www.joberty.bg Open in urlscan Pro
185.26.117.47 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://trail.joberty.com/api/t/c/usr_XNyy3fwY83Rbp7XKP/tsk_bin3SGGA5ySwdnb48/enc_U2FsdGVkX1_wKzmoEpA2CL5606OYqNIU11D-QA40...
Effective URL:
https://www.joberty.bg/
Submission Tags: falconsandbox
Submission: On March 30 via api (March 30th 2022, 11:56:32 am UTC) from US — Scanned from FR

Summary HTTP 17 Redirects Behaviour Indicators

Summary

This website contacted 8 IPs in 4 countries across 7 domains to perform 17 HTTP transactions. The main IP is 185.26.117.47, located in Serbia and belongs to NETCAST-DOO, RS. The main domain is www.joberty.bg.
TLS certificate: Issued by R3 on February 24th 2022. Valid for: 3 months.

This is the only time www.joberty.bg was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	51.254.243.65 51.254.243.65	16276 (OVH) (OVH)
1 8	185.26.117.47 185.26.117.47	201236 (NETCAST-DOO) (NETCAST-DOO)
1	2600:9000:215... 2600:9000:2156:6200:16:a497:9700:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:827::2008	15169 (GOOGLE) (GOOGLE)
2	2600:9000:215... 2600:9000:2156:ea00:15:2985:9e00:93a1	16509 (AMAZON-02) (AMAZON-02)
2	34.203.119.80 34.203.119.80	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:400... 2a00:1450:4001:809::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
17	8

1 51.254.243.65 (France)

ASN16276 (OVH, FR)
PTR: custom.lemlist.com

trail.joberty.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 185.26.117.47 (Serbia) 1 redirects

ASN201236 (NETCAST-DOO, RS)

joberty.bg	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.joberty.bg	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2156:6200:16:a497:9700:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.rudderlabs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2156:ea00:15:2985:9e00:93a1 (United States)

ASN16509 (AMAZON-02, US)

api.rudderlabs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.203.119.80 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-203-119-80.compute-1.amazonaws.com

jobertymapncp.dataplane.rudderstack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	joberty.bg 1 redirects joberty.bg www.joberty.bg	1 MB
3	rudderlabs.com cdn.rudderlabs.com — Cisco Umbrella Rank: 17189 api.rudderlabs.com — Cisco Umbrella Rank: 6497	112 KB
2	gstatic.com fonts.gstatic.com	51 KB
2	rudderstack.com jobertymapncp.dataplane.rudderstack.com	177 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 45	1 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 70
1	joberty.com trail.joberty.com	565 B
17	7

	Domain	Requested by
7	www.joberty.bg	trail.joberty.com www.joberty.bg
2	fonts.gstatic.com	fonts.googleapis.com
2	jobertymapncp.dataplane.rudderstack.com	cdn.rudderlabs.com
2	api.rudderlabs.com	cdn.rudderlabs.com
1	fonts.googleapis.com	www.joberty.bg
1	www.googletagmanager.com	www.joberty.bg
1	cdn.rudderlabs.com	www.joberty.bg
1	joberty.bg	1 redirects
1	trail.joberty.com
17	9

This site contains no links.

Subject Issuer	Validity	Valid
trail.joberty.com ZeroSSL ECC Domain Secure Site CA	`2022-03-11` - `2022-06-09`	3 months	crt.sh
joberty.bg R3	`2022-02-24` - `2022-05-25`	3 months	crt.sh
*.rudderlabs.com Amazon	`2021-08-13` - `2022-09-11`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
*.dataplane.rudderstack.com Amazon	`2022-01-12` - `2023-02-10`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://www.joberty.bg/
Frame ID: 92DDEF00FD57B4186500D8B1E742B234
Requests: 15 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Joberty

Page URL History Show full URLs

https://trail.joberty.com/api/t/c/usr_XNyy3fwY83Rbp7XKP/tsk_bin3SGGA5ySwdnb48/enc_U2FsdGVkX1_wKzmoEpA2... Page URL
https://joberty.bg/ HTTP 301
https://www.joberty.bg/ Page URL

