e-0064-3445-23e39a000000 cache-control public, max-age=900, immutable x-ms-version 2014-02-14 accept-ranges bytes cf-ray 83c4b63ee9809237-FRA
GET H2	200	spn_FC%20Viktoria%20Plzen.png landingpages.kaizengaming.com/de-sport/ Frame 439A	17 KB 17 KB	54ms 48ms	Image image/png	2606:4700:4400::6812:28b3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://landingpages.kaizengaming.com/de-sport/spn_FC%20Viktoria%20Plzen.png Requested by Host: promos.betano.de URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_764b_2931c_SNAABOYMSFBAADE&utm_medium=431&utm_source=2&siteid=764 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::6812:28b3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c69c7bb218bf8af15e2ae415862db1bd0d445c959be698fb58320d97dd1a5b5a Request headers accept-language de-DE,de;q=0.9 Referer https://promos.betano.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Wed, 27 Dec 2023 21:38:41 GMT cf-cache-status HIT content-md5 QZwghOjpQSeiH/VC0Pp+5g== age 1750 content-length 17257 x-ms-lease-state available x-ms-lease-status unlocked last-modified Mon, 30 Oct 2023 17:20:45 GMT server cloudflare etag "0x8DBD96C8D5DB7AC" vary Accept-Encoding content-type image/png access-control-allow-origin * x-ms-request-id e8002cb8-b01e-002b-07ae-2192ce000000 cache-control public, max-age=900, immutable x-ms-version 2014-02-14 accept-ranges bytes cf-ray 83c4b63ee9829237-FRA
GET H2	200	spn_PFC%20Locomotiv.png landingpages.kaizengaming.com/de-sport/ Frame 439A	17 KB 17 KB	61ms 54ms	Image image/png	2606:4700:4400::6812:28b3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://landingpages.kaizengaming.com/de-sport/spn_PFC%20Locomotiv.png Requested by Host: promos.betano.de URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_764b_2931c_SNAABOYMSFBAADE&utm_medium=431&utm_source=2&siteid=764 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::6812:28b3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1b89e19aca89f180ba1e62c62495c5e4156f96cfa866b19cf0df0192452f477f Request headers accept-language de-DE,de;q=0.9 Referer https://promos.betano.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Wed, 27 Dec 2023 21:38:41 GMT cf-cache-status HIT content-md5 n8zLW8cpLiU4kbUrGnwtDw== age 1182 content-length 17581 x-ms-lease-state available x-ms-lease-status unlocked last-modified Mon, 30 Oct 2023 17:20:45 GMT server cloudflare etag "0x8DBD96C8DA62790" vary Accept-Encoding content-type image/png access-control-allow-origin * x-ms-request-id 09fb0ebd-501e-001c-6e61-134062000000 cache-control public, max-age=900, immutable x-ms-version 2014-02-14 accept-ranges bytes cf-ray 83c4b63ee9849237-FRA
GET H2	200	spn_atleticologo_whiteoutline_b%201.png landingpages.kaizengaming.com/de-sport/ Frame 439A	15 KB 15 KB	47ms 41ms	Image image/png	2606:4700:4400::6812:28b3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://landingpages.kaizengaming.com/de-sport/spn_atleticologo_whiteoutline_b%201.png Requested by Host: promos.betano.de URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_764b_2931c_SNAABOYMSFBAADE&utm_medium=431&utm_source=2&siteid=764 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::6812:28b3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5c447157fa660c55a320f8c1735eacb754c4697c5ff98dd4140da21ffb9b1ba4 Request headers accept-language de-DE,de;q=0.9 Referer https://promos.betano.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Wed, 27 Dec 2023 21:38:41 GMT cf-cache-status HIT content-md5 exAxLiOKF1ZQ22Z4FzBs+g== age 1182 content-length 15119 x-ms-lease-state available x-ms-lease-status unlocked last-modified Mon, 30 Oct 2023 17:20:45 GMT server cloudflare etag "0x8DBD96C8D21C90B" vary Accept-Encoding content-type image/png access-control-allow-origin * x-ms-request-id d4ba0267-a01e-0037-3f26-15c0ae000000 cache-control public, max-age=900, immutable x-ms-version 2014-02-14 accept-ranges bytes cf-ray 83c4b63ee9859237-FRA
GET H2	200	spn_logo_fluminense%20(1)_b%201.png landingpages.kaizengaming.com/de-sport/ Frame 439A	23 KB 23 KB	48ms 43ms	Image image/png	2606:4700:4400::6812:28b3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://landingpages.kaizengaming.com/de-sport/spn_logo_fluminense%20(1)_b%201.png Requested by Host: promos.betano.de URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_764b_2931c_SNAABOYMSFBAADE&utm_medium=431&utm_source=2&siteid=764 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::6812:28b3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ac7bb492fca6a4c1c72dacfff28d869d9a125529a085d29da9ff803b994688b5 Request headers accept-language de-DE,de;q=0.9 Referer https://promos.betano.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Wed, 27 Dec 2023 21:38:41 GMT cf-cache-status HIT content-md5 3yDwl8syJHaDX8oSywlAEw== age 1182 content-length 23395 x-ms-lease-state available x-ms-lease-status unlocked last-modified Mon, 30 Oct 2023 17:20:45 GMT server cloudflare etag "0x8DBD96C8D7C85AE" vary Accept-Encoding content-type image/png access-control-allow-origin * x-ms-request-id 48714741-601e-005a-1ed9-2674e5000000 cache-control public, max-age=900, immutable x-ms-version 2014-02-14 accept-ranges bytes cf-ray 83c4b63ee9869237-FRA
GET H2	200	spn_CHUNCHO_CLUB%20U%20DE%20CHILE%20210x210_b%201.png landingpages.kaizengaming.com/de-sport/ Frame 439A	15 KB 15 KB	61ms 56ms	Image image/png	2606:4700:4400::6812:28b3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://landingpages.kaizengaming.com/de-sport/spn_CHUNCHO_CLUB%20U%20DE%20CHILE%20210x210_b%201.png Requested by Host: promos.betano.de URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_764b_2931c_SNAABOYMSFBAADE&utm_medium=431&utm_source=2&siteid=764 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::6812:28b3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 80a95fa030fd1df8c270f9c36ffa2c8e0f359ac337e57184d2923c5926d9ce2d Request headers accept-language de-DE,de;q=0.9 Referer https://promos.betano.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Wed, 27 Dec 2023 21:38:41 GMT cf-cache-status HIT content-md5 Jj6jwZ8PUpg8EK5z52QngQ== age 1182 content-length 15040 x-ms-lease-state available x-ms-lease-status unlocked last-modified Mon, 30 Oct 2023 17:20:45 GMT server cloudflare etag "0x8DBD96C8D4773DC" vary Accept-Encoding content-type image/png access-control-allow-origin * x-ms-request-id 87474cad-401e-005d-671e-241886000000 cache-control public, max-age=900, immutable x-ms-version 2014-02-14 accept-ranges bytes cf-ray 83c4b63ee9879237-FRA
GET H2	200	BarcelonaSC.png landingpages.kaizengaming.com/de-sport/ Frame 439A	33 KB 34 KB	47ms 42ms	Image image/png	2606:4700:4400::6812:28b3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://landingpages.kaizengaming.com/de-sport/BarcelonaSC.png Requested by Host: promos.betano.de URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_764b_2931c_SNAABOYMSFBAADE&utm_medium=431&utm_source=2&siteid=764 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::6812:28b3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1eee6b3963047a706793e8dbaae752aaff358acfb880b66ce0bc0ce9af38b2ed Request headers accept-language de-DE,de;q=0.9 Referer https://promos.betano.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Wed, 27 Dec 2023 21:38:41 GMT cf-cache-status HIT content-md5 zbtTWkcdS/4ZVcTx0P65OA== age 1182 content-length 34170 x-ms-lease-state available x-ms-lease-status unlocked last-modified Mon, 30 Oct 2023 17:20:46 GMT server cloudflare etag "0x8DBD96C8E215FAC" vary Accept-Encoding content-type image/png access-control-allow-origin * x-ms-request-id 5fa41459-401e-002f-1115-241fc9000000 cache-control public, max-age=900, immutable x-ms-version 2014-02-14 accept-ranges bytes cf-ray 83c4b63ee9889237-FRA
GET H2	200	FBCMELGAR.png landingpages.kaizengaming.com/de-sport/ Frame 439A	31 KB 31 KB	49ms 43ms	Image image/png	2606:4700:4400::6812:28b3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://landingpages.kaizengaming.com/de-sport/FBCMELGAR.png Requested by Host: promos.betano.de URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_764b_2931c_SNAABOYMSFBAADE&utm_medium=431&utm_source=2&siteid=764 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::6812:28b3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b222717d8498c895539da6ef8972866b03bcdd1b78f31e2028b31616fa1d3b5b Request headers accept-language de-DE,de;q=0.9 Referer https://promos.betano.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Wed, 27 Dec 2023 21:38:41 GMT cf-cache-status HIT content-md5 laAoZTUUiqFTjoKqlD93JA== age 656 content-length 31523 x-ms-lease-state available x-ms-lease-status unlocked last-modified Mon, 30 Oct 2023 17:20:46 GMT server cloudflare etag "0x8DBD96C8E31B0F1" vary Accept-Encoding content-type image/png access-control-allow-origin * x-ms-request-id 63c3d30d-301e-001a-14ac-1373dd000000 cache-control public, max-age=900, immutable x-ms-version 2014-02-14 accept-ranges bytes cf-ray 83c4b63ee9899237-FRA
GET H2	200	KOMETA.png landingpages.kaizengaming.com/de-sport/ Frame 439A	6 KB 6 KB	62ms 57ms	Image image/png	2606:4700:4400::6812:28b3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://landingpages.kaizengaming.com/de-sport/KOMETA.png Requested by Host: promos.betano.de URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_764b_2931c_SNAABOYMSFBAADE&utm_medium=431&utm_source=2&siteid=764 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::6812:28b3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 180bc0fd96460f6ba482df5d6e323af292a60993e19cc7aa183b5ab74574f2bf Request headers accept-language de-DE,de;q=0.9 Referer https://promos.betano.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Wed, 27 Dec 2023 21:38:41 GMT cf-cache-status HIT content-md5 X1Is2lD/8CCkI96L9PqC6Q== age 1182 content-length 6098 x-ms-lease-state available x-ms-lease-status unlocked last-modified Mon, 30 Oct 2023 17:20:46 GMT server cloudflare etag "0x8DBD96C8E3C36AB" vary Accept-Encoding content-type image/png access-control-allow-origin * x-ms-request-id bb9a1fc1-701e-0034-66ac-1621ca000000 cache-control public, max-age=900, immutable x-ms-version 2014-02-14 accept-ranges bytes cf-ray 83c4b63ee98a9237-FRA
GET H2	200	logo_pce2.png landingpages.kaizengaming.com/de-sport/ Frame 439A	9 KB 9 KB	55ms 50ms	Image image/png	2606:4700:4400::6812:28b3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://landingpages.kaizengaming.com/de-sport/logo_pce2.png Requested by Host: promos.betano.de URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_764b_2931c_SNAABOYMSFBAADE&utm_medium=431&utm_source=2&siteid=764 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::6812:28b3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 47e965a46ae6785a0a3412ca35b96a6caf9da9e787d56b78b9fdbb1f129bc48f Request headers accept-language de-DE,de;q=0.9 Referer https://promos.betano.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Wed, 27 Dec 2023 21:38:41 GMT cf-cache-status HIT content-md5 Wdb5g3cD4eZh2Tm0CyXe6A== age 1170 content-length 8998 x-ms-lease-state available x-ms-lease-status unlocked last-modified Mon, 30 Oct 2023 17:20:47 GMT server cloudflare etag "0x8DBD96C8E4CAEF9" vary Accept-Encoding content-type image/png access-control-allow-origin * x-ms-request-id 3bb81811-601e-0017-3cfb-23bb09000000 cache-control public, max-age=900, immutable x-ms-version 2014-02-14 accept-ranges bytes cf-ray 83c4b63ee98b9237-FRA
GET H2	200	logo-betano.svg landingpages.kaizengaming.com/de-sport/ Frame 439A	22 KB 6 KB	64ms 59ms	Image image/svg+xml	2606:4700:4400::6812:28b3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://landingpages.kaizengaming.com/de-sport/logo-betano.svg Requested by Host: promos.betano.de URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_764b_2931c_SNAABOYMSFBAADE&utm_medium=431&utm_source=2&siteid=764 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::6812:28b3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3072f755bf99acdaa34415da49f58e8e83ae33d63231854a6d290dd09d5c2500 Request headers accept-language de-DE,de;q=0.9 Referer https://promos.betano.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Wed, 27 Dec 2023 21:38:41 GMT content-encoding gzip cf-cache-status HIT content-md5 /8PMtJkMzUjtMFEegZIHcw== age 161 x-ms-lease-state available x-ms-lease-status unlocked last-modified Mon, 30 Oct 2023 17:20:44 GMT server cloudflare etag W/"0x8DBD96C8D0A73F3" vary Accept-Encoding content-type image/svg+xml access-control-allow-origin * x-ms-request-id 89905b6d-b01e-0014-187f-175a6d000000 cache-control public, max-age=900, immutable x-ms-version 2014-02-14 cf-ray 83c4b63ee98c9237-FRA
GET H2	200	awd_egr-award-2022-operator-of-the-year.png landingpages.kaizengaming.com/de-sport/ Frame 439A	4 KB 5 KB	50ms 45ms	Image image/png	2606:4700:4400::6812:28b3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://landingpages.kaizengaming.com/de-sport/awd_egr-award-2022-operator-of-the-year.png Requested by Host: promos.betano.de URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_764b_2931c_SNAABOYMSFBAADE&utm_medium=431&utm_source=2&siteid=764 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::6812:28b3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 882e474b6c38b47acb0ec38ce9e095a84624ea2b8a1d1a122c2d17d3d26c47b3 Request headers accept-language de-DE,de;q=0.9 Referer https://promos.betano.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Wed, 27 Dec 2023 21:38:41 GMT cf-cache-status HIT content-md5 aXcrchTaRow4V+J4yNZSjQ== age 186 content-length 4512 x-ms-lease-state available x-ms-lease-status unlocked last-modified Mon, 30 Oct 2023 17:20:46 GMT server cloudflare etag "0x8DBD96C8E080F19" vary Accept-Encoding content-type image/png access-control-allow-origin * x-ms-request-id 86faffb3-401e-005d-11ff-231886000000 cache-control public, max-age=900, immutable x-ms-version 2014-02-14 accept-ranges bytes cf-ray 83c4b63ee98d9237-FRA
GET H2	200	awd_egr-award-2022-sports-betting-operator.png landingpages.kaizengaming.com/de-sport/ Frame 439A	5 KB 5 KB	46ms 41ms	Image image/png	2606:4700:4400::6812:28b3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://landingpages.kaizengaming.com/de-sport/awd_egr-award-2022-sports-betting-operator.png Requested by Host: promos.betano.de URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_764b_2931c_SNAABOYMSFBAADE&utm_medium=431&utm_source=2&siteid=764 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::6812:28b3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4c9314b73430fd751f94a5091a3e108f0a455d74279bf56a08dca769c746b2bd Request headers accept-language de-DE,de;q=0.9 Referer https://promos.betano.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Wed, 27 Dec 2023 21:38:41 GMT cf-cache-status HIT content-md5 eXjGNE64RFjnYc6aOBQYqw== age 778 content-length 4692 x-ms-lease-state available x-ms-lease-status unlocked last-modified Mon, 30 Oct 2023 17:20:46 GMT server cloudflare etag "0x8DBD96C8E18AE69" vary Accept-Encoding content-type image/png access-control-allow-origin * x-ms-request-id 74e13790-301e-0068-3a2f-237492000000 cache-control public, max-age=900, immutable x-ms-version 2014-02-14 accept-ranges bytes cf-ray 83c4b63ee98e9237-FRA
GET H2	200	awd_egr-award-2021-football-betting-operator.png landingpages.kaizengaming.com/de-sport/ Frame 439A	6 KB 6 KB	49ms 45ms	Image image/png	2606:4700:4400::6812:28b3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://landingpages.kaizengaming.com/de-sport/awd_egr-award-2021-football-betting-operator.png Requested by Host: promos.betano.de URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_764b_2931c_SNAABOYMSFBAADE&utm_medium=431&utm_source=2&siteid=764 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::6812:28b3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 71f82d8de2cbd83902d319f2d4f3b35ac739742a884b1aa5e3ce48fbeb54abbe Request headers accept-language de-DE,de;q=0.9 Referer https://promos.betano.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Wed, 27 Dec 2023 21:38:41 GMT cf-cache-status HIT content-md5 QL48N56WPpNnD2BJCbdfrQ== age 778 content-length 6010 x-ms-lease-state available x-ms-lease-status unlocked last-modified Mon, 30 Oct 2023 17:20:43 GMT server cloudflare etag "0x8DBD96C8C66AB3D" vary Accept-Encoding content-type image/png access-control-allow-origin * x-ms-request-id 5b4ba1ed-001e-0063-1bb2-218ff9000000 cache-control public, max-age=900, immutable x-ms-version 2014-02-14 accept-ranges bytes cf-ray 83c4b63ee9909237-FRA
GET H2	200	awd_egr-award-2021-customer-services.png landingpages.kaizengaming.com/de-sport/ Frame 439A	4 KB 5 KB	57ms 53ms	Image image/png	2606:4700:4400::6812:28b3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://landingpages.kaizengaming.com/de-sport/awd_egr-award-2021-customer-services.png Requested by Host: promos.betano.de URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_764b_2931c_SNAABOYMSFBAADE&utm_medium=431&utm_source=2&siteid=764 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::6812:28b3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e244ed2d3d2e650e8a423eec17d1792502c9b95fbc956c19a8fb8a8b93a9e4a3 Request headers accept-language de-DE,de;q=0.9 Referer https://promos.betano.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Wed, 27 Dec 2023 21:38:41 GMT cf-cache-status HIT content-md5 p3VebR5AVw3QzT/Awp05+w== age 1635 content-length 4583 x-ms-lease-state available x-ms-lease-status unlocked last-modified Mon, 30 Oct 2023 17:20:43 GMT server cloudflare etag "0x8DBD96C8C5B3B4C" vary Accept-Encoding content-type image/png access-control-allow-origin * x-ms-request-id cd416957-001e-0001-7bed-154dde000000 cache-control public, max-age=900, immutable x-ms-version 2014-02-14 accept-ranges bytes cf-ray 83c4b63ee9919237-FRA
GET H2	200	awd_egr-award-2019-mobile-operator.png landingpages.kaizengaming.com/de-sport/ Frame 439A	6 KB 6 KB	59ms 55ms	Image image/png	2606:4700:4400::6812:28b3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://landingpages.kaizengaming.com/de-sport/awd_egr-award-2019-mobile-operator.png Requested by Host: promos.betano.de URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_764b_2931c_SNAABOYMSFBAADE&utm_medium=431&utm_source=2&siteid=764 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::6812:28b3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 495ad399c1caa9c72a5b1fad6051aaa739d0df20f5623afe10bb3dc4c6c2ff3d Request headers accept-language de-DE,de;q=0.9 Referer https://promos.betano.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Wed, 27 Dec 2023 21:38:41 GMT cf-cache-status HIT content-md5 44fs+40EJE8j1DmLrNorsQ== age 1170 content-length 6296 x-ms-lease-state available x-ms-lease-status unlocked last-modified Mon, 30 Oct 2023 17:20:43 GMT server cloudflare etag "0x8DBD96C8C506771" vary Accept-Encoding content-type image/png access-control-allow-origin * x-ms-request-id 15418141-901e-004e-7acc-213c8a000000 cache-control public, max-age=900, immutable x-ms-version 2014-02-14 accept-ranges bytes cf-ray 83c4b63ee9929237-FRA
GET H2	200	awd_sbc-awards.png landingpages.kaizengaming.com/de-sport/ Frame 439A	6 KB 6 KB	54ms 50ms	Image image/png	2606:4700:4400::6812:28b3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://landingpages.kaizengaming.com/de-sport/awd_sbc-awards.png Requested by Host: promos.betano.de URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_764b_2931c_SNAABOYMSFBAADE&utm_medium=431&utm_source=2&siteid=764 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::6812:28b3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9cd1efd147d00fc5bce9fd0cee40ed69acff80b89889375878a0570da83c986e Request headers accept-language de-DE,de;q=0.9 Referer https://promos.betano.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Wed, 27 Dec 2023 21:38:41 GMT cf-cache-status HIT content-md5 +S8h4H5YiK6h8Y4RwrAOJQ== age 778 content-length 6301 x-ms-lease-state available x-ms-lease-status unlocked last-modified Mon, 30 Oct 2023 17:20:43 GMT server cloudflare etag "0x8DBD96C8C809802" vary Accept-Encoding content-type image/png access-control-allow-origin * x-ms-request-id e55503c3-b01e-002b-367d-2292ce000000 cache-control public, max-age=900, immutable x-ms-version 2014-02-14 accept-ranges bytes cf-ray 83c4b63ee9939237-FRA
GET H2	200	icon-ios.png landingpages.kaizengaming.com/de-sport/ Frame 439A	6 KB 6 KB	57ms 54ms	Image image/png	2606:4700:4400::6812:28b3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://landingpages.kaizengaming.com/de-sport/icon-ios.png Requested by Host: promos.betano.de URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_764b_2931c_SNAABOYMSFBAADE&utm_medium=431&utm_source=2&siteid=764 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::6812:28b3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash fd3d318d6fad54a4131b5c1008853f1a01dd13aeb6ec114d11fbefad59f266ef Request headers accept-language de-DE,de;q=0.9 Referer https://promos.betano.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Wed, 27 Dec 2023 21:38:41 GMT cf-cache-status HIT content-md5 j0GjjlDNvp6PdAbk4d+Rqg== age 778 content-length 5932 x-ms-lease-state available x-ms-lease-status unlocked last-modified Mon, 30 Oct 2023 17:20:44 GMT server cloudflare etag "0x8DBD96C8CD64C59" vary Accept-Encoding content-type image/png access-control-allow-origin * x-ms-request-id a123a8fa-501e-006e-6f6c-22472d000000 cache-control public, max-age=900, immutable x-ms-version 2014-02-14 accept-ranges bytes cf-ray 83c4b63ee9949237-FRA
GET H2	200	icon-android.png landingpages.kaizengaming.com/de-sport/ Frame 439A	6 KB 6 KB	60ms 56ms	Image image/png	2606:4700:4400::6812:28b3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://landingpages.kaizengaming.com/de-sport/icon-android.png Requested by Host: promos.betano.de URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_764b_2931c_SNAABOYMSFBAADE&utm_medium=431&utm_source=2&siteid=764 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::6812:28b3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8bb753343c3b0af0b9dfa273b033712833caedfa19b95e0d4b64b8cb14d7eeec Request headers accept-language de-DE,de;q=0.9 Referer https://promos.betano.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Wed, 27 Dec 2023 21:38:41 GMT cf-cache-status HIT content-md5 Xcsdo6ehQR3VQfTMT595Zw== age 778 content-length 5944 x-ms-lease-state available x-ms-lease-status unlocked last-modified Mon, 30 Oct 2023 17:20:44 GMT server cloudflare etag "0x8DBD96C8CBB274B" vary Accept-Encoding content-type image/png access-control-allow-origin * x-ms-request-id 237ec1db-b01e-0014-540d-2e5a6d000000 cache-control public, max-age=900, immutable x-ms-version 2014-02-14 accept-ranges bytes cf-ray 83c4b63ee9959237-FRA
GET H2	200	icon-instagram.png landingpages.kaizengaming.com/de-sport/ Frame 439A	2 KB 2 KB	52ms 49ms	Image image/png	2606:4700:4400::6812:28b3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://landingpages.kaizengaming.com/de-sport/icon-instagram.png Requested by Host: promos.betano.de URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_764b_2931c_SNAABOYMSFBAADE&utm_medium=431&utm_source=2&siteid=764 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::6812:28b3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f5e7a155078e632cfbebf8f8aaee8ea5edd6fb350cdbcd61c227736fe374cdaf Request headers accept-language de-DE,de;q=0.9 Referer https://promos.betano.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Wed, 27 Dec 2023 21:38:41 GMT cf-cache-status HIT content-md5 AUubypnMN2JeRlPkf9zpnQ== age 161 content-length 2235 x-ms-lease-state available x-ms-lease-status unlocked last-modified Mon, 30 Oct 2023 17:20:44 GMT server cloudflare etag "0x8DBD96C8CCF217C" vary Accept-Encoding content-type image/png access-control-allow-origin * x-ms-request-id b0b87d76-a01e-0037-3bed-15c0ae000000 cache-control public, max-age=900, immutable x-ms-version 2014-02-14 accept-ranges bytes cf-ray 83c4b63ee9969237-FRA
GET H2	200	icon-facebook.png landingpages.kaizengaming.com/de-sport/ Frame 439A	1 KB 2 KB	43ms 39ms	Image image/png	2606:4700:4400::6812:28b3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://landingpages.kaizengaming.com/de-sport/icon-facebook.png Requested by Host: promos.betano.de URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_764b_2931c_SNAABOYMSFBAADE&utm_medium=431&utm_source=2&siteid=764 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::6812:28b3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 83b71ec4344fb3116e6ed880f9d1ba1bb3520f6e6445adce7fda816a68e75ffc Request headers accept-language de-DE,de;q=0.9 Referer https://promos.betano.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Wed, 27 Dec 2023 21:38:41 GMT cf-cache-status HIT content-md5 DmyyMSlBYTT52o9Zn45TeA== age 778 content-length 1446 x-ms-lease-state available x-ms-lease-status unlocked last-modified Mon, 30 Oct 2023 17:20:44 GMT server cloudflare etag "0x8DBD96C8CC22B17" vary Accept-Encoding content-type image/png access-control-allow-origin * x-ms-request-id c5a90ede-001e-002e-7dfa-274015000000 cache-control public, max-age=900, immutable x-ms-version 2014-02-14 accept-ranges bytes cf-ray 83c4b63ee9979237-FRA
GET H2	200	icon-youtube.png landingpages.kaizengaming.com/de-sport/ Frame 439A	2 KB 2 KB	61ms 58ms	Image image/png	2606:4700:4400::6812:28b3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://landingpages.kaizengaming.com/de-sport/icon-youtube.png Requested by Host: promos.betano.de URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_764b_2931c_SNAABOYMSFBAADE&utm_medium=431&utm_source=2&siteid=764 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::6812:28b3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c29b70533eedd12590ae5c9cf58d6e95063f4f23ef666343e5ba6bf602b62e75 Request headers accept-language de-DE,de;q=0.9 Referer https://promos.betano.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Wed, 27 Dec 2023 21:38:41 GMT cf-cache-status HIT content-md5 Io37aBC4ERo7T8rJ2LvIeQ== age 305 content-length 1674 x-ms-lease-state available x-ms-lease-status unlocked last-modified Mon, 30 Oct 2023 17:20:44 GMT server cloudflare etag "0x8DBD96C8CEF9CFC" vary Accept-Encoding content-type image/png access-control-allow-origin * x-ms-request-id e240fddc-201e-0006-42b0-1621bd000000 cache-control public, max-age=900, immutable x-ms-version 2014-02-14 accept-ranges bytes cf-ray 83c4b63ee9989237-FRA
