m.helikon.bg Open in urlscan Pro
2606:4700:3108::ac42:2b9b Public Scan

Go To Rescan
Add Verdict Report

URL:
https://m.helikon.bg/46236-%D0%90%D0%B7-%D1%81%D1%82%D0%B0%D0%B2%D0%B0%D0%BC-%D0%BC%D1%8A%D0%B6.html
Submission: On October 13 via api (October 13th 2022, 9:25:36 am UTC) from DE — Scanned from DE

Summary HTTP 88 Redirects Links 13 Behaviour Indicators

Summary

This website contacted 39 IPs in 9 countries across 34 domains to perform 88 HTTP transactions. The main IP is 2606:4700:3108::ac42:2b9b, located in United States and belongs to CLOUDFLARENET, US. The main domain is m.helikon.bg.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on September 19th 2022. Valid for: a year.

This is the only time m.helikon.bg was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
26	2606:4700:310... 2606:4700:3108::ac42:2b9b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:440... 2606:4700:440e::ac40:9c1a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	172.217.16.194 172.217.16.194	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82b::2008	15169 (GOOGLE) (GOOGLE)
2	151.101.1.44 151.101.1.44	54113 (FASTLY) (FASTLY)
3	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
3	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
3 4	2a02:2638:1::13 2a02:2638:1::13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
2 4	37.157.2.234 37.157.2.234	198622 (ADFORM) (ADFORM)
1	37.157.2.249 37.157.2.249	198622 (ADFORM) (ADFORM)
4	2a00:1450:400... 2a00:1450:4001:82b::2004	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c00::9b	15169 (GOOGLE) (GOOGLE)
1	178.250.2.146 178.250.2.146	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
6	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
3	178.250.2.151 178.250.2.151	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 2	3.120.13.175 3.120.13.175	16509 (AMAZON-02) (AMAZON-02)
1 1	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
2 2	37.252.173.62 37.252.173.62	29990 (ASN-APPNEX) (ASN-APPNEX)
1 2	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
1 2	34.255.156.219 34.255.156.219	16509 (AMAZON-02) (AMAZON-02)
1	2.18.235.93 2.18.235.93	16625 (AKAMAI-AS) (AKAMAI-AS)
1	52.59.60.193 52.59.60.193	16509 (AMAZON-02) (AMAZON-02)
1	70.42.32.95 70.42.32.95	13789 (INTERNAP-...) (INTERNAP-BLK3)
1	185.64.189.110 185.64.189.110	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
1	18.194.140.105 18.194.140.105	16509 (AMAZON-02) (AMAZON-02)
1	185.86.137.110 185.86.137.110	201081 (SMARTADSE...) (SMARTADSERVER)
3	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
1	23.35.237.56 23.35.237.56	16625 (AKAMAI-AS) (AKAMAI-AS)
1	76.223.111.18 76.223.111.18	16509 (AMAZON-02) (AMAZON-02)
1 2	18.156.0.31 18.156.0.31	16509 (AMAZON-02) (AMAZON-02)
1	185.255.84.153 185.255.84.153	200271 (IGUANE-) (IGUANE-)
1	162.19.138.117 162.19.138.117	16276 (OVH) (OVH)
1	34.117.157.22 34.117.157.22	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	52.214.159.83 52.214.159.83	16509 (AMAZON-02) (AMAZON-02)
1	96.16.132.239 96.16.132.239	16625 (AKAMAI-AS) (AKAMAI-AS)
1	54.155.44.87 54.155.44.87	16509 (AMAZON-02) (AMAZON-02)
1	3.141.157.49 3.141.157.49	16509 (AMAZON-02) (AMAZON-02)
88	39

26 2606:4700:3108::ac42:2b9b (United States)

ASN13335 (CLOUDFLARENET, US)

m.helikon.bg	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
i4.helikon.bg	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
i.helikon.bg	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
i2.helikon.bg	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
i5.helikon.bg	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:440e::ac40:9c1a (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.16.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f194.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.1.44 (United States)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:2638:1::13 (France) 3 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.157.2.234 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

track.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.2.249 (Denmark)

ASN198622 (ADFORM, DK)

s2.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.146 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 178.250.2.151 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

sslwidget.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.120.13.175 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-120-13-175.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.98 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.252.173.62 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.80.39.216 (Canada) 1 redirects

ASN27381 (CASALE-MEDIA, CA)

r.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.255.156.219 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-255-156-219.eu-west-1.compute.amazonaws.com

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.235.93 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-93.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.59.60.193 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-59-60-193.eu-central-1.compute.amazonaws.com

exchange.mediavine.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 70.42.32.95 (United States)

ASN13789 (INTERNAP-BLK3, US)
PTR: ny.outbrain.com

sync.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.194.140.105 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-194-140-105.eu-central-1.compute.amazonaws.com

match.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.137.110 (France)

ASN201081 (SMARTADSERVER, FR)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)

sync-t1.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.35.237.56 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-237-56.deploy.static.akamaitechnologies.com

criteo-sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 76.223.111.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.156.0.31 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.255.84.153 (France)

ASN200271 (IGUANE-, FR)

visitor.omnitagjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.117 (France)

ASN16276 (OVH, FR)
PTR: ns31533568.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.117.157.22 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 22.157.117.34.bc.googleusercontent.com

matching.ivitrack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.214.159.83 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-214-159-83.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 96.16.132.239 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a96-16-132-239.deploy.static.akamaitechnologies.com

ad.yieldlab.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.155.44.87 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-155-44-87.eu-west-1.compute.amazonaws.com

sync-criteo.ads.yieldmo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.141.157.49 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-141-157-49.us-east-2.compute.amazonaws.com

s.thebrighttag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
26	helikon.bg m.helikon.bg i4.helikon.bg i.helikon.bg i2.helikon.bg i5.helikon.bg	719 KB
8	criteo.com 3 redirects gum.criteo.com — Cisco Umbrella Rank: 425 mug.criteo.com — Cisco Umbrella Rank: 2786 sslwidget.criteo.com — Cisco Umbrella Rank: 1809 dis.criteo.com — Cisco Umbrella Rank: 679	12 KB
6	facebook.com www.facebook.com — Cisco Umbrella Rank: 107	330 B
5	adform.net 2 redirects track.adform.net — Cisco Umbrella Rank: 3732 s2.adform.net — Cisco Umbrella Rank: 5875 cm.adform.net — Cisco Umbrella Rank: 1496	32 KB
5	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 43 stats.g.doubleclick.net — Cisco Umbrella Rank: 84 cm.g.doubleclick.net — Cisco Umbrella Rank: 215	5 KB
5	taboola.com cdn.taboola.com — Cisco Umbrella Rank: 865 trc.taboola.com — Cisco Umbrella Rank: 697 sync-t1.taboola.com — Cisco Umbrella Rank: 1296 trc-events.taboola.com — Cisco Umbrella Rank: 1645	20 KB
4	google.de www.google.de — Cisco Umbrella Rank: 6045	739 B
4	google.com www.google.com — Cisco Umbrella Rank: 2	739 B
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 32	21 KB
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 151	195 KB
2	yahoo.com 1 redirects ups.analytics.yahoo.com — Cisco Umbrella Rank: 294	508 B
2	360yield.com 1 redirects ad.360yield.com — Cisco Umbrella Rank: 681	853 B
2	casalemedia.com 1 redirects r.casalemedia.com — Cisco Umbrella Rank: 1351	2 KB
2	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 232	2 KB
2	bidswitch.net 1 redirects x.bidswitch.net — Cisco Umbrella Rank: 303	1 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 61	93 KB
2	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 131	32 KB
1	thebrighttag.com s.thebrighttag.com — Cisco Umbrella Rank: 1506	268 B
1	yieldmo.com sync-criteo.ads.yieldmo.com — Cisco Umbrella Rank: 2114	220 B
1	yieldlab.net ad.yieldlab.net — Cisco Umbrella Rank: 4441	522 B
1	krxd.net beacon.krxd.net — Cisco Umbrella Rank: 528	338 B
1	ivitrack.com matching.ivitrack.com — Cisco Umbrella Rank: 2682	274 B
1	id5-sync.com id5-sync.com — Cisco Umbrella Rank: 471	1 KB
1	omnitagjs.com visitor.omnitagjs.com — Cisco Umbrella Rank: 1104	235 B
1	3lift.com eb2.3lift.com — Cisco Umbrella Rank: 373	140 B
1	teads.tv criteo-sync.teads.tv — Cisco Umbrella Rank: 1698	172 B
1	smartadserver.com rtb-csync.smartadserver.com — Cisco Umbrella Rank: 640	163 B
1	sharethrough.com match.sharethrough.com — Cisco Umbrella Rank: 554	35 B
1	rubiconproject.com pixel.rubiconproject.com — Cisco Umbrella Rank: 347	239 B
1	pubmatic.com simage2.pubmatic.com — Cisco Umbrella Rank: 706	225 B
1	outbrain.com sync.outbrain.com — Cisco Umbrella Rank: 832	145 B
1	mediavine.com exchange.mediavine.com — Cisco Umbrella Rank: 1259	882 B
1	media.net contextual.media.net — Cisco Umbrella Rank: 570	786 B
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 1116	5 KB
88	34

	Domain	Requested by
17	m.helikon.bg	m.helikon.bg static.cloudflareinsights.com
6	www.facebook.com
4	www.google.de
4	www.google.com
4	gum.criteo.com	3 redirects m.helikon.bg
4	i.helikon.bg	m.helikon.bg
3	track.adform.net	2 redirects
3	googleads.g.doubleclick.net	www.googleadservices.com
3	www.google-analytics.com	m.helikon.bg www.google-analytics.com
3	connect.facebook.net	m.helikon.bg connect.facebook.net
2	trc-events.taboola.com	cdn.taboola.com
2	ups.analytics.yahoo.com	1 redirects
2	ad.360yield.com	1 redirects
2	r.casalemedia.com	1 redirects
2	ib.adnxs.com	2 redirects
2	dis.criteo.com
2	x.bidswitch.net	1 redirects
2	i2.helikon.bg
2	www.googletagmanager.com	m.helikon.bg
2	www.googleadservices.com	m.helikon.bg www.googletagmanager.com
2	i4.helikon.bg	m.helikon.bg
1	s.thebrighttag.com
1	sync-criteo.ads.yieldmo.com
1	ad.yieldlab.net
1	beacon.krxd.net
1	matching.ivitrack.com
1	id5-sync.com
1	visitor.omnitagjs.com
1	cm.adform.net
1	eb2.3lift.com
1	criteo-sync.teads.tv
1	sync-t1.taboola.com
1	rtb-csync.smartadserver.com
1	match.sharethrough.com
1	pixel.rubiconproject.com
1	simage2.pubmatic.com
1	sync.outbrain.com
1	exchange.mediavine.com
1	contextual.media.net
1	cm.g.doubleclick.net	1 redirects
1	sslwidget.criteo.com	m.helikon.bg
1	mug.criteo.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	trc.taboola.com	cdn.taboola.com
1	s2.adform.net
1	cdn.taboola.com	m.helikon.bg
1	i5.helikon.bg
1	static.cloudflareinsights.com	m.helikon.bg
88	48

This site contains links to these domains. Also see Links.

Domain
www.helikon.bg
lira.bg
i4.helikon.bg
play.google.com
apps.apple.com
www.microsoft.com
www.facebook.com
www.instagram.com
i.helikon.bg

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-09-19` - `2023-09-18`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2021-11-28` - `2022-12-29`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-07-22` - `2022-10-20`	3 months	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-08-27` - `2022-11-22`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.media.net DigiCert SHA2 Secure Server CA	`2022-02-20` - `2023-02-22`	a year	crt.sh
exchange.mediavine.com Amazon	`2022-07-06` - `2023-08-04`	a year	crt.sh
*.outbrain.com Thawte RSA CA 2018	`2021-10-24` - `2022-11-24`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2022-06-13` - `2023-07-14`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-08` - `2023-04-04`	a year	crt.sh
*.sharethrough.com Amazon	`2022-07-14` - `2023-08-12`	a year	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-01-25` - `2023-01-25`	a year	crt.sh
teads.tv R3	`2022-08-17` - `2022-11-15`	3 months	crt.sh
*.3lift.com Amazon	`2022-05-13` - `2023-06-11`	a year	crt.sh
*.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2022-05-18` - `2023-06-16`	a year	crt.sh
omnitagjs.com Sectigo RSA Domain Validation Secure Server CA	`2022-06-21` - `2023-07-21`	a year	crt.sh
*.id5-sync.com R3	`2022-08-18` - `2022-11-16`	3 months	crt.sh
itm.ivitrack.com R3	`2022-10-06` - `2023-01-04`	3 months	crt.sh
*.yieldlab.net DigiCert SHA2 Secure Server CA	`2022-01-14` - `2023-01-13`	a year	crt.sh
*.ads.yieldmo.com Amazon	`2022-06-02` - `2023-07-01`	a year	crt.sh

This page contains 6 frames:

Primary Page: https://m.helikon.bg/46236-%D0%90%D0%B7-%D1%81%D1%82%D0%B0%D0%B2%D0%B0%D0%BC-%D0%BC%D1%8A%D0%B6.html
Frame ID: 2F424A8C7B301B31D02ECC939B3ADC8C
Requests: 58 HTTP requests in this frame

Frame: https://m.helikon.bg/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1665648000
Frame ID: 2779547BC662E2512607D0379386A308
Requests: 6 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=m.helikon.bg&origin=onetag
Frame ID: FCD554FBA36496535804090FA1342946
Requests: 2 HTTP requests in this frame

Frame: https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-5WrGcdcLwUw4FElOD5RRpxTO90s8RBSJK3IegA&expires=30
Frame ID: 47D58B365BC1AAED344AC183CF2F82FA
Requests: 24 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 50C6F990C804D31770CF4B2E8D423DC7
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: EACAC6000F0891A3EDE19319AF21AFF0
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

《Аз ставам мъж》| Силвия Шнайдер | Книги от онлайн книжарница Хеликон | Книжарници Хеликон

Detected technologies

Google Sign-in (Social logins) Expand

Overall confidence: 100%
Detected patterns

<meta[^>]*google-signin-client_id

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Select2 (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

select2(?:\.min|\.full)?\.js

basket.js (JavaScript Libraries) Expand

Overall confidence: 10%
Detected patterns

basket.*\.js

Page Statistics

88
Requests

88 %
HTTPS

28 %
IPv6

34
Domains

48
Subdomains

39
IPs

9
Countries

1141 kB
Transfer

3476 kB
Size

43
Cookies

13 Outgoing links

These are links going to different origins than the main page.

