m.helikon.bg Open in urlscan Pro
172.66.43.155 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://m.helikon.bg/168827-%D0%9F%D1%8A%D1%82%D1%8F%D1%82.html
Submission: On September 02 via api (September 2nd 2024, 8:41:44 am UTC) from DE — Scanned from DE

Summary HTTP 92 Redirects Links 14 Behaviour Indicators

Summary

This website contacted 47 IPs in 9 countries across 38 domains to perform 92 HTTP transactions. The main IP is 172.66.43.155, located in United States and belongs to CLOUDFLARENET, US. The main domain is m.helikon.bg.
TLS certificate: Issued by WE1 on July 19th 2024. Valid for: 3 months.

This is the only time m.helikon.bg was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 25	172.66.43.155 172.66.43.155	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:4f49	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:813::2008	15169 (GOOGLE) (GOOGLE)
1	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
2	151.101.65.44 151.101.65.44	54113 (FASTLY) (FASTLY)
3	157.240.253.1 157.240.253.1	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
1 2	2a02:2638:3::c 2a02:2638:3::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
2 3	37.157.5.84 37.157.5.84	198622 (ADFORM) (ADFORM)
1	37.157.2.250 37.157.2.250	198622 (ADFORM) (ADFORM)
2	178.250.1.9 178.250.1.9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c00::9d	15169 (GOOGLE) (GOOGLE)
1	142.250.186.131 142.250.186.131	15169 (GOOGLE) (GOOGLE)
1	151.101.129.44 151.101.129.44	54113 (FASTLY) (FASTLY)
4 8	2606:4700::68... 2606:4700::6811:f9cb	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:2638:3::15 2a02:2638:3::15	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a02:2638:3::19 2a02:2638:3::19	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	172.217.16.130 172.217.16.130	15169 (GOOGLE) (GOOGLE)
1	35.214.136.108 35.214.136.108	15169 (GOOGLE) (GOOGLE)
2 3	185.89.210.212 185.89.210.212	29990 (ASN-APPNEX) (ASN-APPNEX)
5	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
1	185.255.84.152 185.255.84.152	200271 (IGUANE-) (IGUANE-)
1 2	104.18.36.155 104.18.36.155	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	54.78.78.173 54.78.78.173	16509 (AMAZON-02) (AMAZON-02)
1	162.19.138.83 162.19.138.83	16276 (OVH) (OVH)
1	52.18.211.45 52.18.211.45	16509 (AMAZON-02) (AMAZON-02)
1	34.117.157.22 34.117.157.22	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	23.35.228.23 23.35.228.23	16625 (AKAMAI-AS) (AKAMAI-AS)
1	18.196.67.11 18.196.67.11	16509 (AMAZON-02) (AMAZON-02)
1	44.240.108.226 44.240.108.226	16509 (AMAZON-02) (AMAZON-02)
1	64.202.112.95 64.202.112.95	23352 (SERVERCEN...) (SERVERCENTRAL)
1	198.47.127.205 198.47.127.205	3257 (GTT-BACKB...) (GTT-BACKBONE GTT)
1	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
1	23.32.185.35 23.32.185.35	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2600:1f18:612... 2600:1f18:612b:4200:469d:9873:c4dd:d159	14618 (AMAZON-AES) (AMAZON-AES)
1	76.223.111.18 76.223.111.18	16509 (AMAZON-02) (AMAZON-02)
1	69.192.161.76 69.192.161.76	16625 (AKAMAI-AS) (AKAMAI-AS)
1	54.194.169.106 54.194.169.106	16509 (AMAZON-02) (AMAZON-02)
1	3.72.244.131 3.72.244.131	16509 (AMAZON-02) (AMAZON-02)
2 3	46.228.174.117 46.228.174.117	56396 (AMOBEE) (AMOBEE)
1	216.239.36.178 216.239.36.178	15169 (GOOGLE) (GOOGLE)
8	2a03:2880:f17... 2a03:2880:f176:84:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	172.217.16.200 172.217.16.200	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6812:ba1f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
92	47

25 172.66.43.155 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

m.helikon.bg	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
i.helikon.bg	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
i5.helikon.bg	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:4f49 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:813::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.65.44 (San Francisco, United States)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 157.240.253.1 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-fra5.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:3::c (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.157.5.84 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

track.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.2.250 (Denmark)

ASN198622 (ADFORM, DK)

s2.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

sslwidget.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.131 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f3.1e100.net

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.129.44 (San Francisco, United States)

ASN54113 (FASTLY, US)

psb.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2606:4700::6811:f9cb (United States) 4 redirects

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::15 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

fledge.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::19 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

measurement-api.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.16.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.214.136.108 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
PTR: 108.136.214.35.bc.googleusercontent.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.89.210.212 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)

sync-t1.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.255.84.152 (France)

ASN200271 (IGUANE-, FR)

visitor.omnitagjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.36.155 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

r.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.78.78.173 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-78-78-173.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.83 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31532338.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.18.211.45 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-18-211-45.eu-west-1.compute.amazonaws.com

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.117.157.22 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 22.157.117.34.bc.googleusercontent.com

matching.ivitrack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.35.228.23 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-228-23.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.196.67.11 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-196-67-11.eu-central-1.compute.amazonaws.com

exchange.mediavine.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.240.108.226 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-240-108-226.us-west-2.compute.amazonaws.com

jadserve.postrelease.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.202.112.95 (United States)

ASN23352 (SERVERCENTRAL, US)
PTR: ny.outbrain.com

sync.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.47.127.205 (United States)

ASN3257 (GTT-BACKBONE GTT, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.32.185.35 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-32-185-35.deploy.static.akamaitechnologies.com

criteo-sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:612b:4200:469d:9873:c4dd:d159 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

criteo-partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 76.223.111.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.192.161.76 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a69-192-161-76.deploy.static.akamaitechnologies.com

ad.yieldlab.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.194.169.106 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-194-169-106.eu-west-1.compute.amazonaws.com

sync-criteo.ads.yieldmo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.72.244.131 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-72-244-131.eu-central-1.compute.amazonaws.com

e1.emxdgt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 46.228.174.117 (United Kingdom) 2 redirects

ASN56396 (AMOBEE, GB)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.239.36.178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a03:2880:f176:84:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.16.200 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f200.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:ba1f (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
25	helikon.bg 1 redirects m.helikon.bg i.helikon.bg i5.helikon.bg	764 KB
8	facebook.com www.facebook.com — Cisco Umbrella Rank: 108	7 KB
8	unpkg.com 4 redirects unpkg.com — Cisco Umbrella Rank: 1314	38 KB
8	taboola.com cdn.taboola.com — Cisco Umbrella Rank: 1198 psb.taboola.com — Cisco Umbrella Rank: 9372 trc.taboola.com — Cisco Umbrella Rank: 1123 sync-t1.taboola.com — Cisco Umbrella Rank: 2447 trc-events.taboola.com — Cisco Umbrella Rank: 3272	24 KB
6	criteo.com 1 redirects gum.criteo.com — Cisco Umbrella Rank: 553 sslwidget.criteo.com — Cisco Umbrella Rank: 2867 fledge.eu.criteo.com — Cisco Umbrella Rank: 22953 measurement-api.criteo.com — Cisco Umbrella Rank: 3048 dis.criteo.com — Cisco Umbrella Rank: 1058	5 KB
4	adform.net 2 redirects track.adform.net — Cisco Umbrella Rank: 6297 s2.adform.net — Cisco Umbrella Rank: 8814	33 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 104 region1.google-analytics.com	22 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 112	374 KB
3	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 383	3 KB
3	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 77 stats.g.doubleclick.net — Cisco Umbrella Rank: 252 cm.g.doubleclick.net — Cisco Umbrella Rank: 363	722 B
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 236	73 KB
2	1rx.io 2 redirects sync.1rx.io — Cisco Umbrella Rank: 741	739 B
2	demdex.net 1 redirects dpm.demdex.net — Cisco Umbrella Rank: 319	1 KB
2	casalemedia.com 1 redirects r.casalemedia.com — Cisco Umbrella Rank: 2947	1 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 410	5 KB
1	unrulymedia.com sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1897	378 B
1	emxdgt.com e1.emxdgt.com — Cisco Umbrella Rank: 3254	44 B
1	yieldmo.com sync-criteo.ads.yieldmo.com — Cisco Umbrella Rank: 4043	38 B
1	yieldlab.net ad.yieldlab.net — Cisco Umbrella Rank: 7422	235 B
1	3lift.com eb2.3lift.com — Cisco Umbrella Rank: 632	140 B
1	tremorhub.com criteo-partners.tremorhub.com — Cisco Umbrella Rank: 3878	398 B
1	teads.tv criteo-sync.teads.tv — Cisco Umbrella Rank: 3660	163 B
1	rubiconproject.com pixel.rubiconproject.com — Cisco Umbrella Rank: 555	239 B
1	pubmatic.com simage2.pubmatic.com — Cisco Umbrella Rank: 1358	225 B
1	outbrain.com sync.outbrain.com — Cisco Umbrella Rank: 1277	218 B
1	postrelease.com jadserve.postrelease.com — Cisco Umbrella Rank: 1508	422 B
1	mediavine.com exchange.mediavine.com — Cisco Umbrella Rank: 2423	885 B
1	media.net contextual.media.net — Cisco Umbrella Rank: 1060	818 B
1	ivitrack.com matching.ivitrack.com — Cisco Umbrella Rank: 15508	265 B
1	360yield.com ad.360yield.com — Cisco Umbrella Rank: 1075	199 B
1	id5-sync.com id5-sync.com — Cisco Umbrella Rank: 645	1 KB
1	omnitagjs.com visitor.omnitagjs.com — Cisco Umbrella Rank: 1229	342 B
1	bidswitch.net x.bidswitch.net — Cisco Umbrella Rank: 499	183 B
1	google.de www.google.de — Cisco Umbrella Rank: 6716	63 B
1	google.com region1.analytics.google.com — Cisco Umbrella Rank: 3773
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 176	21 KB
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 1223	7 KB
0	sharethrough.com Failed match.sharethrough.com Failed
92	38

	Domain	Requested by
17	m.helikon.bg	1 redirects m.helikon.bg static.cloudflareinsights.com
8	www.facebook.com
8	unpkg.com	4 redirects
7	i.helikon.bg	m.helikon.bg
4	trc-events.taboola.com	cdn.taboola.com
4	www.googletagmanager.com	m.helikon.bg www.google-analytics.com
3	ib.adnxs.com	2 redirects
3	track.adform.net	2 redirects
3	www.google-analytics.com	m.helikon.bg www.google-analytics.com
3	connect.facebook.net	m.helikon.bg connect.facebook.net
2	sync.1rx.io	2 redirects
2	dpm.demdex.net	1 redirects
2	r.casalemedia.com	1 redirects
2	gum.criteo.com	1 redirects m.helikon.bg
1	region1.google-analytics.com	www.googletagmanager.com
1	cdn.jsdelivr.net	unpkg.com
1	sync.targeting.unrulymedia.com
1	e1.emxdgt.com
1	sync-criteo.ads.yieldmo.com
1	ad.yieldlab.net
1	eb2.3lift.com
1	criteo-partners.tremorhub.com
1	criteo-sync.teads.tv
1	pixel.rubiconproject.com
1	simage2.pubmatic.com
1	sync.outbrain.com
1	jadserve.postrelease.com
1	exchange.mediavine.com
1	contextual.media.net
1	matching.ivitrack.com
1	ad.360yield.com
1	id5-sync.com
1	visitor.omnitagjs.com
1	sync-t1.taboola.com
1	dis.criteo.com
1	x.bidswitch.net
1	cm.g.doubleclick.net
1	measurement-api.criteo.com	m.helikon.bg
1	fledge.eu.criteo.com	m.helikon.bg
1	trc.taboola.com	cdn.taboola.com
1	psb.taboola.com	cdn.taboola.com
1	www.google.de
1	stats.g.doubleclick.net	www.googletagmanager.com
1	region1.analytics.google.com	www.googletagmanager.com
1	sslwidget.criteo.com	m.helikon.bg
1	s2.adform.net
1	googleads.g.doubleclick.net	www.googleadservices.com
1	cdn.taboola.com	m.helikon.bg
1	www.googleadservices.com	m.helikon.bg
1	static.cloudflareinsights.com	m.helikon.bg
1	i5.helikon.bg	m.helikon.bg
0	match.sharethrough.com Failed
92	52

This site contains links to these domains. Also see Links.

Domain
www.helikon.bg
lira.bg
i5.helikon.bg
play.google.com
apps.apple.com
www.microsoft.com
www.facebook.com
www.instagram.com
promochip.bg
i.helikon.bg

Subject Issuer	Validity	Valid
helikon.bg WE1	`2024-07-19` - `2024-10-17`	3 months	crt.sh
cloudflareinsights.com WE1	`2024-07-06` - `2024-10-04`	3 months	crt.sh
*.google-analytics.com WR2	`2024-08-05` - `2024-10-28`	3 months	crt.sh
*.googleadservices.com WR2	`2024-08-05` - `2024-10-28`	3 months	crt.sh
*.taboola.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-07-30` - `2024-12-31`	5 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-06-11` - `2024-09-09`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-08-26` - `2024-11-20`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-08-05` - `2024-10-28`	3 months	crt.sh
*.google.de WR2	`2024-08-05` - `2024-10-28`	3 months	crt.sh
*.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-08-20` - `2024-11-22`	3 months	crt.sh
*.bidswitch.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-07-16` - `2024-10-16`	3 months	crt.sh
omnitagjs.com Sectigo RSA Domain Validation Secure Server CA	`2024-07-02` - `2025-08-01`	a year	crt.sh
*.id5-sync.com E5	`2024-09-01` - `2024-11-30`	3 months	crt.sh
*.360yield.com Amazon RSA 2048 M02	`2024-04-28` - `2025-05-27`	a year	crt.sh
itm.ivitrack.com R10	`2024-08-10` - `2024-11-08`	3 months	crt.sh
*.media.net DigiCert TLS RSA SHA256 2020 CA1	`2023-12-21` - `2024-12-21`	a year	crt.sh
exchange.mediavine.com Amazon RSA 2048 M02	`2024-05-06` - `2025-06-04`	a year	crt.sh
*.postrelease.com Amazon RSA 2048 M03	`2024-07-31` - `2025-08-30`	a year	crt.sh
*.outbrain.com Thawte TLS RSA CA G1	`2024-07-31` - `2024-11-27`	4 months	crt.sh
*.pubmatic.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-03-19` - `2025-04-19`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2024-07-30` - `2025-04-03`	8 months	crt.sh
teads.tv R10	`2024-06-11` - `2024-09-09`	3 months	crt.sh
*.tremorhub.com Amazon RSA 2048 M03	`2024-01-24` - `2025-02-21`	a year	crt.sh
*.3lift.com Amazon RSA 2048 M02	`2024-03-13` - `2025-04-11`	a year	crt.sh
*.yieldlab.net DigiCert TLS RSA SHA256 2020 CA1	`2024-08-08` - `2025-08-10`	a year	crt.sh
*.ads.yieldmo.com Amazon RSA 2048 M03	`2024-03-04` - `2025-04-03`	a year	crt.sh
*.emxdgt.com Amazon RSA 2048 M03	`2024-04-02` - `2025-05-01`	a year	crt.sh
*.jsdelivr.net Sectigo RSA Domain Validation Secure Server CA	`2024-05-04` - `2025-05-04`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2024-02-14` - `2025-03-16`	a year	crt.sh

This page contains 5 frames:

Primary Page: https://m.helikon.bg/168827-%D0%9F%D1%8A%D1%82%D1%8F%D1%82.html
Frame ID: 4506E92A720B7DB89F93B8B8A19A9D33
Requests: 63 HTTP requests in this frame

Frame: https://m.helikon.bg/cdn-cgi/challenge-platform/h/g/scripts/jsd/e7cf9275f425/main.js
Frame ID: A7C0D377E3989ADD41DE301F938C5DF8
Requests: 3 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=m.helikon.bg&origin=onetag
Frame ID: 9C68FED74CFCDAC73AF6DEDD1F04EB79
Requests: 1 HTTP requests in this frame

Frame: https://fledge.eu.criteo.com/interest-group?data=VVL7TnxXVHN0YldxNjhwMG9qS1lWVnBCSjM2a0hYL0FGSnpGeWZQRW5TVHBlcUhJZHZ5WlpnWlpGTGIvOCtSb1Vlc2ZMYXZnTTZ3aElNWGlDTFBuMEVuRXBDc2xWc2E1TGhFdWhHcGJnUFZBT1pTYkt1QmlNRy9xaG94QmZaNkFLelpmc3RGc3ZlUTVHa2xrVUM3L0tFNERxd2ZIL0hzVjl0S0wwdHNvNFJvcWFOVDg9fA
Frame ID: 0112A671E639F2C9D438CB17460D0B60
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-EhZMsf2DrYsGwR_HBJUcXb_jDMFP8YY296aVHg&google_cm&google_hm=ay1FaFpNc2YyRHJZc0d3Ul9IQkpVY1hiX2pETUZQOFlZMjk2YVZIZw
Frame ID: 9CD6388A3FF042B1DB5A3056E80167E1
Requests: 25 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

《Пътят》| Кормак Маккарти | Книги от онлайн книжарница Хеликон | Книжарници Хеликон

Detected technologies

Google Sign-in (Social logins) Expand

Overall confidence: 100%
Detected patterns

<meta[^>]*google-signin-client_id

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Select2 (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

select2(?:\.min|\.full)?\.js

basket.js (JavaScript Libraries) Expand

Overall confidence: 10%
Detected patterns

basket.*\.js

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

92
Requests

87 %
HTTPS

26 %
IPv6

38
Domains

52
Subdomains

47
IPs

9
Countries

1381 kB
Transfer

4098 kB
Size

42
Cookies

14 Outgoing links

These are links going to different origins than the main page.