GET H2	200	icon-linkedin.png landingpages.kaizengaming.com/de-sport/ Frame 439A	2 KB 2 KB	61ms 58ms	Image image/png	2606:4700:4400::6812:28b3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://landingpages.kaizengaming.com/de-sport/icon-linkedin.png Requested by Host: promos.betano.de URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_764b_2931c_SNAABOYMSFBAADE&utm_medium=431&utm_source=2&siteid=764 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::6812:28b3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b65aa9d90fcec9cf44a72ddccfa72e53a10784427249050194b4c5bad3dddc03 Request headers accept-language de-DE,de;q=0.9 Referer https://promos.betano.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Wed, 27 Dec 2023 21:38:41 GMT cf-cache-status HIT content-md5 T9Bl2/9ajIjSJ/Oj1zQkFw== age 161 content-length 1615 x-ms-lease-state available x-ms-lease-status unlocked last-modified Mon, 30 Oct 2023 17:20:44 GMT server cloudflare etag "0x8DBD96C8CDD502F" vary Accept-Encoding content-type image/png access-control-allow-origin * x-ms-request-id 5fce3479-b01e-0076-028e-22984a000000 cache-control public, max-age=900, immutable x-ms-version 2014-02-14 accept-ranges bytes cf-ray 83c4b63ee9999237-FRA
GET H2	200	64ee070c262380ef28e936b2 Show response visuals.kaizengaming.com/a/ Frame 90E1	64 KB 21 KB	51ms 51ms	Script application/javascript	2606:4700:4400::ac40:934d CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://visuals.kaizengaming.com/a/64ee070c262380ef28e936b2?did=5dfcfbaa9ed3c30001234cf0&deeplink=on&preload=off&responsive=on&background=Transparent&a=64ee070c262380ef28e936b2&redirecturl=&container=.creative Requested by Host: visuals.kaizengaming.com URL: https://visuals.kaizengaming.com/scripts/iframe?did=5dfcfbaa9ed3c30001234cf0&deeplink=on&preload=off&responsive=on&background=Transparent&a=64ee070c262380ef28e936b2&redirecturl= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 841fb12bda2901d5ff4479a2ad11317c213838cfc2afc21236c12301ace03625 Request headers accept-language de-DE,de;q=0.9 Referer https://visuals.kaizengaming.com/scripts/iframe?did=5dfcfbaa9ed3c30001234cf0&deeplink=on&preload=off&responsive=on&background=Transparent&a=64ee070c262380ef28e936b2&redirecturl= User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Wed, 27 Dec 2023 21:38:41 GMT content-encoding gzip cf-cache-status DYNAMIC server cloudflare content-type application/javascript cache-control public, s-maxage=10 cf-ray 83c4b63ef808bb85-FRA request-context appId=cid-v1:1a5f66bd-0229-467a-a946-b3753e659ecb
GET H2	200	/ Show response track.adform.net/Serving/TrackPoint/ Frame 439A Redirect Chain https://s2.adform.net/Serving/TrackPoint/?pm=2776363&ADFPageName=betano.de%7CSportsbook&ADFdivider=%7C&ord=693865658226&ADFtpmode=2&itm=eyJ2YXIxIjoidW5kZWZpbmVkIn0&loc=https%3A%2F%2Fpromos.betano.d... https://track.adform.net/Serving/TrackPoint/?pm=2776363&ADFPageName=betano.de%7CSportsbook&ADFdivider=%7C&ord=693865658226&ADFtpmode=2&itm=eyJ2YXIxIjoidW5kZWZpbmVkIn0&loc=https%3A%2F%2Fpromos.betan... https://track.adform.net/Serving/TrackPoint/?CC=1&pm=2776363&ADFPageName=betano.de%7CSportsbook&ADFdivider=%7C&ord=693865658226&ADFtpmode=2&itm=eyJ2YXIxIjoidW5kZWZpbmVkIn0&loc=https%3A%2F%2Fpromos....	121 B 723 B	25ms 25ms	Script text/javascript	37.157.3.20 ADFORM
General Check archive.org Show headers Download Go to Full URL https://track.adform.net/Serving/TrackPoint/?CC=1&pm=2776363&ADFPageName=betano.de%7CSportsbook&ADFdivider=%7C&ord=693865658226&ADFtpmode=2&itm=eyJ2YXIxIjoidW5kZWZpbmVkIn0&loc=https%3A%2F%2Fpromos.betano.de%2Fwillkommenspaket%2Findex.html%3Fbtag%3Da_764b_2931c_SNAABOYMSFBAADE%26utm_medium%3D431%26utm_source%3D2%26siteid%3D764&CPref=https%3A%2F%2Flp.cleverwebserver.com%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24 Requested by Host: promos.betano.de URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_764b_2931c_SNAABOYMSFBAADE&utm_medium=431&utm_source=2&siteid=764 Protocol H2 Server 37.157.3.20 , Denmark, ASN198622 (ADFORM, DK), Reverse DNS Software nginx / Resource Hash 9d1d32f6fd1ed2900029c8afdf804a635950357b2c472d542333a1f6e4aa123e Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://promos.betano.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers pragma no-cache date Wed, 27 Dec 2023 21:38:41 GMT content-encoding gzip strict-transport-security max-age=31536000; includeSubDomains server nginx accept-ch Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version vary Accept-Encoding content-type text/javascript; charset=utf-8 access-control-allow-origin * p3p CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT" cache-control no-cache, no-store, must-revalidate, no-transform content-length 194 expires -1 Redirect headers pragma no-cache date Wed, 27 Dec 2023 21:38:41 GMT strict-transport-security max-age=31536000; includeSubDomains server nginx accept-ch Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version content-type text/html; charset=utf-8 location https://track.adform.net/Serving/TrackPoint/?CC=1&pm=2776363&ADFPageName=betano.de%7CSportsbook&ADFdivider=%7C&ord=693865658226&ADFtpmode=2&itm=eyJ2YXIxIjoidW5kZWZpbmVkIn0&loc=https%3A%2F%2Fpromos.betano.de%2Fwillkommenspaket%2Findex.html%3Fbtag%3Da_764b_2931c_SNAABOYMSFBAADE%26utm_medium%3D431%26utm_source%3D2%26siteid%3D764&CPref=https%3A%2F%2Flp.cleverwebserver.com%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24 access-control-allow-origin * p3p CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT" cache-control no-cache, no-store, must-revalidate, no-transform expires -1
GET H2	200	/ Show response track.adform.net/Serving/TrackPoint/ Frame 439A Redirect Chain https://track.adform.net/Serving/TrackPoint/?pm=2776363&ADFPageName=DE%20Affilaite%20Remarketing&ADFdivider=%7C&ord=592639105877&ADFtpmode=2&loc=https%3A%2F%2Fpromos.betano.de%2Fwillkommenspaket%2F... https://track.adform.net/Serving/TrackPoint/?CC=1&pm=2776363&ADFPageName=DE%20Affilaite%20Remarketing&ADFdivider=%7C&ord=592639105877&ADFtpmode=2&loc=https%3A%2F%2Fpromos.betano.de%2Fwillkommenspak...	125 B 726 B	25ms 24ms	Script text/javascript	37.157.3.20 ADFORM
General Check archive.org Show headers Download Go to Full URL https://track.adform.net/Serving/TrackPoint/?CC=1&pm=2776363&ADFPageName=DE%20Affilaite%20Remarketing&ADFdivider=%7C&ord=592639105877&ADFtpmode=2&loc=https%3A%2F%2Fpromos.betano.de%2Fwillkommenspaket%2Findex.html%3Fbtag%3Da_764b_2931c_SNAABOYMSFBAADE%26utm_medium%3D431%26utm_source%3D2%26siteid%3D764&CPref=https%3A%2F%2Flp.cleverwebserver.com%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24 Requested by Host: promos.betano.de URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_764b_2931c_SNAABOYMSFBAADE&utm_medium=431&utm_source=2&siteid=764 Protocol H2 Server 37.157.3.20 , Denmark, ASN198622 (ADFORM, DK), Reverse DNS Software nginx / Resource Hash fabdfc96498ef947e3b5cd8084d0cc9280886a8b549a047fc576342407f34850 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://promos.betano.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers pragma no-cache date Wed, 27 Dec 2023 21:38:41 GMT content-encoding gzip strict-transport-security max-age=31536000; includeSubDomains server nginx accept-ch Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version vary Accept-Encoding content-type text/javascript; charset=utf-8 access-control-allow-origin * p3p CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT" cache-control no-cache, no-store, must-revalidate, no-transform content-length 196 expires -1 Redirect headers pragma no-cache date Wed, 27 Dec 2023 21:38:41 GMT strict-transport-security max-age=31536000; includeSubDomains server nginx accept-ch Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version content-type text/html; charset=utf-8 location https://track.adform.net/Serving/TrackPoint/?CC=1&pm=2776363&ADFPageName=DE%20Affilaite%20Remarketing&ADFdivider=%7C&ord=592639105877&ADFtpmode=2&loc=https%3A%2F%2Fpromos.betano.de%2Fwillkommenspaket%2Findex.html%3Fbtag%3Da_764b_2931c_SNAABOYMSFBAADE%26utm_medium%3D431%26utm_source%3D2%26siteid%3D764&CPref=https%3A%2F%2Flp.cleverwebserver.com%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24 access-control-allow-origin * p3p CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT" cache-control no-cache, no-store, must-revalidate, no-transform expires -1
GET H2	200	main.js Show response visuals.kaizengaming.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/74bd6362/ Frame 3823 Redirect Chain https://visuals.kaizengaming.com/cdn-cgi/challenge-platform/scripts/jsd/main.js https://visuals.kaizengaming.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/74bd6362/main.js	7 KB 4 KB	25ms 24ms	Script application/javascript	2606:4700:4400::ac40:934d CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://visuals.kaizengaming.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/74bd6362/main.js Requested by Host: visuals.kaizengaming.com URL: https://visuals.kaizengaming.com/scripts/iframe?did=5dfcfbaa9ed3c30001234cf0&deeplink=on&preload=off&responsive=on&background=Transparent&a=64ee070c262380ef28e936b2&redirecturl= Protocol H2 Server 2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3130ca8ae0aa4076b7c0c1944ddc7d5ef05c58b84f1ee462ca26ba27998927ab Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Wed, 27 Dec 2023 21:38:41 GMT content-encoding gzip x-content-type-options nosniff server cloudflare vary accept-encoding content-type application/javascript; charset=UTF-8 cache-control max-age=14400, public cf-ray 83c4b63f6896bb85-FRA Redirect headers date Wed, 27 Dec 2023 21:38:41 GMT content-encoding gzip server cloudflare vary accept-encoding location /cdn-cgi/challenge-platform/h/g/scripts/jsd/74bd6362/main.js access-control-allow-origin * cache-control max-age=300, public cf-ray 83c4b63f3864bb85-FRA
GET H2	200	vendor-list-novary.json.php Show response etargetcdn.com/gdpr/tcfv2/	370 KB 50 KB	42ms 24ms	XHR application/json	2606:4700:20::681a:6d9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://etargetcdn.com/gdpr/tcfv2/vendor-list-novary.json.php Requested by Host: sk.search.etargetnet.com URL: https://sk.search.etargetnet.com/gdpr/gdpr.js.php?ecmp=3&apionly=1&t=1231127 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:6d9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 78ffb0193d423881099abcf555be62a57c351f18fe58d0d4ea7c77ec3a035cd9 Request headers accept-language de-DE,de;q=0.9 Referer https://lex.bg/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Wed, 27 Dec 2023 21:38:41 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 3327 pragma cache last-modified Wed, 27 Dec 2023 20:43:14 GMT server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=je16WpBJ5CtoxHHV%2FosT6ZveS5ikEPZNlwXUmWXkqCbYNYcPLKaBY9dracKp21HEROg120F5gXOKSjXnAkvD0EQGsUsPhIyNIfhVvctDKHV2cZBRYPCjdbdTd7kQuKcNVRP6lHpazSi9KPwG"}],"group":"cf-nel","max_age":604800} content-type application/json access-control-allow-origin * y-protected-by Bulbasaur/mblade01-01-b cache-control max-age=18000 cf-ray 83c4b63f5f518fe3-FRA expires Thu, 28 Dec 2023 01:43:14 GMT
GET H2	200	gdprV2.0.1.css etargetcdn.com/gdpr/	18 KB 4 KB	15ms 15ms	Stylesheet text/css	2606:4700:20::681a:6d9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://etargetcdn.com/gdpr/gdprV2.0.1.css Requested by Host: sk.search.etargetnet.com URL: https://sk.search.etargetnet.com/gdpr/gdpr.js.php?ecmp=3&apionly=1&t=1231127 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:6d9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 898f4187201405af9e3544e77b455bf06592d8b6f8438ec0d91759fab4056127 Request headers accept-language de-DE,de;q=0.9 Referer https://lex.bg/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Wed, 27 Dec 2023 21:38:41 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 61631 cf-polished origSize=23934 pragma cache cf-bgj minify last-modified Wed, 19 Jan 2022 15:02:59 GMT server cloudflare etag W/"61e82823-5d7e" vary Accept-Encoding, Origin access-control-allow-methods GET, POST, OPTIONS content-type text/css access-control-allow-origin * report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6GaB20%2BDCrbp2ogNy7yTZ1EeruKsSKkcx1u79H0G8riGI1wgrlDQCcS8QSe9ur4vKclIq75y1Z25RqTUVU0dpD9MtvI4wtKDhhNqLmC0N5IgDIvHla3JUCbCMu9a8lSMr6OxXx1FtotbRAYR"}],"group":"cf-nel","max_age":604800} access-control-expose-headers Content-Length,Content-Range cache-control max-age=86400 cf-ray 83c4b63f49e01c15-FRA access-control-allow-headers DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range expires Thu, 28 Dec 2023 04:31:30 GMT
POST H2	200	/ Show response api-js.datadome.co/js/ Frame 439A	230 B 408 B	65ms 9ms	XHR application/json	18.159.185.21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://api-js.datadome.co/js/ Requested by Host: dd.betano.de URL: https://dd.betano.de/tags.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.159.185.21 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-159-185-21.eu-central-1.compute.amazonaws.com Software DataDome / Resource Hash 9c678ae4ea6c2043833804bdafd0b0180559016e0c8d4a5ce5b38d36429700d0 Request headers Referer https://promos.betano.de/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Content-type application/x-www-form-urlencoded Response headers pragma no-cache date Wed, 27 Dec 2023 21:38:41 GMT server DataDome content-type application/json;charset=utf-8 access-control-allow-origin * cache-control no-cache, no-store, must-revalidate content-length 230 expires 0
GET H3	200	/ www.facebook.com/tr/ Frame 439A	0 18 B	7ms 7ms	Image text/plain	2a03:2880:f176:181:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=234568464078651&ev=PageView&dl=https%3A%2F%2Fpromos.betano.de%2Fwillkommenspaket%2Findex.html%3Fbtag%3Da_764b_2931c_SNAABOYMSFBAADE%26utm_medium%3D431%26utm_source%3D2%26siteid%3D764&rl=https%3A%2F%2Flp.cleverwebserver.com%2F&if=true&ts=1703713121186&sw=1600&sh=1200&v=2.9.138&r=stable&a=tmgoogletagmanager&ec=0&o=4126&ler=other&it=1703713121075&coo=false&rqm=GET Requested by Host: promos.betano.de URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_764b_2931c_SNAABOYMSFBAADE&utm_medium=431&utm_source=2&siteid=764 Protocol H3 Security QUIC, , AES_128_GCM Server 2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://promos.betano.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains date Wed, 27 Dec 2023 21:38:41 GMT server proxygen-bolt content-type text/plain access-control-allow-origin access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 0 priority u=3,i
GET H2	200	document.000000CF16561F.js Show response visuals.kaizengaming.com/accounts/betano-stoiximan/5e3174ae9562931f344ad1a5/published/5643592/7988958/ Frame 90E1	177 KB 27 KB	31ms 31ms	Script application/javascript	2606:4700:4400::ac40:934d CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://visuals.kaizengaming.com/accounts/betano-stoiximan/5e3174ae9562931f344ad1a5/published/5643592/7988958/document.000000CF16561F.js Requested by Host: visuals.kaizengaming.com URL: https://visuals.kaizengaming.com/a/64ee070c262380ef28e936b2?did=5dfcfbaa9ed3c30001234cf0&deeplink=on&preload=off&responsive=on&background=Transparent&a=64ee070c262380ef28e936b2&redirecturl=&container=.creative Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 09487307b29147d8a84d33e3a8bfff43d9da2260bfb39b8cf4ca75a32b239ff7 Request headers accept-language de-DE,de;q=0.9 Referer https://visuals.kaizengaming.com/scripts/iframe?did=5dfcfbaa9ed3c30001234cf0&deeplink=on&preload=off&responsive=on&background=Transparent&a=64ee070c262380ef28e936b2&redirecturl= User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Wed, 27 Dec 2023 21:38:41 GMT content-encoding gzip cf-cache-status HIT content-md5 rIrlDQ43Y2HScKgRpGejWA== age 382 x-ms-lease-status unlocked last-modified Thu, 16 Nov 2023 15:35:17 GMT server cloudflare etag W/"0x8DBE6B9A2912048" vary Accept-Encoding content-type application/javascript access-control-allow-origin * x-ms-request-id c9838507-601e-0039-423e-232ecf000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding cache-control public, max-age=31536000 x-ms-version 2011-08-18 cf-ray 83c4b63f78abbb85-FRA expires Thu, 26 Dec 2024 21:32:19 GMT
GET H2	200	animated-creative.381532d5d5de3962867f.js Show response visuals.kaizengaming.com/scripts/ Frame 90E1	156 KB 53 KB	36ms 35ms	Script application/javascript	2606:4700:4400::ac40:934d CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://visuals.kaizengaming.com/scripts/animated-creative.381532d5d5de3962867f.js Requested by Host: visuals.kaizengaming.com URL: https://visuals.kaizengaming.com/a/64ee070c262380ef28e936b2?did=5dfcfbaa9ed3c30001234cf0&deeplink=on&preload=off&responsive=on&background=Transparent&a=64ee070c262380ef28e936b2&redirecturl=&container=.creative Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash dc9005440b3e7c7663e35ea9a5654e1895509c8e9b0712f3902881aebf706c89 Request headers accept-language de-DE,de;q=0.9 Referer https://visuals.kaizengaming.com/scripts/iframe?did=5dfcfbaa9ed3c30001234cf0&deeplink=on&preload=off&responsive=on&background=Transparent&a=64ee070c262380ef28e936b2&redirecturl= User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Wed, 27 Dec 2023 21:38:41 GMT content-encoding gzip cf-cache-status HIT content-md5 7/+J+TpFL/6K7/yG6MNwEg== age 253 x-ms-lease-status unlocked last-modified Tue, 14 Nov 2023 09:16:12 GMT server cloudflare etag W/"0x8DBE4F258FA183A" vary Accept-Encoding content-type application/javascript access-control-allow-origin * x-ms-request-id 6e8929de-301e-0046-7416-17e154000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding cache-control public, max-age=31536000 x-ms-version 2011-08-18 cf-ray 83c4b63f78acbb85-FRA expires Thu, 26 Dec 2024 21:34:28 GMT
GET H2	200	purposes-novary.json.php Show response etargetcdn.com/gdpr/tcfv2/	33 KB 5 KB	15ms 15ms	XHR application/json	2606:4700:20::681a:6d9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://etargetcdn.com/gdpr/tcfv2/purposes-novary.json.php?l=sk Requested by Host: sk.search.etargetnet.com URL: https://sk.search.etargetnet.com/gdpr/gdpr.js.php?ecmp=3&apionly=1&t=1231127 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:6d9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6cdad7bb3de177e9f3d9529d1d737ca642f30c80cd4f8e85bcf7169f6c8c45f0 Request headers accept-language de-DE,de;q=0.9 Referer https://lex.bg/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Wed, 27 Dec 2023 21:38:41 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 3327 pragma cache last-modified Wed, 27 Dec 2023 20:43:14 GMT server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DVz5KDEHYZMPM%2BOkY0JxIEtEOvaOyLFrt35y%2FkqHdERvRK7gwnO4VCzt4U3QARyDrqgWEvUwQoL8p7RdTlk31vMXeeAjyMj9GHs%2BkH1rIVpzYTI2yydmQ12c4qKp2gtUCb0tZRraauacRFoX"}],"group":"cf-nel","max_age":604800} content-type application/json access-control-allow-origin * y-protected-by Bulbasaur/mblade01-01-b cache-control max-age=18000 cf-ray 83c4b63f9f798fe3-FRA expires Thu, 28 Dec 2023 01:43:14 GMT
POST H2	200	83c4b63e1f3cbb85 Show response visuals.kaizengaming.com/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame 3823	0 253 B	38ms 38ms	XHR text/plain	2606:4700:4400::ac40:934d CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://visuals.kaizengaming.com/cdn-cgi/challenge-platform/h/g/jsd/r/83c4b63e1f3cbb85 Requested by Host: visuals.kaizengaming.com URL: https://visuals.kaizengaming.com/cdn-cgi/challenge-platform/scripts/jsd/main.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Content-Type application/json Response headers date Wed, 27 Dec 2023 21:38:41 GMT content-encoding gzip server cloudflare cf-ray 83c4b63fe92bbb85-FRA content-type text/plain; charset=UTF-8
POST H2	200	p tr6.snapchat.com/ Frame 439A	0 42 B	55ms 18ms	Ping text/plain	35.190.43.134 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tr6.snapchat.com/p Requested by Host: sc-static.net URL: https://sc-static.net/scevent.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 134.43.190.35.bc.googleusercontent.com Software API Gateway / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains Request headers Referer https://promos.betano.de/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers date Wed, 27 Dec 2023 21:38:41 GMT strict-transport-security max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains x-envoy-upstream-service-time 0 via 1.1 google server API Gateway alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0
GET H2	200	1x1.gif a.mgid.com/ Frame 439A	43 B 107 B	127ms 127ms	Image image/gif	2606:4700:1::6813:854c CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://a.mgid.com/1x1.gif?id=714661&type=c&tg=&r=https%3A%2F%2Flp.cleverwebserver.com%2F&nv=0&clid=&d=1703713121351 Requested by Host: promos.betano.de URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_764b_2931c_SNAABOYMSFBAADE&utm_medium=431&utm_source=2&siteid=764 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:1::6813:854c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://promos.betano.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Wed, 27 Dec 2023 21:38:41 GMT strict-transport-security max-age=15552000; includeSubDomains; preload cf-cache-status DYNAMIC server cloudflare content-type image/gif cf-ray 83c4b640794ac31e-VIE alt-svc h3=":443"; ma=86400 content-length 43
GET H/1.1	200 OK	consent.php Show response sk.search.etargetnet.com/	0 2 KB	22ms 18ms	XHR text/html	195.168.10.172 AS-BENESTRA Brati...
General Check archive.org Show headers Download Go to Full URL https://sk.search.etargetnet.com/consent.php?findCookie=1&cookieName=euconsent-v2&_=1703713121372 Requested by Host: sk.search.etargetnet.com URL: https://sk.search.etargetnet.com/gdpr/gdpr.js.php?ecmp=3&apionly=1&t=1231127 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 195.168.10.172 Žilina, Slovakia, ASN5578 (AS-BENESTRA Bratislava, Slovak Republic, SK), Reverse DNS a44.etarget.sh.cust.gts.sk Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept */* Referer https://lex.bg/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers Date Wed, 27 Dec 2023 21:38:41 GMT Content-Encoding gzip Server nginx Transfer-Encoding chunked Vary Accept-Encoding Content-Type text/html; charset=UTF-8 access-control-allow-origin https://lex.bg Y-Protected-By Bulbasaur/blade2-06.etarget.sk X-Protected-By Bee/0.66 access-control-allow-credentials true P3P CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM", policyref="/w3c/p3p.xml" Connection keep-alive
GET DATA	200 OK	truncated / Frame 90E1	66 B 0		Image image/webp
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash b71c20271d9c80d1a71aa0ab9935281c4fa8ac404533f1a0747d7fb03fc68e79 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers Content-Type image/webp
GET BLOB	200 OK	b8e805a4-153b-4459-95a4-68d71c919171 Show response https://visuals.kaizengaming.com/ Frame E1CA	668 B 0		Script text/plain
General Check archive.org Show headers Download Go to Full URL blob:https://visuals.kaizengaming.com/b8e805a4-153b-4459-95a4-68d71c919171 Requested by Host: visuals.kaizengaming.com URL: https://visuals.kaizengaming.com/scripts/animated-creative.381532d5d5de3962867f.js Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash cda3c421b62828768ee2741a35bef36bcfdb1199ee3eb987269f7d1ce2dd8876 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers Content-Length 668 Content-Type
GET H3	200	like_box.php Show response www.facebook.com/plugins/ Frame 9C7F	100 KB 25 KB	861ms 861ms	Document text/html	2a03:2880:f176:181:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://www.facebook.com/plugins/like_box.php?app_id=105231989568955&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df34779b60c6df3c%26domain%3Dlex.bg%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Flex.bg%252Ff2ac97390d1f60c%26relation%3Dparent.parent&container_width=0&header=true&href=https%3A%2F%2Fwww.facebook.com%2F%23!%2Fpages%2FLEXBG-%25D0%2591%25D1%258A%25D0%25BB%25D0%25B3%25D0%25B0%25D1%2580%25D1%2581%25D0%25BA%25D0%25B8%25D1%258F%25D1%2582-%25D0%25BF%25D1%2580%25D0%25B0%25D0%25B2%25D0%25B5%25D0%25BD-%25D0%25BF%25D0%25BE%25D1%2580%25D1%2582%25D0%25B0%25D0%25BB%2F252700991422690&locale=bg_BG&sdk=joey&show_faces=true&stream=false&width=300 Requested by Host: connect.facebook.net URL: https://connect.facebook.net/bg_BG/all.js?hash=0059be339fb3d7f8f7edee928aee7ee5 Protocol H3 Security QUIC, , AES_128_GCM Server 2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 300e45d2007e493d15609787e93d194bbe224009e62aea96537044d09f67f336 Security Headers Name Value Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests; Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://lex.bg/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=86400 cache-control private, no-cache, no-store, must-revalidate content-encoding br content-security-policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests; content-type text/html; charset="utf-8" cross-origin-opener-policy unsafe-none cross-origin-resource-policy cross-origin date Wed, 27 Dec 2023 21:38:42 GMT document-policy force-load-at-top expires Sat, 01 Jan 2000 00:00:00 GMT origin-agent-cluster ?0 permissions-policy accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), usb=(), window-management=() permissions-policy-report-only autoplay=(), clipboard-read=(), clipboard-write=(), encrypted-media=(), fullscreen=(), keyboard-map=() pragma no-cache priority u=0,i report-to {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]} reporting-endpoints default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown" strict-transport-security max-age=15552000; preload vary Accept-Encoding x-content-type-options nosniff x-fb-debug uXoYOww+81iFOCcRGeS63myocBhAZkzAleKt/Db+XQ9PyjrS/69cp08io/IJFTzJMcOMOgScfiMnYo+tnv/sCg== x-xss-protection 0
