urlscan.io logo urlscan.io
SecurityTrails logo

l.helikon.bg Open in urlscan Pro
2606:4700:3108::ac42:2b9b  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://l.helikon.bg/
Effective URL: https://l.helikon.bg/
Submission: On November 02 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 40 IPs in 6 countries across 35 domains to perform 89 HTTP transactions. The main IP is 2606:4700:3108::ac42:2b9b, located in United States and belongs to CLOUDFLARENET, US. The main domain is l.helikon.bg.
TLS certificate: Issued by WE1 on September 16th 2024. Valid for: 3 months.
This is the only time l.helikon.bg was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 29 2606:4700:310... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
6 2a00:1450:400... 15169 (GOOGLE)
1 142.250.186.162 15169 (GOOGLE)
2 151.101.193.44 54113 (FASTLY)
3 2a03:2880:f08... 32934 (FACEBOOK)
3 2a00:1450:400... 15169 (GOOGLE)
1 2 2a02:2638:3::c 44788 (ASN-CRITE...)
1 2a00:1450:400... 15169 (GOOGLE)
2 178.250.1.9 44788 (ASN-CRITE...)
1 151.101.1.44 54113 (FASTLY)
1 2a00:1450:400... 15169 (GOOGLE)
2 2001:4860:480... 15169 (GOOGLE)
4 8 2606:4700::68... 13335 (CLOUDFLAR...)
1 142.250.181.226 15169 (GOOGLE)
1 35.214.136.108 15169 (GOOGLE)
2 3 185.89.210.46 29990 (ASN-APPNEX)
5 141.226.228.48 200478 (TABOOLA-AS)
1 185.255.84.153 200271 (IGUANE-)
1 2 172.64.151.101 13335 (CLOUDFLAR...)
1 2 52.211.141.218 16509 (AMAZON-02)
1 162.19.138.116 16276 (OVH)
1 52.211.160.185 16509 (AMAZON-02)
1 34.117.157.22 396982 (GOOGLE-CL...)
1 23.218.208.23 16625 (AKAMAI-AS)
1 18.198.75.48 16509 (AMAZON-02)
1 52.18.167.44 16509 (AMAZON-02)
1 70.42.32.223 13789 (INTERNAP-...)
1 198.47.127.205 3257 (GTT-BACKB...)
1 69.173.144.138 26667 (RUBICONPR...)
1 18.197.30.174 16509 (AMAZON-02)
1 23.218.209.56 16625 (AKAMAI-AS)
1 2600:1f18:612... 14618 (AMAZON-AES)
1 13.248.245.213 16509 (AMAZON-02)
1 23.218.209.78 16625 (AKAMAI-AS)
1 54.229.169.17 16509 (AMAZON-02)
1 54.93.152.190 16509 (AMAZON-02)
4 2a03:2880:f17... 32934 (FACEBOOK)
1 2a04:4e42:400... 54113 (FASTLY)
89 40
29    2606:4700:3108::ac42:2b9b (United States)

ASN13335 (CLOUDFLARENET, US)
l.helikon.bg
i.helikon.bg
i1.helikon.bg
i2.helikon.bg
i5.helikon.bg
i4.helikon.bg
1    2606:4700::6810:4f49 (United States)

ASN13335 (CLOUDFLARENET, US)
static.cloudflareinsights.com
6    2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net
www.googleadservices.com
2    151.101.193.44 (San Francisco, United States)

ASN54113 (FASTLY, US)
cdn.taboola.com
trc.taboola.com
3    2a03:2880:f084:d:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
3    2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2a02:2638:3::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
1    2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
2    178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
sslwidget.criteo.com
dis.criteo.com
1    151.101.1.44 (San Francisco, United States)

ASN54113 (FASTLY, US)
psb.taboola.com
1    2a00:1450:4001:806::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
8    2606:4700::6811:f5cb (United States)

ASN13335 (CLOUDFLARENET, US)
unpkg.com
1    142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net
cm.g.doubleclick.net
1    35.214.136.108 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
PTR: 108.136.214.35.bc.googleusercontent.com
x.bidswitch.net
3    185.89.210.46 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
ib.adnxs.com
5    141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)
sync-t1.taboola.com
trc-events.taboola.com
1    185.255.84.153 (France)

ASN200271 (IGUANE-, FR)
visitor.omnitagjs.com
2    172.64.151.101 (San Francisco, United States)

ASN13335 (CLOUDFLARENET, US)
r.casalemedia.com
2    52.211.141.218 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-211-141-218.eu-west-1.compute.amazonaws.com
dpm.demdex.net
1    162.19.138.116 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533567.ip-162-19-138.eu
id5-sync.com
1    52.211.160.185 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-211-160-185.eu-west-1.compute.amazonaws.com
ad.360yield.com
1    34.117.157.22 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 22.157.117.34.bc.googleusercontent.com
matching.ivitrack.com
1    23.218.208.23 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-218-208-23.deploy.static.akamaitechnologies.com
contextual.media.net
1    18.198.75.48 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-198-75-48.eu-central-1.compute.amazonaws.com
exchange.mediavine.com
1    52.18.167.44 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-18-167-44.eu-west-1.compute.amazonaws.com
jadserve.postrelease.com
1    70.42.32.223 (United States)

ASN13789 (INTERNAP-BLK3, US)
PTR: ny.outbrain.com
sync.outbrain.com
1    198.47.127.205 (United States)

ASN3257 (GTT-BACKBONE GTT, US)
simage2.pubmatic.com
1    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
1    18.197.30.174 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-197-30-174.eu-central-1.compute.amazonaws.com
match.sharethrough.com
1    23.218.209.56 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-218-209-56.deploy.static.akamaitechnologies.com
criteo-sync.teads.tv
1    2600:1f18:612b:4200:276:5c08:8c42:d092 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
criteo-partners.tremorhub.com
1    13.248.245.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
1    23.218.209.78 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-218-209-78.deploy.static.akamaitechnologies.com
ad.yieldlab.net
1    54.229.169.17 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-229-169-17.eu-west-1.compute.amazonaws.com
sync-criteo.ads.yieldmo.com
1    54.93.152.190 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-93-152-190.eu-central-1.compute.amazonaws.com
e1.emxdgt.com
4    2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    2a04:4e42:400::485 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
Apex Domain
Subdomains		 Transfer
29 helikon.bg
l.helikon.bg
i.helikon.bg
i1.helikon.bg
i2.helikon.bg
i5.helikon.bg
i4.helikon.bg
2 MB
8 unpkg.com
unpkg.com — Cisco Umbrella Rank: 797
38 KB
8 taboola.com
cdn.taboola.com — Cisco Umbrella Rank: 862
psb.taboola.com — Cisco Umbrella Rank: 5951
trc.taboola.com — Cisco Umbrella Rank: 686
sync-t1.taboola.com — Cisco Umbrella Rank: 1888
trc-events.taboola.com — Cisco Umbrella Rank: 2720
24 KB
6 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
434 KB
5 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 34
region1.google-analytics.com — Cisco Umbrella Rank: 3643
23 KB
4 facebook.com
www.facebook.com — Cisco Umbrella Rank: 113
4 KB
4 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 461
sslwidget.criteo.com — Cisco Umbrella Rank: 2477
dis.criteo.com — Cisco Umbrella Rank: 650
5 KB
3 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 267
3 KB
3 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 180
77 KB
2 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 243
1 KB
2 casalemedia.com
r.casalemedia.com — Cisco Umbrella Rank: 1988
1 KB
2 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 42
cm.g.doubleclick.net — Cisco Umbrella Rank: 283
470 B
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 311
5 KB
1 emxdgt.com
e1.emxdgt.com — Cisco Umbrella Rank: 2090
44 B
1 yieldmo.com
sync-criteo.ads.yieldmo.com — Cisco Umbrella Rank: 3351
38 B
1 yieldlab.net
ad.yieldlab.net — Cisco Umbrella Rank: 6600
235 B
1 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 415
140 B
1 tremorhub.com
criteo-partners.tremorhub.com — Cisco Umbrella Rank: 2920
398 B
1 teads.tv
criteo-sync.teads.tv — Cisco Umbrella Rank: 3027
163 B
1 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 521
58 B
1 rubiconproject.com
pixel.rubiconproject.com — Cisco Umbrella Rank: 413
239 B
1 pubmatic.com
simage2.pubmatic.com — Cisco Umbrella Rank: 905
225 B
1 outbrain.com
sync.outbrain.com — Cisco Umbrella Rank: 881
218 B
1 postrelease.com
jadserve.postrelease.com — Cisco Umbrella Rank: 969
423 B
1 mediavine.com
exchange.mediavine.com — Cisco Umbrella Rank: 1695
884 B
1 media.net
contextual.media.net — Cisco Umbrella Rank: 658
814 B
1 ivitrack.com
matching.ivitrack.com — Cisco Umbrella Rank: 14280
265 B
1 360yield.com
ad.360yield.com — Cisco Umbrella Rank: 734
199 B
1 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 522
1 KB
1 omnitagjs.com
visitor.omnitagjs.com — Cisco Umbrella Rank: 806
342 B
1 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 399
183 B
1 google.com
www.google.com — Cisco Umbrella Rank: 3
1 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 89
20 KB
1 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 683
7 KB
0 unrulymedia.com Failed
sync.targeting.unrulymedia.com Failed
89 35
Domain Requested by
16 l.helikon.bg 1 redirects l.helikon.bg
static.cloudflareinsights.com
8 unpkg.com 4 redirects
6 www.googletagmanager.com l.helikon.bg
www.googletagmanager.com
www.google-analytics.com
5 i1.helikon.bg
4 trc-events.taboola.com cdn.taboola.com
4 www.facebook.com
3 ib.adnxs.com 2 redirects
3 www.google-analytics.com l.helikon.bg
www.google-analytics.com
3 connect.facebook.net l.helikon.bg
connect.facebook.net
3 i.helikon.bg l.helikon.bg
2 dpm.demdex.net 1 redirects
2 r.casalemedia.com 1 redirects
2 region1.google-analytics.com www.googletagmanager.com
2 gum.criteo.com 1 redirects l.helikon.bg
2 i4.helikon.bg
2 i5.helikon.bg
1 cdn.jsdelivr.net unpkg.com
1 e1.emxdgt.com
1 sync-criteo.ads.yieldmo.com
1 ad.yieldlab.net
1 eb2.3lift.com
1 criteo-partners.tremorhub.com
1 criteo-sync.teads.tv
1 match.sharethrough.com
1 pixel.rubiconproject.com
1 simage2.pubmatic.com
1 sync.outbrain.com
1 jadserve.postrelease.com
1 exchange.mediavine.com
1 contextual.media.net
1 matching.ivitrack.com
1 ad.360yield.com
1 id5-sync.com
1 visitor.omnitagjs.com
1 sync-t1.taboola.com
1 dis.criteo.com
1 x.bidswitch.net
1 cm.g.doubleclick.net
1 www.google.com www.googletagmanager.com
1 trc.taboola.com cdn.taboola.com
1 psb.taboola.com cdn.taboola.com
1 sslwidget.criteo.com l.helikon.bg
1 googleads.g.doubleclick.net www.googleadservices.com
1 cdn.taboola.com l.helikon.bg
1 i2.helikon.bg
1 www.googleadservices.com l.helikon.bg
1 static.cloudflareinsights.com l.helikon.bg
0 sync.targeting.unrulymedia.com Failed
89 48

This site contains links to these domains. Also see Links.

Domain
www.helikon.bg
lira.bg
www.facebook.com
www.instagram.com
promochip.bg
i.helikon.bg
Subject Issuer Validity Valid
helikon.bg
WE1		 2024-09-16 -
2024-12-15		 3 months crt.sh
cloudflareinsights.com
WE1		 2024-11-01 -
2025-01-30		 3 months crt.sh
*.google-analytics.com
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh
*.googleadservices.com
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh
*.taboola.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-07-30 -
2024-12-31		 5 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-08-11 -
2024-11-09		 3 months crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-09-24 -
2024-12-25		 3 months crt.sh
*.g.doubleclick.net
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh
*.google.com
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh
*.bidswitch.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-09-23 -
2024-12-21		 3 months crt.sh
omnitagjs.com
Sectigo RSA Domain Validation Secure Server CA		 2024-07-02 -
2025-08-01		 a year crt.sh
*.id5-sync.com
E5		 2024-09-01 -
2024-11-30		 3 months crt.sh
*.360yield.com
Amazon RSA 2048 M02		 2024-04-28 -
2025-05-27		 a year crt.sh
itm.ivitrack.com
R10		 2024-10-09 -
2025-01-07		 3 months crt.sh
*.media.net
DigiCert TLS RSA SHA256 2020 CA1		 2024-10-23 -
2025-10-22		 a year crt.sh
exchange.mediavine.com
Amazon RSA 2048 M02		 2024-05-06 -
2025-06-04		 a year crt.sh
*.postrelease.com
Amazon RSA 2048 M02		 2023-12-19 -
2025-01-16		 a year crt.sh
*.outbrain.com
Thawte TLS RSA CA G1		 2024-07-31 -
2024-11-27		 4 months crt.sh
*.pubmatic.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-03-19 -
2025-04-19		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2024-07-30 -
2025-04-03		 8 months crt.sh
*.sharethrough.com
DigiCert Global G3 TLS ECC SHA384 2020 CA1		 2024-07-15 -
2025-08-15		 a year crt.sh
teads.tv
R10		 2024-09-02 -
2024-12-01		 3 months crt.sh
*.tremorhub.com
Amazon RSA 2048 M03		 2024-01-24 -
2025-02-21		 a year crt.sh
*.3lift.com
Amazon RSA 2048 M02		 2024-03-13 -
2025-04-11		 a year crt.sh
*.yieldlab.net
DigiCert TLS RSA SHA256 2020 CA1		 2024-08-08 -
2025-08-10		 a year crt.sh
*.ads.yieldmo.com
Amazon RSA 2048 M03		 2024-03-04 -
2025-04-03		 a year crt.sh
*.emxdgt.com
Amazon RSA 2048 M03		 2024-04-02 -
2025-05-01		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2024-02-14 -
2025-03-16		 a year crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2024 Q3		 2024-07-30 -
2025-08-31		 a year crt.sh