URL: https://www.helikon.bg/
Title: Helikon.bg

Search URL Search Domain Scan URL

URL: https://lira.bg/
Title: lira.bg

Search URL Search Domain Scan URL

URL: https://i5.helikon.bg/products/8827/16/168827/168827_b.jpg?t=1725264088

Search URL Search Domain Scan URL

URL: https://www.helikon.bg/page/porachki-po-telefona.html
Title: ПОРЪЧАЙ ПО ТЕЛЕФОН

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.obreey.reader&hl=bg

Search URL Search Domain Scan URL

URL: https://apps.apple.com/us/app/pocketbook-reader-epub-fb2-pdf-djvu-mobi-chm-txt/id805488884

Search URL Search Domain Scan URL

URL: https://www.microsoft.com/en-us/p/overdrive-media-console/9wzdncrfj3t4

Search URL Search Domain Scan URL

URL: https://www.facebook.com/helikon.bg
Title: Helikon.bg във Facebook

Search URL Search Domain Scan URL

URL: https://www.instagram.com/helikonbookstore/?utm_source=ig_profile_share&igshid=p1z4jiivroiq

Search URL Search Domain Scan URL

URL: https://www.helikon.bg/page/pravo-na-otkaz.html
Title: Право на отказ от закупена стока

Search URL Search Domain Scan URL

URL: http://lira.bg/
Title: Lira.bg

Search URL Search Domain Scan URL

URL: https://promochip.bg/
Title: Promochip.bg

Search URL Search Domain Scan URL

URL: https://i.helikon.bg/pravilnik/Pravilnik-Liato-v-kniga-16-08-06-09-2024.pdf
Title: Правилник на кампанията „Лято в книга“

Search URL Search Domain Scan URL

URL: https://i.helikon.bg/pravilnik/Pan_sept.2024_rules.pdf
Title: Общи условия и правила за провеждане на кампания „Месец на книгите с Пан“

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 24

https://m.helikon.bg/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://m.helikon.bg/cdn-cgi/challenge-platform/h/g/scripts/jsd/e7cf9275f425/main.js

Request Chain 33

https://track.adform.net/serving/scripts/trackpoint/async/ HTTP 301
https://s2.adform.net/banners/scripts/st/trackpoint-async.js

Request Chain 45

https://unpkg.com/68publishers-cookie-consent/dist/cookie-consent.min.js HTTP 302
https://unpkg.com/68publishers-cookie-consent@1.0.0/dist/cookie-consent.min.js

Request Chain 50

https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID HTTP 302
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=5331507210521727264

Request Chain 53

https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-u8IGtv2DrYsGwR_HBJUcXb_jDMEoUJpoM_BhfQ HTTP 302
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-u8IGtv2DrYsGwR_HBJUcXb_jDMEoUJpoM_BhfQ&C=1

Request Chain 54

https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40 HTTP 302
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=9gji9hVTkAQxhIxmx8swHetRzDl47Nze HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=9gji9hVTkAQxhIxmx8swHetRzDl47Nze

Request Chain 71

https://sync.1rx.io/usersync/criteodsp/k-r1jL2f2DrYsGwR_HBJUcXb_jDMFJf5wSmhS3vA HTTP 302
https://sync.1rx.io/usersync/criteodsp/k-r1jL2f2DrYsGwR_HBJUcXb_jDMFJf5wSmhS3vA?zcc=1&cb=1725266499915 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-71077c9f-f9f8-4dfb-b02b-562b8a074e7e-003

Request Chain 74

https://track.adform.net/Serving/TrackPoint/?pm=2104384&ADFPageName=Product%20page&ADFdivider=%7C&ord=193878972264&ADFtpmode=2&ecpr=W3sicGlkIjoiMTY4ODI3Iiwic3RlcCI6MX1d&loc=https%3A%2F%2Fm.helikon.bg%2F168827-%25D0%259F%25D1%258A%25D1%2582%25D1%258F%25D1%2582.html&Set1=de-DE%7Cde-DE%7C1600x1200%7C24 HTTP 302
https://track.adform.net/Serving/TrackPoint/?CC=1&pm=2104384&ADFPageName=Product%20page&ADFdivider=%7C&ord=193878972264&ADFtpmode=2&ecpr=W3sicGlkIjoiMTY4ODI3Iiwic3RlcCI6MX1d&loc=https%3A%2F%2Fm.helikon.bg%2F168827-%25D0%259F%25D1%258A%25D1%2582%25D1%258F%25D1%2582.html&Set1=de-DE%7Cde-DE%7C1600x1200%7C24

Request Chain 84

https://unpkg.com/68publishers-cookie-consent/dist/translations/bg.json HTTP 302
https://unpkg.com/68publishers-cookie-consent@1.0.0/dist/translations/bg.json

Request Chain 86

https://unpkg.com/68publishers-cookie-consent/dist/translations/bg.json HTTP 302
https://unpkg.com/68publishers-cookie-consent@1.0.0/dist/translations/bg.json

Request Chain 87

https://unpkg.com/68publishers-cookie-consent/dist/translations/bg.json HTTP 302
https://unpkg.com/68publishers-cookie-consent@1.0.0/dist/translations/bg.json

92 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3 200 Primary Request 168827-%D0%9F%D1%8A%D1%82%D1%8F%D1%82.html Show response
m.helikon.bg/ 2 MB
387 KB 810ms
742ms Document
text/html 172.66.43.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://m.helikon.bg/168827-%D0%9F%D1%8A%D1%82%D1%8F%D1%82.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.43.155 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e9a48d288165f286b3251015e2863e6b30a02285b1590a433ffb19e28b38e9d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8bcc33b8dee16a6a-HAM
content-encoding: br
content-type: text/html; charset=UTF-8
date: Mon, 02 Sep 2024 08:41:38 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
server: cloudflare
strict-transport-security: max-age=15768000
vary: Accept-Encoding
x-xss-protection: 1; mode=block

GET
H3 200 phone_nl.jpg
i.helikon.bg/ 3 KB
3 KB 83ms
70ms Image
image/jpeg 172.66.43.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.helikon.bg/phone_nl.jpg
Requested by: Host: m.helikon.bg
URL: https://m.helikon.bg/168827-%D0%9F%D1%8A%D1%82%D1%8F%D1%82.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.66.43.155 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3af5f025c9974a03bcf056343c3f846d82c3c01324703e08f1f3337bc6e2ed76

Request headers

Referer: https://m.helikon.bg/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 02 Sep 2024 08:41:38 GMT
cf-cache-status: HIT
cf-bgj: imgq:100,h2pri
last-modified: Wed, 01 Apr 2020 15:38:18 GMT
server: cloudflare
age: 7102
cf-polished: origSize=3324
etag: W/"5e84b56a-cfc"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=31536000
cf-ray: 8bcc33be8f706a6a-HAM
alt-svc: h3=":443"; ma=86400
expires: Tue, 02 Sep 2025 05:52:46 GMT

GET
H3 200 168827_b.jpg
i5.helikon.bg/products/8827/16/168827/ 11 KB
11 KB 164ms
149ms Image
image/jpeg 172.66.43.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i5.helikon.bg/products/8827/16/168827/168827_b.jpg?h=263&t=1725264088
Requested by: Host: m.helikon.bg
URL: https://m.helikon.bg/168827-%D0%9F%D1%8A%D1%82%D1%8F%D1%82.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.66.43.155 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b73b792e38706225c8c8b022211d57dae8145cdc00393b6c5c7ae041ef6c8099

Request headers

Referer: https://m.helikon.bg/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 02 Sep 2024 08:41:38 GMT
cf-cache-status: HIT
cf-bgj: imgq:100,h2pri
last-modified: Wed, 31 Oct 2012 15:41:22 GMT
server: cloudflare
cf-polished: origSize=11355
etag: W/"509146a2-89d5"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=31536000
cf-ray: 8bcc33be9f906a6a-HAM
alt-svc: h3=":443"; ma=86400
expires: Tue, 02 Sep 2025 08:02:04 GMT

GET
H3 200 buy_buton.png
i.helikon.bg/new_buttons2/ 318 B
589 B 95ms
86ms Image
image/webp 172.66.43.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.helikon.bg/new_buttons2/buy_buton.png
Requested by: Host: m.helikon.bg
URL: https://m.helikon.bg/168827-%D0%9F%D1%8A%D1%82%D1%8F%D1%82.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.66.43.155 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa940b5099345b025437df949e77486ec26ef5dadec5f392d5bf4d84ff21da89

Request headers

Referer: https://m.helikon.bg/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 02 Sep 2024 08:41:38 GMT
cf-cache-status: HIT
cf-bgj: imgq:100,h2pri
last-modified: Tue, 07 Apr 2020 13:13:05 GMT
server: cloudflare
age: 5930832
cf-polished: origFmt=png, origSize=1541
etag: W/"5e8c7c61-605"
vary: Accept
content-type: image/webp
cache-control: public, max-age=31536000
content-disposition: inline; filename="buy_buton.webp"
cf-ray: 8bcc33be8f6b6a6a-HAM
alt-svc: h3=":443"; ma=86400
expires: Fri, 20 Jun 2025 15:15:15 GMT

GET
H3 200 phone_buy_buton.png
i.helikon.bg/new_buttons/ 378 B
652 B 81ms
73ms Image
image/webp 172.66.43.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.helikon.bg/new_buttons/phone_buy_buton.png
Requested by: Host: m.helikon.bg
URL: https://m.helikon.bg/168827-%D0%9F%D1%8A%D1%82%D1%8F%D1%82.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.66.43.155 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1b448e4684d7492dd2428954fd18cea462c2295d88552af7b0def087bd62ce4b

Request headers

Referer: https://m.helikon.bg/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 02 Sep 2024 08:41:38 GMT
cf-cache-status: HIT
cf-bgj: imgq:100,h2pri
last-modified: Sun, 05 Apr 2020 01:26:19 GMT
server: cloudflare
age: 1163
cf-polished: origFmt=png, origSize=1410
etag: W/"5e8933bb-582"
vary: Accept
content-type: image/webp
cache-control: public, max-age=31536000
content-disposition: inline; filename="phone_buy_buton.webp"
cf-ray: 8bcc33be8f746a6a-HAM
alt-svc: h3=":443"; ma=86400
expires: Tue, 02 Sep 2025 05:52:46 GMT

GET
H3 200 add_basket.jpg
i.helikon.bg/new_buttons2/ 869 B
1 KB 82ms
73ms Image
image/jpeg 172.66.43.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.helikon.bg/new_buttons2/add_basket.jpg
Requested by: Host: m.helikon.bg
URL: https://m.helikon.bg/168827-%D0%9F%D1%8A%D1%82%D1%8F%D1%82.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.66.43.155 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3a6d3ecab89ec91612dbdcf15abdee5278c537aeb3ecee787d420d82f116b280

Request headers

Referer: https://m.helikon.bg/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 02 Sep 2024 08:41:38 GMT
cf-cache-status: HIT
cf-bgj: imgq:100,h2pri
last-modified: Tue, 07 Apr 2020 13:13:05 GMT
server: cloudflare
age: 10686567
cf-polished: origSize=1139
etag: W/"5e8c7c61-adc"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=31536000
cf-ray: 8bcc33be8f776a6a-HAM
alt-svc: h3=":443"; ma=86400
expires: Wed, 19 Mar 2025 14:04:38 GMT

GET
DATA 200
OK truncated
/ 29 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 47ea4d99256f2275b8a7938a3c0efd6573a198a9aad65585abb9022f18c29a40

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
H3 200 email-decode.min.js Show response
m.helikon.bg/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
835 B 54ms
54ms Script
application/javascript 172.66.43.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://m.helikon.bg/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: m.helikon.bg
URL: https://m.helikon.bg/168827-%D0%9F%D1%8A%D1%82%D1%8F%D1%82.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.43.155 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://m.helikon.bg/168827-%D0%9F%D1%8A%D1%82%D1%8F%D1%82.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 02 Sep 2024 08:41:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 27 Aug 2024 19:10:54 GMT
server: cloudflare
etag: W/"66ce24be-4d7"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 8bcc33be8f566a6a-HAM
expires: Wed, 04 Sep 2024 08:41:38 GMT

GET
H3 200 com.obreey.reader.png
i.helikon.bg/ 4 KB
4 KB 66ms
65ms Image
image/webp 172.66.43.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.helikon.bg/com.obreey.reader.png
Requested by: Host: m.helikon.bg
URL: https://m.helikon.bg/168827-%D0%9F%D1%8A%D1%82%D1%8F%D1%82.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.66.43.155 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ec955c146d567c86866ac4ab20e0b291243d3a890595bbc46c14ce5ea0d00351

Request headers

Referer: https://m.helikon.bg/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 02 Sep 2024 08:41:38 GMT
cf-cache-status: HIT
cf-bgj: imgq:100,h2pri
last-modified: Fri, 10 Jul 2020 14:40:50 GMT
server: cloudflare
age: 10668582
cf-polished: origFmt=png, origSize=7814
etag: W/"5f087df2-1e86"
vary: Accept
content-type: image/webp
cache-control: public, max-age=31536000
content-disposition: inline; filename="com.webp"
cf-ray: 8bcc33be8f786a6a-HAM
alt-svc: h3=":443"; ma=86400
expires: Wed, 19 Mar 2025 14:04:38 GMT

GET
H3 200 pocketbook-reader-epub-fb2-pdf.png
i.helikon.bg/ 3 KB
4 KB 66ms
65ms Image
image/webp 172.66.43.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.helikon.bg/pocketbook-reader-epub-fb2-pdf.png
Requested by: Host: m.helikon.bg
URL: https://m.helikon.bg/168827-%D0%9F%D1%8A%D1%82%D1%8F%D1%82.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.66.43.155 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bcd489b31e182215b44326f95a9472676a917e63fb20e70510c6f21be7f9c772