URL: https://www.helikon.bg/
Title: Helikon.bg

Search URL Search Domain Scan URL

URL: https://lira.bg/
Title: lira.bg

Search URL Search Domain Scan URL

URL: https://i4.helikon.bg/products/6236/04/46236/46236z.jpg?t=1665652551

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.obreey.reader&hl=bg

Search URL Search Domain Scan URL

URL: https://apps.apple.com/us/app/pocketbook-reader-epub-fb2-pdf-djvu-mobi-chm-txt/id805488884

Search URL Search Domain Scan URL

URL: https://www.microsoft.com/en-us/p/overdrive-media-console/9wzdncrfj3t4

Search URL Search Domain Scan URL

URL: https://www.facebook.com/helikon.bg
Title: Helikon.bg във Facebook

Search URL Search Domain Scan URL

URL: https://www.instagram.com/helikonbookstore/?utm_source=ig_profile_share&igshid=p1z4jiivroiq

Search URL Search Domain Scan URL

URL: https://www.helikon.bg/page/pravo-na-otkaz.html
Title: Право на отказ от закупена стока

Search URL Search Domain Scan URL

URL: http://lira.bg/
Title: Lira.bg

Search URL Search Domain Scan URL

URL: https://i.helikon.bg/pravilnik/Obshti%20uslovia_Elif%20Shafak_Helikon.pdf
Title: Общи условия и правила за провеждане на кампания „Как да запазим разума си с роман на Елиф Шафак“

Search URL Search Domain Scan URL

URL: https://i.helikon.bg/pravilnik/Obsti_uslovia_Taloni_oct2022.pdf
Title: ОБЩИ УСЛОВИЯ НА КАМПАНИЯТА “10% ОТСТЪПКА”

Search URL Search Domain Scan URL

URL: https://i.helikon.bg/pravilnik/Pravilnik-Sviat-ot-knigi-06-10-26-10-2022.pdf
Title: Правилник на кампанията „Свят от книги“

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 32

https://track.adform.net/serving/scripts/trackpoint/async/ HTTP 301
https://s2.adform.net/banners/scripts/st/trackpoint-async.js

Request Chain 52

https://gum.criteo.com/sid/json?origin=onetag&domain=helikon.bg&sn=ChromeSyncframe&so=0&topUrl=m.helikon.bg&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=3Vzi23xSUW5nWW9naHZmQWF1R3BTMGxidWx2SlA2aTYxVHJ1ajZZNnlvcURkb1RwRzl5WVNzQVNJd1JEWnNWcXM2Rnh5S0gzVFcwWElQMEhIWHhHREdWekVmc015NlZJRXcvZjc4WXh6bWFkamhPWmtMZzdHcm9XcHFzWVJIa1RlMW1ocnhmTTcyRExCS2hVeCs0b0ZpMjdnKzlCY0o5aXltMzRvNUlVNGRLOTNDai9xRk1iZjZMT1hNcnZ2V05jbUtxMEtKNTdQbldDYllKRzVsbmw3OXBnRDZMYThBclNyeVovS2hKeGdKTFI3S1NQdkJhdkZmM3d2emhSa09EWkthSCswcTJPY2R6eHZXYzdBM0o2RWtMVjhZdz09fA&cppv=2

Request Chain 61

https://track.adform.net/Serving/TrackPoint/?pm=2104384&ADFPageName=Product%20page&ADFdivider=%7C&ord=870439265977&ADFtpmode=2&ecpr=W3sicGlkIjoiNDYyMzYiLCJzdGVwIjoxfV0&loc=https%3A%2F%2Fm.helikon.bg%2F46236-%25D0%2590%25D0%25B7-%25D1%2581%25D1%2582%25D0%25B0%25D0%25B2%25D0%25B0%25D0%25BC-%25D0%25BC%25D1%258A%25D0%25B6.htm&Set1=en-US%7Cen-US%7C1600x1200%7C24 HTTP 302
https://track.adform.net/Serving/TrackPoint/?CC=1&pm=2104384&ADFPageName=Product%20page&ADFdivider=%7C&ord=870439265977&ADFtpmode=2&ecpr=W3sicGlkIjoiNDYyMzYiLCJzdGVwIjoxfV0&loc=https%3A%2F%2Fm.helikon.bg%2F46236-%25D0%2590%25D0%25B7-%25D1%2581%25D1%2582%25D0%25B0%25D0%25B2%25D0%25B0%25D0%25BC-%25D0%25BC%25D1%258A%25D0%25B6.htm&Set1=en-US%7Cen-US%7C1600x1200%7C24

Request Chain 63

https://x.bidswitch.net/sync?dsp_id=46&user_id=k-5WrGcdcLwUw4FElOD5RRpxTO90s8RBSJK3IegA&expires=30 HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-5WrGcdcLwUw4FElOD5RRpxTO90s8RBSJK3IegA&expires=30

Request Chain 64

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-jhXxD9cLwUw4FElOD5RRpxTO90uynIdkA_oiFw&google_cm&google_hm=ay1qaFh4RDljTHdVdzRGRWxPRDVSUnB4VE85MHV5bklka0Ffb2lGdw HTTP 302
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-jhXxD9cLwUw4FElOD5RRpxTO90uynIdkA_oiFw&google_gid=CAESEP20B061gB6suo1jYRi78Bs&google_cver=1&google_ula=913071,0

Request Chain 65

https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID HTTP 302
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=6249517672672026411

Request Chain 66

https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-BLghNdcLwUw4FElOD5RRpxTO90vJv0muWYwRgg HTTP 302
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-BLghNdcLwUw4FElOD5RRpxTO90vJv0muWYwRgg&C=1

Request Chain 67

https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-_hW7VNcLwUw4FElOD5RRpxTO90sbjty1x5RE3g HTTP 302
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-_hW7VNcLwUw4FElOD5RRpxTO90sbjty1x5RE3g

Request Chain 78

https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-XV4-VdcLwUw4FElOD5RRpxTO90tJD3Vaq-9imQ HTTP 302
https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-XV4-VdcLwUw4FElOD5RRpxTO90tJD3Vaq-9imQ&verify=true

Request Chain 83

https://gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40 HTTP 302
https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=ApaHfv5qm4R_VLyuFAlvBZkTCP8pZpPI

Request Chain 86

https://gum.criteo.com/sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40 HTTP 302
https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=In3Mu53nCTKkzlmTFf-v0kkvwh-KDtbT

88 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request 46236-%D0%90%D0%B7-%D1%81%D1%82%D0%B0%D0%B2%D0%B0%D0%BC-%D0%BC%D1%8A%D0%B6.html Show response
m.helikon.bg/ 2 MB
383 KB 780ms
616ms Document
text/html 2606:4700:3108::ac42:2b9b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://m.helikon.bg/46236-%D0%90%D0%B7-%D1%81%D1%82%D0%B0%D0%B2%D0%B0%D0%BC-%D0%BC%D1%8A%D0%B6.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:2b9b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4e62e0b35b0c150c771f204ce5d59f245b1e988b54bb9e3f6061cee648aa6fc8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7597073fda4f690a-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 13 Oct 2022 09:25:30 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
server: cloudflare
strict-transport-security: max-age=15768000
vary: Accept-Encoding
x-xss-protection: 1; mode=block

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eeb876caee6a7c0c094d07a7fbe152f6001dfb930c36dbd6988c394d12364b6c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 46236z.jpg
i4.helikon.bg/products/6236/04/46236/ 11 KB
12 KB 85ms
46ms Image
image/jpeg 2606:4700:3108::ac42:2b9b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i4.helikon.bg/products/6236/04/46236/46236z.jpg?h=263&t=1665652551
Requested by: Host: m.helikon.bg
URL: https://m.helikon.bg/46236-%D0%90%D0%B7-%D1%81%D1%82%D0%B0%D0%B2%D0%B0%D0%BC-%D0%BC%D1%8A%D0%B6.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3108::ac42:2b9b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5910f7a9de7182dd7dd736153cc380b09068d01cb742300127edb13e7a93f560

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.helikon.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 09:25:30 GMT
cf-cache-status: HIT
cf-bgj: imgq:100,h2pri
last-modified: Sun, 15 Jan 2012 12:57:27 GMT
server: cloudflare
age: 15
cf-polished: origSize=11774, status=webp_bigger
etag: W/"4f12cd37-388b"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=31536000
cf-ray: 759707447bde690a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Fri, 13 Oct 2023 09:08:25 GMT

GET
H2 200 add_basket.jpg
i.helikon.bg/new_buttons2/ 869 B
1 KB 50ms
38ms Image
image/jpeg 2606:4700:3108::ac42:2b9b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.helikon.bg/new_buttons2/add_basket.jpg
Requested by: Host: m.helikon.bg
URL: https://m.helikon.bg/46236-%D0%90%D0%B7-%D1%81%D1%82%D0%B0%D0%B2%D0%B0%D0%BC-%D0%BC%D1%8A%D0%B6.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3108::ac42:2b9b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3a6d3ecab89ec91612dbdcf15abdee5278c537aeb3ecee787d420d82f116b280

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.helikon.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 09:25:30 GMT
cf-cache-status: HIT
cf-bgj: imgq:100,h2pri
last-modified: Tue, 07 Apr 2020 13:13:05 GMT
server: cloudflare
age: 1907613
cf-polished: origSize=1139, status=webp_bigger
etag: W/"5e8c7c61-adc"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=31536000
cf-ray: 759707445b76690a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 21 Sep 2023 07:15:20 GMT

GET
DATA 200
OK truncated
/ 29 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 47ea4d99256f2275b8a7938a3c0efd6573a198a9aad65585abb9022f18c29a40

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
H2 200 email-decode.min.js Show response
m.helikon.bg/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
851 B 22ms
21ms Script
application/javascript 2606:4700:3108::ac42:2b9b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://m.helikon.bg/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: m.helikon.bg
URL: https://m.helikon.bg/46236-%D0%90%D0%B7-%D1%81%D1%82%D0%B0%D0%B2%D0%B0%D0%BC-%D0%BC%D1%8A%D0%B6.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:2b9b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.helikon.bg/46236-%D0%90%D0%B7-%D1%81%D1%82%D0%B0%D0%B2%D0%B0%D0%BC-%D0%BC%D1%8A%D0%B6.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 09:25:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 07 Oct 2022 16:51:16 GMT
server: cloudflare
etag: W/"63405904-4d7"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 759707445b62690a-FRA
expires: Sat, 15 Oct 2022 09:25:30 GMT

GET
H2 200 com.obreey.reader.png
i.helikon.bg/ 4 KB
4 KB 41ms
41ms Image
image/webp 2606:4700:3108::ac42:2b9b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.helikon.bg/com.obreey.reader.png
Requested by: Host: m.helikon.bg
URL: https://m.helikon.bg/46236-%D0%90%D0%B7-%D1%81%D1%82%D0%B0%D0%B2%D0%B0%D0%BC-%D0%BC%D1%8A%D0%B6.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3108::ac42:2b9b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ec955c146d567c86866ac4ab20e0b291243d3a890595bbc46c14ce5ea0d00351

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.helikon.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 09:25:30 GMT
cf-cache-status: HIT
cf-bgj: imgq:100,h2pri
last-modified: Fri, 10 Jul 2020 14:40:50 GMT
server: cloudflare
age: 1905711
cf-polished: origFmt=png, origSize=7814
etag: W/"5f087df2-1e86"
vary: Accept
content-type: image/webp
cache-control: public, max-age=31536000
content-disposition: inline; filename="com.webp"
cf-ray: 759707445b7c690a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 21 Sep 2023 07:15:20 GMT

GET
H2 200 pocketbook-reader-epub-fb2-pdf.png
i.helikon.bg/ 3 KB
4 KB 36ms
36ms Image
image/webp 2606:4700:3108::ac42:2b9b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.helikon.bg/pocketbook-reader-epub-fb2-pdf.png
Requested by: Host: m.helikon.bg
URL: https://m.helikon.bg/46236-%D0%90%D0%B7-%D1%81%D1%82%D0%B0%D0%B2%D0%B0%D0%BC-%D0%BC%D1%8A%D0%B6.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3108::ac42:2b9b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bcd489b31e182215b44326f95a9472676a917e63fb20e70510c6f21be7f9c772

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.helikon.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 09:25:30 GMT
cf-cache-status: HIT
cf-bgj: imgq:100,h2pri
last-modified: Fri, 10 Jul 2020 14:40:46 GMT
server: cloudflare
age: 652008
cf-polished: origFmt=png, origSize=9988
etag: W/"5f087dee-2704"
vary: Accept
content-type: image/webp
cache-control: public, max-age=31536000
content-disposition: inline; filename="pocketbook-reader-epub-fb2-pdf.webp"
cf-ray: 759707445b79690a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Fri, 22 Sep 2023 23:46:09 GMT

GET
H2 200 Instagram.png
i.helikon.bg/ 2 KB
2 KB 32ms
32ms Image
image/webp 2606:4700:3108::ac42:2b9b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.helikon.bg/Instagram.png
Requested by: Host: m.helikon.bg
URL: https://m.helikon.bg/46236-%D0%90%D0%B7-%D1%81%D1%82%D0%B0%D0%B2%D0%B0%D0%BC-%D0%BC%D1%8A%D0%B6.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3108::ac42:2b9b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2d4367f7d7fb24c411adaabc28e2c0c8f1632d159f349b30fe1ea9cf3303b336

