smbshumen.alle.bg Open in urlscan Pro
52.209.140.2 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://smbshumen.alle.bg/%D0%BA%D0%BE%D0%BD%D1%82%D0%B0%D0%BA%D1%82%D0%B8/
Submission Tags: falconsandbox
Submission: On July 23 via api (July 23rd 2022, 8:54:25 am UTC) from US — Scanned from DE

Summary HTTP 55 Redirects Links 8 Behaviour Indicators

Summary

This website contacted 19 IPs in 4 countries across 12 domains to perform 55 HTTP transactions. The main IP is 52.209.140.2, located in Dublin, Ireland and belongs to AMAZON-02, US. The main domain is smbshumen.alle.bg.
TLS certificate: Issued by R3 on May 30th 2022. Valid for: 3 months.

This is the only time smbshumen.alle.bg was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	52.209.140.2 52.209.140.2	16509 (AMAZON-02) (AMAZON-02)
11	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
13	18.157.140.53 18.157.140.53	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:813::200e	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80e::200a	15169 (GOOGLE) (GOOGLE)
1	172.217.18.2 172.217.18.2	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:803::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:827::2004	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:812::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
1	2a02:2638::2 2a02:2638::2	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a02:2638::b 2a02:2638::b	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
7	2a02:2638:1::3 2a02:2638:1::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	178.250.0.160 178.250.0.160	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	178.250.2.150 178.250.2.150	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
55	19

2 52.209.140.2 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-209-140-2.eu-west-1.compute.amazonaws.com

smbshumen.alle.bg	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 18.157.140.53 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-157-140-53.eu-central-1.compute.amazonaws.com

cdn5.amcn.in	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

translate.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

translate.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.18.2 (United States)

ASN15169 (GOOGLE, US)
PTR: fra02s19-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:812::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.fr.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638::b (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

ads.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.160 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

cat.fr.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.2.150 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

csm.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	amcn.in cdn5.amcn.in	115 KB
12	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 123 tpc.googlesyndication.com — Cisco Umbrella Rank: 159	220 KB
9	criteo.net static.criteo.net — Cisco Umbrella Rank: 615 csm.eu.criteo.net — Cisco Umbrella Rank: 7348	163 KB
4	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 56	18 KB
4	google.com translate.google.com — Cisco Umbrella Rank: 1449 adservice.google.com — Cisco Umbrella Rank: 96 www.google.com — Cisco Umbrella Rank: 10	28 KB
3	criteo.com rtb.fr.eu.criteo.com — Cisco Umbrella Rank: 13433 ads.eu.criteo.com — Cisco Umbrella Rank: 7319 cat.fr.eu.criteo.com — Cisco Umbrella Rank: 9222	19 KB
3	googleapis.com translate.googleapis.com — Cisco Umbrella Rank: 1210	83 KB
2	gstatic.com www.gstatic.com	3 KB
2	alle.bg smbshumen.alle.bg	25 KB
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 181	43 KB
1	google.de adservice.google.de — Cisco Umbrella Rank: 8252	792 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 873	639 B
55	12

	Domain	Requested by
13	cdn5.amcn.in	smbshumen.alle.bg
7	static.criteo.net	ads.eu.criteo.com
7	pagead2.googlesyndication.com	smbshumen.alle.bg pagead2.googlesyndication.com www.googletagservices.com tpc.googlesyndication.com
5	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
4	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
3	translate.googleapis.com	translate.googleapis.com
2	csm.eu.criteo.net	ads.eu.criteo.com
2	www.google.com	smbshumen.alle.bg tpc.googlesyndication.com
2	www.gstatic.com	translate.googleapis.com smbshumen.alle.bg
2	smbshumen.alle.bg	smbshumen.alle.bg
1	cat.fr.eu.criteo.com	ads.eu.criteo.com
1	ads.eu.criteo.com	googleads.g.doubleclick.net
1	rtb.fr.eu.criteo.com	googleads.g.doubleclick.net
1	www.googletagservices.com	googleads.g.doubleclick.net
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	translate.google.com	smbshumen.alle.bg
55	18

This site contains links to these domains. Also see Links.

Domain
www.rio-shumen.net
www.minedu.government.bg
www.math.bas.bg
smb-varna.com
bgchart.net
zdravkopetrov.weebly.com
alle.bg

Subject Issuer	Validity	Valid
*.alle.bg R3	`2022-05-30` - `2022-08-28`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-07-04` - `2022-09-26`	3 months	crt.sh
cdn5.amcn.in R3	`2022-06-26` - `2022-09-24`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-07-04` - `2022-09-26`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-07-04` - `2022-09-26`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-07-04` - `2022-09-26`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-07-04` - `2022-09-26`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-07-04` - `2022-09-26`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-07-04` - `2022-09-26`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-07-04` - `2022-09-26`	3 months	crt.sh
*.fr.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-07-22` - `2022-10-19`	3 months	crt.sh
*.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-05-27` - `2022-08-25`	3 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-06-21` - `2022-09-23`	3 months	crt.sh
*.eu.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-06-12` - `2022-09-12`	3 months	crt.sh

This page contains 9 frames:

Primary Page: https://smbshumen.alle.bg/%D0%BA%D0%BE%D0%BD%D1%82%D0%B0%D0%BA%D1%82%D0%B8/
Frame ID: 3410C1441503E828B8404A2C8FEA1B52
Requests: 32 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220721/r20190131/zrt_lookup.html
Frame ID: 14DFC0A7F314BBFE6A6F50486B24E26E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8967311918154367&output=html&adk=1812271804&adf=3025194257&lmt=1658566460&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fsmbshumen.alle.bg%2F%25D0%25BA%25D0%25BE%25D0%25BD%25D1%2582%25D0%25B0%25D0%25BA%25D1%2582%25D0%25B8%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658566460505&bpp=3&bdt=268&idt=135&shv=r20220721&mjsv=m202207190101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7677160244433&frm=20&pv=2&ga_vid=1355776595.1658566461&ga_sid=1658566461&ga_hid=877100299&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C31068592%2C42531607%2C31062930&oid=2&pvsid=3883470792951932&tmod=1373140414&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=158
Frame ID: E489F62C6A6196D1B0D0A64F04A2567B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8967311918154367&output=html&h=600&slotname=1952520136&adk=2995784285&adf=3010869035&pi=t.ma~as.1952520136&w=160&fwrn=4&fwrnh=100&lmt=1658566460&rafmt=1&psa=0&format=160x600&url=https%3A%2F%2Fsmbshumen.alle.bg%2F%25D0%25BA%25D0%25BE%25D0%25BD%25D1%2582%25D0%25B0%25D0%25BA%25D1%2582%25D0%25B8%2F&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658566460508&bpp=2&bdt=272&idt=166&shv=r20220721&mjsv=m202207190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7677160244433&frm=20&pv=1&ga_vid=1355776595.1658566461&ga_sid=1658566461&ga_hid=877100299&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=330&ady=225&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C31068592%2C42531607%2C31062930&oid=2&pvsid=3883470792951932&tmod=1373140414&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=xI5gJMP797&p=https%3A//smbshumen.alle.bg&dtd=172
Frame ID: 7C59FC6ADF015D35615860385F7DAA47
Requests: 8 HTTP requests in this frame

Frame: data://truncated
Frame ID: 4CD14DEFD1E1672779D1CF413C82E04A
Requests: 1 HTTP requests in this frame

