e-service.ermzapad.bg Open in urlscan Pro
213.91.170.92 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://e-service.ermzapad.bg/
Effective URL:
https://e-service.ermzapad.bg/login
Submission: On April 23 via api (April 23rd 2024, 10:47:56 am UTC) from DE — Scanned from DE

Summary HTTP 14 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 14 HTTP transactions. The main IP is 213.91.170.92, located in Bulgaria and belongs to VIVACOM-AS BULGARIA, BG. The main domain is e-service.ermzapad.bg.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on April 2nd 2024. Valid for: a year.

This is the only time e-service.ermzapad.bg was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 14	213.91.170.92 213.91.170.92	8866 (VIVACOM-A...) (VIVACOM-AS BULGARIA)
1	2606:4700:20:... 2606:4700:20::681a:7dc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
14	2

14 213.91.170.92 (Bulgaria) 1 redirects

ASN8866 (VIVACOM-AS BULGARIA, BG)
PTR: 213-91-170-92.ip.btc-net.bg

e-service.ermzapad.bg	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:7dc (United States)

ASN13335 (CLOUDFLARENET, US)

www.freeprivacypolicy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	ermzapad.bg 1 redirects e-service.ermzapad.bg	3 MB
1	freeprivacypolicy.com www.freeprivacypolicy.com — Cisco Umbrella Rank: 85152	45 KB
14	2

	Domain	Requested by
14	e-service.ermzapad.bg	1 redirects e-service.ermzapad.bg
1	www.freeprivacypolicy.com	e-service.ermzapad.bg
14	2

This site contains links to these domains. Also see Links.

Domain
electrohold.bg

Subject Issuer	Validity	Valid
e-service.ermzapad.bg Sectigo RSA Domain Validation Secure Server CA	`2024-04-02` - `2025-05-02`	a year	crt.sh
freeprivacypolicy.com E1	`2024-03-04` - `2024-06-02`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://e-service.ermzapad.bg/login
Frame ID: D4C21163D29129BDAFC877A750BB5F55
Requests: 14 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Електронни услуги - ЕРМ ЗАПАД

Page URL History Show full URLs

http://e-service.ermzapad.bg/ HTTP 307
https://e-service.ermzapad.bg/ HTTP 302
https://e-service.ermzapad.bg/login Page URL

Detected technologies

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Page Statistics

14
Requests

100 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

3002 kB
Transfer

3106 kB
Size

2
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://electrohold.bg/bg/centr-za-obsluzhvane-na-klienti/
Title: търговски център

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://e-service.ermzapad.bg/ HTTP 307
https://e-service.ermzapad.bg/ HTTP 302
https://e-service.ermzapad.bg/login Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

14 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request login Show response
e-service.ermzapad.bg/
Redirect Chain

http://e-service.ermzapad.bg/
https://e-service.ermzapad.bg/
https://e-service.ermzapad.bg/login

13 KB
15 KB

245ms
245ms

Document
text/html

213.91.170.92
VIVACOM-AS BULGARIA

General

Check archive.org

Show headers Download Go to

Full URL

https://e-service.ermzapad.bg/login

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

213.91.170.92 , Bulgaria, ASN8866 (VIVACOM-AS BULGARIA, BG),

Reverse DNS

213-91-170-92.ip.btc-net.bg

Software

Nothing here :) /

Resource Hash

66b8f4bd223dec9bfed0f89b4b01fe49d23e73092bf53364c15e1241c1565a42

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: 'unsafe-inline' 'unsafe-eval'
Public-Key-Pins	pin-sha256='X3pGTSOuJeEVw989IJ/cEtXUEmy52zs1TZQrU06KUKg='; pin-sha256='MHJYVThihUrJcxW6wcqyOISTXIsInsdj3xK8QrZbHec='; pin-sha256='isi41AizREkLvvft0IRW4u3XMFR2Yg7bvrF7padyCJg='; includeSubdomains; max-age=2592000; path=/; HttpOnly; secure
Strict-Transport-Security	max-age=31536000; includeSubDomains;
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	Deny
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Cache-Control: no-cache, private
Content-Length: 13073
Content-Security-Policy: default-src https: data: 'unsafe-inline' 'unsafe-eval'
Content-Type: text/html; charset=UTF-8
Date: Tue, 23 Apr 2024 10:47:51 GMT
Expect-CT: max-age=7776000, enforce
Permissions-Policy: fullscreen=()
Public-Key-Pins: pin-sha256='X3pGTSOuJeEVw989IJ/cEtXUEmy52zs1TZQrU06KUKg='; pin-sha256='MHJYVThihUrJcxW6wcqyOISTXIsInsdj3xK8QrZbHec='; pin-sha256='isi41AizREkLvvft0IRW4u3XMFR2Yg7bvrF7padyCJg='; includeSubdomains; max-age=2592000; path=/; HttpOnly; secure
Referrer-Policy: strict-origin
Server: Nothing here :)
Strict-Transport-Security: max-age=31536000; includeSubDomains;
X-Content-Type-Options: nosniff nosniff
X-Frame-Options: Deny
X-XSS-Protections: 1; mode=block
X-Xss-Protection: 1; mode=block