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.helikon.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 09:25:30 GMT
cf-cache-status: HIT
cf-bgj: imgq:100,h2pri
last-modified: Fri, 11 Jan 2019 11:21:56 GMT
server: cloudflare
age: 1907613
cf-polished: origFmt=png, origSize=2206
etag: W/"5c387c54-89e"
vary: Accept
content-type: image/webp
cache-control: public, max-age=31536000
content-disposition: inline; filename="Instagram.webp"
cf-ray: 759707445b7f690a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 21 Sep 2023 07:15:03 GMT

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9e884a1ce37de935762983afa009018437764a7db6a0a9667c0926dac407a640

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 OpenSans-Regular.woff2
m.helikon.bg/templates/design/fonts/ 49 KB
49 KB 45ms
44ms Font
application/octet-stream 2606:4700:3108::ac42:2b9b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://m.helikon.bg/templates/design/fonts/OpenSans-Regular.woff2
Requested by: Host: m.helikon.bg
URL: https://m.helikon.bg/46236-%D0%90%D0%B7-%D1%81%D1%82%D0%B0%D0%B2%D0%B0%D0%BC-%D0%BC%D1%8A%D0%B6.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3108::ac42:2b9b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e56451053236d0609126126105fb30ab407aa253673309b791c9e2cb58b274d3

Request headers

Referer: https://m.helikon.bg/46236-%D0%90%D0%B7-%D1%81%D1%82%D0%B0%D0%B2%D0%B0%D0%BC-%D0%BC%D1%8A%D0%B6.html
Origin: https://m.helikon.bg
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 09:25:30 GMT
cf-cache-status: HIT
last-modified: Tue, 02 Apr 2019 13:28:30 GMT
server: cloudflare
age: 1905884
etag: "5ca3637e-c420"
vary: Accept-Encoding
content-type: application/octet-stream
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 759707445b8c690a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 50208
expires: Thu, 21 Sep 2023 07:31:25 GMT

GET
H2 200 fontawesome-webfont.woff2
m.helikon.bg/templates/design/fonts/ 75 KB
76 KB 35ms
35ms Font
application/octet-stream 2606:4700:3108::ac42:2b9b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://m.helikon.bg/templates/design/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by: Host: m.helikon.bg
URL: https://m.helikon.bg/46236-%D0%90%D0%B7-%D1%81%D1%82%D0%B0%D0%B2%D0%B0%D0%BC-%D0%BC%D1%8A%D0%B6.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3108::ac42:2b9b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer: https://m.helikon.bg/46236-%D0%90%D0%B7-%D1%81%D1%82%D0%B0%D0%B2%D0%B0%D0%BC-%D0%BC%D1%8A%D0%B6.html
Origin: https://m.helikon.bg
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 09:25:30 GMT
cf-cache-status: HIT
last-modified: Tue, 02 Apr 2019 13:28:30 GMT
server: cloudflare
age: 644546
etag: "5ca3637e-12d68"
vary: Accept-Encoding
content-type: application/octet-stream
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 759707445b90690a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 77160
expires: Thu, 05 Oct 2023 20:34:06 GMT

GET
H2 200 OpenSansCondensed-Bold.woff2
m.helikon.bg/templates/design/fonts/ 56 KB
56 KB 38ms
38ms Font
application/octet-stream 2606:4700:3108::ac42:2b9b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://m.helikon.bg/templates/design/fonts/OpenSansCondensed-Bold.woff2
Requested by: Host: m.helikon.bg
URL: https://m.helikon.bg/46236-%D0%90%D0%B7-%D1%81%D1%82%D0%B0%D0%B2%D0%B0%D0%BC-%D0%BC%D1%8A%D0%B6.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3108::ac42:2b9b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b467a2d7cfb71acd244f227c7eed566b15b27d5e2518b6f2ef49dc788436a789

Request headers

Referer: https://m.helikon.bg/46236-%D0%90%D0%B7-%D1%81%D1%82%D0%B0%D0%B2%D0%B0%D0%BC-%D0%BC%D1%8A%D0%B6.html
Origin: https://m.helikon.bg
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 09:25:30 GMT
cf-cache-status: HIT
last-modified: Tue, 02 Apr 2019 13:28:30 GMT
server: cloudflare
age: 450598
etag: "5ca3637e-de18"
vary: Accept-Encoding
content-type: application/octet-stream
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 759707446b92690a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 56856
expires: Thu, 21 Sep 2023 07:31:25 GMT

GET
H2 200 select2.css
m.helikon.bg/templates/design/select2/dist/css/ 15 KB
2 KB 39ms
38ms Stylesheet
text/css 2606:4700:3108::ac42:2b9b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://m.helikon.bg/templates/design/select2/dist/css/select2.css
Requested by: Host: m.helikon.bg
URL: https://m.helikon.bg/46236-%D0%90%D0%B7-%D1%81%D1%82%D0%B0%D0%B2%D0%B0%D0%BC-%D0%BC%D1%8A%D0%B6.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3108::ac42:2b9b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e90567ca798874fbcc1d8a0ee7493ce3c7d03f9646ac22e79f9d8d1314fda512

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.helikon.bg/46236-%D0%90%D0%B7-%D1%81%D1%82%D0%B0%D0%B2%D0%B0%D0%BC-%D0%BC%D1%8A%D0%B6.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 09:25:30 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Tue, 22 Feb 2022 19:20:55 GMT
server: cloudflare
age: 1905883
cf-polished: origSize=17696
etag: W/"62153797-4520"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000
cf-ray: 759707447bd2690a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 21 Sep 2023 07:31:25 GMT

GET
DATA 200
OK truncated
/ 12 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d0a42c5d7b4bc04b2d9725cf9d4527579c4f032b43cc9af5fb5735dca5bb7ec0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 rocket-loader.min.js Show response
m.helikon.bg/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
4 KB 28ms
28ms Script
application/javascript 2606:4700:3108::ac42:2b9b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://m.helikon.bg/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: m.helikon.bg
URL: https://m.helikon.bg/46236-%D0%90%D0%B7-%D1%81%D1%82%D0%B0%D0%B2%D0%B0%D0%BC-%D0%BC%D1%8A%D0%B6.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3108::ac42:2b9b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.helikon.bg/46236-%D0%90%D0%B7-%D1%81%D1%82%D0%B0%D0%B2%D0%B0%D0%BC-%D0%BC%D1%8A%D0%B6.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 09:25:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 07 Oct 2022 16:51:16 GMT
server: cloudflare
etag: W/"63405904-302c"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 75970744a9788fdd-FRA
expires: Sat, 15 Oct 2022 09:25:30 GMT

GET
H2 200 v652eace1692a40cfa3763df669d7439c1639079717194 Show response
static.cloudflareinsights.com/beacon.min.js/ 14 KB
5 KB 127ms
84ms Script
text/javascript 2606:4700:440e::ac40:9c1a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194
Requested by: Host: m.helikon.bg
URL: https://m.helikon.bg/46236-%D0%90%D0%B7-%D1%81%D1%82%D0%B0%D0%B2%D0%B0%D0%BC-%D0%BC%D1%8A%D0%B6.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:440e::ac40:9c1a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505

Request headers

Referer: https://m.helikon.bg/
Origin: https://m.helikon.bg
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 09:25:31 GMT
content-encoding: gzip
last-modified: Thu, 09 Dec 2021 19:55:17 GMT
server: cloudflare
etag: W/2021.12.0
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 75970744eb149170-FRA

GET
H2 200 conversion.js Show response
www.googleadservices.com/pagead/ 45 KB
17 KB 105ms
39ms Script
text/javascript 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion.js

Requested by

Host: m.helikon.bg
URL: https://m.helikon.bg/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f194.1e100.net

Software

cafe /

Resource Hash

44f327eeeb995eabd2810452b355ca82979280a4d7def1bd980d3897e6999af6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.helikon.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 09:25:31 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16840
x-xss-protection: 0
server: cafe
etag: 11313833467736987248
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 13 Oct 2022 09:25:31 GMT

GET
H3 200 select2.js Show response
m.helikon.bg/templates/design/select2/dist/js/ 92 KB
23 KB 69ms
69ms Script
application/javascript 2606:4700:3108::ac42:2b9b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://m.helikon.bg/templates/design/select2/dist/js/select2.js
Requested by: Host: m.helikon.bg
URL: https://m.helikon.bg/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3108::ac42:2b9b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b9dbd2945796927d9e685e4600d3f7a583f38fa1f306302c5f92deb45c9f488c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.helikon.bg/46236-%D0%90%D0%B7-%D1%81%D1%82%D0%B0%D0%B2%D0%B0%D0%BC-%D0%BC%D1%8A%D0%B6.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 09:25:31 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Tue, 22 Feb 2022 19:20:56 GMT
server: cloudflare
age: 1907614
cf-polished: origSize=142796
etag: W/"62153798-22dcc"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 759707452a7f8fdd-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 21 Sep 2023 07:31:25 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 115 KB
46 KB 81ms
32ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-987939168

Requested by

Host: m.helikon.bg
URL: https://m.helikon.bg/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e10e73150f3df422a4303b6ce5748b02a8606ab9617d7826f1ac21a566cb898d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.helikon.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 09:25:31 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46748
x-xss-protection: 0
last-modified: Thu, 13 Oct 2022 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 13 Oct 2022 09:25:31 GMT

GET
H3 200 invisible.js Show response
m.helikon.bg/cdn-cgi/challenge-platform/h/g/scripts/alpha/ Frame 2779 34 KB
12 KB 53ms
53ms Script
application/javascript 2606:4700:3108::ac42:2b9b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://m.helikon.bg/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1665648000
Requested by: Host: m.helikon.bg
URL: https://m.helikon.bg/46236-%D0%90%D0%B7-%D1%81%D1%82%D0%B0%D0%B2%D0%B0%D0%BC-%D0%BC%D1%8A%D0%B6.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3108::ac42:2b9b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ce2236196b9592dbb084227aa99ba435c6b94e24948773780b1a95992cca7585

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 09:25:31 GMT
content-encoding: br
server: cloudflare
vary: accept-encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
x-control-type-options: nosniff
cf-ray: 759707457b168fdd-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 logo.png
m.helikon.bg/templates/design/img/ 3 KB
3 KB 34ms
34ms Image
image/webp 2606:4700:3108::ac42:2b9b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://m.helikon.bg/templates/design/img/logo.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3108::ac42:2b9b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 99a3fbeda3b74d3bd0a2ab6d0b49ea376959b31f0785dba6f03db6ce536c94bf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.helikon.bg/46236-%D0%90%D0%B7-%D1%81%D1%82%D0%B0%D0%B2%D0%B0%D0%BC-%D0%BC%D1%8A%D0%B6.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 09:25:31 GMT
cf-cache-status: HIT
cf-bgj: imgq:100,h2pri
last-modified: Wed, 03 Feb 2021 10:16:37 GMT
server: cloudflare
age: 619601
cf-polished: origFmt=png, origSize=5156
etag: W/"601a7805-1424"
vary: Accept
content-type: image/webp
cache-control: public, max-age=31536000
content-disposition: inline; filename="logo.webp"
cf-ray: 75970745ab708fdd-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Fri, 22 Sep 2023 22:03:37 GMT

GET
H2 200 198775z.jpg
i2.helikon.bg/products/8775/19/198775/ 11 KB
11 KB 87ms
44ms Image
image/jpeg 2606:4700:3108::ac42:2b9b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i2.helikon.bg/products/8775/19/198775/198775z.jpg?w=190&t=1665652551
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3108::ac42:2b9b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 174c0dbd55a5bc3930f2299f4b84537d672905d1d6d9ac64ce06e61805fb1021

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.helikon.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 09:25:31 GMT
cf-cache-status: HIT
cf-bgj: imgq:100,h2pri
last-modified: Fri, 29 Jan 2016 10:39:38 GMT
server: cloudflare
age: 16
cf-polished: origSize=11577, status=webp_bigger
etag: W/"56ab416a-688a"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=31536000
cf-ray: 75970745eecb690a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Fri, 13 Oct 2023 09:08:25 GMT

GET
H2 200 221202z.jpg
i5.helikon.bg/products/1202/22/221202/ 15 KB
16 KB 54ms
42ms Image
image/jpeg 2606:4700:3108::ac42:2b9b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i5.helikon.bg/products/1202/22/221202/221202z.jpg?w=190&t=1665652551
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3108::ac42:2b9b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d8779b647ad8c973b761a9de57848d3214a2d73074382871d5008f12999c5827

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.helikon.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 09:25:31 GMT
cf-cache-status: HIT
cf-bgj: imgq:100,h2pri
last-modified: Fri, 25 Oct 2019 14:00:12 GMT
server: cloudflare
age: 16
cf-polished: origSize=15995, status=webp_bigger
etag: W/"5db2ffec-8d84"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=31536000
cf-ray: 75970745be60690a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Fri, 13 Oct 2023 09:08:25 GMT

GET
H2 200 9549891z.jpg
i2.helikon.bg/products/8081/22/228081/ 13 KB
13 KB 87ms
45ms Image
image/jpeg 2606:4700:3108::ac42:2b9b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i2.helikon.bg/products/8081/22/228081/9549891z.jpg?w=190&t=1665652551
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3108::ac42:2b9b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4bfb265272b0589d58e92c83cbdb4cf95be97fc3538c8d4348be19eb172b7261

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.helikon.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 09:25:31 GMT
cf-cache-status: HIT
cf-bgj: imgq:100,h2pri
last-modified: Sun, 14 Mar 2021 10:34:20 GMT
server: cloudflare
age: 16
cf-polished: origSize=13140, status=webp_bigger
etag: W/"604de6ac-7a29"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=31536000
cf-ray: 75970745eed1690a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Fri, 13 Oct 2023 09:08:25 GMT