Frame: https://translate.googleapis.com/translate_static/css/translateelement.css
Frame ID: AFAB2B7EA1538F12F045C99F5FC36118
Requests: 1 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=Ytu3PgAOiC4Hg4dWAAmgQrx5mcgNenjI_hGsrQ&u=%7CVz6q7Pyu9LJMcXyiZmiLmpITtOuEeqXcw9F5Ebhx4J8%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUETQtbu7-RuG02-JTbIw6iQcfCEIzTmgNg2xIeFvE2zqG5Krl42EQ_NfJtqDXlZook-yjPlCiHsGqLg7Be3rS1ShzDvWSp2PvsXZFBeSfQSfncLJ7PQVFVCa-iPB3Sgdg6mLlIfchw27Il7FRQsAcw5JsmhfPgAyc6nudpEEnvKr5_IW0fYeIxaCEhi5l2dbzsoiJuuwEAcURMKwpQZEfN_ySPv_Gvaq4w89b3jJqdMfDy1kRfiSQjXPqYfVPyiOyo94B7VTVD9EHyOTYik6jAxkQj0qepppmOPRBrR50ikqcdPPHTXcY5Amb82ZZk28q9oRWeXKSeEu-YeS6oFDufKqGdOceQyOOc00O9t6UM0vnUk7OtyGVxwsAZ1S3VVFP97n0K5qPUnKUsAXrEYBzt_xF7W5pNeY_yRjErE8UX3k7-pQWW07cyiKfK2tJjEI8&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCr37mPrfbYq6QOtaOjuwPwsCmyAfJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTg5NjczMTE5MTgxNTQzNjegAdW20uoDyAEJqQJcLBabbCKxPqgDAaoE9AFP0L1fSKC5yfm_gwdbNFZYVugFr4McyJY2_6nkGeLz3Lw3KGPPQwVzXs_dFOMu2qy0I0lfEWKI_Vqm99dWsVbReFW76jzCERvj4Hyf-R0HaSIfSRUUT8tDcahgFQYsZGc4sHYO0IYRIec5PZGr4Qi27TyPYG4UDlbzRWSc2gJHRxVoS5SPo5JLe9XpOTAMsqixz0RG-fEhltWFUY4UV9LCTv0i9e8LPMZaeKkuI4asYN90s_haLbKiAgkV2gKSXCIe79k03PUfRPwv_W79d3LXjQRBeltnNKFeVOXQ0-KLXWv9BOyXUPJnJiQd9dIrsd-rnj1TgAbQhMeAwJjFlwKgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggPCIDhgHAQATIC6wI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0OwyawdVcavt_iMMV4SbPWku08jw%26client%3Dca-pub-8967311918154367%26adurl%3D
Frame ID: 7DF12472063B6537D59B8A15813A11A8
Requests: 11 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 0C856B7E85A9DD9DA820019D96513C43
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: BF04EA6953B7906AABDF88D532C2DB8A
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Контакти

Detected technologies

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Page Statistics

55
Requests

100 %
HTTPS

71 %
IPv6

12
Domains

18
Subdomains

19
IPs

4
Countries

721 kB
Transfer

1576 kB
Size

2
Cookies

8 Outgoing links

These are links going to different origins than the main page.

URL: http://www.rio-shumen.net/

Search URL Search Domain Scan URL

URL: http://www.minedu.government.bg/news-home/

Search URL Search Domain Scan URL

URL: http://www.math.bas.bg/smb/

Search URL Search Domain Scan URL

URL: http://smb-varna.com/

Search URL Search Domain Scan URL

URL: http://www.math.bas.bg/hssi/

Search URL Search Domain Scan URL

URL: http://bgchart.net/in/25410

Search URL Search Domain Scan URL

URL: http://zdravkopetrov.weebly.com/
Title: ЗДРАВКО ПЕТРОВ

Search URL Search Domain Scan URL

URL: https://alle.bg/?-vssource=internal:sitefooter
Title: Уебсайт в Alle.bg

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

55 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
smbshumen.alle.bg/%D0%BA%D0%BE%D0%BD%D1%82%D0%B0%D0%BA%D1%82%D0%B8/ 127 KB
25 KB 267ms
134ms Document
text/html 52.209.140.2
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://smbshumen.alle.bg/%D0%BA%D0%BE%D0%BD%D1%82%D0%B0%D0%BA%D1%82%D0%B8/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

52.209.140.2 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-209-140-2.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

130e57f323c82ff28660f98b7e654c9f3024264f2171efe67bbc40a551dfff5f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sat, 23 Jul 2022 08:54:22 GMT
link: <https://cdn5.amcn.in/>; rel=preconnect
server: nginx
strict-transport-security: max-age=63072000; includeSubDomains; preload

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 165 KB
56 KB 187ms
91ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: smbshumen.alle.bg
URL: https://smbshumen.alle.bg/%D0%BA%D0%BE%D0%BD%D1%82%D0%B0%D0%BA%D1%82%D0%B8/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

450e9ccd9fb170f48fa6e90d4fb7c11670cff3cea41695be4d2a213cd4ee7a1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://smbshumen.alle.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sat, 23 Jul 2022 08:54:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56658
x-xss-protection: 0
server: cafe
etag: 17510990399459353781
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 23 Jul 2022 08:54:22 GMT

GET
H2 200 contactFormElement.min.js Show response
cdn5.amcn.in/c/assets/caa3a3891abb-c999999999-v36789cb31c/ 990 B
459 B 91ms
55ms Script
text/javascript 18.157.140.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn5.amcn.in/c/assets/caa3a3891abb-c999999999-v36789cb31c/contactFormElement.min.js
Requested by: Host: smbshumen.alle.bg
URL: https://smbshumen.alle.bg/%D0%BA%D0%BE%D0%BD%D1%82%D0%B0%D0%BA%D1%82%D0%B8/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.157.140.53 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-157-140-53.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: fec481e03df6058be60a682ad903cd219fadc47901a168697f56e34ad8e78acd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://smbshumen.alle.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sat, 23 Jul 2022 08:54:22 GMT
cache-control: public, max-age=999999999
server: nginx
content-encoding: gzip
content-type: text/javascript;charset=UTF-8

GET
DATA 200
OK truncated
/ 44 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dd0a89078267d32b84d5692634c6b72043ed17846d144d4bb99931e83f4a583d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Type: image/webp

GET
H2 200 yadtu59icve.jpg
cdn5.amcn.in/a/smbshumen.alle.bg/assets/5efd5c7cf430-c999999999/ 45 KB
46 KB 53ms
41ms Image
image/jpeg 18.157.140.53
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn5.amcn.in/a/smbshumen.alle.bg/assets/5efd5c7cf430-c999999999/yadtu59icve.jpg
Requested by: Host: smbshumen.alle.bg
URL: https://smbshumen.alle.bg/%D0%BA%D0%BE%D0%BD%D1%82%D0%B0%D0%BA%D1%82%D0%B8/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.157.140.53 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-157-140-53.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b7049f4810d1946c211ecb0baabd66f2e8f5d3ab66cfa9301153ace84abac23e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://smbshumen.alle.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sat, 23 Jul 2022 08:54:22 GMT
cache-control: public, max-age=999999999
server: nginx
content-length: 46433
content-type: image/jpeg

GET
H2 200 5h2823m41j8.png
cdn5.amcn.in/a/smbshumen.alle.bg/assets/20ccd888796b-c999999999/ 27 KB
28 KB 68ms
55ms Image
image/png 18.157.140.53
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn5.amcn.in/a/smbshumen.alle.bg/assets/20ccd888796b-c999999999/5h2823m41j8.png
Requested by: Host: smbshumen.alle.bg
URL: https://smbshumen.alle.bg/%D0%BA%D0%BE%D0%BD%D1%82%D0%B0%D0%BA%D1%82%D0%B8/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.157.140.53 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-157-140-53.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: f1177592def13d6df1d3b9b0052146ece1fd2b9dc6e4ea2b6e1dfbbb263cb0aa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://smbshumen.alle.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sat, 23 Jul 2022 08:54:22 GMT
cache-control: public, max-age=999999999
server: nginx
content-length: 28144
content-type: image/png

