barid.com Open in urlscan Pro
193.201.172.97 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://barid.com/auth/lgn
Submission: On October 13 via manual (October 13th 2024, 2:37:05 pm UTC) from SA — Scanned from IT

Summary HTTP 49 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 14 IPs in 3 countries across 10 domains to perform 49 HTTP transactions. The main IP is 193.201.172.97, located in Bulgaria and belongs to MAIL-, BG. The main domain is barid.com.

This is the only time barid.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 23	193.201.172.97 193.201.172.97	25166 (MAIL-) (MAIL-)
1 2	216.58.206.72 216.58.206.72	15169 (GOOGLE) (GOOGLE)
1 1	216.58.212.162 216.58.212.162	15169 (GOOGLE) (GOOGLE)
1	142.250.185.194 142.250.185.194	15169 (GOOGLE) (GOOGLE)
3	193.201.172.98 193.201.172.98	25166 (MAIL-) (MAIL-)
1	178.250.1.56 178.250.1.56	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	142.250.181.238 142.250.181.238	15169 (GOOGLE) (GOOGLE)
3	142.251.168.155 142.251.168.155	15169 (GOOGLE) (GOOGLE)
1	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
10	142.250.186.78 142.250.186.78	15169 (GOOGLE) (GOOGLE)
2	178.250.1.3 178.250.1.3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
1	178.250.1.11 178.250.1.11	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	216.239.32.3 216.239.32.3	15169 (GOOGLE) (GOOGLE)
49	14

23 193.201.172.97 (Bulgaria) 1 redirects

ASN25166 (MAIL-, BG)
PTR: barid.com

barid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.58.206.72 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: tzfraa-aa-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.212.162 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f2.1e100.net

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 193.201.172.98 (Bulgaria)

ASN25166 (MAIL-, BG)
PTR: mail.bg

adsy.mail.bg	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.56 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.181.238 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f14.1e100.net

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.251.168.155 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: wh-in-f155.1e100.net

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 142.250.186.78 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f14.1e100.net

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.1.3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.239.32.3 (United States)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
23	barid.com 1 redirects barid.com	298 KB
11	google.com analytics.google.com — Cisco Umbrella Rank: 147 fundingchoicesmessages.google.com — Cisco Umbrella Rank: 682	78 KB
4	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 136 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 215	168 KB
3	mail.bg adsy.mail.bg	147 KB
2	criteo.net static.criteo.net — Cisco Umbrella Rank: 776	60 KB
2	criteo.com bidder.criteo.com — Cisco Umbrella Rank: 745 gum.criteo.com — Cisco Umbrella Rank: 461	187 B
2	googletagservices.com 1 redirects www.googletagservices.com — Cisco Umbrella Rank: 307	33 KB
2	googletagmanager.com 1 redirects www.googletagmanager.com — Cisco Umbrella Rank: 39	108 KB
1	gstatic.com csi.gstatic.com	532 B
1	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 116	27 KB
49	10

	Domain	Requested by
23	barid.com	1 redirects barid.com
10	fundingchoicesmessages.google.com	securepubads.g.doubleclick.net
3	stats.g.doubleclick.net	www.googletagmanager.com
3	adsy.mail.bg	barid.com adsy.mail.bg
2	static.criteo.net	adsy.mail.bg static.criteo.net
2	www.googletagservices.com	1 redirects barid.com
2	www.googletagmanager.com	1 redirects barid.com
1	csi.gstatic.com	pagead2.googlesyndication.com
1	gum.criteo.com	static.criteo.net
1	pagead2.googlesyndication.com
1	securepubads.g.doubleclick.net	www.googletagservices.com
1	analytics.google.com	www.googletagmanager.com
1	bidder.criteo.com	adsy.mail.bg
49	13

This site contains links to these domains. Also see Links.

Domain
mail.com.tr
gulfmedia.com

Subject Issuer	Validity	Valid
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-09-24` - `2024-12-25`	3 months	crt.sh
*.google.com WR2	`2024-09-24` - `2024-12-17`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-09-24` - `2024-12-17`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-09-24` - `2024-12-21`	3 months	crt.sh
*.barid.com E5	`2024-07-14` - `2024-10-12`	3 months	crt.sh
*.gstatic.com WR2	`2024-09-24` - `2024-12-17`	3 months	crt.sh

This page contains 2 frames:

Primary Page: http://barid.com/auth/lgn
Frame ID: 1C2DC78FFE0EF047D6AC7FE607D858C6
Requests: 48 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=barid.com&gdpr=0&gdpr_consent=
Frame ID: 27173B8260F631F0D26397756B64830A
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Barid.com: تسجيل الدخول: تسجيل الدخول: تسجيل الدخول

Page URL History Show full URLs

http://barid.com/auth/lgn HTTP 307
https://barid.com/auth/lgn HTTP 302
http://barid.com/auth/lgn HTTP 307
http://barid.com/auth/lgn Page URL

Detected technologies

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Page Statistics

49
Requests

39 %
HTTPS

0 %
IPv6

10
Domains

13
Subdomains

14
IPs

3
Countries

918 kB
Transfer

2673 kB
Size

14
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: http://mail.com.tr/
Title: Mail.com.tr

