urlscan.io logo urlscan.io
SecurityTrails logo

emerald.bg Open in urlscan Pro
217.174.144.41  Public Scan

Go To Rescan Add Verdict Report
URL: https://emerald.bg/bg/pochivka/1067/pochivka-na-o-v-zanzibar-sas-samolet-ot-sofia-7-noshtuvki/
Submission: On January 21 via api from DE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 4 countries across 8 domains to perform 37 HTTP transactions. The main IP is 217.174.144.41, located in Bulgaria and belongs to HOSTING-27, BG. The main domain is emerald.bg.
TLS certificate: Issued by R3 on January 15th 2022. Valid for: 3 months.
This is the only time emerald.bg was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

12    217.174.144.41 (Bulgaria)

ASN42347 (HOSTING-27, BG)
PTR: 217-174-144-41.hosting27.com
emerald.bg
1    2a00:1450:4001:809::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2001:4de0:ac18::1:a:3a (Netherlands)

ASN20446 (HIGHWINDS3, US)
code.jquery.com
8    2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    108.157.4.106 (United States)

ASN16509 (AMAZON-02, US)
config.metomic.io
9    2606:4700:3030::6815:5cc0 (United States)

ASN13335 (CLOUDFLARENET, US)
config.confirmic.com
consent-manager.confirmic.com
2    2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2600:9000:224a:a00:0:d16c:29c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
consent-manager.metomic.io
2    2606:4700:3033::ac43:c558 (United States)

ASN13335 (CLOUDFLARENET, US)
apipub.confirmic.com
Apex Domain
Subdomains		 Transfer
12 emerald.bg
emerald.bg
1 MB
11 confirmic.com
config.confirmic.com — Cisco Umbrella Rank: 256655
consent-manager.confirmic.com — Cisco Umbrella Rank: 245135
apipub.confirmic.com — Cisco Umbrella Rank: 278525
168 KB
8 gstatic.com
fonts.gstatic.com
101 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 42
20 KB
2 metomic.io
config.metomic.io — Cisco Umbrella Rank: 346246
consent-manager.metomic.io — Cisco Umbrella Rank: 339980
714 B
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 78
68 KB
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 584
81 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 47
1 KB
37 8
Domain Requested by
12 emerald.bg emerald.bg
8 consent-manager.confirmic.com emerald.bg
consent-manager.metomic.io
consent-manager.confirmic.com
8 fonts.gstatic.com fonts.googleapis.com
2 apipub.confirmic.com consent-manager.confirmic.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 www.googletagmanager.com emerald.bg
1 consent-manager.metomic.io 1 redirects
1 config.confirmic.com emerald.bg
1 config.metomic.io 1 redirects
1 code.jquery.com emerald.bg
1 fonts.googleapis.com emerald.bg
37 11

This site contains links to these domains. Also see Links.

Domain
online.emeraldbg.com
www.facebook.com
www.instagram.com
studiox.bg
Subject Issuer Validity Valid
emerald.bg
R3		 2022-01-15 -
2022-04-15		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2021-12-27 -
2022-03-21		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-12-27 -
2022-03-21		 3 months crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2021-07-14 -
2022-08-14		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2021-12-27 -
2022-03-21		 3 months crt.sh
consent-manager.confirmic.com
Cloudflare Inc RSA CA-2		 2021-07-29 -
2022-07-28		 a year crt.sh
*.confirmic.com
R3		 2021-12-24 -
2022-03-24		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://emerald.bg/bg/pochivka/1067/pochivka-na-o-v-zanzibar-sas-samolet-ot-sofia-7-noshtuvki/
Frame ID: B5734367A258D327AB4594684886A026
Requests: 28 HTTP requests in this frame

Frame: https://consent-manager.confirmic.com/bundle.js
Frame ID: F4AE617FB7609871D5ADE26CF50ED46A
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Почивка на о-в Занзибар, със самолет от София - 7 нощувки - 02.03.22 и 18.03.22

Detected technologies

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

37
Requests

95 %
HTTPS

80 %
IPv6

8
Domains

11
Subdomains

8
IPs

4
Countries

1706 kB
Transfer

4382 kB
Size

4
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 22
  • https://config.metomic.io/config.js?id=prj:6432d155-ef74-4e84-8d3b-938247e23eb4 HTTP 301
  • https://config.confirmic.com/config.js?id=prj:6432d155-ef74-4e84-8d3b-938247e23eb4
Request Chain 25
  • https://consent-manager.metomic.io/embed.js HTTP 301
  • https://consent-manager.confirmic.com/embed.js

37 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
emerald.bg/bg/pochivka/1067/pochivka-na-o-v-zanzibar-sas-samolet-ot-sofia-7-noshtuvki/ 		71 KB
19 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://emerald.bg/bg/pochivka/1067/pochivka-na-o-v-zanzibar-sas-samolet-ot-sofia-7-noshtuvki/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
217.174.144.41 , Bulgaria, ASN42347 (HOSTING-27, BG),
Reverse DNS
217-174-144-41.hosting27.com
Software
LiteSpeed /
Resource Hash
d09da8d55d501c1145ad6ddee5cb3ff65d356dce5fe3b0e29156015b50d9792e

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

p3p
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
website-cached-content
Should expire till 60 seconds
content-type
text/html; charset=UTF-8
content-encoding
gzip
vary
Accept-Encoding
content-length
19423
date
Fri, 21 Jan 2022 16:00:30 GMT
server
LiteSpeed
all.min.css
emerald.bg/web/css/ 		196 KB
29 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://emerald.bg/web/css/all.min.css
Requested by
Host: emerald.bg
URL: https://emerald.bg/bg/pochivka/1067/pochivka-na-o-v-zanzibar-sas-samolet-ot-sofia-7-noshtuvki/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
217.174.144.41 , Bulgaria, ASN42347 (HOSTING-27, BG),
Reverse DNS
217-174-144-41.hosting27.com
Software
LiteSpeed /
Resource Hash
01c90daa931c7efec6afb4d0e86f377a72b7aa45a02b02086ac9a598feee2229