GET
H2 200 1rh5g07l4q2.jpg
cdn5.amcn.in/a/smbshumen.alle.bg/assets/4be17ec0e9e1-c999999999/ 15 KB
15 KB 67ms
55ms Image
image/jpeg 18.157.140.53
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn5.amcn.in/a/smbshumen.alle.bg/assets/4be17ec0e9e1-c999999999/1rh5g07l4q2.jpg
Requested by: Host: smbshumen.alle.bg
URL: https://smbshumen.alle.bg/%D0%BA%D0%BE%D0%BD%D1%82%D0%B0%D0%BA%D1%82%D0%B8/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.157.140.53 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-157-140-53.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 636c1b357d8ada1f58ebb0427dcf893ee0203b9329a1b7973502430bfc0bbb86

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://smbshumen.alle.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sat, 23 Jul 2022 08:54:22 GMT
cache-control: public, max-age=999999999
server: nginx
content-length: 15589
content-type: image/jpeg

GET
DATA 200
OK truncated
/ 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 109 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ba46e4241ae942f247b9a7f85b6f4f8100ede038730080380ec82f2a58c729c6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 b69ylf06z8e.jpg
cdn5.amcn.in/a/smbshumen.alle.bg/assets/b4c91a4a3fce-c999999999/ 2 KB
2 KB 51ms
51ms Image
image/jpeg 18.157.140.53
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn5.amcn.in/a/smbshumen.alle.bg/assets/b4c91a4a3fce-c999999999/b69ylf06z8e.jpg
Requested by: Host: smbshumen.alle.bg
URL: https://smbshumen.alle.bg/%D0%BA%D0%BE%D0%BD%D1%82%D0%B0%D0%BA%D1%82%D0%B8/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.157.140.53 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-157-140-53.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: efa6af188969b5573d02d05e80c29498273f62833832c501e09c943e8017fe54

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://smbshumen.alle.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sat, 23 Jul 2022 08:54:22 GMT
cache-control: public, max-age=999999999
server: nginx
content-length: 1778
content-type: image/jpeg

GET
H2 200 element.js Show response
translate.google.com/translate_a/ 76 KB
27 KB 139ms
53ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.google.com/translate_a/element.js?cb=googleTranslateInitgted7acf448359b64cd28a791422a3424c4

Requested by

Host: smbshumen.alle.bg
URL: https://smbshumen.alle.bg/%D0%BA%D0%BE%D0%BD%D1%82%D0%B0%D0%BA%D1%82%D0%B8/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d535fa647f4ec8750773cfeff8fb8cb88e088484166b7f42858386f09f1816d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://smbshumen.alle.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Jul 2022 08:54:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/javascript; charset=utf-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 7o07v03n6n.webp
cdn5.amcn.in/a/smbshumen.alle.bg/assets/1b347c0be88c-w175-c999999999-ojpg/ 4 KB
4 KB 33ms
32ms Image
image/webp 18.157.140.53
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn5.amcn.in/a/smbshumen.alle.bg/assets/1b347c0be88c-w175-c999999999-ojpg/7o07v03n6n.webp
Requested by: Host: smbshumen.alle.bg
URL: https://smbshumen.alle.bg/%D0%BA%D0%BE%D0%BD%D1%82%D0%B0%D0%BA%D1%82%D0%B8/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.157.140.53 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-157-140-53.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: d37473cae64c50e896fd1770010f63017bf3ee74ce1b7399e6b00b148f491195

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://smbshumen.alle.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sat, 23 Jul 2022 08:54:22 GMT
cache-control: public, max-age=999999999
server: nginx
content-length: 3742
content-type: image/webp

GET
H2 200 m47mfd6noe.webp
cdn5.amcn.in/a/smbshumen.alle.bg/assets/de26e3373388-w175-c999999999-ojpg/ 5 KB
5 KB 34ms
33ms Image
image/webp 18.157.140.53
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn5.amcn.in/a/smbshumen.alle.bg/assets/de26e3373388-w175-c999999999-ojpg/m47mfd6noe.webp
Requested by: Host: smbshumen.alle.bg
URL: https://smbshumen.alle.bg/%D0%BA%D0%BE%D0%BD%D1%82%D0%B0%D0%BA%D1%82%D0%B8/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.157.140.53 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-157-140-53.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: eab7f1b7a1b895e143bbf9de95af638db285ddccb6f486bd48de30ce7b1d266a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://smbshumen.alle.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sat, 23 Jul 2022 08:54:22 GMT
cache-control: public, max-age=999999999
server: nginx
content-length: 4668
content-type: image/webp

GET
H2 200 ka9vu3uouc.webp
cdn5.amcn.in/a/smbshumen.alle.bg/assets/044e76bb7e04-w175-c999999999-ojpg/ 4 KB
4 KB 37ms
36ms Image
image/webp 18.157.140.53
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn5.amcn.in/a/smbshumen.alle.bg/assets/044e76bb7e04-w175-c999999999-ojpg/ka9vu3uouc.webp
Requested by: Host: smbshumen.alle.bg
URL: https://smbshumen.alle.bg/%D0%BA%D0%BE%D0%BD%D1%82%D0%B0%D0%BA%D1%82%D0%B8/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.157.140.53 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-157-140-53.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 0eb1c110ce92ca26cfdb0fffbd2927114873bfefced2d376d7223446c0d946cc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://smbshumen.alle.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sat, 23 Jul 2022 08:54:22 GMT
cache-control: public, max-age=999999999
server: nginx
content-length: 3714
content-type: image/webp

GET
H2 200 iptnpp89nq.webp
cdn5.amcn.in/a/smbshumen.alle.bg/assets/1824d46b59ef-c999999999-opng/ 3 KB
4 KB 40ms
39ms Image
image/webp 18.157.140.53
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn5.amcn.in/a/smbshumen.alle.bg/assets/1824d46b59ef-c999999999-opng/iptnpp89nq.webp
Requested by: Host: smbshumen.alle.bg
URL: https://smbshumen.alle.bg/%D0%BA%D0%BE%D0%BD%D1%82%D0%B0%D0%BA%D1%82%D0%B8/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.157.140.53 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-157-140-53.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3f9717d9dbc1fb2fc56ce922f93768cb686e26639c0daa3d656c64b11af1535

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://smbshumen.alle.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sat, 23 Jul 2022 08:54:22 GMT
cache-control: public, max-age=999999999
server: nginx
content-length: 3498
content-type: image/webp

GET
H2 200 zbk4zqs93v.gif
cdn5.amcn.in/a/smbshumen.alle.bg/assets/cc8921377e78-c999999999/ 3 KB
3 KB 40ms
40ms Image
image/gif 18.157.140.53
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn5.amcn.in/a/smbshumen.alle.bg/assets/cc8921377e78-c999999999/zbk4zqs93v.gif
Requested by: Host: smbshumen.alle.bg
URL: https://smbshumen.alle.bg/%D0%BA%D0%BE%D0%BD%D1%82%D0%B0%D0%BA%D1%82%D0%B8/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.157.140.53 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-157-140-53.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 8b10fbf0f0dc9d03a7afffcf6dd5c36305fe22758933e27592831bcf5a5d69be

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://smbshumen.alle.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sat, 23 Jul 2022 08:54:22 GMT
cache-control: public, max-age=999999999
server: nginx
content-length: 3187
content-type: image/gif