Redirect headers

Cache-Control: no-cache, private
Content-Length: 386
Content-Security-Policy: default-src https: data: 'unsafe-inline' 'unsafe-eval'
Content-Type: text/html; charset=UTF-8
Date: Tue, 23 Apr 2024 10:47:51 GMT
Expect-CT: max-age=7776000, enforce
Location: https://e-service.ermzapad.bg/login
Permissions-Policy: fullscreen=()
Public-Key-Pins: pin-sha256='X3pGTSOuJeEVw989IJ/cEtXUEmy52zs1TZQrU06KUKg='; pin-sha256='MHJYVThihUrJcxW6wcqyOISTXIsInsdj3xK8QrZbHec='; pin-sha256='isi41AizREkLvvft0IRW4u3XMFR2Yg7bvrF7padyCJg='; includeSubdomains; max-age=2592000; path=/; HttpOnly; secure
Referrer-Policy: strict-origin
Server: Nothing here :)
Strict-Transport-Security: max-age=31536000; includeSubDomains;
X-Content-Type-Options: nosniff nosniff
X-Frame-Options: Deny
X-XSS-Protections: 1; mode=block
X-Xss-Protection: 1; mode=block

GET
H/1.1 200
OK app.js Show response
e-service.ermzapad.bg/js/ 1 MB
1 MB 159ms
92ms Script
application/javascript 213.91.170.92
VIVACOM-AS BULGARIA

General

Check archive.org

Show headers Download Go to

Full URL

https://e-service.ermzapad.bg/js/app.js

Requested by

Host: e-service.ermzapad.bg
URL: https://e-service.ermzapad.bg/login

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

213.91.170.92 , Bulgaria, ASN8866 (VIVACOM-AS BULGARIA, BG),

Reverse DNS

213-91-170-92.ip.btc-net.bg

Software

Nothing here :) /

Resource Hash

10e16f38f4e416ba0ac7dfec287859525856602477f0ec6563c2dd081cf3a300

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: 'unsafe-inline' 'unsafe-eval'
Public-Key-Pins	pin-sha256='X3pGTSOuJeEVw989IJ/cEtXUEmy52zs1TZQrU06KUKg='; pin-sha256='MHJYVThihUrJcxW6wcqyOISTXIsInsdj3xK8QrZbHec='; pin-sha256='isi41AizREkLvvft0IRW4u3XMFR2Yg7bvrF7padyCJg='; includeSubdomains; max-age=2592000; path=/; HttpOnly; secure
Strict-Transport-Security	max-age=31536000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	Deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://e-service.ermzapad.bg/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Content-Security-Policy: default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security: max-age=31536000; includeSubDomains;
Referrer-Policy: strict-origin
X-Content-Type-Options: nosniff
Last-Modified: Tue, 02 Aug 2022 07:18:05 GMT
Server: Nothing here :)
Date: Tue, 23 Apr 2024 10:47:51 GMT
ETag: "304b5f240a6d81:0"
X-Frame-Options: Deny
Content-Type: application/javascript
Permissions-Policy: fullscreen=()
Accept-Ranges: bytes
Content-Length: 1335334
X-Xss-Protection: 1; mode=block
Public-Key-Pins: pin-sha256='X3pGTSOuJeEVw989IJ/cEtXUEmy52zs1TZQrU06KUKg='; pin-sha256='MHJYVThihUrJcxW6wcqyOISTXIsInsdj3xK8QrZbHec='; pin-sha256='isi41AizREkLvvft0IRW4u3XMFR2Yg7bvrF7padyCJg='; includeSubdomains; max-age=2592000; path=/; HttpOnly; secure

GET
H/1.1 200
OK app.css
e-service.ermzapad.bg/css/ 392 KB
393 KB 62ms
37ms Stylesheet
text/css 213.91.170.92
VIVACOM-AS BULGARIA

General

Check archive.org

Show headers Download Go to

Full URL

https://e-service.ermzapad.bg/css/app.css

Requested by

Host: e-service.ermzapad.bg
URL: https://e-service.ermzapad.bg/login

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

213.91.170.92 , Bulgaria, ASN8866 (VIVACOM-AS BULGARIA, BG),

Reverse DNS

213-91-170-92.ip.btc-net.bg

Software

Nothing here :) /

Resource Hash

b041bbf1e7327a15857876434154d17488c761e3e14059d498694157243e2a2d

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: 'unsafe-inline' 'unsafe-eval'
Public-Key-Pins	pin-sha256='X3pGTSOuJeEVw989IJ/cEtXUEmy52zs1TZQrU06KUKg='; pin-sha256='MHJYVThihUrJcxW6wcqyOISTXIsInsdj3xK8QrZbHec='; pin-sha256='isi41AizREkLvvft0IRW4u3XMFR2Yg7bvrF7padyCJg='; includeSubdomains; max-age=2592000; path=/; HttpOnly; secure
Strict-Transport-Security	max-age=31536000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	Deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://e-service.ermzapad.bg/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Content-Security-Policy: default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security: max-age=31536000; includeSubDomains;
Referrer-Policy: strict-origin
X-Content-Type-Options: nosniff
Last-Modified: Tue, 02 Aug 2022 07:18:05 GMT
Server: Nothing here :)
Date: Tue, 23 Apr 2024 10:47:51 GMT
ETag: "192458240a6d81:0"
X-Frame-Options: Deny
Content-Type: text/css
Permissions-Policy: fullscreen=()
Accept-Ranges: bytes
Content-Length: 401875
X-Xss-Protection: 1; mode=block
Public-Key-Pins: pin-sha256='X3pGTSOuJeEVw989IJ/cEtXUEmy52zs1TZQrU06KUKg='; pin-sha256='MHJYVThihUrJcxW6wcqyOISTXIsInsdj3xK8QrZbHec='; pin-sha256='isi41AizREkLvvft0IRW4u3XMFR2Yg7bvrF7padyCJg='; includeSubdomains; max-age=2592000; path=/; HttpOnly; secure