Detected technologies

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js

Page Statistics

17
Requests

100 %
HTTPS

63 %
IPv6

7
Domains

9
Subdomains

8
IPs

4
Countries

1369 kB
Transfer

5370 kB
Size

7
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://trail.joberty.com/api/t/c/usr_XNyy3fwY83Rbp7XKP/tsk_bin3SGGA5ySwdnb48/enc_U2FsdGVkX1_wKzmoEpA2CL5606OYqNIU11D-QA40_FxWYCMKDTScMoTh21ek9XlQ Page URL
https://joberty.bg/ HTTP 301
https://www.joberty.bg/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

17 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 enc_U2FsdGVkX1_wKzmoEpA2CL5606OYqNIU11D-QA40_FxWYCMKDTScMoTh21ek9XlQ
trail.joberty.com/api/t/c/usr_XNyy3fwY83Rbp7XKP/tsk_bin3SGGA5ySwdnb48/ 482 B
565 B 120ms
27ms Document
text/html 51.254.243.65
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://trail.joberty.com/api/t/c/usr_XNyy3fwY83Rbp7XKP/tsk_bin3SGGA5ySwdnb48/enc_U2FsdGVkX1_wKzmoEpA2CL5606OYqNIU11D-QA40_FxWYCMKDTScMoTh21ek9XlQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 51.254.243.65 , France, ASN16276 (OVH, FR),
Reverse DNS: custom.lemlist.com
Software: /
Resource Hash

Request headers

Accept-Language: fr-FR,fr;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

content-length: 482
content-type: text/html
date: Wed, 30 Mar 2022 11:56:26 GMT
server
x-cache-debug: custom.track

GET
H/1.1

200
OK

Primary Request / Show response
www.joberty.bg/
Redirect Chain

https://joberty.bg/
https://www.joberty.bg/

5 KB
2 KB

210ms
44ms

Document
text/html

185.26.117.47
NETCAST-DOO

General

Check archive.org

Show headers Download Go to

Full URL

https://www.joberty.bg/

Requested by

Host: trail.joberty.com
URL: https://trail.joberty.com/api/t/c/usr_XNyy3fwY83Rbp7XKP/tsk_bin3SGGA5ySwdnb48/enc_U2FsdGVkX1_wKzmoEpA2CL5606OYqNIU11D-QA40_FxWYCMKDTScMoTh21ek9XlQ

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

185.26.117.47 , Serbia, ASN201236 (NETCAST-DOO, RS),

Reverse DNS

Software

nginx /

Resource Hash

89f9cb5e4d5cef04b1aa7dc474713a077c9a66685efdd77987f45580bb908161

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://trail.joberty.com/api/t/c/usr_XNyy3fwY83Rbp7XKP/tsk_bin3SGGA5ySwdnb48/enc_U2FsdGVkX1_wKzmoEpA2CL5606OYqNIU11D-QA40_FxWYCMKDTScMoTh21ek9XlQ
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html
Date: Wed, 30 Mar 2022 11:56:27 GMT
ETag: W/"621cd8bd-1253"
Last-Modified: Mon, 28 Feb 2022 14:14:21 GMT
Server: nginx
Strict-Transport-Security: max-age=63072000
Transfer-Encoding: chunked
Vary: Accept-Encoding

Redirect headers

Connection: keep-alive
Content-Length: 162
Content-Type: text/html
Date: Wed, 30 Mar 2022 11:56:27 GMT
Location: https://www.joberty.bg
Server: nginx
Strict-Transport-Security: max-age=63072000

GET
H2 200 rudder-analytics.min.js Show response
cdn.rudderlabs.com/ 371 KB
110 KB 112ms
28ms Script
application/javascript 2600:9000:2156:6200:16:a497:9700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.rudderlabs.com/rudder-analytics.min.js
Requested by: Host: www.joberty.bg
URL: https://www.joberty.bg/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:6200:16:a497:9700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ae82e1b3dba4a57a518b9905359f399f25a8b1ea29c17c2f546fd8a29e76956a

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.joberty.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 11:18:39 GMT
content-encoding: gzip
last-modified: Tue, 22 Mar 2022 07:42:13 GMT
server: AmazonS3
age: 2269
etag: W/"1b56b4ef54fbcc9054956fda974e0b29"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 45de888accabe1a1cb5a389e8c9c1e06.cloudfront.net (CloudFront)
cache-control: max-age=3600
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: g_8mxjixEeH1VbiZaDG8ooH8OAll4FuCQxvEVhwYMTIujyZSNOBERA==