GET
H2 200 -vs.js Show response
smbshumen.alle.bg/ 2 B
115 B 43ms
42ms Script
text/javascript 52.209.140.2
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://smbshumen.alle.bg/-vs.js?a=pageview&d=%7B%22url%22%3A%22https%3A%2F%2Fsmbshumen.alle.bg%2F%25D0%25BA%25D0%25BE%25D0%25BD%25D1%2582%25D0%25B0%25D0%25BA%25D1%2582%25D0%25B8%2F%22%7D&u=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F103.0.5060.134%20Safari%2F537.36
Requested by: Host: smbshumen.alle.bg
URL: https://smbshumen.alle.bg/%D0%BA%D0%BE%D0%BD%D1%82%D0%B0%D0%BA%D1%82%D0%B8/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.209.140.2 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-209-140-2.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://smbshumen.alle.bg/%D0%BA%D0%BE%D0%BD%D1%82%D0%B0%D0%BA%D1%82%D0%B8/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sat, 23 Jul 2022 08:54:22 GMT
cache-control: no-cache, no-store, must-revalidate
server: nginx
content-length: 2
content-type: text/javascript; charset=UTF-8

GET
H2 200 321d04vydp.webp
cdn5.amcn.in/a/smbshumen.alle.bg/assets/0f2ab5d11d7a-w175-c999999999-ojpg/ 5 KB
5 KB 18ms
18ms Image
image/webp 18.157.140.53
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn5.amcn.in/a/smbshumen.alle.bg/assets/0f2ab5d11d7a-w175-c999999999-ojpg/321d04vydp.webp
Requested by: Host: smbshumen.alle.bg
URL: https://smbshumen.alle.bg/%D0%BA%D0%BE%D0%BD%D1%82%D0%B0%D0%BA%D1%82%D0%B8/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.157.140.53 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-157-140-53.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 95bfd9f344d66cfb15f445942257e7006021e415eca51802895dca1b799f1dd9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://smbshumen.alle.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sat, 23 Jul 2022 08:54:22 GMT
cache-control: public, max-age=999999999
server: nginx
content-length: 4636
content-type: image/webp

GET
H2 200 ydp3w5q27h.webp
cdn5.amcn.in/a/smbshumen.alle.bg/assets/d8ad568bf2bf-w750-c999999999-ojpg/ 472 B
567 B 80ms
79ms Image
image/webp 18.157.140.53
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn5.amcn.in/a/smbshumen.alle.bg/assets/d8ad568bf2bf-w750-c999999999-ojpg/ydp3w5q27h.webp
Requested by: Host: smbshumen.alle.bg
URL: https://smbshumen.alle.bg/%D0%BA%D0%BE%D0%BD%D1%82%D0%B0%D0%BA%D1%82%D0%B8/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.157.140.53 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-157-140-53.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: ec15fae36988513e4f13f4eabb7136028e142ef03000bf3fe66d408a86906263

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://smbshumen.alle.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sat, 23 Jul 2022 08:54:22 GMT
cache-control: public, max-age=999999999
server: nginx
content-length: 472
content-type: image/webp

GET
H2 200 3y045f5yoi.webp
cdn5.amcn.in/a/smbshumen.alle.bg/assets/175361b9c9eb-w750-c999999999-ojpg/ 472 B
567 B 173ms
172ms Image
image/webp 18.157.140.53
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn5.amcn.in/a/smbshumen.alle.bg/assets/175361b9c9eb-w750-c999999999-ojpg/3y045f5yoi.webp
Requested by: Host: smbshumen.alle.bg
URL: https://smbshumen.alle.bg/%D0%BA%D0%BE%D0%BD%D1%82%D0%B0%D0%BA%D1%82%D0%B8/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.157.140.53 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-157-140-53.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: ec15fae36988513e4f13f4eabb7136028e142ef03000bf3fe66d408a86906263

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://smbshumen.alle.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sat, 23 Jul 2022 08:54:22 GMT
cache-control: public, max-age=999999999
server: nginx
content-length: 472
content-type: image/webp

GET
H2 200 translateelement.css
translate.googleapis.com/translate_static/css/ 18 KB
4 KB 262ms
36ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.googleapis.com/translate_static/css/translateelement.css

Requested by

Host:
URL: /_/translate_http/_/js/k=translate_http.tr.de.YTJ3qZX0-F8.O/d=1/rs=AN8SPfox5v5U7CuFCWzlc6K_mT9pFlqXhQ/m=el_conf

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d0a6e3bc914db376bf187c380750b197c317e1bf40fab9ad959ad5facd8f9ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://smbshumen.alle.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sat, 23 Jul 2022 08:41:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 777
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3130
x-xss-protection: 0
last-modified: Wed, 24 Feb 2021 19:45:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="rosetta"
vary: Accept-Encoding
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Sat, 23 Jul 2022 09:41:25 GMT

GET
H2 200 m=el_main Show response
translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.de.YTJ3qZX0-F8.O/d=1/exm=el_conf/ed=1/rs=AN8SPfox5v5U7CuFCWzlc6K_mT9pFlqXhQ/ 224 KB
76 KB 263ms
38ms Script
text/javascript 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.de.YTJ3qZX0-F8.O/d=1/exm=el_conf/ed=1/rs=AN8SPfox5v5U7CuFCWzlc6K_mT9pFlqXhQ/m=el_main

Requested by

Host:
URL: /_/translate_http/_/js/k=translate_http.tr.de.YTJ3qZX0-F8.O/d=1/rs=AN8SPfox5v5U7CuFCWzlc6K_mT9pFlqXhQ/m=el_conf

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dd6814e2e075c813a63a9503d7c18044c4630c64ec9a0d2ff17ebaa3b94aabbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://smbshumen.alle.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 22 Jul 2022 21:30:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 41013
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 78017
x-xss-protection: 0
last-modified: Wed, 20 Jul 2022 21:21:09 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="rosetta"
vary: Accept-Encoding
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 22 Jul 2023 21:30:49 GMT

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207190101/ 338 KB
119 KB 65ms
64ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207190101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8967311918154367&plah=smbshumen.alle.bg

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4f92ae311a3556d2aae2b935249a0ab5b42e430c09b2fb266e1c39e6fadf619f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://smbshumen.alle.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sat, 23 Jul 2022 08:54:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 121831
x-xss-protection: 0
server: cafe
etag: 13096737861751203856
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 23 Jul 2022 08:54:22 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220721/r20190131/ Frame 14DF 10 KB
5 KB 39ms
39ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220721/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://smbshumen.alle.bg/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 58656
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4412
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 22 Jul 2022 16:36:46 GMT
etag: 8616628553774171045
expires: Fri, 05 Aug 2022 16:36:46 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 211 B
639 B 152ms
47ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=smbshumen.alle.bg&callback=_gfp_s_&client=ca-pub-8967311918154367

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207190101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8967311918154367&plah=smbshumen.alle.bg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f2.1e100.net

Software

cafe /

Resource Hash

22b3fc34254b56d17a3c0e6f09135b0dec73561361b31ba6b82e73523f6c500b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://smbshumen.alle.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sat, 23 Jul 2022 08:54:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 194
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 125ms
44ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=smbshumen.alle.bg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://smbshumen.alle.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 23 Jul 2022 08:54:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 133ms
47ms Script
application/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=smbshumen.alle.bg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://smbshumen.alle.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 23 Jul 2022 08:54:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame E489 10 KB
4 KB 207ms
207ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8967311918154367&output=html&adk=1812271804&adf=3025194257&lmt=1658566460&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fsmbshumen.alle.bg%2F%25D0%25BA%25D0%25BE%25D0%25BD%25D1%2582%25D0%25B0%25D0%25BA%25D1%2582%25D0%25B8%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658566460505&bpp=3&bdt=268&idt=135&shv=r20220721&mjsv=m202207190101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7677160244433&frm=20&pv=2&ga_vid=1355776595.1658566461&ga_sid=1658566461&ga_hid=877100299&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C31068592%2C42531607%2C31062930&oid=2&pvsid=3883470792951932&tmod=1373140414&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=158