This page contains 5 frames:

Primary Page: https://l.helikon.bg/
Frame ID: 509B93EE7EE99C2C5AD7BF955B8D44FB
Requests: 65 HTTP requests in this frame

Frame: https://l.helikon.bg/cdn-cgi/challenge-platform/h/b/scripts/jsd/22755d9a86c9/main.js
Frame ID: F16D37407F822F6034C9B8A5CF00225E
Requests: 3 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=l.helikon.bg&origin=onetag
Frame ID: 8545A7A1989CF6CFE77E8C07687D22BC
Requests: 1 HTTP requests in this frame

Frame: https://www.googletagmanager.com/static/service_worker/4al0/sw_iframe.html?origin=https%3A%2F%2Fl.helikon.bg
Frame ID: D5D3F28EE78780366F1F5CC88E57923E
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-nNcikLdo1rtTIDhfuVKRGfyiV3xdGkn9iHVWEA&google_cm&google_hm=ay1uTmNpa0xkbzFydFRJRGhmdVZLUkdmeWlWM3hkR2tuOWlIVldFQQ
Frame ID: 906AD2FFAB881657D724712BA6A7404F
Requests: 25 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

《Книжарници Хеликон》| Книжарници Хеликон

Page URL History Show full URLs

  1. http://l.helikon.bg/ HTTP 307
    https://l.helikon.bg/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <meta[^>]*google-signin-client_id
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • select2(?:\.min|\.full)?\.js
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

89
Requests

90 %
HTTPS

33 %
IPv6

35
Domains

48
Subdomains

40
IPs

6
Countries

2605 kB
Transfer

12287 kB
Size

37
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://l.helikon.bg/ HTTP 307
    https://l.helikon.bg/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 23
  • https://l.helikon.bg/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://l.helikon.bg/cdn-cgi/challenge-platform/h/b/scripts/jsd/22755d9a86c9/main.js
Request Chain 52
  • https://unpkg.com/68publishers-cookie-consent/dist/cookie-consent.min.js HTTP 302
  • https://unpkg.com/68publishers-cookie-consent@1.0.0/dist/cookie-consent.min.js
Request Chain 59
  • https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID HTTP 302
  • https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=644267752538400331
Request Chain 62
  • https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-IW6ugbdo1rtTIDhfuVKRGfyiV3waGG9HFUF_2A HTTP 302
  • https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-IW6ugbdo1rtTIDhfuVKRGfyiV3waGG9HFUF_2A&C=1
Request Chain 63
  • https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=28645&dpuuid=dhIgiNTn9F2oInVi_EJI_j3tGDmrrWZc HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=dhIgiNTn9F2oInVi_EJI_j3tGDmrrWZc
Request Chain 80
  • https://sync.1rx.io/usersync/criteodsp/k-soSvc7do1rtTIDhfuVKRGfyiV3y7A5sYjAPJIQ HTTP 302
  • https://sync.1rx.io/usersync/criteodsp/k-soSvc7do1rtTIDhfuVKRGfyiV3y7A5sYjAPJIQ?zcc=1&cb=1730560490586 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-96a287af-e294-4126-bcfe-bb5fe3d3e8ff-003
Request Chain 87
  • https://unpkg.com/68publishers-cookie-consent/dist/translations/bg.json HTTP 302
  • https://unpkg.com/68publishers-cookie-consent@1.0.0/dist/translations/bg.json
Request Chain 89
  • https://unpkg.com/68publishers-cookie-consent/dist/translations/bg.json HTTP 302
  • https://unpkg.com/68publishers-cookie-consent@1.0.0/dist/translations/bg.json
Request Chain 90
  • https://unpkg.com/68publishers-cookie-consent/dist/translations/bg.json HTTP 302
  • https://unpkg.com/68publishers-cookie-consent@1.0.0/dist/translations/bg.json

89 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
l.helikon.bg/
Redirect Chain
  • http://l.helikon.bg/
  • https://l.helikon.bg/
8 MB
2 MB 		Document
General
Check archive.org
Download Go to
Full URL
https://l.helikon.bg/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3108::ac42:2b9b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ac1415cdf8ed7fb3c9a4647bbba927601cf0f455982ec7d98e35d5563bec9782
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
8dc51382fea09016-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Sat, 02 Nov 2024 15:14:48 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
pragma
no-cache
server
cloudflare
server-timing
cfCacheStatus;desc="DYNAMIC"
strict-transport-security
max-age=15768000
vary
Accept-Encoding
x-xss-protection
1; mode=block

Redirect headers

Location
https://l.helikon.bg/
Non-Authoritative-Reason
HttpsUpgrades
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
eeb876caee6a7c0c094d07a7fbe152f6001dfb930c36dbd6988c394d12364b6c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
truncated
/ 		300 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2750c520abcfbef9bb4cccd316bca17cf03496c289b09f00c920d1c97a347140

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/jpeg
truncated
/ 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9e884a1ce37de935762983afa009018437764a7db6a0a9667c0926dac407a640

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
OpenSans-Regular.woff2
l.helikon.bg/templates/design/fonts/ 		49 KB
49 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://l.helikon.bg/templates/design/fonts/OpenSans-Regular.woff2
Requested by
Host: l.helikon.bg
URL: https://l.helikon.bg/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3108::ac42:2b9b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e56451053236d0609126126105fb30ab407aa253673309b791c9e2cb58b274d3
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://l.helikon.bg
Referer
https://l.helikon.bg/

Response headers

strict-transport-security
max-age=15768000
cache-control
max-age=28800
cf-cache-status
REVALIDATED
etag
"5ca3637e-c420"
cf-ray
8dc5138d3fba9016-FRA
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
50208
date
Sat, 02 Nov 2024 15:14:48 GMT
x-xss-protection
1; mode=block
content-type
application/octet-stream
last-modified
Tue, 02 Apr 2019 13:28:30 GMT
vary
Accept-Encoding
server
cloudflare
fontawesome-webfont.woff2
l.helikon.bg/templates/design/fonts/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://l.helikon.bg/templates/design/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: l.helikon.bg
URL: https://l.helikon.bg/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3108::ac42:2b9b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://l.helikon.bg
Referer
https://l.helikon.bg/

Response headers

strict-transport-security
max-age=15768000
cache-control
max-age=28800
cf-cache-status
HIT
etag
"5ca3637e-12d68"
cf-ray
8dc5138d3fbb9016-FRA
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
77160
date
Sat, 02 Nov 2024 15:14:48 GMT
x-xss-protection
1; mode=block
content-type
application/octet-stream
last-modified
Tue, 02 Apr 2019 13:28:30 GMT
vary
Accept-Encoding
server
cloudflare
truncated
/ 		316 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b326772ed5750e9e74d781f6ce06f66aebe6313f35749fe5a45b47f097fbb966

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/jpeg
truncated
/ 		323 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e0c67125c5a92c5cd7bdd437585ac4d2a5155735bb61bb8beff7d0981e2255d2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/jpeg
truncated
/ 		132 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bb5d1f1c65b3f7ff9cd832d7e77d77fbe3335cba60ab4281ccd375fb4b19eadc

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/jpeg
truncated
/ 		128 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b54207ad616350b08bfa432022a918f46c854fcd5d874055fd1cbad3ed33966c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/jpeg
add_basket.jpg
i.helikon.bg/new_buttons2/ 		869 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.helikon.bg/new_buttons2/add_basket.jpg
Requested by
Host: l.helikon.bg
URL: https://l.helikon.bg/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3108::ac42:2b9b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3a6d3ecab89ec91612dbdcf15abdee5278c537aeb3ecee787d420d82f116b280

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://l.helikon.bg/

Response headers

cache-control
public, max-age=31536000
cf-bgj
imgq:100,h2pri
etag
W/"5e8c7c61-adc"
age
755592
cf-cache-status
HIT
cf-ray
8dc5138df8619016-FRA
expires
Wed, 22 Oct 2025 17:30:28 GMT
cf-polished
origSize=1139
alt-svc
h3=":443"; ma=86400
date
Sat, 02 Nov 2024 15:14:48 GMT
content-type
image/jpeg
last-modified
Tue, 07 Apr 2020 13:13:05 GMT
vary
Accept-Encoding
server
cloudflare
truncated
/ 		29 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
47ea4d99256f2275b8a7938a3c0efd6573a198a9aad65585abb9022f18c29a40

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/jpeg
OpenSansCondensed-Bold.woff2
l.helikon.bg/templates/design/fonts/ 		56 KB
56 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://l.helikon.bg/templates/design/fonts/OpenSansCondensed-Bold.woff2
Requested by
Host: l.helikon.bg
URL: https://l.helikon.bg/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3108::ac42:2b9b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b467a2d7cfb71acd244f227c7eed566b15b27d5e2518b6f2ef49dc788436a789
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://l.helikon.bg
Referer
https://l.helikon.bg/

Response headers

strict-transport-security
max-age=15768000
cache-control
max-age=28800
cf-cache-status
HIT
etag
"5ca3637e-de18"
cf-ray
8dc5138e086a9016-FRA
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
56856
date
Sat, 02 Nov 2024 15:14:48 GMT
x-xss-protection
1; mode=block
content-type
application/octet-stream
last-modified
Tue, 02 Apr 2019 13:28:30 GMT
vary
Accept-Encoding
server
cloudflare
helikon_na_big.jpg
i.helikon.bg/products/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.helikon.bg/products/helikon_na_big.jpg?h=90&1=1
Requested by
Host: l.helikon.bg
URL: https://l.helikon.bg/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3108::ac42:2b9b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6d9fb7e01b20d445e0704f00330d02be68b30d1d9c14032c315420938a5c72f1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://l.helikon.bg/

Response headers

cache-control
public, max-age=31536000
cf-bgj
imgq:100,h2pri
etag
W/"62694162-724d"
age
1543721
cf-cache-status
HIT
cf-ray
8dc5138fd9f49016-FRA
expires
Fri, 03 Oct 2025 15:33:13 GMT
cf-polished
origSize=3165
alt-svc
h3=":443"; ma=86400
date
Sat, 02 Nov 2024 15:14:48 GMT
content-type
image/jpeg
last-modified
Wed, 27 Apr 2022 13:13:06 GMT
vary
Accept-Encoding
server
cloudflare
Instagram.png
i.helikon.bg/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.helikon.bg/Instagram.png
Requested by
Host: l.helikon.bg
URL: https://l.helikon.bg/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3108::ac42:2b9b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2d4367f7d7fb24c411adaabc28e2c0c8f1632d159f349b30fe1ea9cf3303b336

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://l.helikon.bg/

Response headers

server
cloudflare
cache-control
public, max-age=31536000
cf-bgj
imgq:100,h2pri
etag
W/"5c387c54-89e"
age
1636702
cf-cache-status
HIT
cf-ray
8dc5138fd9f69016-FRA
expires
Thu, 09 Oct 2025 13:00:20 GMT
cf-polished
origFmt=png, origSize=2206
alt-svc
h3=":443"; ma=86400
date
Sat, 02 Nov 2024 15:14:48 GMT
content-type
image/webp
content-disposition
inline; filename="Instagram.webp"
vary
Accept
last-modified
Fri, 11 Jan 2019 11:21:56 GMT
logo-f.png
l.helikon.bg/templates/design/img/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://l.helikon.bg/templates/design/img/logo-f.png
Requested by
Host: l.helikon.bg
URL: https://l.helikon.bg/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3108::ac42:2b9b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d60a91b8ce51ef27822d54250a45c8e1137cd4bc2ab3486a636257ffff9e9dab
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://l.helikon.bg/

Response headers

cf-bgj
imgq:100,h2pri
etag
"601ac012-18b5"
cf-cache-status
HIT
expires
Thu, 28 Nov 2024 13:19:49 GMT
cf-polished
origFmt=png, origSize=6325
alt-svc
h3=":443"; ma=86400
date
Sat, 02 Nov 2024 15:14:49 GMT
content-type
image/webp
content-disposition
inline; filename="logo-f.webp"
vary
Accept
last-modified
Wed, 03 Feb 2021 15:24:02 GMT
strict-transport-security
max-age=15768000
cache-control
max-age=2592000
cf-ray
8dc5138fd9f79016-FRA
accept-ranges
bytes
content-length
3846
x-xss-protection
1; mode=block
server
cloudflare
email-decode.min.js
l.helikon.bg/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
835 B 		Script
General
Check archive.org
Download Go to
Full URL
https://l.helikon.bg/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: l.helikon.bg
URL: https://l.helikon.bg/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3108::ac42:2b9b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://l.helikon.bg/

Response headers

cache-control
max-age=172800, public
content-encoding
gzip
etag
W/"672112ce-4d7"
x-content-type-options
nosniff
cf-ray
8dc5138fd9f89016-FRA
expires
Mon, 04 Nov 2024 15:14:48 GMT
date
Sat, 02 Nov 2024 15:14:48 GMT
content-type
application/javascript
last-modified
Tue, 29 Oct 2024 16:52:30 GMT
vary
Accept-Encoding
server
cloudflare
x-frame-options
DENY
select2.css
l.helikon.bg/templates/design/select2/dist/css/ 		17 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://l.helikon.bg/templates/design/select2/dist/css/select2.css
Requested by
Host: l.helikon.bg
URL: https://l.helikon.bg/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3108::ac42:2b9b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7ad5ae6a14f4092f123f8782e37bdc39baf48316d0036fd6fad5479d0ba0a5d3
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://l.helikon.bg/