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://emerald.bg/bg/pochivka/1067/pochivka-na-o-v-zanzibar-sas-samolet-ot-sofia-7-noshtuvki/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 21 Jan 2022 16:00:30 GMT
content-encoding
gzip
last-modified
Sun, 28 Nov 2021 09:58:26 GMT
server
LiteSpeed
etag
"30e9e-61a352c2-1807fdc;gz"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
29176
expires
Fri, 28 Jan 2022 16:00:30 GMT
css
fonts.googleapis.com/ 		10 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:300,400,500,700,900&subset=cyrillic
Requested by
Host: emerald.bg
URL: https://emerald.bg/bg/pochivka/1067/pochivka-na-o-v-zanzibar-sas-samolet-ot-sofia-7-noshtuvki/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
db5f411f7205ec2bbbc73f359461682f01f5dab26cebfa18c2c3cdebefa4d38c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://emerald.bg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 21 Jan 2022 14:17:16 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Fri, 21 Jan 2022 16:00:30 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 21 Jan 2022 16:00:30 GMT
js
www.googletagmanager.com/gtag/ 		91 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-159908428-1
Requested by
Host: emerald.bg
URL: https://emerald.bg/bg/pochivka/1067/pochivka-na-o-v-zanzibar-sas-samolet-ot-sofia-7-noshtuvki/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
7cf8b7614a5e7bf4f79649c9b39f043c27bfe5584cb4cd8662575eafe8eee146
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://emerald.bg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 21 Jan 2022 16:00:30 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36456
x-xss-protection
0
last-modified
Fri, 21 Jan 2022 15:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 21 Jan 2022 16:00:30 GMT
emerald-travel-logo.png
emerald.bg/web/images/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://emerald.bg/web/images/emerald-travel-logo.png
Requested by
Host: emerald.bg
URL: https://emerald.bg/bg/pochivka/1067/pochivka-na-o-v-zanzibar-sas-samolet-ot-sofia-7-noshtuvki/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
217.174.144.41 , Bulgaria, ASN42347 (HOSTING-27, BG),
Reverse DNS
217-174-144-41.hosting27.com
Software
LiteSpeed /
Resource Hash
9e3f4e51c12cfa07a9acd607a6e9e755b3c7a9f3135b4890f5ca56d7cd079887

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://emerald.bg/bg/pochivka/1067/pochivka-na-o-v-zanzibar-sas-samolet-ot-sofia-7-noshtuvki/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 21 Jan 2022 16:00:30 GMT
last-modified
Thu, 16 Apr 2020 11:59:33 GMT
server
LiteSpeed
etag
"1686-5e9848a5-6c0c535;;;"
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
5766
expires
Fri, 28 Jan 2022 16:00:30 GMT
thumb_920x616_240658155.jpg
emerald.bg/web/files/holidays/Holiday/1067/images/ 		252 KB
253 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://emerald.bg/web/files/holidays/Holiday/1067/images/thumb_920x616_240658155.jpg
Requested by
Host: emerald.bg
URL: https://emerald.bg/bg/pochivka/1067/pochivka-na-o-v-zanzibar-sas-samolet-ot-sofia-7-noshtuvki/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
217.174.144.41 , Bulgaria, ASN42347 (HOSTING-27, BG),
Reverse DNS
217-174-144-41.hosting27.com
Software
LiteSpeed /
Resource Hash
628829c79463f340571c6aa8357679a4aab75ee9f3d48f6a1acea2531f1b3d0e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://emerald.bg/bg/pochivka/1067/pochivka-na-o-v-zanzibar-sas-samolet-ot-sofia-7-noshtuvki/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 21 Jan 2022 16:00:30 GMT
last-modified
Mon, 06 Dec 2021 14:24:41 GMT
server
LiteSpeed
etag
"3f0ee-61ae1d29-3c14e42;;;"
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
258286
expires
Fri, 28 Jan 2022 16:00:30 GMT
placeholder-1x1.png
emerald.bg/web/images/ 		95 B
178 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://emerald.bg/web/images/placeholder-1x1.png
Requested by
Host: emerald.bg
URL: https://emerald.bg/bg/pochivka/1067/pochivka-na-o-v-zanzibar-sas-samolet-ot-sofia-7-noshtuvki/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
217.174.144.41 , Bulgaria, ASN42347 (HOSTING-27, BG),
Reverse DNS
217-174-144-41.hosting27.com
Software
LiteSpeed /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://emerald.bg/bg/pochivka/1067/pochivka-na-o-v-zanzibar-sas-samolet-ot-sofia-7-noshtuvki/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 21 Jan 2022 16:00:30 GMT
last-modified
Mon, 17 Feb 2020 12:02:31 GMT
server
LiteSpeed
etag
"5f-5e4a80d7-6c0c538;;;"
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
95
expires
Fri, 28 Jan 2022 16:00:30 GMT
offer-banner-1.jpg
emerald.bg/web/images/temp-files/ 		164 KB
164 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://emerald.bg/web/images/temp-files/offer-banner-1.jpg
Requested by
Host: emerald.bg
URL: https://emerald.bg/bg/pochivka/1067/pochivka-na-o-v-zanzibar-sas-samolet-ot-sofia-7-noshtuvki/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
217.174.144.41 , Bulgaria, ASN42347 (HOSTING-27, BG),
Reverse DNS
217-174-144-41.hosting27.com
Software
LiteSpeed /
Resource Hash
206a8b8e7ada3181a20216ed3c0dc63ac45f330e1289747cbf1cb53e896fae4a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://emerald.bg/bg/pochivka/1067/pochivka-na-o-v-zanzibar-sas-samolet-ot-sofia-7-noshtuvki/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 21 Jan 2022 16:00:30 GMT
last-modified
Mon, 17 Feb 2020 12:02:38 GMT
server
LiteSpeed
etag
"28fb9-5e4a80de-941b96a;;;"
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
167865
expires
Fri, 28 Jan 2022 16:00:30 GMT
emerald-logo.png
emerald.bg/web/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://emerald.bg/web/images/emerald-logo.png
Requested by
Host: emerald.bg
URL: https://emerald.bg/bg/pochivka/1067/pochivka-na-o-v-zanzibar-sas-samolet-ot-sofia-7-noshtuvki/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
217.174.144.41 , Bulgaria, ASN42347 (HOSTING-27, BG),
Reverse DNS
217-174-144-41.hosting27.com
Software
LiteSpeed /
Resource Hash
98cd7179fa398acaa5f45d20393351d3443c46d1f09b933bb19b59d212e20a7d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://emerald.bg/bg/pochivka/1067/pochivka-na-o-v-zanzibar-sas-samolet-ot-sofia-7-noshtuvki/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 21 Jan 2022 16:00:30 GMT
last-modified
Mon, 17 Feb 2020 12:02:32 GMT
server
LiteSpeed
etag
"e27-5e4a80d8-6c0c534;;;"
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
3623
expires
Fri, 28 Jan 2022 16:00:30 GMT
all.min.js
emerald.bg/web/js/ 		2 MB
559 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://emerald.bg/web/js/all.min.js
Requested by
Host: emerald.bg
URL: https://emerald.bg/bg/pochivka/1067/pochivka-na-o-v-zanzibar-sas-samolet-ot-sofia-7-noshtuvki/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
217.174.144.41 , Bulgaria, ASN42347 (HOSTING-27, BG),
Reverse DNS
217-174-144-41.hosting27.com
Software
LiteSpeed /
Resource Hash
4bd24e0978b981ec836f4e93165600a5ce2aad1267c46cc29770b041ee62a69c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://emerald.bg/bg/pochivka/1067/pochivka-na-o-v-zanzibar-sas-samolet-ot-sofia-7-noshtuvki/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 21 Jan 2022 16:00:30 GMT
content-encoding
gzip
last-modified
Thu, 25 Jun 2020 14:29:58 GMT
server
LiteSpeed
etag
"2451fe-5ef4b4e6-68160b5;gz"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
570431
expires
Fri, 28 Jan 2022 16:00:30 GMT
jquery-3.4.1.js
code.jquery.com/ 		274 KB
81 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.4.1.js
Requested by
Host: emerald.bg
URL: https://emerald.bg/bg/pochivka/1067/pochivka-na-o-v-zanzibar-sas-samolet-ot-sofia-7-noshtuvki/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:3a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
5a93a88493aa32aab228bf4571c01207d3b42b0002409a454d404b4d8395bd55