Search URL Search Domain Scan URL

URL: http://gulfmedia.com/
Title: Gulfmedia.com

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://barid.com/auth/lgn HTTP 307
https://barid.com/auth/lgn HTTP 302
http://barid.com/auth/lgn HTTP 307
http://barid.com/auth/lgn Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 5

http://www.googletagmanager.com/gtag/js?id=G-3FP48KE4G0 HTTP 302
https://www.googletagmanager.com/gtag/js?id=G-3FP48KE4G0

Request Chain 20

http://www.googletagservices.com/tag/js/gpt.js HTTP 302
https://www.googletagservices.com/tag/js/gpt.js

Request Chain 35

http://stats.g.doubleclick.net/dc.js HTTP 307
https://stats.g.doubleclick.net/dc.js

Request Chain 37

http://stats.g.doubleclick.net/r/__utm.gif?utmwv=5.7.2dc&utms=1&utmn=1324153827&utmhn=barid.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=it-it&utmje=0&utmfl=-&utmdt=Barid.com%3A%20%D8%AA%D8%B3%D8%AC%D9%8A%D9%84%20%D8%A7%D9%84%D8%AF%D8%AE%D9%88%D9%84%3A%20%D8%AA%D8%B3%D8%AC%D9%8A%D9%84%20%D8%A7%D9%84%D8%AF%D8%AE%D9%88%D9%84%3A%20%D8%AA%D8%B3%D8%AC%D9%8A%D9%84%20%D8%A7%D9%84%D8%AF%D8%AE%D9%88%D9%84&utmhid=578177866&utmr=-&utmp=%2Fauth%2Flgn&utmht=1728830223240&utmac=UA-5624009-3&utmcc=__utma%3D226145417.874608951.1728830220.1728830223.1728830223.1%3B%2B__utmz%3D226145417.1728830223.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=489661583&utmredir=3&utmu=CAAAAAAAACAAAAAAAAABAAAE~ HTTP 307
https://stats.g.doubleclick.net/r/__utm.gif?utmwv=5.7.2dc&utms=1&utmn=1324153827&utmhn=barid.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=it-it&utmje=0&utmfl=-&utmdt=Barid.com%3A%20%D8%AA%D8%B3%D8%AC%D9%8A%D9%84%20%D8%A7%D9%84%D8%AF%D8%AE%D9%88%D9%84%3A%20%D8%AA%D8%B3%D8%AC%D9%8A%D9%84%20%D8%A7%D9%84%D8%AF%D8%AE%D9%88%D9%84%3A%20%D8%AA%D8%B3%D8%AC%D9%8A%D9%84%20%D8%A7%D9%84%D8%AF%D8%AE%D9%88%D9%84&utmhid=578177866&utmr=-&utmp=%2Fauth%2Flgn&utmht=1728830223240&utmac=UA-5624009-3&utmcc=__utma%3D226145417.874608951.1728830220.1728830223.1728830223.1%3B%2B__utmz%3D226145417.1728830223.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=489661583&utmredir=3&utmu=CAAAAAAAACAAAAAAAAABAAAE~

49 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request lgn Show response
barid.com/auth/
Redirect Chain

http://barid.com/auth/lgn
https://barid.com/auth/lgn
http://barid.com/auth/lgn
http://barid.com/auth/lgn

92 KB
24 KB

196ms
195ms

Document
text/html

193.201.172.97
MAIL-

General

Check archive.org

Show headers Download Go to

Full URL

http://barid.com/auth/lgn

Protocol

HTTP/1.1

Server

193.201.172.97 , Bulgaria, ASN25166 (MAIL-, BG),

Reverse DNS

barid.com

Software

nginx/1.14.2 /

Resource Hash

095d743b246e5e49c21f846015d77f53e7d7176b7ed162314e186711403cf373

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
Date: Sun, 13 Oct 2024 14:36:58 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
Pragma: no-cache
Server: nginx/1.14.2
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-FRAME-OPTIONS: SAMEORIGIN
X-Server: web2

Redirect headers

Location: http://barid.com/auth/lgn
Non-Authoritative-Reason: HttpsUpgrades

GET
H/1.1 200
OK style-5.css
barid.com/css/ 109 KB
20 KB 73ms
72ms Stylesheet
text/css 193.201.172.97
MAIL-

General

Check archive.org

Show headers Download Go to

Full URL: http://barid.com/css/style-5.css
Requested by: Host: barid.com
URL: http://barid.com/auth/lgn
Protocol: HTTP/1.1
Server: 193.201.172.97 , Bulgaria, ASN25166 (MAIL-, BG),
Reverse DNS: barid.com
Software: nginx/1.14.2 /
Resource Hash: 4db4b533093b2372c4bf3f9faa2ffbd8538c3ef2dd514225e2fd8c1353afec22

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: http://barid.com/auth/lgn

Response headers

Transfer-Encoding: chunked
Cache-Control: max-age=7776000, public
Content-Encoding: gzip
ETag: W/"63fcda44-1b427"
Connection: keep-alive
Expires: Sat, 11 Jan 2025 14:36:58 GMT
Date: Sun, 13 Oct 2024 14:36:58 GMT
Content-Control: cache
Content-Type: text/css
Vary: Accept-Encoding
Server: nginx/1.14.2
Edge-control: downstream-ttl=7776000

GET
H/1.1 200
OK style_rtl-5.css
barid.com/css/ 26 KB
7 KB 152ms
145ms Stylesheet
text/css 193.201.172.97
MAIL-