Response headers

strict-transport-security
max-age=15768000
cache-control
max-age=2592000
content-encoding
gzip
cf-cache-status
HIT
etag
W/"62153797-4520"
age
679509
cf-ray
8dc513902a2f9016-FRA
expires
Sun, 24 Nov 2024 12:41:46 GMT
alt-svc
h3=":443"; ma=86400
date
Sat, 02 Nov 2024 15:14:48 GMT
x-xss-protection
1; mode=block
content-type
text/css
last-modified
Tue, 22 Feb 2022 19:20:55 GMT
vary
Accept-Encoding
server
cloudflare
rocket-loader.min.js
l.helikon.bg/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://l.helikon.bg/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Requested by
Host: l.helikon.bg
URL: https://l.helikon.bg/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3108::ac42:2b9b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://l.helikon.bg/

Response headers

cache-control
max-age=172800, public
content-encoding
gzip
etag
W/"672112ce-302c"
x-content-type-options
nosniff
cf-ray
8dc513902a319016-FRA
expires
Mon, 04 Nov 2024 15:14:48 GMT
date
Sat, 02 Nov 2024 15:14:48 GMT
content-type
application/javascript
last-modified
Tue, 29 Oct 2024 16:52:30 GMT
vary
Accept-Encoding
server
cloudflare
x-frame-options
DENY
vcd15cbe7772f49c399c6a5babf22c1241717689176015
static.cloudflareinsights.com/beacon.min.js/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015
Requested by
Host: l.helikon.bg
URL: https://l.helikon.bg/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:4f49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://l.helikon.bg
Referer
https://l.helikon.bg/

Response headers

cache-control
public, max-age=86400
content-encoding
gzip
etag
W/"2024.6.1"
cross-origin-resource-policy
cross-origin
cf-ray
8dc5139069c4698f-FRA
access-control-allow-origin
*
date
Sat, 02 Nov 2024 15:14:49 GMT
content-type
text/javascript;charset=UTF-8
last-modified
Thu, 06 Jun 2024 15:52:56 GMT
vary
Accept-Encoding
server
cloudflare
js
www.googletagmanager.com/gtag/ 		420 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-T08R4QPG4D
Requested by
Host: l.helikon.bg
URL: https://l.helikon.bg/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
2e69ce4e109e8a9156fc31bbfe13a9ad3e35345aa7af29ea880c3a5566a8f62b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://l.helikon.bg/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Sat, 02 Nov 2024 15:14:49 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 02 Nov 2024 15:14:49 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
137842
x-xss-protection
0
server
Google Tag Manager
conversion.js
www.googleadservices.com/pagead/ 		56 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion.js
Requested by
Host: l.helikon.bg
URL: https://l.helikon.bg/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
af5c27d91a8b814351b6522aa17a23a709545f11cdbc953cb0d452280e5d3b0d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://l.helikon.bg/

Response headers

content-encoding
br
etag
13730477501505533595
x-content-type-options
nosniff
expires
Sat, 02 Nov 2024 15:14:49 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Sat, 02 Nov 2024 15:14:49 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
cache-control
private, max-age=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
20911
x-xss-protection
0
server
cafe
select2.js
l.helikon.bg/templates/design/select2/dist/js/ 		92 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://l.helikon.bg/templates/design/select2/dist/js/select2.js
Requested by
Host: l.helikon.bg
URL: https://l.helikon.bg/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3108::ac42:2b9b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b9dbd2945796927d9e685e4600d3f7a583f38fa1f306302c5f92deb45c9f488c
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://l.helikon.bg/

Response headers

content-encoding
br
cf-bgj
minify
etag
W/"62153798-22dcc"
age
274250
cf-cache-status
HIT
expires
Fri, 22 Nov 2024 05:30:48 GMT
cf-polished
origSize=142796
alt-svc
h3=":443"; ma=86400
date
Sat, 02 Nov 2024 15:14:49 GMT
content-type
application/javascript
last-modified
Tue, 22 Feb 2022 19:20:56 GMT
vary
Accept-Encoding
strict-transport-security
max-age=15768000
cache-control
max-age=2592000
cf-ray
8dc51391bb9a9016-FRA
x-xss-protection
1; mode=block
server
cloudflare
js
www.googletagmanager.com/gtag/ 		254 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-987939168
Requested by
Host: l.helikon.bg
URL: https://l.helikon.bg/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
cff4aeadecca046b6c5e446d9da3ae75411de7e284b58a8ad9ea5c7cabc3601d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://l.helikon.bg/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Sat, 02 Nov 2024 15:14:49 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 02 Nov 2024 15:14:49 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
91997
x-xss-protection
0
server
Google Tag Manager
main.js
l.helikon.bg/cdn-cgi/challenge-platform/h/b/scripts/jsd/22755d9a86c9/ Frame F16D
Redirect Chain
  • https://l.helikon.bg/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://l.helikon.bg/cdn-cgi/challenge-platform/h/b/scripts/jsd/22755d9a86c9/main.js?
8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://l.helikon.bg/cdn-cgi/challenge-platform/h/b/scripts/jsd/22755d9a86c9/main.js?
Protocol
H3
Server
2606:4700:3108::ac42:2b9b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3f3259d9b0ae58b8a90ddf0ac55a44a0d51d4a6a7f643c52cf088fe31d739f9a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

cache-control
max-age=14400, stale-if-error=10800, stale-while-revalidate=10800, public
content-encoding
br
x-content-type-options
nosniff
cf-ray
8dc513922bf09016-FRA
alt-svc
h3=":443"; ma=86400
date
Sat, 02 Nov 2024 15:14:49 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
server
cloudflare

Redirect headers

cache-control
max-age=300, stale-if-error=10800, stale-while-revalidate=10800, public
location
/cdn-cgi/challenge-platform/h/b/scripts/jsd/22755d9a86c9/main.js?
cf-ray
8dc51391bb9b9016-FRA
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
0
date
Sat, 02 Nov 2024 15:14:49 GMT
vary
Accept-Encoding
server
cloudflare
logo.png
l.helikon.bg/templates/design/img/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://l.helikon.bg/templates/design/img/logo.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3108::ac42:2b9b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
99a3fbeda3b74d3bd0a2ab6d0b49ea376959b31f0785dba6f03db6ce536c94bf
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://l.helikon.bg/

Response headers

cf-bgj
imgq:100,h2pri
etag
"601a7805-1424"
cf-cache-status
HIT
expires
Sat, 30 Nov 2024 12:47:57 GMT
cf-polished
origFmt=png, origSize=5156
alt-svc
h3=":443"; ma=86400
date
Sat, 02 Nov 2024 15:14:49 GMT
content-type
image/webp
content-disposition
inline; filename="logo.webp"
vary
Accept
last-modified
Wed, 03 Feb 2021 10:16:37 GMT
strict-transport-security
max-age=15768000
cache-control
max-age=2592000
cf-ray
8dc513922bee9016-FRA
accept-ranges
bytes
content-length
3000
x-xss-protection
1; mode=block
server
cloudflare
242498z.jpg
i1.helikon.bg/products/2498/24/242498/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i1.helikon.bg/products/2498/24/242498/242498z.jpg?w=180&t=1730560138
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3108::ac42:2b9b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
709e66be46949769b3b6a68bac143dafac064060cedb5c79a6ed0215c5e537c3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://l.helikon.bg/

Response headers

cache-control
public, max-age=31536000
cf-bgj
imgq:100,h2pri
etag
W/"654c8aa8-838d"
cf-cache-status
HIT
cf-ray
8dc513926c199016-FRA
expires
Sun, 02 Nov 2025 15:08:09 GMT
cf-polished
origSize=13463
alt-svc
h3=":443"; ma=86400
date
Sat, 02 Nov 2024 15:14:49 GMT
content-type
image/jpeg
last-modified
Thu, 09 Nov 2023 07:30:48 GMT
vary
Accept-Encoding
server
cloudflare
190522z.jpg
i2.helikon.bg/products/0522/19/190522/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i2.helikon.bg/products/0522/19/190522/190522z.jpg?w=180&t=1730560138
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3108::ac42:2b9b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d202dcba6164c8148be5f2c06276f7ad2703dc08787af17a545fa06b7f3b96e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://l.helikon.bg/

Response headers

cache-control
public, max-age=31536000
cf-bgj
imgq:100,h2pri
etag
W/"5cefd784-5e6e"
cf-cache-status
HIT
cf-ray
8dc513927c309016-FRA
expires
Sun, 02 Nov 2025 15:08:07 GMT
cf-polished
origSize=9500
alt-svc
h3=":443"; ma=86400
date
Sat, 02 Nov 2024 15:14:49 GMT
content-type
image/jpeg
last-modified
Thu, 30 May 2019 13:15:48 GMT
vary
Accept-Encoding
server
cloudflare
242178z.jpg
i5.helikon.bg/products/2178/24/242178/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i5.helikon.bg/products/2178/24/242178/242178z.jpg?w=180&t=1730560138
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3108::ac42:2b9b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
48d21d45a688a14ffe513e91c6900327f42c42dc3eec1ff183eb7e74a1e74bb4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://l.helikon.bg/

Response headers

cache-control
public, max-age=31536000
cf-bgj
imgq:100,h2pri
etag
W/"652fded0-90b9"
cf-cache-status
HIT
cf-ray
8dc513926c219016-FRA
expires
Sun, 02 Nov 2025 15:08:09 GMT
cf-polished
origSize=16018
alt-svc
h3=":443"; ma=86400
date
Sat, 02 Nov 2024 15:14:49 GMT
content-type
image/jpeg
last-modified
Wed, 18 Oct 2023 13:34:08 GMT
vary
Accept-Encoding
server
cloudflare
240505z.jpg
i1.helikon.bg/products/0505/24/240505/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i1.helikon.bg/products/0505/24/240505/240505z.jpg?w=180&t=1730560138
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3108::ac42:2b9b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aba6c559f43698e4f73c3fd2f618698a4054e70317ad7aca4a87dab139bd7b5c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://l.helikon.bg/

Response headers

cache-control
public, max-age=31536000
cf-bgj
imgq:100,h2pri
etag
W/"649bd580-9220"
cf-cache-status
HIT
cf-ray
8dc513926c1f9016-FRA
expires
Sun, 02 Nov 2025 15:08:09 GMT
cf-polished
origSize=15182
alt-svc
h3=":443"; ma=86400
date
Sat, 02 Nov 2024 15:14:49 GMT
content-type
image/jpeg
last-modified
Wed, 28 Jun 2023 06:38:56 GMT
vary
Accept-Encoding
server
cloudflare
245445z.jpg
i4.helikon.bg/products/5445/24/245445/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i4.helikon.bg/products/5445/24/245445/245445z.jpg?w=180&t=1730560138
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3108::ac42:2b9b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
10e5039bdc4854a092a9774bf3b4728e030c1b12b12ed7195b7ca9acf542c59b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://l.helikon.bg/

Response headers

cache-control
public, max-age=31536000
cf-bgj
imgq:100,h2pri
etag
W/"666ad98e-7f79"
cf-cache-status
HIT
cf-ray
8dc513926c299016-FRA
expires
Sun, 02 Nov 2025 15:08:39 GMT
cf-polished
origSize=13579
alt-svc
h3=":443"; ma=86400
date
Sat, 02 Nov 2024 15:14:49 GMT
content-type
image/jpeg
last-modified
Thu, 13 Jun 2024 11:35:42 GMT
vary
Accept-Encoding
server
cloudflare
200392z.jpg
i5.helikon.bg/products/0392/20/200392/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i5.helikon.bg/products/0392/20/200392/200392z.jpg?w=180&t=1730560138
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3108::ac42:2b9b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c27d6bec437da6eb3216c7c309c34d8ac5b4d0bf28c34494bf74dcfe42499037

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://l.helikon.bg/

Response headers

cache-control
public, max-age=31536000
cf-bgj
imgq:100,h2pri
etag
W/"5e73cf26-580e"
cf-cache-status
HIT
cf-ray
8dc513926c239016-FRA
expires
Sun, 02 Nov 2025 15:08:07 GMT
cf-polished
origSize=9718
alt-svc
h3=":443"; ma=86400
date
Sat, 02 Nov 2024 15:14:49 GMT
content-type
image/jpeg
last-modified
Thu, 19 Mar 2020 19:59:34 GMT
vary
Accept-Encoding
server
cloudflare
5749253z.jpg
i1.helikon.bg/products/0101/24/240101/ 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i1.helikon.bg/products/0101/24/240101/5749253z.jpg?w=180&t=1730560138
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3108::ac42:2b9b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dafd3395358d3486c45719301acd421c2235c81fd92d5df55cb01e1e394b9f8c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://l.helikon.bg/

Response headers

cache-control
public, max-age=31536000
cf-bgj
imgq:100,h2pri
etag
W/"6483016d-ba2a"
cf-cache-status
HIT
cf-ray
8dc513926c209016-FRA
expires
Sun, 02 Nov 2025 15:08:07 GMT
cf-polished
origSize=17870
alt-svc
h3=":443"; ma=86400
date
Sat, 02 Nov 2024 15:14:49 GMT
content-type
image/jpeg
last-modified
Fri, 09 Jun 2023 10:39:41 GMT
vary
Accept-Encoding
server
cloudflare
213357z.jpg
i4.helikon.bg/products/3357/21/213357/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i4.helikon.bg/products/3357/21/213357/213357z.jpg?w=180&t=1730560138
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3108::ac42:2b9b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
17451310783b6b1a3bd22ee6958b9b6dd676397f271852c57a20fa40589034e1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://l.helikon.bg/

Response headers

cache-control
public, max-age=31536000
cf-bgj
imgq:100,h2pri
etag
W/"5b0d4334-87d6"
cf-cache-status
HIT
cf-ray
8dc513926c2b9016-FRA
expires
Sun, 02 Nov 2025 15:08:09 GMT
cf-polished
origSize=14167
alt-svc
h3=":443"; ma=86400
date
Sat, 02 Nov 2024 15:14:49 GMT
content-type
image/jpeg
last-modified
Tue, 29 May 2018 12:10:28 GMT
vary
Accept-Encoding
server
cloudflare
230703z.jpg
i1.helikon.bg/products/0703/23/230703/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i1.helikon.bg/products/0703/23/230703/230703z.jpg?w=180&t=1730560138
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3108::ac42:2b9b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b6c99eda8c994a23c87c54dbcb6d58c3d41233610029bf867c2eaa6b52495807