GET H3	200	sodar Show response pagead2.googlesyndication.com/getconfig/	16 KB 12 KB	72ms 55ms	XHR application/json	2a00:1450:4001:827::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231207&st=env Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9092264232006105&plah=lex.bg Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 96ad90a9d2c2b373a3f19b62144683ccae8d5d794dc16a0842381a225e10fbc8 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://lex.bg/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Wed, 27 Dec 2023 21:38:41 GMT content-encoding br x-content-type-options nosniff server cafe content-type application/json; charset=UTF-8 access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 12164 x-xss-protection 0
POST H2	200	p tr.snapchat.com/ Frame 439A	0 89 B	27ms 17ms	Ping text/plain	35.190.43.134 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tr.snapchat.com/p Requested by Host: sc-static.net URL: https://sc-static.net/scevent.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 134.43.190.35.bc.googleusercontent.com Software API Gateway / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains Request headers Referer https://promos.betano.de/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers date Wed, 27 Dec 2023 21:38:41 GMT strict-transport-security max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains via 1.1 google server API Gateway access-control-allow-origin https://promos.betano.de x-envoy-upstream-service-time 1 access-control-allow-credentials true alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0
GET H2	200	font visuals.kaizengaming.com/fs/api/v2/ Frame 90E1	3 KB 4 KB	49ms 49ms	Font font/woff	2606:4700:4400::ac40:934d CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://visuals.kaizengaming.com/fs/api/v2/font?u=https%3A%2F%2Ffontmanagerstorage.blob.core.windows.net%2Ffontmanagerfonts%2F5e3174ae6448e1179cf13c84%2F4391e467-37b3-4742-bea0-3fd8d7724a46.woff&t=%20EGIJNRSTZ Requested by Host: visuals.kaizengaming.com URL: https://visuals.kaizengaming.com/scripts/iframe?did=5dfcfbaa9ed3c30001234cf0&deeplink=on&preload=off&responsive=on&background=Transparent&a=64ee070c262380ef28e936b2&redirecturl= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a50b065df4d7ee3fbe889d4c15bbb2e39d8d59c83ce9fd4833ab2327ae62f805 Request headers Referer https://visuals.kaizengaming.com/scripts/iframe?did=5dfcfbaa9ed3c30001234cf0&deeplink=on&preload=off&responsive=on&background=Transparent&a=64ee070c262380ef28e936b2&redirecturl= Origin https://visuals.kaizengaming.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Wed, 27 Dec 2023 21:38:41 GMT cf-cache-status DYNAMIC last-modified Wed, 13 Dec 2023 09:37:59 GMT server cloudflare age 1252842 vary Accept-Encoding content-type font/woff access-control-allow-origin * cache-control public, max-age=31536000 content-disposition attachment; filename=4391e467-37b3-4742-bea0-3fd8d7724a46-subset.woff cf-ray 83c4b6416ae0bb85-FRA expires Thu, 26 Dec 2024 21:38:41 GMT
GET H2	200	font visuals.kaizengaming.com/fs/api/v2/ Frame 90E1	17 KB 17 KB	38ms 38ms	Font font/woff	2606:4700:4400::ac40:934d CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://visuals.kaizengaming.com/fs/api/v2/font?u=https%3A%2F%2Ffontmanagerstorage.blob.core.windows.net%2Ffontmanagerfonts%2F5e3174ae6448e1179cf13c84%2F043e3f84-365c-4321-9c90-7c1294855724.woff&t=%2008ACDEHILNSTVabcdefghilnorstuz%E2%82%AC Requested by Host: visuals.kaizengaming.com URL: https://visuals.kaizengaming.com/scripts/iframe?did=5dfcfbaa9ed3c30001234cf0&deeplink=on&preload=off&responsive=on&background=Transparent&a=64ee070c262380ef28e936b2&redirecturl= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a4dd89387992419864e50bf1f29d3e22e07aa7412dc9e1529aa38b5dd149e616 Request headers Referer https://visuals.kaizengaming.com/scripts/iframe?did=5dfcfbaa9ed3c30001234cf0&deeplink=on&preload=off&responsive=on&background=Transparent&a=64ee070c262380ef28e936b2&redirecturl= Origin https://visuals.kaizengaming.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Wed, 27 Dec 2023 21:38:41 GMT cf-cache-status DYNAMIC last-modified Wed, 13 Dec 2023 09:36:59 GMT server cloudflare age 1252902 vary Accept-Encoding content-type font/woff access-control-allow-origin * cache-control public, max-age=31536000 content-disposition attachment; filename=043e3f84-365c-4321-9c90-7c1294855724-subset.woff cf-ray 83c4b641bb46bb85-FRA expires Thu, 26 Dec 2024 21:38:41 GMT
GET H2	200	sodar2.js Show response tpc.googlesyndication.com/sodar/	17 KB 7 KB	59ms 31ms	Script text/javascript	2a00:1450:4001:81c::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2.js Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9092264232006105&plah=lex.bg Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://lex.bg/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Wed, 27 Dec 2023 21:38:41 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 6386 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" etag "1637097310169751" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Wed, 27 Dec 2023 21:38:41 GMT
GET H2	200	font visuals.kaizengaming.com/fs/api/v2/ Frame 90E1	6 KB 6 KB	51ms 51ms	Font font/woff	2606:4700:4400::ac40:934d CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://visuals.kaizengaming.com/fs/api/v2/font?u=https%3A%2F%2Ffontmanagerstorage.blob.core.windows.net%2Ffontmanagerfonts%2F5e3174ae6448e1179cf13c84%2Fb2261d2b-270d-4a56-995b-9f25df05ffcd.woff&t=%20%25-012ABEFINORSTUW%E2%82%AC Requested by Host: visuals.kaizengaming.com URL: https://visuals.kaizengaming.com/scripts/iframe?did=5dfcfbaa9ed3c30001234cf0&deeplink=on&preload=off&responsive=on&background=Transparent&a=64ee070c262380ef28e936b2&redirecturl= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ed8230440351e27c7247509b0dcc4858a708b8ec8bb5e4abec8a2c0cac5f2729 Request headers Referer https://visuals.kaizengaming.com/scripts/iframe?did=5dfcfbaa9ed3c30001234cf0&deeplink=on&preload=off&responsive=on&background=Transparent&a=64ee070c262380ef28e936b2&redirecturl= Origin https://visuals.kaizengaming.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Wed, 27 Dec 2023 21:38:41 GMT cf-cache-status DYNAMIC last-modified Wed, 13 Dec 2023 09:37:59 GMT server cloudflare age 1252842 vary Accept-Encoding content-type font/woff access-control-allow-origin * cache-control public, max-age=31536000 content-disposition attachment; filename=b2261d2b-270d-4a56-995b-9f25df05ffcd-subset.woff cf-ray 83c4b641fb95bb85-FRA expires Thu, 26 Dec 2024 21:38:41 GMT
GET H2	200	runner.html Show response tpc.googlesyndication.com/sodar/sodar2/225/ Frame 77A1	13 KB 5 KB	8ms 7ms	Document text/html	2a00:1450:4001:81c::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://lex.bg/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes age 2254 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=31536000 content-encoding gzip content-length 5046 content-type text/html cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" cross-origin-resource-policy cross-origin date Wed, 27 Dec 2023 21:01:07 GMT expires Thu, 26 Dec 2024 21:01:07 GMT last-modified Mon, 21 Jun 2021 20:47:05 GMT report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} server sffe vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H2	200	aframe Show response www.google.com/recaptcha/api2/ Frame D8A0	829 B 983 B	18ms 18ms	Document text/html	2a00:1450:4001:828::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/aframe Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash e4f99e813999c9f3b3051dd9b0e3732032070ae696d30173e599ca8fbdf1b6c0 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-hFaZmkwtBb4MZUN-4qPHLQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://lex.bg/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private, max-age=300 content-encoding gzip content-security-policy script-src 'report-sample' 'nonce-hFaZmkwtBb4MZUN-4qPHLQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Wed, 27 Dec 2023 21:38:41 GMT expires Wed, 27 Dec 2023 21:38:41 GMT report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} server GSE x-content-type-options nosniff x-xss-protection 1; mode=block
GET H3	200	Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response pagead2.googlesyndication.com/bg/ Frame 77A1	39 KB 15 KB	8ms 7ms	Script text/javascript	2a00:1450:4001:827::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Wed, 27 Dec 2023 15:53:38 GMT content-encoding br x-content-type-options nosniff age 20703 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15165 x-xss-protection 0 last-modified Tue, 28 Nov 2023 18:18:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Thu, 26 Dec 2024 15:53:38 GMT
GET H2	200	font visuals.kaizengaming.com/fs/api/v2/ Frame 90E1	5 KB 5 KB	34ms 34ms	Font font/woff	2606:4700:4400::ac40:934d CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://visuals.kaizengaming.com/fs/api/v2/font?u=https%3A%2F%2Ffontmanagerstorage.blob.core.windows.net%2Ffontmanagerfonts%2F5e3174ae6448e1179cf13c84%2F0ff439d2-b12a-430f-bbee-4de7ec22a2af.woff&t=%20ACDEHIKLMNOPRSTW Requested by Host: visuals.kaizengaming.com URL: https://visuals.kaizengaming.com/scripts/iframe?did=5dfcfbaa9ed3c30001234cf0&deeplink=on&preload=off&responsive=on&background=Transparent&a=64ee070c262380ef28e936b2&redirecturl= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ee0066d02ce3fd17cc9efd7f72db4018331e504813fe561918ab85b65318f795 Request headers Referer https://visuals.kaizengaming.com/scripts/iframe?did=5dfcfbaa9ed3c30001234cf0&deeplink=on&preload=off&responsive=on&background=Transparent&a=64ee070c262380ef28e936b2&redirecturl= Origin https://visuals.kaizengaming.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Wed, 27 Dec 2023 21:38:41 GMT cf-cache-status DYNAMIC last-modified Wed, 13 Dec 2023 09:38:00 GMT server cloudflare age 1252841 vary Accept-Encoding content-type font/woff access-control-allow-origin * cache-control public, max-age=31536000 content-disposition attachment; filename=0ff439d2-b12a-430f-bbee-4de7ec22a2af-subset.woff cf-ray 83c4b6425bf3bb85-FRA expires Thu, 26 Dec 2024 21:38:41 GMT
GET H3	204	sodar pagead2.googlesyndication.com/pagead/ Frame D8A0	0 0	41ms 41ms	Image text/html	2a00:1450:4001:827::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231207&jk=3627459136676389&rc= Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers
GET H2	200	optimize visuals.kaizengaming.com/io/api/image/ Frame F25F	334 KB 334 KB	45ms 40ms	Image image/webp	2606:4700:4400::ac40:934d CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://visuals.kaizengaming.com/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fbetano-stoiximan%2F5e3174ae9562931f344ad1a5%2Fimages%2F3cca6a95-2ccc-4b24-b704-2a20f97d11af.jpg&w=1213&h=1765&q=99&f=webp&rt=contain Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c12b04b2276fa80a6649200e12ec4e78f3fb11bf0e21d2d2c6a215cdde0b3dcf Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers request-context appId=cid-v1:aa2d0cc3-fd7d-4ac0-80ca-1db03d937ce1 date Wed, 27 Dec 2023 21:38:41 GMT cf-cache-status DYNAMIC last-modified Tue, 26 Dec 2023 23:34:41 GMT api-supported-versions 2.0 server cloudflare age 79440 vary Accept-Encoding content-type image/webp cache-control public, max-age=86400 accept-ranges bytes cf-ray 83c4b6436d84bb85-FRA content-length 341852 expires Thu, 28 Dec 2023 21:38:41 GMT
GET H2	200	optimize visuals.kaizengaming.com/io/api/image/ Frame F25F	56 KB 56 KB	55ms 49ms	Image image/webp	2606:4700:4400::ac40:934d CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://visuals.kaizengaming.com/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fbetano-stoiximan%2F5e3174ae9562931f344ad1a5%2Fimages%2Fe77d9c26-6f64-4321-aa40-30bf97eaa85e.png&w=264&h=327&q=99&f=webp&rt=contain Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8fd70d02d7616b90b93fbcf03f7df1c82e387831b164f744c179721924bc5335 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers request-context appId=cid-v1:aa2d0cc3-fd7d-4ac0-80ca-1db03d937ce1 date Wed, 27 Dec 2023 21:38:41 GMT cf-cache-status DYNAMIC last-modified Wed, 27 Dec 2023 00:44:04 GMT api-supported-versions 2.0 server cloudflare age 75277 vary Accept-Encoding content-type image/webp cache-control public, max-age=86400 accept-ranges bytes cf-ray 83c4b6436d85bb85-FRA content-length 56928 expires Thu, 28 Dec 2023 21:38:41 GMT
GET H2	200	optimize visuals.kaizengaming.com/io/api/image/ Frame F25F	30 KB 30 KB	73ms 68ms	Image image/webp	2606:4700:4400::ac40:934d CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://visuals.kaizengaming.com/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fbetano-stoiximan%2F5e3174ae9562931f344ad1a5%2Fimages%2F251cd259-6273-46b5-bbf2-d9de173c45ee.png&w=217&h=217&q=99&f=webp&rt=contain Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9a05fe1eb798dc87fa29108b3ed49352b3f891fec5732c0320f7d7c5cfeedd97 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers request-context appId=cid-v1:aa2d0cc3-fd7d-4ac0-80ca-1db03d937ce1 date Wed, 27 Dec 2023 21:38:41 GMT cf-cache-status DYNAMIC last-modified Tue, 26 Dec 2023 23:27:17 GMT api-supported-versions 2.0 server cloudflare age 79884 vary Accept-Encoding content-type image/webp cache-control public, max-age=86400 accept-ranges bytes cf-ray 83c4b6436d86bb85-FRA content-length 30628 expires Thu, 28 Dec 2023 21:38:41 GMT
GET H2	200	optimize visuals.kaizengaming.com/io/api/image/ Frame F25F	13 KB 13 KB	69ms 64ms	Image image/webp	2606:4700:4400::ac40:934d CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://visuals.kaizengaming.com/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fbetano-stoiximan%2F5e3174ae9562931f344ad1a5%2Fimages%2Fd8aa5a9f-d88c-48e4-816d-106a562da729.png&w=133&h=185&q=99&f=webp&rt=contain Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4f3a18c01abb2d09ff95420fe629d9d6962376b864a43be5321315cf5674357f Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers request-context appId=cid-v1:aa2d0cc3-fd7d-4ac0-80ca-1db03d937ce1 date Wed, 27 Dec 2023 21:38:41 GMT cf-cache-status DYNAMIC last-modified Tue, 26 Dec 2023 23:27:17 GMT api-supported-versions 2.0 server cloudflare age 79884 vary Accept-Encoding content-type image/webp cache-control public, max-age=86400 accept-ranges bytes cf-ray 83c4b6436d87bb85-FRA content-length 13040 expires Thu, 28 Dec 2023 21:38:41 GMT
GET H2	200	optimize visuals.kaizengaming.com/io/api/image/ Frame F25F	11 KB 11 KB	72ms 67ms	Image image/webp	2606:4700:4400::ac40:934d CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://visuals.kaizengaming.com/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fbetano-stoiximan%2F5e3174ae9562931f344ad1a5%2Fimages%2Fc0d9d4c9-d111-4df6-949b-4916fa35a25c.png&w=125&h=120&q=99&f=webp&rt=contain Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 044161f81ce1fac7a4fad00b81c1797ef53b6420dcb3ee5023d0ac7773e06984 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers request-context appId=cid-v1:aa2d0cc3-fd7d-4ac0-80ca-1db03d937ce1 date Wed, 27 Dec 2023 21:38:41 GMT cf-cache-status DYNAMIC last-modified Tue, 26 Dec 2023 23:27:17 GMT api-supported-versions 2.0 server cloudflare age 79884 vary Accept-Encoding content-type image/webp cache-control public, max-age=86400 accept-ranges bytes cf-ray 83c4b6436d88bb85-FRA content-length 11302 expires Thu, 28 Dec 2023 21:38:41 GMT
GET H2	200	optimize visuals.kaizengaming.com/io/api/image/ Frame F25F	6 KB 7 KB	56ms 51ms	Image image/webp	2606:4700:4400::ac40:934d CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://visuals.kaizengaming.com/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fbetano-stoiximan%2F5e3174ae9562931f344ad1a5%2Fimages%2F6fa76e81-1a2f-4336-a8b6-1baee8c06025.png&w=90&h=37&q=99&f=webp&rt=contain Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9c4474c8a08e668d7fdb8ecbfeda8bbd14f9a70424c2d4c2fdcb7f8a23538f7f Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers request-context appId=cid-v1:aa2d0cc3-fd7d-4ac0-80ca-1db03d937ce1 date Wed, 27 Dec 2023 21:38:41 GMT cf-cache-status DYNAMIC last-modified Tue, 26 Dec 2023 23:27:17 GMT api-supported-versions 2.0 server cloudflare age 79884 vary Accept-Encoding content-type image/webp cache-control public, max-age=86400 accept-ranges bytes cf-ray 83c4b6436d89bb85-FRA content-length 6620 expires Thu, 28 Dec 2023 21:38:41 GMT
GET H2	200	optimize visuals.kaizengaming.com/io/api/image/ Frame F25F	16 KB 16 KB	61ms 56ms	Image image/webp	2606:4700:4400::ac40:934d CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://visuals.kaizengaming.com/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fbetano-stoiximan%2F5e3174ae9562931f344ad1a5%2Fimages%2Ff9124f75-1c52-4bea-af06-084d845e611d.png&w=162&h=164&q=99&f=webp&rt=contain Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f198cc70c0dbefa53f75b5b8af85af5a92c12c00e727b24399a58d0f671c7426 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers request-context appId=cid-v1:aa2d0cc3-fd7d-4ac0-80ca-1db03d937ce1 date Wed, 27 Dec 2023 21:38:41 GMT cf-cache-status DYNAMIC last-modified Tue, 26 Dec 2023 23:28:50 GMT api-supported-versions 2.0 server cloudflare age 79791 vary Accept-Encoding content-type image/webp cache-control public, max-age=86400 accept-ranges bytes cf-ray 83c4b6436d8abb85-FRA content-length 16182 expires Thu, 28 Dec 2023 21:38:41 GMT
GET H2	200	optimize visuals.kaizengaming.com/io/api/image/ Frame F25F	28 KB 28 KB	55ms 50ms	Image image/webp	2606:4700:4400::ac40:934d CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://visuals.kaizengaming.com/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fbetano-stoiximan%2F5e3174ae9562931f344ad1a5%2Fimages%2Fcb9e21a8-9abc-4102-a538-be570b2404b3.png&w=356&h=254&q=99&f=webp&rt=contain Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3f7c2d68eca71c2a9797c36fd965569ae502682df8e24ddf6fa8c21f6acc3f74 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers request-context appId=cid-v1:aa2d0cc3-fd7d-4ac0-80ca-1db03d937ce1 date Wed, 27 Dec 2023 21:38:41 GMT cf-cache-status DYNAMIC last-modified Tue, 26 Dec 2023 23:28:50 GMT api-supported-versions 2.0 server cloudflare age 79791 vary Accept-Encoding content-type image/webp cache-control public, max-age=86400 accept-ranges bytes cf-ray 83c4b6436d8bbb85-FRA content-length 29032 expires Thu, 28 Dec 2023 21:38:41 GMT
GET H2	200	optimize visuals.kaizengaming.com/io/api/image/ Frame F25F	172 KB 173 KB	65ms 60ms	Image image/webp	2606:4700:4400::ac40:934d CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://visuals.kaizengaming.com/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fbetano-stoiximan%2F5e3174ae9562931f344ad1a5%2Fimages%2F532cefbc-9131-47e7-b840-a3e13b61dfe8.png&w=604&h=697&q=99&f=webp&rt=contain Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash af6634af0785dfa1f6342dc216e635ffe9dbd92feb81d0a1783fecd3b37e67ad Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers request-context appId=cid-v1:aa2d0cc3-fd7d-4ac0-80ca-1db03d937ce1 date Wed, 27 Dec 2023 21:38:41 GMT cf-cache-status DYNAMIC last-modified Tue, 26 Dec 2023 23:27:17 GMT api-supported-versions 2.0 server cloudflare age 79884 vary Accept-Encoding content-type image/webp cache-control public, max-age=86400 accept-ranges bytes cf-ray 83c4b6436d8cbb85-FRA content-length 176540 expires Thu, 28 Dec 2023 21:38:41 GMT
GET H2	200	optimize visuals.kaizengaming.com/io/api/image/ Frame F25F	7 KB 7 KB	68ms 63ms	Image image/webp	2606:4700:4400::ac40:934d CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://visuals.kaizengaming.com/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fbetano-stoiximan%2F5e3174ae9562931f344ad1a5%2Fimages%2Ff1514e3a-d99a-4082-a246-cf6c57fa525d.png&w=150&h=80&q=99&f=webp&rt=contain Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1674c641b55359d221317d2a0a580c317148ed50753954cb477734f615157e74 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers request-context appId=cid-v1:aa2d0cc3-fd7d-4ac0-80ca-1db03d937ce1 date Wed, 27 Dec 2023 21:38:41 GMT cf-cache-status DYNAMIC last-modified Wed, 27 Dec 2023 00:20:36 GMT api-supported-versions 2.0 server cloudflare age 76685 vary Accept-Encoding content-type image/webp cache-control public, max-age=86400 accept-ranges bytes cf-ray 83c4b6436d8dbb85-FRA content-length 6958 expires Thu, 28 Dec 2023 21:38:41 GMT
GET H2	200	optimize visuals.kaizengaming.com/io/api/image/ Frame F25F	8 KB 8 KB	69ms 64ms	Image image/webp	2606:4700:4400::ac40:934d CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://visuals.kaizengaming.com/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fbetano-stoiximan%2F5e3174ae9562931f344ad1a5%2Fimages%2F7a763a39-7916-445d-8fae-a6216e685905.png&w=174&h=69&q=99&f=webp&rt=contain Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash fa2fe840687db705e1e27dfa93fa8c233e3a460045892a6a094402b59b085330 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers request-context appId=cid-v1:aa2d0cc3-fd7d-4ac0-80ca-1db03d937ce1 date Wed, 27 Dec 2023 21:38:41 GMT cf-cache-status DYNAMIC last-modified Wed, 27 Dec 2023 00:44:04 GMT api-supported-versions 2.0 server cloudflare age 75277 vary Accept-Encoding content-type image/webp cache-control public, max-age=86400 accept-ranges bytes cf-ray 83c4b6436d94bb85-FRA content-length 7696 expires Thu, 28 Dec 2023 21:38:41 GMT
GET H2	200	a81fba0d-00f3-4513-ae96-d2e9de4e35c9.svg visuals.kaizengaming.com/accounts/betano-stoiximan/5e3174ae9562931f344ad1a5/images/ Frame F25F	462 B 457 B	54ms 50ms	Image image/svg+xml	2606:4700:4400::ac40:934d CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://visuals.kaizengaming.com/accounts/betano-stoiximan/5e3174ae9562931f344ad1a5/images/a81fba0d-00f3-4513-ae96-d2e9de4e35c9.svg Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4be6e57f964287d22addfd30806f4fc69fc1560fdb5f9c649beb85d1f72075db Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Wed, 27 Dec 2023 21:38:41 GMT content-encoding gzip cf-cache-status HIT content-md5 db1RviXCYsfCGJyPhdZBgQ== age 1603 x-ms-lease-status unlocked last-modified Tue, 08 Aug 2023 12:08:19 GMT server cloudflare etag W/"0x8DB98082775296F" vary Accept-Encoding content-type image/svg+xml access-control-allow-origin * x-ms-request-id e9b520c2-701e-000a-4b9d-217164000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding cache-control public, max-age=14400 x-ms-version 2011-08-18 cf-ray 83c4b6436d96bb85-FRA expires Thu, 28 Dec 2023 01:11:58 GMT
GET H2	200	e97b0b38-2076-4e93-b438-b20020972f61.svg visuals.kaizengaming.com/accounts/betano-stoiximan/5e3174ae9562931f344ad1a5/images/ Frame F25F	712 B 522 B	53ms 49ms	Image image/svg+xml	2606:4700:4400::ac40:934d CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://visuals.kaizengaming.com/accounts/betano-stoiximan/5e3174ae9562931f344ad1a5/images/e97b0b38-2076-4e93-b438-b20020972f61.svg Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4fbb415ea8b4660ac89a8992303f64daddc2ccc2337b91f2cc8ee8c2c08df747 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Wed, 27 Dec 2023 21:38:41 GMT content-encoding gzip cf-cache-status HIT content-md5 Wj2Rm4rI4ts1bvK6/OwKuA== age 1608 x-ms-lease-status unlocked last-modified Tue, 08 Aug 2023 12:08:19 GMT server cloudflare etag W/"0x8DB9808278220AD" vary Accept-Encoding content-type image/svg+xml access-control-allow-origin * x-ms-request-id c7cf9d32-901e-0002-754b-236b6b000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding cache-control public, max-age=14400 x-ms-version 2011-08-18 cf-ray 83c4b6436d98bb85-FRA expires Thu, 28 Dec 2023 01:11:53 GMT
GET H2	200	6d5c7812-5f89-45cd-ab6d-c542e499b1fa.svg visuals.kaizengaming.com/accounts/betano-stoiximan/5e3174ae9562931f344ad1a5/images/ Frame F25F	716 B 519 B	54ms 50ms	Image image/svg+xml	2606:4700:4400::ac40:934d CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://visuals.kaizengaming.com/accounts/betano-stoiximan/5e3174ae9562931f344ad1a5/images/6d5c7812-5f89-45cd-ab6d-c542e499b1fa.svg Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 515132f19d1446bd5902d4654f2cf236fed020ad67553ead26982588351949d4 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Wed, 27 Dec 2023 21:38:41 GMT content-encoding gzip cf-cache-status HIT content-md5 wOI1kvcZ2lxVvarwrZkpVw== age 1608 x-ms-lease-status unlocked last-modified Tue, 08 Aug 2023 12:08:19 GMT server cloudflare etag W/"0x8DB980827807321" vary Accept-Encoding content-type image/svg+xml access-control-allow-origin * x-ms-request-id a2d7b315-301e-001b-0f75-22ebd0000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding cache-control public, max-age=14400 x-ms-version 2011-08-18 cf-ray 83c4b6436d99bb85-FRA expires Thu, 28 Dec 2023 01:11:53 GMT
GET H2	200	44fd3f8b-5a25-42a7-a98f-996de4abd146.svg visuals.kaizengaming.com/accounts/betano-stoiximan/5e3174ae9562931f344ad1a5/images/ Frame F25F	699 B 795 B	62ms 58ms	Image image/svg+xml	2606:4700:4400::ac40:934d CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://visuals.kaizengaming.com/accounts/betano-stoiximan/5e3174ae9562931f344ad1a5/images/44fd3f8b-5a25-42a7-a98f-996de4abd146.svg Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0e2407c604b7d77289bd9c43e9bbcc41f39378761bc7450b7b151e681729aa94 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Wed, 27 Dec 2023 21:38:41 GMT content-encoding gzip cf-cache-status HIT content-md5 6T5iHY4kR/cqRXlJfcIgeg== age 1603 x-ms-lease-status unlocked last-modified Tue, 08 Aug 2023 12:08:19 GMT server cloudflare etag W/"0x8DB980827A0A29B" vary Accept-Encoding content-type image/svg+xml access-control-allow-origin * x-ms-request-id c7cf9dfa-901e-0002-304b-236b6b000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding cache-control public, max-age=14400 x-ms-version 2011-08-18 cf-ray 83c4b6436d9abb85-FRA expires Thu, 28 Dec 2023 01:11:58 GMT
GET H2	200	50881c1d-287e-498a-abef-0967eee64053.svg visuals.kaizengaming.com/accounts/betano-stoiximan/5e3174ae9562931f344ad1a5/images/ Frame F25F	705 B 805 B	32ms 29ms	Image image/svg+xml	2606:4700:4400::ac40:934d CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://visuals.kaizengaming.com/accounts/betano-stoiximan/5e3174ae9562931f344ad1a5/images/50881c1d-287e-498a-abef-0967eee64053.svg Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash db66baeede40115b8e53c9b5bdbd4403e4fd749493ea0074d86234e15c082ad9 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Wed, 27 Dec 2023 21:38:41 GMT content-encoding gzip cf-cache-status HIT content-md5 OGNNML/bbmYzG3WVI4K2vw== age 1608 x-ms-lease-status unlocked last-modified Tue, 08 Aug 2023 12:08:19 GMT server cloudflare etag W/"0x8DB98082797A2B0" vary Accept-Encoding content-type image/svg+xml access-control-allow-origin * x-ms-request-id 117fde56-901e-0002-3593-226b6b000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding cache-control public, max-age=14400 x-ms-version 2011-08-18 cf-ray 83c4b6436d9cbb85-FRA expires Thu, 28 Dec 2023 01:11:53 GMT