General

Check archive.org

Show headers Download Go to

Full URL: http://barid.com/css/style_rtl-5.css
Requested by: Host: barid.com
URL: http://barid.com/auth/lgn
Protocol: HTTP/1.1
Server: 193.201.172.97 , Bulgaria, ASN25166 (MAIL-, BG),
Reverse DNS: barid.com
Software: nginx/1.14.2 /
Resource Hash: f2a9e4801e552f3d9b2d8eb979e97e84f05c89a6eea43e24b78cb20de5ed6cdd

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: http://barid.com/auth/lgn

Response headers

Transfer-Encoding: chunked
Cache-Control: max-age=7776000, public
Content-Encoding: gzip
ETag: W/"62111601-67c2"
Connection: keep-alive
Expires: Sat, 11 Jan 2025 14:36:58 GMT
Date: Sun, 13 Oct 2024 14:36:58 GMT
Content-Control: cache
Content-Type: text/css
Vary: Accept-Encoding
Server: nginx/1.14.2
Edge-control: downstream-ttl=7776000

GET
H/1.1 200
OK style_wal980.css
barid.com/css/ 37 B
383 B 139ms
132ms Stylesheet
text/css 193.201.172.97
MAIL-

General

Check archive.org

Show headers Download Go to

Full URL: http://barid.com/css/style_wal980.css
Requested by: Host: barid.com
URL: http://barid.com/auth/lgn
Protocol: HTTP/1.1
Server: 193.201.172.97 , Bulgaria, ASN25166 (MAIL-, BG),
Reverse DNS: barid.com
Software: nginx/1.14.2 /
Resource Hash: 32f30dd2df311ad1ab5a1f1e6cf55fb8a3a25f9889f67294f823ac484950cdbb

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: http://barid.com/auth/lgn

Response headers

Cache-Control: max-age=7776000, public
ETag: "62111601-25"
Connection: keep-alive
Expires: Sat, 11 Jan 2025 14:36:58 GMT
Accept-Ranges: bytes
Content-Length: 37
Date: Sun, 13 Oct 2024 14:36:58 GMT
Content-Control: cache
Content-Type: text/css
Edge-control: downstream-ttl=7776000
Server: nginx/1.14.2

GET
H/1.1 200
OK style_edge.css
barid.com/css/ 107 B
454 B 164ms
157ms Stylesheet
text/css 193.201.172.97
MAIL-

General

Check archive.org

Show headers Download Go to

Full URL: http://barid.com/css/style_edge.css
Requested by: Host: barid.com
URL: http://barid.com/auth/lgn
Protocol: HTTP/1.1
Server: 193.201.172.97 , Bulgaria, ASN25166 (MAIL-, BG),
Reverse DNS: barid.com
Software: nginx/1.14.2 /
Resource Hash: 9e3ecd4d4b7df452f388720e803f1ff88437028ce4ff06aa28a6b9df1bc5ef11

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: http://barid.com/auth/lgn

Response headers

Cache-Control: max-age=7776000, public
ETag: "62111601-6b"
Connection: keep-alive
Expires: Sat, 11 Jan 2025 14:36:58 GMT
Accept-Ranges: bytes
Content-Length: 107
Date: Sun, 13 Oct 2024 14:36:58 GMT
Content-Control: cache
Content-Type: text/css
Edge-control: downstream-ttl=7776000
Server: nginx/1.14.2

GET
H/1.1 200
OK loading_40.gif
barid.com/images/ 6 KB
6 KB 152ms
145ms Image
image/gif 193.201.172.97
MAIL-

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://barid.com/images/loading_40.gif
Requested by: Host: barid.com
URL: http://barid.com/auth/lgn
Protocol: HTTP/1.1
Server: 193.201.172.97 , Bulgaria, ASN25166 (MAIL-, BG),
Reverse DNS: barid.com
Software: nginx/1.14.2 /
Resource Hash: 6d2b20daea3d33d0635e3c42fa243e8c5138eff187e5bc99b01bc57022eb91d1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: http://barid.com/auth/lgn

Response headers

Cache-Control: max-age=7776000, public
ETag: "621115c7-1763"
Connection: keep-alive
Expires: Sat, 11 Jan 2025 14:36:58 GMT
Accept-Ranges: bytes
Content-Length: 5987
Date: Sun, 13 Oct 2024 14:36:58 GMT
Content-Control: cache
Content-Type: image/gif
Edge-control: downstream-ttl=7776000
Server: nginx/1.14.2

GET
H2

200

js Show response
www.googletagmanager.com/gtag/
Redirect Chain

http://www.googletagmanager.com/gtag/js?id=G-3FP48KE4G0
https://www.googletagmanager.com/gtag/js?id=G-3FP48KE4G0

324 KB
108 KB

906ms
407ms

Script
application/javascript

216.58.206.72
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-3FP48KE4G0

Requested by

Host: barid.com
URL: http://barid.com/auth/lgn

Protocol

Server

216.58.206.72 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

tzfraa-aa-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

816d4f96e309665b705e074c282d83d49720526c3d5433db418670d78c121ff3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: http://barid.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Sun, 13 Oct 2024 14:36:59 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 13 Oct 2024 14:36:59 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 109563
x-xss-protection: 0
server: Google Tag Manager