Request headers

Referer: https://m.helikon.bg/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 02 Sep 2024 08:41:38 GMT
cf-cache-status: HIT
cf-bgj: imgq:100,h2pri
last-modified: Fri, 10 Jul 2020 14:40:46 GMT
server: cloudflare
age: 10686567
cf-polished: origFmt=png, origSize=9988
etag: W/"5f087dee-2704"
vary: Accept
content-type: image/webp
cache-control: public, max-age=31536000
content-disposition: inline; filename="pocketbook-reader-epub-fb2-pdf.webp"
cf-ray: 8bcc33be9f7d6a6a-HAM
alt-svc: h3=":443"; ma=86400
expires: Thu, 24 Apr 2025 20:32:07 GMT

GET
H3 200 Instagram.png
i.helikon.bg/ 2 KB
2 KB 71ms
71ms Image
image/webp 172.66.43.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.helikon.bg/Instagram.png
Requested by: Host: m.helikon.bg
URL: https://m.helikon.bg/168827-%D0%9F%D1%8A%D1%82%D1%8F%D1%82.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.66.43.155 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2d4367f7d7fb24c411adaabc28e2c0c8f1632d159f349b30fe1ea9cf3303b336

Request headers

Referer: https://m.helikon.bg/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 02 Sep 2024 08:41:38 GMT
cf-cache-status: HIT
cf-bgj: imgq:100,h2pri
last-modified: Fri, 11 Jan 2019 11:21:56 GMT
server: cloudflare
age: 10686567
cf-polished: origFmt=png, origSize=2206
etag: W/"5c387c54-89e"
vary: Accept
content-type: image/webp
cache-control: public, max-age=31536000
content-disposition: inline; filename="Instagram.webp"
cf-ray: 8bcc33bef82d6a6a-HAM
alt-svc: h3=":443"; ma=86400
expires: Fri, 04 Apr 2025 21:03:47 GMT

GET
H3 200 logo-f.png
m.helikon.bg/templates/design/img/ 4 KB
4 KB 64ms
64ms Image
image/webp 172.66.43.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://m.helikon.bg/templates/design/img/logo-f.png
Requested by: Host: m.helikon.bg
URL: https://m.helikon.bg/168827-%D0%9F%D1%8A%D1%82%D1%8F%D1%82.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.66.43.155 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d60a91b8ce51ef27822d54250a45c8e1137cd4bc2ab3486a636257ffff9e9dab

Request headers

Referer: https://m.helikon.bg/168827-%D0%9F%D1%8A%D1%82%D1%8F%D1%82.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 02 Sep 2024 08:41:38 GMT
cf-cache-status: HIT
cf-bgj: imgq:100,h2pri
last-modified: Wed, 03 Feb 2021 15:24:02 GMT
server: cloudflare
age: 3615972
cf-polished: origFmt=png, origSize=6325
etag: W/"601ac012-18b5"
vary: Accept
content-type: image/webp
cache-control: public, max-age=31536000
content-disposition: inline; filename="logo-f.webp"
cf-ray: 8bcc33be9f806a6a-HAM
alt-svc: h3=":443"; ma=86400
expires: Sat, 03 May 2025 00:40:21 GMT

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9e884a1ce37de935762983afa009018437764a7db6a0a9667c0926dac407a640

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 OpenSans-Regular.woff2
m.helikon.bg/templates/design/fonts/ 49 KB
49 KB 65ms
64ms Font
application/octet-stream 172.66.43.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://m.helikon.bg/templates/design/fonts/OpenSans-Regular.woff2
Requested by: Host: m.helikon.bg
URL: https://m.helikon.bg/168827-%D0%9F%D1%8A%D1%82%D1%8F%D1%82.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.66.43.155 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e56451053236d0609126126105fb30ab407aa253673309b791c9e2cb58b274d3

Request headers

Referer: https://m.helikon.bg/168827-%D0%9F%D1%8A%D1%82%D1%8F%D1%82.html
Origin: https://m.helikon.bg
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 02 Sep 2024 08:41:38 GMT
cf-cache-status: HIT
last-modified: Tue, 02 Apr 2019 13:28:30 GMT
server: cloudflare
age: 5803159
etag: "5ca3637e-c420"
vary: Accept-Encoding
content-type: application/octet-stream
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8bcc33bebfd26a6a-HAM
alt-svc: h3=":443"; ma=86400
content-length: 50208
expires: Wed, 19 Mar 2025 14:12:18 GMT

GET
H3 200 fontawesome-webfont.woff2
m.helikon.bg/templates/design/fonts/ 75 KB
76 KB 63ms
62ms Font
application/octet-stream 172.66.43.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://m.helikon.bg/templates/design/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by: Host: m.helikon.bg
URL: https://m.helikon.bg/168827-%D0%9F%D1%8A%D1%82%D1%8F%D1%82.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.66.43.155 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer: https://m.helikon.bg/168827-%D0%9F%D1%8A%D1%82%D1%8F%D1%82.html
Origin: https://m.helikon.bg
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 02 Sep 2024 08:41:38 GMT
cf-cache-status: HIT
last-modified: Tue, 02 Apr 2019 13:28:30 GMT
server: cloudflare
age: 1564518
etag: "5ca3637e-12d68"
vary: Accept-Encoding
content-type: application/octet-stream
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8bcc33bebfd46a6a-HAM
alt-svc: h3=":443"; ma=86400
content-length: 77160
expires: Wed, 19 Mar 2025 14:12:18 GMT

GET
H3 200 OpenSansCondensed-Bold.woff2
m.helikon.bg/templates/design/fonts/ 56 KB
56 KB 81ms
80ms Font
application/octet-stream 172.66.43.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://m.helikon.bg/templates/design/fonts/OpenSansCondensed-Bold.woff2
Requested by: Host: m.helikon.bg
URL: https://m.helikon.bg/168827-%D0%9F%D1%8A%D1%82%D1%8F%D1%82.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.66.43.155 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b467a2d7cfb71acd244f227c7eed566b15b27d5e2518b6f2ef49dc788436a789

Request headers

Referer: https://m.helikon.bg/168827-%D0%9F%D1%8A%D1%82%D1%8F%D1%82.html
Origin: https://m.helikon.bg
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 02 Sep 2024 08:41:38 GMT
cf-cache-status: HIT
last-modified: Tue, 02 Apr 2019 13:28:30 GMT
server: cloudflare
age: 5803159
etag: "5ca3637e-de18"
vary: Accept-Encoding
content-type: application/octet-stream
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8bcc33bebfd56a6a-HAM
alt-svc: h3=":443"; ma=86400
content-length: 56856
expires: Wed, 19 Mar 2025 14:12:18 GMT

GET
H3 200 ParmigianoTextPro-MedIta.woff2
m.helikon.bg/templates/design/fonts/ 124 KB
125 KB 66ms
65ms Font
application/octet-stream 172.66.43.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://m.helikon.bg/templates/design/fonts/ParmigianoTextPro-MedIta.woff2
Requested by: Host: m.helikon.bg
URL: https://m.helikon.bg/168827-%D0%9F%D1%8A%D1%82%D1%8F%D1%82.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.66.43.155 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fd6c037e524d5e6780b0d94b34dbebb65fa4f0c2ca2ba5686d1480d6f3edb694

Request headers

Referer: https://m.helikon.bg/168827-%D0%9F%D1%8A%D1%82%D1%8F%D1%82.html
Origin: https://m.helikon.bg
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 02 Sep 2024 08:41:38 GMT
cf-cache-status: HIT
last-modified: Tue, 02 Apr 2019 13:28:31 GMT
server: cloudflare
age: 100043
etag: "5ca3637f-1f1e0"
vary: Accept-Encoding
content-type: application/octet-stream
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8bcc33bebfd66a6a-HAM
alt-svc: h3=":443"; ma=86400
content-length: 127456
expires: Fri, 21 Mar 2025 05:07:03 GMT

GET
H3 200 select2.css
m.helikon.bg/templates/design/select2/dist/css/ 15 KB
2 KB 95ms
95ms Stylesheet
text/css 172.66.43.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://m.helikon.bg/templates/design/select2/dist/css/select2.css
Requested by: Host: m.helikon.bg
URL: https://m.helikon.bg/168827-%D0%9F%D1%8A%D1%82%D1%8F%D1%82.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.66.43.155 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e90567ca798874fbcc1d8a0ee7493ce3c7d03f9646ac22e79f9d8d1314fda512

Request headers

Referer: https://m.helikon.bg/168827-%D0%9F%D1%8A%D1%82%D1%8F%D1%82.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 02 Sep 2024 08:41:38 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Tue, 22 Feb 2022 19:20:55 GMT
server: cloudflare
age: 355487
cf-polished: origSize=17696
etag: W/"62153797-4520"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000
cf-ray: 8bcc33becfdd6a6a-HAM
alt-svc: h3=":443"; ma=86400
expires: Wed, 04 Jun 2025 20:12:05 GMT

GET
DATA 200
OK truncated
/ 12 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d0a42c5d7b4bc04b2d9725cf9d4527579c4f032b43cc9af5fb5735dca5bb7ec0

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 rocket-loader.min.js Show response
m.helikon.bg/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
4 KB 71ms
71ms Script
application/javascript 172.66.43.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://m.helikon.bg/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: m.helikon.bg
URL: https://m.helikon.bg/168827-%D0%9F%D1%8A%D1%82%D1%8F%D1%82.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.43.155 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://m.helikon.bg/168827-%D0%9F%D1%8A%D1%82%D1%8F%D1%82.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 02 Sep 2024 08:41:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 27 Aug 2024 19:10:54 GMT
server: cloudflare
etag: W/"66ce24be-302c"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 8bcc33bef82a6a6a-HAM
expires: Wed, 04 Sep 2024 08:41:38 GMT

GET
H2 200 vcd15cbe7772f49c399c6a5babf22c1241717689176015 Show response
static.cloudflareinsights.com/beacon.min.js/ 19 KB
7 KB 173ms
83ms Script
text/javascript 2606:4700::6810:4f49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015
Requested by: Host: m.helikon.bg
URL: https://m.helikon.bg/168827-%D0%9F%D1%8A%D1%82%D1%8F%D1%82.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:4f49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f

Request headers

Referer: https://m.helikon.bg/
Origin: https://m.helikon.bg
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 02 Sep 2024 08:41:38 GMT
content-encoding: gzip
last-modified: Thu, 06 Jun 2024 15:52:56 GMT
server: cloudflare
etag: W/"2024.6.1"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 8bcc33bf88e31915-FRA

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 329 KB
108 KB 201ms
115ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-T08R4QPG4D

Requested by

Host: m.helikon.bg
URL: https://m.helikon.bg/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f94d92f5fa1a783ab94650e6c45280f204c0f4e98068e90762cef5c257a2a815

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://m.helikon.bg/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 02 Sep 2024 08:41:38 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 110421
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 02 Sep 2024 08:41:38 GMT

GET
H3 200 conversion.js Show response
www.googleadservices.com/pagead/ 58 KB
21 KB 116ms
54ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion.js

Requested by

Host: m.helikon.bg
URL: https://m.helikon.bg/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

8f8d206651d3d5fcc47d7fd9ad9ef96e952b165dc46ea5959dfc62fca4b4ea7d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://m.helikon.bg/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 02 Sep 2024 08:41:38 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21750
x-xss-protection: 0
server: cafe
etag: 8328730828540229382
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 02 Sep 2024 08:41:38 GMT

GET
H3 200 select2.js Show response
m.helikon.bg/templates/design/select2/dist/js/ 92 KB
23 KB 80ms
80ms Script
application/javascript 172.66.43.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://m.helikon.bg/templates/design/select2/dist/js/select2.js
Requested by: Host: m.helikon.bg
URL: https://m.helikon.bg/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.66.43.155 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b9dbd2945796927d9e685e4600d3f7a583f38fa1f306302c5f92deb45c9f488c

Request headers

Referer: https://m.helikon.bg/168827-%D0%9F%D1%8A%D1%82%D1%8F%D1%82.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 02 Sep 2024 08:41:38 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Tue, 22 Feb 2022 19:20:56 GMT
server: cloudflare
age: 10668582
cf-polished: origSize=142796
etag: W/"62153798-22dcc"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 8bcc33bfb9206a6a-HAM
alt-svc: h3=":443"; ma=86400
expires: Wed, 19 Mar 2025 14:12:23 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 241 KB
86 KB 148ms
64ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-987939168

Requested by

Host: m.helikon.bg
URL: https://m.helikon.bg/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

70b959cbeacf599c1efbb3d88e8a522b22fcab3cc42cf6fb25b7a14599afda06

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://m.helikon.bg/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 02 Sep 2024 08:41:38 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 87610
x-xss-protection: 0
last-modified: Mon, 02 Sep 2024 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 02 Sep 2024 08:41:38 GMT

GET
H3

200

main.js Show response
m.helikon.bg/cdn-cgi/challenge-platform/h/g/scripts/jsd/e7cf9275f425/ Frame A7C0
Redirect Chain

https://m.helikon.bg/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://m.helikon.bg/cdn-cgi/challenge-platform/h/g/scripts/jsd/e7cf9275f425/main.js?

8 KB
4 KB

54ms
53ms

Script
application/javascript

172.66.43.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://m.helikon.bg/cdn-cgi/challenge-platform/h/g/scripts/jsd/e7cf9275f425/main.js?

Protocol

Server

172.66.43.155 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2803a81293660267f760961704d00cbc9b2403ec3b31cffadb5a4059483c82ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 02 Sep 2024 08:41:38 GMT
content-encoding: br
x-content-type-options: nosniff
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, stale-if-error=10800, stale-while-revalidate=10800, public
cf-ray: 8bcc33c0aae06a6a-HAM
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Mon, 02 Sep 2024 08:41:38 GMT
server: cloudflare
vary: Accept-Encoding
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/e7cf9275f425/main.js?
access-control-allow-origin: *
cache-control: max-age=300, stale-if-error=10800, stale-while-revalidate=10800, public
cf-ray: 8bcc33c019cc6a6a-HAM
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H3 200 logo.png
m.helikon.bg/templates/design/img/ 3 KB
3 KB 80ms
80ms Image
image/webp 172.66.43.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://m.helikon.bg/templates/design/img/logo.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.66.43.155 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 99a3fbeda3b74d3bd0a2ab6d0b49ea376959b31f0785dba6f03db6ce536c94bf

Request headers

Referer: https://m.helikon.bg/168827-%D0%9F%D1%8A%D1%82%D1%8F%D1%82.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 02 Sep 2024 08:41:38 GMT
cf-cache-status: HIT
cf-bgj: imgq:100,h2pri
last-modified: Wed, 03 Feb 2021 10:16:37 GMT
server: cloudflare
age: 6263658
cf-polished: origFmt=png, origSize=5156
etag: W/"601a7805-1424"
vary: Accept
content-type: image/webp
cache-control: public, max-age=31536000
content-disposition: inline; filename="logo.webp"
cf-ray: 8bcc33c04a3a6a6a-HAM
alt-svc: h3=":443"; ma=86400
expires: Fri, 16 May 2025 14:54:26 GMT

GET
H3 200 Favicon.jpg
m.helikon.bg/templates/design/img/new_favicon/ 3 KB
4 KB 64ms
64ms Other
image/jpeg 172.66.43.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://m.helikon.bg/templates/design/img/new_favicon/Favicon.jpg?1=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.66.43.155 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aaffceaf5f8008608f54df6f2f7722f522caed3e8659cae1db4a2415aa443c19

Request headers

Referer: https://m.helikon.bg/168827-%D0%9F%D1%8A%D1%82%D1%8F%D1%82.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 02 Sep 2024 08:41:38 GMT
cf-cache-status: HIT
cf-bgj: imgq:100,h2pri
last-modified: Thu, 29 Apr 2021 08:13:02 GMT
server: cloudflare
age: 6263658
cf-polished: origSize=36753
etag: W/"608a6a8e-8f91"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=31536000
cf-ray: 8bcc33c04a3e6a6a-HAM
alt-svc: h3=":443"; ma=86400
expires: Wed, 19 Mar 2025 14:12:25 GMT

GET
H2 200 tfa.js Show response
cdn.taboola.com/libtrc/unip/1374407/ 71 KB
22 KB 142ms
41ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/unip/1374407/tfa.js
Requested by: Host: m.helikon.bg
URL: https://m.helikon.bg/168827-%D0%9F%D1%8A%D1%82%D1%8F%D1%82.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5baaf7d27005df3d7c850124b4e6dcab9352dd3f4cec24d9487de52d60573839