GET H2	200	68caeb64-8770-4732-8cdc-b287d26e232f.svg visuals.kaizengaming.com/accounts/betano-stoiximan/5e3174ae9562931f344ad1a5/images/ Frame F25F	711 B 520 B	54ms 51ms	Image image/svg+xml	2606:4700:4400::ac40:934d CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://visuals.kaizengaming.com/accounts/betano-stoiximan/5e3174ae9562931f344ad1a5/images/68caeb64-8770-4732-8cdc-b287d26e232f.svg Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ca53f71166b7b496394a852d6266cfd9c7e8800b3890e7074ad8e6f219958208 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Wed, 27 Dec 2023 21:38:41 GMT content-encoding gzip cf-cache-status HIT content-md5 H8vQZgECIVhMUK6iBn/x3A== age 1603 x-ms-lease-status unlocked last-modified Tue, 08 Aug 2023 12:08:19 GMT server cloudflare etag W/"0x8DB9808278D9165" vary Accept-Encoding content-type image/svg+xml access-control-allow-origin * x-ms-request-id ba697a79-a01e-0009-7387-0ca8f5000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding cache-control public, max-age=14400 x-ms-version 2011-08-18 cf-ray 83c4b6436d9dbb85-FRA expires Thu, 28 Dec 2023 01:11:58 GMT
GET H2	200	c7fea8b5-896d-4d27-bcfc-3d8e40cc4ee2.svg visuals.kaizengaming.com/accounts/betano-stoiximan/5e3174ae9562931f344ad1a5/images/ Frame F25F	713 B 522 B	52ms 49ms	Image image/svg+xml	2606:4700:4400::ac40:934d CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://visuals.kaizengaming.com/accounts/betano-stoiximan/5e3174ae9562931f344ad1a5/images/c7fea8b5-896d-4d27-bcfc-3d8e40cc4ee2.svg Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 09a3e0af0b633adb17d10b1e76da6da24a474166ae0d23c14e70d61ee4d5a39d Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Wed, 27 Dec 2023 21:38:41 GMT content-encoding gzip cf-cache-status HIT content-md5 PGPRbIvWC6EgP2XMl5G9Xw== age 1603 x-ms-lease-status unlocked last-modified Tue, 08 Aug 2023 12:08:19 GMT server cloudflare etag W/"0x8DB9808279A137F" vary Accept-Encoding content-type image/svg+xml access-control-allow-origin * x-ms-request-id 1ff7b2ad-201e-005a-2f0a-15b334000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding cache-control public, max-age=14400 x-ms-version 2011-08-18 cf-ray 83c4b6436d9fbb85-FRA expires Thu, 28 Dec 2023 01:11:58 GMT
GET H2	200	d5e4cd03-efef-48fe-94f1-4867b321bfec.svg visuals.kaizengaming.com/accounts/betano-stoiximan/5e3174ae9562931f344ad1a5/images/ Frame F25F	701 B 548 B	61ms 59ms	Image image/svg+xml	2606:4700:4400::ac40:934d CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://visuals.kaizengaming.com/accounts/betano-stoiximan/5e3174ae9562931f344ad1a5/images/d5e4cd03-efef-48fe-94f1-4867b321bfec.svg Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1b3f188627e15b360d1350f38b9fc396fc21fde8a6286bc43133a5b2a26638eb Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Wed, 27 Dec 2023 21:38:41 GMT content-encoding gzip cf-cache-status HIT content-md5 kbsYe45EOgyN0lklvpvsrA== age 1603 x-ms-lease-status unlocked last-modified Tue, 08 Aug 2023 12:08:19 GMT server cloudflare etag W/"0x8DB9808279B4BE1" vary Accept-Encoding content-type image/svg+xml access-control-allow-origin * x-ms-request-id 0b611424-e01e-0037-762d-15077f000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding cache-control public, max-age=14400 x-ms-version 2011-08-18 cf-ray 83c4b6436da0bb85-FRA expires Thu, 28 Dec 2023 01:11:58 GMT
GET H2	200	4d170477-b2d8-4716-ba89-5383a384fb5e.svg visuals.kaizengaming.com/accounts/betano-stoiximan/5e3174ae9562931f344ad1a5/images/ Frame F25F	701 B 544 B	38ms 35ms	Image image/svg+xml	2606:4700:4400::ac40:934d CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://visuals.kaizengaming.com/accounts/betano-stoiximan/5e3174ae9562931f344ad1a5/images/4d170477-b2d8-4716-ba89-5383a384fb5e.svg Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5c694b35a7330040aa87ab8631c4cd208848c931022413ae1cd36211d3be18d1 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Wed, 27 Dec 2023 21:38:41 GMT content-encoding gzip cf-cache-status HIT content-md5 CP5dckuzFGRJ6dKK7x8ltA== age 1603 x-ms-lease-status unlocked last-modified Tue, 08 Aug 2023 12:08:19 GMT server cloudflare etag W/"0x8DB980827905047" vary Accept-Encoding content-type image/svg+xml access-control-allow-origin * x-ms-request-id ee129beb-f01e-003b-5abd-129077000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding cache-control public, max-age=14400 x-ms-version 2011-08-18 cf-ray 83c4b6437da2bb85-FRA expires Thu, 28 Dec 2023 01:11:58 GMT
GET H2	200	721e32ef-455d-42fa-8428-1ae5fb319ab9.svg visuals.kaizengaming.com/accounts/betano-stoiximan/5e3174ae9562931f344ad1a5/images/ Frame F25F	2 KB 1 KB	62ms 60ms	Image image/svg+xml	2606:4700:4400::ac40:934d CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://visuals.kaizengaming.com/accounts/betano-stoiximan/5e3174ae9562931f344ad1a5/images/721e32ef-455d-42fa-8428-1ae5fb319ab9.svg Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b03448143098de5b03500bf34c10210735d29421ef85ddd0d06213eea451fd49 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Wed, 27 Dec 2023 21:38:41 GMT content-encoding gzip cf-cache-status HIT content-md5 dIIZsAgREGCk+L7z+CtKvA== age 526 x-ms-lease-status unlocked last-modified Thu, 10 Aug 2023 10:33:34 GMT server cloudflare etag W/"0x8DB998D3FC6613A" vary Accept-Encoding content-type image/svg+xml access-control-allow-origin * x-ms-request-id ef96daed-e01e-006a-71fa-230dfb000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding cache-control public, max-age=14400 x-ms-version 2011-08-18 cf-ray 83c4b6437da3bb85-FRA expires Thu, 28 Dec 2023 01:29:55 GMT
GET H2	200	7d019101-6c40-47bf-b456-9289e9bf3d69.svg visuals.kaizengaming.com/accounts/betano-stoiximan/5e3174ae9562931f344ad1a5/images/ Frame F25F	454 B 533 B	68ms 66ms	Image image/svg+xml	2606:4700:4400::ac40:934d CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://visuals.kaizengaming.com/accounts/betano-stoiximan/5e3174ae9562931f344ad1a5/images/7d019101-6c40-47bf-b456-9289e9bf3d69.svg Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d1003881ad0defce4d7bd1955eed2bd8acedde9f766c08473d49157082ac3994 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Wed, 27 Dec 2023 21:38:41 GMT content-encoding gzip cf-cache-status HIT content-md5 Fe9zUTUCieFRBF6mOTWgjw== age 1608 x-ms-lease-status unlocked last-modified Tue, 08 Aug 2023 09:01:14 GMT server cloudflare etag W/"0x8DB97EE04CD7BF6" vary Accept-Encoding content-type image/svg+xml access-control-allow-origin * x-ms-request-id 456f7e3a-a01e-006b-112c-235227000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding cache-control public, max-age=14400 x-ms-version 2011-08-18 cf-ray 83c4b6437da7bb85-FRA expires Thu, 28 Dec 2023 01:11:53 GMT
GET H2	200	f32d22d9-d683-4c02-9855-0e5fcd20e25b.svg visuals.kaizengaming.com/accounts/betano-stoiximan/5e3174ae9562931f344ad1a5/images/ Frame F25F	2 KB 1 KB	68ms 66ms	Image image/svg+xml	2606:4700:4400::ac40:934d CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://visuals.kaizengaming.com/accounts/betano-stoiximan/5e3174ae9562931f344ad1a5/images/f32d22d9-d683-4c02-9855-0e5fcd20e25b.svg Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4c337470bc1e9446492c2dbb7a54343960f4ae88e51115502008f4c7f05a1f00 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Wed, 27 Dec 2023 21:38:41 GMT content-encoding gzip cf-cache-status HIT content-md5 52m6i3E5yoDqe8bIckaoJg== age 867 x-ms-lease-status unlocked last-modified Tue, 08 Aug 2023 09:01:14 GMT server cloudflare etag W/"0x8DB97EE04CF5095" vary Accept-Encoding content-type image/svg+xml access-control-allow-origin * x-ms-request-id f9422f86-501e-0022-1506-1310cc000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding cache-control public, max-age=14400 x-ms-version 2011-08-18 cf-ray 83c4b6437da9bb85-FRA expires Thu, 28 Dec 2023 01:24:14 GMT
GET H3	204	generate_204 tpc.googlesyndication.com/ Frame 77A1	0 10 B	8ms 6ms	Image text/plain	2a00:1450:4001:81c::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/generate_204?CJJFaw Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Wed, 27 Dec 2023 21:38:41 GMT cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0
POST H2	200	/ visuals.kaizengaming.com/tr/v2/pixel/ Frame 90E1	0 73 B	77ms 77ms	Ping text/plain	2606:4700:4400::ac40:934d CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://visuals.kaizengaming.com/tr/v2/pixel/ Requested by Host: visuals.kaizengaming.com URL: https://visuals.kaizengaming.com/a/64ee070c262380ef28e936b2?did=5dfcfbaa9ed3c30001234cf0&deeplink=on&preload=off&responsive=on&background=Transparent&a=64ee070c262380ef28e936b2&redirecturl=&container=.creative Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://visuals.kaizengaming.com/scripts/iframe?did=5dfcfbaa9ed3c30001234cf0&deeplink=on&preload=off&responsive=on&background=Transparent&a=64ee070c262380ef28e936b2&redirecturl= accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers date Wed, 27 Dec 2023 21:38:41 GMT cf-cache-status DYNAMIC server cloudflare cf-ray 83c4b643de1ebb85-FRA content-length 0 request-context appId=cid-v1:1d9bcaa3-5ddc-4e5d-973c-949d7ceab63e
GET H2	200	GSwcapvLrEq.css static.xx.fbcdn.net/rsrc.php/v3/yx/l/0,cross/ Frame 9C7F	20 KB 6 KB	29ms 10ms	Stylesheet text/css	2a03:2880:f083:9:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://static.xx.fbcdn.net/rsrc.php/v3/yx/l/0,cross/GSwcapvLrEq.css?_nc_x=Ij3Wp8lg5Kz Requested by Host: www.facebook.com URL: https://www.facebook.com/plugins/like_box.php?app_id=105231989568955&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df34779b60c6df3c%26domain%3Dlex.bg%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Flex.bg%252Ff2ac97390d1f60c%26relation%3Dparent.parent&container_width=0&header=true&href=https%3A%2F%2Fwww.facebook.com%2F%23!%2Fpages%2FLEXBG-%25D0%2591%25D1%258A%25D0%25BB%25D0%25B3%25D0%25B0%25D1%2580%25D1%2581%25D0%25BA%25D0%25B8%25D1%258F%25D1%2582-%25D0%25BF%25D1%2580%25D0%25B0%25D0%25B2%25D0%25B5%25D0%25BD-%25D0%25BF%25D0%25BE%25D1%2580%25D1%2582%25D0%25B0%25D0%25BB%2F252700991422690&locale=bg_BG&sdk=joey&show_faces=true&stream=false&width=300 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 13e64e2153618f475e94e0e85fa68c9ce910cfc9b24ca9d44fa546a7d2020a24 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://www.facebook.com/ Origin https://www.facebook.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers permissions-policy-report-only autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=() date Wed, 27 Dec 2023 21:38:42 GMT content-encoding br x-content-type-options nosniff content-md5 xXCq6/qryia0kWXvm23HIA== document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 5237 reporting-endpoints x-fb-debug 0Og/iOFYlvCBc3iefxX+APdHtfz/6wjJ3l5w1MCoKzDD+qbVV8KQrYeuxZLjSpvByJS6FQLAxZTGpHUisXZroA== last-modified Mon, 01 Jan 2001 08:00:00 GMT vary Origin content-type text/css; charset=utf-8 access-control-allow-origin https://www.facebook.com origin-agent-cluster ?0 cache-control public,max-age=31536000,immutable permissions-policy accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=() timing-allow-origin * expires Fri, 20 Dec 2024 00:20:03 GMT
GET H2	200	V-GL57iHfEB.css static.xx.fbcdn.net/rsrc.php/v3/y9/l/0,cross/ Frame 9C7F	33 KB 7 KB	28ms 10ms	Stylesheet text/css	2a03:2880:f083:9:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://static.xx.fbcdn.net/rsrc.php/v3/y9/l/0,cross/V-GL57iHfEB.css?_nc_x=Ij3Wp8lg5Kz Requested by Host: www.facebook.com URL: https://www.facebook.com/plugins/like_box.php?app_id=105231989568955&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df34779b60c6df3c%26domain%3Dlex.bg%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Flex.bg%252Ff2ac97390d1f60c%26relation%3Dparent.parent&container_width=0&header=true&href=https%3A%2F%2Fwww.facebook.com%2F%23!%2Fpages%2FLEXBG-%25D0%2591%25D1%258A%25D0%25BB%25D0%25B3%25D0%25B0%25D1%2580%25D1%2581%25D0%25BA%25D0%25B8%25D1%258F%25D1%2582-%25D0%25BF%25D1%2580%25D0%25B0%25D0%25B2%25D0%25B5%25D0%25BD-%25D0%25BF%25D0%25BE%25D1%2580%25D1%2582%25D0%25B0%25D0%25BB%2F252700991422690&locale=bg_BG&sdk=joey&show_faces=true&stream=false&width=300 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash d1ea19a19ec8d6220550ff2184b4c0b90caae3b46865454cc42f803d52d2562e Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://www.facebook.com/ Origin https://www.facebook.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers permissions-policy-report-only autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=() date Wed, 27 Dec 2023 21:38:42 GMT content-encoding br x-content-type-options nosniff content-md5 wItLblWsAEMAkZNj3Qggsw== document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 6438 reporting-endpoints x-fb-debug Ngt9ghWLLQRlg/F0Xtimc7AFP/+5yv8DxnnidaMrl40qs5bOJ0UjGNb4yXur8DsPNXTJFikZuJc4EqnxIkBlXQ== last-modified Mon, 01 Jan 2001 08:00:00 GMT vary Origin content-type text/css; charset=utf-8 access-control-allow-origin https://www.facebook.com cache-control public,max-age=31536000,immutable x-fb-optimizer 0 permissions-policy accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=() timing-allow-origin * expires Tue, 24 Dec 2024 21:58:18 GMT
GET H2	200	atEdO08Ontm.css static.xx.fbcdn.net/rsrc.php/v3/ym/l/0,cross/ Frame 9C7F	21 KB 5 KB	28ms 10ms	Stylesheet text/css	2a03:2880:f083:9:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://static.xx.fbcdn.net/rsrc.php/v3/ym/l/0,cross/atEdO08Ontm.css?_nc_x=Ij3Wp8lg5Kz Requested by Host: www.facebook.com URL: https://www.facebook.com/plugins/like_box.php?app_id=105231989568955&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df34779b60c6df3c%26domain%3Dlex.bg%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Flex.bg%252Ff2ac97390d1f60c%26relation%3Dparent.parent&container_width=0&header=true&href=https%3A%2F%2Fwww.facebook.com%2F%23!%2Fpages%2FLEXBG-%25D0%2591%25D1%258A%25D0%25BB%25D0%25B3%25D0%25B0%25D1%2580%25D1%2581%25D0%25BA%25D0%25B8%25D1%258F%25D1%2582-%25D0%25BF%25D1%2580%25D0%25B0%25D0%25B2%25D0%25B5%25D0%25BD-%25D0%25BF%25D0%25BE%25D1%2580%25D1%2582%25D0%25B0%25D0%25BB%2F252700991422690&locale=bg_BG&sdk=joey&show_faces=true&stream=false&width=300 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 2d9cc15e91cc9e0c00b43b367a157c107bb21f9b4d1951dd1dd614cd5281b05b Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://www.facebook.com/ Origin https://www.facebook.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers permissions-policy-report-only autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=() date Wed, 27 Dec 2023 21:38:42 GMT content-encoding br x-content-type-options nosniff content-md5 QYVBZwBJk2JlyMrr/hopaw== document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 4758 reporting-endpoints x-fb-debug uwEUvSMZVzsbZcsxzWnKHJzegKa6B64YyMTdeLs5cCsbK9aNJHATVadrBlM2ZDZJwBS2pTxxmpCGRr7egTpwTA== last-modified Mon, 01 Jan 2001 08:00:00 GMT vary Origin content-type text/css; charset=utf-8 access-control-allow-origin https://www.facebook.com cache-control public,max-age=31536000,immutable permissions-policy accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=() timing-allow-origin * expires Mon, 23 Dec 2024 16:38:17 GMT
GET H2	200	iZpNYL8JfUb.js Show response static.xx.fbcdn.net/rsrc.php/v3/yt/r/ Frame 9C7F	355 KB 92 KB	50ms 32ms	Script application/x-javascript	2a03:2880:f083:9:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://static.xx.fbcdn.net/rsrc.php/v3/yt/r/iZpNYL8JfUb.js?_nc_x=Ij3Wp8lg5Kz Requested by Host: www.facebook.com URL: https://www.facebook.com/plugins/like_box.php?app_id=105231989568955&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df34779b60c6df3c%26domain%3Dlex.bg%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Flex.bg%252Ff2ac97390d1f60c%26relation%3Dparent.parent&container_width=0&header=true&href=https%3A%2F%2Fwww.facebook.com%2F%23!%2Fpages%2FLEXBG-%25D0%2591%25D1%258A%25D0%25BB%25D0%25B3%25D0%25B0%25D1%2580%25D1%2581%25D0%25BA%25D0%25B8%25D1%258F%25D1%2582-%25D0%25BF%25D1%2580%25D0%25B0%25D0%25B2%25D0%25B5%25D0%25BD-%25D0%25BF%25D0%25BE%25D1%2580%25D1%2582%25D0%25B0%25D0%25BB%2F252700991422690&locale=bg_BG&sdk=joey&show_faces=true&stream=false&width=300 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash ca15ac1540010cea7015b4e4ec35c33cd999430f4bd5221b94e66d319456b2b0 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://www.facebook.com/ Origin https://www.facebook.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers permissions-policy-report-only autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=() date Wed, 27 Dec 2023 21:38:42 GMT content-encoding br x-content-type-options nosniff content-md5 xsO4Q3RmuC1PPAMeNJW+pw== document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 93994 reporting-endpoints x-fb-debug 2oJH9vCrLJiaeu8lsuDqxown3/iJC3JKor0Sh2mII7O42z2wVDiL534cT1h7e2vp/UkGswQ+iTicUKFWLlogvQ== last-modified Mon, 01 Jan 2001 08:00:00 GMT vary Origin content-type application/x-javascript; charset=utf-8 access-control-allow-origin https://www.facebook.com origin-agent-cluster ?0 cache-control public,max-age=31536000,immutable permissions-policy accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=() timing-allow-origin * expires Fri, 20 Dec 2024 01:01:10 GMT
GET H2	200	414NUtwuGAO.js Show response static.xx.fbcdn.net/rsrc.php/v3/ym/r/ Frame 9C7F	94 KB 27 KB	50ms 32ms	Script application/x-javascript	2a03:2880:f083:9:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://static.xx.fbcdn.net/rsrc.php/v3/ym/r/414NUtwuGAO.js?_nc_x=Ij3Wp8lg5Kz Requested by Host: www.facebook.com URL: https://www.facebook.com/plugins/like_box.php?app_id=105231989568955&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df34779b60c6df3c%26domain%3Dlex.bg%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Flex.bg%252Ff2ac97390d1f60c%26relation%3Dparent.parent&container_width=0&header=true&href=https%3A%2F%2Fwww.facebook.com%2F%23!%2Fpages%2FLEXBG-%25D0%2591%25D1%258A%25D0%25BB%25D0%25B3%25D0%25B0%25D1%2580%25D1%2581%25D0%25BA%25D0%25B8%25D1%258F%25D1%2582-%25D0%25BF%25D1%2580%25D0%25B0%25D0%25B2%25D0%25B5%25D0%25BD-%25D0%25BF%25D0%25BE%25D1%2580%25D1%2582%25D0%25B0%25D0%25BB%2F252700991422690&locale=bg_BG&sdk=joey&show_faces=true&stream=false&width=300 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash b7a8490d7353f4d29b7a7c0e0da1a610d1067d0bfdbb8d88df5764651b9d25fe Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://www.facebook.com/ Origin https://www.facebook.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers permissions-policy-report-only autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=() date Wed, 27 Dec 2023 21:38:42 GMT content-encoding br x-content-type-options nosniff content-md5 hmfTcKzH8YSfKfUldK7oUw== document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 27400 reporting-endpoints x-fb-debug oZjW6e9TkrITM3hNq4m3b84s/PTF/2pnn+au8cTwUWvamSrfuzi+sZAPoASNw5Vn0A+yVSngW2ToKKpa6b80RQ== last-modified Mon, 01 Jan 2001 08:00:00 GMT vary Origin content-type application/x-javascript; charset=utf-8 access-control-allow-origin https://www.facebook.com origin-agent-cluster ?0 cache-control public,max-age=31536000,immutable permissions-policy accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=() timing-allow-origin * expires Mon, 23 Dec 2024 16:37:00 GMT
GET H2	200	teTZ2tZqwkq.js Show response static.xx.fbcdn.net/rsrc.php/v3/yr/r/ Frame 9C7F	7 KB 2 KB	49ms 31ms	Script application/x-javascript	2a03:2880:f083:9:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://static.xx.fbcdn.net/rsrc.php/v3/yr/r/teTZ2tZqwkq.js?_nc_x=Ij3Wp8lg5Kz Requested by Host: www.facebook.com URL: https://www.facebook.com/plugins/like_box.php?app_id=105231989568955&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df34779b60c6df3c%26domain%3Dlex.bg%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Flex.bg%252Ff2ac97390d1f60c%26relation%3Dparent.parent&container_width=0&header=true&href=https%3A%2F%2Fwww.facebook.com%2F%23!%2Fpages%2FLEXBG-%25D0%2591%25D1%258A%25D0%25BB%25D0%25B3%25D0%25B0%25D1%2580%25D1%2581%25D0%25BA%25D0%25B8%25D1%258F%25D1%2582-%25D0%25BF%25D1%2580%25D0%25B0%25D0%25B2%25D0%25B5%25D0%25BD-%25D0%25BF%25D0%25BE%25D1%2580%25D1%2582%25D0%25B0%25D0%25BB%2F252700991422690&locale=bg_BG&sdk=joey&show_faces=true&stream=false&width=300 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 5bcb3ba5be62072a5be691a6cb4625b83ab20458f7543e78575c665ce64743c5 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://www.facebook.com/ Origin https://www.facebook.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers permissions-policy-report-only autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=() date Wed, 27 Dec 2023 21:38:42 GMT content-encoding br x-content-type-options nosniff content-md5 qO1vcfOdsbovoV9UmybnhA== document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 2250 reporting-endpoints x-fb-debug PVKq1MlDon1PwG045/mn9+r2xU2QLbmuv2AAOsA5aFixsta3M/lUUsV//XuiSBlT0kb0V8FZru+hymXBAu1LqA== last-modified Mon, 01 Jan 2001 08:00:00 GMT vary Origin content-type application/x-javascript; charset=utf-8 access-control-allow-origin https://www.facebook.com origin-agent-cluster ?0 cache-control public,max-age=31536000,immutable permissions-policy accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=() timing-allow-origin * expires Mon, 23 Dec 2024 16:37:00 GMT
GET H2	200	t_SlUrtqj3p.js Show response static.xx.fbcdn.net/rsrc.php/v3/yu/r/ Frame 9C7F	52 KB 17 KB	51ms 33ms	Script application/x-javascript	2a03:2880:f083:9:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://static.xx.fbcdn.net/rsrc.php/v3/yu/r/t_SlUrtqj3p.js?_nc_x=Ij3Wp8lg5Kz Requested by Host: www.facebook.com URL: https://www.facebook.com/plugins/like_box.php?app_id=105231989568955&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df34779b60c6df3c%26domain%3Dlex.bg%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Flex.bg%252Ff2ac97390d1f60c%26relation%3Dparent.parent&container_width=0&header=true&href=https%3A%2F%2Fwww.facebook.com%2F%23!%2Fpages%2FLEXBG-%25D0%2591%25D1%258A%25D0%25BB%25D0%25B3%25D0%25B0%25D1%2580%25D1%2581%25D0%25BA%25D0%25B8%25D1%258F%25D1%2582-%25D0%25BF%25D1%2580%25D0%25B0%25D0%25B2%25D0%25B5%25D0%25BD-%25D0%25BF%25D0%25BE%25D1%2580%25D1%2582%25D0%25B0%25D0%25BB%2F252700991422690&locale=bg_BG&sdk=joey&show_faces=true&stream=false&width=300 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 369570af203fe832b39be7ff64f94f07b6c97c928b733a9b9e6c8bcf1a98652c Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://www.facebook.com/ Origin https://www.facebook.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers permissions-policy-report-only autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=() date Wed, 27 Dec 2023 21:38:42 GMT content-encoding br x-content-type-options nosniff content-md5 bjNrzrx9as9CpDFfF+BSww== document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 16795 reporting-endpoints x-fb-debug ucG3Q4mn0SZYZxXnDmaqXVLUklISlorLU6qzZkVnq+u4EWLJQa49XBqmjwSzcGhfHgIHU02zwkK6Vf/mTxOdzA== last-modified Mon, 01 Jan 2001 08:00:00 GMT vary Origin content-type application/x-javascript; charset=utf-8 access-control-allow-origin https://www.facebook.com origin-agent-cluster ?0 cache-control public,max-age=31536000,immutable permissions-policy accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=() timing-allow-origin * expires Mon, 23 Dec 2024 16:37:00 GMT
GET H2	200	y1wKntgIB6R.js Show response static.xx.fbcdn.net/rsrc.php/v3i1mZ4/yz/l/bg_BG/ Frame 9C7F	71 KB 20 KB	51ms 34ms	Script application/x-javascript	2a03:2880:f083:9:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://static.xx.fbcdn.net/rsrc.php/v3i1mZ4/yz/l/bg_BG/y1wKntgIB6R.js?_nc_x=Ij3Wp8lg5Kz Requested by Host: www.facebook.com URL: https://www.facebook.com/plugins/like_box.php?app_id=105231989568955&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df34779b60c6df3c%26domain%3Dlex.bg%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Flex.bg%252Ff2ac97390d1f60c%26relation%3Dparent.parent&container_width=0&header=true&href=https%3A%2F%2Fwww.facebook.com%2F%23!%2Fpages%2FLEXBG-%25D0%2591%25D1%258A%25D0%25BB%25D0%25B3%25D0%25B0%25D1%2580%25D1%2581%25D0%25BA%25D0%25B8%25D1%258F%25D1%2582-%25D0%25BF%25D1%2580%25D0%25B0%25D0%25B2%25D0%25B5%25D0%25BD-%25D0%25BF%25D0%25BE%25D1%2580%25D1%2582%25D0%25B0%25D0%25BB%2F252700991422690&locale=bg_BG&sdk=joey&show_faces=true&stream=false&width=300 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 59c42dec2a3e5e952fc589c802e9e30ca6cb4f7f4f61f52bff11e858abe35a56 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://www.facebook.com/ Origin https://www.facebook.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers permissions-policy-report-only autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=() date Wed, 27 Dec 2023 21:38:42 GMT content-encoding br x-content-type-options nosniff content-md5 3PNTpJa+ppSRhTsFXff/zQ== document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 20162 reporting-endpoints x-fb-debug Q1X1Wk75lnuciBtF9lzAyzKtfbU5M7Oi5ilAdXRWt41VL2oLvJ94pEfoVrBfrwwYxEZEzVCUso/9R4VGHxlQvA== last-modified Mon, 01 Jan 2001 08:00:00 GMT vary Origin content-type application/x-javascript; charset=utf-8 access-control-allow-origin https://www.facebook.com cache-control public,max-age=31536000,immutable permissions-policy accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=() timing-allow-origin * expires Wed, 18 Dec 2024 23:02:13 GMT