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://l.helikon.bg/

Response headers

cache-control
public, max-age=31536000
content-encoding
gzip
cf-cache-status
MISS
etag
W/"6139b3db-6e18"
cf-ray
8dc513926c1d9016-FRA
expires
Sun, 02 Nov 2025 15:13:05 GMT
alt-svc
h3=":443"; ma=86400
date
Sat, 02 Nov 2024 15:14:49 GMT
content-type
image/jpeg
last-modified
Thu, 09 Sep 2021 07:12:27 GMT
vary
Accept-Encoding
server
cloudflare
218973z.jpg
i1.helikon.bg/products/8973/21/218973/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i1.helikon.bg/products/8973/21/218973/218973z.jpg?w=180&t=1730560138
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3108::ac42:2b9b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4c2a4b1312ebdcc5ac028a3f8b526c65f438da0ae82f930f6b47fc0e1dd70c65

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://l.helikon.bg/

Response headers

cache-control
public, max-age=31536000
cf-bgj
imgq:100,h2pri
etag
W/"5cf6538d-89c8"
cf-cache-status
HIT
cf-ray
8dc513926c1e9016-FRA
expires
Sun, 02 Nov 2025 15:08:09 GMT
cf-polished
origSize=14949
alt-svc
h3=":443"; ma=86400
date
Sat, 02 Nov 2024 15:14:49 GMT
content-type
image/jpeg
last-modified
Tue, 04 Jun 2019 11:18:37 GMT
vary
Accept-Encoding
server
cloudflare
Favicon.jpg
l.helikon.bg/templates/design/img/new_favicon/ 		3 KB
4 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://l.helikon.bg/templates/design/img/new_favicon/Favicon.jpg?1=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3108::ac42:2b9b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aaffceaf5f8008608f54df6f2f7722f522caed3e8659cae1db4a2415aa443c19
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://l.helikon.bg/

Response headers

cf-bgj
imgq:100,h2pri
etag
"608a6a8e-8f91"
cf-cache-status
HIT
expires
Sat, 30 Nov 2024 12:47:57 GMT
cf-polished
origSize=36753
alt-svc
h3=":443"; ma=86400
date
Sat, 02 Nov 2024 15:14:49 GMT
content-type
image/jpeg
last-modified
Thu, 29 Apr 2021 08:13:02 GMT
vary
Accept-Encoding
strict-transport-security
max-age=15768000
cache-control
max-age=2592000
cf-ray
8dc513922bf19016-FRA
accept-ranges
bytes
content-length
3459
x-xss-protection
1; mode=block
server
cloudflare
tfa.js
cdn.taboola.com/libtrc/unip/1374407/ 		71 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/unip/1374407/tfa.js
Requested by
Host: l.helikon.bg
URL: https://l.helikon.bg/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a3424b431f321fc82f57135699e5f3705950b411f25a879a15e5fc62b3d2b984

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://l.helikon.bg/

Response headers

content-encoding
gzip
etag
"9bd9e3ac4118e3e1af5b6713650de9c4"
x-amz-version-id
5ZYdoVI759cDQCHzKa9d94_rXY0Lm2I1
age
18
x-cache
HIT
date
Sat, 02 Nov 2024 15:14:49 GMT
last-modified
Sun, 27 Oct 2024 11:04:58 GMT
x-served-by
cache-cph2320029-CPH
x-cache-hits
1
content-type
application/javascript; charset=utf-8
x-amz-id-2
hUKO1DGXZrS59gv/UEj0YvcxceuPHJm2icrbpyw81QSnU5JzX7KQmiTDuSpfsySlMd3nZN+GGIO1qN5NHhCSVB+BVh/M8Yu2
vary
Accept-Encoding
x-amz-replication-status
COMPLETED
cache-control
private,max-age=14401
x-timer
S1730560490.623892,VS0,VE1
via
1.1 varnish
x-amz-request-id
X3W181N9EE7E8PFX
accept-ranges
bytes
access-control-allow-origin
*
abp
4
content-length
22045
server
AmazonS3
x-amz-server-side-encryption
AES256
fbevents.js
connect.facebook.net/en_US/ 		239 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: l.helikon.bg
URL: https://l.helikon.bg/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
924f0b32e86fe959e4290f3690d241cc6a24c08a0a4be56b4d3ce9c2286291bc
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-v8jqt8mf' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://l.helikon.bg/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Sat, 02 Nov 2024 15:14:49 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-v8jqt8mf' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=19, rtx=0, c=23, mss=1232, tbw=4461, tp=9, tpl=0, uplat=0, ullat=-1
pragma
public
x-fb-debug
ml/YJT4rCJufePelTO1S7yE893YvtR/PopJQ/jEKPh2viZxhD9JDcwGvEONB2cOMpvWm8bsNOlXMGJBapqoO1Q==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
content-length
62086
x-xss-protection
0
origin-agent-cluster
?1
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: l.helikon.bg
URL: https://l.helikon.bg/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://l.helikon.bg/

Response headers

content-encoding
gzip
age
6514
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],}
x-content-type-options
nosniff
expires
Sat, 02 Nov 2024 15:26:15 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 02 Nov 2024 13:26:15 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
content-type
text/javascript
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
20994
server
Golfe2
syncframe
gum.criteo.com/ Frame 8545 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?topUrl=l.helikon.bg&origin=onetag
Requested by
Host: l.helikon.bg
URL: https://l.helikon.bg/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://l.helikon.bg/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 02 Nov 2024 15:14:48 GMT
server
Kestrel
server-processing-duration-in-ticks
321732
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
x-robots-tag
noindex
8dc51382fea09016
l.helikon.bg/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame F16D 		0
665 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://l.helikon.bg/cdn-cgi/challenge-platform/h/b/jsd/r/8dc51382fea09016
Requested by
Host: l.helikon.bg
URL: https://l.helikon.bg/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3108::ac42:2b9b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
application/json
Referer

Response headers

cf-ray
8dc513932ccb9016-FRA
alt-svc
h3=":443"; ma=86400
content-length
0
date
Sat, 02 Nov 2024 15:14:49 GMT
content-type
text/plain; charset=UTF-8
server
cloudflare
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/987939168/ 		43 B
61 B 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/987939168/?random=1730560489451&cv=9&fst=1730560489451&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=375603260%2C466465925%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=5&u_nmime=2&sendb=1&ig=1&data=dynx_pagetype%3Dother&frm=0&url=https%3A%2F%2Fl.helikon.bg%2F&tiba=%E3%80%8A%D0%9A%D0%BD%D0%B8%D0%B6%D0%B0%D1%80%D0%BD%D0%B8%D1%86%D0%B8%20%D0%A5%D0%B5%D0%BB%D0%B8%D0%BA%D0%BE%D0%BD%E3%80%8B%7C%20%D0%9A%D0%BD%D0%B8%D0%B6%D0%B0%D1%80%D0%BD%D0%B8%D1%86%D0%B8%20%D0%A5%D0%B5%D0%BB%D0%B8%D0%BA%D0%BE%D0%BD&hn=www.googleadservices.com&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
77d5fe96defd6c8c1e3b0466b4827cf83dc7e5c727a10177e115d25132fa86f6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://l.helikon.bg/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
content-encoding
br
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
37
date
Sat, 02 Nov 2024 15:14:49 GMT
x-xss-protection
0
content-type
text/javascript; charset=UTF-8
content-disposition
attachment; filename="f.txt"
server
cafe
gtm.js
www.googletagmanager.com/ 		213 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MKMRJJ7W
Requested by
Host: l.helikon.bg
URL: https://l.helikon.bg/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
bb252a2c242d8f4dd1437f8e91e28559b78780f605838c0e90177702c58b1729
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://l.helikon.bg/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires
Sat, 02 Nov 2024 15:14:49 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 02 Nov 2024 15:14:49 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
75473
x-xss-protection
0
server
Google Tag Manager
8dc51382fea09016
l.helikon.bg/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame F16D 		0
662 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://l.helikon.bg/cdn-cgi/challenge-platform/h/b/jsd/r/8dc51382fea09016
Requested by
Host: l.helikon.bg
URL: https://l.helikon.bg/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3108::ac42:2b9b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
application/json
Referer

Response headers

cf-ray
8dc51394ee2a9016-FRA
alt-svc
h3=":443"; ma=86400
content-length
0
date
Sat, 02 Nov 2024 15:14:49 GMT
content-type
text/plain; charset=UTF-8
server
cloudflare
rum
l.helikon.bg/cdn-cgi/ 		0
139 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://l.helikon.bg/cdn-cgi/rum?
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3108::ac42:2b9b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type
application/json
Referer
https://l.helikon.bg/

Response headers

access-control-max-age
86400
access-control-allow-credentials
true
access-control-allow-methods
POST,OPTIONS
x-content-type-options
nosniff
cf-ray
8dc51394fe379016-FRA
access-control-allow-origin
https://l.helikon.bg
date
Sat, 02 Nov 2024 15:14:49 GMT
vary
Origin
server
cloudflare
x-frame-options
DENY
event
sslwidget.criteo.com/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sslwidget.criteo.com/event?a=49204&v=5.29.0&otl=1&p0=e%3Dce%26m%3D%255B%255D%26h%3D&p1=e%3Dexd%26site_type%3Dd&p2=e%3Dvh&p3=e%3Ddis&adce=1&bundle=On_vCl8lMkJPcGpucHdtdWFIWGNMYnVSd0dFYzF5UWdXTk5CJTJGUFlmSkQydXJUM28zaVFTTXJZaFpJYUpOQ09NdmwzJTJGJTJCVzg2aTJ2QmE1UGJuV3pWVUZ4RXl6RlR5N0txZWZKYkF1RkwxNCUyQmclMkZRd3ZmbE5qV05KUGpjJTJCRHA5U0daMHM4OUpNY1VMSmNoaGV3ZXZORkFSdW9jM0ZidyUzRCUzRA&tld=helikon.bg&dy=1&fu=https%253A%252F%252Fl.helikon.bg%252F&ceid=1f295b52-b030-45b7-bb47-6853dd892c6d
Requested by
Host: l.helikon.bg
URL: https://l.helikon.bg/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
449ce003e570a47a7cbad07fb9f1951c6809d199f04504af24c016565f577567
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://l.helikon.bg/

Response headers

strict-transport-security
max-age=31536000; preload;
cache-control
no-cache
timing-allow-origin
*
content-encoding
gzip
pragma
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
10117025
expires
0
access-control-allow-origin
*
p3p
NON DSP COR CURa PSA PSD OUR BUS NAV STA
date
Sat, 02 Nov 2024 15:14:48 GMT
content-type
application/x-javascript
server
Kestrel
539134586525496
connect.facebook.net/signals/config/ 		68 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/539134586525496?v=2.9.176&r=stable&domain=l.helikon.bg&hme=872f04a0547459b3285cb03b0d7a47bfde40628f4b386809918a621e2688602f&ex_m=70%2C121%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C172%2C175%2C187%2C183%2C184%2C186%2C29%2C101%2C53%2C77%2C185%2C167%2C170%2C180%2C181%2C188%2C131%2C41%2C189%2C190%2C34%2C143%2C15%2C50%2C195%2C194%2C133%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C168%2C171%2C140%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
7ae5688a86b2f1f9e402798b4629f6f81bfaa86d937dc280c2b6966026688f0b
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-w4rriaIX' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://l.helikon.bg/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Sat, 02 Nov 2024 15:14:49 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-w4rriaIX' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=22, rtx=0, c=77, mss=1232, tbw=70890, tp=68, tpl=0, uplat=79, ullat=0
pragma
public
x-fb-debug
VDTZidAoQOhe0KS1BgB1heqAeEs1WLBV8YGY0zCIXQsQONUjumYVRPwOFc0age3LBzh74oweSU/YoPDePXitPw==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?1
ec.js
www.google-analytics.com/plugins/ua/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/plugins/ua/ec.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://l.helikon.bg/

Response headers

content-encoding
br
age
398
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
x-content-type-options
nosniff
expires
Sat, 02 Nov 2024 16:08:11 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 02 Nov 2024 15:08:11 GMT
last-modified
Tue, 27 Jun 2023 17:28:00 GMT
content-type
text/javascript
vary
Accept-Encoding
cache-control
public, max-age=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
content-length
1129
x-xss-protection
0
server
sffe
topics_api
psb.taboola.com/ 		65 B
281 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://psb.taboola.com/topics_api
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1374407/tfa.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
e7112b70eed95d42b178135728e6153e34f07001827870748de87cd7dec3538e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://l.helikon.bg/

Response headers

cache-control
private, max-age=2592000
retry-after
0
x-timer
S1730560490.875588,VS0,VE0
observe-browsing-topics
?1
via
1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
x-cache
HIT
content-length
65
date
Sat, 02 Nov 2024 15:14:49 GMT
content-type
text/html; charset=utf-8
x-served-by
cache-cph2320044-CPH
server
Varnish
x-cache-hits
0
json
trc.taboola.com/1374407/trc/3/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/1374407/trc/3/json?tim=1730560489793&data=%7B%22id%22%3A899%2C%22ii%22%3A%22%2F%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1730560489789%2C%22cv%22%3A%2220241022-18-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fm.helikon.bg%2F%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dtdg-advertisebgeood2384tmarketbg%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1730560489793%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Fl.helikon.bg%2F%22%2C%22tos%22%3A1%2C%22ssd%22%3A1%2C%22scd%22%3A0%2C%22it%22%3A%22JS_PIXEL%22%2C%22supv%22%3Atrue%7D%2C%22pa%22%3A%7B%22su%22%3Atrue%7D%2C%22psb%22%3Atrue%7D&pubit=i
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1374407/tfa.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
8d9d07518f152ac8eb6e03651f23044619c329cceee523e11a871bf1c4f6d08b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://l.helikon.bg/