GET
H/1.1 200
OK all.css
e-service.ermzapad.bg/assets/fontawesome-pro-5.15.3-web/css/ 208 KB
209 KB 156ms
89ms Stylesheet
text/css 213.91.170.92
VIVACOM-AS BULGARIA

General

Check archive.org

Show headers Download Go to

Full URL

https://e-service.ermzapad.bg/assets/fontawesome-pro-5.15.3-web/css/all.css

Requested by

Host: e-service.ermzapad.bg
URL: https://e-service.ermzapad.bg/login

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

213.91.170.92 , Bulgaria, ASN8866 (VIVACOM-AS BULGARIA, BG),

Reverse DNS

213-91-170-92.ip.btc-net.bg

Software

Nothing here :) /

Resource Hash

e002d314a0061fc6245d04ff673d9f2796edbde74ef5c02fe735f23947a25243

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: 'unsafe-inline' 'unsafe-eval'
Public-Key-Pins	pin-sha256='X3pGTSOuJeEVw989IJ/cEtXUEmy52zs1TZQrU06KUKg='; pin-sha256='MHJYVThihUrJcxW6wcqyOISTXIsInsdj3xK8QrZbHec='; pin-sha256='isi41AizREkLvvft0IRW4u3XMFR2Yg7bvrF7padyCJg='; includeSubdomains; max-age=2592000; path=/; HttpOnly; secure
Strict-Transport-Security	max-age=31536000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	Deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://e-service.ermzapad.bg/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Content-Security-Policy: default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security: max-age=31536000; includeSubDomains;
Referrer-Policy: strict-origin
X-Content-Type-Options: nosniff
Last-Modified: Thu, 30 Jun 2022 07:32:01 GMT
Server: Nothing here :)
Date: Tue, 23 Apr 2024 10:47:51 GMT
ETag: "dfe0407d538cd81:0"
X-Frame-Options: Deny
Content-Type: text/css
Permissions-Policy: fullscreen=()
Accept-Ranges: bytes
Content-Length: 213221
X-Xss-Protection: 1; mode=block
Public-Key-Pins: pin-sha256='X3pGTSOuJeEVw989IJ/cEtXUEmy52zs1TZQrU06KUKg='; pin-sha256='MHJYVThihUrJcxW6wcqyOISTXIsInsdj3xK8QrZbHec='; pin-sha256='isi41AizREkLvvft0IRW4u3XMFR2Yg7bvrF7padyCJg='; includeSubdomains; max-age=2592000; path=/; HttpOnly; secure

GET
H/1.1 200
OK style.css
e-service.ermzapad.bg/assets/ 10 KB
11 KB 156ms
89ms Stylesheet
text/css 213.91.170.92
VIVACOM-AS BULGARIA

General

Check archive.org

Show headers Download Go to

Full URL

https://e-service.ermzapad.bg/assets/style.css

Requested by

Host: e-service.ermzapad.bg
URL: https://e-service.ermzapad.bg/login

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

213.91.170.92 , Bulgaria, ASN8866 (VIVACOM-AS BULGARIA, BG),

Reverse DNS

213-91-170-92.ip.btc-net.bg

Software

Nothing here :) /

Resource Hash

3ed3df2c8d7bce47dec668ec9fef8faffb4d705ca4f66d06482fb51a19d0f051

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: 'unsafe-inline' 'unsafe-eval'
Public-Key-Pins	pin-sha256='X3pGTSOuJeEVw989IJ/cEtXUEmy52zs1TZQrU06KUKg='; pin-sha256='MHJYVThihUrJcxW6wcqyOISTXIsInsdj3xK8QrZbHec='; pin-sha256='isi41AizREkLvvft0IRW4u3XMFR2Yg7bvrF7padyCJg='; includeSubdomains; max-age=2592000; path=/; HttpOnly; secure
Strict-Transport-Security	max-age=31536000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	Deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://e-service.ermzapad.bg/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Content-Security-Policy: default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security: max-age=31536000; includeSubDomains;
Referrer-Policy: strict-origin
X-Content-Type-Options: nosniff
Last-Modified: Tue, 02 Aug 2022 07:18:05 GMT
Server: Nothing here :)
Date: Tue, 23 Apr 2024 10:47:51 GMT
ETag: "192458240a6d81:0"
X-Frame-Options: Deny
Content-Type: text/css
Permissions-Policy: fullscreen=()
Accept-Ranges: bytes
Content-Length: 10091
X-Xss-Protection: 1; mode=block
Public-Key-Pins: pin-sha256='X3pGTSOuJeEVw989IJ/cEtXUEmy52zs1TZQrU06KUKg='; pin-sha256='MHJYVThihUrJcxW6wcqyOISTXIsInsdj3xK8QrZbHec='; pin-sha256='isi41AizREkLvvft0IRW4u3XMFR2Yg7bvrF7padyCJg='; includeSubdomains; max-age=2592000; path=/; HttpOnly; secure