GET H2	200	p55HfXW__mM.js Show response static.xx.fbcdn.net/rsrc.php/v3/yF/r/ Frame 9C7F	507 B 488 B	49ms 31ms	Script application/x-javascript	2a03:2880:f083:9:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://static.xx.fbcdn.net/rsrc.php/v3/yF/r/p55HfXW__mM.js?_nc_x=Ij3Wp8lg5Kz Requested by Host: www.facebook.com URL: https://www.facebook.com/plugins/like_box.php?app_id=105231989568955&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df34779b60c6df3c%26domain%3Dlex.bg%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Flex.bg%252Ff2ac97390d1f60c%26relation%3Dparent.parent&container_width=0&header=true&href=https%3A%2F%2Fwww.facebook.com%2F%23!%2Fpages%2FLEXBG-%25D0%2591%25D1%258A%25D0%25BB%25D0%25B3%25D0%25B0%25D1%2580%25D1%2581%25D0%25BA%25D0%25B8%25D1%258F%25D1%2582-%25D0%25BF%25D1%2580%25D0%25B0%25D0%25B2%25D0%25B5%25D0%25BD-%25D0%25BF%25D0%25BE%25D1%2580%25D1%2582%25D0%25B0%25D0%25BB%2F252700991422690&locale=bg_BG&sdk=joey&show_faces=true&stream=false&width=300 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 9e57fedb96b3686621bccd5521f43a2037a823c74f062176952890b179b3955b Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://www.facebook.com/ Origin https://www.facebook.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers permissions-policy-report-only autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=() date Wed, 27 Dec 2023 21:38:42 GMT content-encoding br x-content-type-options nosniff content-md5 L5E9gSgR735vyjAzTFly4g== document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 293 reporting-endpoints x-fb-debug LqO43bVsr9phSdsSKwthUdZQTAsXUXHcmE8bPF+KshHDrsSOC+o1VK1ume80vHalDr5EVrJgetBs8z/txTIlzg== last-modified Mon, 01 Jan 2001 08:00:00 GMT vary Origin content-type application/x-javascript; charset=utf-8 access-control-allow-origin https://www.facebook.com origin-agent-cluster ?0 cache-control public,max-age=31536000,immutable permissions-policy accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=() timing-allow-origin * expires Wed, 25 Dec 2024 15:44:02 GMT
GET H2	200	JMOqY9JKrro.js Show response static.xx.fbcdn.net/rsrc.php/v3igiM4/yd/l/bg_BG/ Frame 9C7F	28 KB 8 KB	35ms 17ms	Script application/x-javascript	2a03:2880:f083:9:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://static.xx.fbcdn.net/rsrc.php/v3igiM4/yd/l/bg_BG/JMOqY9JKrro.js?_nc_x=Ij3Wp8lg5Kz Requested by Host: www.facebook.com URL: https://www.facebook.com/plugins/like_box.php?app_id=105231989568955&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df34779b60c6df3c%26domain%3Dlex.bg%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Flex.bg%252Ff2ac97390d1f60c%26relation%3Dparent.parent&container_width=0&header=true&href=https%3A%2F%2Fwww.facebook.com%2F%23!%2Fpages%2FLEXBG-%25D0%2591%25D1%258A%25D0%25BB%25D0%25B3%25D0%25B0%25D1%2580%25D1%2581%25D0%25BA%25D0%25B8%25D1%258F%25D1%2582-%25D0%25BF%25D1%2580%25D0%25B0%25D0%25B2%25D0%25B5%25D0%25BD-%25D0%25BF%25D0%25BE%25D1%2580%25D1%2582%25D0%25B0%25D0%25BB%2F252700991422690&locale=bg_BG&sdk=joey&show_faces=true&stream=false&width=300 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 6656908b4e1f4a5ae07821a03cce175060ed19bef9401aec748fe06286131ef9 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://www.facebook.com/ Origin https://www.facebook.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers permissions-policy-report-only autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=() date Wed, 27 Dec 2023 21:38:42 GMT content-encoding br x-content-type-options nosniff content-md5 9pTwT5QRSNfCdxVdlSbGCA== document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 7935 reporting-endpoints x-fb-debug PDWmqZGahXghyWVnY3Eqc5m94bePVnBFXvZk8BhcIHjH1Ls/2AwTa0Ib5wf483IXKwxDY8fQLatJOKQsd3rxmQ== last-modified Mon, 01 Jan 2001 08:00:00 GMT vary Origin content-type application/x-javascript; charset=utf-8 access-control-allow-origin https://www.facebook.com cache-control public,max-age=31536000,immutable permissions-policy accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=() timing-allow-origin * expires Sun, 15 Dec 2024 18:38:56 GMT
GET H2	200	4glWsWDgVZL.js Show response static.xx.fbcdn.net/rsrc.php/v3iFxB4/yh/l/bg_BG/ Frame 9C7F	360 KB 82 KB	37ms 20ms	Script application/x-javascript	2a03:2880:f083:9:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://static.xx.fbcdn.net/rsrc.php/v3iFxB4/yh/l/bg_BG/4glWsWDgVZL.js?_nc_x=Ij3Wp8lg5Kz Requested by Host: www.facebook.com URL: https://www.facebook.com/plugins/like_box.php?app_id=105231989568955&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df34779b60c6df3c%26domain%3Dlex.bg%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Flex.bg%252Ff2ac97390d1f60c%26relation%3Dparent.parent&container_width=0&header=true&href=https%3A%2F%2Fwww.facebook.com%2F%23!%2Fpages%2FLEXBG-%25D0%2591%25D1%258A%25D0%25BB%25D0%25B3%25D0%25B0%25D1%2580%25D1%2581%25D0%25BA%25D0%25B8%25D1%258F%25D1%2582-%25D0%25BF%25D1%2580%25D0%25B0%25D0%25B2%25D0%25B5%25D0%25BD-%25D0%25BF%25D0%25BE%25D1%2580%25D1%2582%25D0%25B0%25D0%25BB%2F252700991422690&locale=bg_BG&sdk=joey&show_faces=true&stream=false&width=300 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash b40b530e157f1b7336043688c8d899e1aef2341f3e1e041ac1b9b0f934e307af Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://www.facebook.com/ Origin https://www.facebook.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers permissions-policy-report-only autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=() date Wed, 27 Dec 2023 21:38:42 GMT content-encoding br x-content-type-options nosniff content-md5 2sDsSK4Nz7+mlq8boE9YLw== document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 84111 reporting-endpoints x-fb-debug EsrVP7aBwgPghFoaeyfZq47rgAJoNCb8lm9G8JSWgJoIw7k6vEEEtirviZcU+LeU/J2E+K5TNYtpvsPh2gMzWA== last-modified Mon, 01 Jan 2001 08:00:00 GMT vary Origin content-type application/x-javascript; charset=utf-8 access-control-allow-origin https://www.facebook.com origin-agent-cluster ?0 cache-control public,max-age=31536000,immutable permissions-policy accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=() timing-allow-origin * expires Mon, 23 Dec 2024 17:13:51 GMT
GET H2	200	oPnj6gnnvJ7.js Show response static.xx.fbcdn.net/rsrc.php/v3itz34/yR/l/bg_BG/ Frame 9C7F	407 KB 96 KB	37ms 20ms	Script application/x-javascript	2a03:2880:f083:9:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://static.xx.fbcdn.net/rsrc.php/v3itz34/yR/l/bg_BG/oPnj6gnnvJ7.js?_nc_x=Ij3Wp8lg5Kz Requested by Host: www.facebook.com URL: https://www.facebook.com/plugins/like_box.php?app_id=105231989568955&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df34779b60c6df3c%26domain%3Dlex.bg%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Flex.bg%252Ff2ac97390d1f60c%26relation%3Dparent.parent&container_width=0&header=true&href=https%3A%2F%2Fwww.facebook.com%2F%23!%2Fpages%2FLEXBG-%25D0%2591%25D1%258A%25D0%25BB%25D0%25B3%25D0%25B0%25D1%2580%25D1%2581%25D0%25BA%25D0%25B8%25D1%258F%25D1%2582-%25D0%25BF%25D1%2580%25D0%25B0%25D0%25B2%25D0%25B5%25D0%25BD-%25D0%25BF%25D0%25BE%25D1%2580%25D1%2582%25D0%25B0%25D0%25BB%2F252700991422690&locale=bg_BG&sdk=joey&show_faces=true&stream=false&width=300 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 305c35f6234201c0e0d3c746711ba71aa1e7296732c5c0735249bcf4288a372a Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://www.facebook.com/ Origin https://www.facebook.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers permissions-policy-report-only autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=() date Wed, 27 Dec 2023 21:38:42 GMT content-encoding br x-content-type-options nosniff content-md5 /eEydK9aFAWV2dtBzxEMMA== document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 97923 reporting-endpoints x-fb-debug ou6hnc8i1jhXsfhuLcuiw3zViO8mkvqK7XbIxcJ0CCjScUK22NSQqPipP9ApxXD7/hle2njFsTm1udTmfNI0HQ== last-modified Mon, 01 Jan 2001 08:00:00 GMT vary Origin content-type application/x-javascript; charset=utf-8 access-control-allow-origin https://www.facebook.com origin-agent-cluster ?0 cache-control public,max-age=31536000,immutable permissions-policy accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=() timing-allow-origin * expires Mon, 23 Dec 2024 17:13:51 GMT
GET H2	200	6kMuedo_G2j.js Show response static.xx.fbcdn.net/rsrc.php/v3iGbD4/yZ/l/bg_BG/ Frame 9C7F	39 KB 12 KB	34ms 18ms	Script application/x-javascript	2a03:2880:f083:9:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://static.xx.fbcdn.net/rsrc.php/v3iGbD4/yZ/l/bg_BG/6kMuedo_G2j.js?_nc_x=Ij3Wp8lg5Kz Requested by Host: www.facebook.com URL: https://www.facebook.com/plugins/like_box.php?app_id=105231989568955&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df34779b60c6df3c%26domain%3Dlex.bg%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Flex.bg%252Ff2ac97390d1f60c%26relation%3Dparent.parent&container_width=0&header=true&href=https%3A%2F%2Fwww.facebook.com%2F%23!%2Fpages%2FLEXBG-%25D0%2591%25D1%258A%25D0%25BB%25D0%25B3%25D0%25B0%25D1%2580%25D1%2581%25D0%25BA%25D0%25B8%25D1%258F%25D1%2582-%25D0%25BF%25D1%2580%25D0%25B0%25D0%25B2%25D0%25B5%25D0%25BD-%25D0%25BF%25D0%25BE%25D1%2580%25D1%2582%25D0%25B0%25D0%25BB%2F252700991422690&locale=bg_BG&sdk=joey&show_faces=true&stream=false&width=300 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash cb8b0818d68682ba57f404b2d4a4013d8f480493a5c8e349f2625f6ee2cd5311 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://www.facebook.com/ Origin https://www.facebook.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers permissions-policy-report-only autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=() date Wed, 27 Dec 2023 21:38:42 GMT content-encoding br x-content-type-options nosniff content-md5 rIE9NovIRorJUEG+xV7HHg== document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 12066 reporting-endpoints x-fb-debug tcVCRzkFKhnOXGdIUF6H79ZPDH+ofCvbl2FZOw6t0PbcJJOU56gnUJoZCD1neNhP5/sWuiHOHBxHe4G0buaWvA== last-modified Mon, 01 Jan 2001 08:00:00 GMT vary Origin content-type application/x-javascript; charset=utf-8 access-control-allow-origin https://www.facebook.com origin-agent-cluster ?0 cache-control public,max-age=31536000,immutable permissions-policy accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=() timing-allow-origin * expires Mon, 23 Dec 2024 17:13:51 GMT
GET H2	200	EdDnr5nQu36.js Show response static.xx.fbcdn.net/rsrc.php/v3/yo/r/ Frame 9C7F	210 KB 60 KB	50ms 34ms	Script application/x-javascript	2a03:2880:f083:9:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://static.xx.fbcdn.net/rsrc.php/v3/yo/r/EdDnr5nQu36.js?_nc_x=Ij3Wp8lg5Kz Requested by Host: www.facebook.com URL: https://www.facebook.com/plugins/like_box.php?app_id=105231989568955&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df34779b60c6df3c%26domain%3Dlex.bg%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Flex.bg%252Ff2ac97390d1f60c%26relation%3Dparent.parent&container_width=0&header=true&href=https%3A%2F%2Fwww.facebook.com%2F%23!%2Fpages%2FLEXBG-%25D0%2591%25D1%258A%25D0%25BB%25D0%25B3%25D0%25B0%25D1%2580%25D1%2581%25D0%25BA%25D0%25B8%25D1%258F%25D1%2582-%25D0%25BF%25D1%2580%25D0%25B0%25D0%25B2%25D0%25B5%25D0%25BD-%25D0%25BF%25D0%25BE%25D1%2580%25D1%2582%25D0%25B0%25D0%25BB%2F252700991422690&locale=bg_BG&sdk=joey&show_faces=true&stream=false&width=300 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 06786d595906d3edb8b6754cee7c372b421341cf5da74cdf92ed511e281bf310 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://www.facebook.com/ Origin https://www.facebook.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers permissions-policy-report-only autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=() date Wed, 27 Dec 2023 21:38:42 GMT content-encoding br x-content-type-options nosniff content-md5 d1keuLLQ3ZFbiCJWFNp7cw== document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 61285 reporting-endpoints x-fb-debug bswvNovdGhLR/9zSLmkVfY0FVdTVM/E5Nnp0JtS7ND9REcsCKkKEhteesKYxw7qf64t0CxDp0dI+5JW1WssirQ== last-modified Mon, 01 Jan 2001 08:00:00 GMT vary Origin content-type application/x-javascript; charset=utf-8 access-control-allow-origin https://www.facebook.com origin-agent-cluster ?0 cache-control public,max-age=31536000,immutable permissions-policy accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=() timing-allow-origin * expires Mon, 23 Dec 2024 16:37:00 GMT
GET H2	200	xg5NEKS2wWK.js Show response static.xx.fbcdn.net/rsrc.php/v3/y8/r/ Frame 9C7F	28 KB 7 KB	49ms 33ms	Script application/x-javascript	2a03:2880:f083:9:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://static.xx.fbcdn.net/rsrc.php/v3/y8/r/xg5NEKS2wWK.js?_nc_x=Ij3Wp8lg5Kz Requested by Host: www.facebook.com URL: https://www.facebook.com/plugins/like_box.php?app_id=105231989568955&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df34779b60c6df3c%26domain%3Dlex.bg%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Flex.bg%252Ff2ac97390d1f60c%26relation%3Dparent.parent&container_width=0&header=true&href=https%3A%2F%2Fwww.facebook.com%2F%23!%2Fpages%2FLEXBG-%25D0%2591%25D1%258A%25D0%25BB%25D0%25B3%25D0%25B0%25D1%2580%25D1%2581%25D0%25BA%25D0%25B8%25D1%258F%25D1%2582-%25D0%25BF%25D1%2580%25D0%25B0%25D0%25B2%25D0%25B5%25D0%25BD-%25D0%25BF%25D0%25BE%25D1%2580%25D1%2582%25D0%25B0%25D0%25BB%2F252700991422690&locale=bg_BG&sdk=joey&show_faces=true&stream=false&width=300 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash a75a5c50db4d5628dad52eb05139bf0677fb4d19d6915f18d267806dbdd810ea Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://www.facebook.com/ Origin https://www.facebook.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers permissions-policy-report-only autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=() date Wed, 27 Dec 2023 21:38:42 GMT content-encoding br x-content-type-options nosniff content-md5 RD8pDGr4EOhfQQPRrH9Iow== document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 7385 reporting-endpoints x-fb-debug zwmJBMltPuaaTVhpPke6S6fF62qW4jJwMZ5AOXTIxP8e32pWKhdMeqSebfvCfXQ0NoB/zPfEsqAAzNyOfMprqA== last-modified Mon, 01 Jan 2001 08:00:00 GMT vary Origin content-type application/x-javascript; charset=utf-8 access-control-allow-origin https://www.facebook.com cache-control public,max-age=31536000,immutable permissions-policy accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=() timing-allow-origin * expires Fri, 20 Dec 2024 01:29:35 GMT
GET H2	200	JQK3in7fqTh.js Show response static.xx.fbcdn.net/rsrc.php/v3/yh/r/ Frame 9C7F	33 KB 11 KB	50ms 34ms	Script application/x-javascript	2a03:2880:f083:9:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://static.xx.fbcdn.net/rsrc.php/v3/yh/r/JQK3in7fqTh.js?_nc_x=Ij3Wp8lg5Kz Requested by Host: www.facebook.com URL: https://www.facebook.com/plugins/like_box.php?app_id=105231989568955&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df34779b60c6df3c%26domain%3Dlex.bg%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Flex.bg%252Ff2ac97390d1f60c%26relation%3Dparent.parent&container_width=0&header=true&href=https%3A%2F%2Fwww.facebook.com%2F%23!%2Fpages%2FLEXBG-%25D0%2591%25D1%258A%25D0%25BB%25D0%25B3%25D0%25B0%25D1%2580%25D1%2581%25D0%25BA%25D0%25B8%25D1%258F%25D1%2582-%25D0%25BF%25D1%2580%25D0%25B0%25D0%25B2%25D0%25B5%25D0%25BD-%25D0%25BF%25D0%25BE%25D1%2580%25D1%2582%25D0%25B0%25D0%25BB%2F252700991422690&locale=bg_BG&sdk=joey&show_faces=true&stream=false&width=300 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 2a67da2b5a4b65e8507a0b252cd09c795c1c24755e9db22806fae08c6fd3a955 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://www.facebook.com/ Origin https://www.facebook.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers permissions-policy-report-only autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=() date Wed, 27 Dec 2023 21:38:42 GMT content-encoding br x-content-type-options nosniff content-md5 U7f4TbY3qR/oMKbYqHcPMg== document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 10884 reporting-endpoints x-fb-debug ZWbEvt8WEjfmDKQq//Wm+goklgfdQhLl+Lq3JH580NgXgYlJJQlDf3E8B/4rGTJqmRwBIJm1x5oVFsnjEe5j1g== last-modified Mon, 01 Jan 2001 08:00:00 GMT vary Origin content-type application/x-javascript; charset=utf-8 access-control-allow-origin https://www.facebook.com cache-control public,max-age=31536000,immutable permissions-policy accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=() timing-allow-origin * expires Mon, 23 Dec 2024 16:38:17 GMT
GET H2	200	HzxD9aAXSyD.js Show response static.xx.fbcdn.net/rsrc.php/v3/yV/r/ Frame 9C7F	55 KB 15 KB	48ms 33ms	Script application/x-javascript	2a03:2880:f083:9:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://static.xx.fbcdn.net/rsrc.php/v3/yV/r/HzxD9aAXSyD.js?_nc_x=Ij3Wp8lg5Kz Requested by Host: www.facebook.com URL: https://www.facebook.com/plugins/like_box.php?app_id=105231989568955&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df34779b60c6df3c%26domain%3Dlex.bg%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Flex.bg%252Ff2ac97390d1f60c%26relation%3Dparent.parent&container_width=0&header=true&href=https%3A%2F%2Fwww.facebook.com%2F%23!%2Fpages%2FLEXBG-%25D0%2591%25D1%258A%25D0%25BB%25D0%25B3%25D0%25B0%25D1%2580%25D1%2581%25D0%25BA%25D0%25B8%25D1%258F%25D1%2582-%25D0%25BF%25D1%2580%25D0%25B0%25D0%25B2%25D0%25B5%25D0%25BD-%25D0%25BF%25D0%25BE%25D1%2580%25D1%2582%25D0%25B0%25D0%25BB%2F252700991422690&locale=bg_BG&sdk=joey&show_faces=true&stream=false&width=300 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash c7d5594f3a599ccd0b1a336bb68a24d59882f394bb0b9c9a29c5200cd2b48468 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://www.facebook.com/ Origin https://www.facebook.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers permissions-policy-report-only autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=() date Wed, 27 Dec 2023 21:38:42 GMT content-encoding br x-content-type-options nosniff content-md5 oRcNmPqvdkv3ysBSBC5rSQ== document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 15157 reporting-endpoints x-fb-debug /bOSJurOfAny4wCcvvcvLtbDMhhCO3P2jHzXYu01CAwa2hsyZhZRZmFE/eSkwxhBuQOETtqnV4AYsZJxxVQ51Q== last-modified Mon, 01 Jan 2001 08:00:00 GMT vary Origin content-type application/x-javascript; charset=utf-8 access-control-allow-origin https://www.facebook.com cache-control public,max-age=31536000,immutable permissions-policy accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=() timing-allow-origin * expires Fri, 13 Dec 2024 00:23:17 GMT
GET H2	200	252366812_7112710892088298_1862819845397791777_n.jpg scontent.xx.fbcdn.net/v/t39.30808-6/ Frame 9C7F	5 KB 5 KB	9ms 8ms	Image image/jpeg	2a03:2880:f083:9:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://scontent.xx.fbcdn.net/v/t39.30808-6/252366812_7112710892088298_1862819845397791777_n.jpg?stp=dst-jpg_p130x130&_nc_cat=111&ccb=1-7&_nc_sid=081abc&_nc_ohc=HL9_FK4nOPoAX_JYU1P&_nc_ht=scontent.xx&edm=ANSO7JkEAAAA&oh=00_AfBKan9rcEBdUEUzr3eZkv2zPxP0ZNxk_tMlWfyzRpuW7g&oe=65921D1C Requested by Host: www.facebook.com URL: https://www.facebook.com/plugins/like_box.php?app_id=105231989568955&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df34779b60c6df3c%26domain%3Dlex.bg%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Flex.bg%252Ff2ac97390d1f60c%26relation%3Dparent.parent&container_width=0&header=true&href=https%3A%2F%2Fwww.facebook.com%2F%23!%2Fpages%2FLEXBG-%25D0%2591%25D1%258A%25D0%25BB%25D0%25B3%25D0%25B0%25D1%2580%25D1%2581%25D0%25BA%25D0%25B8%25D1%258F%25D1%2582-%25D0%25BF%25D1%2580%25D0%25B0%25D0%25B2%25D0%25B5%25D0%25BD-%25D0%25BF%25D0%25BE%25D1%2580%25D1%2582%25D0%25B0%25D0%25BB%2F252700991422690&locale=bg_BG&sdk=joey&show_faces=true&stream=false&width=300 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 0228ab07163b9c5df1cca988ee0bb9985ca891f475e6b427c369d965f7a69ea2 Request headers accept-language de-DE,de;q=0.9 Referer https://www.facebook.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Wed, 27 Dec 2023 21:38:42 GMT x-storage-error-category dfs:none;sc_p:200:WSE_NOT_SET last-modified Tue, 02 Nov 2021 08:58:39 GMT content-type image/jpeg access-control-allow-origin * content-digest adler32=2501749866 thrift_fmhk GBAP0W2ZM7caxUWckaTn0DEJFfDr4Z0EAA== cache-control max-age=1209600, no-transform cross-origin-resource-policy cross-origin x-needle-checksum 2252531036 accept-ranges bytes timing-allow-origin * alt-svc h3=":443"; ma=86400 content-length 5125
GET H3	200	279632025_660529138716827_4558781363693864501_n.png scontent.xx.fbcdn.net/v/t39.30808-1/ Frame 9C7F	2 KB 2 KB	8ms 8ms	Image image/png	2a03:2880:f083:9:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://scontent.xx.fbcdn.net/v/t39.30808-1/279632025_660529138716827_4558781363693864501_n.png?stp=cp0_dst-png_p50x50&_nc_cat=107&ccb=1-7&_nc_sid=4da83f&_nc_ohc=Kymw9GaSbrAAX_BkOg0&_nc_ht=scontent.xx&edm=ANSO7JkEAAAA&oh=00_AfCsyknC_qUtBFLwPbUWBrefD-lmTz-u7hcfMsMT7FI6OQ&oe=6590F32D Requested by Host: www.facebook.com URL: https://www.facebook.com/plugins/like_box.php?app_id=105231989568955&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df34779b60c6df3c%26domain%3Dlex.bg%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Flex.bg%252Ff2ac97390d1f60c%26relation%3Dparent.parent&container_width=0&header=true&href=https%3A%2F%2Fwww.facebook.com%2F%23!%2Fpages%2FLEXBG-%25D0%2591%25D1%258A%25D0%25BB%25D0%25B3%25D0%25B0%25D1%2580%25D1%2581%25D0%25BA%25D0%25B8%25D1%258F%25D1%2582-%25D0%25BF%25D1%2580%25D0%25B0%25D0%25B2%25D0%25B5%25D0%25BD-%25D0%25BF%25D0%25BE%25D1%2580%25D1%2582%25D0%25B0%25D0%25BB%2F252700991422690&locale=bg_BG&sdk=joey&show_faces=true&stream=false&width=300 Protocol H3 Security QUIC, , AES_128_GCM Server 2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 8a7a34986afd38035ffd70920fdfd3c4e7dfc2ff96ab1edeca3a1a74e8211a63 Request headers accept-language de-DE,de;q=0.9 Referer https://www.facebook.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Wed, 27 Dec 2023 21:38:42 GMT x-storage-error-category dfs:none;sc_p:200:WSE_NOT_SET last-modified Tue, 03 May 2022 20:12:03 GMT content-type image/png access-control-allow-origin * content-digest adler32=2075334581 thrift_fmhk GBAZuFM1qzMQXgS+RbRIf2mNFQAA cache-control max-age=1209600, no-transform cross-origin-resource-policy cross-origin x-needle-checksum 598661871 accept-ranges bytes timing-allow-origin * alt-svc h3=":443"; ma=86400 content-length 2133 priority u=3,i
GET H3	204	sodar pagead2.googlesyndication.com/pagead/	0 0	47ms 47ms	Image text/html	2a00:1450:4001:827::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231207&jk=3627459136676389&bg=!KSqlKmXNAAY3kmNgF5I7ADQBe5WfOJm_asdCgVWw74zELVz78kDXei1o7kCp3rmaDKlwHSfjdJkkQJfuUuv-0EM6aEHYAgAAALlSAAAAAWgBBwoAPt-KWG0dPrhcmfeAaOTiIdCHJ7nGOU9X-CGVSJG_zcsRZ25jfQwJRT8H6IxTp_T3E62XnQaRUwHP04lAUqexmQL9f-CNiwzqhNd2UeFWQk7vmKGZK6cxKTS2GCfem92pzU3kWXaDdSfj6NwBsJHBLOwNSTPxYHVILnKygQSHpeN4pKim28LJmsib-SHjXb3X37Rz7xh2EoIfSuJiKYJpUblJUHaB3VfA_rw_9n6bAMHpaVWzeU2Bbb8Lr02u3OC6QXzQ_gA1u65QMZOKI-TTCSFTvqWNsInIUUkd3UJ1xFFqeJCiEzAv1m4wF1C02kFXtJka7O8IUh5re4G6X_YXq7BtUxQjOnRbl460C8Ycv3yyJEIsuLL88C0ueEBNal-B3kNzUbob0WSgOAzP9imawz9_dy12bX0hCB0E1eVAA2gR1tuJilDj3x3PufC1aLkoPbNBKicYqKbBBfDf67W6EWJtYp_l_1DLmyZjSiHsAYn5YCMy5-ZxsentNk9rlYQVdhq_82aIAQ59WJgMLHSCY5S9KdG2ZM3swAPen9arJsTS4Jj8dikiNEyoZxlaF8LI2WSazpcrs798F-dwtGcSny2sl84e25_nNoyYWm-aVd3hHg3Nxe4VDRaXmXTOwV5mwaGzdo_CaSxziok4MsE_AQggcsFxtkwX2jbgylX5n45XCTxU1uSgW_ZR6t3u2JxgmYBd_8Jyhv28zLAYlgQIOkjzZUeeKsY3B8qT_ew3l4hKd1MDGczMclL065OEnYMiPSEXibLsaWQHDjNTfxKSvoP8_wIvQkVjPxRAly4fkAO7Z74FQzWXTjIQaahp7smS3mYXQ4LaE4BwmfnP9dDzyHFpBf_1neFfo2h5DbJGBzNKQ_6lP95a-fMaYnTOBeZBZQFl5Vzm3KwC9Dv0kXnnwNwcPWLZ5k1C2Wwn6f9n3EHrD4giMCnOk75GWwsJvP-vgO2a4Fw2VFTKkzNGw3t5CStZGc1aTqKlJPFeribg2bhy5Jpe27vTXi2xQ5r_3I4RBt2VwbDH6kKkUxq_Fb46k1KyDJ7IM8ar0f3_Mcw7lvrb1wJhxrVNn1JQfpykOmVPtWgWSW_nex5nN5gsfy1x Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://lex.bg/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers
POST H3	200	/ Show response www.facebook.com/pages/call_to_action/fetch_dialog_data/ Frame 9C7F	2 KB 903 B	115ms 115ms	XHR application/x-javascript	2a03:2880:f176:181:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://www.facebook.com/pages/call_to_action/fetch_dialog_data/?id=2313080075384761&surface=pagePlugin&unit_type=VIEWER Requested by Host: static.xx.fbcdn.net URL: https://static.xx.fbcdn.net/rsrc.php/v3i1mZ4/yz/l/bg_BG/y1wKntgIB6R.js?_nc_x=Ij3Wp8lg5Kz Protocol H3 Security QUIC, , AES_128_GCM Server 2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 6975e49055964ecd512055f3cbf6601c2b9369dd5d35c72bd8a3f6bc683b23cf Security Headers Name Value Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff X-Frame-Options DENY Request headers X-FB-LSD eeLMs5EOqQ4sjT7P9XR5DZ Referer https://www.facebook.com/plugins/like_box.php?app_id=105231989568955&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df34779b60c6df3c%26domain%3Dlex.bg%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Flex.bg%252Ff2ac97390d1f60c%26relation%3Dparent.parent&container_width=0&header=true&href=https%3A%2F%2Fwww.facebook.com%2F%23!%2Fpages%2FLEXBG-%25D0%2591%25D1%258A%25D0%25BB%25D0%25B3%25D0%25B0%25D1%2580%25D1%2581%25D0%25BA%25D0%25B8%25D1%258F%25D1%2582-%25D0%25BF%25D1%2580%25D0%25B0%25D0%25B2%25D0%25B5%25D0%25BD-%25D0%25BF%25D0%25BE%25D1%2580%25D1%2582%25D0%25B0%25D0%25BB%2F252700991422690&locale=bg_BG&sdk=joey&show_faces=true&stream=false&width=300 X-ASBD-ID 129477 accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers permissions-policy-report-only autoplay=(), clipboard-read=(), clipboard-write=(), encrypted-media=(), fullscreen=(), keyboard-map=() strict-transport-security max-age=15552000; preload content-encoding br x-content-type-options nosniff date Wed, 27 Dec 2023 21:38:42 GMT document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 reporting-endpoints default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown" pragma no-cache x-fb-debug 8SjaCkSpb6PGR2XYUuGpOmg7ip+nIEbUpBHzHRfZJIn7lIQStafxM6dX1c/OSHpsEGkzW9cUF2MxQIjO79GB2g== cross-origin-opener-policy same-origin-allow-popups x-frame-options DENY report-to {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]} content-type application/x-javascript; charset=utf-8 access-control-allow-origin https://www.facebook.com origin-agent-cluster ?0 access-control-expose-headers X-FB-Debug, X-Loader-Length cache-control private, no-cache, no-store, must-revalidate access-control-allow-methods OPTIONS permissions-policy accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), usb=(), window-management=() access-control-allow-credentials true vary Origin, Accept-Encoding priority u=1,i expires Sat, 01 Jan 2000 00:00:00 GMT