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://emerald.bg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 21 Jan 2022 16:00:30 GMT
content-encoding
gzip
last-modified
Wed, 01 May 2019 21:14:27 GMT
server
nginx
etag
W/"5cca0c33-4472c"
vary
Accept-Encoding
x-hw
1642780830.dop149.am5.t,1642780830.cds284.am5.hn,1642780830.cds151.am5.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
82889
gtm.js
www.googletagmanager.com/ 		81 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MTZZKX6
Requested by
Host: emerald.bg
URL: https://emerald.bg/bg/pochivka/1067/pochivka-na-o-v-zanzibar-sas-samolet-ot-sofia-7-noshtuvki/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
1718c68e63439fe9af5959b2b0f47ced62986403ca560105c9325ebd68d7cffc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://emerald.bg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 21 Jan 2022 16:00:30 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32485
x-xss-protection
0
last-modified
Fri, 21 Jan 2022 15:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 21 Jan 2022 16:00:30 GMT
symbol-defs.svg
emerald.bg/web/images/ 		13 KB
5 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://emerald.bg/web/images/symbol-defs.svg
Requested by
Host: emerald.bg
URL: https://emerald.bg/bg/pochivka/1067/pochivka-na-o-v-zanzibar-sas-samolet-ot-sofia-7-noshtuvki/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
217.174.144.41 , Bulgaria, ASN42347 (HOSTING-27, BG),
Reverse DNS
217-174-144-41.hosting27.com
Software
LiteSpeed /
Resource Hash
ae72bf184c93bc8a3906f5ac9b52a76c55c223c8222b8da25c1f298f6fcc5706

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://emerald.bg/bg/pochivka/1067/pochivka-na-o-v-zanzibar-sas-samolet-ot-sofia-7-noshtuvki/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 21 Jan 2022 16:00:30 GMT
content-encoding
gzip
last-modified
Mon, 01 Jun 2020 10:57:49 GMT
server
LiteSpeed
etag
"3554-5ed4df2d-6c0c53d;gz"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
5432
expires
Fri, 28 Jan 2022 16:00:30 GMT
icon-pdf.svg
emerald.bg/web/images/icons/ 		1 KB
838 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://emerald.bg/web/images/icons/icon-pdf.svg
Requested by
Host: emerald.bg
URL: https://emerald.bg/web/css/all.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
217.174.144.41 , Bulgaria, ASN42347 (HOSTING-27, BG),
Reverse DNS
217-174-144-41.hosting27.com
Software
LiteSpeed /
Resource Hash
750a5fb3a151e62680c9557203ca0d920c81d6ba0731178fcff202755ec71f91

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://emerald.bg/web/css/all.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 21 Jan 2022 16:00:30 GMT
content-encoding
gzip
last-modified
Thu, 16 Apr 2020 11:59:52 GMT
server
LiteSpeed
etag
"537-5e9848b8-9017e67;gz"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
751
expires
Fri, 28 Jan 2022 16:00:30 GMT
footer-back-2.jpg
emerald.bg/web/images/ 		200 KB
200 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://emerald.bg/web/images/footer-back-2.jpg
Requested by
Host: emerald.bg
URL: https://emerald.bg/web/css/all.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
217.174.144.41 , Bulgaria, ASN42347 (HOSTING-27, BG),
Reverse DNS
217-174-144-41.hosting27.com
Software
LiteSpeed /
Resource Hash
0b67847da6762f656bc6fa369a25e58c9e34e9b1f5aba01ff6121586c75fbfef