GET
H3 200 231236z.jpg
i4.helikon.bg/products/1236/23/231236/ 18 KB
18 KB 39ms
39ms Image
image/jpeg 2606:4700:3108::ac42:2b9b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i4.helikon.bg/products/1236/23/231236/231236z.jpg?w=190&t=1665652551
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3108::ac42:2b9b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 21e68cdcaf1ece434adc8645b05dd048cbbf341ff2fa389e012463116bfb5c7a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.helikon.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 09:25:31 GMT
cf-cache-status: HIT
cf-bgj: imgq:100,h2pri
last-modified: Tue, 12 Oct 2021 07:27:22 GMT
server: cloudflare
age: 16
cf-polished: origSize=18755, status=webp_bigger
etag: W/"616538da-aa0c"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=31536000
cf-ray: 75970745ab758fdd-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Fri, 13 Oct 2023 09:08:25 GMT

GET
H2 200 tfa.js Show response
cdn.taboola.com/libtrc/unip/1374407/ 57 KB
18 KB 72ms
21ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/unip/1374407/tfa.js
Requested by: Host: m.helikon.bg
URL: https://m.helikon.bg/46236-%D0%90%D0%B7-%D1%81%D1%82%D0%B0%D0%B2%D0%B0%D0%BC-%D0%BC%D1%8A%D0%B6.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3d197bc455badd3cf032bca0048a206e2b1a977cf3bdaa01a6bce3a639595c3f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.helikon.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-amz-version-id: f7eJ.Hwz1WnWiqotdo.wuER.vbsEj_pU
content-encoding: gzip
via: 1.1 varnish
date: Thu, 13 Oct 2022 09:25:31 GMT
x-amz-request-id: YTQJHAD2HZKC29S3
age: 112
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 17964
x-amz-id-2: P3BOe7rk9ht8a5gTIkxqvFKWtMDXxcbVQDEpfr7JfQRFUNOATWQ+Qt6rdAVE6wpVErneBGlCFgU=
x-served-by: cache-hhn4074-HHN
last-modified: Sun, 09 Oct 2022 11:03:19 GMT
server: AmazonS3
x-timer: S1665653131.245567,VS0,VE1
etag: "c015fe0f8775f9c2aa82f592100f983d"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 47
cache-control: private,max-age=14401
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 101 KB
27 KB 72ms
21ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: m.helikon.bg
URL: https://m.helikon.bg/46236-%D0%90%D0%B7-%D1%81%D1%82%D0%B0%D0%B2%D0%B0%D0%BC-%D0%BC%D1%8A%D0%B6.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b81cc6d28cbf3df9c6127a05a865bef0842d917507cce946712974e748110957

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.helikon.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 13 Oct 2022 09:25:31 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26852
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: TkgD+H/Vh0zPv32DW5j4s98gKbULkbUIfr5B7/ulSJsasSCyzM3h/fj9YEYABac24+JNLA9Sg2ZXba0ku70Z9A==
x-fb-trip-id: 917726464
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 66ms
19ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: m.helikon.bg
URL: https://m.helikon.bg/46236-%D0%90%D0%B7-%D1%81%D1%82%D0%B0%D0%B2%D0%B0%D0%BC-%D0%BC%D1%8A%D0%B6.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.helikon.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 13 Oct 2022 09:15:57 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 574
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Thu, 13 Oct 2022 11:15:57 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame FCD5 15 KB
6 KB 239ms
47ms Document
text/html 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?topUrl=m.helikon.bg&origin=onetag

Requested by

Host: m.helikon.bg
URL: https://m.helikon.bg/46236-%D0%90%D0%B7-%D1%81%D1%82%D0%B0%D0%B2%D0%B0%D0%BC-%D0%BC%D1%8A%D0%B6.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

639785aa0d683a5d24bcbe96629d8d07fd8eefd12499bd97606e65f9373a5112

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://m.helikon.bg/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 13 Oct 2022 09:25:30 GMT
server: Kestrel
server-processing-duration-in-ticks: 881423
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 41 KB
15 KB 84ms
37ms Script
text/javascript 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-987939168

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f194.1e100.net

Software

cafe /

Resource Hash

f42283e0ca17a52688c5250e714ecd1b6a53af8b0f6e54ac64546499b0ec1b19

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.helikon.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 09:25:31 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15192
x-xss-protection: 0
server: cafe
etag: 699633608045481581
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 13 Oct 2022 09:25:31 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/987939168/ 3 KB
2 KB 84ms
34ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/987939168/?random=1665653131212&cv=9&fst=1665653131212&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=375603260&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&data=dynx_itemid%3D46236%3Bdynx_pagetype%3Dofferdetail&frm=0&url=https%3A%2F%2Fm.helikon.bg%2F46236-%25D0%2590%25D0%25B7-%25D1%2581%25D1%2582%25D0%25B0%25D0%25B2%25D0%25B0%25D0%25BC-%25D0%25BC%25D1%258A%25D0%25B6.html&tiba=%E3%80%8A%D0%90%D0%B7%20%D1%81%D1%82%D0%B0%D0%B2%D0%B0%D0%BC%20%D0%BC%D1%8A%D0%B6%E3%80%8B%7C%20%D0%A1%D0%B8%D0%BB%D0%B2%D0%B8%D1%8F%20%D0%A8%D0%BD%D0%B0%D0%B9%D0%B4%D0%B5%D1%80%20%7C%20%D0%9A%D0%BD%D0%B8%D0%B3%D0%B8%20%D0%BE%D1%82%20%D0%BE%D0%BD%D0%BB&hn=www.googleadservices.com&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

10858af95871c9f93285f3a47c5039499d7f6c1ee83f1961c48fc6d18ef53b93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.helikon.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Oct 2022 09:25:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1159
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ 120 KB
46 KB 80ms
38ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KTCW3G3

Requested by

Host: m.helikon.bg
URL: https://m.helikon.bg/46236-%D0%90%D0%B7-%D1%81%D1%82%D0%B0%D0%B2%D0%B0%D0%BC-%D0%BC%D1%8A%D0%B6.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

764e2aef64de10bd83db3f656925d58035e9598cd41c8b644c1ac45146935704

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.helikon.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 09:25:31 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47470
x-xss-protection: 0
last-modified: Thu, 13 Oct 2022 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 13 Oct 2022 09:25:31 GMT

GET
H2

200

trackpoint-async.js Show response
s2.adform.net/banners/scripts/st/
Redirect Chain

https://track.adform.net/serving/scripts/trackpoint/async/
https://s2.adform.net/banners/scripts/st/trackpoint-async.js

78 KB
30 KB

270ms
39ms

Script
application/javascript

37.157.2.249
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s2.adform.net/banners/scripts/st/trackpoint-async.js
Protocol: H2
Server: 37.157.2.249 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 45e0091e57ff659d0fe0711a43960d08bd5cf99b6f83e88eafa390fa6770192c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.helikon.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 09:25:31 GMT
content-encoding: gzip
last-modified: Wed, 05 Oct 2022 12:23:24 GMT
server: nginx
x-amz-request-id: tx0000063468776c9b679d3-006347c601-32940f80-default
etag: W/"4cb8e818a3c8dda5fd80d6d9a55d958d"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-rgw-object-type: Normal
cache-control: public, max-age=604800

Redirect headers

location: https://s2.adform.net/banners/scripts/st/trackpoint-async.js
date: Thu, 13 Oct 2022 09:25:31 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
content-type: text/html

GET
H3 200 reviews.php Show response
m.helikon.bg/ajax/ 0
250 B 559ms
559ms XHR
text/html 2606:4700:3108::ac42:2b9b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://m.helikon.bg/ajax/reviews.php?view=46236

Requested by

Host: m.helikon.bg
URL: https://m.helikon.bg/46236-%D0%90%D0%B7-%D1%81%D1%82%D0%B0%D0%B2%D0%B0%D0%BC-%D0%BC%D1%8A%D0%B6.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3108::ac42:2b9b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://m.helikon.bg/46236-%D0%90%D0%B7-%D1%81%D1%82%D0%B0%D0%B2%D0%B0%D0%BC-%D0%BC%D1%8A%D0%B6.html
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Oct 2022 09:25:31 GMT
strict-transport-security: max-age=15768000
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
cache-control: no-store, no-cache, must-revalidate
cf-ray: 759707462c568fdd-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H3 200 invisible.js Show response
m.helikon.bg/cdn-cgi/challenge-platform/h/g/scripts/alpha/ Frame 2779 39 KB
14 KB 29ms
29ms Script
application/javascript 2606:4700:3108::ac42:2b9b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://m.helikon.bg/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1665648000
Requested by: Host: m.helikon.bg
URL: https://m.helikon.bg/46236-%D0%90%D0%B7-%D1%81%D1%82%D0%B0%D0%B2%D0%B0%D0%BC-%D0%BC%D1%8A%D0%B6.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3108::ac42:2b9b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fe94f9b6dadf65e13ff1115e97a1ad766790503543096ac739bf770bbaa2b865

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 09:25:31 GMT
content-encoding: br
server: cloudflare
vary: accept-encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
x-control-type-options: nosniff
cf-ray: 759707462c5a8fdd-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

POST
H3 200 rum Show response
m.helikon.bg/cdn-cgi/ 0
164 B 26ms
26ms XHR
text/plain 2606:4700:3108::ac42:2b9b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://m.helikon.bg/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3108::ac42:2b9b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://m.helikon.bg/46236-%D0%90%D0%B7-%D1%81%D1%82%D0%B0%D0%B2%D0%B0%D0%BC-%D0%BC%D1%8A%D0%B6.html
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
content-type: application/json

Response headers

date: Thu, 13 Oct 2022 09:25:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://m.helikon.bg
content-type: text/plain
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 759707464c7b8fdd-FRA

GET
H3 200 pica.js
m.helikon.bg/cdn-cgi/challenge-platform/h/g/scripts/ Frame 2779 21 KB
8 KB 27ms
26ms Other
application/javascript 2606:4700:3108::ac42:2b9b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://m.helikon.bg/cdn-cgi/challenge-platform/h/g/scripts/pica.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3108::ac42:2b9b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2033ec88dd7a244b7df174791b9f9f13da99bf92a36fc6b612bb13a6e14a82a0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 09:25:31 GMT
content-encoding: br
server: cloudflare
vary: accept-encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
x-control-type-options: nosniff
cf-ray: 759707464c7e8fdd-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 pica.js
m.helikon.bg/cdn-cgi/challenge-platform/h/g/scripts/ Frame 2779 21 KB
8 KB 27ms
27ms Other
application/javascript 2606:4700:3108::ac42:2b9b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://m.helikon.bg/cdn-cgi/challenge-platform/h/g/scripts/pica.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3108::ac42:2b9b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 65e6f0b01b58f5ac163324b375bfee269240fe131ac02ddac860bbf1fbfef37c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 09:25:31 GMT
content-encoding: br
server: cloudflare
vary: accept-encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
x-control-type-options: nosniff
cf-ray: 759707467cd38fdd-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 json Show response
trc.taboola.com/1374407/trc/3/ 1 KB
1 KB 48ms
40ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/1374407/trc/3/json?tim=1665653131270&data=%7B%22id%22%3A387%2C%22ii%22%3A%22%2F46236-%25d0%2590%25d0%25b7-%25d1%2581%25d1%2582%25d0%25b0%25d0%25b2%25d0%25b0%25d0%25bc-%25d0%25bc%25d1%258a%25d0%25b6.html%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1665653131263%2C%22cv%22%3A%2220221006-24-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fm.helikon.bg%2F46236-%25D0%2590%25D0%25B7-%25D1%2581%25D1%2582%25D0%25B0%25D0%25B2%25D0%25B0%25D0%25BC-%25D0%25BC%25D1%258A%25D0%25B6.html%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dtdg-advertisebgeood2384tmarketbg%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1665653131269%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Fm.helikon.bg%2F46236-%25D0%2590%25D0%25B7-%25D1%2581%25D1%2582%25D0%25B0%25D0%25B2%25D0%25B0%25D0%25BC-%25D0%25BC%25D1%258A%25D0%25B6.html%22%2C%22tos%22%3A2%2C%22ssd%22%3A1%2C%22scd%22%3A57%2C%22supv%22%3Atrue%7D%7D&pubit=i
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1374407/tfa.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: d60e90ca5b2f5f56653e7b22315ee3115b098a5af519be65b1982d432c15b92c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.helikon.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-vcl-time-ms: 21
date: Thu, 13 Oct 2022 09:25:31 GMT
content-encoding: gzip
via: 1.1 varnish
x-served-by: cache-hhn4074-HHN
server: nginx
x-timer: S1665653131.289561,VS0,VE21
vary: Accept-Encoding
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
content-type: application/javascript; charset=utf-8
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H3 200 ec.js Show response
www.google-analytics.com/plugins/ua/ 3 KB
1 KB 68ms
22ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/ec.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.helikon.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 08:58:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1605
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1129
x-xss-protection: 0
last-modified: Thu, 30 Dec 2021 12:48:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 13 Oct 2022 09:58:46 GMT

GET
H3 200 539134586525496 Show response
connect.facebook.net/signals/config/ 293 KB
84 KB 46ms
22ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/539134586525496?v=2.9.84&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f0bca4f24567d5a9ba027d5fe79c856b40777e989a1a9996df044188cd1b3b8d