Request headers

Referer: https://m.helikon.bg/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-amz-version-id: X80LxnE8DiUpaci5RevIhThc0LyeTSBR
content-encoding: gzip
via: 1.1 varnish
date: Mon, 02 Sep 2024 08:41:38 GMT
x-amz-request-id: 394XPQG0HPAVR7MT
age: 2
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 21954
x-amz-id-2: ZAY4qajmESskPfmDZmt/VpXFzfYsi5F54wLIxHUWFezLEv21LI+75X8WX281Uze3G8V/R0/ns28=
x-served-by: cache-fra-etou8220111-FRA
last-modified: Sun, 01 Sep 2024 11:13:59 GMT
server: AmazonS3
x-timer: S1725266499.744196,VS0,VE1
etag: "1979d24686198bc693e001a982020b5f"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 57
access-control-allow-origin: *
cache-control: private,max-age=14401
accept-ranges: bytes
x-cache-hits: 1

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 225 KB
58 KB 89ms
40ms Script
application/x-javascript 157.240.253.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: m.helikon.bg
URL: https://m.helikon.bg/168827-%D0%9F%D1%8A%D1%82%D1%8F%D1%82.html

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.253.1 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-fra5.fbcdn.net

Software

Resource Hash

3bb1199d12ae09deeda4466322b863de030594a83fb2166ca26d241b1a9020c1

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://m.helikon.bg/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 02 Sep 2024 08:41:38 GMT
document-policy: force-load-at-top
x-fb-server-load: 31
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 58936
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=38, rtx=0, c=23, mss=1232, tbw=4317, tp=9, tpl=0, uplat=1, ullat=-1
pragma: public
x-fb-debug: GjlgNM/gU5Wht0f9pd5utq7PzK9ZKXtbBXKSelW1AIzLW1RREIKGg/UMWsAdTWkIY12untfeEWU6rt31+UnswA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 142ms
41ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: m.helikon.bg
URL: https://m.helikon.bg/168827-%D0%9F%D1%8A%D1%82%D1%8F%D1%82.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.helikon.bg/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 02 Sep 2024 08:40:40 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 58
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Mon, 02 Sep 2024 10:40:40 GMT

GET
H2 200 syncframe
gum.criteo.com/ Frame 9C68 0
0 141ms
47ms Document
text/html 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?topUrl=m.helikon.bg&origin=onetag

Requested by

Host: m.helikon.bg
URL: https://m.helikon.bg/168827-%D0%9F%D1%8A%D1%82%D1%8F%D1%82.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://m.helikon.bg/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 02 Sep 2024 08:41:38 GMT
server: Kestrel
server-processing-duration-in-ticks: 344387
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
x-robots-tag: noindex

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/987939168/ 43 B
61 B 140ms
51ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/987939168/?random=1725266498646&cv=9&fst=1725266498646&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=375603261%2C466465926%2C512247838&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=5&u_nmime=2&sendb=1&ig=1&data=dynx_itemid%3D168827%3Bdynx_pagetype%3Dofferdetail&frm=0&url=https%3A%2F%2Fm.helikon.bg%2F168827-%25D0%259F%25D1%258A%25D1%2582%25D1%258F%25D1%2582.html&tiba=%E3%80%8A%D0%9F%D1%8A%D1%82%D1%8F%D1%82%E3%80%8B%7C%20%D0%9A%D0%BE%D1%80%D0%BC%D0%B0%D0%BA%20%D0%9C%D0%B0%D0%BA%D0%BA%D0%B0%D1%80%D1%82%D0%B8%20%7C%20%D0%9A%D0%BD%D0%B8%D0%B3%D0%B8%20%D0%BE%D1%82%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%20%D0%BA%D0%BD%D0%B8&hn=www.googleadservices.com&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

77d5fe96defd6c8c1e3b0466b4827cf83dc7e5c727a10177e115d25132fa86f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://m.helikon.bg/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 Sep 2024 08:41:38 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 203 KB
71 KB 107ms
104ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MKMRJJ7W

Requested by

Host: m.helikon.bg
URL: https://m.helikon.bg/168827-%D0%9F%D1%8A%D1%82%D1%8F%D1%82.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

19b7fab0d311cc65409e935b367cf9a823a80f3812ae217ed192459cde82368d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://m.helikon.bg/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 02 Sep 2024 08:41:38 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 72332
x-xss-protection: 0
last-modified: Mon, 02 Sep 2024 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 02 Sep 2024 08:41:38 GMT

GET
H2

200

trackpoint-async.js Show response
s2.adform.net/banners/scripts/st/
Redirect Chain

https://track.adform.net/serving/scripts/trackpoint/async/
https://s2.adform.net/banners/scripts/st/trackpoint-async.js

80 KB
31 KB

220ms
85ms

Script
application/javascript

37.157.2.250
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s2.adform.net/banners/scripts/st/trackpoint-async.js
Protocol: H2
Server: 37.157.2.250 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 8ddc6cbdb63a791bfc33f40d4b0a250a18e85e0ae93f72389ebda9242bef010d

Request headers

Referer: https://m.helikon.bg/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 02 Sep 2024 08:41:39 GMT
content-encoding: gzip
last-modified: Fri, 08 Mar 2024 07:02:31 GMT
server: nginx
x-amz-request-id: tx00000f5c0946b15a17624-0066c347d3-32993cbc-default
etag: W/"1c188eabf1f0749a0cffb2c108473370"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-rgw-object-type: Normal
cache-control: public, max-age=604800

Redirect headers

location: https://s2.adform.net/banners/scripts/st/trackpoint-async.js
date: Mon, 02 Sep 2024 08:41:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
content-type: text/html

POST
H3 204 rum Show response
m.helikon.bg/cdn-cgi/ 0
139 B 54ms
53ms XHR
text/plain 172.66.43.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://m.helikon.bg/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.43.155 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://m.helikon.bg/168827-%D0%9F%D1%8A%D1%82%D1%8F%D1%82.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
content-type: application/json

Response headers

date: Mon, 02 Sep 2024 08:41:38 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://m.helikon.bg
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 8bcc33c0cb086a6a-HAM

POST
H3 200 8bcc33b8dee16a6a Show response
m.helikon.bg/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame A7C0 0
643 B 73ms
66ms XHR
text/plain 172.66.43.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://m.helikon.bg/cdn-cgi/challenge-platform/h/g/jsd/r/8bcc33b8dee16a6a
Requested by: Host: m.helikon.bg
URL: https://m.helikon.bg/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.66.43.155 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 02 Sep 2024 08:41:38 GMT
server: cloudflare
cf-ray: 8bcc33c20ce56a6a-HAM
alt-svc: h3=":443"; ma=86400
content-length: 0
content-type: text/plain; charset=UTF-8

POST
H3 200 8bcc33b8dee16a6a Show response
m.helikon.bg/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame A7C0 0
641 B 72ms
65ms XHR
text/plain 172.66.43.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://m.helikon.bg/cdn-cgi/challenge-platform/h/g/jsd/r/8bcc33b8dee16a6a
Requested by: Host: m.helikon.bg
URL: https://m.helikon.bg/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.66.43.155 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 02 Sep 2024 08:41:39 GMT
server: cloudflare
cf-ray: 8bcc33c30e776a6a-HAM
alt-svc: h3=":443"; ma=86400
content-length: 0
content-type: text/plain; charset=UTF-8

GET
H2 200 event Show response
sslwidget.criteo.com/ 10 KB
5 KB 135ms
47ms Script
application/x-javascript 178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://sslwidget.criteo.com/event?a=49204&v=5.26.1&otl=1&p0=e%3Dce%26m%3D%255B%255D%26h%3D&p1=e%3Dexd%26site_type%3Dd&p2=e%3Dvp%26p%3D%255B168827%255D&p3=e%3Ddis&adce=1&bundle=Yqe4-V85NkZuJTJGOTJCNm1iU3h0Y1hVRHpjQzZJdGUwVmZUN1g1dCUyRmdmUkg0clRTTFN0cCUyQkVTcXdQbyUyRmVqS0F1OVJrN2NHa1d1OTJKaklzWUg3UGp6a2VqUDV0Um56NEdQR3U3Z2UlMkJDblVqaG9jODRlUmdSakQzRGhsMkh4N3FVRmE3TUViZGI2RyUyQkhOSXhmZzE1VEFLVkZHZ3clM0QlM0Q&tld=helikon.bg&dy=1&fu=https%253A%252F%252Fm.helikon.bg%252F168827-%2525D0%25259F%2525D1%25258A%2525D1%252582%2525D1%25258F%2525D1%252582.html&ceid=a9c79246-e599-49e7-b194-fc07dfa93e0d

Requested by

Host: m.helikon.bg
URL: https://m.helikon.bg/168827-%D0%9F%D1%8A%D1%82%D1%8F%D1%82.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

9149c86912b4854ad9c66dab910d1897e9d843a72ce24d60df78e20857aa39dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://m.helikon.bg/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 Sep 2024 08:41:38 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Kestrel
content-type: application/x-javascript
access-control-allow-origin: *
p3p: NON DSP COR CURa PSA PSD OUR BUS NAV STA
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 7654212
timing-allow-origin: *
expires: 0

POST
H2 204 collect
region1.analytics.google.com/g/ 0
0 147ms
47ms Fetch
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-T08R4QPG4D&gtm=45je48s0v9122958096za200&_p=1725266498552&_gaz=1&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=0&cid=1374208031.1725266499&ul=de-de&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=EA&_s=1&sid=1725266499&sct=1&seg=0&dl=https%3A%2F%2Fm.helikon.bg%2F168827-%D0%9F%D1%8A%D1%82%D1%8F%D1%82.html&dt=%E3%80%8A%D0%9F%D1%8A%D1%82%D1%8F%D1%82%E3%80%8B%7C%20%D0%9A%D0%BE%D1%80%D0%BC%D0%B0%D0%BA%20%D0%9C%D0%B0%D0%BA%D0%BA%D0%B0%D1%80%D1%82%D0%B8%20%7C%20%D0%9A%D0%BD%D0%B8%D0%B3%D0%B8%20%D0%BE%D1%82%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%20%D0%BA%D0%BD%D0%B8%D0%B6%D0%B0%D1%80%D0%BD%D0%B8%D1%86%D0%B0%20%D0%A5%D0%B5%D0%BB%D0%B8%D0%BA%D0%BE%D0%BD%20%7C%20%D0%9A%D0%BD%D0%B8%D0%B6%D0%B0%D1%80%D0%BD%D0%B8%D1%86%D0%B8%20%D0%A5%D0%B5%D0%BB%D0%B8%D0%BA%D0%BE%D0%BD&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1839
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-T08R4QPG4D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

Referer: https://m.helikon.bg/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 Sep 2024 08:41:39 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://m.helikon.bg
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
252 B 149ms
49ms Ping
text/plain 2a00:1450:400c:c00::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-T08R4QPG4D&cid=1374208031.1725266499&gtm=45je48s0v9122958096za200&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-T08R4QPG4D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://m.helikon.bg/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 Sep 2024 08:41:39 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://m.helikon.bg
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 125ms
75ms Image
image/gif 142.250.186.131
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-T08R4QPG4D&cid=1374208031.1725266499&gtm=45je48s0v9122958096za200&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=0&tag_exp=0&z=267441036

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://m.helikon.bg/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 Sep 2024 08:41:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 539134586525496 Show response
connect.facebook.net/signals/config/ 64 KB
13 KB 54ms
53ms Script
application/x-javascript 157.240.253.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/539134586525496?v=2.9.166&r=stable&domain=m.helikon.bg&hme=da9a399065fb1c492026018b9e54864148adfb49d800f41752428fb7b59190f8&ex_m=69%2C118%2C104%2C108%2C60%2C4%2C97%2C68%2C16%2C94%2C86%2C50%2C53%2C168%2C171%2C183%2C179%2C180%2C182%2C29%2C98%2C52%2C75%2C181%2C163%2C166%2C176%2C177%2C184%2C127%2C40%2C34%2C139%2C15%2C49%2C190%2C189%2C129%2C18%2C39%2C1%2C42%2C64%2C65%2C66%2C70%2C90%2C17%2C14%2C93%2C89%2C88%2C105%2C51%2C107%2C38%2C106%2C30%2C91%2C26%2C164%2C167%2C136%2C28%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C56%2C61%2C63%2C73%2C99%2C27%2C74%2C9%2C8%2C78%2C47%2C21%2C101%2C100%2C102%2C95%2C10%2C20%2C3%2C19%2C83%2C55%2C81%2C33%2C72%2C0%2C92%2C32%2C80%2C85%2C46%2C45%2C84%2C37%2C5%2C87%2C79%2C43%2C35%2C82%2C2%2C36%2C62%2C41%2C103%2C44%2C77%2C67%2C109%2C59%2C58%2C31%2C96%2C57%2C54%2C48%2C76%2C71%2C24%2C110

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.253.1 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-fra5.fbcdn.net

Software

Resource Hash

761045df8464ce7553fd4e57ecc0de9dfe4a9c4d215f51ce796b897ae8cf91e6

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://m.helikon.bg/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 02 Sep 2024 08:41:39 GMT
document-policy: force-load-at-top
x-fb-server-load: 22
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 12971
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=41, rtx=0, c=74, mss=1232, tbw=66925, tp=62, tpl=0, uplat=1, ullat=-1
pragma: public
x-fb-debug: heI67rnS68dKmUHQqb/K+9Yv4NumdfTHamYdKdmMwY8JgYJvQW9RjTLEKenpCLWeqsCuvNnbLca7R/A8cqUbbg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 topics_api Show response
psb.taboola.com/ 65 B
284 B 139ms
40ms Fetch
text/html 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://psb.taboola.com/topics_api
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1374407/tfa.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: e7112b70eed95d42b178135728e6153e34f07001827870748de87cd7dec3538e

Request headers

Referer: https://m.helikon.bg/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-cache-hits: 0
date: Mon, 02 Sep 2024 08:41:39 GMT
via: 1.1 varnish
server: Varnish
observe-browsing-topics: ?1
x-timer: S1725266499.302285,VS0,VE0
x-cache: HIT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=2592000
accept-ranges: bytes
content-length: 65
retry-after: 0
x-served-by: cache-fra-etou8220116-FRA

GET
H2 200 json Show response
trc.taboola.com/1374407/trc/3/ 2 KB
1 KB 66ms
58ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/1374407/trc/3/json?tim=1725266499186&data=%7B%22id%22%3A387%2C%22ii%22%3A%22%2F168827-%25d0%259f%25d1%258a%25d1%2582%25d1%258f%25d1%2582.html%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1725266499180%2C%22cv%22%3A%2220240830-4-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fm.helikon.bg%2F168827-%25D0%259F%25D1%258A%25D1%2582%25D1%258F%25D1%2582.html%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dtdg-advertisebgeood2384tmarketbg%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1725266499185%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Fm.helikon.bg%2F168827-%25D0%259F%25D1%258A%25D1%2582%25D1%258F%25D1%2582.html%22%2C%22tos%22%3A1%2C%22ssd%22%3A1%2C%22scd%22%3A0%2C%22it%22%3A%22JS_PIXEL%22%2C%22supv%22%3Atrue%7D%2C%22pa%22%3A%7B%22su%22%3Atrue%7D%2C%22psb%22%3Atrue%7D&pubit=i
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1374407/tfa.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: b5e9c74c50de6316b1a0269fa75d886b5c23361d21ce02644408c28efc5f87b4

Request headers

Referer: https://m.helikon.bg/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-vcl-time-ms: 19
date: Mon, 02 Sep 2024 08:41:39 GMT
content-encoding: gzip
via: 1.1 varnish
cpu: 0.15625
x-fastly-to-nlb-rtt: 7435
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version: v1
x-served-by: cache-fra-etou8220111-FRA
x-log-content-encoding: gzip
server: nginx
x-timer: S1725266499.216343,VS0,VE19
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 ec.js Show response
www.google-analytics.com/plugins/ua/ 3 KB
1 KB 45ms
43ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/ec.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://m.helikon.bg/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 02 Sep 2024 08:35:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 396
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1129
x-xss-protection: 0
last-modified: Tue, 27 Jun 2023 17:28:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Mon, 02 Sep 2024 09:35:03 GMT