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://emerald.bg/web/css/all.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 21 Jan 2022 16:00:30 GMT
last-modified
Mon, 17 Feb 2020 12:02:32 GMT
server
LiteSpeed
etag
"31f6b-5e4a80d8-6c3221f;;;"
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
204651
expires
Fri, 28 Jan 2022 16:00:30 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700,900&subset=cyrillic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://emerald.bg
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 17:56:19 GMT
x-content-type-options
nosniff
age
165851
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15828
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:28 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 19 Jan 2023 17:56:19 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700,900&subset=cyrillic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://emerald.bg
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 21 Jan 2022 13:39:48 GMT
x-content-type-options
nosniff
age
8442
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:19 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sat, 21 Jan 2023 13:39:48 GMT
KFOlCnqEu92Fr1MmEU9fABc4EsA.woff2
fonts.gstatic.com/s/roboto/v29/ 		10 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmEU9fABc4EsA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700,900&subset=cyrillic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2d2ad11e3c1a0fd81bb085050d4b3170beab2964b5b848a5309a6343322e3898
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://emerald.bg
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 10:03:58 GMT
x-content-type-options
nosniff
age
194192
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9776
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:26 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 19 Jan 2023 10:03:58 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700,900&subset=cyrillic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://emerald.bg
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 14:02:00 GMT
x-content-type-options
nosniff
age
266310
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15920
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:21 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 18 Jan 2023 14:02:00 GMT
KFOlCnqEu92Fr1MmSU5fABc4EsA.woff2
fonts.gstatic.com/s/roboto/v29/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmSU5fABc4EsA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700,900&subset=cyrillic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fb83389ea7513242a9a237454ce7989eb6d84c4ec2fe15c81bad6f89c87fe89e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://emerald.bg
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 14:12:11 GMT
x-content-type-options
nosniff
age
265699
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9500
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:19 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 18 Jan 2023 14:12:11 GMT
KFOmCnqEu92Fr1Mu5mxKOzY.woff2
fonts.gstatic.com/s/roboto/v29/ 		9 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu5mxKOzY.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700,900&subset=cyrillic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8dd3b91ca60e6a0486326c5c275590dd1d753240c2efa9f94730815813997fee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://emerald.bg
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 21 Jan 2022 04:11:53 GMT
x-content-type-options
nosniff
age
42517
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9688
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:21 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sat, 21 Jan 2023 04:11:53 GMT
KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2
fonts.gstatic.com/s/roboto/v29/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700,900&subset=cyrillic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
053508cc4ed1acf7db8ed96deca42ffebfa1669c5cecd62f4415b926d07b5aaa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://emerald.bg
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 18:07:18 GMT
x-content-type-options
nosniff
age
165192
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9544
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:33 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 19 Jan 2023 18:07:18 GMT
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700,900&subset=cyrillic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://emerald.bg
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 17:58:32 GMT
x-content-type-options
nosniff
age
165718
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15732
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:20 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 19 Jan 2023 17:58:32 GMT
config.js
config.confirmic.com/
Redirect Chain
  • https://config.metomic.io/config.js?id=prj:6432d155-ef74-4e84-8d3b-938247e23eb4
  • https://config.confirmic.com/config.js?id=prj:6432d155-ef74-4e84-8d3b-938247e23eb4
188 B
793 B 		Script
General
Check archive.org
Download Go to
Full URL
https://config.confirmic.com/config.js?id=prj:6432d155-ef74-4e84-8d3b-938247e23eb4
Requested by
Host: emerald.bg
URL: https://emerald.bg/bg/pochivka/1067/pochivka-na-o-v-zanzibar-sas-samolet-ot-sofia-7-noshtuvki/
Protocol
H2
Server
2606:4700:3030::6815:5cc0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
30f66a18e6aa004679d3eca782d214025032116fbcc4933877008b9947f57cfd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://emerald.bg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 21 Jan 2022 16:00:31 GMT
content-encoding
br
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
Express
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-confirmic-cache
HIT
server
cloudflare
etag
W/"bc-1C5y9hwrkjbHi3mYqLVTYVPKLKw"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k9Ff2Fp66qM6b3wlAWmhVRSR15VjSbZOHS6n1S5qL9IUarfSkCxOkDQ0lFeIYgs4C3bc%2BQvqwWJnknuq5yK4w5rz7D42qJ%2FOD8CIKtR9zMudoE%2FR2OWceYwqf%2BKu9ulMLJasYMeY0Cmm7mIFHTu2Jtb2tQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=60
cf-ray
6d11c1832ad93b6d-CDG