GET
H/1.1 200
OK ERM_Zapad_Logo.png
e-service.ermzapad.bg/assets/img/ 327 KB
328 KB 160ms
93ms Image
image/png 213.91.170.92
VIVACOM-AS BULGARIA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://e-service.ermzapad.bg/assets/img/ERM_Zapad_Logo.png

Requested by

Host: e-service.ermzapad.bg
URL: https://e-service.ermzapad.bg/login

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

213.91.170.92 , Bulgaria, ASN8866 (VIVACOM-AS BULGARIA, BG),

Reverse DNS

213-91-170-92.ip.btc-net.bg

Software

Nothing here :) /

Resource Hash

a89d2aaf217a199e1ad1725ab30fb4a300ca7c79d090579048b77cd4730d98e3

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: 'unsafe-inline' 'unsafe-eval'
Public-Key-Pins	pin-sha256='X3pGTSOuJeEVw989IJ/cEtXUEmy52zs1TZQrU06KUKg='; pin-sha256='MHJYVThihUrJcxW6wcqyOISTXIsInsdj3xK8QrZbHec='; pin-sha256='isi41AizREkLvvft0IRW4u3XMFR2Yg7bvrF7padyCJg='; includeSubdomains; max-age=2592000; path=/; HttpOnly; secure
Strict-Transport-Security	max-age=31536000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	Deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://e-service.ermzapad.bg/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Content-Security-Policy: default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security: max-age=31536000; includeSubDomains;
Referrer-Policy: strict-origin
X-Content-Type-Options: nosniff
Last-Modified: Tue, 02 Aug 2022 07:18:05 GMT
Server: Nothing here :)
Date: Tue, 23 Apr 2024 10:47:51 GMT
ETag: "bcc155240a6d81:0"
X-Frame-Options: Deny
Content-Type: image/png
Permissions-Policy: fullscreen=()
Accept-Ranges: bytes
Content-Length: 335232
X-Xss-Protection: 1; mode=block
Public-Key-Pins: pin-sha256='X3pGTSOuJeEVw989IJ/cEtXUEmy52zs1TZQrU06KUKg='; pin-sha256='MHJYVThihUrJcxW6wcqyOISTXIsInsdj3xK8QrZbHec='; pin-sha256='isi41AizREkLvvft0IRW4u3XMFR2Yg7bvrF7padyCJg='; includeSubdomains; max-age=2592000; path=/; HttpOnly; secure

GET
H/1.1 200
OK blockui.js Show response
e-service.ermzapad.bg/js/ 20 KB
21 KB 154ms
87ms Script
application/javascript 213.91.170.92
VIVACOM-AS BULGARIA

General

Check archive.org

Show headers Download Go to

Full URL

https://e-service.ermzapad.bg/js/blockui.js

Requested by

Host: e-service.ermzapad.bg
URL: https://e-service.ermzapad.bg/login

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

213.91.170.92 , Bulgaria, ASN8866 (VIVACOM-AS BULGARIA, BG),

Reverse DNS

213-91-170-92.ip.btc-net.bg

Software

Nothing here :) /

Resource Hash

19a659b4a9d935efdc6314ce966b5781b8440b6ecc3b071f24be0f79ee87cc91

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: 'unsafe-inline' 'unsafe-eval'
Public-Key-Pins	pin-sha256='X3pGTSOuJeEVw989IJ/cEtXUEmy52zs1TZQrU06KUKg='; pin-sha256='MHJYVThihUrJcxW6wcqyOISTXIsInsdj3xK8QrZbHec='; pin-sha256='isi41AizREkLvvft0IRW4u3XMFR2Yg7bvrF7padyCJg='; includeSubdomains; max-age=2592000; path=/; HttpOnly; secure
Strict-Transport-Security	max-age=31536000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	Deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://e-service.ermzapad.bg/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Content-Security-Policy: default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security: max-age=31536000; includeSubDomains;
Referrer-Policy: strict-origin
X-Content-Type-Options: nosniff
Last-Modified: Thu, 30 Jun 2022 07:32:19 GMT
Server: Nothing here :)
Date: Tue, 23 Apr 2024 10:47:51 GMT
ETag: "b476ea87538cd81:0"
X-Frame-Options: Deny
Content-Type: application/javascript
Permissions-Policy: fullscreen=()
Accept-Ranges: bytes
Content-Length: 20584
X-Xss-Protection: 1; mode=block
Public-Key-Pins: pin-sha256='X3pGTSOuJeEVw989IJ/cEtXUEmy52zs1TZQrU06KUKg='; pin-sha256='MHJYVThihUrJcxW6wcqyOISTXIsInsdj3xK8QrZbHec='; pin-sha256='isi41AizREkLvvft0IRW4u3XMFR2Yg7bvrF7padyCJg='; includeSubdomains; max-age=2592000; path=/; HttpOnly; secure

GET
H/1.1 200
OK lacuna-web-pki-2.14.3.min.js Show response
e-service.ermzapad.bg/js/ 50 KB
50 KB 34ms
33ms Script
application/javascript 213.91.170.92
VIVACOM-AS BULGARIA