Redirect headers

Location: https://www.googletagmanager.com/gtag/js?id=G-3FP48KE4G0
Cross-Origin-Resource-Policy: cross-origin
Report-To: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
Content-Security-Policy-Report-Only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to=coop_reporting
Content-Length: 253
Date: Sun, 13 Oct 2024 14:36:59 GMT
X-XSS-Protection: 0
Content-Type: text/html; charset=UTF-8
Server: Google Tag Manager

GET
H/1.1 200
OK style_w320.css
barid.com/css/ 8 KB
3 KB 69ms
68ms Stylesheet
text/css 193.201.172.97
MAIL-

General

Check archive.org

Show headers Download Go to

Full URL: http://barid.com/css/style_w320.css
Requested by: Host: barid.com
URL: http://barid.com/auth/lgn
Protocol: HTTP/1.1
Server: 193.201.172.97 , Bulgaria, ASN25166 (MAIL-, BG),
Reverse DNS: barid.com
Software: nginx/1.14.2 /
Resource Hash: 6902710997bc288947449126ee6535e1aff79396a1ff4ed3287a756f0c89f228

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: http://barid.com/auth/lgn

Response headers

Transfer-Encoding: chunked
Cache-Control: max-age=7776000, public
Content-Encoding: gzip
ETag: W/"62111601-1fe1"
Connection: keep-alive
Expires: Sat, 11 Jan 2025 14:36:59 GMT
Date: Sun, 13 Oct 2024 14:36:59 GMT
Content-Control: cache
Content-Type: text/css
Vary: Accept-Encoding
Server: nginx/1.14.2
Edge-control: downstream-ttl=7776000

GET
H/1.1 200
OK style_w320_rtl.css
barid.com/css/ 946 B
1 KB 75ms
73ms Stylesheet
text/css 193.201.172.97
MAIL-

General

Check archive.org

Show headers Download Go to

Full URL: http://barid.com/css/style_w320_rtl.css
Requested by: Host: barid.com
URL: http://barid.com/auth/lgn
Protocol: HTTP/1.1
Server: 193.201.172.97 , Bulgaria, ASN25166 (MAIL-, BG),
Reverse DNS: barid.com
Software: nginx/1.14.2 /
Resource Hash: f4dc06d79a4bcfb87f7e75d8bf3287f6f361d61c571289a37af3cecc3a9881b0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: http://barid.com/auth/lgn

Response headers

Cache-Control: max-age=7776000, public
ETag: "62111601-3b2"
Connection: keep-alive
Expires: Sat, 11 Jan 2025 14:36:59 GMT
Accept-Ranges: bytes
Content-Length: 946
Date: Sun, 13 Oct 2024 14:36:59 GMT
Content-Control: cache
Content-Type: text/css
Edge-control: downstream-ttl=7776000
Server: nginx/1.14.2

GET
H/1.1 404
Not Found style_w360-1.css
barid.com/css/ 0
0 74ms
72ms Stylesheet
text/html 193.201.172.97
MAIL-

General

Check archive.org

Show headers Download Go to

Full URL: http://barid.com/css/style_w360-1.css
Requested by: Host: barid.com
URL: http://barid.com/auth/lgn
Protocol: HTTP/1.1
Server: 193.201.172.97 , Bulgaria, ASN25166 (MAIL-, BG),
Reverse DNS: barid.com
Software: nginx/1.14.2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: http://barid.com/auth/lgn

Response headers

Content-Length: 571
Date: Sun, 13 Oct 2024 14:36:59 GMT
Content-Type: text/html
Server: nginx/1.14.2
Connection: keep-alive

GET
H/1.1 200
OK style_w480.css
barid.com/css/ 5 KB
2 KB 75ms
73ms Stylesheet
text/css 193.201.172.97
MAIL-

General

Check archive.org

Show headers Download Go to

Full URL: http://barid.com/css/style_w480.css
Requested by: Host: barid.com
URL: http://barid.com/auth/lgn
Protocol: HTTP/1.1
Server: 193.201.172.97 , Bulgaria, ASN25166 (MAIL-, BG),
Reverse DNS: barid.com
Software: nginx/1.14.2 /
Resource Hash: 812e3096df0f1d9f563825f342d517a96e3e37ff4c1eac80939740c86f730cfd

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: http://barid.com/auth/lgn

Response headers

Transfer-Encoding: chunked
Cache-Control: max-age=7776000, public
Content-Encoding: gzip
ETag: W/"62111601-15e5"
Connection: keep-alive
Expires: Sat, 11 Jan 2025 14:36:59 GMT
Date: Sun, 13 Oct 2024 14:36:59 GMT
Content-Control: cache
Content-Type: text/css
Vary: Accept-Encoding
Server: nginx/1.14.2
Edge-control: downstream-ttl=7776000

GET
H/1.1 200
OK style_w640.css
barid.com/css/ 935 B
1 KB 72ms
70ms Stylesheet
text/css 193.201.172.97
MAIL-

General

Check archive.org

Show headers Download Go to

Full URL: http://barid.com/css/style_w640.css
Requested by: Host: barid.com
URL: http://barid.com/auth/lgn
Protocol: HTTP/1.1
Server: 193.201.172.97 , Bulgaria, ASN25166 (MAIL-, BG),
Reverse DNS: barid.com
Software: nginx/1.14.2 /
Resource Hash: 479965496c594cba4917c8600ab70b6b35930a17ace849e39699887ae9a95edc