Redirect headers

date
Fri, 21 Jan 2022 16:00:31 GMT
via
1.1 191dcfd852a6f06df8cf0ecc80b99d1c.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
DUS51-P2
location
https://config.confirmic.com/config.js?id=prj:6432d155-ef74-4e84-8d3b-938247e23eb4
access-control-allow-methods
GET,HEAD,OPTIONS,
access-control-allow-origin
*
cache-control
max-age=31536000
x-cache
LambdaGeneratedResponse from cloudfront
content-length
0
x-amz-cf-id
0MV_ALCBmzULbswl6GV7XOF0nsuiVQu_6r5zG9e4DaulN7DfOxErgw==
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-159908428-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://emerald.bg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
6939
date
Fri, 21 Jan 2022 14:04:52 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Fri, 21 Jan 2022 16:04:52 GMT
collect
www.google-analytics.com/j/ 		1 B
202 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1175833521&t=pageview&_s=1&dl=https%3A%2F%2Femerald.bg%2Fbg%2Fpochivka%2F1067%2Fpochivka-na-o-v-zanzibar-sas-samolet-ot-sofia-7-noshtuvki%2F&ul=en-us&de=UTF-8&dt=%D0%9F%D0%BE%D1%87%D0%B8%D0%B2%D0%BA%D0%B0%20%D0%BD%D0%B0%20%D0%BE-%D0%B2%20%D0%97%D0%B0%D0%BD%D0%B7%D0%B8%D0%B1%D0%B0%D1%80%2C%20%D1%81%D1%8A%D1%81%20%D1%81%D0%B0%D0%BC%D0%BE%D0%BB%D0%B5%D1%82%20%D0%BE%D1%82%20%D0%A1%D0%BE%D1%84%D0%B8%D1%8F%20-%207%20%D0%BD%D0%BE%D1%89%D1%83%D0%B2%D0%BA%D0%B8%20-%2002.03.22%20%D0%B8%2018.03.22&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=171007694&gjid=1609701671&cid=884191080.1642780831&tid=UA-159908428-1&_gid=705047165.1642780831&_r=1&gtm=2ou1j0&z=1346429327
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://emerald.bg/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 21 Jan 2022 16:00:31 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://emerald.bg
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
embed.js
consent-manager.confirmic.com/
Redirect Chain
  • https://consent-manager.metomic.io/embed.js
  • https://consent-manager.confirmic.com/embed.js
16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://consent-manager.confirmic.com/embed.js
Requested by
Host: emerald.bg
URL: https://emerald.bg/bg/pochivka/1067/pochivka-na-o-v-zanzibar-sas-samolet-ot-sofia-7-noshtuvki/
Protocol
H2
Server
2606:4700:3030::6815:5cc0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
809f274ba4203fbafe42e41e918a7b661f8d0be218f22d99bfaf4b14ef54c6c7
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=1000
X-Content-Type-Options nosniff
X-Frame-Options ALLOW
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://emerald.bg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 21 Jan 2022 16:00:31 GMT
via
1.1 varnish
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
13
x-cache
HIT
access-control-allow-methods
GET
strict-transport-security
max-age=1000
content-encoding
br
vary
Accept-Encoding
x-xss-protection
1; mode=block
x-confirmic
consent-manager
referrer-policy
strict-origin-when-cross-origin
last-modified
Sun, 12 Sep 2021 13:47:21 UTC
server
cloudflare
x-timer
S1635472644.345624,VS0,VE1
x-frame-options
ALLOW
etag
W/"3445da879060d939bf99f31b00030473"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B5F1NhKcX%2B5NRiR5kc9D3NG0M%2F1AuiFpW9TsZ95uf5Pry5nwA4aei5IQ3EiB6hEiONdhklFEWEUv8eDN%2B08cTAMmIDiYrVnNLNL3mK50POE63Cw38SDSQTmG2D%2FP5vurtZN73ZeivsLn5t4W%2FuPmEvaFkMIvwbpHeTr74g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
public, max-age=60
permissions-policy
camera=(), geolocation=(), microphone=()
content-security-policy
upgrade-insecure-requests
x-served-by
cache-cdg20770-CDG
cf-ray
6d11c185aaed3b85-CDG
x-cache-hits
1

Redirect headers

date
Fri, 21 Jan 2022 16:00:31 GMT
via
1.1 c31ad517510d586c0f2aa3c5dbc40b06.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
DUS51-P1
location
https://consent-manager.confirmic.com/embed.js
access-control-allow-methods
GET,HEAD,OPTIONS,
access-control-allow-origin
*
cache-control
max-age=1
x-cache
LambdaGeneratedResponse from cloudfront
content-length
0
x-amz-cf-id
etdYfasoisgjFHQgnpm9BgCkVh76EEDgdD9L3Ey7P-xj7cr8X9d09Q==
offer-banner-6.jpg
emerald.bg/web//images/temp-files/ 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://emerald.bg/web//images/temp-files/offer-banner-6.jpg
Requested by
Host: emerald.bg
URL: https://emerald.bg/bg/pochivka/1067/pochivka-na-o-v-zanzibar-sas-samolet-ot-sofia-7-noshtuvki/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
217.174.144.41 , Bulgaria, ASN42347 (HOSTING-27, BG),
Reverse DNS
217-174-144-41.hosting27.com
Software
LiteSpeed /
Resource Hash
38963a052e0ae35b7d665bb82f1834ed8a28a8bb6b190b1636e693630c88f3fc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://emerald.bg/bg/pochivka/1067/pochivka-na-o-v-zanzibar-sas-samolet-ot-sofia-7-noshtuvki/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 21 Jan 2022 16:00:31 GMT
last-modified
Mon, 17 Feb 2020 12:02:39 GMT
server
LiteSpeed
etag
"6c36-5e4a80df-941b9c0;;;"
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
27702
expires
Fri, 28 Jan 2022 16:00:31 GMT
bundle.js
consent-manager.confirmic.com/ Frame F4AE 		145 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://consent-manager.confirmic.com/bundle.js
Requested by
Host: consent-manager.metomic.io
URL: https://consent-manager.metomic.io/embed.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:5cc0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
688c4640f61ed6c399f38f0fa7c8b11ded786fa7225c22562d8a91cfbc9e8695
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=1000
X-Content-Type-Options nosniff
X-Frame-Options ALLOW
X-Xss-Protection 1; mode=block

Request headers

Referer
Origin
https://emerald.bg
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 21 Jan 2022 16:00:31 GMT
via
1.1 varnish
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
8
x-cache
HIT
access-control-allow-methods
GET
strict-transport-security
max-age=1000
content-encoding
br
vary
Accept-Encoding
x-xss-protection
1; mode=block
x-confirmic
consent-manager
referrer-policy
strict-origin-when-cross-origin
last-modified
Sun, 12 Sep 2021 13:47:21 UTC
server
cloudflare
x-timer
S1642541968.173634,VS0,VE1
x-frame-options
ALLOW
etag
W/"b7fd9a4e82e836c52b66d1953ae9a1d3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BLOVzBXWCLuMUsBykLVuO2RZ2hKHFsOR8BPc2C%2BcFP0ZZubvRucNXWk8gPMVTi0Kpj0y5xEQ0mHp6MuJyDNanjnl5XYqqvYSijSIgdnRLSElKWO4UrarbxY3fne4haQKky4swIGMcMCEeiFEqIuOYQ9J02Md63cd6JIZBw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
public, max-age=60
permissions-policy
camera=(), geolocation=(), microphone=()
content-security-policy
upgrade-insecure-requests
x-served-by
cache-ams21061-AMS
cf-ray
6d11c186484e1ec2-AMS
x-cache-hits
1
error-reporting.js
consent-manager.confirmic.com/ Frame F4AE 		61 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://consent-manager.confirmic.com/error-reporting.js
Requested by
Host: consent-manager.confirmic.com
URL: https://consent-manager.confirmic.com/bundle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:5cc0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8e2d476a3da7d96d989379c7fb3be5ed4595a5dcdf7164cda8b5ecf0ed9a39fe
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=1000
X-Content-Type-Options nosniff
X-Frame-Options ALLOW
X-Xss-Protection 1; mode=block