General

Check archive.org

Show headers Download Go to

Full URL

https://e-service.ermzapad.bg/js/lacuna-web-pki-2.14.3.min.js

Requested by

Host: e-service.ermzapad.bg
URL: https://e-service.ermzapad.bg/login

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

213.91.170.92 , Bulgaria, ASN8866 (VIVACOM-AS BULGARIA, BG),

Reverse DNS

213-91-170-92.ip.btc-net.bg

Software

Nothing here :) /

Resource Hash

3fdd8b17578fc34ab09e66de7c3a4388c72bf2b9b0164731557faeb5a9e695e9

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: 'unsafe-inline' 'unsafe-eval'
Public-Key-Pins	pin-sha256='X3pGTSOuJeEVw989IJ/cEtXUEmy52zs1TZQrU06KUKg='; pin-sha256='MHJYVThihUrJcxW6wcqyOISTXIsInsdj3xK8QrZbHec='; pin-sha256='isi41AizREkLvvft0IRW4u3XMFR2Yg7bvrF7padyCJg='; includeSubdomains; max-age=2592000; path=/; HttpOnly; secure
Strict-Transport-Security	max-age=31536000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	Deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://e-service.ermzapad.bg/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Content-Security-Policy: default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security: max-age=31536000; includeSubDomains;
Referrer-Policy: strict-origin
X-Content-Type-Options: nosniff
Last-Modified: Thu, 30 Jun 2022 07:32:19 GMT
Server: Nothing here :)
Date: Tue, 23 Apr 2024 10:47:51 GMT
ETag: "b476ea87538cd81:0"
X-Frame-Options: Deny
Content-Type: application/javascript
Permissions-Policy: fullscreen=()
Accept-Ranges: bytes
Content-Length: 50694
X-Xss-Protection: 1; mode=block
Public-Key-Pins: pin-sha256='X3pGTSOuJeEVw989IJ/cEtXUEmy52zs1TZQrU06KUKg='; pin-sha256='MHJYVThihUrJcxW6wcqyOISTXIsInsdj3xK8QrZbHec='; pin-sha256='isi41AizREkLvvft0IRW4u3XMFR2Yg7bvrF7padyCJg='; includeSubdomains; max-age=2592000; path=/; HttpOnly; secure

GET
H/1.1 200
OK login-signature-form-es.js Show response
e-service.ermzapad.bg/js/ 9 KB
9 KB 35ms
35ms Script
application/javascript 213.91.170.92
VIVACOM-AS BULGARIA

General

Check archive.org

Show headers Download Go to

Full URL

https://e-service.ermzapad.bg/js/login-signature-form-es.js

Requested by

Host: e-service.ermzapad.bg
URL: https://e-service.ermzapad.bg/login

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

213.91.170.92 , Bulgaria, ASN8866 (VIVACOM-AS BULGARIA, BG),

Reverse DNS

213-91-170-92.ip.btc-net.bg

Software

Nothing here :) /

Resource Hash

31e0a60981e8b0a63c98e6d1f6f9dd81670b9a97496f00acda84d05b376ffab4

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: 'unsafe-inline' 'unsafe-eval'
Public-Key-Pins	pin-sha256='X3pGTSOuJeEVw989IJ/cEtXUEmy52zs1TZQrU06KUKg='; pin-sha256='MHJYVThihUrJcxW6wcqyOISTXIsInsdj3xK8QrZbHec='; pin-sha256='isi41AizREkLvvft0IRW4u3XMFR2Yg7bvrF7padyCJg='; includeSubdomains; max-age=2592000; path=/; HttpOnly; secure
Strict-Transport-Security	max-age=31536000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	Deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://e-service.ermzapad.bg/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Content-Security-Policy: default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security: max-age=31536000; includeSubDomains;
Referrer-Policy: strict-origin
X-Content-Type-Options: nosniff
Last-Modified: Thu, 30 Jun 2022 07:32:19 GMT
Server: Nothing here :)
Date: Tue, 23 Apr 2024 10:47:51 GMT
ETag: "b476ea87538cd81:0"
X-Frame-Options: Deny
Content-Type: application/javascript
Permissions-Policy: fullscreen=()
Accept-Ranges: bytes
Content-Length: 8860
X-Xss-Protection: 1; mode=block
Public-Key-Pins: pin-sha256='X3pGTSOuJeEVw989IJ/cEtXUEmy52zs1TZQrU06KUKg='; pin-sha256='MHJYVThihUrJcxW6wcqyOISTXIsInsdj3xK8QrZbHec='; pin-sha256='isi41AizREkLvvft0IRW4u3XMFR2Yg7bvrF7padyCJg='; includeSubdomains; max-age=2592000; path=/; HttpOnly; secure

GET
H2 200 cookie-consent.js Show response
www.freeprivacypolicy.com/public/cookie-consent/3.1.0/ 160 KB
45 KB 76ms
50ms Script
application/javascript 2606:4700:20::681a:7dc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.freeprivacypolicy.com/public/cookie-consent/3.1.0/cookie-consent.js

Requested by

Host: e-service.ermzapad.bg
URL: https://e-service.ermzapad.bg/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:7dc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