GET
H2

200

cookie-consent.min.js Show response
unpkg.com/68publishers-cookie-consent@1.0.0/dist/
Redirect Chain

https://unpkg.com/68publishers-cookie-consent/dist/cookie-consent.min.js
https://unpkg.com/68publishers-cookie-consent@1.0.0/dist/cookie-consent.min.js

118 KB
34 KB

53ms
51ms

Script
application/javascript

2606:4700::6811:f9cb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/68publishers-cookie-consent@1.0.0/dist/cookie-consent.min.js

Protocol

Server

2606:4700::6811:f9cb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

deb47c2d523bb811cba3a88322d19e8370eec11ac63aba74c0f9700b5ba74710

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.helikon.bg/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 02 Sep 2024 08:41:39 GMT
content-encoding: br
via: 1.1 fly.io
cf-cache-status: HIT
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 6335846
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01J0W40FS2R3BRBY15W6TY8FSN-fra
server: cloudflare
etag: "1d768-8OP85pRzCMt77RjZoAqbIR3YMuk"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 8bcc33c57bcc1999-FRA

Redirect headers

date: Mon, 02 Sep 2024 08:41:39 GMT
content-encoding: br
via: 1.1 fly.io
cf-cache-status: HIT
fly-request-id: 01J6RY2MHXVG8EGX3XR18G8VN2-fra
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 280
server: cloudflare
vary: Accept, Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
location: /68publishers-cookie-consent@1.0.0/dist/cookie-consent.min.js
cache-control: public, s-maxage=600, max-age=60
cf-ray: 8bcc33c4fb631999-FRA

GET
H2 200 interest-group
fledge.eu.criteo.com/ Frame 0112 0
0 135ms
46ms Document
text/html 2a02:2638:3::15
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://fledge.eu.criteo.com/interest-group?data=VVL7TnxXVHN0YldxNjhwMG9qS1lWVnBCSjM2a0hYL0FGSnpGeWZQRW5TVHBlcUhJZHZ5WlpnWlpGTGIvOCtSb1Vlc2ZMYXZnTTZ3aElNWGlDTFBuMEVuRXBDc2xWc2E1TGhFdWhHcGJnUFZBT1pTYkt1QmlNRy9xaG94QmZaNkFLelpmc3RGc3ZlUTVHa2xrVUM3L0tFNERxd2ZIL0hzVjl0S0wwdHNvNFJvcWFOVDg9fA

Requested by

Host: m.helikon.bg
URL: https://m.helikon.bg/168827-%D0%9F%D1%8A%D1%82%D1%8F%D1%82.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::15 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://m.helikon.bg/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-encoding: br
content-type: text/html
date: Mon, 02 Sep 2024 08:41:39 GMT
server: Kestrel
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
x-allow-fledge: true

GET
H2 200 register-trigger
measurement-api.criteo.com/ 0
0 134ms
42ms Fetch 2a02:2638:3::19
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://measurement-api.criteo.com/register-trigger?partner_id=49204&uid=e89f0c53-b9b2-4e73-bdf1-01280b910362&event_name=ItemPageView&islcc=0&amount_local=15.95&amount_euro=8.15523&hashed_ext_id=-7084701079244287708&client_side_event_id=a9c79246-e599-49e7-b194-fc07dfa93e0d

Requested by

Host: m.helikon.bg
URL: https://m.helikon.bg/168827-%D0%9F%D1%8A%D1%82%D1%8F%D1%82.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::19 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://m.helikon.bg/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 02 Sep 2024 08:41:38 GMT
attribution-reporting-register-trigger: {"event_trigger_data":[{"trigger_data":"0","priority":"0"}],"debug_key":"16429624823192920404","debug_reporting":true,"aggregatable_values":{},"aggregatable_source_registration_time":"include"}
strict-transport-security: max-age=31536000; preload;
server: Kestrel
vary: Origin
access-control-allow-origin: https://m.helikon.bg
access-control-allow-credentials: true
content-length: 0

GET
H2 200 pixel
cm.g.doubleclick.net/ Frame 9CD6 170 B
409 B 153ms
50ms Image
image/png 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-EhZMsf2DrYsGwR_HBJUcXb_jDMFP8YY296aVHg&google_cm&google_hm=ay1FaFpNc2YyRHJZc0d3Ul9IQkpVY1hiX2pETUZQOFlZMjk2YVZIZw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 Sep 2024 08:41:39 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sync
x.bidswitch.net/ Frame 9CD6 43 B
183 B 185ms
46ms Image
image/gif 35.214.136.108
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?dsp_id=46&user_id=k-QEW8kv2DrYsGwR_HBJUcXb_jDMFMqVaNk-3ihA&expires=30
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.214.136.108 Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS: 108.136.214.35.bc.googleusercontent.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 02 Sep 2024 08:41:39 GMT
cache-control: no-cache, no-store, must-revalidate
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
content-type: image/gif

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/appnexus/ Frame 9CD6
Redirect Chain

https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=5331507210521727264

43 B
370 B

48ms
42ms

Image
image/gif

178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=5331507210521727264

Protocol

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 Sep 2024 08:41:39 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1512770
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 02 Sep 2024 08:41:39 GMT
an-x-request-uuid: c81761d6-a246-413c-9a4f-6243cf8d8f85
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=5331507210521727264
x-proxy-origin: 80.255.7.122; 80.255.7.122; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 /
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame 9CD6 0
99 B 161ms
42ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-Zwfp8v2DrYsGwR_HBJUcXb_jDMH0oaumbN-1Iw
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 02 Sep 2024 08:41:39 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 40053

GET
H2 200 sync
visitor.omnitagjs.com/visitor/ Frame 9CD6 49 B
342 B 209ms
76ms Image
image/gif 185.255.84.152
IGUANE-

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://visitor.omnitagjs.com/visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=CRITEO&visitor=k-4ltrg_2DrYsGwR_HBJUcXb_jDMHKUv8QA_2KnQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.255.84.152 , France, ASN200271 (IGUANE-, FR),

Reverse DNS

Software

ayl-lb-fra02 /

Resource Hash

d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 Sep 2024 08:41:39 GMT
x-content-type-options: nosniff
server: ayl-lb-fra02
vary: Accept-Encoding
p3p: CP="CAO PSA OUR"
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 13
content-length: 49
expires: 0

GET
H2

200

rum
r.casalemedia.com/ Frame 9CD6
Redirect Chain

https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-u8IGtv2DrYsGwR_HBJUcXb_jDMEoUJpoM_BhfQ
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-u8IGtv2DrYsGwR_HBJUcXb_jDMEoUJpoM_BhfQ&C=1

43 B
326 B

98ms
95ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-u8IGtv2DrYsGwR_HBJUcXb_jDMEoUJpoM_BhfQ&C=1
Protocol: H2
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 Sep 2024 08:41:39 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TZwB2yoKPyjf0IYZ5LRXFuuSlFQjDAjlPHNbBMOKlVJ88Yriw0H5GuCRQ9T%2B1R74%2BBtqPU7ujJDA2eQAZl8TpjnjxowlqDDFsik%2FOYoKUAYO55sjYJ2ztFLoM7OmwQwqNzV9"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 8bcc33c64de158d8-TXL
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 02 Sep 2024 08:41:39 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tbGDJdh596bV1LN%2F5Cl45Qmc8%2BX1lU30gTZme3olF%2BrtPXOQ6lG%2FbmckkCtRjSx8c34uBhS5TFS%2FzY90uqDqVOj71OCngsDFN9Mv2UuRLggGoyvbBHpZf5OLuEva9pCl6YUp"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: /rum?cm_dsp_id=20&external_user_id=k-u8IGtv2DrYsGwR_HBJUcXb_jDMEoUJpoM_BhfQ&C=1
cache-control: no-cache
cf-ray: 8bcc33c57c8058d8-TXL
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H2

200

demconf.jpg
dpm.demdex.net/ Frame 9CD6
Redirect Chain

https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=9gji9hVTkAQxhIxmx8swHetRzDl47Nze
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=9gji9hVTkAQxhIxmx8swHetRzDl47Nze

42 B
716 B

135ms
134ms

Image
image/gif

54.78.78.173
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=9gji9hVTkAQxhIxmx8swHetRzDl47Nze

Protocol

Server

54.78.78.173 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-78-78-173.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

dcs: dcs-prod-irl1-2-v065-0b3327ba6.edge-irl1.demdex.com 22 ms
pragma: no-cache
date: Mon, 02 Sep 2024 08:41:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
x-tid: R8C71jYzRxk=
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 59
expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

dcs: dcs-prod-irl1-2-v065-0b320fe1c.edge-irl1.demdex.com 0 ms
pragma: no-cache
date: Mon, 02 Sep 2024 08:41:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-tid: XlpoGb7cT3I=
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=9gji9hVTkAQxhIxmx8swHetRzDl47Nze
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 9.gif
id5-sync.com/s/966/ Frame 9CD6 43 B
1 KB 138ms
39ms Image
image/gif 162.19.138.83
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/s/966/9.gif?puid=k-uWuIFP2DrYsGwR_HBJUcXb_jDMEbjks3QCxuKA

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.83 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31532338.ip-162-19-138.eu

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

p3p: CP="CAO PSA OUR"
date: Mon, 02 Sep 2024 08:41:39 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: image/gif;charset=UTF-8

GET
H2 200 match
ad.360yield.com/ Frame 9CD6 43 B
199 B 213ms
56ms Image
image/gif 52.18.211.45
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-A_UfE_2DrYsGwR_HBJUcXb_jDMGxwLFyTLbEiQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.18.211.45 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-18-211-45.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 02 Sep 2024 08:41:39 GMT
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
content-length: 43
content-type: image/gif

GET
H2 200 sync
matching.ivitrack.com/ Frame 9CD6 42 B
265 B 159ms
68ms Image
image/gif 34.117.157.22
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://matching.ivitrack.com/sync?realm=criteo&uid=k-g0Dbhf2DrYsGwR_HBJUcXb_jDMHHCYUm9B9VQA
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.157.22 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 22.157.117.34.bc.googleusercontent.com
Software: istio-envoy /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 02 Sep 2024 08:41:39 GMT
x-envoy-decorator-operation: tag-manager.programmatic.svc.cluster.local:3000/*
via: 1.1 google
server: istio-envoy
content-type: image/gif
cache-control: public, max-age=86400
x-envoy-upstream-service-time: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

GET
H2 200 cksync.php
contextual.media.net/ Frame 9CD6 61 B
818 B 348ms
142ms Image
image/gif 23.35.228.23
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-c7I8rf2DrYsGwR_HBJUcXb_jDMHzbf163TI6Kw

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.35.228.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-35-228-23.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

14c847e283cde4999e0d4ba2b30bc61e64217110eb8f08f24751d0fdeb3ba8e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Mon, 02 Sep 2024 08:41:39 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
alt-svc: h3=":443"; ma=93600
content-length: 61
x-mnet-hl2: E
expires: Mon, 02 Sep 2024 08:41:39 GMT

GET
H2 200 push
exchange.mediavine.com/usersync/ Frame 9CD6 0
885 B 164ms
53ms Image
text/html 18.196.67.11
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://exchange.mediavine.com/usersync/push?partner=criteo&partnerId=k-QugHW_2DrYsGwR_HBJUcXb_jDMF8jWg1fZ9keg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.196.67.11 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-196-67-11.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 02 Sep 2024 08:41:39 GMT
cache-control: private, no-cache
access-control-allow-credentials: true
content-encoding: gzip
vary: Origin, Accept-Encoding
content-type: text/html; charset=utf-8

GET
H2 200 1017
jadserve.postrelease.com/suid/ Frame 9CD6 43 B
422 B 651ms
208ms Image
image/gif 44.240.108.226
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/suid/1017?vk=k-I7Y4P_2DrYsGwR_HBJUcXb_jDMHMoAZMb5rEwA
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.240.108.226 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-240-108-226.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 Sep 2024 08:41:40 GMT
server: nginx
content-type: image/gif
access-control-allow-origin: *
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H/1.1 200
OK cookie-sync
sync.outbrain.com/ Frame 9CD6 0
218 B 390ms
117ms Image
text/plain 64.202.112.95
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.outbrain.com/cookie-sync?p=criteo&uid=k-Uln4AP2DrYsGwR_HBJUcXb_jDMHhyU-OD-eoFQ&initiator=partner

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

64.202.112.95 , United States, ASN23352 (SERVERCENTRAL, US),

Reverse DNS

ny.outbrain.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 02 Sep 2024 08:41:39 GMT
cache-control: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-traceid: 6f784d9dca0bce7db2cef4fade39b9bc
content-length: 0

GET
H2 200 Pug
simage2.pubmatic.com/AdServer/ Frame 9CD6 0
225 B 160ms
41ms Image
text/html 198.47.127.205
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-eQNZcP2DrYsGwR_HBJUcXb_jDMGrFyjJFArtrQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date: Mon, 02 Sep 2024 08:41:38 GMT
cache-control: no-store, no-cache, private
content-encoding: gzip
server: nginx
content-type: text/html; charset=utf-8

GET
H/1.1 204
No Content tap.php
pixel.rubiconproject.com/ Frame 9CD6 0
239 B 188ms
44ms Image
image/gif 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-GyO2aP2DrYsGwR_HBJUcXb_jDMGnr065gzZtaA&expires=30
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma: no-cache
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 54ae5f20a7acdd83fd00ddb00e96a2c1
Expires: 0

GET v1
match.sharethrough.com/sync/ Frame 9CD6 0
0

GET
H2 200 um
criteo-sync.teads.tv/ Frame 9CD6 23 B
163 B 217ms
79ms Image
image/gif 23.32.185.35
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://criteo-sync.teads.tv/um?eid=80&uid=k-ByUaKv2DrYsGwR_HBJUcXb_jDMGaaB3RD0BXdQ
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.185.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-185-35.deploy.static.akamaitechnologies.com
Software: pekko-http/1.0.1 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Mon, 02 Sep 2024 08:41:39 GMT
cache-control: max-age=0, no-cache, no-store
server: pekko-http/1.0.1
content-length: 23
expires: Mon, 02 Sep 2024 08:41:39 GMT

GET
H2 200 sync
criteo-partners.tremorhub.com/ Frame 9CD6 43 B
398 B 364ms
121ms Image
image/gif 2600:1f18:612b:4200:469d:9873:c4dd:d159
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://criteo-partners.tremorhub.com/sync?UICR=k-9eaHZ_2DrYsGwR_HBJUcXb_jDMH1Un93hGGdQg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4200:469d:9873:c4dd:d159 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-type: image/gif
date: Mon, 02 Sep 2024 08:41:39 GMT
server: nginx
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'

GET
H2 200 xuid
eb2.3lift.com/ Frame 9CD6 37 B
140 B 131ms
40ms Image
image/gif 76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=2711&xuid=k-GTYEJv2DrYsGwR_HBJUcXb_jDMHctwlsClfbGw&dongle=013b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 02 Sep 2024 08:41:39 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H/1.1 204
No Content m
ad.yieldlab.net/ Frame 9CD6 0
235 B 144ms
50ms Image
text/plain 69.192.161.76
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.yieldlab.net/m?dt_id=8664&ext_id=k-RZMGZv2DrYsGwR_HBJUcXb_jDMF-8klQgdU73w
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 69.192.161.76 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a69-192-161-76.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 02 Sep 2024 08:41:39 GMT
Cache-Control: no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection: keep-alive
Expires: Sun, 01 Sep 2024 08:41:39 GMT