Request headers

Referer
Origin
https://emerald.bg
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 21 Jan 2022 16:00:31 GMT
via
1.1 varnish
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
261
x-cache
HIT
access-control-allow-methods
GET
strict-transport-security
max-age=1000
content-encoding
br
vary
Accept-Encoding
x-xss-protection
1; mode=block
x-confirmic
consent-manager
referrer-policy
strict-origin-when-cross-origin
last-modified
Sun, 12 Sep 2021 13:47:21 UTC
server
cloudflare
x-timer
S1642542209.565675,VS0,VE1
x-frame-options
ALLOW
etag
W/"eb58c2e1b4d41ffbe1934def1fcec0c4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WZFGZSp9MVFhGcMcPSatCkeR6ujQ3AxEjrMeVc4Wuip%2BIzbxqeOl%2FbmVYZSCgnsmJW7UfgV1drOU4QMvMH5QILqSsC9Xa1XSJdlcZ9BE7yxaUUegJG6glDsyH2NjdQGvB6RH3hAkdsLjHHLA50co%2BL1EvsKNStCGxzMiwg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
public, max-age=360
permissions-policy
camera=(), geolocation=(), microphone=()
content-security-policy
upgrade-insecure-requests
x-served-by
cache-ams21056-AMS
cf-ray
6d11c186c9311ec2-AMS
x-cache-hits
1
common~modules.4670128dc02e771825d7.js
consent-manager.confirmic.com/ Frame F4AE 		129 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://consent-manager.confirmic.com/common~modules.4670128dc02e771825d7.js
Requested by
Host: consent-manager.confirmic.com
URL: https://consent-manager.confirmic.com/bundle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:5cc0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d2eceeab43d597325e36536b931586274aa0f8c52113d1496f552f841ff74f63
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=1000
X-Content-Type-Options nosniff
X-Frame-Options ALLOW
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 21 Jan 2022 16:00:31 GMT
via
1.1 varnish
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3256
x-cache
HIT
access-control-allow-methods
GET
strict-transport-security
max-age=1000
content-encoding
br
vary
Accept-Encoding
x-xss-protection
1; mode=block
x-confirmic
consent-manager
referrer-policy
strict-origin-when-cross-origin
last-modified
Sun, 12 Sep 2021 13:47:21 UTC
server
cloudflare
x-timer
S1637509770.501760,VS0,VE1
x-frame-options
ALLOW
etag
W/"7006c920f9ef83ea5313214fb4ecf414"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UU3Z5sbJ2A1XLoFyDNdVAyLeo6p8bwWs2fsLfjouH5VXUEXpieo1hKKcddomXIq7cUXWmFhBdDwrx2k1Y4gzt%2F1%2BxqLHl0immdoVZaF%2BmZ38ou0bDqYg8PK%2ByIV8T6RKLpbgvG77onUntRB2KLR6tJ2P5QIs3vw1ScoIkw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
public, max-age=14400
permissions-policy
camera=(), geolocation=(), microphone=()
content-security-policy
upgrade-insecure-requests
x-served-by
cache-ams21081-AMS
cf-ray
6d11c1871e9a1e99-AMS
x-cache-hits
1
vendors~modules.69e03d3bb1b02072422b.js
consent-manager.confirmic.com/ Frame F4AE 		69 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://consent-manager.confirmic.com/vendors~modules.69e03d3bb1b02072422b.js
Requested by
Host: consent-manager.confirmic.com
URL: https://consent-manager.confirmic.com/bundle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:5cc0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e70b30362a8956d3410ccc7f28edac093253095c449407c09be438fbf573d85d
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=1000
X-Content-Type-Options nosniff
X-Frame-Options ALLOW
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 21 Jan 2022 16:00:31 GMT
via
1.1 varnish
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3254
x-cache
HIT
access-control-allow-methods
GET
strict-transport-security
max-age=1000
content-encoding
br
vary
Accept-Encoding
x-xss-protection
1; mode=block
x-confirmic
consent-manager
referrer-policy
strict-origin-when-cross-origin
last-modified
Sat, 17 Jul 2021 13:43:21 UTC
server
cloudflare
x-timer
S1627519916.388531,VS0,VE0
x-frame-options
ALLOW
etag
W/"50ed8577688c252f24ead5ed19831f0d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JIySC3CPMDbCTehcrOhKzsAJ3LSfkbW3xz6Ie4ixpT6u0huF7HO44HbAp3EXLefnBPze6YdxbOcaWy9cYu%2BVM7jGWl64c3HbiwokPLn8U9wTlRTuLroMZOreknV3lJlFuMQqCXbcPvhga3CEuZsn%2B5AUcBeVS5vUZeRdLw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
public, max-age=14400
permissions-policy
camera=(), geolocation=(), microphone=()
content-security-policy
upgrade-insecure-requests
x-served-by
cache-ams21030-AMS
cf-ray
6d11c1871e931e99-AMS
x-cache-hits
5
ConsentManager.f01f3ac380e4e2c1c44f.js
consent-manager.confirmic.com/ Frame F4AE 		62 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://consent-manager.confirmic.com/ConsentManager.f01f3ac380e4e2c1c44f.js
Requested by
Host: consent-manager.confirmic.com
URL: https://consent-manager.confirmic.com/bundle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:5cc0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
141272b6f044b79525fc1c137200e3f46685d2496a0e5fa33b6ff1e84cb32a45