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.helikon.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 13 Oct 2022 09:25:31 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 85871
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: 32vaZ3fHKe3lKC2TJ4aJufGI5DFuLT7TW6DyBa81J6k7PhepzHLWSVhegDnn1rn+NLuQzWfyNBDsS6GdLh7zXw==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/987939168/ 3 KB
1 KB 121ms
74ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/987939168/?random=1665653131298&cv=9&fst=1665653131298&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaaa0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fm.helikon.bg%2F46236-%25D0%2590%25D0%25B7-%25D1%2581%25D1%2582%25D0%25B0%25D0%25B2%25D0%25B0%25D0%25BC-%25D0%25BC%25D1%258A%25D0%25B6.html&tiba=%E3%80%8A%D0%90%D0%B7%20%D1%81%D1%82%D0%B0%D0%B2%D0%B0%D0%BC%20%D0%BC%D1%8A%D0%B6%E3%80%8B%7C%20%D0%A1%D0%B8%D0%BB%D0%B2%D0%B8%D1%8F%20%D0%A8%D0%BD%D0%B0%D0%B9%D0%B4%D0%B5%D1%80%20%7C%20%D0%9A%D0%BD%D0%B8%D0%B3%D0%B8%20%D0%BE%D1%82%20%D0%BE%D0%BD%D0%BB&auid=1562521024.1665653131&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

660a1f59aa3e3929346462a74d45f5039a1b5087347217215800e3de0f979911

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.helikon.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Oct 2022 09:25:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1154
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/987939168/ 3 KB
1 KB 122ms
76ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/987939168/?random=1665653131300&cv=9&fst=1665653131300&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaaa0&sendb=1&ig=1&data=event%3Dpage_view%3Bdynx_itemid%3D46236%3Bdynx_itemid2%3D%3Bdynx_pagetype%3Dofferdetail&frm=0&url=https%3A%2F%2Fm.helikon.bg%2F46236-%25D0%2590%25D0%25B7-%25D1%2581%25D1%2582%25D0%25B0%25D0%25B2%25D0%25B0%25D0%25BC-%25D0%25BC%25D1%258A%25D0%25B6.html&tiba=%E3%80%8A%D0%90%D0%B7%20%D1%81%D1%82%D0%B0%D0%B2%D0%B0%D0%BC%20%D0%BC%D1%8A%D0%B6%E3%80%8B%7C%20%D0%A1%D0%B8%D0%BB%D0%B2%D0%B8%D1%8F%20%D0%A8%D0%BD%D0%B0%D0%B9%D0%B4%D0%B5%D1%80%20%7C%20%D0%9A%D0%BD%D0%B8%D0%B3%D0%B8%20%D0%BE%D1%82%20%D0%BE%D0%BD%D0%BB&auid=1562521024.1665653131&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4aff9ae822865036f91a15928cf57ddadf5458c2f84565d2c6eef73f22e92daf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.helikon.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Oct 2022 09:25:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1185
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/987939168/ 42 B
548 B 80ms
32ms Image
image/gif 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/987939168/?random=1665653131212&cv=9&fst=1665651600000&num=1&guid=ON&eid=375603260&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=dynx_itemid%3D46236%3Bdynx_pagetype%3Dofferdetail&frm=0&url=https%3A%2F%2Fm.helikon.bg%2F46236-%25D0%2590%25D0%25B7-%25D1%2581%25D1%2582%25D0%25B0%25D0%25B2%25D0%25B0%25D0%25BC-%25D0%25BC%25D1%258A%25D0%25B6.html&tiba=%E3%80%8A%D0%90%D0%B7%20%D1%81%D1%82%D0%B0%D0%B2%D0%B0%D0%BC%20%D0%BC%D1%8A%D0%B6%E3%80%8B%7C%20%D0%A1%D0%B8%D0%BB%D0%B2%D0%B8%D1%8F%20%D0%A8%D0%BD%D0%B0%D0%B9%D0%B4%D0%B5%D1%80%20%7C%20%D0%9A%D0%BD%D0%B8%D0%B3%D0%B8%20%D0%BE%D1%82%20%D0%BE%D0%BD%D0%BB&fmt=3&is_vtc=1&random=1231494542&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.helikon.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Oct 2022 09:25:31 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/987939168/ 42 B
548 B 87ms
37ms Image
image/gif 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/987939168/?random=1665653131212&cv=9&fst=1665651600000&num=1&guid=ON&eid=375603260&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=dynx_itemid%3D46236%3Bdynx_pagetype%3Dofferdetail&frm=0&url=https%3A%2F%2Fm.helikon.bg%2F46236-%25D0%2590%25D0%25B7-%25D1%2581%25D1%2582%25D0%25B0%25D0%25B2%25D0%25B0%25D0%25BC-%25D0%25BC%25D1%258A%25D0%25B6.html&tiba=%E3%80%8A%D0%90%D0%B7%20%D1%81%D1%82%D0%B0%D0%B2%D0%B0%D0%BC%20%D0%BC%D1%8A%D0%B6%E3%80%8B%7C%20%D0%A1%D0%B8%D0%BB%D0%B2%D0%B8%D1%8F%20%D0%A8%D0%BD%D0%B0%D0%B9%D0%B4%D0%B5%D1%80%20%7C%20%D0%9A%D0%BD%D0%B8%D0%B3%D0%B8%20%D0%BE%D1%82%20%D0%BE%D0%BD%D0%BB&fmt=3&is_vtc=1&random=1231494542&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.helikon.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Oct 2022 09:25:31 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 28ms
27ms XHR
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=2020346712&t=pageview&_s=1&dl=https%3A%2F%2Fm.helikon.bg%2F46236-%25D0%2590%25D0%25B7-%25D1%2581%25D1%2582%25D0%25B0%25D0%25B2%25D0%25B0%25D0%25BC-%25D0%25BC%25D1%258A%25D0%25B6.html&ul=en-us&de=UTF-8&dt=%E3%80%8A%D0%90%D0%B7%20%D1%81%D1%82%D0%B0%D0%B2%D0%B0%D0%BC%20%D0%BC%D1%8A%D0%B6%E3%80%8B%7C%20%D0%A1%D0%B8%D0%BB%D0%B2%D0%B8%D1%8F%20%D0%A8%D0%BD%D0%B0%D0%B9%D0%B4%D0%B5%D1%80%20%7C%20%D0%9A%D0%BD%D0%B8%D0%B3%D0%B8%20%D0%BE%D1%82%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%20%D0%BA%D0%BD%D0%B8%D0%B6%D0%B0%D1%80%D0%BD%D0%B8%D1%86%D0%B0%20%D0%A5%D0%B5%D0%BB%D0%B8%D0%BA%D0%BE%D0%BD%20%7C%20%D0%9A%D0%BD%D0%B8%D0%B6%D0%B0%D1%80%D0%BD%D0%B8%D1%86%D0%B8%20%D0%A5%D0%B5%D0%BB%D0%B8%D0%BA%D0%BE%D0%BD&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAAEIJAAAAACAMI~&jid=256722641&gjid=852808317&cid=1694815341.1665653131&tid=UA-100067235-1&_gid=836544337.1665653131&_r=1&_slc=1&pa=detail&pr1id=46236&pr1nm=%D0%90%D0%B7%20%D1%81%D1%82%D0%B0%D0%B2%D0%B0%D0%BC%20%D0%BC%D1%8A%D0%B6&pr1ca=%D0%97%D0%B4%D1%80%D0%B0%D0%B2%D0%B5.%20%D0%9F%D0%BE%D0%BB.%20%D0%92%D1%8A%D0%B7%D1%80%D0%B0%D1%81%D1%82&pr1br=%D0%95%D0%BC%D0%B0%D1%81&pr1va=%D0%BC%D0%B5%D0%BA%D0%B8&z=1771003136

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.helikon.bg/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 13 Oct 2022 09:25:31 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://m.helikon.bg
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 192319652557189 Show response
connect.facebook.net/signals/config/ 292 KB
84 KB 23ms
23ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/192319652557189?v=2.9.84&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

cd6b60e8d33c4b1c5f91b54fc0b94714bf24deb70048055b02141a2c04a5326c

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.helikon.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 13 Oct 2022 09:25:31 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 85830
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: 9cglqGm2r3ij5xkAOYkRHNmImo2Ba5tW+V+Hdjxo7XHTzBCvr2Ts5d9qlNRUH1GU13mQ+GiJSAuR7WbWNee/3Q==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
440 B 83ms
27ms XHR
text/plain 2a00:1450:400c:c00::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-100067235-1&cid=1694815341.1665653131&jid=256722641&gjid=852808317&_gid=836544337.1665653131&_u=aGBAAEIIAAAAACAMI~&z=574210623

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.helikon.bg/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 13 Oct 2022 09:25:31 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://m.helikon.bg
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 7597073fda4f690a Show response
m.helikon.bg/cdn-cgi/challenge-platform/h/g/cv/result/ Frame 2779 2 B
401 B 55ms
55ms XHR
text/plain 2606:4700:3108::ac42:2b9b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://m.helikon.bg/cdn-cgi/challenge-platform/h/g/cv/result/7597073fda4f690a
Requested by: Host: m.helikon.bg
URL: https://m.helikon.bg/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1665648000
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3108::ac42:2b9b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 13 Oct 2022 09:25:31 GMT
content-encoding: br
server: cloudflare
cf-ray: 75970748fa0b8fdd-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-type: text/plain; charset=UTF-8

POST
H3 200 7597073fda4f690a Show response
m.helikon.bg/cdn-cgi/challenge-platform/h/g/cv/result/ Frame 2779 2 B
401 B 38ms
37ms XHR
text/plain 2606:4700:3108::ac42:2b9b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://m.helikon.bg/cdn-cgi/challenge-platform/h/g/cv/result/7597073fda4f690a
Requested by: Host: m.helikon.bg
URL: https://m.helikon.bg/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1665648000
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3108::ac42:2b9b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 13 Oct 2022 09:25:31 GMT
content-encoding: br
server: cloudflare
cf-ray: 7597074a4ce58fdd-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-type: text/plain; charset=UTF-8

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 91ms
44ms Image
image/gif 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-100067235-1&cid=1694815341.1665653131&jid=256722641&_u=aGBAAEIIAAAAACAMI~&z=1881426881

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.helikon.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Oct 2022 09:25:31 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 90ms
46ms Image
image/gif 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-100067235-1&cid=1694815341.1665653131&jid=256722641&_u=aGBAAEIIAAAAACAMI~&z=1881426881

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.helikon.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Oct 2022 09:25:31 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame FCD5
Redirect Chain

https://gum.criteo.com/sid/json?origin=onetag&domain=helikon.bg&sn=ChromeSyncframe&so=0&topUrl=m.helikon.bg&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=3Vzi23xSUW5nWW9naHZmQWF1R3BTMGxidWx2SlA2aTYxVHJ1ajZZNnlvcURkb1RwRzl5WVNzQVNJd1JEWnNWcXM2Rnh5S0gzVFcwWElQMEhIWHhHREdWekVmc015NlZJRXcvZjc4WXh6bWFkamhPWmtMZzdHcm9XcHFzWV...

446 B
660 B

89ms
29ms

Fetch
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=3Vzi23xSUW5nWW9naHZmQWF1R3BTMGxidWx2SlA2aTYxVHJ1ajZZNnlvcURkb1RwRzl5WVNzQVNJd1JEWnNWcXM2Rnh5S0gzVFcwWElQMEhIWHhHREdWekVmc015NlZJRXcvZjc4WXh6bWFkamhPWmtMZzdHcm9XcHFzWVJIa1RlMW1ocnhmTTcyRExCS2hVeCs0b0ZpMjdnKzlCY0o5aXltMzRvNUlVNGRLOTNDai9xRk1iZjZMT1hNcnZ2V05jbUtxMEtKNTdQbldDYllKRzVsbmw3OXBnRDZMYThBclNyeVovS2hKeGdKTFI3S1NQdkJhdkZmM3d2emhSa09EWkthSCswcTJPY2R6eHZXYzdBM0o2RWtMVjhZdz09fA&cppv=2

Protocol

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

3877ccfca008c4438ee1d15bdaffee8aa55f12b0602fbf831f95094cbaf04a23

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Oct 2022 09:25:31 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 4195925
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 13 Oct 2022 09:25:31 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=3Vzi23xSUW5nWW9naHZmQWF1R3BTMGxidWx2SlA2aTYxVHJ1ajZZNnlvcURkb1RwRzl5WVNzQVNJd1JEWnNWcXM2Rnh5S0gzVFcwWElQMEhIWHhHREdWekVmc015NlZJRXcvZjc4WXh6bWFkamhPWmtMZzdHcm9XcHFzWVJIa1RlMW1ocnhmTTcyRExCS2hVeCs0b0ZpMjdnKzlCY0o5aXltMzRvNUlVNGRLOTNDai9xRk1iZjZMT1hNcnZ2V05jbUtxMEtKNTdQbldDYllKRzVsbmw3OXBnRDZMYThBclNyeVovS2hKeGdKTFI3S1NQdkJhdkZmM3d2emhSa09EWkthSCswcTJPY2R6eHZXYzdBM0o2RWtMVjhZdz09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 645838
content-length: 0
expires: 0