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: http://barid.com/auth/lgn

Response headers

Cache-Control: max-age=7776000, public
ETag: "62111601-3a7"
Connection: keep-alive
Expires: Sat, 11 Jan 2025 14:36:59 GMT
Accept-Ranges: bytes
Content-Length: 935
Date: Sun, 13 Oct 2024 14:36:59 GMT
Content-Control: cache
Content-Type: text/css
Edge-control: downstream-ttl=7776000
Server: nginx/1.14.2

GET
H/1.1 200
OK style_w800.css
barid.com/css/ 2 KB
1 KB 165ms
159ms Stylesheet
text/css 193.201.172.97
MAIL-

General

Check archive.org

Show headers Download Go to

Full URL: http://barid.com/css/style_w800.css
Requested by: Host: barid.com
URL: http://barid.com/auth/lgn
Protocol: HTTP/1.1
Server: 193.201.172.97 , Bulgaria, ASN25166 (MAIL-, BG),
Reverse DNS: barid.com
Software: nginx/1.14.2 /
Resource Hash: 2293ac61ab60f45b62c7504505bfc0357df6dbe63aaf66026b034e873e3e2e31

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: http://barid.com/auth/lgn

Response headers

Transfer-Encoding: chunked
Cache-Control: max-age=7776000, public
Content-Encoding: gzip
ETag: W/"62111601-736"
Connection: keep-alive
Expires: Sat, 11 Jan 2025 14:36:59 GMT
Date: Sun, 13 Oct 2024 14:36:59 GMT
Content-Control: cache
Content-Type: text/css
Vary: Accept-Encoding
Server: nginx/1.14.2
Edge-control: downstream-ttl=7776000

GET
H/1.1 200
OK style_w800_rtl.css
barid.com/css/ 364 B
712 B 71ms
71ms Stylesheet
text/css 193.201.172.97
MAIL-

General

Check archive.org

Show headers Download Go to

Full URL: http://barid.com/css/style_w800_rtl.css
Requested by: Host: barid.com
URL: http://barid.com/auth/lgn
Protocol: HTTP/1.1
Server: 193.201.172.97 , Bulgaria, ASN25166 (MAIL-, BG),
Reverse DNS: barid.com
Software: nginx/1.14.2 /
Resource Hash: acc61bdbd5f5f058bc46be02ebed5542ff70563655ab3d10a61afc5751612cd5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: http://barid.com/auth/lgn

Response headers

Cache-Control: max-age=7776000, public
ETag: "62111601-16c"
Connection: keep-alive
Expires: Sat, 11 Jan 2025 14:36:59 GMT
Accept-Ranges: bytes
Content-Length: 364
Date: Sun, 13 Oct 2024 14:36:59 GMT
Content-Control: cache
Content-Type: text/css
Edge-control: downstream-ttl=7776000
Server: nginx/1.14.2

GET
H/1.1 200
OK style_wlt980.css
barid.com/css/ 200 B
547 B 75ms
75ms Stylesheet
text/css 193.201.172.97
MAIL-

General

Check archive.org

Show headers Download Go to

Full URL: http://barid.com/css/style_wlt980.css
Requested by: Host: barid.com
URL: http://barid.com/auth/lgn
Protocol: HTTP/1.1
Server: 193.201.172.97 , Bulgaria, ASN25166 (MAIL-, BG),
Reverse DNS: barid.com
Software: nginx/1.14.2 /
Resource Hash: 35dee14504fb0f5c9f007c4262fca9abfb5e61278eabdae9bb89002fc1ac7f61

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: http://barid.com/auth/lgn

Response headers

Cache-Control: max-age=7776000, public
ETag: "62111601-c8"
Connection: keep-alive
Expires: Sat, 11 Jan 2025 14:36:59 GMT
Accept-Ranges: bytes
Content-Length: 200
Date: Sun, 13 Oct 2024 14:36:59 GMT
Content-Control: cache
Content-Type: text/css
Edge-control: downstream-ttl=7776000
Server: nginx/1.14.2

GET
H/1.1 200
OK style_wlt980_rtl.css
barid.com/css/ 125 B
472 B 70ms
70ms Stylesheet
text/css 193.201.172.97
MAIL-

General

Check archive.org

Show headers Download Go to

Full URL: http://barid.com/css/style_wlt980_rtl.css
Requested by: Host: barid.com
URL: http://barid.com/auth/lgn
Protocol: HTTP/1.1
Server: 193.201.172.97 , Bulgaria, ASN25166 (MAIL-, BG),
Reverse DNS: barid.com
Software: nginx/1.14.2 /
Resource Hash: f8add30c39a89f5e92aa555d5968f1b0439c28fb63057e077fb56ffcc4636e4d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: http://barid.com/auth/lgn

Response headers

Cache-Control: max-age=7776000, public
ETag: "62111601-7d"
Connection: keep-alive
Expires: Sat, 11 Jan 2025 14:36:59 GMT
Accept-Ranges: bytes
Content-Length: 125
Date: Sun, 13 Oct 2024 14:36:59 GMT
Content-Control: cache
Content-Type: text/css
Edge-control: downstream-ttl=7776000
Server: nginx/1.14.2