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=1000
X-Content-Type-Options nosniff
X-Frame-Options ALLOW
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 21 Jan 2022 16:00:31 GMT
via
1.1 varnish
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
128
x-cache
MISS
access-control-allow-methods
GET
strict-transport-security
max-age=1000
content-encoding
br
vary
Accept-Encoding
x-xss-protection
1; mode=block
x-confirmic
consent-manager
referrer-policy
strict-origin-when-cross-origin
last-modified
Sun, 12 Sep 2021 13:47:21 UTC
server
cloudflare
x-timer
S1642763174.908283,VS0,VE357
x-frame-options
ALLOW
etag
W/"c7c18ab938299c7a9bedd9508753f557"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FJ5%2BTCWN55N68%2FW7vJhn7FyAEcBV6xlafrhi7QU4jNRZ9zCk0DF7Fgx5wmD%2BuYOdHoqtS46wJtesN8ZEVy4rWzOsKLrQSxAJ6QVGC7dHzihoTcJmTZPPlzdGsP7%2B3XehikPd5olxp%2F2O8N9T57tss6rinXoVpioxrFcmhQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
public, max-age=14400, s-maxage=300
permissions-policy
camera=(), geolocation=(), microphone=()
content-security-policy
upgrade-insecure-requests
x-served-by
cache-ams21027-AMS
cf-ray
6d11c1871e981e99-AMS
x-cache-hits
0
vendors~Placeholders.fce4644dd10f57f9d0fe.js
consent-manager.confirmic.com/ Frame F4AE 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://consent-manager.confirmic.com/vendors~Placeholders.fce4644dd10f57f9d0fe.js
Requested by
Host: consent-manager.confirmic.com
URL: https://consent-manager.confirmic.com/bundle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:5cc0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bdc460a2e6526b4a3778a3d0d06ab541a81faed80d267a79c8d814e5658d9406
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=1000
X-Content-Type-Options nosniff
X-Frame-Options ALLOW
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 21 Jan 2022 16:00:31 GMT
via
1.1 varnish
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3255
x-cache
HIT
access-control-allow-methods
GET
strict-transport-security
max-age=1000
content-encoding
br
vary
Accept-Encoding
x-xss-protection
1; mode=block
x-confirmic
consent-manager
referrer-policy
strict-origin-when-cross-origin
last-modified
Sun, 12 Sep 2021 13:47:21 UTC
server
cloudflare
x-timer
S1637032181.737188,VS0,VE1
x-frame-options
ALLOW
etag
W/"6b74c0969470ec59e84e1baac0c7d4c4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZDLo%2FwBXG1k0WsQ6wHa4wJxCkVtATgJ2o%2FZRKTVDyVfjImDIsuW13A7WHDrawZbP2HLG4uoEPqHPVIzdF%2FTdaGqpymrSsbVmsSGlFMTW5hUqZ9mTUxyLCyARKUYD9KS1YoyC6mN%2B%2BGX9Es%2B2T9uffn2tooR87fC0j%2FWWhA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
public, max-age=14400
permissions-policy
camera=(), geolocation=(), microphone=()
content-security-policy
upgrade-insecure-requests
x-served-by
cache-ams21063-AMS
cf-ray
6d11c1871e9c1e99-AMS
x-cache-hits
1
Placeholders.88525579236879ae4b52.js
consent-manager.confirmic.com/ Frame F4AE 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://consent-manager.confirmic.com/Placeholders.88525579236879ae4b52.js
Requested by
Host: consent-manager.confirmic.com
URL: https://consent-manager.confirmic.com/bundle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:5cc0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fee1572386a07f7e6b55fc80261babb936efaa07d5eabb706420c7ce54457b7f
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=1000
X-Content-Type-Options nosniff
X-Frame-Options ALLOW
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 21 Jan 2022 16:00:31 GMT
via
1.1 varnish
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3254
x-cache
HIT
access-control-allow-methods
GET
strict-transport-security
max-age=1000
content-encoding
br
vary
Accept-Encoding
x-xss-protection
1; mode=block
x-confirmic
consent-manager
referrer-policy
strict-origin-when-cross-origin
last-modified
Sun, 12 Sep 2021 13:47:21 UTC
server
cloudflare
x-timer
S1637039924.988412,VS0,VE1
x-frame-options
ALLOW
etag
W/"06f6eb833726c20230b8753e9f944f70"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P5ycFdc2J6H0YSiNg79ZXIfC5ZSYo8ieETQLgNl%2B1L3lASAlbCabHKeG1spMOtSNx5xXnyrmb%2BLPNQ1vzznfaaqPSv9%2Bc5WkgUCRIcqht7fv4mi%2FMsZPq09BV%2BlW4ukqD5XKuAakADN4KDdgroEzN2BDpI%2BeCbriRIgPOw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
public, max-age=14400
permissions-policy
camera=(), geolocation=(), microphone=()
content-security-policy
upgrade-insecure-requests
x-served-by
cache-ams21045-AMS
cf-ray
6d11c1871e9e1e99-AMS
x-cache-hits
1
graphql
apipub.confirmic.com/ Frame F4AE 		4 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://apipub.confirmic.com/graphql
Requested by
Host: consent-manager.confirmic.com
URL: https://consent-manager.confirmic.com/error-reporting.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:c558 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
9d0311d4d8dd812237afd78dceb866a3c97f724d955c4bb5686af4c068a91a22