GET
H3 200 /
www.google.com/pagead/1p-user-list/987939168/ 42 B
64 B 75ms
36ms Image
image/gif 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/987939168/?random=1665653131298&cv=9&fst=1665651600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaaa0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fm.helikon.bg%2F46236-%25D0%2590%25D0%25B7-%25D1%2581%25D1%2582%25D0%25B0%25D0%25B2%25D0%25B0%25D0%25BC-%25D0%25BC%25D1%258A%25D0%25B6.html&tiba=%E3%80%8A%D0%90%D0%B7%20%D1%81%D1%82%D0%B0%D0%B2%D0%B0%D0%BC%20%D0%BC%D1%8A%D0%B6%E3%80%8B%7C%20%D0%A1%D0%B8%D0%BB%D0%B2%D0%B8%D1%8F%20%D0%A8%D0%BD%D0%B0%D0%B9%D0%B4%D0%B5%D1%80%20%7C%20%D0%9A%D0%BD%D0%B8%D0%B3%D0%B8%20%D0%BE%D1%82%20%D0%BE%D0%BD%D0%BB&async=1&fmt=3&is_vtc=1&random=386062274&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.helikon.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Oct 2022 09:25:31 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/987939168/ 42 B
64 B 70ms
35ms Image
image/gif 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/987939168/?random=1665653131298&cv=9&fst=1665651600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaaa0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fm.helikon.bg%2F46236-%25D0%2590%25D0%25B7-%25D1%2581%25D1%2582%25D0%25B0%25D0%25B2%25D0%25B0%25D0%25BC-%25D0%25BC%25D1%258A%25D0%25B6.html&tiba=%E3%80%8A%D0%90%D0%B7%20%D1%81%D1%82%D0%B0%D0%B2%D0%B0%D0%BC%20%D0%BC%D1%8A%D0%B6%E3%80%8B%7C%20%D0%A1%D0%B8%D0%BB%D0%B2%D0%B8%D1%8F%20%D0%A8%D0%BD%D0%B0%D0%B9%D0%B4%D0%B5%D1%80%20%7C%20%D0%9A%D0%BD%D0%B8%D0%B3%D0%B8%20%D0%BE%D1%82%20%D0%BE%D0%BD%D0%BB&async=1&fmt=3&is_vtc=1&random=386062274&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.helikon.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Oct 2022 09:25:31 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/987939168/ 42 B
64 B 73ms
36ms Image
image/gif 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/987939168/?random=1665653131300&cv=9&fst=1665651600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaaa0&sendb=1&data=event%3Dpage_view%3Bdynx_itemid%3D46236%3Bdynx_itemid2%3D%3Bdynx_pagetype%3Dofferdetail&frm=0&url=https%3A%2F%2Fm.helikon.bg%2F46236-%25D0%2590%25D0%25B7-%25D1%2581%25D1%2582%25D0%25B0%25D0%25B2%25D0%25B0%25D0%25BC-%25D0%25BC%25D1%258A%25D0%25B6.html&tiba=%E3%80%8A%D0%90%D0%B7%20%D1%81%D1%82%D0%B0%D0%B2%D0%B0%D0%BC%20%D0%BC%D1%8A%D0%B6%E3%80%8B%7C%20%D0%A1%D0%B8%D0%BB%D0%B2%D0%B8%D1%8F%20%D0%A8%D0%BD%D0%B0%D0%B9%D0%B4%D0%B5%D1%80%20%7C%20%D0%9A%D0%BD%D0%B8%D0%B3%D0%B8%20%D0%BE%D1%82%20%D0%BE%D0%BD%D0%BB&async=1&fmt=3&is_vtc=1&random=67700196&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.helikon.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Oct 2022 09:25:31 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/987939168/ 42 B
64 B 69ms
35ms Image
image/gif 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/987939168/?random=1665653131300&cv=9&fst=1665651600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaaa0&sendb=1&data=event%3Dpage_view%3Bdynx_itemid%3D46236%3Bdynx_itemid2%3D%3Bdynx_pagetype%3Dofferdetail&frm=0&url=https%3A%2F%2Fm.helikon.bg%2F46236-%25D0%2590%25D0%25B7-%25D1%2581%25D1%2582%25D0%25B0%25D0%25B2%25D0%25B0%25D0%25BC-%25D0%25BC%25D1%258A%25D0%25B6.html&tiba=%E3%80%8A%D0%90%D0%B7%20%D1%81%D1%82%D0%B0%D0%B2%D0%B0%D0%BC%20%D0%BC%D1%8A%D0%B6%E3%80%8B%7C%20%D0%A1%D0%B8%D0%BB%D0%B2%D0%B8%D1%8F%20%D0%A8%D0%BD%D0%B0%D0%B9%D0%B4%D0%B5%D1%80%20%7C%20%D0%9A%D0%BD%D0%B8%D0%B3%D0%B8%20%D0%BE%D1%82%20%D0%BE%D0%BD%D0%BB&async=1&fmt=3&is_vtc=1&random=67700196&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.helikon.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Oct 2022 09:25:31 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
204 B 71ms
21ms Image
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=539134586525496&ev=PageView&dl=https%3A%2F%2Fm.helikon.bg%2F46236-%25D0%2590%25D0%25B7-%25D1%2581%25D1%2582%25D0%25B0%25D0%25B2%25D0%25B0%25D0%25BC-%25D0%25BC%25D1%258A%25D0%25B6.html&rl=&if=false&ts=1665653131896&sw=1600&sh=1200&v=2.9.84&r=stable&ec=0&o=30&fbp=fb.1.1665653131895.1148411892&it=1665653131289&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.helikon.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 13 Oct 2022 09:25:31 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 71ms
22ms Image
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=192319652557189&ev=PageView&dl=https%3A%2F%2Fm.helikon.bg%2F46236-%25D0%2590%25D0%25B7-%25D1%2581%25D1%2582%25D0%25B0%25D0%25B2%25D0%25B0%25D0%25BC-%25D0%25BC%25D1%258A%25D0%25B6.html&rl=&if=false&ts=1665653131897&sw=1600&sh=1200&v=2.9.84&r=stable&ec=0&o=30&fbp=fb.1.1665653131895.1148411892&it=1665653131289&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.helikon.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 13 Oct 2022 09:25:31 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 71ms
22ms Image
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=539134586525496&ev=ViewContent&dl=https%3A%2F%2Fm.helikon.bg%2F46236-%25D0%2590%25D0%25B7-%25D1%2581%25D1%2582%25D0%25B0%25D0%25B2%25D0%25B0%25D0%25BC-%25D0%25BC%25D1%258A%25D0%25B6.html&rl=&if=false&ts=1665653131898&cd[content_ids]=%5B%2246236%22%5D&cd[content_type]=product&cd[value]=8.00&cd[content_name]=%D0%90%D0%B7%20%D1%81%D1%82%D0%B0%D0%B2%D0%B0%D0%BC%20%D0%BC%D1%8A%D0%B6&cd[content_category]=%D0%97%D0%B4%D1%80%D0%B0%D0%B2%D0%B5.%20%D0%9F%D0%BE%D0%BB.%20%D0%92%D1%8A%D0%B7%D1%80%D0%B0%D1%81%D1%82&cd[currency]=BGN&sw=1600&sh=1200&v=2.9.84&r=stable&ec=1&o=30&fbp=fb.1.1665653131895.1148411892&it=1665653131289&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.helikon.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 13 Oct 2022 09:25:31 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 71ms
22ms Image
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=192319652557189&ev=ViewContent&dl=https%3A%2F%2Fm.helikon.bg%2F46236-%25D0%2590%25D0%25B7-%25D1%2581%25D1%2582%25D0%25B0%25D0%25B2%25D0%25B0%25D0%25BC-%25D0%25BC%25D1%258A%25D0%25B6.html&rl=&if=false&ts=1665653131898&cd[content_ids]=%5B%2246236%22%5D&cd[content_type]=product&cd[value]=8.00&cd[content_name]=%D0%90%D0%B7%20%D1%81%D1%82%D0%B0%D0%B2%D0%B0%D0%BC%20%D0%BC%D1%8A%D0%B6&cd[content_category]=%D0%97%D0%B4%D1%80%D0%B0%D0%B2%D0%B5.%20%D0%9F%D0%BE%D0%BB.%20%D0%92%D1%8A%D0%B7%D1%80%D0%B0%D1%81%D1%82&cd[currency]=BGN&sw=1600&sh=1200&v=2.9.84&r=stable&ec=1&o=30&fbp=fb.1.1665653131895.1148411892&it=1665653131289&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.helikon.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 13 Oct 2022 09:25:31 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0

GET
H2

200

/ Show response
track.adform.net/Serving/TrackPoint/
Redirect Chain

https://track.adform.net/Serving/TrackPoint/?pm=2104384&ADFPageName=Product%20page&ADFdivider=%7C&ord=870439265977&ADFtpmode=2&ecpr=W3sicGlkIjoiNDYyMzYiLCJzdGVwIjoxfV0&loc=https%3A%2F%2Fm.helikon.b...
https://track.adform.net/Serving/TrackPoint/?CC=1&pm=2104384&ADFPageName=Product%20page&ADFdivider=%7C&ord=870439265977&ADFtpmode=2&ecpr=W3sicGlkIjoiNDYyMzYiLCJzdGVwIjoxfV0&loc=https%3A%2F%2Fm.heli...

112 B
591 B

41ms
41ms

Script
text/javascript

37.157.2.234
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/Serving/TrackPoint/?CC=1&pm=2104384&ADFPageName=Product%20page&ADFdivider=%7C&ord=870439265977&ADFtpmode=2&ecpr=W3sicGlkIjoiNDYyMzYiLCJzdGVwIjoxfV0&loc=https%3A%2F%2Fm.helikon.bg%2F46236-%25D0%2590%25D0%25B7-%25D1%2581%25D1%2582%25D0%25B0%25D0%25B2%25D0%25B0%25D0%25BC-%25D0%25BC%25D1%258A%25D0%25B6.htm&Set1=en-US%7Cen-US%7C1600x1200%7C24

Protocol

Server

37.157.2.234 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

53f6c9463c13a3e049444fb835529fc98e73a5eff6bdcfc60ade0520662798d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.helikon.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Oct 2022 09:25:31 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 186
expires: -1

Redirect headers

pragma: no-cache
date: Thu, 13 Oct 2022 09:25:31 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
content-type: text/html; charset=utf-8
location: https://track.adform.net/Serving/TrackPoint/?CC=1&pm=2104384&ADFPageName=Product%20page&ADFdivider=%7C&ord=870439265977&ADFtpmode=2&ecpr=W3sicGlkIjoiNDYyMzYiLCJzdGVwIjoxfV0&loc=https%3A%2F%2Fm.helikon.bg%2F46236-%25D0%2590%25D0%25B7-%25D1%2581%25D1%2582%25D0%25B0%25D0%25B2%25D0%25B0%25D0%25BC-%25D0%25BC%25D1%258A%25D0%25B6.htm&Set1=en-US%7Cen-US%7C1600x1200%7C24
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
expires: -1

GET
H2 200 event Show response
sslwidget.criteo.com/ 8 KB
4 KB 102ms
40ms Script
application/x-javascript 178.250.2.151
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://sslwidget.criteo.com/event?a=49204&v=5.12.1&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26site_type%3Dd&p2=e%3Dvp%26p%3D%255B46236%255D&p3=e%3Ddis&adce=1&bundle=L3rs8V94dTY5eWdhR2lJZEklMkJXTTBLcmxiRVloQWhoV08lMkYzZEhuT085WXpSdDFhVHJSOFd5bnZEZHY2REJ2Y2RGNjdJYWdTMjlDY2UlMkZWaDJocGpvSzlmVlpnZFklMkZJcUc1czZvYzBRJTJCcjdYd0pSJTJCJTJCR2dIU0w4aXlRU1RJWXB0QSUyRjJyenhiYjBwMnM1M2ZwJTJGR0JVJTJGdCUyRkNGTk5RJTNEJTNE&tld=helikon.bg&fu=https%253A%252F%252Fm.helikon.bg%252F46236-%2525D0%252590%2525D0%2525B7-%2525D1%252581%2525D1%252582%2525D0%2525B0%2525D0%2525B2%2525D0%2525B0%2525D0%2525BC-%2525D0%2525BC%2525D1%25258A%2525D0%2525B6.html&dtycbr=5139

Requested by

Host: m.helikon.bg
URL: https://m.helikon.bg/46236-%D0%90%D0%B7-%D1%81%D1%82%D0%B0%D0%B2%D0%B0%D0%BC-%D0%BC%D1%8A%D0%B6.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

689aa77b041f78242f72b97e92844cbf6501b700de1f505807c1c4a7091e8fd3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.helikon.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Oct 2022 09:25:31 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Kestrel
content-type: application/x-javascript
access-control-allow-origin: *
p3p: NON DSP COR CURa PSA PSD OUR BUS NAV STA
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 12669000
timing-allow-origin: *
expires: 0

GET
H/1.1

200
OK

sync
x.bidswitch.net/ul_cb/ Frame 47D5
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=46&user_id=k-5WrGcdcLwUw4FElOD5RRpxTO90s8RBSJK3IegA&expires=30
https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-5WrGcdcLwUw4FElOD5RRpxTO90s8RBSJK3IegA&expires=30

43 B
495 B

22ms
22ms

Image
image/gif

3.120.13.175
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-5WrGcdcLwUw4FElOD5RRpxTO90s8RBSJK3IegA&expires=30
Protocol: HTTP/1.1
Server: 3.120.13.175 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-120-13-175.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Thu, 13 Oct 2022 09:25:32 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

Redirect headers

Location: https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-5WrGcdcLwUw4FElOD5RRpxTO90s8RBSJK3IegA&expires=30
Date: Thu, 13 Oct 2022 09:25:32 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/google/ Frame 47D5
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-jhXxD9cLwUw4FElOD5RRpxTO90uynIdkA_oiFw&google_cm&google_hm=ay1qaFh4RDljTHdVdzRGRWxPRDVSUnB4VE85MHV5bklka...
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-jhXxD9cLwUw4FElOD5RRpxTO90uynIdkA_oiFw&google_gid=CAESEP20B061gB6suo1jYRi78Bs&google_cver=1&google_ula=913071,0

43 B
370 B

29ms
29ms

Image
image/gif

178.250.2.151
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-jhXxD9cLwUw4FElOD5RRpxTO90uynIdkA_oiFw&google_gid=CAESEP20B061gB6suo1jYRi78Bs&google_cver=1&google_ula=913071,0

Protocol

Server

178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Oct 2022 09:25:31 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1361319
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 13 Oct 2022 09:25:32 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-jhXxD9cLwUw4FElOD5RRpxTO90uynIdkA_oiFw&google_gid=CAESEP20B061gB6suo1jYRi78Bs&google_cver=1&google_ula=913071,0
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 398
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/appnexus/ Frame 47D5
Redirect Chain

https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=6249517672672026411

43 B
370 B

31ms
31ms

Image
image/gif

178.250.2.151
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=6249517672672026411