GET
H/1.1 200
OK no_branding.css
barid.com/css/ 339 B
687 B 64ms
64ms Stylesheet
text/css 193.201.172.97
MAIL-

General

Check archive.org

Show headers Download Go to

Full URL: http://barid.com/css/no_branding.css
Requested by: Host: barid.com
URL: http://barid.com/auth/lgn
Protocol: HTTP/1.1
Server: 193.201.172.97 , Bulgaria, ASN25166 (MAIL-, BG),
Reverse DNS: barid.com
Software: nginx/1.14.2 /
Resource Hash: dd98ff739138c05693b76f909568d4a7bd558c7612f943571db6cbac1ebf0e16

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: http://barid.com/auth/lgn

Response headers

Cache-Control: max-age=7776000, public
ETag: "62111601-153"
Connection: keep-alive
Expires: Sat, 11 Jan 2025 14:36:59 GMT
Accept-Ranges: bytes
Content-Length: 339
Date: Sun, 13 Oct 2024 14:36:59 GMT
Content-Control: cache
Content-Type: text/css
Edge-control: downstream-ttl=7776000
Server: nginx/1.14.2

GET
H/1.1 200
OK style_w1024.css
barid.com/css/ 41 B
387 B 71ms
71ms Stylesheet
text/css 193.201.172.97
MAIL-

General

Check archive.org

Show headers Download Go to

Full URL: http://barid.com/css/style_w1024.css
Requested by: Host: barid.com
URL: http://barid.com/auth/lgn
Protocol: HTTP/1.1
Server: 193.201.172.97 , Bulgaria, ASN25166 (MAIL-, BG),
Reverse DNS: barid.com
Software: nginx/1.14.2 /
Resource Hash: da56c140f2aff86b9c7e5dd6557888b38ae3bf608cf88ad80e41009ebd75c523

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: http://barid.com/auth/lgn

Response headers

Cache-Control: max-age=7776000, public
ETag: "62111601-29"
Connection: keep-alive
Expires: Sat, 11 Jan 2025 14:36:59 GMT
Accept-Ranges: bytes
Content-Length: 41
Date: Sun, 13 Oct 2024 14:36:59 GMT
Content-Control: cache
Content-Type: text/css
Edge-control: downstream-ttl=7776000
Server: nginx/1.14.2

GET
H/1.1 200
OK sprites_big_all-11111116.png
barid.com/images/ 63 KB
63 KB 118ms
69ms Image
image/png 193.201.172.97
MAIL-

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://barid.com/images/sprites_big_all-11111116.png
Requested by: Host: barid.com
URL: http://barid.com/css/style_rtl-5.css
Protocol: HTTP/1.1
Server: 193.201.172.97 , Bulgaria, ASN25166 (MAIL-, BG),
Reverse DNS: barid.com
Software: nginx/1.14.2 /
Resource Hash: 3665f7d9a9cc998425ed2e80b9e0140cc417807cc20c2926c29a38918da03174

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: http://barid.com/css/style_rtl-5.css

Response headers

Cache-Control: max-age=7776000, public
ETag: "621115c7-fa76"
Connection: keep-alive
Expires: Sat, 11 Jan 2025 14:36:59 GMT
Accept-Ranges: bytes
Content-Length: 64118
Date: Sun, 13 Oct 2024 14:36:59 GMT
Content-Control: cache
Content-Type: image/png
Edge-control: downstream-ttl=7776000
Server: nginx/1.14.2

GET
H/1.1 200
OK sprites_small_flip-11111115.png
barid.com/images/ 14 KB
14 KB 118ms
70ms Image
image/png 193.201.172.97
MAIL-

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://barid.com/images/sprites_small_flip-11111115.png
Requested by: Host: barid.com
URL: http://barid.com/css/style_rtl-5.css
Protocol: HTTP/1.1
Server: 193.201.172.97 , Bulgaria, ASN25166 (MAIL-, BG),
Reverse DNS: barid.com
Software: nginx/1.14.2 /
Resource Hash: 4bbba80ea6ee23acf88db1bd666e648e4232243e7895c871355f3ddbd404a3c5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: http://barid.com/css/style_rtl-5.css

Response headers

Cache-Control: max-age=7776000, public
ETag: "621115c7-367f"
Connection: keep-alive
Expires: Sat, 11 Jan 2025 14:36:59 GMT
Accept-Ranges: bytes
Content-Length: 13951
Date: Sun, 13 Oct 2024 14:36:59 GMT
Content-Control: cache
Content-Type: image/png
Edge-control: downstream-ttl=7776000
Server: nginx/1.14.2

GET
DATA 200
OK truncated
/ 535 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 190500824ce37dcd2c2a3529233ffa408da2a28cf32dbf055098d1c98e859ee3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: http://barid.com/

Response headers

Content-Type: image/png

GET
H2

200

gpt.js Show response
www.googletagservices.com/tag/js/
Redirect Chain

http://www.googletagservices.com/tag/js/gpt.js
https://www.googletagservices.com/tag/js/gpt.js

104 KB
33 KB

927ms
61ms

Script
text/javascript

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: barid.com
URL: http://barid.com/auth/lgn

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

549ed6f8fe3b2004779abea4da25e8457e505b6d8a35d3d9b7cfcb96128d82f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: http://barid.com/