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Referer
x-mtm-csm-version
3
Accept-Language
de-DE,de;q=0.9
Authorization
Bearer csm/prj:6432d155-ef74-4e84-8d3b-938247e23eb4
Content-Type
application/json

Response headers

x-confirmic-server
Metomic
date
Fri, 21 Jan 2022 16:00:32 GMT
content-encoding
br
etag
W/"102a-LTm4T7ZGZsHF5nOhp+nV5AvpZu0"
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
Express
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i7na5HOUXiq4j%2B0jJxnv%2FTWrJLhrj1rIV7Wo6yCK3q6jUTorRjLGCGaxArDjkK1nxwsadT%2BFwRNyO7dJHgP6A%2BcetOBnkx9tq8JgUN8g4HVc49OrL73KGfsRinGs7CNVTg4j5I8sqH6L%2FSMzqived3TeIg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cf-ray
6d11c1887f2d6933-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
graphql
apipub.confirmic.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://apipub.confirmic.com/graphql
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:c558 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
authorization,content-type,x-mtm-csm-version
Origin
https://emerald.bg
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Fri, 21 Jan 2022 16:00:32 GMT
content-length
0
access-control-allow-origin
*
access-control-allow-headers
authorization,content-type,x-mtm-csm-version
access-control-allow-methods
GET,HEAD,POST,OPTIONS
access-control-max-age
86400
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3%2FLz9n32KkphmmMvXalsbNzqZ33m7sHvMR1TdoPwhQM1wDEjv42YZ0K%2BtY22%2FXuashGouC0fIQSY5sZuzTAss8ALHFq7XJSsTi1zDrKQ4lEU9x6yemYFJ%2FY%2Bg3aA3ikb6Mm%2BpbhNz9hS2%2FrvR2Evxuo3mA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
server
cloudflare
cf-ray
6d11c1881a124c9e-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

51 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 function| gtag object| dataLayer string| _root string| _public string| xhr_url function| touchDetect string| short_locale object| errorsLanguage object| picturefillCFG function| picturefill object| lazySizes function| VanillaTilt function| pickmeup function| $ function| popup function| rangeSlider function| dropdownSelect function| datePicker object| mouseTilt function| offerbar function| scrollRow function| toc function| counter function| gallery function| timer function| tablewrap function| tabs function| loaderAppend function| loaderRemove function| AutoComplete object| StudioX object| google_tag_manager function| jQuery object| Backend object| BackendIframe function| load_grecaptcha function| hideElementsByClass function| setLocalStorageData function| getLocalStorageData object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData object| _mtm function| Metomic function| Confirmic

4 Cookies

Domain/Path Name / Value
emerald.bg/ Name: STDXFWSID
Value: bd9bd556097176e84c3d87b8a2a5f3a1
.emerald.bg/ Name: _ga
Value: GA1.2.884191080.1642780831
.emerald.bg/ Name: _gid
Value: GA1.2.705047165.1642780831
.emerald.bg/ Name: _gat_gtag_UA_159908428_1
Value: 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

apipub.confirmic.com
code.jquery.com
config.confirmic.com
config.metomic.io
consent-manager.confirmic.com
consent-manager.metomic.io
emerald.bg
fonts.googleapis.com
fonts.gstatic.com
www.google-analytics.com
www.googletagmanager.com
108.157.4.106
2001:4de0:ac18::1:a:3a
217.174.144.41
2600:9000:224a:a00:0:d16c:29c0:93a1
2606:4700:3030::6815:5cc0
2606:4700:3033::ac43:c558
2a00:1450:4001:803::2003
2a00:1450:4001:809::200a
2a00:1450:4001:82f::2008
2a00:1450:4001:830::200e
01c90daa931c7efec6afb4d0e86f377a72b7aa45a02b02086ac9a598feee2229
053508cc4ed1acf7db8ed96deca42ffebfa1669c5cecd62f4415b926d07b5aaa
0b67847da6762f656bc6fa369a25e58c9e34e9b1f5aba01ff6121586c75fbfef
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
141272b6f044b79525fc1c137200e3f46685d2496a0e5fa33b6ff1e84cb32a45
1718c68e63439fe9af5959b2b0f47ced62986403ca560105c9325ebd68d7cffc
206a8b8e7ada3181a20216ed3c0dc63ac45f330e1289747cbf1cb53e896fae4a
2d2ad11e3c1a0fd81bb085050d4b3170beab2964b5b848a5309a6343322e3898
30f66a18e6aa004679d3eca782d214025032116fbcc4933877008b9947f57cfd
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
38963a052e0ae35b7d665bb82f1834ed8a28a8bb6b190b1636e693630c88f3fc
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
4bd24e0978b981ec836f4e93165600a5ce2aad1267c46cc29770b041ee62a69c
5a93a88493aa32aab228bf4571c01207d3b42b0002409a454d404b4d8395bd55
628829c79463f340571c6aa8357679a4aab75ee9f3d48f6a1acea2531f1b3d0e
688c4640f61ed6c399f38f0fa7c8b11ded786fa7225c22562d8a91cfbc9e8695
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
750a5fb3a151e62680c9557203ca0d920c81d6ba0731178fcff202755ec71f91
7cf8b7614a5e7bf4f79649c9b39f043c27bfe5584cb4cd8662575eafe8eee146
809f274ba4203fbafe42e41e918a7b661f8d0be218f22d99bfaf4b14ef54c6c7
8dd3b91ca60e6a0486326c5c275590dd1d753240c2efa9f94730815813997fee
8e2d476a3da7d96d989379c7fb3be5ed4595a5dcdf7164cda8b5ecf0ed9a39fe
98cd7179fa398acaa5f45d20393351d3443c46d1f09b933bb19b59d212e20a7d
9d0311d4d8dd812237afd78dceb866a3c97f724d955c4bb5686af4c068a91a22
9e3f4e51c12cfa07a9acd607a6e9e755b3c7a9f3135b4890f5ca56d7cd079887
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
ae72bf184c93bc8a3906f5ac9b52a76c55c223c8222b8da25c1f298f6fcc5706
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
bdc460a2e6526b4a3778a3d0d06ab541a81faed80d267a79c8d814e5658d9406
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
d09da8d55d501c1145ad6ddee5cb3ff65d356dce5fe3b0e29156015b50d9792e
d2eceeab43d597325e36536b931586274aa0f8c52113d1496f552f841ff74f63
db5f411f7205ec2bbbc73f359461682f01f5dab26cebfa18c2c3cdebefa4d38c
e70b30362a8956d3410ccc7f28edac093253095c449407c09be438fbf573d85d
fb83389ea7513242a9a237454ce7989eb6d84c4ec2fe15c81bad6f89c87fe89e
fee1572386a07f7e6b55fc80261babb936efaa07d5eabb706420c7ce54457b7f