Protocol

Server

178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Oct 2022 09:25:31 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 3320514
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 13 Oct 2022 09:25:32 GMT
AN-X-Request-Uuid: 2ba2c6a0-9141-4fbb-956d-090a3ee49297
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Location: https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=6249517672672026411
Connection: keep-alive
X-Proxy-Origin: 217.114.218.19; 217.114.218.19; 535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

rum
r.casalemedia.com/ Frame 47D5
Redirect Chain

https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-BLghNdcLwUw4FElOD5RRpxTO90vJv0muWYwRgg
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-BLghNdcLwUw4FElOD5RRpxTO90vJv0muWYwRgg&C=1

43 B
766 B

21ms
20ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-BLghNdcLwUw4FElOD5RRpxTO90vJv0muWYwRgg&C=1
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 13 Oct 2022 09:25:32 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

Pragma: no-cache
Date: Thu, 13 Oct 2022 09:25:32 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: /rum?cm_dsp_id=20&external_user_id=k-BLghNdcLwUw4FElOD5RRpxTO90vJv0muWYwRgg&C=1
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 0
Expires: 0

GET
H2

200

match
ad.360yield.com/ul_cb/ Frame 47D5
Redirect Chain

https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-_hW7VNcLwUw4FElOD5RRpxTO90sbjty1x5RE3g
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-_hW7VNcLwUw4FElOD5RRpxTO90sbjty1x5RE3g

43 B
447 B

46ms
46ms

Image
image/gif

34.255.156.219
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-_hW7VNcLwUw4FElOD5RRpxTO90sbjty1x5RE3g
Protocol: H2
Server: 34.255.156.219 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-255-156-219.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 13 Oct 2022 09:25:32 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

location: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-_hW7VNcLwUw4FElOD5RRpxTO90sbjty1x5RE3g
date: Thu, 13 Oct 2022 09:25:32 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2 200 cksync.php
contextual.media.net/ Frame 47D5 45 B
786 B 122ms
58ms Image
image/gif 2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-sOVSttcLwUw4FElOD5RRpxTO90vOGgSZWN632Q

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-235-93.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Thu, 13 Oct 2022 09:25:32 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
content-length: 45
x-mnet-hl2: E
expires: Thu, 13 Oct 2022 09:25:32 GMT

GET
H2 200 push
exchange.mediavine.com/usersync/ Frame 47D5 0
882 B 75ms
22ms Image
text/html 52.59.60.193
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://exchange.mediavine.com/usersync/push?partner=criteo&partnerId=k-vPe5sdcLwUw4FElOD5RRpxTO90s6f-kIRV4kZA
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.59.60.193 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-59-60-193.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 09:25:32 GMT
cache-control: private, no-cache
access-control-allow-credentials: true
content-encoding: gzip
vary: Origin, Accept-Encoding
content-type: text/html; charset=utf-8

GET
H/1.1 200
OK cookie-sync
sync.outbrain.com/ Frame 47D5 0
145 B 435ms
112ms Image
text/plain 70.42.32.95
INTERNAP-BLK3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=criteo&uid=k-WOWwbtcLwUw4FElOD5RRpxTO90s_10d2FrPFEA
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.95 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Thu, 13 Oct 2022 09:25:32 GMT
Cache-Control: no-cache
X-TraceId: daf7fc702ac2aff880a6c843bd9d1752
Content-Length: 0

GET
H2 200 Pug
simage2.pubmatic.com/AdServer/ Frame 47D5 0
225 B 100ms
26ms Image
text/html 185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-NO7jCtcLwUw4FElOD5RRpxTO90sHedcT5fN88Q
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-type: text/html; charset=utf-8
date: Thu, 13 Oct 2022 09:25:30 GMT
cache-control: no-store, no-cache, private
content-encoding: gzip
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H/1.1 204
No Content tap.php
pixel.rubiconproject.com/ Frame 47D5 0
239 B 99ms
21ms Image
image/gif 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-ab34g9cLwUw4FElOD5RRpxTO90sVW0_HGhrdsQ&expires=30
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 37b22a0c36bd84993dd2cda4a5e04b1d
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 204 v1
match.sharethrough.com/sync/ Frame 47D5 0
35 B 87ms
22ms Image
text/plain 18.194.140.105
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-4PLA9tcLwUw4FElOD5RRpxTO90vX4IjG9neDMA
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.194.140.105 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-194-140-105.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 09:25:32 GMT

GET
H/1.1 200
OK /
rtb-csync.smartadserver.com/redir/ Frame 47D5 43 B
163 B 130ms
30ms Image
image/gif 185.86.137.110
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-fZpNy9cLwUw4FElOD5RRpxTO90s56rakYywncw
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.137.110 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 09:25:32 GMT
transfer-encoding: chunked
content-type: image/gif

GET
H2 200 /
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame 47D5 0
99 B 101ms
25ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-4K2eN9cLwUw4FElOD5RRpxTO90v3FZPAsEDMbg
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 09:25:32 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 24262

GET
H2 200 um
criteo-sync.teads.tv/ Frame 47D5 23 B
172 B 125ms
46ms Image
image/gif 23.35.237.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://criteo-sync.teads.tv/um?eid=80&uid=k-j-bZZtcLwUw4FElOD5RRpxTO90s7FcTZfvOxuQ
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.237.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-56.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.9 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

expires: Thu, 13 Oct 2022 09:25:32 GMT
pragma: no-cache
date: Thu, 13 Oct 2022 09:25:32 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.9
content-length: 23
content-type: image/gif

GET
H2 200 xuid
eb2.3lift.com/ Frame 47D5 37 B
140 B 64ms
19ms Image
image/gif 76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=2711&xuid=k-DqEMqtcLwUw4FElOD5RRpxTO90vRgQKAhvJzkA&dongle=013b
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 09:25:32 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H2

204

sync
ups.analytics.yahoo.com/ups/58301/ Frame 47D5
Redirect Chain

https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-XV4-VdcLwUw4FElOD5RRpxTO90tJD3Vaq-9imQ
https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-XV4-VdcLwUw4FElOD5RRpxTO90tJD3Vaq-9imQ&verify=true

0
121 B

31ms
31ms

Image
text/plain

18.156.0.31
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-XV4-VdcLwUw4FElOD5RRpxTO90tJD3Vaq-9imQ&verify=true

Protocol

Server

18.156.0.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.25 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 09:25:32 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location: https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-XV4-VdcLwUw4FElOD5RRpxTO90tJD3Vaq-9imQ&verify=true
date: Thu, 13 Oct 2022 09:25:32 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 pixel
cm.adform.net/ Frame 47D5 43 B
162 B 144ms
40ms Image
image/gif 37.157.2.234
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.adform.net/pixel?adform_pid=15&adform_pc=k-P0-DjtcLwUw4FElOD5RRpxTO90sMlT5WvMYAMQ
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.2.234 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 09:25:32 GMT
last-modified: Thu, 28 Jul 2022 12:09:37 GMT
server: nginx
accept-ranges: bytes
etag: "62e27c81-2b"
content-length: 43
content-type: image/gif

GET
H2 200 sync
visitor.omnitagjs.com/visitor/ Frame 47D5 49 B
235 B 95ms
30ms Image
image/gif 185.255.84.153
IGUANE-

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://visitor.omnitagjs.com/visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=CRITEO&visitor=k-wwSt2NcLwUw4FElOD5RRpxTO90tmWbRu5kxukw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.255.84.153 , France, ASN200271 (IGUANE-, FR),

Reverse DNS

Software

ayl-lb-fra02 /

Resource Hash

d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Oct 2022 09:25:31 GMT
x-content-type-options: nosniff
server: ayl-lb-fra02
vary: Accept-Encoding
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 1
content-length: 49
expires: 0

GET
H/1.1 200 9.gif
id5-sync.com/s/966/ Frame 47D5 43 B
1 KB 75ms
23ms Image
image/gif 162.19.138.117
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/s/966/9.gif?puid=k-qN6iatcLwUw4FElOD5RRpxTO90uH8gZVOcXn9A

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.117 , France, ASN16276 (OVH, FR),

Reverse DNS

ns31533568.ip-162-19-138.eu

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-type: image/gif;charset=UTF-8
date: Thu, 13 Oct 2022 09:25:32 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
transfer-encoding: chunked
p3p: CP="CAO PSA OUR"

GET
H2 200 sync
matching.ivitrack.com/ Frame 47D5 42 B
274 B 82ms
30ms Image
image/gif 34.117.157.22
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://matching.ivitrack.com/sync?realm=criteo&uid=k-IAENCtcLwUw4FElOD5RRpxTO90vPn1dsUyDMYQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.157.22 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 22.157.117.34.bc.googleusercontent.com
Software: istio-envoy /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 09:25:32 GMT
x-envoy-decorator-operation: tag-manager.programmatic.svc.cluster.local:3000/*
via: 1.1 google
server: istio-envoy
content-type: image/gif
cache-control: public, max-age=86400
x-envoy-upstream-service-time: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame 47D5
Redirect Chain

https://gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40
https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=ApaHfv5qm4R_VLyuFAlvBZkTCP8pZpPI

0
338 B

129ms
39ms

Image
text/plain

52.214.159.83
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=ApaHfv5qm4R_VLyuFAlvBZkTCP8pZpPI
Protocol: H2
Server: 52.214.159.83 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-214-159-83.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-served-by: beacon-n005-dub-prod.krxd.net
date: Thu, 13 Oct 2022 09:25:32 GMT
cache-control: private, no-cache, no-store
x-request-time: D=30 t=1665653132
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=ApaHfv5qm4R_VLyuFAlvBZkTCP8pZpPI
date: Thu, 13 Oct 2022 09:25:31 GMT
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 811681
content-length: 0

GET
H/1.1 204
No Content m
ad.yieldlab.net/ Frame 47D5 0
522 B 87ms
32ms Image
text/plain 96.16.132.239
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.yieldlab.net/m?dt_id=8664&ext_id=k-vWJqF9cLwUw4FElOD5RRpxTO90uWUX7WKkc2GA

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

96.16.132.239 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a96-16-132-239.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 13 Oct 2022 09:25:32 GMT
x-content-type-options: nosniff
x-frame-options: DENY
Cache-Control: no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection: keep-alive
x-xss-protection: 1; mode=block
x-application-context: application
Expires: Wed, 12 Oct 2022 09:25:32 GMT

GET
H2 200 sync
sync-criteo.ads.yieldmo.com/ Frame 47D5 43 B
220 B 156ms
42ms Image
image/gif 54.155.44.87
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-criteo.ads.yieldmo.com/sync?id=k-jsCEnNcLwUw4FElOD5RRpxTO90uiuVmyQYclAA&pn_id=criteo&ext=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.155.44.87 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-155-44-87.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Thu, 13 Oct 2022 09:25:32 GMT
content-type: image/gif
content-length: 43
access-control-allow-methods: GET, OPTIONS
access-control-request-headers: Cache-Control, Pragma

GET
H2

200

cs
s.thebrighttag.com/ Frame 47D5
Redirect Chain

https://gum.criteo.com/sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40
https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=In3Mu53nCTKkzlmTFf-v0kkvwh-KDtbT

35 B
268 B

358ms
117ms

Image
image/gif

3.141.157.49
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=In3Mu53nCTKkzlmTFf-v0kkvwh-KDtbT
Protocol: H2
Server: 3.141.157.49 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-141-157-49.us-east-2.compute.amazonaws.com
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Oct 2022 09:25:32 GMT
x-bt-requestid: fc6d3440-4ad8-11ed-a322-0000ac17031e
server: nginx
content-type: image/gif
access-control-allow-origin
p3p: CP=NOI DSP COR NID
cache-control: private, must-revalidate
content-length: 35
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=In3Mu53nCTKkzlmTFf-v0kkvwh-KDtbT
date: Thu, 13 Oct 2022 09:25:31 GMT
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 1332947
content-length: 0

POST
H3 200 / Show response
www.facebook.com/tr/ Frame 50C6 0
18 B 42ms
19ms Document
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://m.helikon.bg
Referer: https://m.helikon.bg/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://m.helikon.bg
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Thu, 13 Oct 2022 09:25:32 GMT
priority: u=0
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

POST
H3 200 / Show response
www.facebook.com/tr/ Frame EACA 0
15 B 32ms
20ms Document
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://m.helikon.bg
Referer: https://m.helikon.bg/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://m.helikon.bg
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Thu, 13 Oct 2022 09:25:32 GMT
priority: u=0
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2 204 unip Show response
trc-events.taboola.com/1374407/log/3/ 0
244 B 106ms
25ms XHR
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/1374407/log/3/unip?en=pre_d_eng_tb&tos=1554&scd=57&ssd=1&est=1665653131266&ver=35&isls=true&src=i&invt=1500&rv=1&tim=1665653132820&vi=1665653131263&ri=3dcdf431506fa8f052be9d38496f4745&ref=null&cv=20221006-24-RELEASE&item-url=https%3A%2F%2Fm.helikon.bg%2F46236-%25D0%2590%25D0%25B7-%25D1%2581%25D1%2582%25D0%25B0%25D0%25B2%25D0%25B0%25D0%25BC-%25D0%25BC%25D1%258A%25D0%25B6.html
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1374407/tfa.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.helikon.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-origin: https://m.helikon.bg
pragma: no-cache
date: Thu, 13 Oct 2022 09:25:32 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 unip Show response
trc-events.taboola.com/1374407/log/3/ 0
244 B 25ms
25ms XHR
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/1374407/log/3/unip?en=pre_d_eng_tb&tos=4556&scd=57&ssd=1&est=1665653131266&ver=35&isls=true&src=i&invt=3000&rv=1&tim=1665653135823&vi=1665653131263&ri=3dcdf431506fa8f052be9d38496f4745&ref=null&cv=20221006-24-RELEASE&item-url=https%3A%2F%2Fm.helikon.bg%2F46236-%25D0%2590%25D0%25B7-%25D1%2581%25D1%2582%25D0%25B0%25D0%25B2%25D0%25B0%25D0%25BC-%25D0%25BC%25D1%258A%25D0%25B6.html
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1374407/tfa.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.helikon.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-origin: https://m.helikon.bg
pragma: no-cache
date: Thu, 13 Oct 2022 09:25:35 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