GET
H2 200 sync
sync-criteo.ads.yieldmo.com/ Frame 9CD6 0
38 B 210ms
53ms Image
text/plain 54.194.169.106
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-criteo.ads.yieldmo.com/sync?id=k-CCap1_2DrYsGwR_HBJUcXb_jDMFs_TtKDjfwqw&pn_id=criteo&ext=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.194.169.106 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-194-169-106.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 02 Sep 2024 08:41:39 GMT
content-length: 0

GET
H2 204 put
e1.emxdgt.com/ Frame 9CD6 0
44 B 125ms
39ms Image
text/plain 3.72.244.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e1.emxdgt.com/put?d=d53&uid=k-SIetQP2DrYsGwR_HBJUcXb_jDMGjuN050QafEw
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.72.244.131 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-72-244-131.eu-central-1.compute.amazonaws.com
Software: awselb/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 02 Sep 2024 08:41:39 GMT
server: awselb/2.0

GET
H2

200

RX-71077c9f-f9f8-4dfb-b02b-562b8a074e7e-003
sync.targeting.unrulymedia.com/csync/ Frame 9CD6
Redirect Chain

https://sync.1rx.io/usersync/criteodsp/k-r1jL2f2DrYsGwR_HBJUcXb_jDMFJf5wSmhS3vA
https://sync.1rx.io/usersync/criteodsp/k-r1jL2f2DrYsGwR_HBJUcXb_jDMFJf5wSmhS3vA?zcc=1&cb=1725266499915
https://sync.targeting.unrulymedia.com/csync/RX-71077c9f-f9f8-4dfb-b02b-562b8a074e7e-003

43 B
378 B

158ms
49ms

Image
image/gif

46.228.174.117
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.targeting.unrulymedia.com/csync/RX-71077c9f-f9f8-4dfb-b02b-562b8a074e7e-003
Protocol: H2
Server: 46.228.174.117 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 02 Sep 2024 08:41:40 GMT
content-length: 43
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"

Redirect headers

content-type: text/html
pragma: no-cache
date: Mon, 02 Sep 2024 08:41:39 GMT
cache-control: no-store, no-cache, must-revalidate
location: https://sync.targeting.unrulymedia.com/csync/RX-71077c9f-f9f8-4dfb-b02b-562b8a074e7e-003
expires: 0

POST
H3 200 collect Show response
www.google-analytics.com/j/ 15 B
35 B 46ms
46ms XHR
text/plain 216.239.36.178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1335317369&t=pageview&_s=1&dl=https%3A%2F%2Fm.helikon.bg%2F168827-%25D0%259F%25D1%258A%25D1%2582%25D1%258F%25D1%2582.html&ul=de-de&de=UTF-8&dt=%E3%80%8A%D0%9F%D1%8A%D1%82%D1%8F%D1%82%E3%80%8B%7C%20%D0%9A%D0%BE%D1%80%D0%BC%D0%B0%D0%BA%20%D0%9C%D0%B0%D0%BA%D0%BA%D0%B0%D1%80%D1%82%D0%B8%20%7C%20%D0%9A%D0%BD%D0%B8%D0%B3%D0%B8%20%D0%BE%D1%82%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%20%D0%BA%D0%BD%D0%B8%D0%B6%D0%B0%D1%80%D0%BD%D0%B8%D1%86%D0%B0%20%D0%A5%D0%B5%D0%BB%D0%B8%D0%BA%D0%BE%D0%BD%20%7C%20%D0%9A%D0%BD%D0%B8%D0%B6%D0%B0%D1%80%D0%BD%D0%B8%D1%86%D0%B8%20%D0%A5%D0%B5%D0%BB%D0%B8%D0%BA%D0%BE%D0%BD&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aCDAAEIJAAAAACAMI~&jid=1025665698&gjid=777055154&cid=1374208031.1725266499&tid=UA-100067235-1&_gid=1114544033.1725266499&_r=1&_slc=1&pa=detail&pr1id=168827&pr1nm=%D0%9F%D1%8A%D1%82%D1%8F%D1%82&pr1ca=%D0%A0%D0%BE%D0%BC%D0%B0%D0%BD%D0%B8%20%D0%B8%20%D0%BF%D0%BE%D0%B2%D0%B5%D1%81%D1%82%D0%B8.%20%D0%A1%D0%B2%D0%B5%D1%82%D0%BE%D0%B2%D0%BD%D0%B8&pr1br=%D0%9F%D0%B5%D1%80%D0%B3%D0%B0%D0%BC%D0%B5%D0%BD%D1%82%20%D0%9F%D1%80%D0%B5%D1%81&pr1va=%D0%BC%D0%B5%D0%BA%D0%B8&z=126552267

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.239.36.178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

959c1cf574d3ec8a27635845bc4661a7b1efd47a6b42f5fae9b85fea89face0d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.helikon.bg/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 02 Sep 2024 08:41:39 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://m.helikon.bg
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 192319652557189 Show response
connect.facebook.net/signals/config/ 23 KB
3 KB 41ms
40ms Script
application/x-javascript 157.240.253.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/192319652557189?v=2.9.166&r=stable&domain=m.helikon.bg&hme=da9a399065fb1c492026018b9e54864148adfb49d800f41752428fb7b59190f8&ex_m=69%2C118%2C104%2C108%2C60%2C4%2C97%2C68%2C16%2C94%2C86%2C50%2C53%2C168%2C171%2C183%2C179%2C180%2C182%2C29%2C98%2C52%2C75%2C181%2C163%2C166%2C176%2C177%2C184%2C127%2C40%2C34%2C139%2C15%2C49%2C190%2C189%2C129%2C18%2C39%2C1%2C42%2C64%2C65%2C66%2C70%2C90%2C17%2C14%2C93%2C89%2C88%2C105%2C51%2C107%2C38%2C106%2C30%2C91%2C26%2C164%2C167%2C136%2C28%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C56%2C61%2C63%2C73%2C99%2C27%2C74%2C9%2C8%2C78%2C47%2C21%2C101%2C100%2C102%2C95%2C10%2C20%2C3%2C19%2C83%2C55%2C81%2C33%2C72%2C0%2C92%2C32%2C80%2C85%2C46%2C45%2C84%2C37%2C5%2C87%2C79%2C43%2C35%2C82%2C2%2C36%2C62%2C41%2C103%2C44%2C77%2C67%2C109%2C59%2C58%2C31%2C96%2C57%2C54%2C48%2C76%2C71%2C24%2C110%2C196%2C195%2C197%2C202%2C203%2C204%2C200%2C192%2C128%2C159%2C191%2C193%2C119%2C153%2C141%2C147%2C185%2C186%2C125%2C228%2C113%2C124%2C229%2C161%2C116%2C231%2C162%2C132%2C120%2C150%2C144

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.253.1 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-fra5.fbcdn.net

Software

Resource Hash

1af6cadbee614e62c9f1811e4ebe57d9b519ac6deb5b1eb6afd6928acba09afe

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://m.helikon.bg/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 02 Sep 2024 08:41:39 GMT
document-policy: force-load-at-top
x-fb-server-load: 29
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 2895
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=46, rtx=0, c=85, mss=1232, tbw=80525, tp=76, tpl=0, uplat=1, ullat=-1
pragma: public
x-fb-debug: d+AE/WhX1BTQUFr7zsOjkQYaGUxfXqyAknKjhtoDwq/JKDqTBFARgGD3mJIprhfvYH//77In60fmVwxZBDAnog==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

200

/ Show response
track.adform.net/Serving/TrackPoint/
Redirect Chain

https://track.adform.net/Serving/TrackPoint/?pm=2104384&ADFPageName=Product%20page&ADFdivider=%7C&ord=193878972264&ADFtpmode=2&ecpr=W3sicGlkIjoiMTY4ODI3Iiwic3RlcCI6MX1d&loc=https%3A%2F%2Fm.helikon....
https://track.adform.net/Serving/TrackPoint/?CC=1&pm=2104384&ADFPageName=Product%20page&ADFdivider=%7C&ord=193878972264&ADFtpmode=2&ecpr=W3sicGlkIjoiMTY4ODI3Iiwic3RlcCI6MX1d&loc=https%3A%2F%2Fm.hel...

112 B
716 B

43ms
41ms

Script
text/javascript

37.157.5.84
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/Serving/TrackPoint/?CC=1&pm=2104384&ADFPageName=Product%20page&ADFdivider=%7C&ord=193878972264&ADFtpmode=2&ecpr=W3sicGlkIjoiMTY4ODI3Iiwic3RlcCI6MX1d&loc=https%3A%2F%2Fm.helikon.bg%2F168827-%25D0%259F%25D1%258A%25D1%2582%25D1%258F%25D1%2582.html&Set1=de-DE%7Cde-DE%7C1600x1200%7C24

Protocol

Server

37.157.5.84 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

53f6c9463c13a3e049444fb835529fc98e73a5eff6bdcfc60ade0520662798d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://m.helikon.bg/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 Sep 2024 08:41:39 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 186
expires: -1

Redirect headers

pragma: no-cache
date: Mon, 02 Sep 2024 08:41:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
content-type: text/html; charset=utf-8
location: https://track.adform.net/Serving/TrackPoint/?CC=1&pm=2104384&ADFPageName=Product%20page&ADFdivider=%7C&ord=193878972264&ADFtpmode=2&ecpr=W3sicGlkIjoiMTY4ODI3Iiwic3RlcCI6MX1d&loc=https%3A%2F%2Fm.helikon.bg%2F168827-%25D0%259F%25D1%258A%25D1%2582%25D1%258F%25D1%2582.html&Set1=de-DE%7Cde-DE%7C1600x1200%7C24
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
expires: -1

GET
H2 200 /
www.facebook.com/tr/ 0
274 B 121ms
39ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=539134586525496&ev=PageView&dl=https%3A%2F%2Fm.helikon.bg%2F168827-%25D0%259F%25D1%258A%25D1%2582%25D1%258F%25D1%2582.html&rl=&if=false&ts=1725266499401&sw=1600&sh=1200&v=2.9.166&r=stable&ec=0&o=12318&fbp=fb.1.1725266499400.573427338421943879&ler=empty&cdl=API_unavailable&it=1725266499178&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://m.helikon.bg/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=37, rtx=0, c=10, mss=1297, tbw=2839, tp=-1, tpl=-1, uplat=1, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 02 Sep 2024 08:41:39 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
851 B 393ms
329ms Image
image/png 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=539134586525496&ev=PageView&dl=https%3A%2F%2Fm.helikon.bg%2F168827-%25D0%259F%25D1%258A%25D1%2582%25D1%258F%25D1%2582.html&rl=&if=false&ts=1725266499401&sw=1600&sh=1200&v=2.9.166&r=stable&ec=0&o=12318&fbp=fb.1.1725266499400.573427338421943879&ler=empty&cdl=API_unavailable&it=1725266499178&coo=false&rqm=FGET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://m.helikon.bg/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-encoding: zstd
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; preload
date: Mon, 02 Sep 2024 08:41:40 GMT
document-policy: force-load-at-top
x-fb-server-load: 27
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7409963190162321871", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=37, rtx=0, c=14, mss=1297, tbw=9152, tp=-1, tpl=-1, uplat=290, ullat=1
pragma: no-cache
x-fb-debug: Rrx7xkoSAsqj/4eGCfUjmkfJP38bShKftDOmnpKohh3knwExsvEBf4w/Z1rN6zPx0h+AJYWg5McnoBoy4kdWNQ==
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7409963190162321871"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
103 B 99ms
41ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=192319652557189&ev=PageView&dl=https%3A%2F%2Fm.helikon.bg%2F168827-%25D0%259F%25D1%258A%25D1%2582%25D1%258F%25D1%2582.html&rl=&if=false&ts=1725266499403&sw=1600&sh=1200&v=2.9.166&r=stable&ec=0&o=12318&fbp=fb.1.1725266499400.573427338421943879&ler=empty&cdl=API_unavailable&it=1725266499178&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://m.helikon.bg/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=37, rtx=0, c=10, mss=1297, tbw=3126, tp=-1, tpl=-1, uplat=1, ullat=1
strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 02 Sep 2024 08:41:39 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
3 KB 226ms
220ms Image
image/png 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=192319652557189&ev=PageView&dl=https%3A%2F%2Fm.helikon.bg%2F168827-%25D0%259F%25D1%258A%25D1%2582%25D1%258F%25D1%2582.html&rl=&if=false&ts=1725266499403&sw=1600&sh=1200&v=2.9.166&r=stable&ec=0&o=12318&fbp=fb.1.1725266499400.573427338421943879&ler=empty&cdl=API_unavailable&it=1725266499178&coo=false&rqm=FGET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://m.helikon.bg/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-encoding: zstd
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; preload
date: Mon, 02 Sep 2024 08:41:40 GMT
document-policy: force-load-at-top
x-fb-server-load: 20
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7409963192128946600", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=37, rtx=0, c=14, mss=1297, tbw=3543, tp=-1, tpl=-1, uplat=178, ullat=1
pragma: no-cache
x-fb-debug: MU3tiQYLDZnHKeymdzrAXE2eUTy82KoAi6JqUqgdYhwEB2wDyYnMSZLV/XbCw6fgNBeUHqN12eQEEVqy50E0Ow==
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7409963192128946600"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
32 B 46ms
41ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=539134586525496&ev=ViewContent&dl=https%3A%2F%2Fm.helikon.bg%2F168827-%25D0%259F%25D1%258A%25D1%2582%25D1%258F%25D1%2582.html&rl=&if=false&ts=1725266499404&cd[content_ids]=%5B%22168827%22%5D&cd[content_type]=product&cd[value]=15.95&cd[content_name]=%D0%9F%D1%8A%D1%82%D1%8F%D1%82&cd[content_category]=%D0%A0%D0%BE%D0%BC%D0%B0%D0%BD%D0%B8%20%D0%B8%20%D0%BF%D0%BE%D0%B2%D0%B5%D1%81%D1%82%D0%B8.%20%D0%A1%D0%B2%D0%B5%D1%82%D0%BE%D0%B2%D0%BD%D0%B8&cd[currency]=BGN&sw=1600&sh=1200&v=2.9.166&r=stable&ec=1&o=12318&fbp=fb.1.1725266499400.573427338421943879&ler=empty&cdl=API_unavailable&it=1725266499178&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://m.helikon.bg/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=37, rtx=0, c=10, mss=1297, tbw=3126, tp=-1, tpl=-1, uplat=1, ullat=1
strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 02 Sep 2024 08:41:39 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
1 KB 213ms
212ms Image
image/png 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=539134586525496&ev=ViewContent&dl=https%3A%2F%2Fm.helikon.bg%2F168827-%25D0%259F%25D1%258A%25D1%2582%25D1%258F%25D1%2582.html&rl=&if=false&ts=1725266499404&cd[content_ids]=%5B%22168827%22%5D&cd[content_type]=product&cd[value]=15.95&cd[content_name]=%D0%9F%D1%8A%D1%82%D1%8F%D1%82&cd[content_category]=%D0%A0%D0%BE%D0%BC%D0%B0%D0%BD%D0%B8%20%D0%B8%20%D0%BF%D0%BE%D0%B2%D0%B5%D1%81%D1%82%D0%B8.%20%D0%A1%D0%B2%D0%B5%D1%82%D0%BE%D0%B2%D0%BD%D0%B8&cd[currency]=BGN&sw=1600&sh=1200&v=2.9.166&r=stable&ec=1&o=12318&fbp=fb.1.1725266499400.573427338421943879&ler=empty&cdl=API_unavailable&it=1725266499178&coo=false&rqm=FGET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://m.helikon.bg/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