Response headers

content-encoding
gzip
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-log-content-encoding
gzip
date
Sat, 02 Nov 2024 15:14:49 GMT
content-type
application/javascript; charset=utf-8
x-served-by
cache-cph2320029-CPH
x-cache-hits
0
vary
Accept-Encoding
x-fastly-to-nlb-rtt
13523
x-timer
S1730560490.822948,VS0,VE26
x-vcl-time-ms
26
access-control-allow-credentials
true
via
1.1 varnish
cpu
0.23925000000000002
accept-ranges
bytes
access-control-allow-origin
*
x-service-version
v1
server
nginx
collect
www.google.com/ccm/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google.com/ccm/collect?en=page_view&dl=https%3A%2F%2Fl.helikon.bg%2F&scrsrc=www.googletagmanager.com&frm=0&rnd=556017635.1730560490&auid=1491473685.1730560490&npa=1&gtm=45be4au0v882163082za200&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101823848~101878899~101878944~101925629&tft=1730560489806&tfd=3024&apve=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-987939168
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://l.helikon.bg/

Response headers
collect
region1.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-T08R4QPG4D&gtm=45je4au0v9122958096za200&_p=1730560489232&gcs=G100&gcd=13p3p3p2p5l1&npa=1&dma_cps=-&dma=1&tag_exp=101823848~101878899~101878944~101925629&cid=1757594751.1730560490&ul=de-de&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=denied&_eu=EA&_s=1&sid=1730560489&sct=1&seg=0&dl=https%3A%2F%2Fl.helikon.bg%2F&dt=%E3%80%8A%D0%9A%D0%BD%D0%B8%D0%B6%D0%B0%D1%80%D0%BD%D0%B8%D1%86%D0%B8%20%D0%A5%D0%B5%D0%BB%D0%B8%D0%BA%D0%BE%D0%BD%E3%80%8B%7C%20%D0%9A%D0%BD%D0%B8%D0%B6%D0%B0%D1%80%D0%BD%D0%B8%D1%86%D0%B8%20%D0%A5%D0%B5%D0%BB%D0%B8%D0%BA%D0%BE%D0%BD&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=3063
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-T08R4QPG4D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://l.helikon.bg/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://l.helikon.bg
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 02 Nov 2024 15:14:49 GMT
content-type
text/plain
server
Golfe2
cookie-consent.min.js
unpkg.com/68publishers-cookie-consent@1.0.0/dist/
Redirect Chain
  • https://unpkg.com/68publishers-cookie-consent/dist/cookie-consent.min.js
  • https://unpkg.com/68publishers-cookie-consent@1.0.0/dist/cookie-consent.min.js
118 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/68publishers-cookie-consent@1.0.0/dist/cookie-consent.min.js
Protocol
H2
Server
2606:4700::6811:f5cb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
deb47c2d523bb811cba3a88322d19e8370eec11ac63aba74c0f9700b5ba74710
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://l.helikon.bg/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
"1d768-8OP85pRzCMt77RjZoAqbIR3YMuk"
age
859344
x-content-type-options
nosniff
date
Sat, 02 Nov 2024 15:14:50 GMT
content-type
application/javascript; charset=utf-8
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01JAX3HSHSY3SCXY31PWJ23K2K-fra
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=31536000
via
1.1 fly.io
cf-ray
8dc51397bc66d360-FRA
access-control-allow-origin
*
server
cloudflare

Redirect headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, s-maxage=600, max-age=60
location
/68publishers-cookie-consent@1.0.0/dist/cookie-consent.min.js
content-encoding
br
cf-cache-status
HIT
age
110
x-content-type-options
nosniff
via
1.1 fly.io
cf-ray
8dc51396084cd360-FRA
access-control-allow-origin
*
date
Sat, 02 Nov 2024 15:14:49 GMT
content-type
text/plain; charset=utf-8
vary
Accept, Accept-Encoding
fly-request-id
01JBPPZJH808FHNW47GNETTV25-fra
server
cloudflare
sw_iframe.html
www.googletagmanager.com/static/service_worker/4al0/ Frame D5D3 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/static/service_worker/4al0/sw_iframe.html?origin=https%3A%2F%2Fl.helikon.bg
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-987939168
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
1476
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/analytics-container-tag-serving
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="analytics-container-tag-serving"
cross-origin-resource-policy
cross-origin
date
Sat, 02 Nov 2024 15:14:49 GMT
expires
Sun, 02 Nov 2025 15:14:49 GMT
last-modified
Mon, 21 Oct 2024 16:58:00 GMT
report-to
{"group":"analytics-container-tag-serving","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/analytics-container-tag-serving"}]}
server
sffe
service-worker-allowed
/static/service_worker
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
a
www.googletagmanager.com/ 		0
14 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/a?v=3&t=l&pid=215975976&rv=4au0&tag_exp=101823848~101878899~101878944~101925629&u=AAAAAIAAAAAAACA&ut=Ag&h=Ag&gtm=45je4au0v9122958096za200&ccid=122958096&cid=G-T08R4QPG4D&l=L2449.S9.Y105.B0.E25.I2430.EC9.TC22.HTC0~gtm.init.S0.V0.TS5ogtgasend.TI10.TE0.TS5ogtreferralexclusion.TI12.TE1.TS5ogtsessiontimeout.TI13.TE0.TS5ogt1pdatav2.TI14.TE1.TS5ccdgalast.TI15.TE0.TS5ccdautoredact.TI16.TE0.TS5ogteventcreate.TI17.TE0.TS5ogteventcreate.TI18.TE0.TS5ogteventcreate.TI19.TE0.TS5ccdconversionmarking.TI20.TE0.TS5ccdemvideo.TI21.TE0.TS5ccdemsitesearch.TI22.TE0.TS5ccdemscroll.TI23.TE0.TS5ccdemoutboundclick.TI24.TE0.TS5ccdemform.TI25.TE0.TS5ccdemdownload.TI26.TE0.TS5ccdgaregscope.TI27.TE0.TS5ogtgooglesignals.TI28.TE0.TS5ccdgaadslink.TI29.TE0.TS5setproductsettings.TI30.TE0.TS5ccdgafirst.TI31.TE0~gtm.js.S0.V0.TS5gct.TI7.TE0~*~gtm.dom.S0.V0.E58~*.S0.V0.E55~*.S0.V0.E42~*.S0.V0.E33~gtm.load.S0.V0.E26~gtm.init_consent.S1.V0.E80~GA613.617.630.639
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://l.helikon.bg/

Response headers

report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:654:0"}],}
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:654:0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
date
Sat, 02 Nov 2024 15:14:49 GMT
x-xss-protection
0
content-type
text/html
server
Google Tag Manager
collect
www.google-analytics.com/j/ 		15 B
38 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=597210527&t=pageview&_s=1&dl=https%3A%2F%2Fl.helikon.bg%2F&ul=de-de&de=UTF-8&dt=%E3%80%8A%D0%9A%D0%BD%D0%B8%D0%B6%D0%B0%D1%80%D0%BD%D0%B8%D1%86%D0%B8%20%D0%A5%D0%B5%D0%BB%D0%B8%D0%BA%D0%BE%D0%BD%E3%80%8B%7C%20%D0%9A%D0%BD%D0%B8%D0%B6%D0%B0%D1%80%D0%BD%D0%B8%D1%86%D0%B8%20%D0%A5%D0%B5%D0%BB%D0%B8%D0%BA%D0%BE%D0%BD&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAAEIJAAAAACAMI~&jid=535569400&gjid=2074838736&cid=262929069.1730560490&tid=UA-100067235-1&_gid=1671382163.1730560490&_r=1&_slc=1&z=1548945825
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
959c1cf574d3ec8a27635845bc4661a7b1efd47a6b42f5fae9b85fea89face0d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://l.helikon.bg/

Response headers

report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:175:0"}],}
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 02 Nov 2024 15:14:49 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
content-type
text/plain
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:175:0
access-control-allow-origin
https://l.helikon.bg
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
15
server
Golfe2
192319652557189
connect.facebook.net/signals/config/ 		25 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/192319652557189?v=2.9.176&r=stable&domain=l.helikon.bg&hme=872f04a0547459b3285cb03b0d7a47bfde40628f4b386809918a621e2688602f&ex_m=70%2C121%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C172%2C175%2C187%2C183%2C184%2C186%2C29%2C101%2C53%2C77%2C185%2C167%2C170%2C180%2C181%2C188%2C131%2C41%2C189%2C190%2C34%2C143%2C15%2C50%2C195%2C194%2C133%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C168%2C171%2C140%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113%2C201%2C200%2C202%2C207%2C208%2C209%2C205%2C197%2C132%2C163%2C196%2C198%2C122%2C157%2C145%2C151%2C129%2C233%2C116%2C127%2C234%2C165%2C119%2C236%2C166%2C136%2C123%2C154%2C148%2C193%2C114%2C128
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
d0ba2292ae004ab791a22b2b7539ba2e9269c2775d3766ade0e1e7149a81b276
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-KSJUOIDl' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://l.helikon.bg/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Sat, 02 Nov 2024 15:14:50 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-KSJUOIDl' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=20, rtx=0, c=89, mss=1232, tbw=85370, tp=83, tpl=0, uplat=57, ullat=0
pragma
public
x-fb-debug
QLnuOET2xosi4Z1aodAQhBLh5LqMru3+aF+ADqdyhUieUQyKCFNW42KvMzkpIogDksOtVxI1lrutZ32PpktWOA==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
cross-origin-opener-policy-report-only
restrict-properties;report-to="coop_report"
x-xss-protection
0
origin-agent-cluster
?1
pixel
cm.g.doubleclick.net/ Frame 906A 		170 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-nNcikLdo1rtTIDhfuVKRGfyiV3xdGkn9iHVWEA&google_cm&google_hm=ay1uTmNpa0xkbzFydFRJRGhmdVZLUkdmeWlWM3hkR2tuOWlIVldFQQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

cache-control
no-cache, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
date
Sat, 02 Nov 2024 15:14:50 GMT
x-xss-protection
0
content-type
image/png
server
HTTP server (unknown)
sync
x.bidswitch.net/ Frame 906A 		43 B
183 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?dsp_id=46&user_id=k-JVmiNbdo1rtTIDhfuVKRGfyiV3x51F6Ywy8-Sg&expires=30
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.214.136.108 Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
108.136.214.35.bc.googleusercontent.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

via
1.1 google
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
date
Sat, 02 Nov 2024 15:14:50 GMT
content-type
image/gif
cookiematch.aspx
dis.criteo.com/dis/rtb/appnexus/ Frame 906A
Redirect Chain
  • https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID
  • https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=644267752538400331
43 B
370 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=644267752538400331
Protocol
H2
Server
178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security
max-age=31536000; preload;
cache-control
no-cache
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1561833
expires
Mon, 26 Jul 1997 05:00:00 GMT
p3p
CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
date
Sat, 02 Nov 2024 15:14:50 GMT
content-type
image/gif
server
Kestrel

Redirect headers

cache-control
no-store, no-cache, private
location
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=644267752538400331
pragma
no-cache
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
x-proxy-origin
217.114.215.131; 217.114.215.131; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
expires
Sat, 15 Nov 2008 16:00:00 GMT
access-control-allow-origin
*
an-x-request-uuid
6d0c78fd-f22b-46c0-a7de-dff0fc7a9e26
content-length
0
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date
Sat, 02 Nov 2024 15:14:50 GMT
x-xss-protection
0
content-type
text/html; charset=utf-8
server
nginx/1.23.4
/
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame 906A 		0
99 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-WQHGZ7do1rtTIDhfuVKRGfyiV3wt7U4uwtmjpw
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

x-fastly-to-nlb-rtt
27421
date
Sat, 02 Nov 2024 15:14:50 GMT
server
nginx
access-control-allow-credentials
true
sync
visitor.omnitagjs.com/visitor/ Frame 906A 		49 B
342 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=CRITEO&visitor=k-Q35cbrdo1rtTIDhfuVKRGfyiV3zd2WP-JWdKJg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.255.84.153 , France, ASN200271 (IGUANE-, FR),
Reverse DNS
Software
ayl-lb-fra02 /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
x-envoy-upstream-service-time
0
x-content-type-options
nosniff
expires
0
p3p
CP="CAO PSA OUR"
content-length
49
date
Sat, 02 Nov 2024 15:14:50 GMT
content-type
image/gif
vary
Accept-Encoding
server
ayl-lb-fra02
rum
r.casalemedia.com/ Frame 906A
Redirect Chain
  • https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-IW6ugbdo1rtTIDhfuVKRGfyiV3waGG9HFUF_2A
  • https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-IW6ugbdo1rtTIDhfuVKRGfyiV3waGG9HFUF_2A&C=1
43 B
326 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-IW6ugbdo1rtTIDhfuVKRGfyiV3waGG9HFUF_2A&C=1
Protocol
H2
Server
172.64.151.101 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

cache-control
no-cache
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cf-cache-status
DYNAMIC
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lCxD%2B2RI2AXlrRKpldBsFlEgp7zdt30xsXiPf%2Bz5mpLFnbTd4WJL7WBAxk9XHDyHvv7nKCsBFNIOE0pRu%2FHVpb4Ds7IEvjQYW4ep%2BfyhFpOoUbEHOaLo2PjdnY76kwl4YCer"}],"group":"cf-nel","max_age":604800}
cf-ray
8dc513976ecbe527-TXL
expires
0
alt-svc
h3=":443"; ma=86400
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
date
Sat, 02 Nov 2024 15:14:50 GMT
content-type
image/gif
vary
Accept-Encoding
server
cloudflare