GET
H/1.1 200
OK 2.20aa83ba.chunk.css
www.joberty.bg/static/css/ 33 KB
6 KB 46ms
46ms Stylesheet
text/css 185.26.117.47
NETCAST-DOO

General

Check archive.org

Show headers Download Go to

Full URL

https://www.joberty.bg/static/css/2.20aa83ba.chunk.css

Requested by

Host: www.joberty.bg
URL: https://www.joberty.bg/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

185.26.117.47 , Serbia, ASN201236 (NETCAST-DOO, RS),

Reverse DNS

Software

nginx /

Resource Hash

fdfb4f515e491082b06f6276d799885acbebc207553a094cb8b144b36703332c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.joberty.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Wed, 30 Mar 2022 11:56:27 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Last-Modified: Mon, 28 Feb 2022 14:14:21 GMT
Server: nginx
ETag: W/"621cd8bd-8546"
Strict-Transport-Security: max-age=63072000
Content-Type: text/css
Cache-Control: max-age=1296000
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 14 Apr 2022 11:56:27 GMT

GET
H/1.1 200
OK main.14ddcb6f.chunk.css
www.joberty.bg/static/css/ 1 MB
163 KB 140ms
93ms Stylesheet
text/css 185.26.117.47
NETCAST-DOO

General

Check archive.org

Show headers Download Go to

Full URL

https://www.joberty.bg/static/css/main.14ddcb6f.chunk.css

Requested by

Host: www.joberty.bg
URL: https://www.joberty.bg/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

185.26.117.47 , Serbia, ASN201236 (NETCAST-DOO, RS),

Reverse DNS

Software

nginx /

Resource Hash

907472788515f27a39b283ceff9f3ad6735d606b49e8c5ff2e64f238039a9e4f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.joberty.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Wed, 30 Mar 2022 11:56:27 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Last-Modified: Mon, 28 Feb 2022 14:14:21 GMT
Server: nginx
ETag: W/"621cd8bd-147b48"
Strict-Transport-Security: max-age=63072000
Content-Type: text/css
Cache-Control: max-age=1296000
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 14 Apr 2022 11:56:27 GMT

GET
H/1.1 200
OK 2.29067427.chunk.js Show response
www.joberty.bg/static/js/ 2 MB
459 KB 181ms
92ms Script
application/javascript 185.26.117.47
NETCAST-DOO

General

Check archive.org

Show headers Download Go to

Full URL

https://www.joberty.bg/static/js/2.29067427.chunk.js

Requested by

Host: www.joberty.bg
URL: https://www.joberty.bg/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

185.26.117.47 , Serbia, ASN201236 (NETCAST-DOO, RS),

Reverse DNS

Software

nginx /

Resource Hash

12ca17fc89a5e953d78a2bd389cb24a6c1dc868fcf53babea1bf447c46e5c7b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.joberty.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Wed, 30 Mar 2022 11:56:27 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Last-Modified: Mon, 28 Feb 2022 14:14:21 GMT
Server: nginx
ETag: W/"621cd8bd-193d40"
Strict-Transport-Security: max-age=63072000
Content-Type: application/javascript
Cache-Control: max-age=1296000
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 14 Apr 2022 11:56:27 GMT

GET
H/1.1 200
OK main.805438b9.chunk.js Show response
www.joberty.bg/static/js/ 2 MB
315 KB 208ms
116ms Script
application/javascript 185.26.117.47
NETCAST-DOO

General

Check archive.org

Show headers Download Go to

Full URL

https://www.joberty.bg/static/js/main.805438b9.chunk.js

Requested by

Host: www.joberty.bg
URL: https://www.joberty.bg/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

185.26.117.47 , Serbia, ASN201236 (NETCAST-DOO, RS),

Reverse DNS

Software

nginx /

Resource Hash

b230ea6dc935e37b0e9eeb8dadc87271e7d26d52aff02194c572a4153b13c031

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.joberty.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Wed, 30 Mar 2022 11:56:27 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Last-Modified: Mon, 28 Feb 2022 14:14:21 GMT
Server: nginx
ETag: W/"621cd8bd-1ace60"
Strict-Transport-Security: max-age=63072000
Content-Type: application/javascript
Cache-Control: max-age=1296000
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 14 Apr 2022 11:56:27 GMT