attribution-reporting-register-trigger: {"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0xc78c09a3ea9d3640","source_keys":["1"]},{"key_piece":"0x699d6c227ceb3331","source_keys":["2"]}],"aggregatable_values":{"1":10922,"2":10887},"filters":{"2":["14:2031205380300175","14:2326969777344623","7834:2031205380300175","7834:2326969777344623","564:2031205380300175","564:2326969777344623","10196:2031205380300175","10196:2326969777344623","10853:2031205380300175","10853:2326969777344623","31:2031205380300175","31:2326969777344623","8053:2031205380300175","8053:2326969777344623","617:2031205380300175","617:2326969777344623"]},"debug_reporting":true,"debug_key":"1"}
content-encoding: zstd
x-content-type-options: nosniff
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
strict-transport-security: max-age=15552000; preload
document-policy: force-load-at-top
date: Mon, 02 Sep 2024 08:41:40 GMT
x-fb-server-load: 26
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7409963191935179856", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=37, rtx=0, c=14, mss=1297, tbw=7704, tp=-1, tpl=-1, uplat=172, ullat=0
pragma: no-cache
x-fb-debug: L2qYRDAtSU1Ir7EIZ7/Lguip7a3gGZGSyEhOzmxAW5xFobmdFdUAlxzgKFffEjkinXPdzj0tHY6RKQkZlx6Jlg==
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7409963191935179856"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
102 B 40ms
40ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=192319652557189&ev=ViewContent&dl=https%3A%2F%2Fm.helikon.bg%2F168827-%25D0%259F%25D1%258A%25D1%2582%25D1%258F%25D1%2582.html&rl=&if=false&ts=1725266499409&cd[content_ids]=%5B%22168827%22%5D&cd[content_type]=product&cd[value]=15.95&cd[content_name]=%D0%9F%D1%8A%D1%82%D1%8F%D1%82&cd[content_category]=%D0%A0%D0%BE%D0%BC%D0%B0%D0%BD%D0%B8%20%D0%B8%20%D0%BF%D0%BE%D0%B2%D0%B5%D1%81%D1%82%D0%B8.%20%D0%A1%D0%B2%D0%B5%D1%82%D0%BE%D0%B2%D0%BD%D0%B8&cd[currency]=BGN&sw=1600&sh=1200&v=2.9.166&r=stable&ec=1&o=12318&fbp=fb.1.1725266499400.573427338421943879&ler=empty&cdl=API_unavailable&it=1725266499178&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://m.helikon.bg/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=37, rtx=0, c=14, mss=1297, tbw=3397, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 02 Sep 2024 08:41:39 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
852 B 210ms
210ms Image
image/png 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=192319652557189&ev=ViewContent&dl=https%3A%2F%2Fm.helikon.bg%2F168827-%25D0%259F%25D1%258A%25D1%2582%25D1%258F%25D1%2582.html&rl=&if=false&ts=1725266499409&cd[content_ids]=%5B%22168827%22%5D&cd[content_type]=product&cd[value]=15.95&cd[content_name]=%D0%9F%D1%8A%D1%82%D1%8F%D1%82&cd[content_category]=%D0%A0%D0%BE%D0%BC%D0%B0%D0%BD%D0%B8%20%D0%B8%20%D0%BF%D0%BE%D0%B2%D0%B5%D1%81%D1%82%D0%B8.%20%D0%A1%D0%B2%D0%B5%D1%82%D0%BE%D0%B2%D0%BD%D0%B8&cd[currency]=BGN&sw=1600&sh=1200&v=2.9.166&r=stable&ec=1&o=12318&fbp=fb.1.1725266499400.573427338421943879&ler=empty&cdl=API_unavailable&it=1725266499178&coo=false&rqm=FGET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://m.helikon.bg/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-encoding: zstd
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; preload
date: Mon, 02 Sep 2024 08:41:40 GMT
document-policy: force-load-at-top
x-fb-server-load: 22
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7409963191135193149", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=37, rtx=0, c=14, mss=1297, tbw=6830, tp=-1, tpl=-1, uplat=171, ullat=0
pragma: no-cache
x-fb-debug: N3N17Sc9lA4gEfJwjpac91GPnsyg23R7C8FcNTbX+YVhXcLnpVnimU+GSvfqehFNXWtXDGL4eTa4l3Fsg3SyYQ==
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7409963191135193149"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 333 KB
110 KB 58ms
57ms Script
application/javascript 172.217.16.200
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-T08R4QPG4D&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.200 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f200.1e100.net

Software

Google Tag Manager /

Resource Hash

b2ec34457ab7a3ac0b16c1b3dbd43bda30ad7f3e04d2704d8aa69a0e6861247d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://m.helikon.bg/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 02 Sep 2024 08:41:39 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 112221
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 02 Sep 2024 08:41:39 GMT

GET
H2

200

bg.json Show response
unpkg.com/68publishers-cookie-consent@1.0.0/dist/translations/
Redirect Chain

https://unpkg.com/68publishers-cookie-consent/dist/translations/bg.json
https://unpkg.com/68publishers-cookie-consent@1.0.0/dist/translations/bg.json

6 KB
3 KB

55ms
53ms

Fetch
application/json

2606:4700::6811:f9cb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/68publishers-cookie-consent@1.0.0/dist/translations/bg.json

Protocol

Server

2606:4700::6811:f9cb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aace732370f12eb50bd9aab0f843483cb66269c58852947835a112af37d42b1e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.helikon.bg/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 02 Sep 2024 08:41:39 GMT
content-encoding: br
via: 1.1 fly.io
cf-cache-status: HIT
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 6334021
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01J0W5R6PNVS6ANF8D0YRCRBNH-fra
server: cloudflare
etag: "16e2-W5/eCFWg5avc8Z22S4Qr+u1D1wQ"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 8bcc33c6ee801c60-FRA

Redirect headers

date: Mon, 02 Sep 2024 08:41:39 GMT
content-encoding: br
via: 1.1 fly.io
cf-cache-status: HIT
fly-request-id: 01J6RXVNQ874W8HRB416WMESJF-fra
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 507
server: cloudflare
vary: Accept, Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
location: /68publishers-cookie-consent@1.0.0/dist/translations/bg.json
cache-control: public, s-maxage=600, max-age=60
cf-ray: 8bcc33c67e231c60-FRA

GET
H2 200 cookieconsent.css
cdn.jsdelivr.net/gh/orestbida/cookieconsent@v2.9.2/dist/ 19 KB
5 KB 155ms
59ms Stylesheet
text/css 2606:4700::6812:ba1f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/orestbida/cookieconsent@v2.9.2/dist/cookieconsent.css

Requested by

Host: unpkg.com
URL: https://unpkg.com/68publishers-cookie-consent/dist/cookie-consent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:ba1f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2ceeeed9440b419619c1fb6ede63fe60cfd57d46444b739bd1d6aa6f9cb3dab1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.helikon.bg/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 02 Sep 2024 08:41:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 10442630
x-jsd-version: 2.9.2
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 4427
x-served-by: cache-fra-etou8220026-FRA, cache-lga21969-LGA
x-jsd-version-type: version
server: cloudflare
etag: W/"4b71-tpMM2efa30o9bLmmNz/miPVXklM"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=v7p8jPQ673Wv414vJc2OHUGl8qstNTH%2BJf4pBgpgxvWSz9s6%2FA6P74R8fz14GdNpAJgY%2BorMoRFiyaboAlmGyyuwSNX5er1%2Bc0fV6RT%2BgCHititPCbyBwDZD18fVTr4RtM9P9zsiPbJXtiKSL1o%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8bcc33c67ec85c68-FRA

GET
H2

200

bg.json Show response
unpkg.com/68publishers-cookie-consent@1.0.0/dist/translations/
Redirect Chain

https://unpkg.com/68publishers-cookie-consent/dist/translations/bg.json
https://unpkg.com/68publishers-cookie-consent@1.0.0/dist/translations/bg.json

6 KB
0

0ms
0ms

Fetch
application/json

2606:4700::6811:f9cb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/68publishers-cookie-consent@1.0.0/dist/translations/bg.json

Protocol

Server

2606:4700::6811:f9cb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aace732370f12eb50bd9aab0f843483cb66269c58852947835a112af37d42b1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.helikon.bg/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 02 Sep 2024 08:41:39 GMT
content-encoding: br
via: 1.1 fly.io
cf-cache-status: HIT
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01J0W5R6PNVS6ANF8D0YRCRBNH-fra
server: cloudflare
age: 6334021
x-content-type-options: nosniff
etag: "16e2-W5/eCFWg5avc8Z22S4Qr+u1D1wQ"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 8bcc33c6ee801c60-FRA

Redirect headers

date: Mon, 02 Sep 2024 08:41:39 GMT
content-encoding: br
via: 1.1 fly.io
cf-cache-status: HIT
fly-request-id: 01J6RXVNQ874W8HRB416WMESJF-fra
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 507
server: cloudflare
vary: Accept, Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
location: /68publishers-cookie-consent@1.0.0/dist/translations/bg.json
cache-control: public, s-maxage=600, max-age=60
cf-ray: 8bcc33c6ee7c1c60-FRA

GET
H2

200

bg.json Show response
unpkg.com/68publishers-cookie-consent@1.0.0/dist/translations/
Redirect Chain

https://unpkg.com/68publishers-cookie-consent/dist/translations/bg.json
https://unpkg.com/68publishers-cookie-consent@1.0.0/dist/translations/bg.json

6 KB
0

0ms
0ms

Fetch
application/json

2606:4700::6811:f9cb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/68publishers-cookie-consent@1.0.0/dist/translations/bg.json

Protocol

Server

2606:4700::6811:f9cb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aace732370f12eb50bd9aab0f843483cb66269c58852947835a112af37d42b1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.helikon.bg/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 02 Sep 2024 08:41:39 GMT
content-encoding: br
via: 1.1 fly.io
cf-cache-status: HIT
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01J0W5R6PNVS6ANF8D0YRCRBNH-fra
server: cloudflare
age: 6334021
x-content-type-options: nosniff
etag: "16e2-W5/eCFWg5avc8Z22S4Qr+u1D1wQ"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 8bcc33c6ee801c60-FRA

Redirect headers

date: Mon, 02 Sep 2024 08:41:39 GMT
content-encoding: br
via: 1.1 fly.io
cf-cache-status: HIT
fly-request-id: 01J6RXVNQ874W8HRB416WMESJF-fra
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 507
server: cloudflare
vary: Accept, Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
location: /68publishers-cookie-consent@1.0.0/dist/translations/bg.json
cache-control: public, s-maxage=600, max-age=60
cf-ray: 8bcc33c74ecd1c60-FRA

GET
H2 200 setuid
ib.adnxs.com/ Frame 9CD6 43 B
1 KB 66ms
66ms Image
image/gif 185.89.210.212
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=52&code=k-vhPKLv2DrYsGwR_HBJUcXb_jDMHNt9KvaHAmAQ

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 Sep 2024 08:41:39 GMT
an-x-request-uuid: df0f5798-705c-4a1e-98f4-c25c390865bc
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 80.255.7.122; 80.255.7.122; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 204 unip Show response
trc-events.taboola.com/1374407/log/3/ 0
244 B 42ms
42ms XHR
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/1374407/log/3/unip?en=pre_d_eng_tb&tos=1620&scd=0&ssd=1&est=1725266499183&ver=36&isls=true&src=i&invt=1500&msa=1219&rv=1&tim=1725266500804&vi=1725266499180&ri=cb075b8fa321313172ed84fbb3777acf&ref=null&cv=20240830-4-RELEASE&item-url=https%3A%2F%2Fm.helikon.bg%2F168827-%25D0%259F%25D1%258A%25D1%2582%25D1%258F%25D1%2582.html&it=JS_PIXEL
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1374407/tfa.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://m.helikon.bg/
Attribution-Reporting-Eligible: trigger
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: https://m.helikon.bg
pragma: no-cache
date: Mon, 02 Sep 2024 08:41:40 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

OPTIONS
H2 200 unip
trc-events.taboola.com/1374407/log/3/ Frame 0
0 134ms
42ms Preflight 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/1374407/log/3/unip?en=pre_d_eng_tb&tos=1620&scd=0&ssd=1&est=1725266499183&ver=36&isls=true&src=i&invt=1500&msa=1219&rv=1&tim=1725266500804&vi=1725266499180&ri=cb075b8fa321313172ed84fbb3777acf&ref=null&cv=20240830-4-RELEASE&item-url=https%3A%2F%2Fm.helikon.bg%2F168827-%25D0%259F%25D1%258A%25D1%2582%25D1%258F%25D1%2582.html&it=JS_PIXEL
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://m.helikon.bg
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-origin: https://m.helikon.bg
allow: GET, HEAD, POST, TRACE, OPTIONS
content-length: 0
date: Mon, 02 Sep 2024 08:41:40 GMT
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
server: nginx

GET
H2 204 unip Show response
trc-events.taboola.com/1374407/log/3/ 0
244 B 44ms
43ms XHR
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/1374407/log/3/unip?en=pre_d_eng_tb&tos=4622&scd=0&ssd=1&est=1725266499183&ver=36&isls=true&src=i&invt=3000&msa=1219&rv=1&tim=1725266503805&vi=1725266499180&ri=cb075b8fa321313172ed84fbb3777acf&ref=null&cv=20240830-4-RELEASE&item-url=https%3A%2F%2Fm.helikon.bg%2F168827-%25D0%259F%25D1%258A%25D1%2582%25D1%258F%25D1%2582.html&it=JS_PIXEL
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1374407/tfa.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://m.helikon.bg/
Attribution-Reporting-Eligible: trigger
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: https://m.helikon.bg
pragma: no-cache
date: Mon, 02 Sep 2024 08:41:43 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

OPTIONS
H2 200 unip
trc-events.taboola.com/1374407/log/3/ Frame 0
0 41ms
41ms Preflight 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/1374407/log/3/unip?en=pre_d_eng_tb&tos=4622&scd=0&ssd=1&est=1725266499183&ver=36&isls=true&src=i&invt=3000&msa=1219&rv=1&tim=1725266503805&vi=1725266499180&ri=cb075b8fa321313172ed84fbb3777acf&ref=null&cv=20240830-4-RELEASE&item-url=https%3A%2F%2Fm.helikon.bg%2F168827-%25D0%259F%25D1%258A%25D1%2582%25D1%258F%25D1%2582.html&it=JS_PIXEL
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://m.helikon.bg
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-origin: https://m.helikon.bg
allow: GET, HEAD, POST, TRACE, OPTIONS
content-length: 0
date: Mon, 02 Sep 2024 08:41:43 GMT
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
server: nginx

POST
H2 204 collect
region1.google-analytics.com/g/ 0
0 53ms
46ms Fetch
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-T08R4QPG4D&gtm=45je48s0v9122958096za200&_p=1725266498552&gcs=G100&gcd=13p3p3p2p5l1&npa=1&dma_cps=-&dma=1&tag_exp=0&cid=1374208031.1725266499&ul=de-de&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=denied&_eu=EA&sid=1725266499&sct=1&seg=0&dl=https%3A%2F%2Fm.helikon.bg%2F168827-%D0%9F%D1%8A%D1%82%D1%8F%D1%82.html&dt=%E3%80%8A%D0%9F%D1%8A%D1%82%D1%8F%D1%82%E3%80%8B%7C%20%D0%9A%D0%BE%D1%80%D0%BC%D0%B0%D0%BA%20%D0%9C%D0%B0%D0%BA%D0%BA%D0%B0%D1%80%D1%82%D0%B8%20%7C%20%D0%9A%D0%BD%D0%B8%D0%B3%D0%B8%20%D0%BE%D1%82%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%20%D0%BA%D0%BD%D0%B8%D0%B6%D0%B0%D1%80%D0%BD%D0%B8%D1%86%D0%B0%20%D0%A5%D0%B5%D0%BB%D0%B8%D0%BA%D0%BE%D0%BD%20%7C%20%D0%9A%D0%BD%D0%B8%D0%B6%D0%B0%D1%80%D0%BD%D0%B8%D1%86%D0%B8%20%D0%A5%D0%B5%D0%BB%D0%B8%D0%BA%D0%BE%D0%BD&_s=2&tfd=6922
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-T08R4QPG4D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

Referer: https://m.helikon.bg/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 02 Sep 2024 08:41:44 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://m.helikon.bg
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: match.sharethrough.com
URL: https://match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-b2Vt_f2DrYsGwR_HBJUcXb_jDMFLtZOjHV51lQ