Redirect headers

cache-control
no-cache
location
/rum?cm_dsp_id=20&external_user_id=k-IW6ugbdo1rtTIDhfuVKRGfyiV3waGG9HFUF_2A&C=1
cf-cache-status
DYNAMIC
pragma
no-cache
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=F5nvpqEjIpmXqs0mTyW7ZPgJvVOdgt64Ce4GziB8%2FDLbsvOnrqzl70zrLfKD%2Ba3zl2tPjfppqu9KnX8%2BkGuUkcpMG3YIPVzXJ%2F%2FhrfYEWSsDXu1tUwhpzyHJEf7lFt28u8Qh"}],"group":"cf-nel","max_age":604800}
cf-ray
8dc51396dc4be527-TXL
expires
0
alt-svc
h3=":443"; ma=86400
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
date
Sat, 02 Nov 2024 15:14:50 GMT
vary
Accept-Encoding
server
cloudflare
demconf.jpg
dpm.demdex.net/ Frame 906A
Redirect Chain
  • https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40
  • https://dpm.demdex.net/ibs:dpid=28645&dpuuid=dhIgiNTn9F2oInVi_EJI_j3tGDmrrWZc
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=dhIgiNTn9F2oInVi_EJI_j3tGDmrrWZc
42 B
717 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=dhIgiNTn9F2oInVi_EJI_j3tGDmrrWZc
Protocol
H2
Server
52.211.141.218 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-211-141-218.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
dcs
dcs-prod-irl1-2-v067-00626ee7a.edge-irl1.demdex.com 2 ms
content-encoding
gzip
pragma
no-cache
x-content-type-options
nosniff
x-tid
v9pBfwSkT8E=
expires
Thu, 01 Jan 1970 00:00:00 UTC
content-length
59
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
date
Sat, 02 Nov 2024 15:14:50 GMT
content-type
image/gif

Redirect headers

strict-transport-security
max-age=31536000; includeSubDomains
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
location
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=dhIgiNTn9F2oInVi_EJI_j3tGDmrrWZc
dcs
dcs-prod-irl1-1-v067-075345a65.edge-irl1.demdex.com 0 ms
pragma
no-cache
x-tid
Sj59+T1fReE=
expires
Thu, 01 Jan 1970 00:00:00 UTC
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
date
Sat, 02 Nov 2024 15:14:50 GMT
9.gif
id5-sync.com/s/966/ Frame 906A 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/s/966/9.gif?puid=k--xcYhrdo1rtTIDhfuVKRGfyiV3y_94yJ1J8P1A
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.116 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533567.ip-162-19-138.eu
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
p3p
CP="CAO PSA OUR"
date
Sat, 02 Nov 2024 15:14:49 GMT
content-type
image/gif;charset=UTF-8
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
match
ad.360yield.com/ Frame 906A 		43 B
199 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-1Pk5lLdo1rtTIDhfuVKRGfyiV3wuXHMNnA6IPA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.211.160.185 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-211-160-185.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

access-control-allow-origin
*
content-length
43
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
date
Sat, 02 Nov 2024 15:14:50 GMT
content-type
image/gif
sync
matching.ivitrack.com/ Frame 906A 		42 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://matching.ivitrack.com/sync?realm=criteo&uid=k-W2ed27do1rtTIDhfuVKRGfyiV3yzqFr93iaq6Q
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.157.22 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
22.157.117.34.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

cache-control
public, max-age=86400
x-envoy-upstream-service-time
0
x-envoy-decorator-operation
tag-manager.programmatic.svc.cluster.local:3000/*
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
date
Sat, 02 Nov 2024 15:14:49 GMT
content-type
image/gif
server
istio-envoy
cksync.php
contextual.media.net/ Frame 906A 		59 B
814 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-JzRZGbdo1rtTIDhfuVKRGfyiV3yM1_Yw2zKnXg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.218.208.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-208-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
bd95e8a7f7c6225934f3f14a6cdc3876566284966667fc32f88fe141e3713da6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security
max-age=31536000
cache-control
max-age=0, no-cache, no-store
pragma
no-cache
expires
Sat, 02 Nov 2024 15:14:50 GMT
x-mnet-hl2
E
alt-svc
h3=":443"; ma=93600
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-length
59
date
Sat, 02 Nov 2024 15:14:50 GMT
content-type
image/gif
server
Apache
push
exchange.mediavine.com/usersync/ Frame 906A 		0
884 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://exchange.mediavine.com/usersync/push?partner=criteo&partnerId=k-rT1dxLdo1rtTIDhfuVKRGfyiV3wBo5gMR_QJUQ
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.198.75.48 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-198-75-48.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

cache-control
private, no-cache
content-encoding
gzip
date
Sat, 02 Nov 2024 15:14:50 GMT
content-type
text/html; charset=utf-8
vary
Origin, Accept-Encoding
access-control-allow-credentials
true
1017
jadserve.postrelease.com/suid/ Frame 906A 		43 B
423 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/suid/1017?vk=k-lHYmVbdo1rtTIDhfuVKRGfyiV3xcxxbEcoT8uw
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.18.167.44 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-18-167-44.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma
no-cache
expires
Mon, 1 Jan 1990 12:00:00 GMT
access-control-allow-origin
*
content-length
43
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Sat, 02 Nov 2024 15:14:50 GMT
content-type
image/gif
server
nginx
cookie-sync
sync.outbrain.com/ Frame 906A 		0
218 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=criteo&uid=k-ot-MYrdo1rtTIDhfuVKRGfyiV3w60MHazntDSQ&initiator=partner
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
70.42.32.223 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
no-cache
content-length
0
date
Sat, 02 Nov 2024 15:14:50 GMT
x-traceid
34abd52dee5f94adab21285649e46911
Pug
simage2.pubmatic.com/AdServer/ Frame 906A 		0
225 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-2nk8P7do1rtTIDhfuVKRGfyiV3yoTS6UaAxSIw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

cache-control
no-store, no-cache, private
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-encoding
gzip
date
Sat, 02 Nov 2024 15:14:49 GMT
content-type
text/html; charset=utf-8
server
nginx
tap.php
pixel.rubiconproject.com/ Frame 906A 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-Zc5QY7do1rtTIDhfuVKRGfyiV3yxIymuvHofiQ&expires=30
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
7d6e3b6fefbbeb4d018118d74243a2fc
Pragma
no-cache
Content-Type
image/gif
v1
match.sharethrough.com/sync/ Frame 906A 		0
58 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-zPYn-Ldo1rtTIDhfuVKRGfyiV3yrnM4MggYVpA
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.197.30.174 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-197-30-174.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security
max-age=16000000; includeSubDomains; preload;
um
criteo-sync.teads.tv/ Frame 906A 		23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://criteo-sync.teads.tv/um?eid=80&uid=k-nTMJHbdo1rtTIDhfuVKRGfyiV3wUyjYxvdsibA
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.218.209.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-209-56.deploy.static.akamaitechnologies.com
Software
pekko-http/1.0.1 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

expires
Sat, 02 Nov 2024 15:14:50 GMT
cache-control
max-age=0, no-cache, no-store
content-length
23
pragma
no-cache
date
Sat, 02 Nov 2024 15:14:50 GMT
content-type
image/gif
server
pekko-http/1.0.1
sync
criteo-partners.tremorhub.com/ Frame 906A 		43 B
398 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://criteo-partners.tremorhub.com/sync?UICR=k-Aym0Trdo1rtTIDhfuVKRGfyiV3wEfQWm1piN4A
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4200:276:5c08:8c42:d092 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date
Sat, 02 Nov 2024 15:14:50 GMT
content-type
image/gif
server
nginx
xuid
eb2.3lift.com/ Frame 906A 		37 B
140 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2711&xuid=k-p0nk9rdo1rtTIDhfuVKRGfyiV3zbWDSZXK5wFw&dongle=013b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
37
date
Sat, 02 Nov 2024 15:14:50 GMT
content-type
image/gif
m
ad.yieldlab.net/ Frame 906A 		0
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.yieldlab.net/m?dt_id=8664&ext_id=k-7RRqQbdo1rtTIDhfuVKRGfyiV3ym25NfihtFTg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.218.209.78 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-209-78.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Expires
Fri, 01 Nov 2024 15:14:50 GMT
Cache-Control
no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Pragma
no-cache
Date
Sat, 02 Nov 2024 15:14:50 GMT
Connection
keep-alive
sync
sync-criteo.ads.yieldmo.com/ Frame 906A 		0
38 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-criteo.ads.yieldmo.com/sync?id=k-oNI87Ldo1rtTIDhfuVKRGfyiV3wueCKWhODSpA&pn_id=criteo&ext=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.229.169.17 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-229-169-17.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

date
Sat, 02 Nov 2024 15:14:50 GMT
content-length
0
put
e1.emxdgt.com/ Frame 906A 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e1.emxdgt.com/put?d=d53&uid=k-w4J4xrdo1rtTIDhfuVKRGfyiV3zMAlEkr_WG3g
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.93.152.190 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-93-152-190.eu-central-1.compute.amazonaws.com
Software
awselb/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

date
Sat, 02 Nov 2024 15:14:50 GMT
server
awselb/2.0
RX-96a287af-e294-4126-bcfe-bb5fe3d3e8ff-003
sync.targeting.unrulymedia.com/csync/ Frame 906A
Redirect Chain
  • https://sync.1rx.io/usersync/criteodsp/k-soSvc7do1rtTIDhfuVKRGfyiV3y7A5sYjAPJIQ
  • https://sync.1rx.io/usersync/criteodsp/k-soSvc7do1rtTIDhfuVKRGfyiV3y7A5sYjAPJIQ?zcc=1&cb=1730560490586
  • https://sync.targeting.unrulymedia.com/csync/RX-96a287af-e294-4126-bcfe-bb5fe3d3e8ff-003
0
0
js
www.googletagmanager.com/gtag/ 		418 KB
134 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-T08R4QPG4D&cx=c&_slc=1
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
3d1a362970af98782e4323f7e5684fce8e3817c579d135a157cbaa280dacadb9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://l.helikon.bg/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Sat, 02 Nov 2024 15:14:50 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 02 Nov 2024 15:14:50 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
137395
x-xss-protection
0
server
Google Tag Manager
/
www.facebook.com/tr/ 		0
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=539134586525496&ev=PageView&dl=https%3A%2F%2Fl.helikon.bg%2F&rl=&if=false&ts=1730560490154&sw=1600&sh=1200&v=2.9.176&r=stable&ec=0&o=12318&fbp=fb.1.1730560490149.936223296110197452&ler=empty&cdl=API_unavailable&it=1730560489770&coo=false&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://l.helikon.bg/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=19, rtx=0, c=10, mss=1328, tbw=2947, tp=-1, tpl=-1, uplat=0, ullat=0
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Sat, 02 Nov 2024 15:14:50 GMT
content-type
text/plain
server
proxygen-bolt
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
927 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=539134586525496&ev=PageView&dl=https%3A%2F%2Fl.helikon.bg%2F&rl=&if=false&ts=1730560490154&sw=1600&sh=1200&v=2.9.176&r=stable&ec=0&o=12318&fbp=fb.1.1730560490149.936223296110197452&ler=empty&cdl=API_unavailable&it=1730560489770&coo=false&rqm=FGET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src 'report-sample' *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://l.helikon.bg/

Response headers

content-encoding
zstd
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7432700708554571732"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Sat, 02 Nov 2024 15:14:50 GMT
content-type
image/png
vary
Accept-Encoding
x-fb-debug
aRKNv6XtGPdSFQSlWv4dU0rX3433V/j4VEjU4TGa9J733vWShHcTt5P8YcQz5KIP66WU+knrHhVMil9fFPryTQ==
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7432700708554571732", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src 'report-sample' *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cache-control
private, no-store, no-cache, must-revalidate
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=19, rtx=0, c=10, mss=1328, tbw=6123, tp=-1, tpl=-1, uplat=170, ullat=0
cross-origin-opener-policy
same-origin-allow-popups
pragma
no-cache
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
cross-origin-opener-policy-report-only
restrict-properties;report-to="coop_report"
x-xss-protection
0
origin-agent-cluster
?0
/
www.facebook.com/tr/ 		0
32 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=192319652557189&ev=PageView&dl=https%3A%2F%2Fl.helikon.bg%2F&rl=&if=false&ts=1730560490159&sw=1600&sh=1200&v=2.9.176&r=stable&ec=0&o=12318&fbp=fb.1.1730560490149.936223296110197452&ler=empty&cdl=API_unavailable&it=1730560489770&coo=false&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://l.helikon.bg/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=19, rtx=0, c=10, mss=1328, tbw=2947, tp=-1, tpl=-1, uplat=0, ullat=0
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Sat, 02 Nov 2024 15:14:50 GMT
content-type
text/plain
server
proxygen-bolt
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=192319652557189&ev=PageView&dl=https%3A%2F%2Fl.helikon.bg%2F&rl=&if=false&ts=1730560490159&sw=1600&sh=1200&v=2.9.176&r=stable&ec=0&o=12318&fbp=fb.1.1730560490149.936223296110197452&ler=empty&cdl=API_unavailable&it=1730560489770&coo=false&rqm=FGET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src 'report-sample' *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://l.helikon.bg/

Response headers

content-encoding
zstd
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7432700708382169951"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Sat, 02 Nov 2024 15:14:50 GMT
content-type
image/png
vary
Accept-Encoding
x-fb-debug
bZWJnVcnL8P5JtgRvtsfqiavo8rWpfl1SLmk/4O7P8uukfDnlaQb+eL1Dz2TqnDwl5a1yDg87Mu6YPhpeh2h3A==
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7432700708382169951", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src 'report-sample' *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cache-control
private, no-store, no-cache, must-revalidate
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=19, rtx=0, c=10, mss=1328, tbw=3297, tp=-1, tpl=-1, uplat=137, ullat=0
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
pragma
no-cache
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?0
setuid
ib.adnxs.com/ Frame 906A 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=52&code=k-Ky14n7do1rtTIDhfuVKRGfyiV3xiZ_sZVhCj5w
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.46 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

cache-control
no-store, no-cache, private
pragma
no-cache
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
x-proxy-origin
217.114.215.131; 217.114.215.131; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
expires
Sat, 15 Nov 2008 16:00:00 GMT
an-x-request-uuid
3d087fcc-f1cd-48c2-baf2-9ac9868451fc
content-length
43
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date
Sat, 02 Nov 2024 15:14:50 GMT
x-xss-protection
0
content-type
image/gif
server
nginx/1.23.4
bg.json
unpkg.com/68publishers-cookie-consent@1.0.0/dist/translations/
Redirect Chain
  • https://unpkg.com/68publishers-cookie-consent/dist/translations/bg.json
  • https://unpkg.com/68publishers-cookie-consent@1.0.0/dist/translations/bg.json
6 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/68publishers-cookie-consent@1.0.0/dist/translations/bg.json
Protocol
H2
Server
2606:4700::6811:f5cb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aace732370f12eb50bd9aab0f843483cb66269c58852947835a112af37d42b1e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://l.helikon.bg/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
"16e2-W5/eCFWg5avc8Z22S4Qr+u1D1wQ"
age
11628012
x-content-type-options
nosniff
date
Sat, 02 Nov 2024 15:14:50 GMT
content-type
application/json; charset=utf-8
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01J0W5R6PNVS6ANF8D0YRCRBNH-fra
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=31536000
via
1.1 fly.io
cf-ray
8dc51399fe761961-FRA
access-control-allow-origin
*
server
cloudflare