Response headers

content-encoding: br
etag: 385 / 20009 / m202410080101 / config-hash: 13922651294589384546
x-content-type-options: nosniff
expires: Sun, 13 Oct 2024 14:37:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Sun, 13 Oct 2024 14:37:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 32798
x-xss-protection: 0
server: cafe

Redirect headers

Cache-Control: private, max-age=900, stale-while-revalidate=3600
Location: https://www.googletagservices.com/tag/js/gpt.js
Timing-Allow-Origin: *
Cross-Origin-Resource-Policy: cross-origin
X-Content-Type-Options: nosniff
Expires: Sun, 13 Oct 2024 14:36:59 GMT
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Content-Length: 0
Date: Sun, 13 Oct 2024 14:36:59 GMT
X-XSS-Protection: 0
Content-Type: text/html; charset=UTF-8
Vary: Accept-Encoding
Server: cafe

GET
H/1.1 200
OK b.js Show response
adsy.mail.bg/js/ 35 KB
11 KB 235ms
156ms Script
text/javascript 193.201.172.98
MAIL-

General

Check archive.org

Show headers Download Go to

Full URL: http://adsy.mail.bg/js/b.js
Requested by: Host: barid.com
URL: http://barid.com/auth/lgn
Protocol: HTTP/1.1
Server: 193.201.172.98 , Bulgaria, ASN25166 (MAIL-, BG),
Reverse DNS: mail.bg
Software: nginx/1.14.2 /
Resource Hash: 602188f8cce8773e5a2d52333ef4638b6006f9871bab1763932fff29cf0ee6cc

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: http://barid.com/

Response headers

Transfer-Encoding: chunked
Cache-Control: max-age=0
Content-Encoding: gzip
ETag: W/"1634121417-0-6154711258652355340"
Connection: keep-alive
P3P: CP="CUR ADM OUR NOR STA NID"
Date: Sun, 13 Oct 2024 14:36:59 GMT
Content-Type: text/javascript
Vary: Accept-Encoding
Server: nginx/1.14.2
X-Server: web2

GET
H/1.1 200
OK prebid3.7.1.js Show response
adsy.mail.bg/js/ 135 KB
135 KB 69ms
68ms Script
application/javascript 193.201.172.98
MAIL-

General

Check archive.org

Show headers Download Go to

Full URL: http://adsy.mail.bg/js/prebid3.7.1.js
Requested by: Host: adsy.mail.bg
URL: http://adsy.mail.bg/js/b.js
Protocol: HTTP/1.1
Server: 193.201.172.98 , Bulgaria, ASN25166 (MAIL-, BG),
Reverse DNS: mail.bg
Software: nginx/1.14.2 /
Resource Hash: 14fb18e98482aad92fe16a14789a08dfcbd593ba3e15446111059fa013e53301

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: http://barid.com/

Response headers

ETag: "5f182922-21a2c"
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 137772
Date: Sun, 13 Oct 2024 14:36:59 GMT
Content-Type: application/javascript; charset=utf8
Last-Modified: Wed, 22 Jul 2020 11:55:14 GMT
X-Server: web2
Server: nginx/1.14.2

GET
H/1.1 200
OK get Show response
adsy.mail.bg/ 180 B
610 B 867ms
853ms Script
text/javascript 193.201.172.98
MAIL-

General

Check archive.org

Show headers Download Go to

Full URL: http://adsy.mail.bg/get?domain=mail.bg&lang=ar&prebid=%5Bobject%20Object%5D&ticket=1634121417-0-6154711258652355340&screen_width=1600&screen_height=1200&viewport_width=1600&viewport_height=1200&flash=0&browser_lang=it-it&referrer=&cb=48652385&chan=69
Requested by: Host: adsy.mail.bg
URL: http://adsy.mail.bg/js/b.js
Protocol: HTTP/1.1
Server: 193.201.172.98 , Bulgaria, ASN25166 (MAIL-, BG),
Reverse DNS: mail.bg
Software: nginx/1.14.2 /
Resource Hash: 2d9bae224061cf02f397268862d48674837832f7467e5cc144e5580b5b66a6e9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: http://barid.com/

Response headers

Transfer-Encoding: chunked
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Content-Encoding: gzip
Pragma: no-cache
Connection: keep-alive
P3P: CP="CUR ADM OUR NOR STA NID"
Date: Sun, 13 Oct 2024 14:37:00 GMT
Content-Type: text/javascript
Vary: Accept-Encoding
Server: nginx/1.14.2
X-Server: web2

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
187 B 884ms
166ms XHR
text/plain 178.250.1.56
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=26&wv=3.7.1&cb=44388746687

Requested by

Host: adsy.mail.bg
URL: http://adsy.mail.bg/js/prebid3.7.1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.56 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: http://barid.com/

Response headers

cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
access-control-allow-origin: http://barid.com
date: Sun, 13 Oct 2024 14:37:00 GMT
vary: Origin
server: Kestrel
access-control-allow-credentials: true