GET H3	200	kCwDvxe1QsQ.js Show response static.xx.fbcdn.net/rsrc.php/v3/yo/r/ Frame 9C7F	12 KB 4 KB	8ms 8ms	Script application/x-javascript	2a03:2880:f083:9:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://static.xx.fbcdn.net/rsrc.php/v3/yo/r/kCwDvxe1QsQ.js?_nc_x=Ij3Wp8lg5Kz Requested by Host: static.xx.fbcdn.net URL: https://static.xx.fbcdn.net/rsrc.php/v3/yt/r/iZpNYL8JfUb.js?_nc_x=Ij3Wp8lg5Kz Protocol H3 Security QUIC, , AES_128_GCM Server 2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 264a0a28c23da253d460c72e9b7ff9e297a4e02ea590c5d20a1f0fa77bc9aadd Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://www.facebook.com/ Origin https://www.facebook.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers permissions-policy-report-only autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=() date Wed, 27 Dec 2023 21:38:42 GMT content-encoding br x-content-type-options nosniff content-md5 8PPs50PtkMAX5E1OU2ogzA== document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 3451 reporting-endpoints x-fb-debug 0Flyt38ex4+sONVz9rTsKgXtuvyHDhfcpJUCmHct+gfmkKcldsuB84znZ4a0OtX/a6uDsdodGXUrFk6z343iuw== last-modified Mon, 01 Jan 2001 08:00:00 GMT vary Origin content-type application/x-javascript; charset=utf-8 access-control-allow-origin https://www.facebook.com cache-control public,max-age=31536000,immutable permissions-policy accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=() timing-allow-origin * priority u=1 expires Sun, 15 Dec 2024 00:02:15 GMT
GET H3	200	VMMGrWYM7Te.js Show response static.xx.fbcdn.net/rsrc.php/v3/y-/r/ Frame 9C7F	341 KB 74 KB	9ms 9ms	Script application/x-javascript	2a03:2880:f083:9:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://static.xx.fbcdn.net/rsrc.php/v3/y-/r/VMMGrWYM7Te.js?_nc_x=Ij3Wp8lg5Kz Requested by Host: static.xx.fbcdn.net URL: https://static.xx.fbcdn.net/rsrc.php/v3/yt/r/iZpNYL8JfUb.js?_nc_x=Ij3Wp8lg5Kz Protocol H3 Security QUIC, , AES_128_GCM Server 2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash d0260a942842dfe2e8de7d78be4aecaa450e9ee0be021d76e6ba13d9f5c92b08 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://www.facebook.com/ Origin https://www.facebook.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers permissions-policy-report-only autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=() date Wed, 27 Dec 2023 21:38:42 GMT content-encoding br x-content-type-options nosniff content-md5 WmWr4XDoSnANsz1Uo5Z2tg== document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 75279 reporting-endpoints x-fb-debug 5X3ZDzN2OX54qrJ+JiIZTXwNpla8CP67gaGA8J1lIURX2yJxvEcHRiOJflysGABhm1Kyuul9ubZSyPVDI5fnKw== last-modified Mon, 01 Jan 2001 08:00:00 GMT vary Origin content-type application/x-javascript; charset=utf-8 access-control-allow-origin https://www.facebook.com cache-control public,max-age=31536000,immutable permissions-policy accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=() timing-allow-origin * priority u=1 expires Mon, 23 Dec 2024 16:37:49 GMT
GET H3	200	ieeHDjcGsIR.js Show response static.xx.fbcdn.net/rsrc.php/v3/yH/r/ Frame 9C7F	213 B 347 B	8ms 8ms	Script application/x-javascript	2a03:2880:f083:9:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://static.xx.fbcdn.net/rsrc.php/v3/yH/r/ieeHDjcGsIR.js?_nc_x=Ij3Wp8lg5Kz Requested by Host: static.xx.fbcdn.net URL: https://static.xx.fbcdn.net/rsrc.php/v3/yt/r/iZpNYL8JfUb.js?_nc_x=Ij3Wp8lg5Kz Protocol H3 Security QUIC, , AES_128_GCM Server 2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 6480d194b98b9fc3e4589a44b7e54b81ad926722e5b6fb7cc236161e2c2e03ac Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://www.facebook.com/ Origin https://www.facebook.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers permissions-policy-report-only autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=() date Wed, 27 Dec 2023 21:38:42 GMT x-content-type-options nosniff content-md5 oSUZEsOZh+qyGbXjvLFs7Q== document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 213 reporting-endpoints x-fb-debug 77Rk2SVdBf/D7ocNmr4bs4qm0tcgGeDPIJzfdkquCsq3uDt/PuEco1k0JRFxCEZ6FFpawW2Udtl/xlrdiKeJ5Q== last-modified Mon, 01 Jan 2001 08:00:00 GMT vary Origin content-type application/x-javascript; charset=utf-8 access-control-allow-origin https://www.facebook.com cache-control public,max-age=31536000,immutable permissions-policy accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=() timing-allow-origin * priority u=1 expires Thu, 19 Dec 2024 18:28:10 GMT
GET H3	200	/ www.facebook.com/login/ Frame 9C7F	0 0	169ms 169ms	Document text/html	2a03:2880:f176:181:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Flike_box.php%3Fapp_id%3D105231989568955%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df34779b60c6df3c%2526domain%253Dlex.bg%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Flex.bg%25252Ff2ac97390d1f60c%2526relation%253Dparent.parent%26container_width%3D0%26header%3Dtrue%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252F%2523%2521%252Fpages%252FLEXBG-%2525D0%252591%2525D1%25258A%2525D0%2525BB%2525D0%2525B3%2525D0%2525B0%2525D1%252580%2525D1%252581%2525D0%2525BA%2525D0%2525B8%2525D1%25258F%2525D1%252582-%2525D0%2525BF%2525D1%252580%2525D0%2525B0%2525D0%2525B2%2525D0%2525B5%2525D0%2525BD-%2525D0%2525BF%2525D0%2525BE%2525D1%252580%2525D1%252582%2525D0%2525B0%2525D0%2525BB%252F252700991422690%26locale%3Dbg_BG%26sdk%3Djoey%26show_faces%3Dtrue%26stream%3Dfalse%26width%3D300 Requested by Host: static.xx.fbcdn.net URL: https://static.xx.fbcdn.net/rsrc.php/v3/yt/r/iZpNYL8JfUb.js?_nc_x=Ij3Wp8lg5Kz Protocol H3 Security QUIC, , AES_128_GCM Server 2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash Security Headers Name Value Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers Referer https://www.facebook.com/plugins/like_box.php?app_id=105231989568955&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df34779b60c6df3c%26domain%3Dlex.bg%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Flex.bg%252Ff2ac97390d1f60c%26relation%3Dparent.parent&container_width=0&header=true&href=https%3A%2F%2Fwww.facebook.com%2F%23!%2Fpages%2FLEXBG-%25D0%2591%25D1%258A%25D0%25BB%25D0%25B3%25D0%25B0%25D1%2580%25D1%2581%25D0%25BA%25D0%25B8%25D1%258F%25D1%2582-%25D0%25BF%25D1%2580%25D0%25B0%25D0%25B2%25D0%25B5%25D0%25BD-%25D0%25BF%25D0%25BE%25D1%2580%25D1%2582%25D0%25B0%25D0%25BB%2F252700991422690&locale=bg_BG&sdk=joey&show_faces=true&stream=false&width=300 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=86400 cache-control private, no-cache, no-store, must-revalidate content-encoding br content-security-policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; content-type text/html; charset="utf-8" cross-origin-opener-policy same-origin-allow-popups date Wed, 27 Dec 2023 21:38:42 GMT expires Sat, 01 Jan 2000 00:00:00 GMT origin-agent-cluster ?0 pragma no-cache priority u=0,i report-to {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]} reporting-endpoints default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown" strict-transport-security max-age=15552000; preload vary Accept-Encoding x-content-type-options nosniff x-fb-debug FQ9mrN8KKCnYkA5KFqDKTLFJeDAKL4PhZqnnlC9R744ONBtkZON2zM6sz16ONZ6VryjQoq06tBA1+7Ql3ncuIw== x-frame-options DENY x-xss-protection 0
POST		bz www.facebook.com/ajax/ Frame 9C7F	0 0
POST		bz www.facebook.com/ajax/ Frame 9C7F	0 0
POST		bz www.facebook.com/ajax/ Frame 9C7F	0 0
GET H3	200	latest.json Show response cdn.jsdelivr.net/gh/prebid/currency-file@1/	2 KB 2 KB	31ms 19ms	XHR application/json	2606:4700::6810:5514 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20231227 Requested by Host: etargetcdn.com URL: https://etargetcdn.com/hb/prebid7.34.0.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2e014a66d67cb0056d39e37b4a22ab58541699f4a1fcbbcaa820a22e76f50891 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://lex.bg/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Content-Type text/plain Response headers date Wed, 27 Dec 2023 21:38:43 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} age 20274 x-jsd-version 1.0.1917 content-encoding br x-cache HIT, MISS cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 x-served-by cache-fra-eddf8230103-FRA, cache-lga21931-LGA x-jsd-version-type version server cloudflare etag W/"636-qhsbA9eRRPsAhwYHjDrSMx9gN2s" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9PWaYoC7BD1Aimr4IkAK64WnkYa8CV%2BJmGrN%2Bv%2FDUjrMIzKPIy9FzwDrPPCwVAvil56WSM7MDxa5j07ZcyTFcAbZF7byo55GaUOZcgawXuePFE49CvaatPtVptxGd3NO9U%2FYrCHRnRH7MynLnkQ%3D"}],"group":"cf-nel","max_age":604800} content-type application/json; charset=utf-8 access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=604800, s-maxage=43200 timing-allow-origin * cf-ray 83c4b64d1f39bb74-FRA
GET H2	200	topics_frame.html Show response ads.pubmatic.com/AdServer/js/topics/ Frame DD6E	2 KB 1 KB	47ms 13ms	Document text/html	23.35.236.201 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://ads.pubmatic.com/AdServer/js/topics/topics_frame.html?bidder=pubmatic Requested by Host: etargetcdn.com URL: https://etargetcdn.com/hb/prebid7.34.0.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-35-236-201.deploy.static.akamaitechnologies.com Software Apache / Resource Hash c16a536e9381a97c5d473a2b70aa9057bceebe38f05bb7d90360c96bff579033 Request headers Referer https://lex.bg/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes cache-control max-age=23080 content-encoding gzip content-length 859 content-type text/html date Wed, 27 Dec 2023 21:38:43 GMT expires Thu, 28 Dec 2023 04:03:23 GMT last-modified Tue, 21 Mar 2023 05:02:13 GMT p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" server Apache vary Accept-Encoding
GET H2	200	fastlane.json Show response fastlane.rubiconproject.com/a/api/	315 B 817 B	222ms 113ms	XHR application/json	2602:803:c003:200::44 RUBICONPROJECT
General Check archive.org Show headers Download Go to Full URL https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11352&site_id=190390&zone_id=2706640&size_id=1&p_pos=btf&gdpr=0&rp_schain=1.0,1!etarget.sk,15640,1,,,&rf=https%3A%2F%2Flex.bg%2F&kw=%D0%BF%D1%80%D0%B0%D0%B2%D0%BE%2C%D0%B7%D0%B0%D0%BA%D0%BE%D0%BD%D0%B8%2C%D0%BF%D1%80%D0%B0%D0%B2%D0%B5%D0%BD%D0%BF%D0%BE%D1%80%D1%82%D0%B0%D0%BB%2C%D1%8E%D1%80%D0%B8%D0%B4%D0%B8%D1%87%D0%B5%D1%81%D0%BA%D0%B8%D1%81%D0%BF%D1%80%D0%B0%D0%B2%D0%BE%D1%87%D0%BD%D0%B8%D0%BA%2C%D0%B4%D1%8A%D1%80%D0%B6%D0%B0%D0%B2%D0%B5%D0%BD%D0%B2%D0%B5%D1%81%D1%82%D0%BD%D0%B8%D0%BA%2C%D0%BD%D0%BE%D1%80%D0%BC%D0%B0%D1%82%D0%B8%D0%B2%D0%BD%D0%B8%D0%B0%D0%BA%D1%82%D0%BE%D0%B2%D0%B5%2C%D0%BF%D1%80%D0%B0%D0%B2%D0%BD%D0%B8%D1%81%D0%B5%D0%BC%D0%B8%D0%BD%D0%B0%D1%80%D0%B8%2C%D0%B7%D0%B0%D0%BA%D0%BE%D0%BD%D0%BE%D0%B4%D0%B0%D1%82%D0%B5%D0%BB%D1%81%D1%82%D0%B2%D0%BE%2C%D1%80%D0%B0%D0%B1%D0%BE%D1%82%D0%B0%D0%B7%D0%B0%D1%8E%D1%80%D0%B8%D1%81%D1%82%D0%B8%2C%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%2C%D1%84%D0%BE%D1%80%D1%83%D0%BC&tg_i.page=https%3A%2F%2Flex.bg%2F&tg_i.domain=lex.bg&tg_i.pbadslot=etarget-id-82158&tk_flint=pbjs_lite_v7.34.0&x_source.tid=d482812f-900c-4552-8a63-eee1b2bcef4a&l_pb_bid_id=21bdb4a83f3d4e&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.5231283551345121 Requested by Host: etargetcdn.com URL: https://etargetcdn.com/hb/prebid7.34.0.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2602:803:c003:200::44 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US), Reverse DNS Software nginx/1.21.4 / Resource Hash c9dde87262d41a2cc7bf08375ad3137da0f07805c508f953c33293152979d108 Request headers Referer https://lex.bg/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Wed, 27 Dec 2023 21:38:43 GMT server nginx/1.21.4 vary Accept-Encoding content-type application/json access-control-allow-origin https://lex.bg cache-control no-cache, no-store, max-age=0, must-revalidate access-control-allow-credentials true content-length 315 expires Wed, 17 Sep 1975 21:32:10 GMT
GET H2	200	fastlane.json Show response fastlane.rubiconproject.com/a/api/	316 B 648 B	238ms 129ms	XHR application/json	2602:803:c003:200::44 RUBICONPROJECT
General Check archive.org Show headers Download Go to Full URL https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11352&site_id=190390&zone_id=1037508&size_id=10&p_pos=atf&gdpr=0&rp_schain=1.0,1!etarget.sk,15640,1,,,&rf=https%3A%2F%2Flex.bg%2F&kw=%D0%BF%D1%80%D0%B0%D0%B2%D0%BE%2C%D0%B7%D0%B0%D0%BA%D0%BE%D0%BD%D0%B8%2C%D0%BF%D1%80%D0%B0%D0%B2%D0%B5%D0%BD%D0%BF%D0%BE%D1%80%D1%82%D0%B0%D0%BB%2C%D1%8E%D1%80%D0%B8%D0%B4%D0%B8%D1%87%D0%B5%D1%81%D0%BA%D0%B8%D1%81%D0%BF%D1%80%D0%B0%D0%B2%D0%BE%D1%87%D0%BD%D0%B8%D0%BA%2C%D0%B4%D1%8A%D1%80%D0%B6%D0%B0%D0%B2%D0%B5%D0%BD%D0%B2%D0%B5%D1%81%D1%82%D0%BD%D0%B8%D0%BA%2C%D0%BD%D0%BE%D1%80%D0%BC%D0%B0%D1%82%D0%B8%D0%B2%D0%BD%D0%B8%D0%B0%D0%BA%D1%82%D0%BE%D0%B2%D0%B5%2C%D0%BF%D1%80%D0%B0%D0%B2%D0%BD%D0%B8%D1%81%D0%B5%D0%BC%D0%B8%D0%BD%D0%B0%D1%80%D0%B8%2C%D0%B7%D0%B0%D0%BA%D0%BE%D0%BD%D0%BE%D0%B4%D0%B0%D1%82%D0%B5%D0%BB%D1%81%D1%82%D0%B2%D0%BE%2C%D1%80%D0%B0%D0%B1%D0%BE%D1%82%D0%B0%D0%B7%D0%B0%D1%8E%D1%80%D0%B8%D1%81%D1%82%D0%B8%2C%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%2C%D1%84%D0%BE%D1%80%D1%83%D0%BC&tg_i.page=https%3A%2F%2Flex.bg%2F&tg_i.domain=lex.bg&tg_i.pbadslot=etarget-id-84094&tk_flint=pbjs_lite_v7.34.0&x_source.tid=e7166e6c-c6d1-49c4-8b1e-79f26bfdfe6c&l_pb_bid_id=305810cb21235b&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.798806890593508 Requested by Host: etargetcdn.com URL: https://etargetcdn.com/hb/prebid7.34.0.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2602:803:c003:200::44 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US), Reverse DNS Software nginx/1.21.4 / Resource Hash a11498139ffa0d5198dfdd79a02f1f63c96c050e18988a66ffb09cb71fd265bd Request headers Referer https://lex.bg/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Wed, 27 Dec 2023 21:38:43 GMT server nginx/1.21.4 vary Accept-Encoding content-type application/json access-control-allow-origin https://lex.bg cache-control no-cache, no-store, max-age=0, must-revalidate access-control-allow-credentials true content-length 316 expires Wed, 17 Sep 1975 21:32:10 GMT
POST H2	200	prebid Show response ib.adnxs.com/ut/v3/	21 KB 13 KB	279ms 250ms	XHR application/json	37.252.171.85 ASN-APPNEX
General Check archive.org Show headers Download Go to Full URL https://ib.adnxs.com/ut/v3/prebid Requested by Host: etargetcdn.com URL: https://etargetcdn.com/hb/prebid7.34.0.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 37.252.171.85 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US), Reverse DNS 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net Software nginx/1.23.4 / Resource Hash 748c1076f64cc73df5afbdd05d30e86f52bda3f5b009446104669333a2791a20 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://lex.bg/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Wed, 27 Dec 2023 21:38:43 GMT content-encoding gzip an-x-request-uuid 4f04fe06-60f7-4c98-8949-f43472c34743 server nginx/1.23.4 accept-ch Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness vary Accept-Encoding p3p policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" content-type application/json; charset=utf-8 access-control-allow-origin https://lex.bg cache-control no-store, no-cache, private access-control-allow-credentials true x-proxy-origin 81.95.5.37; 81.95.5.37; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com x-xss-protection 0 expires Sat, 15 Nov 2008 16:00:00 GMT
POST H/1.1	200 OK	/ Show response bg.search.etargetnet.com/hb/	725 B 2 KB	92ms 91ms	XHR application/json	195.168.10.173 AS-BENESTRA Brati...
General Check archive.org Show headers Download Go to Full URL https://bg.search.etargetnet.com/hb/?hbget=1&cmVmaWQ9ODIxNTgmY291bnRyeT02JnBvc2l0aW9uPWJ0ZiZ0cmFuc2FjdGlvbklkPWQxODZlMGEyLTMzZTctNGYwMS04NmE2LTE4N2EwYmE5MThlYw%3D%3D&cmVmaWQ9ODQwOTQmY291bnRyeT02JnBvc2l0aW9uPWF0ZiZ0cmFuc2FjdGlvbklkPTYxNDVmMTA5LTUzZjEtNDQwNS1iZmMxLTE3NThiMWRhNjEwMQ%3D%3D Requested by Host: etargetcdn.com URL: https://etargetcdn.com/hb/prebid7.34.0.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 195.168.10.173 Žilina, Slovakia, ASN5578 (AS-BENESTRA Bratislava, Slovak Republic, SK), Reverse DNS a45.etarget.sh.cust.gts.sk Software nginx / Resource Hash c5548965d7d37c11945ba6f9ee23eafebd2108a6c840a2d9d6a3b34d9c39cf25 Request headers Referer https://lex.bg/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Content-Type text/plain Response headers Pragma no-cache Date Wed, 27 Dec 2023 21:38:43 GMT Content-Encoding gzip Server nginx Transfer-Encoding chunked Vary Accept-Encoding Content-Type application/json access-control-allow-origin https://lex.bg Y-Protected-By Bulbasaur/mblade01-01-b X-Protected-By Bee/0.42 Cache-Control no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0 access-control-allow-credentials true P3P CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM", policyref="/w3c/p3p.xml" Connection keep-alive
POST H2	204	openrtb Show response adx.adform.net/adx/	0 617 B	26ms 26ms	XHR text/plain	37.157.3.20 ADFORM
General Check archive.org Show headers Download Go to Full URL https://adx.adform.net/adx/openrtb Requested by Host: etargetcdn.com URL: https://etargetcdn.com/hb/prebid7.34.0.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 37.157.3.20 , Denmark, ASN198622 (ADFORM, DK), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://lex.bg/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Wed, 27 Dec 2023 21:38:43 GMT strict-transport-security max-age=31536000; includeSubDomains server nginx accept-ch Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version access-control-max-age 86400 access-control-allow-methods POST,OPTIONS p3p CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT" access-control-allow-origin https://lex.bg cache-control no-cache, no-store, must-revalidate, no-transform access-control-allow-credentials true access-control-allow-headers Content-Type,Cache-Control,Accept-Encoding,X-Requested-With expires -1
POST H2	200	bid Show response ap.lijit.com/rtb/	94 B 454 B	263ms 146ms	XHR application/json	52.19.91.8 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.34.0 Requested by Host: etargetcdn.com URL: https://etargetcdn.com/hb/prebid7.34.0.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.19.91.8 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-19-91-8.eu-west-1.compute.amazonaws.com Software / Resource Hash 0db2d7f82b82d269a241c9d7ef9fb32b49398cbf2b6452c181ef715cdf745f8a Request headers Referer https://lex.bg/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Content-Type text/plain Response headers date Wed, 27 Dec 2023 21:38:43 GMT content-encoding gzip vary Accept-Encoding, User-Agent access-control-allow-methods GET, POST, DELETE, PUT content-type application/json access-control-allow-origin https://lex.bg access-control-allow-credentials true access-control-allow-headers X-Requested-With, Content-Type content-length 97
GET H/1.1	204 No Content	uni.php Show response bg.search.etargetnet.com/generic/ Frame 22A7	0 1 KB	60ms 59ms	Script application/x-javascript	195.168.10.173 AS-BENESTRA Brati...
General Check archive.org Show headers Download Go to Full URL https://bg.search.etargetnet.com/generic/uni.php?ref=82158&area=468x60&fromhb=1&nopixel=1 Requested by Host: etargetcdn.com URL: https://etargetcdn.com/hb/prebid7.34.0.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 195.168.10.173 Žilina, Slovakia, ASN5578 (AS-BENESTRA Bratislava, Slovak Republic, SK), Reverse DNS a45.etarget.sh.cust.gts.sk Software nginx / Queen/2.115 Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://lex.bg/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers Pragma no-cache Date Wed, 27 Dec 2023 21:38:43 GMT Server nginx X-Powered-By Queen/2.115 X-Protected-By Bee/0.42 access-control-allow-origin https://lex.bg Y-Protected-By Bulbasaur/mblade01-01-b Content-Type application/x-javascript Cache-Control no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0 access-control-allow-credentials true P3P CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM", policyref="/w3c/p3p.xml" Connection keep-alive
GET H/1.1	200 OK	header_bidding_log.php Show response bg.search.etargetnet.com/generic/	2 B 518 B	49ms 17ms	XHR text/html	195.168.10.173 AS-BENESTRA Brati...
General Check archive.org Show headers Download Go to Full URL https://bg.search.etargetnet.com/generic/header_bidding_log.php?ref=82158&gdpr=1&position=btf&data={%22etarget%22:0.0511,%22rubicon%22:0,%22adform-mid-1609086%22:0,%22appnexus%22:0,%22winnerInfo%22:{%22cpm%22:0.0511,%22exchange%22:%22etarget%22,%22original_cpm%22:0.1,%22currency%22:%22EUR%22,%22size%22:%22468x60%22,%22media_type%22:%22banner%22,%22rendered%22:true}}&ua=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/120.0.6099.109%20Safari/537.36&referer=82158&winner=etargetppc&version=1.9&true_winners={%22etarget%22:%220.0511%20and%20OCPM:%200.1%22}&time_milis=3821 Requested by Host: etargetcdn.com URL: https://etargetcdn.com/hb/init2.0.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 195.168.10.173 Žilina, Slovakia, ASN5578 (AS-BENESTRA Bratislava, Slovak Republic, SK), Reverse DNS a45.etarget.sh.cust.gts.sk Software nginx / Resource Hash 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3 Request headers accept-language de-DE,de;q=0.9 Referer https://lex.bg/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers Pragma no-cache Date Wed, 27 Dec 2023 21:38:43 GMT Content-Encoding gzip Server nginx Transfer-Encoding chunked Vary Accept-Encoding Content-Type text/html; charset=UTF-8 access-control-allow-origin https://lex.bg Y-Protected-By Bulbasaur/mblade01-01-b X-Protected-By Bee/0.42 Cache-Control no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0 access-control-allow-credentials true Connection keep-alive
GET H3	200	render_post_ads_v1.html Show response googleads.g.doubleclick.net/pagead/ Frame FFE8	13 KB 5 KB	8ms 8ms	Document text/html	2a00:1450:4001:800::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html Requested by Host: etargetcdn.com URL: https://etargetcdn.com/hb/prebid7.34.0.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 04f5d63c75f9fabede423b3d013e6efd9a448190898a34499a4010a59014a8d2 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://lex.bg/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers age 9083 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=86400 content-encoding br content-length 4767 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Wed, 27 Dec 2023 19:07:20 GMT etag 12223946614886178233 expires Thu, 28 Dec 2023 19:07:20 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	200	xbfe_backfill.js Show response googleads.g.doubleclick.net/pagead/ Frame EDF8	7 KB 3 KB	7ms 7ms	Script text/javascript	2a00:1450:4001:800::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/xbfe_backfill.js Requested by Host: etargetcdn.com URL: https://etargetcdn.com/hb/prebid7.34.0.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash c0481712fe5bae84f1b02cc375afad77dc9e141437602c3a0717739654e9a003 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://lex.bg/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Wed, 27 Dec 2023 20:49:49 GMT content-encoding br x-content-type-options nosniff age 2934 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 3350 x-xss-protection 0 server cafe etag 10582483094955927000 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control public, max-age=3600 timing-allow-origin * expires Wed, 27 Dec 2023 21:49:49 GMT
GET H/1.1	200 OK	trk.js Show response cdn.adnxs.com/v/s/240/ Frame EDF8	80 KB 28 KB	48ms 7ms	Script application/x-javascript	151.101.129.108 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn.adnxs.com/v/s/240/trk.js Requested by Host: etargetcdn.com URL: https://etargetcdn.com/hb/prebid7.34.0.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.129.108 , United States, ASN54113 (FASTLY, US), Reverse DNS Software AkamaiNetStorage / Resource Hash 519e50788224b3422c6e6b1cce48d5decb83eece248558b54e48f88491e48aa4 Request headers accept-language de-DE,de;q=0.9 Referer https://lex.bg/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers Expires Thu, 14 Nov 2024 14:07:00 GMT Date Wed, 27 Dec 2023 21:38:43 GMT Content-Encoding gzip Via 1.1 varnish, 1.1 varnish Age 3655905 X-Cache HIT, HIT Connection keep-alive Content-Length 27680 X-Served-By cache-lga21956-LGA, cache-fra-etou8220095-FRA Last-Modified Wed, 15 Nov 2023 14:06:46 GMT Server AkamaiNetStorage X-Timer S1703713124.732457,VS0,VE0 ETag "ccac3ab7f323b8743d099010fcce15a4:1700057206.383562" Vary Accept-Encoding Content-Type application/x-javascript Access-Control-Allow-Origin * Cache-Control max-age=31536000 Accept-Ranges bytes X-Cache-Hits 7, 958274
GET H2	200	it fra1-ib.adnxs.com/ Frame EDF8	0 644 B	23ms 8ms	Image text/html	37.252.171.85 ASN-APPNEX
General Check archive.org Show headers Download Go to Show image Full URL https://fra1-ib.adnxs.com/it?an_audit=0&referrer=https%253A%252F%252Flex.bg%252F&e=wqT_3QL4Bej4AgAAAwDWAAUBCOOysqwGEOXm9JjelNfQOxgAKjYJGmoUkszq2j8RMFqR4i3h1j8ZAAAA4KNwAUAhMA0SACkRJMgxAAAAYI_C1T8w9PnMBjjdQUDlHkhlUKuiyyVY7LtbYABoxIFseJeIBoABAYoBA1VTRJIFBvBVmAGsAqAB2ASoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQDYApukA-AC9_g_6gIPaHR0cHM6Ly9sZXguYmcvgAMAiAMBkAMAmAMXoAMBqgPnAQq_AWgNJXBwYWdlYWQyLmdvb2dsZXN5bmRpY2F0aW9uLmNvbQ0eRC9nZW5fMjA0P2lkPWF3YmlkJgUG9F4BX2I9QUtBbWYtQkdZN3p3bHNYRk1kdW5qWW8xRGhhZ2FGejRDeGFNSGFYZW9oSFdXY1U5TERDaWJRTjFhempTaUNXZHdqNEtJWmpxak0yVXBYSXB2Z0s5akhvWWlzbjJyWUFjWlEmcHI9MTA6JHtBVUNUSU9OX1BSSUNFfRoTNDI5NjgxNzM4NzAzNzg2NDgwNSIINzg4Mjc4MTkqBDM5NDHAA9gEyAMA2APYxzzgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQKODEuOTUuNS4zN6gEALIEEAgAEAQYrAIg2AQoADAAOAK4BADABADIBADaBAIIAeAEAfAEq6LLJYgFAZgFAKAFm5WLmsWE1Ld4wAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAFsL0Y-gUECAAQAJAGAJgGALgGAMEGAAAAAAAA8D_QBu6PAdoGFgoQBTQdAbAQABgA4AYB8gYCCACABwGIBwCgBwGqBwwxNTUwOTA0NjY0NDnIB5eIBtIHDQkROAE1DNoHBggFCazgBwDqBwIIAPAH-dMCiggCEACVCAAAgD-YCAHACJukA9IICQj___8_EAAYAA..&s=d3453dbdcf67395b5620de749b53ee75e4085eb1 Requested by Host: etargetcdn.com URL: https://etargetcdn.com/hb/prebid7.34.0.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 37.252.171.85 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US), Reverse DNS 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net Software nginx/1.23.4 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://lex.bg/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers pragma no-cache date Wed, 27 Dec 2023 21:38:43 GMT an-x-request-uuid 87bef358-959d-4da4-b747-0f764735dc30 server nginx/1.23.4 accept-ch Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness p3p policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" content-type text/html; charset=utf-8 access-control-allow-origin * cache-control no-store, no-cache, private access-control-allow-credentials true x-proxy-origin 81.95.5.37; 81.95.5.37; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com content-length 0 x-xss-protection 0 expires Sat, 15 Nov 2008 16:00:00 GMT