Redirect headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, s-maxage=600, max-age=60
location
/68publishers-cookie-consent@1.0.0/dist/translations/bg.json
content-encoding
br
cf-cache-status
EXPIRED
x-content-type-options
nosniff
via
1.1 fly.io
cf-ray
8dc513996dbb1961-FRA
access-control-allow-origin
*
date
Sat, 02 Nov 2024 15:14:50 GMT
content-type
text/plain; charset=utf-8
vary
Accept, Accept-Encoding
fly-request-id
01JBPQ2YZQQE2BX82RYYKPXE5R-fra
server
cloudflare
cookieconsent.css
cdn.jsdelivr.net/gh/orestbida/cookieconsent@v2.9.2/dist/ 		19 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/orestbida/cookieconsent@v2.9.2/dist/cookieconsent.css
Requested by
Host: unpkg.com
URL: https://unpkg.com/68publishers-cookie-consent/dist/cookie-consent.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
2ceeeed9440b419619c1fb6ede63fe60cfd57d46444b739bd1d6aa6f9cb3dab1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://l.helikon.bg/

Response headers

access-control-expose-headers
*
content-encoding
br
etag
W/"4b71-tpMM2efa30o9bLmmNz/miPVXklM"
age
2690172
x-content-type-options
nosniff
x-jsd-version-type
version
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
HIT
date
Sat, 02 Nov 2024 15:14:50 GMT
content-type
text/css; charset=utf-8
x-served-by
cache-fra-etou8220052-FRA
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
content-length
4880
x-jsd-version
2.9.2
bg.json
unpkg.com/68publishers-cookie-consent@1.0.0/dist/translations/
Redirect Chain
  • https://unpkg.com/68publishers-cookie-consent/dist/translations/bg.json
  • https://unpkg.com/68publishers-cookie-consent@1.0.0/dist/translations/bg.json
6 KB
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/68publishers-cookie-consent@1.0.0/dist/translations/bg.json
Protocol
H2
Server
2606:4700::6811:f5cb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aace732370f12eb50bd9aab0f843483cb66269c58852947835a112af37d42b1e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://l.helikon.bg/

Response headers

cache-control
public, max-age=31536000
content-encoding
br
cf-cache-status
HIT
etag
"16e2-W5/eCFWg5avc8Z22S4Qr+u1D1wQ"
age
11628012
x-content-type-options
nosniff
via
1.1 fly.io
cf-ray
8dc51399fe761961-FRA
access-control-allow-origin
*
date
Sat, 02 Nov 2024 15:14:50 GMT
content-type
application/json; charset=utf-8
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01J0W5R6PNVS6ANF8D0YRCRBNH-fra
server
cloudflare
vary
Accept-Encoding

Redirect headers

cache-control
public, s-maxage=600, max-age=60
location
/68publishers-cookie-consent@1.0.0/dist/translations/bg.json
content-encoding
br
cf-cache-status
EXPIRED
x-content-type-options
nosniff
via
1.1 fly.io
cf-ray
8dc513996dbb1961-FRA
access-control-allow-origin
*
date
Sat, 02 Nov 2024 15:14:50 GMT
content-type
text/plain; charset=utf-8
vary
Accept, Accept-Encoding
fly-request-id
01JBPQ2YZQQE2BX82RYYKPXE5R-fra
server
cloudflare
bg.json
unpkg.com/68publishers-cookie-consent@1.0.0/dist/translations/
Redirect Chain
  • https://unpkg.com/68publishers-cookie-consent/dist/translations/bg.json
  • https://unpkg.com/68publishers-cookie-consent@1.0.0/dist/translations/bg.json
6 KB
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/68publishers-cookie-consent@1.0.0/dist/translations/bg.json
Protocol
H2
Server
2606:4700::6811:f5cb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aace732370f12eb50bd9aab0f843483cb66269c58852947835a112af37d42b1e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://l.helikon.bg/

Response headers

cache-control
public, max-age=31536000
content-encoding
br
cf-cache-status
HIT
etag
"16e2-W5/eCFWg5avc8Z22S4Qr+u1D1wQ"
age
11628012
x-content-type-options
nosniff
via
1.1 fly.io
cf-ray
8dc51399fe761961-FRA
access-control-allow-origin
*
date
Sat, 02 Nov 2024 15:14:50 GMT
content-type
application/json; charset=utf-8
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01J0W5R6PNVS6ANF8D0YRCRBNH-fra
server
cloudflare
vary
Accept-Encoding

Redirect headers

cache-control
public, s-maxage=600, max-age=60
location
/68publishers-cookie-consent@1.0.0/dist/translations/bg.json
content-encoding
br
cf-cache-status
EXPIRED
x-content-type-options
nosniff
via
1.1 fly.io
cf-ray
8dc513996dbb1961-FRA
access-control-allow-origin
*
date
Sat, 02 Nov 2024 15:14:50 GMT
content-type
text/plain; charset=utf-8
vary
Accept, Accept-Encoding
fly-request-id
01JBPQ2YZQQE2BX82RYYKPXE5R-fra
server
cloudflare
unip
trc-events.taboola.com/1374407/log/3/ 		0
244 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc-events.taboola.com/1374407/log/3/unip?en=pre_d_eng_tb&tos=1616&scd=0&ssd=1&est=1730560489791&ver=36&isls=true&src=i&invt=1500&msa=6642&rv=1&tim=1730560491408&vi=1730560489789&ri=c255d000932cd27ea5e3a5dd634d5c73&ref=null&cv=20241022-18-RELEASE&item-url=https%3A%2F%2Fl.helikon.bg%2F&it=JS_PIXEL
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1374407/tfa.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Attribution-Reporting-Eligible
trigger
Referer
https://l.helikon.bg/

Response headers

access-control-allow-origin
https://l.helikon.bg
cache-control
no-cache
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
date
Sat, 02 Nov 2024 15:14:51 GMT
pragma
no-cache
server
nginx
access-control-allow-credentials
true
unip
trc-events.taboola.com/1374407/log/3/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://trc-events.taboola.com/1374407/log/3/unip?en=pre_d_eng_tb&tos=1616&scd=0&ssd=1&est=1730560489791&ver=36&isls=true&src=i&invt=1500&msa=6642&rv=1&tim=1730560491408&vi=1730560489789&ri=c255d000932cd27ea5e3a5dd634d5c73&ref=null&cv=20241022-18-RELEASE&item-url=https%3A%2F%2Fl.helikon.bg%2F&it=JS_PIXEL
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://l.helikon.bg
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-origin
https://l.helikon.bg
allow
GET, HEAD, POST, TRACE, OPTIONS
content-length
0
date
Sat, 02 Nov 2024 15:14:51 GMT
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
server
nginx
unip
trc-events.taboola.com/1374407/log/3/ 		0
244 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc-events.taboola.com/1374407/log/3/unip?en=pre_d_eng_tb&tos=4705&scd=0&ssd=1&est=1730560489791&ver=36&isls=true&src=i&invt=3000&msa=6642&rv=1&tim=1730560494497&vi=1730560489789&ri=c255d000932cd27ea5e3a5dd634d5c73&ref=null&cv=20241022-18-RELEASE&item-url=https%3A%2F%2Fl.helikon.bg%2F&it=JS_PIXEL
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1374407/tfa.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Attribution-Reporting-Eligible
trigger
Referer
https://l.helikon.bg/

Response headers

access-control-allow-origin
https://l.helikon.bg
cache-control
no-cache
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
date
Sat, 02 Nov 2024 15:14:54 GMT
pragma
no-cache
server
nginx
access-control-allow-credentials
true
unip
trc-events.taboola.com/1374407/log/3/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://trc-events.taboola.com/1374407/log/3/unip?en=pre_d_eng_tb&tos=4705&scd=0&ssd=1&est=1730560489791&ver=36&isls=true&src=i&invt=3000&msa=6642&rv=1&tim=1730560494497&vi=1730560489789&ri=c255d000932cd27ea5e3a5dd634d5c73&ref=null&cv=20241022-18-RELEASE&item-url=https%3A%2F%2Fl.helikon.bg%2F&it=JS_PIXEL
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://l.helikon.bg
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-origin
https://l.helikon.bg
allow
GET, HEAD, POST, TRACE, OPTIONS
content-length
0
date
Sat, 02 Nov 2024 15:14:54 GMT
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
server
nginx
collect
region1.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-T08R4QPG4D&gtm=45je4au0v9122958096za200&_p=1730560489232&gcs=G100&gcd=13p3p3p2p5l1&npa=1&dma_cps=-&dma=1&tag_exp=101823848~101878899~101878944~101925629&cid=1757594751.1730560490&ul=de-de&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=denied&_eu=EA&sid=1730560489&sct=1&seg=0&dl=https%3A%2F%2Fl.helikon.bg%2F&dt=%E3%80%8A%D0%9A%D0%BD%D0%B8%D0%B6%D0%B0%D1%80%D0%BD%D0%B8%D1%86%D0%B8%20%D0%A5%D0%B5%D0%BB%D0%B8%D0%BA%D0%BE%D0%BD%E3%80%8B%7C%20%D0%9A%D0%BD%D0%B8%D0%B6%D0%B0%D1%80%D0%BD%D0%B8%D1%86%D0%B8%20%D0%A5%D0%B5%D0%BB%D0%B8%D0%BA%D0%BE%D0%BD&_s=2&tfd=8068
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-T08R4QPG4D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://l.helikon.bg/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://l.helikon.bg
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 02 Nov 2024 15:14:54 GMT
content-type
text/plain
server
Golfe2

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
sync.targeting.unrulymedia.com
URL
https://sync.targeting.unrulymedia.com/csync/RX-96a287af-e294-4126-bcfe-bb5fe3d3e8ff-003

Verdicts & Comments Add Verdict or Comment

141 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| __cfQR object| __cfBeacon function| init function| gtag object| dataLayer function| sendEmailNusletter function| resize_slider number| slideIndex object| slides function| plusDivs function| showDivs function| load_baner_990 function| _extends function| _typeof function| LazyLoad function| $ function| jQuery object| jQuery1113001437537671543887 function| slice function| Starrr function| rrssbInit string| value number| days string| expires object| date function| copyToClipboard function| copyToClipboardShowL function| allowCookies function| getCookie function| position_tabs function| hide function| show function| setMenuStyles function| check_search_q function| resetInputStyles function| createUrlProducts function| loadCart function| add_to_cart function| add_to_cart_listing function| updateCart function| calculateMultyShipping function| calculateShipping function| checkVatNumber function| shippment_type_change_event function| shippment_type_multy_change_event function| shiping_type_change_mp function| calc_shipping_price function| Countdown function| UpdateQueryString function| updateFilters function| log function| deleteComents function| showMsg function| doModal function| doModal2 function| addGiftEgmont function| phoneChTest function| showCoupons object| _tfa object| google_tag_params string| PixelGet function| fbq function| _fbq object| ProductsSearch object| CriteoProductsSearch function| onProductClick function| onCartChange function| onProductAddToCart function| onProductRemoveFromCart string| MobileDetect_type string| GoogleAnalyticsObject function| ga string| deviceType object| Criteo object| criteo_q object| google_tag_data function| GooglemKTybQhCsO number| google_conversion_snippets number| google_conversion_first_time function| clear_menu2 function| clear_menu function| clear_menu_respons function| colaps_CategoriesParameters function| colaps_FiltersParameters function| pop_loading_campania_trud_3 function| pop_loading_campania_trud_3_35 function| pop_loading_campania_pan_30 function| pop_loading_campania_Krusharska function| pop_loading_campania_locus function| pop_loading_campania_poaro function| pop_loading_campania_agata function| pop_loading_campania_bard function| pop_loading_campania_pan2 function| pop_loading_campania_dnevnik function| pop_loading_campania_helikon function| pop_loading_campania_kibea_p function| pop_loading_campania_trud_4 function| pop_loading_campania_trud_4_35 function| showCampania function| getCampania function| openBo function| closerBo function| prepareSearch function| prepare_Search boolean| __cfRLUnblockHandlers function| fblogin function| getInfo function| onSignIn function| googlemp function| loadGoogleScripts function| handleClientLoad object| google_tag_manager boolean| google_noFurtherRedirects object| gaplugins object| gaGlobal object| gaData object| TFASC object| TRC object| _taboola number| taboola_view_id object| TRCImpl function| __trcError object| EVENT_PROPERTIES_TO_URL_PARAMS_MAP number| INVALID_ACCOUNT_ID object| CONFIGS object| VALIDATION_ERRORS object| EVENTS object| TUP_EVENT_HANDLERS_BY_EVENT_NAME object| TRK_EVENT_TO_ERROR_TYPE_MAP boolean| PUBLISHER_ID_EXISTS string| CALLBACK_PARAMETER_NAME string| LAST_EXTERNAL_REFERRER_URL_PARAM object| CookieConsentWrapper function| onYouTubeIframeAPIReady object| cc_wrapper_config function| initCookieConsent object| cookieConsentWrapperEvents