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b94aea0cefe598bf7323d938ceac091b2dce2165f0c83eab0f8d4c34e42d2f3a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://smbshumen.alle.bg/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 4451
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 23 Jul 2022 08:54:23 GMT
expires: Sat, 23 Jul 2022 08:54:23 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 7C59 22 KB
9 KB 233ms
233ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8967311918154367&output=html&h=600&slotname=1952520136&adk=2995784285&adf=3010869035&pi=t.ma~as.1952520136&w=160&fwrn=4&fwrnh=100&lmt=1658566460&rafmt=1&psa=0&format=160x600&url=https%3A%2F%2Fsmbshumen.alle.bg%2F%25D0%25BA%25D0%25BE%25D0%25BD%25D1%2582%25D0%25B0%25D0%25BA%25D1%2582%25D0%25B8%2F&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658566460508&bpp=2&bdt=272&idt=166&shv=r20220721&mjsv=m202207190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7677160244433&frm=20&pv=1&ga_vid=1355776595.1658566461&ga_sid=1658566461&ga_hid=877100299&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=330&ady=225&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C31068592%2C42531607%2C31062930&oid=2&pvsid=3883470792951932&tmod=1373140414&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=xI5gJMP797&p=https%3A//smbshumen.alle.bg&dtd=172

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9271571420e34e274dd7b39ba4677872a139e9848aaa72e135bd954e06b6d4b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://smbshumen.alle.bg/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 9535
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 23 Jul 2022 08:54:23 GMT
expires: Sat, 23 Jul 2022 08:54:23 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated Show response
/ Frame 4CD1 2 KB
2 KB Document
text/html

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 52cf06797c66d59d2428883cb27b5b083eed8b73ff8e0e11af86ee162e11ad2c

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Content-Type: text/html;charset=UTF-8

GET
H2 200 translate_24dp.png
www.gstatic.com/images/branding/product/2x/ 2 KB
2 KB 125ms
42ms Image
image/png 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/branding/product/2x/translate_24dp.png

Requested by

Host: translate.googleapis.com
URL: https://translate.googleapis.com/translate_static/css/translateelement.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4dac0026fbfa2615dce30c0af12830863fe885f84387a0147b9e338f548d5d82

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://translate.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sat, 23 Jul 2022 08:27:15 GMT
x-content-type-options: nosniff
age: 1628
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1842
x-xss-protection: 0
last-modified: Thu, 14 Oct 2021 09:08:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sun, 23 Jul 2023 08:27:15 GMT

GET
H3 200 translateelement.css
translate.googleapis.com/translate_static/css/ Frame AFAB 18 KB
3 KB 118ms
38ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.googleapis.com/translate_static/css/translateelement.css

Requested by

Host: translate.googleapis.com
URL: https://translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.de.YTJ3qZX0-F8.O/d=1/exm=el_conf/ed=1/rs=AN8SPfox5v5U7CuFCWzlc6K_mT9pFlqXhQ/m=el_main

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d0a6e3bc914db376bf187c380750b197c317e1bf40fab9ad959ad5facd8f9ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://smbshumen.alle.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sat, 23 Jul 2022 08:41:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 778
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3130
x-xss-protection: 0
last-modified: Wed, 24 Feb 2021 19:45:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="rosetta"
vary: Accept-Encoding
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Sat, 23 Jul 2022 09:41:25 GMT

GET
H2 200 translate_24dp.png
www.gstatic.com/images/branding/product/1x/ 846 B
1 KB 122ms
41ms Image
image/png 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/branding/product/1x/translate_24dp.png

Requested by

Host: smbshumen.alle.bg
URL: https://smbshumen.alle.bg/%D0%BA%D0%BE%D0%BD%D1%82%D0%B0%D0%BA%D1%82%D0%B8/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a861509b658aa24fc3aed2867ac3c061e7d818d90b9990959afc6d1b5d4ff99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://smbshumen.alle.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sat, 23 Jul 2022 08:49:55 GMT
x-content-type-options: nosniff
age: 268
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 846
x-xss-protection: 0
last-modified: Thu, 14 Oct 2021 09:08:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sun, 23 Jul 2023 08:49:55 GMT

GET
H2 200 cleardot.gif
www.google.com/images/ 43 B
598 B 136ms
52ms Image
image/gif 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/images/cleardot.gif

Requested by

Host: smbshumen.alle.bg
URL: https://smbshumen.alle.bg/%D0%BA%D0%BE%D0%BD%D1%82%D0%B0%D0%BA%D1%82%D0%B8/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://smbshumen.alle.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Jul 2022 08:54:23 GMT
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:30:00 GMT
server: sffe
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220721/r20110914/client/ Frame 7C59 3 KB
1 KB 134ms
40ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220721/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8967311918154367&output=html&h=600&slotname=1952520136&adk=2995784285&adf=3010869035&pi=t.ma~as.1952520136&w=160&fwrn=4&fwrnh=100&lmt=1658566460&rafmt=1&psa=0&format=160x600&url=https%3A%2F%2Fsmbshumen.alle.bg%2F%25D0%25BA%25D0%25BE%25D0%25BD%25D1%2582%25D0%25B0%25D0%25BA%25D1%2582%25D0%25B8%2F&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658566460508&bpp=2&bdt=272&idt=166&shv=r20220721&mjsv=m202207190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7677160244433&frm=20&pv=1&ga_vid=1355776595.1658566461&ga_sid=1658566461&ga_hid=877100299&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=330&ady=225&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C31068592%2C42531607%2C31062930&oid=2&pvsid=3883470792951932&tmod=1373140414&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=xI5gJMP797&p=https%3A//smbshumen.alle.bg&dtd=172

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sat, 23 Jul 2022 07:58:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3328
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 06 Aug 2022 07:58:55 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220721/r20110914/client/ Frame 7C59 17 KB
8 KB 130ms
37ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220721/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5eae50f61bc5d236759611671bb2999991897dc3aa8afd97ed3cd29a231ceb59

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sat, 23 Jul 2022 07:59:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3297
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7308
x-xss-protection: 0
server: cafe
etag: 13288730413591369063
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 06 Aug 2022 07:59:26 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7C59 138 KB
43 KB 140ms
50ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

323e9da799553a90b73be7680a7a145ab2e9c13f43b7346fa3877eda55ecbfa7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sat, 23 Jul 2022 08:54:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43235
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1658317440141293"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 23 Jul 2022 08:54:23 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 7C59 0
0 80ms
79ms Fetch
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Cau7RPrfbYq6QOtaOjuwPwsCmyAfJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTg5NjczMTE5MTgxNTQzNjegAdW20uoDyAEJqQJcLBabbCKxPqgDAaoE8QFP0L1fSKC5yfm_gwdbNFZYVugFr4McyJY2_6nkGeLz3Lw3KGPPQwVzXs_dFOMu2qy0I0lfEWKI_Vqm99dWsVbReFW76jzCERvj4Hyf-R0HaSIfSRUUT8tDcahgFQYsZGc4sHYO0IYRIec5PZGr4Qi27TyPYG4UDlbzRWSc2gJHRxVoS5SPo5JLe9XpOTAMsqixz0RG-fEhltWFUY4UV9LCTv0i9e8LPMZaeKkuI4asYN90s_haLbKiAgkV2gKSXCIe79k03PUfRPwv_Sz_VuBQAphSxcdzl3Fj8h3Zx-g9V0XlhlhfbVSVmTox7VeBNcwUgAbQhMeAwJjFlwKgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggPCIDhgHAQATIC6wI6AoBAgAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTg5NjczMTE5MTgxNTQzNjcYAA&sigh=QOLWelxKS3w&uach_m=[UACH]&cid=CAQSGwCNIrLMWFnKJyUQhicklgDF32QlEovUPsHWJBgB