98f316983281a9a7ade6d3fe3c6e8525109ec6fa11a8ec23c13cbdf02e68199e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://e-service.ermzapad.bg/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-priority: 5/n
date: Tue, 23 Apr 2024 10:47:52 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 42562
x-z: 5179
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
cf-bgj: minify
last-modified: Mon, 22 Apr 2024 19:05:40 GMT
server: cloudflare
etag: W/"be136576850069088c00ae38a13f9999"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dxP1SiS5b12%2BkSSv8ml2X0QtX9FT557T9UX8W%2FYghC3qgLmnCrB%2FpsXmF1SODIrq5APsV2Wj5E4TBC3QTixPZWZidkaDxGNqNKpGDkQ3OyhdAfr5NwXC7XErTluNy47wnsgbRq98nV4octXvxMxhsd9lJXOFCyc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
vary: Accept-Encoding
cache-control: public, immutable, max-age=3600
cf-ray: 878d47293f5f368b-FRA
expires: Mon, 22 Apr 2024 21:05:40 GMT

GET
H/1.1 200
OK Montserrat-Bold.ttf
e-service.ermzapad.bg/assets/Montserrat/ 239 KB
240 KB 34ms
34ms Font
application/octet-stream 213.91.170.92
VIVACOM-AS BULGARIA

General

Check archive.org

Show headers Download Go to

Full URL

https://e-service.ermzapad.bg/assets/Montserrat/Montserrat-Bold.ttf

Requested by

Host: e-service.ermzapad.bg
URL: https://e-service.ermzapad.bg/assets/style.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

213.91.170.92 , Bulgaria, ASN8866 (VIVACOM-AS BULGARIA, BG),

Reverse DNS

213-91-170-92.ip.btc-net.bg

Software

Nothing here :) /

Resource Hash

c8289a870d238aa042bdfd09364fe6dea524bcd1ea485341878d8c75a32ab444

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: 'unsafe-inline' 'unsafe-eval'
Public-Key-Pins	pin-sha256='X3pGTSOuJeEVw989IJ/cEtXUEmy52zs1TZQrU06KUKg='; pin-sha256='MHJYVThihUrJcxW6wcqyOISTXIsInsdj3xK8QrZbHec='; pin-sha256='isi41AizREkLvvft0IRW4u3XMFR2Yg7bvrF7padyCJg='; includeSubdomains; max-age=2592000; path=/; HttpOnly; secure
Strict-Transport-Security	max-age=31536000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	Deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://e-service.ermzapad.bg/
Origin: https://e-service.ermzapad.bg
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Content-Security-Policy: default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security: max-age=31536000; includeSubDomains;
Referrer-Policy: strict-origin
X-Content-Type-Options: nosniff
Last-Modified: Thu, 30 Jun 2022 07:32:01 GMT
Server: Nothing here :)
Date: Tue, 23 Apr 2024 10:47:51 GMT
ETag: "df5347d538cd81:0"
X-Frame-Options: Deny
Content-Type: application/octet-stream
Permissions-Policy: fullscreen=()
Accept-Ranges: bytes
Content-Length: 244468
X-Xss-Protection: 1; mode=block
Public-Key-Pins: pin-sha256='X3pGTSOuJeEVw989IJ/cEtXUEmy52zs1TZQrU06KUKg='; pin-sha256='MHJYVThihUrJcxW6wcqyOISTXIsInsdj3xK8QrZbHec='; pin-sha256='isi41AizREkLvvft0IRW4u3XMFR2Yg7bvrF7padyCJg='; includeSubdomains; max-age=2592000; path=/; HttpOnly; secure

GET
H/1.1 200
OK Montserrat-Regular.ttf
e-service.ermzapad.bg/assets/Montserrat/ 240 KB
241 KB 33ms
33ms Font
application/octet-stream 213.91.170.92
VIVACOM-AS BULGARIA

General

Check archive.org

Show headers Download Go to

Full URL

https://e-service.ermzapad.bg/assets/Montserrat/Montserrat-Regular.ttf

Requested by

Host: e-service.ermzapad.bg
URL: https://e-service.ermzapad.bg/assets/style.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

213.91.170.92 , Bulgaria, ASN8866 (VIVACOM-AS BULGARIA, BG),

Reverse DNS

213-91-170-92.ip.btc-net.bg

Software

Nothing here :) /

Resource Hash

077cdab15161232a9ba7124d2ddd7a9425145750788e9a966c156cc66274f525

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: 'unsafe-inline' 'unsafe-eval'
Public-Key-Pins	pin-sha256='X3pGTSOuJeEVw989IJ/cEtXUEmy52zs1TZQrU06KUKg='; pin-sha256='MHJYVThihUrJcxW6wcqyOISTXIsInsdj3xK8QrZbHec='; pin-sha256='isi41AizREkLvvft0IRW4u3XMFR2Yg7bvrF7padyCJg='; includeSubdomains; max-age=2592000; path=/; HttpOnly; secure
Strict-Transport-Security	max-age=31536000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	Deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://e-service.ermzapad.bg/
Origin: https://e-service.ermzapad.bg
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Content-Security-Policy: default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security: max-age=31536000; includeSubDomains;
Referrer-Policy: strict-origin
X-Content-Type-Options: nosniff
Last-Modified: Thu, 30 Jun 2022 07:32:01 GMT
Server: Nothing here :)
Date: Tue, 23 Apr 2024 10:47:51 GMT
ETag: "201c3c7d538cd81:0"
X-Frame-Options: Deny
Content-Type: application/octet-stream
Permissions-Policy: fullscreen=()
Accept-Ranges: bytes
Content-Length: 245708
X-Xss-Protection: 1; mode=block
Public-Key-Pins: pin-sha256='X3pGTSOuJeEVw989IJ/cEtXUEmy52zs1TZQrU06KUKg='; pin-sha256='MHJYVThihUrJcxW6wcqyOISTXIsInsdj3xK8QrZbHec='; pin-sha256='isi41AizREkLvvft0IRW4u3XMFR2Yg7bvrF7padyCJg='; includeSubdomains; max-age=2592000; path=/; HttpOnly; secure