GET
H2 400 gtm.js
www.googletagmanager.com/ 0
0 95ms
35ms Script
text/html 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.googletagmanager.com/gtm.js?id=
Requested by: Host: www.joberty.bg
URL: https://www.joberty.bg/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.joberty.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

OPTIONS
H2 204 /
api.rudderlabs.com/sourceConfig/ 0
0 200ms
123ms Preflight 2600:9000:2156:ea00:15:2985:9e00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.rudderlabs.com/sourceConfig/?p=web&v=1.5.2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:ea00:15:2985:9e00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization
Access-Control-Request-Method: GET
Origin: https://www.joberty.bg
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: authorization
access-control-allow-methods: GET,HEAD,PUT,POST,DELETE,PATCH
access-control-allow-origin: *
access-control-max-age: 900
date: Wed, 30 Mar 2022 11:56:27 GMT
vary: Origin
via: 1.1 a394c864b23364262af48fed4e7e9fac.cloudfront.net (CloudFront)
x-amz-cf-id: rtNEMlCliTM3n27tMyPUYq9Cj-RrucpJmbiNsEMmwE2ZycK2umaUwA==
x-amz-cf-pop: FRA50-C1
x-cache: Miss from cloudfront
x-request-id: 6e566300-b020-11ec-be8f-43470b6c1e53

GET
H2 200 / Show response
api.rudderlabs.com/sourceConfig/ 1 KB
2 KB 128ms
128ms XHR
application/json 2600:9000:2156:ea00:15:2985:9e00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.rudderlabs.com/sourceConfig/?p=web&v=1.5.2

Requested by

Host: cdn.rudderlabs.com
URL: https://cdn.rudderlabs.com/rudder-analytics.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:ea00:15:2985:9e00:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

c255c1f28a6219b639ac1ee446bf2168318088c357717e3b32b6d270e42723ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Authorization: Basic MjNIYXRDYlpkMjlNa3VaVzFGWTZqMUtkY2V2Og==
Referer: https://www.joberty.bg/
Accept-Language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 11:56:27 GMT
via: 1.1 a394c864b23364262af48fed4e7e9fac.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: FRA50-C1
x-dns-prefetch-control: off
x-cache: Miss from cloudfront
vary: Origin
content-length: 1169
x-xss-protection: 1; mode=block
x-request-id: 6e688b70-b020-11ec-a154-1d541f855b27
x-frame-options: SAMEORIGIN
x-download-options: noopen
strict-transport-security: max-age=15552000; includeSubDomains
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
x-amz-cf-id: xBY3LzLwnEDLiFTowMTCSrOp3vhoPUqqcmsPSR18tG-BPh-Wuz9ZFA==

OPTIONS
H2 200 page
jobertymapncp.dataplane.rudderstack.com/v1/ 0
0 328ms
99ms Preflight 34.203.119.80
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://jobertymapncp.dataplane.rudderstack.com/v1/page
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.203.119.80 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-203-119-80.compute-1.amazonaws.com
Software: openresty/1.19.9.1 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: anonymousid,authorization,content-type
Access-Control-Request-Method: POST
Origin: https://www.joberty.bg
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Anonymousid, Authorization, Content-Type
access-control-allow-methods: POST
access-control-allow-origin: https://www.joberty.bg
access-control-max-age: 900
content-length: 0
date: Wed, 30 Mar 2022 11:56:27 GMT
server: openresty/1.19.9.1
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

POST
H2 200 page Show response
jobertymapncp.dataplane.rudderstack.com/v1/ 2 B
177 B 111ms
110ms XHR
text/plain 34.203.119.80
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://jobertymapncp.dataplane.rudderstack.com/v1/page
Requested by: Host: cdn.rudderlabs.com
URL: https://cdn.rudderlabs.com/rudder-analytics.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.203.119.80 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-203-119-80.compute-1.amazonaws.com
Software: openresty/1.19.9.1 /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Referer: https://www.joberty.bg/
Accept-Language: fr-FR,fr;q=0.9
Authorization: Basic MjNIYXRDYlpkMjlNa3VaVzFGWTZqMUtkY2V2Og==
AnonymousId: MmZmNWRjNjItZDUwYS00Njg5LTg0ZjgtN2Q3MDJkYTAwZTdk
Content-Type: application/json