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8967311918154367&output=html&h=600&slotname=1952520136&adk=2995784285&adf=3010869035&pi=t.ma~as.1952520136&w=160&fwrn=4&fwrnh=100&lmt=1658566460&rafmt=1&psa=0&format=160x600&url=https%3A%2F%2Fsmbshumen.alle.bg%2F%25D0%25BA%25D0%25BE%25D0%25BD%25D1%2582%25D0%25B0%25D0%25BA%25D1%2582%25D0%25B8%2F&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658566460508&bpp=2&bdt=272&idt=166&shv=r20220721&mjsv=m202207190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7677160244433&frm=20&pv=1&ga_vid=1355776595.1658566461&ga_sid=1658566461&ga_hid=877100299&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=330&ady=225&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C31068592%2C42531607%2C31062930&oid=2&pvsid=3883470792951932&tmod=1373140414&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=xI5gJMP797&p=https%3A//smbshumen.alle.bg&dtd=172
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sat, 23 Jul 2022 08:54:23 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sat, 23 Jul 2022 08:54:23 GMT

GET
H2 200 notify
rtb.fr.eu.criteo.com/google/auction/ Frame 7C59 0
0 68ms
15ms Fetch 2a02:2638::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.fr.eu.criteo.com/google/auction/notify?profile=14&payload=kP2jEtyBMKAB2ASdg2ICAgAAAFqAI8Jkbv5EED6322K60GuqHE4MmBMB5gASAAA&wp=Ytu3PgAOiC4Hg4dWAAmgQrx5mcgNenjI_hGsrQ

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sat, 23 Jul 2022 08:54:22 GMT
server: Kestrel
server-processing-duration-in-ticks: 301161
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame 7DF1 48 KB
19 KB 65ms
21ms Document
text/html 2a02:2638::b
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=Ytu3PgAOiC4Hg4dWAAmgQrx5mcgNenjI_hGsrQ&u=%7CVz6q7Pyu9LJMcXyiZmiLmpITtOuEeqXcw9F5Ebhx4J8%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUETQtbu7-RuG02-JTbIw6iQcfCEIzTmgNg2xIeFvE2zqG5Krl42EQ_NfJtqDXlZook-yjPlCiHsGqLg7Be3rS1ShzDvWSp2PvsXZFBeSfQSfncLJ7PQVFVCa-iPB3Sgdg6mLlIfchw27Il7FRQsAcw5JsmhfPgAyc6nudpEEnvKr5_IW0fYeIxaCEhi5l2dbzsoiJuuwEAcURMKwpQZEfN_ySPv_Gvaq4w89b3jJqdMfDy1kRfiSQjXPqYfVPyiOyo94B7VTVD9EHyOTYik6jAxkQj0qepppmOPRBrR50ikqcdPPHTXcY5Amb82ZZk28q9oRWeXKSeEu-YeS6oFDufKqGdOceQyOOc00O9t6UM0vnUk7OtyGVxwsAZ1S3VVFP97n0K5qPUnKUsAXrEYBzt_xF7W5pNeY_yRjErE8UX3k7-pQWW07cyiKfK2tJjEI8&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCr37mPrfbYq6QOtaOjuwPwsCmyAfJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTg5NjczMTE5MTgxNTQzNjegAdW20uoDyAEJqQJcLBabbCKxPqgDAaoE9AFP0L1fSKC5yfm_gwdbNFZYVugFr4McyJY2_6nkGeLz3Lw3KGPPQwVzXs_dFOMu2qy0I0lfEWKI_Vqm99dWsVbReFW76jzCERvj4Hyf-R0HaSIfSRUUT8tDcahgFQYsZGc4sHYO0IYRIec5PZGr4Qi27TyPYG4UDlbzRWSc2gJHRxVoS5SPo5JLe9XpOTAMsqixz0RG-fEhltWFUY4UV9LCTv0i9e8LPMZaeKkuI4asYN90s_haLbKiAgkV2gKSXCIe79k03PUfRPwv_W79d3LXjQRBeltnNKFeVOXQ0-KLXWv9BOyXUPJnJiQd9dIrsd-rnj1TgAbQhMeAwJjFlwKgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggPCIDhgHAQATIC6wI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0OwyawdVcavt_iMMV4SbPWku08jw%26client%3Dca-pub-8967311918154367%26adurl%3D

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::b , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

534663a8a4e9d5f33a5102ed055fea2bf74c51346f8f83eed5a242fb8027f6fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Sat, 23 Jul 2022 08:54:23 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=AIdMszobvOPa2VMrn0aJHLt0Z6aXg1vXGFcUsLcpB4HYDIFu35OtK5nLL3F1nR_b1RPsgTtofKKrQLTXCbqu3M9rwuz6dZHLtQthOc0ViMJxmBBvpQIEVeSHfemQMusNpYAaXvzm7_EJqKN_pllfKM9juC9XpWHGHyF2oc2c16uYWlH8EmpJFmTNutK6bFNXoclgqz6I5BXY3gNx4RTZZtDf4Dvy_o1smrz_p4WGZFJwlfY2327AFouGJeJItoZK8Iw0AbqRCuV_4xMT"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 5523731
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 7DF1 2 KB
1 KB 99ms
56ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Ytu3PgAOiC4Hg4dWAAmgQrx5mcgNenjI_hGsrQ&u=%7CVz6q7Pyu9LJMcXyiZmiLmpITtOuEeqXcw9F5Ebhx4J8%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUETQtbu7-RuG02-JTbIw6iQcfCEIzTmgNg2xIeFvE2zqG5Krl42EQ_NfJtqDXlZook-yjPlCiHsGqLg7Be3rS1ShzDvWSp2PvsXZFBeSfQSfncLJ7PQVFVCa-iPB3Sgdg6mLlIfchw27Il7FRQsAcw5JsmhfPgAyc6nudpEEnvKr5_IW0fYeIxaCEhi5l2dbzsoiJuuwEAcURMKwpQZEfN_ySPv_Gvaq4w89b3jJqdMfDy1kRfiSQjXPqYfVPyiOyo94B7VTVD9EHyOTYik6jAxkQj0qepppmOPRBrR50ikqcdPPHTXcY5Amb82ZZk28q9oRWeXKSeEu-YeS6oFDufKqGdOceQyOOc00O9t6UM0vnUk7OtyGVxwsAZ1S3VVFP97n0K5qPUnKUsAXrEYBzt_xF7W5pNeY_yRjErE8UX3k7-pQWW07cyiKfK2tJjEI8&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCr37mPrfbYq6QOtaOjuwPwsCmyAfJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTg5NjczMTE5MTgxNTQzNjegAdW20uoDyAEJqQJcLBabbCKxPqgDAaoE9AFP0L1fSKC5yfm_gwdbNFZYVugFr4McyJY2_6nkGeLz3Lw3KGPPQwVzXs_dFOMu2qy0I0lfEWKI_Vqm99dWsVbReFW76jzCERvj4Hyf-R0HaSIfSRUUT8tDcahgFQYsZGc4sHYO0IYRIec5PZGr4Qi27TyPYG4UDlbzRWSc2gJHRxVoS5SPo5JLe9XpOTAMsqixz0RG-fEhltWFUY4UV9LCTv0i9e8LPMZaeKkuI4asYN90s_haLbKiAgkV2gKSXCIe79k03PUfRPwv_W79d3LXjQRBeltnNKFeVOXQ0-KLXWv9BOyXUPJnJiQd9dIrsd-rnj1TgAbQhMeAwJjFlwKgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggPCIDhgHAQATIC6wI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0OwyawdVcavt_iMMV4SbPWku08jw%26client%3Dca-pub-8967311918154367%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sat, 23 Jul 2022 08:54:23 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 18 Jul 2023 08:54:23 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame 7DF1 2 KB
1 KB 74ms
30ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sat, 23 Jul 2022 08:54:23 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 18 Jul 2023 08:54:23 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 7DF1 308 B
637 B 67ms
26ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sat, 23 Jul 2022 08:54:23 GMT
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Tue, 18 Jul 2023 08:54:23 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame 7DF1 293 B
621 B 96ms
55ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sat, 23 Jul 2022 08:54:23 GMT
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Tue, 18 Jul 2023 08:54:23 GMT