GET
H/1.1 200
OK fa-solid-900.woff2
e-service.ermzapad.bg/assets/fontawesome-pro-5.15.3-web/webfonts/ 134 KB
134 KB 107ms
107ms Font
application/font-woff2 213.91.170.92
VIVACOM-AS BULGARIA

General

Check archive.org

Show headers Download Go to

Full URL

https://e-service.ermzapad.bg/assets/fontawesome-pro-5.15.3-web/webfonts/fa-solid-900.woff2

Requested by

Host: e-service.ermzapad.bg
URL: https://e-service.ermzapad.bg/assets/fontawesome-pro-5.15.3-web/css/all.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

213.91.170.92 , Bulgaria, ASN8866 (VIVACOM-AS BULGARIA, BG),

Reverse DNS

213-91-170-92.ip.btc-net.bg

Software

Nothing here :) /

Resource Hash

943efdb4b38963df0653d778f233b55db3e19f44794e4ff944e33b8849dcdb3c

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: 'unsafe-inline' 'unsafe-eval'
Public-Key-Pins	pin-sha256='X3pGTSOuJeEVw989IJ/cEtXUEmy52zs1TZQrU06KUKg='; pin-sha256='MHJYVThihUrJcxW6wcqyOISTXIsInsdj3xK8QrZbHec='; pin-sha256='isi41AizREkLvvft0IRW4u3XMFR2Yg7bvrF7padyCJg='; includeSubdomains; max-age=2592000; path=/; HttpOnly; secure
Strict-Transport-Security	max-age=31536000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	Deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://e-service.ermzapad.bg/
Origin: https://e-service.ermzapad.bg
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Content-Security-Policy: default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security: max-age=31536000; includeSubDomains;
Referrer-Policy: strict-origin
X-Content-Type-Options: nosniff
Last-Modified: Thu, 30 Jun 2022 07:32:16 GMT
Server: Nothing here :)
Date: Tue, 23 Apr 2024 10:47:51 GMT
ETag: "c0a1b085538cd81:0"
X-Frame-Options: Deny
Content-Type: application/font-woff2
Permissions-Policy: fullscreen=()
Accept-Ranges: bytes
Content-Length: 136824
X-Xss-Protection: 1; mode=block
Public-Key-Pins: pin-sha256='X3pGTSOuJeEVw989IJ/cEtXUEmy52zs1TZQrU06KUKg='; pin-sha256='MHJYVThihUrJcxW6wcqyOISTXIsInsdj3xK8QrZbHec='; pin-sha256='isi41AizREkLvvft0IRW4u3XMFR2Yg7bvrF7padyCJg='; includeSubdomains; max-age=2592000; path=/; HttpOnly; secure

GET
H/1.1 200
OK favicon.ico
e-service.ermzapad.bg/assets/img/ 1 KB
2 KB 34ms
34ms Other
image/x-icon 213.91.170.92
VIVACOM-AS BULGARIA

General

Check archive.org

Show headers Download Go to

Full URL

https://e-service.ermzapad.bg/assets/img/favicon.ico

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

213.91.170.92 , Bulgaria, ASN8866 (VIVACOM-AS BULGARIA, BG),

Reverse DNS

213-91-170-92.ip.btc-net.bg

Software

Nothing here :) /

Resource Hash

5475b1d9530b3fb0739347a4e0da9d650fe539aae4828d842731f917d78d9d56

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: 'unsafe-inline' 'unsafe-eval'
Public-Key-Pins	pin-sha256='X3pGTSOuJeEVw989IJ/cEtXUEmy52zs1TZQrU06KUKg='; pin-sha256='MHJYVThihUrJcxW6wcqyOISTXIsInsdj3xK8QrZbHec='; pin-sha256='isi41AizREkLvvft0IRW4u3XMFR2Yg7bvrF7padyCJg='; includeSubdomains; max-age=2592000; path=/; HttpOnly; secure
Strict-Transport-Security	max-age=31536000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	Deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://e-service.ermzapad.bg/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Content-Security-Policy: default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security: max-age=31536000; includeSubDomains;
Referrer-Policy: strict-origin
X-Content-Type-Options: nosniff
Last-Modified: Thu, 30 Jun 2022 07:32:16 GMT
Server: Nothing here :)
Date: Tue, 23 Apr 2024 10:47:52 GMT
ETag: "7866b585538cd81:0"
X-Frame-Options: Deny
Content-Type: image/x-icon
Permissions-Policy: fullscreen=()
Accept-Ranges: bytes
Content-Length: 1132
X-Xss-Protection: 1; mode=block
Public-Key-Pins: pin-sha256='X3pGTSOuJeEVw989IJ/cEtXUEmy52zs1TZQrU06KUKg='; pin-sha256='MHJYVThihUrJcxW6wcqyOISTXIsInsdj3xK8QrZbHec='; pin-sha256='isi41AizREkLvvft0IRW4u3XMFR2Yg7bvrF7padyCJg='; includeSubdomains; max-age=2592000; path=/; HttpOnly; secure