Response headers

access-control-allow-origin: https://www.joberty.bg
date: Wed, 30 Mar 2022 11:56:28 GMT
access-control-allow-credentials: true
server: openresty/1.19.9.1
content-length: 2
vary: Origin
content-type: text/plain; charset=utf-8

GET
H2 200 css
fonts.googleapis.com/ 8 KB
1 KB 93ms
34ms Stylesheet
text/css 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:300,400,500,600,700&subset=latin&display=swap

Requested by

Host: www.joberty.bg
URL: https://www.joberty.bg/static/css/main.14ddcb6f.chunk.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6d3029e680cfd4e101b07cf89c127633fb65cc6c9faa0561b2cb6e1df3d862e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.joberty.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 30 Mar 2022 11:56:27 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 30 Mar 2022 11:56:27 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 30 Mar 2022 11:56:27 GMT

GET
H/1.1 200
OK joberty_logo_coral_beta.png
www.joberty.bg/images/ 14 KB
15 KB 46ms
45ms Image
image/png 185.26.117.47
NETCAST-DOO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.joberty.bg/images/joberty_logo_coral_beta.png

Requested by

Host: www.joberty.bg
URL: https://www.joberty.bg/beta-login

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

185.26.117.47 , Serbia, ASN201236 (NETCAST-DOO, RS),

Reverse DNS

Software

nginx /

Resource Hash

01f88f647cacd50c1cd71c584d57b366c976dbb800b3002c9369969599f10134

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.joberty.bg/beta-login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Wed, 30 Mar 2022 11:56:28 GMT
Last-Modified: Mon, 28 Feb 2022 14:12:58 GMT
Server: nginx
ETag: "621cd86a-3975"
Strict-Transport-Security: max-age=63072000
Content-Type: image/png
Cache-Control: max-age=1296000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 14709
Expires: Thu, 14 Apr 2022 11:56:28 GMT

GET
H/1.1 200
OK LaptopOffice5.webp
www.joberty.bg/images/ 245 KB
245 KB 46ms
46ms Image
image/webp 185.26.117.47
NETCAST-DOO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.joberty.bg/images/LaptopOffice5.webp

Requested by

Host: www.joberty.bg
URL: https://www.joberty.bg/beta-login

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

185.26.117.47 , Serbia, ASN201236 (NETCAST-DOO, RS),

Reverse DNS

Software

nginx /

Resource Hash

a0d242112932c6725f9f6ae928e73af75e52b98e8a888f353355f08348fb07ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.joberty.bg/beta-login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Wed, 30 Mar 2022 11:56:28 GMT
Last-Modified: Mon, 28 Feb 2022 14:12:58 GMT
Server: nginx
ETag: "621cd86a-3d270"
Strict-Transport-Security: max-age=63072000
Content-Type: image/webp
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 250480

GET
H2 200 JTUSjIg1_i6t8kCHKm459W1hyzbi.woff2
fonts.gstatic.com/s/montserrat/v23/ 20 KB
20 KB 111ms
53ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v23/JTUSjIg1_i6t8kCHKm459W1hyzbi.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:300,400,500,600,700&subset=latin&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

93a1679cf7d6af1e698e3712191d26fb7aa77ea00cfa2df453d05e0964b32b5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.joberty.bg
Accept-Language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 23:45:07 GMT
x-content-type-options: nosniff
age: 130281
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20480
x-xss-protection: 0
last-modified: Thu, 03 Feb 2022 00:11:59 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Tue, 28 Mar 2023 23:45:07 GMT

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v23/ 30 KB
31 KB 82ms
25ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v23/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:300,400,500,600,700&subset=latin&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c8f7c04f8d691138d54380550d91349271ca19cfc0f3f6666c401cfa892a12f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.joberty.bg
Accept-Language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 08:55:44 GMT
x-content-type-options: nosniff
age: 10844
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30876
x-xss-protection: 0
last-modified: Thu, 03 Feb 2022 00:11:59 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 30 Mar 2023 08:55:44 GMT