GET
H2 200 lg.php
cat.fr.eu.criteo.com/delivery/ Frame 7DF1 43 B
348 B 65ms
18ms Image
image/gif 178.250.0.160
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.fr.eu.criteo.com/delivery/lg.php?cppv=3&cpp=MsOdslwmtHnLL1_guGeHLVy_dTvM-WEhkrO6eUbkvxM6CSTQBvKIgNCFLDWJ7bGqfIYbGL67eRj-yVCovIDHDJYGHJBIUq_YOvQlHLF1hCAXeUvqqTsj2Vjz7eyU9Bo7JBUlO6U-0AU5quFw9Z3gwx8TmJAqVo6_uREYOcOkRiPtu9EcGbhmwqtB5lx6-rewe6PhGTnsJcqke27zOXfrZRrri5iRmOJdNH1n7ZBiQ5rj1AmdowW3GA0PWYKKFS_LRHC4YavO6TE-iiqmflV0fiFJ2L-unFkXVIPT__bbXX_KdMpAYvd2Fb9D7TT4o6gVMfU6VPI7SryAM9D5URxACmyOXFswAvTkm8bUMVWiWFL4Pb6MFLgLBg1MtxItWreJMhzKDZ9vVQlwvNvTZJGhhDH0B5-rsi369zI8W8Gc0j7a1nh_

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.160 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Jul 2022 08:54:22 GMT
server: Kestrel
strict-transport-security: max-age=31536000; preload;
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 3068538
content-type: image/gif
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 cd5a9124eb554bc892078416ea9712f5_image_ad_160x600.gif
static.criteo.net/design/dt/90764/220415/ Frame 7DF1 156 KB
156 KB 67ms
26ms Image
image/gif 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/design/dt/90764/220415/cd5a9124eb554bc892078416ea9712f5_image_ad_160x600.gif

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

0f3dbe18706079500a84c92e422163accc471c93a7da863c038871e23972f3eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sat, 23 Jul 2022 08:54:23 GMT
last-modified: Fri, 15 Apr 2022 14:42:12 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "62598444-26f17"
strict-transport-security: max-age=31536000; preload;
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 159511
expires: Tue, 18 Jul 2023 08:54:23 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 7DF1 0
128 B 67ms
14ms Ping
text/plain 178.250.2.150
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=AIdMszobvOPa2VMrn0aJHLt0Z6aXg1vXGFcUsLcpB4HYDIFu35OtK5nLL3F1nR_b1RPsgTtofKKrQLTXCbqu3M9rwuz6dZHLtQthOc0ViMJxmBBvpQIEVeSHfemQMusNpYAaXvzm7_EJqKN_pllfKM9juC9XpWHGHyF2oc2c16uYWlH8EmpJFmTNutK6bFNXoclgqz6I5BXY3gNx4RTZZtDf4Dvy_o1smrz_p4WGZFJwlfY2327AFouGJeJItoZK8Iw0AbqRCuV_4xMT&sds=2&rev=82182&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sat, 23 Jul 2022 08:54:22 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 7DF1 2 KB
1 KB 90ms
55ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sat, 23 Jul 2022 08:54:23 GMT
content-encoding: gzip
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 18 Jul 2023 08:54:23 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 7DF1 2 KB
1 KB 36ms
36ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sat, 23 Jul 2022 08:54:23 GMT
content-encoding: gzip
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 18 Jul 2023 08:54:23 GMT

GET
DATA 200
OK truncated
/ Frame 7C59 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9c07ee95468a0e45cf02255392a845a6e5f36ebe82ba4cc360572fe9d19d6a74

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 128ms
53ms XHR
application/json 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220721&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ee22612612bd732ca07c05f2bfa6dbe15ef8a28c80da1216a42698a43817bb13

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://smbshumen.alle.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 23 Jul 2022 08:54:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10808
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 2876ms
2790ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://smbshumen.alle.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sat, 23 Jul 2022 08:54:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 23 Jul 2022 08:54:26 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 7DF1 0
127 B 16ms
15ms Ping
text/plain 178.250.2.150
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sat, 23 Jul 2022 08:54:24 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 7C59 42 B
64 B 72ms
71ms Fetch
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssmuEialv6hckpvCkYLCv4yXybuovornn_IpIm8aZdrK1Z_ESWLdealh6TSYYysjuSA-rLcZxC_tONO1VnInU8GzDU&sig=Cg0ArKJSzAWseXNo8TojEAE&id=lidar2&mcvt=1001&p=0,0,600,160&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20220720&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2995784285&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1658566460682&rpt=484&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Jul 2022 08:54:24 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 0C85 13 KB
5 KB 39ms
39ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://smbshumen.alle.bg/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1508
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 23 Jul 2022 08:29:18 GMT
expires: Sun, 23 Jul 2023 08:29:18 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame BF04 783 B
536 B 135ms
54ms Document
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

6b3635cfe79a9ab2b092d8eb0bc792df1fe645a9393e1e9b8e4681ca2a3d710d

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Xu7VJRjlSPF_NFNGzCZdsA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://smbshumen.alle.bg/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 514
content-security-policy: script-src 'report-sample' 'nonce-Xu7VJRjlSPF_NFNGzCZdsA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 23 Jul 2022 08:54:26 GMT
expires: Sat, 23 Jul 2022 08:54:26 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 4JAIKwid8f35vx5JMDPHWQJTURDOey7UpTPwaznZUPM.js Show response
pagead2.googlesyndication.com/bg/ Frame 0C85 36 KB
14 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/4JAIKwid8f35vx5JMDPHWQJTURDOey7UpTPwaznZUPM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e090082b089df1fdf9bf1e493033c75902535110ce7b2ed4a533f06b39d950f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 22 Jul 2022 19:56:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 46662
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13903
x-xss-protection: 0
last-modified: Tue, 19 Jul 2022 12:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 22 Jul 2023 19:56:44 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame BF04 0
0 151ms
103ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220721&jk=3883470792951932&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 0C85 0
9 B 39ms
38ms Image
text/plain 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?T2r79A
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sat, 23 Jul 2022 08:54:26 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 108ms
108ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220721&jk=3883470792951932&bg=!sbKlsvbNAAacadVKvGk7ACkAdvg8Wu4RyESw6T7N5OL268242-qakjCPtC04T0ImzBeGlLVgDktylAIAAAC5UgAAAANoAQeZApAhwybWkkm1_4JwyorossBlAzMu6OKsK9Us9xGAcX54UVeIkeBDt_ELASkU_Xiw0ahHjPAiQ8N089IJszjffOsA77oaJNPim1t1zW3KDvYAabF1ArRePM2XPOCP5ql2XPo7tcBEjH8Xay6R8dTo2bljywoJ-RTz1gcPD98psHoCmDNXh9MfYsrIDe8mnJIUCj1UeR-BmmqGFixobIxvQi1ulJDqoj1NUeI51JkfXNECBjBPfmTfb-E97uDoANoU8UWFJF01PeQnRq63gPLTLaNUzpEbtC6IJ7GgfssB7qfAjP108gmid9cMqlT08M5lrKSsRWjTtMrvYkkHyDuk4L6rhOsQykMQF1Pch9TEUfNDY-turJhdahXvnFcN8i8u9cZjQgM0IICklxtE2cl1_6KEn22QMRPtX9SaN9b1M4DMQ8OviY7QPWYxusE2TD3hb13wqMRmgWDNi3YVaI1mbEisXceIlKa5sSXH0BIub8_Xodg5_Be22oHVbqDeodi-VX1Z36z2T3nCB_QO-NUbTOCG_ElpLLlCa0IBW5wYjx4qTyf1LlqrpBHYjOzuIEzuzhyjCAoTXxbtUk5SqaDiBRueQ70nckP-4Smu68si-mR_g_oGgfZPU5ssjEr3toN6YAzXCMdszWgNeMocV5V2-8Y1gdh40G1GKfxgd_zSdhX93loh2uFJi7ohjLESlRj3OFEUWqJTH5aszCiY7Y8HEnM7W3jQZj5T8AbfJebhSzEs1ZcmnLeopDCaa-TwfNsKYEQTCvS9XBdx0VQHlqtnxuf4zyag4rvBU1088o_g5MEhOPhjsZTNWuM1gh5zmWEZE9zh8IAbtpUak6vvsbZnkh3X6Q6H5p5jUVvhFvtUmmSEVw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://smbshumen.alle.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