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			e-service.ermzapad.bg/	1970-01-20 20:04:36	Name: XSRF-TOKEN Value: eyJpdiI6IjNvdkhWTmVrbnNaTm9NSHhncjNjSFE9PSIsInZhbHVlIjoiOFdBWlV0Z3NtbDRaSG1WQjhsbFNvUUVKZEo1ZkIxMUNNQ3lKNUpRVjF1ZWlmWXVYNnU5SUQ2YUhlR2x2c1AzNFJqU211OUo4WXJybmMxbmI1TWF3UGhlR0VRVzNyWDhNWXhtdHRFYnBDUGhIMzZtQm9iTUwxTlZreGFwZ3ppR1YiLCJtYWMiOiI2YTExMDk0NGJmNTg2NGRlOTJkYWQ1YmI2NTg5ODFhNWEyMmViOGJhNzUwZjM5NzU4MDgyYmU5ODIyYTBhMGMzIiwidGFnIjoiIn0%3D
			e-service.ermzapad.bg/	1970-01-20 20:04:36	Name: erm_zapad_elektronni_uslugi_session Value: eyJpdiI6ImR4SjI5Z0lSUGpwbHBwSnJWVlFxUVE9PSIsInZhbHVlIjoidzFaRzQvbjB1bXk1OXdKWmgyMERTVXNVTjFhU2tLYythYm16TGpkbWZlVGhoVUI0YXBES1pWbHhpc052THh1K2lFTXlieFJVNWJWYWxWaTZ6T0pIOUlzS2RMYzYxRXlGby9PemlmcHkwTDZxSERpV3RUYTVRZC9KUUNjdGtYQVQiLCJtYWMiOiIzMWI3MDBhNzI3NTNiYTk3ODE4ZThjNDhlMDRkMTZlYmRkNDg4ZjdjNjgxZWUzNzY0NWE1OTJlNTYxYjI0ZWI4IiwidGFnIjoiIn0%3D

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src https: data: 'unsafe-inline' 'unsafe-eval'
Public-Key-Pins	pin-sha256='X3pGTSOuJeEVw989IJ/cEtXUEmy52zs1TZQrU06KUKg='; pin-sha256='MHJYVThihUrJcxW6wcqyOISTXIsInsdj3xK8QrZbHec='; pin-sha256='isi41AizREkLvvft0IRW4u3XMFR2Yg7bvrF7padyCJg='; includeSubdomains; max-age=2592000; path=/; HttpOnly; secure
Strict-Transport-Security	max-age=31536000; includeSubDomains;
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	Deny
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

e-service.ermzapad.bg
www.freeprivacypolicy.com
213.91.170.92
2606:4700:20::681a:7dc
077cdab15161232a9ba7124d2ddd7a9425145750788e9a966c156cc66274f525
10e16f38f4e416ba0ac7dfec287859525856602477f0ec6563c2dd081cf3a300
19a659b4a9d935efdc6314ce966b5781b8440b6ecc3b071f24be0f79ee87cc91
31e0a60981e8b0a63c98e6d1f6f9dd81670b9a97496f00acda84d05b376ffab4
3ed3df2c8d7bce47dec668ec9fef8faffb4d705ca4f66d06482fb51a19d0f051
3fdd8b17578fc34ab09e66de7c3a4388c72bf2b9b0164731557faeb5a9e695e9
5475b1d9530b3fb0739347a4e0da9d650fe539aae4828d842731f917d78d9d56
66b8f4bd223dec9bfed0f89b4b01fe49d23e73092bf53364c15e1241c1565a42
943efdb4b38963df0653d778f233b55db3e19f44794e4ff944e33b8849dcdb3c
98f316983281a9a7ade6d3fe3c6e8525109ec6fa11a8ec23c13cbdf02e68199e
a89d2aaf217a199e1ad1725ab30fb4a300ca7c79d090579048b77cd4730d98e3
b041bbf1e7327a15857876434154d17488c761e3e14059d498694157243e2a2d
c8289a870d238aa042bdfd09364fe6dea524bcd1ea485341878d8c75a32ab444
e002d314a0061fc6245d04ff673d9f2796edbde74ef5c02fe735f23947a25243

e-service.ermzapad.bg Open in urlscan Pro 213.91.170.92 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

14 Requests

100 %HTTPS

50 %IPv6

2 Domains

2 Subdomains

2 IPs

2 Countries

3002 kBTransfer

3106 kBSize

2 Cookies

1 Outgoing links

Page URL History

Redirected requests

14 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

2 Cookies

Security Headers

Indicators

e-service.ermzapad.bg Open in urlscan Pro
213.91.170.92 Public Scan

Screenshot
Live screenshot

Full Image

14
Requests

100 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

3002 kB
Transfer

3106 kB
Size

2
Cookies

14 HTTP transactions
0 data transactions