Verdicts & Comments Add Verdict or Comment

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.joberty.bg/	1970-01-20 10:42:57	Name: rl_user_id Value: RudderEncrypt%3AU2FsdGVkX1%2FKOgh1Ue3Ko7BJHLbwmPsjhC6WEUTl%2FU8%3D
.joberty.bg/	1970-01-20 10:42:57	Name: rl_anonymous_id Value: RudderEncrypt%3AU2FsdGVkX19JzZu2YGF4zWryggfYQHZbl2Hle3gjcDWq35S8mf%2FOt0yaprJ%2F8KX9Kbor59ooS9joKTuXn7NALw%3D%3D
.joberty.bg/	1970-01-20 10:42:57	Name: rl_group_id Value: RudderEncrypt%3AU2FsdGVkX19PByMUlTAF8bGwh%2BmKPWGuNc6UdY4kDiE%3D
.joberty.bg/	1970-01-20 10:42:57	Name: rl_trait Value: RudderEncrypt%3AU2FsdGVkX1%2B42tVuUVgdEs9OqoIOVucE2v787JCKDRM%3D
.joberty.bg/	1970-01-20 10:42:57	Name: rl_group_trait Value: RudderEncrypt%3AU2FsdGVkX19LN8mkyJ42tXsfj5AtbidKpGBevsMIKEU%3D
.joberty.bg/	1970-01-20 10:42:57	Name: rl_page_init_referrer Value: RudderEncrypt%3AU2FsdGVkX189xQ6WZiYIQF5Y%2FRlp7bXxephYICiiDZI2awIuRJYWAUV2Mgmh0VDF
.joberty.bg/	1970-01-20 10:42:57	Name: rl_page_init_referring_domain Value: RudderEncrypt%3AU2FsdGVkX1%2FJJbEbMYDagrfhAlN%2F60svvjK6wcg9OiaPmd1bbcM9kIy33802cwm6

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://www.googletagmanager.com/gtm.js?id= Message: Failed to load resource: the server responded with a status of 400 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.rudderlabs.com
cdn.rudderlabs.com
fonts.googleapis.com
fonts.gstatic.com
joberty.bg
jobertymapncp.dataplane.rudderstack.com
trail.joberty.com
www.googletagmanager.com
www.joberty.bg
185.26.117.47
2600:9000:2156:6200:16:a497:9700:93a1
2600:9000:2156:ea00:15:2985:9e00:93a1
2a00:1450:4001:809::200a
2a00:1450:4001:812::2003
2a00:1450:4001:827::2008
34.203.119.80
51.254.243.65
01f88f647cacd50c1cd71c584d57b366c976dbb800b3002c9369969599f10134
12ca17fc89a5e953d78a2bd389cb24a6c1dc868fcf53babea1bf447c46e5c7b2
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
6d3029e680cfd4e101b07cf89c127633fb65cc6c9faa0561b2cb6e1df3d862e3
89f9cb5e4d5cef04b1aa7dc474713a077c9a66685efdd77987f45580bb908161
907472788515f27a39b283ceff9f3ad6735d606b49e8c5ff2e64f238039a9e4f
93a1679cf7d6af1e698e3712191d26fb7aa77ea00cfa2df453d05e0964b32b5d
a0d242112932c6725f9f6ae928e73af75e52b98e8a888f353355f08348fb07ab
ae82e1b3dba4a57a518b9905359f399f25a8b1ea29c17c2f546fd8a29e76956a
b230ea6dc935e37b0e9eeb8dadc87271e7d26d52aff02194c572a4153b13c031
c255c1f28a6219b639ac1ee446bf2168318088c357717e3b32b6d270e42723ff
c8f7c04f8d691138d54380550d91349271ca19cfc0f3f6666c401cfa892a12f8
fdfb4f515e491082b06f6276d799885acbebc207553a094cb8b144b36703332c

www.joberty.bg Open in urlscan Pro 185.26.117.47 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

17 Requests

100 %HTTPS

63 %IPv6

7 Domains

9 Subdomains

8 IPs

4 Countries

1369 kBTransfer

5370 kBSize

7 Cookies

0 Outgoing links

Page URL History

Redirected requests

17 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

13 JavaScript Global Variables

7 Cookies

1 Console Messages

Indicators

www.joberty.bg Open in urlscan Pro
185.26.117.47 Public Scan

Screenshot
Live screenshot

Full Image

17
Requests

100 %
HTTPS

63 %
IPv6

7
Domains

9
Subdomains

8
IPs

4
Countries

1369 kB
Transfer

5370 kB
Size

7
Cookies

17 HTTP transactions
0 data transactions