GET H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame EDF8	0 20 B	41ms 41ms	Image image/gif	2a00:1450:4001:827::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=awbid&awbid_b=AKAmf-Cwn8R2gpB9FKq6WzuwRJU-qujjise_q09QYaq3WCVLaSNnlrPuL1TQotlTKU3kvSZv8aQpKvhpmSIQ3bOgn4k5ml8HSA Requested by Host: etargetcdn.com URL: https://etargetcdn.com/hb/prebid7.34.0.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://lex.bg/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers pragma no-cache date Wed, 27 Dec 2023 21:38:43 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	header_bidding_log.php Show response bg.search.etargetnet.com/generic/	2 B 518 B	50ms 17ms	XHR text/html	195.168.10.173 AS-BENESTRA Brati...
General Check archive.org Show headers Download Go to Full URL https://bg.search.etargetnet.com/generic/header_bidding_log.php?ref=84094&gdpr=1&position=atf&data={%22etarget%22:0.0511,%22rubicon%22:0,%22sovrn%22:0,%22adform-mid-594851%22:0,%22appnexus%22:0.3231,%22winnerInfo%22:{%22cpm%22:0.3231,%22exchange%22:%22appnexus%22,%22original_cpm%22:0.357494,%22currency%22:%22EUR%22,%22size%22:%22300x600%22,%22media_type%22:%22banner%22,%22rendered%22:true}}&ua=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/120.0.6099.109%20Safari/537.36&referer=84094&winner=appnexus&version=1.9&true_winners={%22etarget%22:%220.0511%20and%20OCPM:%200.1%22,%22appnexus%22:%220.3231%20and%20OCPM:%200.357494%22}&time_milis=3829 Requested by Host: etargetcdn.com URL: https://etargetcdn.com/hb/init2.0.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 195.168.10.173 Žilina, Slovakia, ASN5578 (AS-BENESTRA Bratislava, Slovak Republic, SK), Reverse DNS a45.etarget.sh.cust.gts.sk Software nginx / Resource Hash 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3 Request headers accept-language de-DE,de;q=0.9 Referer https://lex.bg/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers Pragma no-cache Date Wed, 27 Dec 2023 21:38:43 GMT Content-Encoding gzip Server nginx Transfer-Encoding chunked Vary Accept-Encoding Content-Type text/html; charset=UTF-8 access-control-allow-origin https://lex.bg Y-Protected-By Bulbasaur/mblade01-01-b X-Protected-By Bee/0.42 Cache-Control no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0 access-control-allow-credentials true Connection keep-alive
GET H2	200	rd_log Show response fra1-ib.adnxs.com/ Frame EDF8	0 643 B	13ms 7ms	Script text/html	37.252.171.85 ASN-APPNEX
General Check archive.org Show headers Download Go to Full URL https://fra1-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Flex.bg%2F&e=wqT_3QKfNOgfGgAAAwDWAAUBCOOysqwGEOXm9JjelNfQOxgAKjYJGmoUkszq2j8RMFqR4i3h1j8ZAAAA4KNwAUAhMA0SACkRJMgxAAAAYI_C1T8w9PnMBjjdQUDlHkhlUKuiyyVY7LtbYABoxIFseJeIBoABAYoBA1VTRJIFBvBbmAGsAqAB2ASoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQDYApukA-AC9_g_6gIPaHR0cHM6Ly9sZXguYmcv8gINCgZIRUlHSFQSAzYwMPICDAoFV0lEVEgSAzMBD_TCAiEKBkxPQURFUhIXcmVuZGVyX3Bvc3RfYWRzX3YxLmh0bWzyAhYKCklGUkFNRV9LRVkSCDU0NjY1OTky8gLIFQoLUFJFX1NDUklQVFMSuBU8c2NyaXB0PihmdW5jdGlvbigpey8qCgogQ29weXJpZ2h0IFRoZSBDbG9zdXJlIExpYnJhcnkgQXV0aG9ycy4KIFNQRFgtTGljZW5zZS1JZGVudGlmaWVyOiBBcGFjaGUtMi4wCiovCnZhciBrPXRoaXN8fHNlbGY7ZnVuY3Rpb24gbChhKXtsWyIgIl0oYSk7cmV0dXJuIGF9bFsiICJdPWZ1bmN0aW9uKCl7fTt2YXIgbT1BcnJheS5wcm90b3R5cGUuaW5kZXhPZj9mdW5jdGlvbihhLGMpe3JldHVybiBBcnJheS5wcm90b3R5cGUuaW5kZXhPZi5jYWxsKGEsYyx2b2lkIDApfTpmdW5jdGlvbihhLGMpe2lmKCJzdHJpbmciPT09dHlwZW9mIGEpcmV0dXJuInN0cmluZyIhPT10eXBlb2YgY3x8MSE9Yy5sZW5ndGg_LTE6YS5pbmRleE9mKGMsMCk7Zm9yKHZhciBlPTA7ZTxhLmxlbmd0aDtlKyspaWYoZSBpbiBhJiZhW2VdPT09YylyZXR1cm4gZTtyZXR1cm4tMX07ZnVuY3Rpb24gbihhKXthPXZvaWQgMD09PWE_ZG9jdW1lbnQ6YTtyZXR1cm4gYS5jcmVhdGVFbGVtZW50KCJpbWciKX07ZnVuY3Rpb24gcChhLGMsZSl7dmFyIGI9ITE7Yj12b2lkIDA9PT1iPyExOmI7YS5nb29nbGVfaW1hZ2VfcmVxdWVzdHN8fChhLmdvb2dsZV9pbWFnZV9yZXF1ZXN0cz1bXSk7dmFyIGQ9bihhLmRvY3VtZW50KTtpZihlKXt2YXIgZj1mWWoUaWYoZSl7QRwQZz1hLmdObQBILGg9bShnLGQpOzA8PWgmJkFycjL9ARxzcGxpY2UuYyHPdGcsaCwxKX1kLnJlbW92ZUV2ZW50TGlzdGVuZXImJlIXADQoImxvYWQiLGYsITEpO1IjAGI6ABBlcnJvcg07GH07ZC5hZGRCcwA-FAA-cAA-IAABbT4UAAAoNmoAMGImJihkLmF0dHJpYnVhsxRTcmM9IiIBvhRzcmM9YztaSgEsLnB1c2goZCl9CjtmLYMIIHEoKX8IYT1kLaw0LmN1cnJlbnRTY3JpcHRtjwgoYT1VHEBhP251bGw6YSkmJiI3NyI9PSG6CGV0QQ2QOGUoImRhdGEtamMiKT9hOhVXPHF1ZXJ5U2VsZWN0b3IoJ1sNJQA9AUQQXScpfTtBBixyPVJlZ0V4cCgiXmihGOA_Oi8vKFxcd3wtKStcXC5jZG5cXC5hbXBwcm9qZWN0XFwuKG5ldHxvcmcpKFxcP3wvfCQpIik7CmYR4AB0FeAAawVhDGM9W10FCQRlPQHGDDtkb3sBeBhiPWE7dHJ5BQwsZDtpZihkPSEhYiYmASQcIT1iLmxvY2EhaiAuaHJlZiliOnsBLZBsKGIuZm9vKTtkPSEwO2JyZWFrIGJ9Y2F0Y2goaCl7fWQ9ITF9AV4IZj1kGRcAZgEWDGlmKGYpeQBnPl4AEDtlPWIuMTYEJiYZDCgucmVmZXJyZXJ8fAGXJH1lbHNlIGc9ZSwNywBjKeAwbmV3IHUoZ3x8IiIpKQXVFGE9Yi5wYSHUGYYAYQX_TH19d2hpbGUoYSYmYiE9YSk7Yj0whakAYZXKdC0xO2I8PWE7KytiKWNbYl0uZGVwdGg9YS1iO2I9ayErOR4BrjUqOGFuY2VzdG9yT3JpZ2luc24cABwubGVuZ3RoPR11LClmb3IoYT0xO2E8Yw0fTDsrK2EpZz1jW2FdLGcudXJsfHwoBQguQgE6dgAUW2EtCjFdIQwYLGcuaD0hMAHjKSIAaxmrIdVl_wBnJRYlAgRlPTIEASAwPD1lOy0tZSkhukQ9Y1tlXSwhZyYmci50ZXN0KGYBjyApJiYoZz1mKSwFDiwmJiFmLmgpe2I9ZjtFGwB9DV0AZRXmBCYmAcwBOwQ7MEFlJVoIJiZlBUgBGwgpO2MFrRR2KGIsZyltixggYy5nP2MuBfoMOmMuaQFAAH110AB2odYEKXvhaAQuaUHVGGhpcy5nPWMZIgB1HSIIdXJsESQUaD0hIWM7BS8FiCUKAH2ZKQB3dUkUdCgpLGM92d48Ij8iKTtzZXRUaW1lb3V0KBGMDTEAZZk6GGU_LjAxOmVBNUQhKE1hdGgucmFuZG9tKCk-ZSlpDwxiPXEoIaQAImX_NDovLyIrKGImJiJ0cnVlgWsEYi5SawQ4LXJjZCIpPyJwYWdlYWQyzUoQc3luZGlpuSAtY24uY29tIjpmIwAFIAwpKyIvCUV4L2dlbl8yMDQ_aWQ9amNhJmpjPTc3JnZlcnNpb249IoVFDGQ9KGQBsQApobZWmQANMTAiKXx8InVua25vd24iYeNcK2QrIiZzYW1wbGU9IitlO2I9d2luZG93BVgAZjk0FGY_ITE6ZiEzNGQ9Yi5uYXZpZ2F0b3IpMg4AUC51c2VyQWdlbnQsZD0vQ2hyb21lL0mbIGQpJiYhL0VkZxkRHD8hMDohMTtkYZMVUTAuc2VuZEJlYWNvbj8KHWkdGCQoZSk6cChiLGUs1QwJnhApfX0sMFWgXDA8PWM_YS5zdWJzdHJpbmcoMCxjKTphfQngEC5yZmw9XSOIcmV0dXJuIGVuY29kZVVSSUNvbXBvbmVudCh3KCkpfTt9KS7l20GaECk7CjwvGrAKaPICyQIKCkVYVFJBX1RBR1MSugI8ZGl2IHN0eSFSDHBvc2mhsWQ6IGFic29sdXRlOyBsZWZ0OiAwcHg7IHRvcA0KZHZpc2liaWxpdHk6IGhpZGRlbjsiPjxpbWcg4UxVh0kUSlkCQTYNHi4yAhRhd2JpZCYFBvCGX2I9QUtBbWYtQ3duOFIyZ3BCOUZLcTZXenV3UkpVLXF1amppc2VfcTA5UVlhcTNXQ1ZMYVNObmxyUHVMMVRRb3RsVEtVM2t2U1p2OGFRcEt2aHBtU0lRM2JPZ240azVtbDhIU0EiIGJvcmRlcj0wIHdpZHRoPTEgaGVpZ2h0PTEgYWx0PSIiMRqAZGlzcGxheTpub25lIj48L2Rpdj7yApgBCgxQT1NUX1NDFhoMCIcBPClqNggBFqMJUGFkcy5nLmRvdWJsZWNsaWNrLm5ldDEGPHhiZmVfYmFja2ZpbGwuanMBZQlLAD4NUy5tDBwge3IzcHgoJx6kDBwnKTt9KSgpOz3pELATChBIAZw0UE9SVF9QQVJBTVMSmxORIoqTAPCGYWRmZXRjaD9hZGs9MjQxODE5NDE3OCZhZHNhZmU9bWVkaXVtJmNsaWVudD1jYS1wdWItMzA3Njg5MDAxMjc0MTQ2NyZmb3JtYXQ9MzAweDYwMF9hcyZpcD04MS45NS41LjM3Jm91dHB1dD1odG1sJnBzZD1XMTAlM0QmdW52aWV3ZWRfcG9zRZIgX3N0YXJ0PTEmoX0RxABsFv0NECZzdWJfDYgAYkGN8H1yLTM0NDkwNDQmaGw9ZGUmYWNlaWQ9TURaUUVnQkNYajRBa21BMEFaUndOQUVMbERRQmdwVTBBWXVWTkFHeGxUUUIxSlUwQVhTV05BRjJsalFCclpZMEFlYVdOQUhybGpRQng1YzBBZi1YTkFFRG1EUUJDWmcwQVNTWU5BRkQBECxsSmcwQWFPWU5BRzABEAB1ARAAZQEQBEhuARAAOQEQWGZhWU5BRU9tVFFCRTVrMEFSYVpOQUVjARAASwEQGFVtWk5BRk0BEBhUcGswQVZHARAAaAEQGGFKazBBWGUBEAA2ARD0jANTM05CQVZOelFRR2R1OWdCMFN6WkFXQWRYQUpfSGx3Q3ZfNklBaURfaUFJblFxb0NLRUtxQWtKa3FnSm5hNm9DX1hpcUFvQ2JxZ0tCbTZvQ2dwdXFBcUtvcWdKX3phb0NXZmlxQWliN3FnSkMtNm9DeGdlckFqd2pxd0tFSjZzQ1ZDaXJBdkUxcXdMVU5xc0NKVHFyQWlrNnF3SXRPcXNDcmpxckFqMUJxd0paU0tzQ2JFcXJBbUJPcXdLNFRxc0M5RkNyQWdKUnF3SUtVYXNDVUZPckF1Wlpxd0lnWEtzQ2JHZXJBcmxucXdLc2Jhc0N3bTJyQWhweHF3THdjYXNDZjNPckFuWjBxd0xMZEtzQ0NIYXJBaGQzcXdJY2Q2c0NJSGVyQWlWM3F3SXFkNnNDdEhpckFnbDVxd0xKZmFzQ0VYNnJBbEdBcXdLR2dLc0NuSUdyQXZTQ3F3SmhoS3NDYzRlckFwNktxd0swaTZzQ3NveXJBclNNcXdLMmpLc0N0NHlyQXE2T3F3SlRrS3NDM1pXckFseVhxd0lvbXFzQ2hacXJBamlkcXdMX25hc0N5YUNyQWlpaXF3S2hvcXNDazZTckFoNm1xd0pscHFzQzZLZXJBb2VwcXdMYnE2c0NSS3lyQXZhc3F3SVVycXNDUXE2ckFqdXZxd0xCc0tzQ1lyS3JBaEN6cXdJUnM2c0NLTE9yQW42enF3S3dzNnNDRnJTckFocTBxd0lodEtzQ0piU3JBaW0wcXdMNXRhc0NPTGFyQXV1MnF3THR0cXNDb2JlckFyVzNxd0xTdDZzQzI3ZXJBdWk0cXdJaHVhc0Mtcm1yQW51NnF3SzR1cXNDVDd5ckFyMjlxd0stdmFzQ083NnJBbGEtcXdLRHZxc0M5NzZyQXBUdEJRT2I3UVVEdTBFUkE4RnNKQVFGWHZjRWNYaXVCVnQ1cmdVT2VxNEZJWHF1QldkN3JnVUhmSzRGbkxURkJhQlZ3Z2JpalBzUzk1SDdFdEtyLXhJVXlQc1M3LTM3RXB2eS14SmxEdndTVmdfOEVxMFRfQko1R1B3U3pCbjhFa29hX0JKZ0d2d1M1aHY4RWpJY19CTFZIZndTNWgzOEV1d2RfQklzSHZ3U29CNzhFdGtlX0JJYkhfd1NKQl84RW1paTZoU3Y5UU1WOTFackdwU2h3U2FDOVFSWSZleGs9NTQ2NjU5OTLNwQBj0cH0vwYyS0ZzcWc4YW9Va3JKRkFkY3hyb3Z4RHFTb0M3NkZHSUNRTlc3RHVFWkNHdXlneVd1SWRjU01rMHBEWW5iN1dPcFkyY3duMWVxY01teXZaOUVCWUxlZUREcVR1aGFkeVRmVmJaSkw3Z2d4a2dWQXV1YUlhN1JSc1MyWVZoOFNDX09nbUQ0cWpoRXlmQ1VzMXRmMHVZQklJX3dvMWFHTGxndWVOTnRsZlE0NUlTSng0b3RtRXhnMndiVm16NVdpNjIxQVpyXyZhd2JpZF9kPUFLQW1mLURGMk91dGtyU25xdHR3WkppR1REUkhYU1JvQlE1Y0FUN292VDZ1Nmt4YkJfOW5TeFczV3BuRUVzenQzbnpWT195WjMtd0lCVF9kVHo3RlVGWnRBdElGaGdnTEtFMGhNZWJ0dnIzbjMwR0t2cnUwamZVblQ1Wk9CdVdBWHdlRmN5M2pUdnlnbmdETnExclZMR19HaWpNZkFfMDkzMHlESGJiOEw0Zkx2WDRXbnZCeWptVGgxX2Iya0YteUlCOWdxZlpTSVVMUlpfdmVSTGNQRkFaR2NUeGJSV3h6UW9hX21mTUJRbmpxRHpLbElVb204WmJTVDAzcGJBZzRoaVdfYWg4Zi1xRFdSNkxnWkpDZjBaT3lPTjZuclhhYUE1X0VzazlBU1B6SFVwdnU5bUg5NTJmUzJXUGNnZS0zUFM5Um9kcmVuT20tTVZMVlh6c0lDV0ZHeGJ1Tm9yekMzdXhpRnN6TkJISlJJdGxrVnE5RVJ5dW5LV2tnWlYwT0g4Qmh5aFhpeXRKWEU4akR2aHo5S0l5WElDSTZNbFdqSlpUbHRWMTBRRFZqTHpPNFQwVzdkbmdaeU5xMnV3LUlHZVRCejZDTW5Sb2J5WHByWld0am9rZWUwQ3JWbXZoY2dtWUp2SFlYWGNDY3QxVkxZM0VtcC1Ta0xJV0xXcUZEQXFTSHZrOVhJN3h1WnZjLWhSalY3MUc2LWdXQUJzYU5tdG41WVZ2eXB0TmxWQmVWV1dnM0dabTU3SkRCMGw4MVdjbkFOUzZGR2NrOHlUWnN2Nzc0bzU1Qk9UblZHY0g3ZTMyUmk5WHBraGVJaHdTQ3hmdklHaHRSbG5YTnlBcm1GSlZzMTBaLWhTTU9TTjI1c1hZTWotOWgtTEtxTEpYVDZ6RUNSajFmWWQ1ei1vUnpyVTY1WHF2RkVzbldHaHQzYmI4aF9zTmprVHJIb3BuSUJYT0tteGZGd2RIRHk5MWdOdkZ0TmVvOUhna0pnd0xPZlNWMVBUdl9keHpTbHJnVmVZel9kbDNsNTVGRXRDNklxcDZtMnZYcThFTk5DZGV4V3cmY2lkPUNBUVNHd0F2SGhmX0ZWQTdvWlJvTXdUZGY4LTZyZGRsQTRNUW9sLTR1aGdCJmFfY2lkPYADAIgDAZADAJgDF6ADAaoDAMAD2ATIAwDYA9jHPOADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBAo4MS45NS41LjM3qAQAsgQQCAAQBBisAiDYBCgAMAA4ArgEAMAEAMgEANoEAggB4AQB8ASrossliAUBmAUAoAWblYuaxYTUt3jABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB6gUkCiDQvdC-0YDQvNCw0YLQuNCy0L3QuNCw0LrRgtC-0LLQtRIA6gUOCgrQv9GA0LDQstC-EgDqBSIKHtC00YrRgNC20LDQstC10L3QstC10YHRgtC90LjQuhIA6gUsCijRjtGA0LjQtNC40YfQtdGB0LrQuNGB0L_RgNCw0LLQvtGH0L3QuNC6EgDqBSAKHNGA0LDQsdC-0YLQsNC30LDRjtGA0LjRgdGC0LgSAOoFIgoe0LfQsNC60L7QvdC-0LTQsNGC0LXQu9GB0YLQstC-EgDqBQ4KCtGE0L7RgNGD0LwSAOoFEAoM0LfQsNC60L7QvdC4EgDqBRAKDNC90L7QstC40L3QuBIA6gUcChjQv9GA0LDQstC10L3Qv9C-0YDRgtCw0LsSAOoFIAoc0L_RgNCw0LLQvdC40YHQtdC80LjQvdCw0YDQuBIA8AWwvRj6BQQIABAAkAYAmAYAuAYAwQYAAAAAAADwP9AG7o8B2gYWChAAAAAAAAAAAAAAAAAAAAAAEAAYAOAGAfIGAggAgAcBiAcAoAcBqgcMMTU1MDkwNDY2NDQ5yAeXiAbSBw0JAAAAAAAAAAAQABgA2gcGCAAQABgA4AcA6gcCCADwB_nTAooIAhAAlQgAAIA_mAgBwAibpAPSCAYIABAAGAA.&s=dbeb3833cefa09490d967cd9de5b52d71c2c75a2&bdref=https%3A%2F%2Flex.bg%2F&bdtop=true&bdifs=1&bstk=https%3A%2F%2Flex.bg%2F,https%3A%2F%2Flex.bg%2F& Requested by Host: lex.bg URL: https://lex.bg/ Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 37.252.171.85 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US), Reverse DNS 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net Software nginx/1.23.4 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://lex.bg/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers pragma no-cache date Wed, 27 Dec 2023 21:38:43 GMT an-x-request-uuid 5c8b80c6-b16f-4a0e-84b6-6e8f14dae931 server nginx/1.23.4 accept-ch Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness p3p policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" content-type text/html; charset=utf-8 access-control-allow-origin * cache-control no-store, no-cache, private access-control-allow-credentials true x-proxy-origin 81.95.5.37; 81.95.5.37; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com content-length 0 x-xss-protection 0 expires Sat, 15 Nov 2008 16:00:00 GMT
POST H3	200	adfetch Show response googleads.g.doubleclick.net/pagead/ Frame FFE8	123 KB 41 KB	78ms 78ms	XHR text/html	2a00:1450:4001:800::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/adfetch Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash b640200e84f5ece4aef2e838c37600b1eeb8113725b1cf5110caa026141d0bae Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Content-Type application/x-www-form-urlencoded;charset=UTF-8 Response headers date Wed, 27 Dec 2023 21:38:43 GMT content-encoding br x-content-type-options nosniff server cafe p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42180 x-xss-protection 0
POST H2	200	vevent fra1-ib.adnxs.com/ Frame EDF8	0 653 B	20ms 20ms	Ping text/html	37.252.171.85 ASN-APPNEX
General Check archive.org Show headers Download Go to Full URL https://fra1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Flex.bg%2F&e=wqT_3QL4Bej4AgAAAwDWAAUBCOOysqwGEOXm9JjelNfQOxgAKjYJGmoUkszq2j8RMFqR4i3h1j8ZAAAA4KNwAUAhMA0SACkRJMgxAAAAYI_C1T8w9PnMBjjdQUDlHkhlUKuiyyVY7LtbYABoxIFseJeIBoABAYoBA1VTRJIFBvBVmAGsAqAB2ASoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQDYApukA-AC9_g_6gIPaHR0cHM6Ly9sZXguYmcvgAMAiAMBkAMAmAMXoAMBqgPnAQq_AWgNJXBwYWdlYWQyLmdvb2dsZXN5bmRpY2F0aW9uLmNvbQ0eRC9nZW5fMjA0P2lkPWF3YmlkJgUG9F4BX2I9QUtBbWYtQkdZN3p3bHNYRk1kdW5qWW8xRGhhZ2FGejRDeGFNSGFYZW9oSFdXY1U5TERDaWJRTjFhempTaUNXZHdqNEtJWmpxak0yVXBYSXB2Z0s5akhvWWlzbjJyWUFjWlEmcHI9MTA6JHtBVUNUSU9OX1BSSUNFfRoTNDI5NjgxNzM4NzAzNzg2NDgwNSIINzg4Mjc4MTkqBDM5NDHAA9gEyAMA2APYxzzgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQKODEuOTUuNS4zN6gEALIEEAgAEAQYrAIg2AQoADAAOAK4BADABADIBADaBAIIAeAEAfAEq6LLJYgFAZgFAKAFm5WLmsWE1Ld4wAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAFsL0Y-gUECAAQAJAGAJgGALgGAMEGAAAAAAAA8D_QBu6PAdoGFgoQBTQdAbAQABgA4AYB8gYCCACABwGIBwCgBwGqBwwxNTUwOTA0NjY0NDnIB5eIBtIHDQkROAE1DNoHBggFCazgBwDqBwIIAPAH-dMCiggCEACVCAAAgD-YCAHACJukA9IICQj___8_EAAYAA..&s=d3453dbdcf67395b5620de749b53ee75e4085eb1&type=nv&nvt=5&jm=1003&px=980&py=1361&bw=300&bh=600&sid=4569938751778729010&vd=ct~0|rr~0&sv=240&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=13843700&sw=1600&sh=1200&pw=1600&ph=2615&ww=1600&wh=1200&ft=2 Requested by Host: cdn.adnxs.com URL: https://cdn.adnxs.com/v/s/240/trk.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 37.252.171.85 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US), Reverse DNS 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net Software nginx/1.23.4 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://lex.bg/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers pragma no-cache date Wed, 27 Dec 2023 21:38:43 GMT an-x-request-uuid 3a6c2827-8363-4417-8874-8130a0e0ea5f server nginx/1.23.4 accept-ch Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness p3p policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" content-type text/html; charset=utf-8 access-control-allow-origin https://lex.bg cache-control no-store, no-cache, private access-control-allow-credentials true x-proxy-origin 81.95.5.37; 81.95.5.37; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com content-length 0 x-xss-protection 0 expires Sat, 15 Nov 2008 16:00:00 GMT
GET H3	200	abg_lite.js Show response tpc.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame FFE8	31 KB 12 KB	7ms 7ms	Script text/javascript	2a00:1450:4001:81c::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 565592ede82822decb298ebd1e6f56e9c6a680b1a79cd4208513a834295e4c43 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Tue, 26 Dec 2023 23:20:07 GMT content-encoding br x-content-type-options nosniff age 80316 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 11872 x-xss-protection 0 server cafe etag 16225921609732785849 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Tue, 09 Jan 2024 23:20:07 GMT
GET H3	200	s Show response googleads.g.doubleclick.net/pagead/drt/ Frame 7F31	143 B 166 B	8ms 8ms	Document text/html	2a00:1450:4001:800::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers age 545 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=3600 content-encoding gzip content-length 145 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Wed, 27 Dec 2023 21:29:38 GMT server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H3	200	window_focus.js Show response tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame FFE8	3 KB 1 KB	7ms 7ms	Script text/javascript	2a00:1450:4001:81c::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 88a577b7767cbe34315ff67366be5530949df573931dd9c762c2c2e0434c5b8a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Wed, 27 Dec 2023 01:55:38 GMT content-encoding br x-content-type-options nosniff age 70985 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1307 x-xss-protection 0 server cafe etag 18393213423120915576 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Wed, 10 Jan 2024 01:55:38 GMT
GET H3	200	qs_click_protection.js Show response tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame FFE8	30 KB 12 KB	7ms 7ms	Script text/javascript	2a00:1450:4001:81c::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 425c887bd8caee3ae355f251cb53649dd492f884523e1609ce4437ef70edc727 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Wed, 27 Dec 2023 00:38:26 GMT content-encoding br x-content-type-options nosniff age 75617 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 11807 x-xss-protection 0 server cafe etag 2895842962934950836 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Wed, 10 Jan 2024 00:38:26 GMT
GET H2	200	ufs_web_display.js Show response www.googletagservices.com/activeview/js/current/ Frame FFE8	203 KB 65 KB	64ms 33ms	Script text/javascript	2a00:1450:4001:831::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Wed, 27 Dec 2023 21:38:43 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 65731 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1702472459035717" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes timing-allow-origin * expires Wed, 27 Dec 2023 21:38:43 GMT
GET H3	200	one_click_handler_one_afma.js Show response tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame FFE8	54 KB 20 KB	9ms 8ms	Script text/javascript	2a00:1450:4001:81c::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/one_click_handler_one_afma.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 60fed3181b6988afdf2820001db18b9ebde443b9899fc4e89c6ae5c6bf6bdd33 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Wed, 27 Dec 2023 02:31:41 GMT content-encoding br x-content-type-options nosniff age 68822 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 20059 x-xss-protection 0 server cafe etag 7956693243444632869 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Wed, 10 Jan 2024 02:31:41 GMT
GET H3	200	9229958445605019817 tpc.googlesyndication.com/simgad/ Frame FFE8	66 KB 66 KB	10ms 10ms	Image image/png	2a00:1450:4001:81c::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/simgad/9229958445605019817?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qleK20-gNEnjQK_Xm8OO-f1a66sHg Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash b8d2fa3c2ac6eae739cb7859b2c78ce69793632e747ae01c3a45910a9ab11161 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Fri, 22 Dec 2023 08:35:14 GMT x-content-type-options nosniff age 479009 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 67458 x-xss-protection 0 last-modified Fri, 18 Nov 2022 10:23:32 GMT server sffe report-to {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]} content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="content-ads-owners" expires Sat, 21 Dec 2024 08:35:14 GMT
GET DATA	200 OK	truncated / Frame FFE8	216 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash ba9c944749c0c2228f7a2093fdd8aeee864c1e2d66c35623030838c839f8f01e Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers Content-Type image/png
GET H3	200	si Show response googleads.g.doubleclick.net/pagead/drt/ Frame 7F31 Redirect Chain https://www.google.com/pagead/drt/ui https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA	0 17 B	33ms 33ms	Document text/html	2a00:1450:4001:800::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private content-length 0 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Wed, 27 Dec 2023 21:38:43 GMT expires Wed, 27 Dec 2023 21:38:43 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe x-content-type-options nosniff x-xss-protection 0 Redirect headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private content-length 0 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Wed, 27 Dec 2023 21:38:43 GMT location https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H2	200	/ www.googleadservices.com/pagead/ar-adview/ Frame FFE8 Redirect Chain https://googleads.g.doubleclick.net/pagead/adview?ai=C6ZaBY5mMZbOTHvStkdUP_qu9yAHOqvz5dNbS1JDaEYfgor3AARABIOaX1iVglfrwgYwHoAGG19e9A8gBAqkCcrTddUWhsj6oAwHIA8kEqgS-AU_QD25J-ngawJ7JJ_1HH7Eu1OMujXFfvWA... https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%226497157457149680375%22,%22debug_reporting%22:true,%22destination%22:%22https://lilienthal.berlin%22,%22event_report_window...	0 0	252ms 252ms	Fetch text/css	142.250.186.34 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%226497157457149680375%22,%22debug_reporting%22:true,%22destination%22:%22https://lilienthal.berlin%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22934669190%22],%2222%22:[%22true%22],%224%22:[%2212-27%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2210517775071022794321%22}&andc=true Protocol H2 Server 142.250.186.34 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s04-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Wed, 27 Dec 2023 21:38:44 GMT x-content-type-options nosniff attribution-reporting-register-source {"debug_key":"6497157457149680375","debug_reporting":true,"destination":"https://lilienthal.berlin","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["934669190"],"22":["true"],"4":["12-27"],"6":["true"]},"priority":"500","source_event_id":"10517775071022794321"} server cafe content-type text/css; charset=UTF-8 access-control-allow-origin https://googleads.g.doubleclick.net p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control private access-control-allow-credentials true cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Wed, 27 Dec 2023 21:38:44 GMT Redirect headers content-security-policy script-src 'none'; object-src 'none' date Wed, 27 Dec 2023 21:38:43 GMT x-content-type-options nosniff server cafe content-type text/html; charset=UTF-8 location https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"6497157457149680375","debug_reporting":true,"destination":"https://lilienthal.berlin","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["934669190"],"22":["true"],"4":["12-27"],"6":["true"]},"priority":"500","source_event_id":"10517775071022794321"}&andc=true access-control-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-credentials true cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0
GET H3	200	gPTZx8Qg5YtqHYATuVEq7wiNXgGYJLmNtV6Q-nRIA0Y.js Show response pagead2.googlesyndication.com/bg/ Frame E754	50 KB 19 KB	16ms 16ms	Script text/javascript	2a00:1450:4001:827::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/gPTZx8Qg5YtqHYATuVEq7wiNXgGYJLmNtV6Q-nRIA0Y.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 80f4d9c7c420e58b6a1d8013b9512aef088d5e019824b98db55e90fa74480346 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Tue, 26 Dec 2023 13:49:16 GMT content-encoding br x-content-type-options nosniff age 114567 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 19632 x-xss-protection 0 last-modified Tue, 28 Nov 2023 18:18:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Wed, 25 Dec 2024 13:49:16 GMT
OPTIONS H3	204	/ www.googleadservices.com/pagead/ar-adview/ Frame	0 0	65ms 48ms	Preflight text/html	142.250.186.34 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%226497157457149680375%22,%22debug_reporting%22:true,%22destination%22:%22https://lilienthal.berlin%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22934669190%22],%2222%22:[%22true%22],%224%22:[%2212-27%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2210517775071022794321%22}&andc=true Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.34 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s04-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept */* Access-Control-Request-Headers attribution-reporting-eligible Access-Control-Request-Method GET Origin https://googleads.g.doubleclick.net Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers attribution-reporting-eligible access-control-allow-methods POST, GET, OPTIONS access-control-allow-origin https://googleads.g.doubleclick.net alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 content-type text/html; charset=UTF-8 date Wed, 27 Dec 2023 21:38:44 GMT p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
POST H2	204	collect region1.google-analytics.com/g/	0 54 B	105ms 104ms	Ping text/plain	2001:4860:4802:32::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.google-analytics.com/g/collect?v=2&tid=G-16F1C2CEKH&gtm=45je3bt0v9130039543&_p=1703713119118&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=996336727.1703713119&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=2&sid=1703713119&sct=1&seg=0&dl=https%3A%2F%2Flex.bg%2F&dt=Lex.bg%20-%20%D0%91%D1%8A%D0%BB%D0%B3%D0%B0%D1%80%D1%81%D0%BA%D0%B8%D1%8F%D1%82%20%D0%BF%D1%80%D0%B0%D0%B2%D0%B5%D0%BD%20%D0%BF%D0%BE%D1%80%D1%82%D0%B0%D0%BB&en=scroll&epn.percent_scrolled=90&_et=6&tfd=6038 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-16F1C2CEKH Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://lex.bg/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers pragma no-cache date Wed, 27 Dec 2023 21:38:44 GMT server Golfe2 content-type text/plain access-control-allow-origin https://lex.bg cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