37 Cookies

Domain/Path Name / Value
.helikon.bg/ Name: HELIKON
Value: gvnc314ldltmkh4711ej0jj2j5
l.helikon.bg/ Name: cid
Value: V3la7GcmQegQ8XGZBio+Ag==
.helikon.bg/ Name: __cf_bm
Value: S9xt.8TDE5uzzCwvTNnXFbhqYuq36JV7uEh6zHO3noE-1730560488-1.0.1.1-3cNhwtYio2poBBOrcXleDjHRxgI33iIVLy1pz.Dwj3BQOwTFtgeaprVlHozf0p7sR0HVa87uqPOUm8jq967z8Q
.helikon.bg/ Name: allowJS
Value: yes
.criteo.com/ Name: uid
Value: 81e33b30-cc92-490b-8e58-995295d50bb9
.criteo.com/ Name: receive-cookie-deprecation
Value: 1
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.helikon.bg/ Name: cto_bundle
Value: On_vCl8lMkJPcGpucHdtdWFIWGNMYnVSd0dFYzF5UWdXTk5CJTJGUFlmSkQydXJUM28zaVFTTXJZaFpJYUpOQ09NdmwzJTJGJTJCVzg2aTJ2QmE1UGJuV3pWVUZ4RXl6RlR5N0txZWZKYkF1RkwxNCUyQmclMkZRd3ZmbE5qV05KUGpjJTJCRHA5U0daMHM4OUpNY1VMSmNoaGV3ZXZORkFSdW9jM0ZidyUzRCUzRA
.helikon.bg/ Name: cf_clearance
Value: pK_lKVcayDS.ufzW524I7IG.CbAJtstUCajJ8ryBWPk-1730560489-1.2.1.1-0eYVC_zvlIPWfdhGPycqH9d4sQpVF8rPmYNK9eJ3W7IxVNEwoEfJbHz3BWgWFFa0xaevO7dZwHxVpXjrXH.jy2m00NhQdbe.G1cdJYitQUpL5jFnXNdmUH3qtHDgW5mG83egHjfE3Wwb4WSJERfBMVc7lD8QEJwrO2keqJIKcBP3pteAU7iRtDlF9TWr4NZcoP8G9CO.v_ywspz3gtIoU0IfpaLNsPoVnDXxN8EldALZrxHtnz837QZxnoQM7E49YTBuAiv0ehvkgZm7uQbzBW3c8iQxeqUyeBl7Lt9ymnRO.tSpM00ed1BsxTIWwdcoElUUZW1RhdERmEMyQidj47aG1HevsaLzvsF2Gqt18PuB6XPU6cKyExCjxx0HZ5hH
.helikon.bg/ Name: _ga
Value: GA1.2.262929069.1730560490
.helikon.bg/ Name: _gid
Value: GA1.2.1671382163.1730560490
.helikon.bg/ Name: _gcl_au
Value: 1.1.1491473685.1730560490
.helikon.bg/ Name: _gat
Value: 1
.criteo.com/ Name: cto_bundle
Value: IJ1zDF96V3hwUUV5VUVHenBmYmU4TEd5aWFkSVpWM0pHWWozNUxyMnU3QnZaQkR6Y05VN2RaYiUyRldPdXBPZUI2eTl3WUdzVHFpZEFmODlkTko5NFJOWlpSdnFzbWhIT0ljYnBncDZIMHZZZUJxV3E1a1JFMU5QeW9RMGltOUYyV0N3U0R2
.casalemedia.com/ Name: CMID
Value: ZyZB6lVbLWkAABE9Al-zhQAA
.casalemedia.com/ Name: CMPS
Value: 5191
.casalemedia.com/ Name: CMPRO
Value: 5191
.helikon.bg/ Name: _fbp
Value: fb.1.1730560490149.936223296110197452
.adnxs.com/ Name: XANDR_PANID
Value: GSjAPbt5UdDScJ_Qax9rnqVGWADwVJ6MwsQYl6PWs98KpncqikzUCMz4UqQb4x3pk5p_1Ag2gD4dGSQ_8ELI40qPqpto5zu0PmtjFeHoS0o.
.adnxs.com/ Name: receive-cookie-deprecation
Value: 1
.adnxs.com/ Name: uuid2
Value: 644267752538400331
.demdex.net/ Name: demdex
Value: 23299520005346608201168807415455736914
exchange.mediavine.com/ Name: mv_tokens
Value: %7B%22mv_uuid%22%3A%22345a83e0-992d-11ef-81ab-ed6b956d3c7b%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/ Name: mv_tokens_eu-v1
Value: %7B%22mv_uuid%22%3A%22345a83e0-992d-11ef-81ab-ed6b956d3c7b%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/ Name: am_tokens
Value: %7B%22mv_uuid%22%3A%22345a83e0-992d-11ef-81ab-ed6b956d3c7b%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/ Name: am_tokens_eu-v1
Value: %7B%22mv_uuid%22%3A%22345a83e0-992d-11ef-81ab-ed6b956d3c7b%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/ Name: criteo
Value: %7B%22id%22%3A%22k-rT1dxLdo1rtTIDhfuVKRGfyiV3wBo5gMR_QJUQ%22%2C%22version%22%3A%22criteo%22%7D
.dpm.demdex.net/ Name: dpm
Value: 23299520005346608201168807415455736914
.adnxs.com/ Name: anj
Value: dTM7k!M4/rCxrEQF']wIg2E>wMJFTg!@wnfH1YdP.dEXlSkivXFp[_FWx##t@#j6XT-(heowRRW@lfm?BekrACU=kLnPJMd3*Bqip#`kDP(hw9P-HC_#ty(h+g)k0
.media.net/ Name: visitor-id
Value: 3735620908214715000V10
.media.net/ Name: data-c-ts
Value: 1730560490
.media.net/ Name: data-c
Value: k-JzRZGbdo1rtTIDhfuVKRGfyiV3yM1_Yw2zKnXg~~3
.omnitagjs.com/ Name: ayl_visitor
Value: edf883781d8daf5f0dc0b766a64440d2
.postrelease.com/ Name: opt_out
Value: 1
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-96a287af-e294-4126-bcfe-bb5fe3d3e8ff-003%22%7D
.tremorhub.com/ Name: tvid
Value: 74b2489f000744e8a5285388015907ef
.tremorhub.com/ Name: tv_UICR
Value: k-Aym0Trdo1rtTIDhfuVKRGfyiV3wEfQWm1piN4A

3 Console Messages

Source Level URL
Text
recommendation verbose URL: https://l.helikon.bg/
Message:
[DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o
recommendation verbose URL: https://l.helikon.bg/
Message:
[DOM] Input elements should have autocomplete attributes (suggested: "new-password"): (More info: https://goo.gl/9p2vKq) %o
recommendation verbose URL: https://l.helikon.bg/
Message:
[DOM] Input elements should have autocomplete attributes (suggested: "new-password"): (More info: https://goo.gl/9p2vKq) %o

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=15768000
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.360yield.com
ad.yieldlab.net
cdn.jsdelivr.net
cdn.taboola.com
cm.g.doubleclick.net
connect.facebook.net
contextual.media.net
criteo-partners.tremorhub.com
criteo-sync.teads.tv
dis.criteo.com
dpm.demdex.net
e1.emxdgt.com
eb2.3lift.com
exchange.mediavine.com
googleads.g.doubleclick.net
gum.criteo.com
i.helikon.bg
i1.helikon.bg
i2.helikon.bg
i4.helikon.bg
i5.helikon.bg
ib.adnxs.com
id5-sync.com
jadserve.postrelease.com
l.helikon.bg
match.sharethrough.com
matching.ivitrack.com
pixel.rubiconproject.com
psb.taboola.com
r.casalemedia.com
region1.google-analytics.com
simage2.pubmatic.com
sslwidget.criteo.com
static.cloudflareinsights.com
sync-criteo.ads.yieldmo.com
sync-t1.taboola.com
sync.outbrain.com
sync.targeting.unrulymedia.com
trc-events.taboola.com
trc.taboola.com
unpkg.com
visitor.omnitagjs.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
x.bidswitch.net
sync.targeting.unrulymedia.com
13.248.245.213
141.226.228.48
142.250.181.226
142.250.186.162
151.101.1.44
151.101.193.44
162.19.138.116
172.64.151.101
178.250.1.9
18.197.30.174
18.198.75.48
185.255.84.153
185.89.210.46
198.47.127.205
2001:4860:4802:34::36
23.218.208.23
23.218.209.56
23.218.209.78
2600:1f18:612b:4200:276:5c08:8c42:d092
2606:4700:3108::ac42:2b9b
2606:4700::6810:4f49
2606:4700::6811:f5cb
2a00:1450:4001:806::2004
2a00:1450:4001:828::2002
2a00:1450:4001:828::200e
2a00:1450:4001:830::2008
2a02:2638:3::c
2a03:2880:f084:d:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
2a04:4e42:400::485
34.117.157.22
35.214.136.108
52.18.167.44
52.211.141.218
52.211.160.185
54.229.169.17
54.93.152.190
69.173.144.138
70.42.32.223
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
10e5039bdc4854a092a9774bf3b4728e030c1b12b12ed7195b7ca9acf542c59b
17451310783b6b1a3bd22ee6958b9b6dd676397f271852c57a20fa40589034e1
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2750c520abcfbef9bb4cccd316bca17cf03496c289b09f00c920d1c97a347140
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2ceeeed9440b419619c1fb6ede63fe60cfd57d46444b739bd1d6aa6f9cb3dab1
2d4367f7d7fb24c411adaabc28e2c0c8f1632d159f349b30fe1ea9cf3303b336
2e69ce4e109e8a9156fc31bbfe13a9ad3e35345aa7af29ea880c3a5566a8f62b
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
3a6d3ecab89ec91612dbdcf15abdee5278c537aeb3ecee787d420d82f116b280
3d1a362970af98782e4323f7e5684fce8e3817c579d135a157cbaa280dacadb9
3f3259d9b0ae58b8a90ddf0ac55a44a0d51d4a6a7f643c52cf088fe31d739f9a
449ce003e570a47a7cbad07fb9f1951c6809d199f04504af24c016565f577567
47ea4d99256f2275b8a7938a3c0efd6573a198a9aad65585abb9022f18c29a40
48d21d45a688a14ffe513e91c6900327f42c42dc3eec1ff183eb7e74a1e74bb4
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c2a4b1312ebdcc5ac028a3f8b526c65f438da0ae82f930f6b47fc0e1dd70c65
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5d202dcba6164c8148be5f2c06276f7ad2703dc08787af17a545fa06b7f3b96e
6d9fb7e01b20d445e0704f00330d02be68b30d1d9c14032c315420938a5c72f1
709e66be46949769b3b6a68bac143dafac064060cedb5c79a6ed0215c5e537c3
77d5fe96defd6c8c1e3b0466b4827cf83dc7e5c727a10177e115d25132fa86f6
7ad5ae6a14f4092f123f8782e37bdc39baf48316d0036fd6fad5479d0ba0a5d3
7ae5688a86b2f1f9e402798b4629f6f81bfaa86d937dc280c2b6966026688f0b
8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f
8d9d07518f152ac8eb6e03651f23044619c329cceee523e11a871bf1c4f6d08b
924f0b32e86fe959e4290f3690d241cc6a24c08a0a4be56b4d3ce9c2286291bc
959c1cf574d3ec8a27635845bc4661a7b1efd47a6b42f5fae9b85fea89face0d
99a3fbeda3b74d3bd0a2ab6d0b49ea376959b31f0785dba6f03db6ce536c94bf
9e884a1ce37de935762983afa009018437764a7db6a0a9667c0926dac407a640
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a3424b431f321fc82f57135699e5f3705950b411f25a879a15e5fc62b3d2b984
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
aace732370f12eb50bd9aab0f843483cb66269c58852947835a112af37d42b1e
aaffceaf5f8008608f54df6f2f7722f522caed3e8659cae1db4a2415aa443c19
aba6c559f43698e4f73c3fd2f618698a4054e70317ad7aca4a87dab139bd7b5c
ac1415cdf8ed7fb3c9a4647bbba927601cf0f455982ec7d98e35d5563bec9782
af5c27d91a8b814351b6522aa17a23a709545f11cdbc953cb0d452280e5d3b0d
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b326772ed5750e9e74d781f6ce06f66aebe6313f35749fe5a45b47f097fbb966
b467a2d7cfb71acd244f227c7eed566b15b27d5e2518b6f2ef49dc788436a789
b54207ad616350b08bfa432022a918f46c854fcd5d874055fd1cbad3ed33966c
b6c99eda8c994a23c87c54dbcb6d58c3d41233610029bf867c2eaa6b52495807
b9dbd2945796927d9e685e4600d3f7a583f38fa1f306302c5f92deb45c9f488c
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb252a2c242d8f4dd1437f8e91e28559b78780f605838c0e90177702c58b1729
bb5d1f1c65b3f7ff9cd832d7e77d77fbe3335cba60ab4281ccd375fb4b19eadc
bd95e8a7f7c6225934f3f14a6cdc3876566284966667fc32f88fe141e3713da6
c27d6bec437da6eb3216c7c309c34d8ac5b4d0bf28c34494bf74dcfe42499037
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cff4aeadecca046b6c5e446d9da3ae75411de7e284b58a8ad9ea5c7cabc3601d
d0ba2292ae004ab791a22b2b7539ba2e9269c2775d3766ade0e1e7149a81b276
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
d60a91b8ce51ef27822d54250a45c8e1137cd4bc2ab3486a636257ffff9e9dab
dafd3395358d3486c45719301acd421c2235c81fd92d5df55cb01e1e394b9f8c
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
deb47c2d523bb811cba3a88322d19e8370eec11ac63aba74c0f9700b5ba74710
e0c67125c5a92c5cd7bdd437585ac4d2a5155735bb61bb8beff7d0981e2255d2
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e56451053236d0609126126105fb30ab407aa253673309b791c9e2cb58b274d3
e7112b70eed95d42b178135728e6153e34f07001827870748de87cd7dec3538e
eeb876caee6a7c0c094d07a7fbe152f6001dfb930c36dbd6988c394d12364b6c
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629