Verdicts & Comments Add Verdict or Comment

182 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

43 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.helikon.bg/	1970-01-20 16:16:53	Name: HELIKON Value: tljankdqm5gufpiif04lg732f6
m.helikon.bg/	1970-01-20 15:26:29	Name: cid Value: V3la7GNH2YpWnXhKA1bLAg==
.helikon.bg/	1970-01-20 06:50:57	Name: allowJS Value: yes
.helikon.bg/	1970-01-20 08:50:29	Name: _gcl_au Value: 1.1.1562521024.1665653131
.helikon.bg/	1970-01-20 16:16:53	Name: _ga Value: GA1.2.1694815341.1665653131
.helikon.bg/	1970-01-20 06:42:19	Name: _gid Value: GA1.2.836544337.1665653131
.helikon.bg/	1970-01-20 06:40:53	Name: _gat Value: 1
.doubleclick.net/	1970-01-20 16:02:29	Name: IDE Value: AHWqTUn17UbMB9-RuROYDelQYzxfcA9NN6mIHs-HQqdSNH6dI8zd7i7KnVjg0iIx
.criteo.com/	1970-01-20 16:02:29	Name: uid Value: 6b68d215-83b3-4d0c-a82c-901347e75264
.helikon.bg/	1970-01-20 08:50:29	Name: _fbp Value: fb.1.1665653131895.1148411892
.helikon.bg/	1970-01-20 06:40:54	Name: __cf_bm Value: xKx7TkIqit2esv4s2zgTwJ66ZBGCb604rlAgaCZKGkA-1665653131-0-ASOpjmMPKaFNny0Vec2NHTR32Tr9d1Sx2CjgRDa/HDYw/QILOZyadEx7QauGHmcwEXZFkTDaNLtfFu8Ncg7DPO+s3Ww+4peodE6ANhG/hcpCaswyKC0W5UzvrNh/FuYgGkrMj3jjOKCKCS9ocIHRWgrmscaUdCWw6Ongsc52Yiaz
.adform.net/	1970-01-20 07:25:35	Name: C Value: 1
.adform.net/	1970-01-20 08:07:20	Name: uid Value: 387500542674300544
.helikon.bg/	1970-01-20 16:10:17	Name: cto_bundle Value: L3rs8V94dTY5eWdhR2lJZEklMkJXTTBLcmxiRVloQWhoV08lMkYzZEhuT085WXpSdDFhVHJSOFd5bnZEZHY2REJ2Y2RGNjdJYWdTMjlDY2UlMkZWaDJocGpvSzlmVlpnZFklMkZJcUc1czZvYzBRJTJCcjdYd0pSJTJCJTJCR2dIU0w4aXlRU1RJWXB0QSUyRjJyenhiYjBwMnM1M2ZwJTJGR0JVJTJGdCUyRkNGTk5RJTNEJTNE
exchange.mediavine.com/	1970-01-20 07:01:02	Name: mv_tokens Value: %7B%22mv_uuid%22%3A%22fc25cb00-4ad8-11ed-97a8-3ff4339e2341%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 07:01:02	Name: mv_tokens_eu-v1 Value: %7B%22mv_uuid%22%3A%22fc25cb00-4ad8-11ed-97a8-3ff4339e2341%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 07:01:02	Name: am_tokens Value: %7B%22mv_uuid%22%3A%22fc25cb00-4ad8-11ed-97a8-3ff4339e2341%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 07:01:02	Name: am_tokens_eu-v1 Value: %7B%22mv_uuid%22%3A%22fc25cb00-4ad8-11ed-97a8-3ff4339e2341%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 07:01:02	Name: criteo Value: %7B%22id%22%3A%22k-vPe5sdcLwUw4FElOD5RRpxTO90s6f-kIRV4kZA%22%2C%22version%22%3A%22criteo%22%7D
.adnxs.com/	1970-01-20 08:50:29	Name: uuid2 Value: 6249517672672026411
.bidswitch.net/	1970-01-20 15:26:29	Name: tuuid Value: 6bf4c52e-5d05-4c36-b775-30fce6eab6da
.bidswitch.net/	1970-01-20 15:26:29	Name: c Value: 1665653132
.bidswitch.net/	1970-01-20 15:26:29	Name: tuuid_lu Value: 1665653132
.casalemedia.com/	1970-01-20 15:26:29	Name: CMID Value: Y0fZjOL.qiq7FPv9AkERXwAA
.casalemedia.com/	1970-01-20 08:50:29	Name: CMPS Value: 3332
.casalemedia.com/	1970-01-20 08:50:29	Name: CMPRO Value: 3332
.media.net/	1970-01-20 15:26:29	Name: visitor-id Value: 3086547328280346000V10
.media.net/	1970-01-20 07:24:05	Name: data-c-ts Value: 1665653132
.media.net/	1970-01-20 07:24:05	Name: data-c Value: k-sOVSttcLwUw4FElOD5RRpxTO90vOGgSZWN632Q~~3
.360yield.com/	1970-01-20 08:50:29	Name: tuuid Value: f72d284c-b8f1-436f-a675-3b118e414329
.360yield.com/	1970-01-20 08:50:29	Name: tuuid_lu Value: 1665653132
.krxd.net/	1970-01-20 11:00:05	Name: _kuid_ Value: PIpx2Xag
.360yield.com/	1970-01-20 08:50:29	Name: um Value: !38,Gn0-Gy39DsLVzmvbCId5RVmjdX7LHZtZikOB.Sn49EwtLzaaVziVAKncHvx5tHyT5KzNaEmf,1673429132
.360yield.com/	1970-01-20 08:50:29	Name: umeh Value: !38,0,1727861132,-1
.yahoo.com/	1970-01-20 15:26:50	Name: A3 Value: d=AQABBIzZR2MCEMvBcA0Dc6vPfGZKbbljRQsFEgEBAQErSWNRYwAAAAAA_eMAAA&S=AQAAApln-dd9bKlphR2Wk9bcft8
.id5-sync.com/	1970-01-20 06:40:53	Name: cf Value:
.id5-sync.com/	1970-01-20 06:40:53	Name: cip Value:
.id5-sync.com/	1970-01-20 06:40:53	Name: cnac Value:
.id5-sync.com/	1970-01-20 06:40:53	Name: car Value:
.id5-sync.com/	1970-01-20 06:40:53	Name: gdpr Value:
.id5-sync.com/	1970-01-20 06:40:53	Name: callback Value:
.analytics.yahoo.com/	1970-01-20 15:26:29	Name: IDSYNC Value: 18zh~27ox
.yieldlab.net/	1970-01-20 15:26:29	Name: id Value: 9acafff5-d255-4a43-ae4c-98e17d79eb3b

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15768000
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.360yield.com
ad.yieldlab.net
beacon.krxd.net
cdn.taboola.com
cm.adform.net
cm.g.doubleclick.net
connect.facebook.net
contextual.media.net
criteo-sync.teads.tv
dis.criteo.com
eb2.3lift.com
exchange.mediavine.com
googleads.g.doubleclick.net
gum.criteo.com
i.helikon.bg
i2.helikon.bg
i4.helikon.bg
i5.helikon.bg
ib.adnxs.com
id5-sync.com
m.helikon.bg
match.sharethrough.com
matching.ivitrack.com
mug.criteo.com
pixel.rubiconproject.com
r.casalemedia.com
rtb-csync.smartadserver.com
s.thebrighttag.com
s2.adform.net
simage2.pubmatic.com
sslwidget.criteo.com
static.cloudflareinsights.com
stats.g.doubleclick.net
sync-criteo.ads.yieldmo.com
sync-t1.taboola.com
sync.outbrain.com
track.adform.net
trc-events.taboola.com
trc.taboola.com
ups.analytics.yahoo.com
visitor.omnitagjs.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
x.bidswitch.net
141.226.228.48
142.250.185.98
151.101.1.44
162.19.138.117
172.217.16.194
178.250.2.146
178.250.2.151
18.156.0.31
18.194.140.105
185.255.84.153
185.64.189.110
185.80.39.216
185.86.137.110
2.18.235.93
23.35.237.56
2606:4700:3108::ac42:2b9b
2606:4700:440e::ac40:9c1a
2a00:1450:4001:802::2002
2a00:1450:4001:827::200e
2a00:1450:4001:82b::2004
2a00:1450:4001:82b::2008
2a00:1450:4001:82f::2003
2a00:1450:400c:c00::9b
2a02:2638:1::13
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
3.120.13.175
3.141.157.49
34.117.157.22
34.255.156.219
37.157.2.234
37.157.2.249
37.252.173.62
52.214.159.83
52.59.60.193
54.155.44.87
69.173.144.139
70.42.32.95
76.223.111.18
96.16.132.239
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
10858af95871c9f93285f3a47c5039499d7f6c1ee83f1961c48fc6d18ef53b93
174c0dbd55a5bc3930f2299f4b84537d672905d1d6d9ac64ce06e61805fb1021
2033ec88dd7a244b7df174791b9f9f13da99bf92a36fc6b612bb13a6e14a82a0
21e68cdcaf1ece434adc8645b05dd048cbbf341ff2fa389e012463116bfb5c7a
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2d4367f7d7fb24c411adaabc28e2c0c8f1632d159f349b30fe1ea9cf3303b336
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
3877ccfca008c4438ee1d15bdaffee8aa55f12b0602fbf831f95094cbaf04a23
3a6d3ecab89ec91612dbdcf15abdee5278c537aeb3ecee787d420d82f116b280
3d197bc455badd3cf032bca0048a206e2b1a977cf3bdaa01a6bce3a639595c3f
44f327eeeb995eabd2810452b355ca82979280a4d7def1bd980d3897e6999af6
45e0091e57ff659d0fe0711a43960d08bd5cf99b6f83e88eafa390fa6770192c
47ea4d99256f2275b8a7938a3c0efd6573a198a9aad65585abb9022f18c29a40
4aff9ae822865036f91a15928cf57ddadf5458c2f84565d2c6eef73f22e92daf
4bfb265272b0589d58e92c83cbdb4cf95be97fc3538c8d4348be19eb172b7261
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e62e0b35b0c150c771f204ce5d59f245b1e988b54bb9e3f6061cee648aa6fc8
53f6c9463c13a3e049444fb835529fc98e73a5eff6bdcfc60ade0520662798d5
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5910f7a9de7182dd7dd736153cc380b09068d01cb742300127edb13e7a93f560
639785aa0d683a5d24bcbe96629d8d07fd8eefd12499bd97606e65f9373a5112
65e6f0b01b58f5ac163324b375bfee269240fe131ac02ddac860bbf1fbfef37c
660a1f59aa3e3929346462a74d45f5039a1b5087347217215800e3de0f979911
689aa77b041f78242f72b97e92844cbf6501b700de1f505807c1c4a7091e8fd3
764e2aef64de10bd83db3f656925d58035e9598cd41c8b644c1ac45146935704
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
99a3fbeda3b74d3bd0a2ab6d0b49ea376959b31f0785dba6f03db6ce536c94bf
9e884a1ce37de935762983afa009018437764a7db6a0a9667c0926dac407a640
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b467a2d7cfb71acd244f227c7eed566b15b27d5e2518b6f2ef49dc788436a789
b81cc6d28cbf3df9c6127a05a865bef0842d917507cce946712974e748110957
b9dbd2945796927d9e685e4600d3f7a583f38fa1f306302c5f92deb45c9f488c
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bcd489b31e182215b44326f95a9472676a917e63fb20e70510c6f21be7f9c772
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cd6b60e8d33c4b1c5f91b54fc0b94714bf24deb70048055b02141a2c04a5326c
ce2236196b9592dbb084227aa99ba435c6b94e24948773780b1a95992cca7585
d0a42c5d7b4bc04b2d9725cf9d4527579c4f032b43cc9af5fb5735dca5bb7ec0
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
d60e90ca5b2f5f56653e7b22315ee3115b098a5af519be65b1982d432c15b92c
d8779b647ad8c973b761a9de57848d3214a2d73074382871d5008f12999c5827
e10e73150f3df422a4303b6ce5748b02a8606ab9617d7826f1ac21a566cb898d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e56451053236d0609126126105fb30ab407aa253673309b791c9e2cb58b274d3
e90567ca798874fbcc1d8a0ee7493ce3c7d03f9646ac22e79f9d8d1314fda512
ec955c146d567c86866ac4ab20e0b291243d3a890595bbc46c14ce5ea0d00351
eeb876caee6a7c0c094d07a7fbe152f6001dfb930c36dbd6988c394d12364b6c
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0bca4f24567d5a9ba027d5fe79c856b40777e989a1a9996df044188cd1b3b8d
f42283e0ca17a52688c5250e714ecd1b6a53af8b0f6e54ac64546499b0ec1b19
fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505
fe94f9b6dadf65e13ff1115e97a1ad766790503543096ac739bf770bbaa2b865

m.helikon.bg Open in urlscan Pro 2606:4700:3108::ac42:2b9b Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

88 Requests

88 %HTTPS

28 %IPv6

34 Domains

48 Subdomains

39 IPs

9 Countries

1141 kBTransfer

3476 kBSize

43 Cookies

13 Outgoing links

Redirected requests

88 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

m.helikon.bg Open in urlscan Pro
2606:4700:3108::ac42:2b9b Public Scan

Screenshot
Live screenshot

Full Image

88
Requests

88 %
HTTPS

28 %
IPv6

34
Domains

48
Subdomains

39
IPs

9
Countries

1141 kB
Transfer

3476 kB
Size

43
Cookies

88 HTTP transactions
4 data transactions