12738953.fls.doubleclick.net

URL

https://12738953.fls.doubleclick.net/activityi;dc_pre=CKz4-PrJsIMDFSHMOwIdcesBPg;src=12738953;type=despo0;cat=despo0;ord=1782726534;~oref=https%3A%2F%2Fpromos.betano.de%2F?

Domain

www.facebook.com

URL

https://www.facebook.com/ajax/bz?__a=1&__ccg=EXCELLENT&__dyn=7xeUmxa13xu1syUbAihwRwqo98nwgU5Gex-ewSwMwNw8OdwJwvE3vx61cw9y0Ko2_CwjE3awbG78b87C1xwEwlU-0nS4o5-0ha2l2Utw78waOfwbK0RE5a1qw8W1uwa-7U1bo6i6811E2ZwrU6C0L836w5Kw&__hs=19718.BP%3Aplugin_default_pkg.2.0..0.0&__hsi=7317392141756630633&__req=2&__rev=1010599303&__s=%3A%3Abcyscf&__sp=1&__user=0&dpr=1&jazoest=21795&locale=bg_BG&lsd=eeLMs5EOqQ4sjT7P9XR5DZ

Domain

www.facebook.com

URL

https://www.facebook.com/ajax/bz?__a=1&__ccg=EXCELLENT&__dyn=7xeUmxa13xu1syUbAihwRwqo98nwgU5Gex-ewSwMwNw8OdwJwvE3vx61cw9y0Ko2_CwjE3awbG78b87C1xwEwlU-0nS4o5-0ha2l2Utw78waOfwbK0RE5a1qw8W1uwa-7U1bo6i6811E2ZwrU6C0L836w5Kw&__hs=19718.BP%3Aplugin_default_pkg.2.0..0.0&__hsi=7317392141756630633&__req=3&__rev=1010599303&__s=%3A%3Abcyscf&__sp=1&__user=0&dpr=1&jazoest=21795&locale=bg_BG&lsd=eeLMs5EOqQ4sjT7P9XR5DZ

Domain

www.facebook.com

URL

https://www.facebook.com/ajax/bz?__a=1&__ccg=EXCELLENT&__dyn=7xeUmxa13xu1syUbAihwRwqo98nwgU5Gex-ewSwMwNw8OdwJwvE3vx61cw9y0Ko2_CwjE3awbG78b87C1xwEwlU-0nS4o5-0ha2l2Utw78waOfwbK0RE5a1qw8W1uwa-7U1bo6i6811E2ZwrU6C0L836w5Kw&__hs=19718.BP%3Aplugin_default_pkg.2.0..0.0&__hsi=7317392141756630633&__req=4&__rev=1010599303&__s=%3A%3Abcyscf&__sp=1&__user=0&dpr=1&jazoest=21795&locale=bg_BG&lsd=eeLMs5EOqQ4sjT7P9XR5DZ