109 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.alle.bg/	1970-01-20 14:04:22	Name: __gads Value: ID=252940c315c5a2d7-22519992d7cd003a:T=1658566462:RT=1658566462:S=ALNI_MZNb6bVizqS3El1WR-a5QItlNF-cQ
			.doubleclick.net/	1970-01-20 14:04:22	Name: IDE Value: AHWqTUkqWuBPMGB-olhcSvtURHm2fdl1z1otVeXCBxJKcD9fL0TJE7jypzRaGUSDP1c

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8967311918154367&output=html&h=600&slotname=1952520136&adk=2995784285&adf=3010869035&pi=t.ma~as.1952520136&w=160&fwrn=4&fwrnh=100&lmt=1658566460&rafmt=1&psa=0&format=160x600&url=https%3A%2F%2Fsmbshumen.alle.bg%2F%25D0%25BA%25D0%25BE%25D0%25BD%25D1%2582%25D0%25B0%25D0%25BA%25D1%2582%25D0%25B8%2F&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658566460508&bpp=2&bdt=272&idt=166&shv=r20220721&mjsv=m202207190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7677160244433&frm=20&pv=1&ga_vid=1355776595.1658566461&ga_sid=1658566461&ga_hid=877100299&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=330&ady=225&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C31068592%2C42531607%2C31062930&oid=2&pvsid=3883470792951932&tmod=1373140414&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=xI5gJMP797&p=https%3A//smbshumen.alle.bg&dtd=172 Message: Origin trial controlled feature not enabled: 'attribution-reporting'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.eu.criteo.com
adservice.google.com
adservice.google.de
cat.fr.eu.criteo.com
cdn5.amcn.in
csm.eu.criteo.net
googleads.g.doubleclick.net
pagead2.googlesyndication.com
partner.googleadservices.com
rtb.fr.eu.criteo.com
smbshumen.alle.bg
static.criteo.net
tpc.googlesyndication.com
translate.google.com
translate.googleapis.com
www.google.com
www.googletagservices.com
www.gstatic.com
172.217.18.2
178.250.0.160
178.250.2.150
18.157.140.53
2a00:1450:4001:803::2003
2a00:1450:4001:808::2002
2a00:1450:4001:80e::2002
2a00:1450:4001:80e::200a
2a00:1450:4001:810::2002
2a00:1450:4001:812::2001
2a00:1450:4001:813::200e
2a00:1450:4001:827::2004
2a00:1450:4001:831::2002
2a02:2638:1::3
2a02:2638::2
2a02:2638::b
52.209.140.2
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0eb1c110ce92ca26cfdb0fffbd2927114873bfefced2d376d7223446c0d946cc
0f3dbe18706079500a84c92e422163accc471c93a7da863c038871e23972f3eb
130e57f323c82ff28660f98b7e654c9f3024264f2171efe67bbc40a551dfff5f
22b3fc34254b56d17a3c0e6f09135b0dec73561361b31ba6b82e73523f6c500b
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
323e9da799553a90b73be7680a7a145ab2e9c13f43b7346fa3877eda55ecbfa7
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
450e9ccd9fb170f48fa6e90d4fb7c11670cff3cea41695be4d2a213cd4ee7a1b
4dac0026fbfa2615dce30c0af12830863fe885f84387a0147b9e338f548d5d82
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f92ae311a3556d2aae2b935249a0ab5b42e430c09b2fb266e1c39e6fadf619f
52cf06797c66d59d2428883cb27b5b083eed8b73ff8e0e11af86ee162e11ad2c
534663a8a4e9d5f33a5102ed055fea2bf74c51346f8f83eed5a242fb8027f6fa
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5a861509b658aa24fc3aed2867ac3c061e7d818d90b9990959afc6d1b5d4ff99
5d0a6e3bc914db376bf187c380750b197c317e1bf40fab9ad959ad5facd8f9ed
5eae50f61bc5d236759611671bb2999991897dc3aa8afd97ed3cd29a231ceb59
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
636c1b357d8ada1f58ebb0427dcf893ee0203b9329a1b7973502430bfc0bbb86
6b3635cfe79a9ab2b092d8eb0bc792df1fe645a9393e1e9b8e4681ca2a3d710d
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8b10fbf0f0dc9d03a7afffcf6dd5c36305fe22758933e27592831bcf5a5d69be
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
9271571420e34e274dd7b39ba4677872a139e9848aaa72e135bd954e06b6d4b1
95bfd9f344d66cfb15f445942257e7006021e415eca51802895dca1b799f1dd9
9c07ee95468a0e45cf02255392a845a6e5f36ebe82ba4cc360572fe9d19d6a74
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b7049f4810d1946c211ecb0baabd66f2e8f5d3ab66cfa9301153ace84abac23e
b94aea0cefe598bf7323d938ceac091b2dce2165f0c83eab0f8d4c34e42d2f3a
ba46e4241ae942f247b9a7f85b6f4f8100ede038730080380ec82f2a58c729c6
d37473cae64c50e896fd1770010f63017bf3ee74ce1b7399e6b00b148f491195
d535fa647f4ec8750773cfeff8fb8cb88e088484166b7f42858386f09f1816d2
dd0a89078267d32b84d5692634c6b72043ed17846d144d4bb99931e83f4a583d
dd6814e2e075c813a63a9503d7c18044c4630c64ec9a0d2ff17ebaa3b94aabbb
de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f
e090082b089df1fdf9bf1e493033c75902535110ce7b2ed4a533f06b39d950f3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3f9717d9dbc1fb2fc56ce922f93768cb686e26639c0daa3d656c64b11af1535
eab7f1b7a1b895e143bbf9de95af638db285ddccb6f486bd48de30ce7b1d266a
ec15fae36988513e4f13f4eabb7136028e142ef03000bf3fe66d408a86906263
ee22612612bd732ca07c05f2bfa6dbe15ef8a28c80da1216a42698a43817bb13
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efa6af188969b5573d02d05e80c29498273f62833832c501e09c943e8017fe54
f1177592def13d6df1d3b9b0052146ece1fd2b9dc6e4ea2b6e1dfbbb263cb0aa
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
fec481e03df6058be60a682ad903cd219fadc47901a168697f56e34ad8e78acd

smbshumen.alle.bg Open in urlscan Pro 52.209.140.2 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

55 Requests

100 %HTTPS

71 %IPv6

12 Domains

18 Subdomains

19 IPs

4 Countries

721 kBTransfer

1576 kBSize

2 Cookies

8 Outgoing links

Redirected requests

55 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

smbshumen.alle.bg Open in urlscan Pro
52.209.140.2 Public Scan

Screenshot
Live screenshot

Full Image

55
Requests

100 %
HTTPS

71 %
IPv6

12
Domains

18
Subdomains

19
IPs

4
Countries

721 kB
Transfer

1576 kB
Size

2
Cookies

55 HTTP transactions
5 data transactions