Verdicts & Comments Add Verdict or Comment

141 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

42 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.helikon.bg/	1970-01-21 08:50:26	Name: HELIKON Value: 63trevs2tmfsgir7p9mlpg4981
m.helikon.bg/	1970-01-21 08:00:02	Name: cid Value: V3la7GbVekE2bgiiDBlkAg==
.helikon.bg/	1970-01-20 23:14:28	Name: __cf_bm Value: fZI5IPEnJ27O1m5Xgx3VmusaG7_FuK6W_7AwoaU_ZhE-1725266498-1.0.1.1-zSSIH5Nk.wXTHyyFwtN2Wo4RFg2L6U7pPdQwfnTI6ivm6ONQ.dLqrGMoL7CmqqdlQY0wgUxbk4qekbSzdv1sPw
.helikon.bg/	1970-01-20 23:24:31	Name: allowJS Value: yes
.criteo.com/	1970-01-21 08:36:02	Name: uid Value: e89f0c53-b9b2-4e73-bdf1-01280b910362
.criteo.com/	1970-01-21 08:36:02	Name: receive-cookie-deprecation Value: 1
.doubleclick.net/	1970-01-20 23:14:27	Name: test_cookie Value: CheckForPermission
.helikon.bg/	1970-01-21 08:43:50	Name: cto_bundle Value: Yqe4-V85NkZuJTJGOTJCNm1iU3h0Y1hVRHpjQzZJdGUwVmZUN1g1dCUyRmdmUkg0clRTTFN0cCUyQkVTcXdQbyUyRmVqS0F1OVJrN2NHa1d1OTJKaklzWUg3UGp6a2VqUDV0Um56NEdQR3U3Z2UlMkJDblVqaG9jODRlUmdSakQzRGhsMkh4N3FVRmE3TUViZGI2RyUyQkhOSXhmZzE1VEFLVkZHZ3clM0QlM0Q
.helikon.bg/	1970-01-21 01:24:02	Name: _gcl_au Value: 1.1.404501595.1725266499
.helikon.bg/	1970-01-21 08:00:02	Name: cf_clearance Value: TeOl9XEOsIdyG8YSpY2TB48eCQYtGDY4bi1XOe6MU4Q-1725266499-1.2.1.1-rzBELZtMtga6PBf7_jNKo8cg8OphAqxWfECHgse2p_pPLmlKerbmmXDYyAF1R1zrrDWmEH9G3lR8KbpVwOwh7wTFtroQ7OGjsjj0jdvEIIL1D0Ndz4h10idMJmiFhk537HXUB3D_pVQlxUcfDkqFMVzAPEtZCuoS4rX_X7bF4dcJnyQk2mjFOvwPvmIDsDbhwwOZdzCpVdtkjfuLh4nPHD84mS1qqOFKqdL9p3nKnGCXO_gZ7eTqPwq.JAH4bC_0s1Y.8RakiRYuUUZ342VE_.M8RKQuN.8oE6oWnLY.a0u7WDJq4CvJE6suZovOzoa8ibe6F1ezKXUbI3Jbt0Rjxi9Ix2v5B.OtCTO.Hxkqd16h1.HSbNbVOlRiCu.W2ZFb
.helikon.bg/	1970-01-21 08:50:26	Name: _ga_T08R4QPG4D Value: GS1.1.1725266499.1.0.1725266499.60.0.0
.helikon.bg/	1970-01-21 08:50:26	Name: _ga Value: GA1.2.1374208031.1725266499
.helikon.bg/	1970-01-20 23:15:52	Name: _gid Value: GA1.2.1114544033.1725266499
.helikon.bg/	1970-01-20 23:14:26	Name: _gat Value: 1
.adform.net/	1970-01-20 23:57:38	Name: C Value: 1
.helikon.bg/	1970-01-21 01:24:02	Name: _fbp Value: fb.1.1725266499400.573427338421943879
measurement-api.criteo.com/	1969-12-31 23:59:59	Name: ar_debug Value: 1
.criteo.com/	1970-01-21 08:36:02	Name: cto_bundle Value: B8Y-B190Q3dycVJEaGRTcXdkbGkyJTJCS09GZFVNMkdraFZTVDBpMWRDVGRlcjlTTVJEaTkwc3V4Q3V2dlR5NjA3dVZSTW0
.adform.net/	1970-01-21 00:40:54	Name: uid Value: 3030359341076892548
.adnxs.com/	1970-01-21 01:24:02	Name: XANDR_PANID Value: qyENHNU5oeUEeQ2pbeIwTFdcwQLjG1EAwYT8KvW85FJOWYpuJ8E8csyYynxpqmBsV0SZkNfKCBcAYeVeDr6Ihq_JWmJX58-wz-6s2nql6X0.
.adnxs.com/	1970-01-21 08:50:26	Name: receive-cookie-deprecation Value: 1
.adnxs.com/	1970-01-21 01:24:02	Name: uuid2 Value: 5331507210521727264
.omnitagjs.com/	1970-01-20 23:57:38	Name: ayl_visitor Value: 82a8c4c1de26d47109bcb7a01cc2ee13
.casalemedia.com/	1970-01-21 08:00:02	Name: CMID Value: ZtV6Q7mqPUAAACjVAHLYsQAA
.casalemedia.com/	1970-01-21 01:24:02	Name: CMPS Value: 3163
.casalemedia.com/	1970-01-21 01:24:02	Name: CMPRO Value: 3163
exchange.mediavine.com/	1970-01-20 23:34:36	Name: mv_tokens Value: %7B%22mv_uuid%22%3A%222c07a200-6907-11ef-b07a-7578b766d376%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 23:34:36	Name: mv_tokens_eu-v1 Value: %7B%22mv_uuid%22%3A%222c07a200-6907-11ef-b07a-7578b766d376%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 23:34:36	Name: am_tokens Value: %7B%22mv_uuid%22%3A%222c07a200-6907-11ef-b07a-7578b766d376%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 23:34:36	Name: am_tokens_eu-v1 Value: %7B%22mv_uuid%22%3A%222c07a200-6907-11ef-b07a-7578b766d376%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 23:34:36	Name: criteo Value: %7B%22id%22%3A%22k-QugHW_2DrYsGwR_HBJUcXb_jDMF8jWg1fZ9keg%22%2C%22version%22%3A%22criteo%22%7D
.demdex.net/	1970-01-21 03:33:38	Name: demdex Value: 83259861823355161053617413123261312711
.adnxs.com/	1970-01-21 01:24:02	Name: anj Value: dTM7k!M4/rCxrEQF']wIg2Hc%IvR[]!@wnfH1YdP.dEXlSkdnV(eI'XF(qn*ArXL=)cy$E)v0/+)ZJPLqjytWq!=ZAnP(uN0zjy+jWX.<%nugO%v4VB%nqnp+ieVJ
.dpm.demdex.net/	1970-01-21 03:33:38	Name: dpm Value: 83259861823355161053617413123261312711
.media.net/	1970-01-21 08:00:02	Name: visitor-id Value: 3682680999087483000V10
.media.net/	1970-01-20 23:57:38	Name: data-c-ts Value: 1725266499
.media.net/	1970-01-20 23:57:38	Name: data-c Value: k-c7I8rf2DrYsGwR_HBJUcXb_jDMHzbf163TI6Kw~~3
.1rx.io/	1970-01-21 08:00:02	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-71077c9f-f9f8-4dfb-b02b-562b8a074e7e-003%22%7D
.tremorhub.com/	1970-01-21 08:00:23	Name: tvid Value: ec17b70001914df5811c3a2a6901fa02
.tremorhub.com/	1970-01-20 23:57:38	Name: tv_UICR Value: k-9eaHZ_2DrYsGwR_HBJUcXb_jDMH1Un93hGGdQg
.postrelease.com/	1970-01-21 08:00:02	Name: opt_out Value: 1
.targeting.unrulymedia.com/	1970-01-21 08:00:02	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-71077c9f-f9f8-4dfb-b02b-562b8a074e7e-003%22%7D

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
recommendation	verbose	URL: https://m.helikon.bg/168827-%D0%9F%D1%8A%D1%82%D1%8F%D1%82.html Message: [DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o
recommendation	verbose	URL: https://m.helikon.bg/168827-%D0%9F%D1%8A%D1%82%D1%8F%D1%82.html Message: [DOM] Input elements should have autocomplete attributes (suggested: "new-password"): (More info: https://goo.gl/9p2vKq) %o
recommendation	verbose	URL: https://m.helikon.bg/168827-%D0%9F%D1%8A%D1%82%D1%8F%D1%82.html Message: [DOM] Input elements should have autocomplete attributes (suggested: "new-password"): (More info: https://goo.gl/9p2vKq) %o
security	warning	Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15768000
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.360yield.com
ad.yieldlab.net
cdn.jsdelivr.net
cdn.taboola.com
cm.g.doubleclick.net
connect.facebook.net
contextual.media.net
criteo-partners.tremorhub.com
criteo-sync.teads.tv
dis.criteo.com
dpm.demdex.net
e1.emxdgt.com
eb2.3lift.com
exchange.mediavine.com
fledge.eu.criteo.com
googleads.g.doubleclick.net
gum.criteo.com
i.helikon.bg
i5.helikon.bg
ib.adnxs.com
id5-sync.com
jadserve.postrelease.com
m.helikon.bg
match.sharethrough.com
matching.ivitrack.com
measurement-api.criteo.com
pixel.rubiconproject.com
psb.taboola.com
r.casalemedia.com
region1.analytics.google.com
region1.google-analytics.com
s2.adform.net
simage2.pubmatic.com
sslwidget.criteo.com
static.cloudflareinsights.com
stats.g.doubleclick.net
sync-criteo.ads.yieldmo.com
sync-t1.taboola.com
sync.1rx.io
sync.outbrain.com
sync.targeting.unrulymedia.com
track.adform.net
trc-events.taboola.com
trc.taboola.com
unpkg.com
visitor.omnitagjs.com
www.facebook.com
www.google-analytics.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
x.bidswitch.net
match.sharethrough.com
104.18.36.155
141.226.228.48
142.250.185.226
142.250.186.130
142.250.186.131
151.101.129.44
151.101.65.44
157.240.253.1
162.19.138.83
172.217.16.130
172.217.16.200
172.66.43.155
178.250.1.9
18.196.67.11
185.255.84.152
185.89.210.212
198.47.127.205
2001:4860:4802:34::36
216.239.36.178
23.32.185.35
23.35.228.23
2600:1f18:612b:4200:469d:9873:c4dd:d159
2606:4700::6810:4f49
2606:4700::6811:f9cb
2606:4700::6812:ba1f
2a00:1450:4001:813::2008
2a00:1450:4001:827::200e
2a00:1450:400c:c00::9d
2a02:2638:3::15
2a02:2638:3::19
2a02:2638:3::c
2a03:2880:f176:84:face:b00c:0:25de
3.72.244.131
34.117.157.22
35.214.136.108
37.157.2.250
37.157.5.84
44.240.108.226
46.228.174.117
52.18.211.45
54.194.169.106
54.78.78.173
64.202.112.95
69.173.144.139
69.192.161.76
76.223.111.18
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
14c847e283cde4999e0d4ba2b30bc61e64217110eb8f08f24751d0fdeb3ba8e2
19b7fab0d311cc65409e935b367cf9a823a80f3812ae217ed192459cde82368d
1af6cadbee614e62c9f1811e4ebe57d9b519ac6deb5b1eb6afd6928acba09afe
1b448e4684d7492dd2428954fd18cea462c2295d88552af7b0def087bd62ce4b
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2803a81293660267f760961704d00cbc9b2403ec3b31cffadb5a4059483c82ca
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2ceeeed9440b419619c1fb6ede63fe60cfd57d46444b739bd1d6aa6f9cb3dab1
2d4367f7d7fb24c411adaabc28e2c0c8f1632d159f349b30fe1ea9cf3303b336
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
3a6d3ecab89ec91612dbdcf15abdee5278c537aeb3ecee787d420d82f116b280
3af5f025c9974a03bcf056343c3f846d82c3c01324703e08f1f3337bc6e2ed76
3bb1199d12ae09deeda4466322b863de030594a83fb2166ca26d241b1a9020c1
47ea4d99256f2275b8a7938a3c0efd6573a198a9aad65585abb9022f18c29a40
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
53f6c9463c13a3e049444fb835529fc98e73a5eff6bdcfc60ade0520662798d5
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5baaf7d27005df3d7c850124b4e6dcab9352dd3f4cec24d9487de52d60573839
70b959cbeacf599c1efbb3d88e8a522b22fcab3cc42cf6fb25b7a14599afda06
761045df8464ce7553fd4e57ecc0de9dfe4a9c4d215f51ce796b897ae8cf91e6
77d5fe96defd6c8c1e3b0466b4827cf83dc7e5c727a10177e115d25132fa86f6
8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f
8ddc6cbdb63a791bfc33f40d4b0a250a18e85e0ae93f72389ebda9242bef010d
8f8d206651d3d5fcc47d7fd9ad9ef96e952b165dc46ea5959dfc62fca4b4ea7d
9149c86912b4854ad9c66dab910d1897e9d843a72ce24d60df78e20857aa39dc
959c1cf574d3ec8a27635845bc4661a7b1efd47a6b42f5fae9b85fea89face0d
99a3fbeda3b74d3bd0a2ab6d0b49ea376959b31f0785dba6f03db6ce536c94bf
9e884a1ce37de935762983afa009018437764a7db6a0a9667c0926dac407a640
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
aa940b5099345b025437df949e77486ec26ef5dadec5f392d5bf4d84ff21da89
aace732370f12eb50bd9aab0f843483cb66269c58852947835a112af37d42b1e
aaffceaf5f8008608f54df6f2f7722f522caed3e8659cae1db4a2415aa443c19
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2ec34457ab7a3ac0b16c1b3dbd43bda30ad7f3e04d2704d8aa69a0e6861247d
b467a2d7cfb71acd244f227c7eed566b15b27d5e2518b6f2ef49dc788436a789
b5e9c74c50de6316b1a0269fa75d886b5c23361d21ce02644408c28efc5f87b4
b73b792e38706225c8c8b022211d57dae8145cdc00393b6c5c7ae041ef6c8099
b9dbd2945796927d9e685e4600d3f7a583f38fa1f306302c5f92deb45c9f488c
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bcd489b31e182215b44326f95a9472676a917e63fb20e70510c6f21be7f9c772
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
d0a42c5d7b4bc04b2d9725cf9d4527579c4f032b43cc9af5fb5735dca5bb7ec0
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
d60a91b8ce51ef27822d54250a45c8e1137cd4bc2ab3486a636257ffff9e9dab
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
deb47c2d523bb811cba3a88322d19e8370eec11ac63aba74c0f9700b5ba74710
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e56451053236d0609126126105fb30ab407aa253673309b791c9e2cb58b274d3
e7112b70eed95d42b178135728e6153e34f07001827870748de87cd7dec3538e
e90567ca798874fbcc1d8a0ee7493ce3c7d03f9646ac22e79f9d8d1314fda512
e9a48d288165f286b3251015e2863e6b30a02285b1590a433ffb19e28b38e9d7
ec955c146d567c86866ac4ab20e0b291243d3a890595bbc46c14ce5ea0d00351
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f94d92f5fa1a783ab94650e6c45280f204c0f4e98068e90762cef5c257a2a815
fd6c037e524d5e6780b0d94b34dbebb65fa4f0c2ca2ba5686d1480d6f3edb694

m.helikon.bg Open in urlscan Pro 172.66.43.155 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

92 Requests

87 %HTTPS

26 %IPv6

38 Domains

52 Subdomains

47 IPs

9 Countries

1381 kBTransfer

4098 kBSize

42 Cookies

14 Outgoing links

Redirected requests

92 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

m.helikon.bg Open in urlscan Pro
172.66.43.155 Public Scan

Screenshot
Live screenshot

Full Image

92
Requests

87 %
HTTPS

26 %
IPv6

38
Domains

52
Subdomains

47
IPs

9
Countries

1381 kB
Transfer

4098 kB
Size

42
Cookies

92 HTTP transactions
3 data transactions