POST
H2 204 collect
analytics.google.com/g/ 0
0 592ms
59ms Fetch
text/plain 142.250.181.238
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-3FP48KE4G0&gtm=45je4a90v894050347za200&_p=1728830219010&_gaz=1&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101533422~101671035~101686685&cid=874608951.1728830220&ul=it-it&sr=1600x1200&_ng=1&are=1&frm=0&pscdl=noapi&_s=1&sid=1728830220&sct=1&seg=0&dl=http%3A%2F%2Fbarid.com%2Fauth%2Flgn&dt=Barid.com%3A%20%D8%AA%D8%B3%D8%AC%D9%8A%D9%84%20%D8%A7%D9%84%D8%AF%D8%AE%D9%88%D9%84%3A%20%D8%AA%D8%B3%D8%AC%D9%8A%D9%84%20%D8%A7%D9%84%D8%AF%D8%AE%D9%88%D9%84%3A%20%D8%AA%D8%B3%D8%AC%D9%8A%D9%84%20%D8%A7%D9%84%D8%AF%D8%AE%D9%88%D9%84&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=3285
Requested by: Host: www.googletagmanager.com
URL: http://www.googletagmanager.com/gtag/js?id=G-3FP48KE4G0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.181.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s56-in-f14.1e100.net
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: http://barid.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: http://barid.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 13 Oct 2024 14:37:01 GMT
content-type: text/plain
server: Golfe2

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
540 B 768ms
82ms Ping
text/plain 142.251.168.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&_ng=1&tid=G-3FP48KE4G0&cid=874608951.1728830220&gtm=45je4a90v894050347za200&aip=1&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=101533422~101671035~101686685
Requested by: Host: www.googletagmanager.com
URL: http://www.googletagmanager.com/gtag/js?id=G-3FP48KE4G0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.251.168.155 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS: wh-in-f155.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: http://barid.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: http://barid.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 13 Oct 2024 14:37:01 GMT
content-type: text/plain
server: Golfe2

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202410080101/ 482 KB
150 KB 656ms
43ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202410080101/pubads_impl.js

Requested by

Host: www.googletagservices.com
URL: http://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

2a2473623b8541529d038b10b49f6ac263410a7482c16c7b4cf75049d578b1ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: http://barid.com/

Response headers

content-encoding: br
etag: 16473538103295901464
age: 13357
x-content-type-options: nosniff
expires: Mon, 13 Oct 2025 10:54:24 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Sun, 13 Oct 2024 10:54:24 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 153186
x-xss-protection: 0
server: cafe

GET
H2 200 1036930 Show response
fundingchoicesmessages.google.com/i/ 200 KB
66 KB 572ms
83ms Script
application/javascript 142.250.186.78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/1036930?ers=3

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202410080101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f14.1e100.net

Software

ESF /

Resource Hash

8f674c07db40d0c0cc84aaa712802d2e8c6c00b5c8f9932f215a906c0e9f502b

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-rgFmYBdjEJXt-JAxVh8Edw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: http://barid.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 13 Oct 2024 14:37:02 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjqtDikmII0pBiOO90h-k6EEt8fcmkBcRO6TNYQ4C49eY51ulAnPTvPGsJELtrXWT1B2JDhUuszkDsWHSJ1ROIVXsusZoD8f11l1ifA_HXPZdY_wLx3o-XWI8CcZHEFdYWIL7ddIX1MRALcXP0bVu_g03gx979jkoaSfmF8cn5eSVFmUmlJflFaclpqcWpRWWpRfFGBkYmhgYGlnoGRvEFBgAGOEpB"
content-security-policy: script-src 'report-sample' 'nonce-rgFmYBdjEJXt-JAxVh8Edw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin: *
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

GET
H2 200 AGSKWxUygNJSBVJ69eW_OfH0fT4TEradrlbkHsyNOFFP-9LvIhof7QYZaQX3ogW3XmNGVnCiX-nZKKce4gPtOcnwJ1yJaXZW5hEajW6aOUIzwGB4A_FTydWmYiO1y2nLg3AMNy171rX-FQ== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 295ms
294ms Script
application/javascript 142.250.186.78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxUygNJSBVJ69eW_OfH0fT4TEradrlbkHsyNOFFP-9LvIhof7QYZaQX3ogW3XmNGVnCiX-nZKKce4gPtOcnwJ1yJaXZW5hEajW6aOUIzwGB4A_FTydWmYiO1y2nLg3AMNy171rX-FQ==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzI4ODMwMjIyLDMzNDAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cDovL2JhcmlkLmNvbS9hdXRoL2xnbiIsbnVsbCxbWzgsInRhQmdHdlJRQzIwIl0sWzksIml0Il0sWzE5LCIyIl0sWzE3LCJbMF0iXV1d

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.it.taBgGvRQC20.es5.O/am=DAY/d=1/rs=AJlcJMxTBn2oqlnR6HipF-WV2ZHoDukcVg/m=kernel_loader,loader_js_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f14.1e100.net

Software

ESF /

Resource Hash

cb1fd342415b8e03808534146a27d543affdb6434133000e861a9e20a15c43de

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-UoaXOXE9TYrYAX2vn3gowA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: http://barid.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 13 Oct 2024 14:37:02 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjamDU4pJi8NaQYjh56zbTRSA-73SH6ToQS3x9yaQFxE7pM1hDgLj15jnW6UCc9O88awkQu2tdZPUHYkOFS6zOQOxYdInVE4hVey6xmgPx_XWXWJ8D8dc9l1j_AvHej5dYjwJxkcQV1hYgvt10hfUxEAvxcPRtW7-DTeDEkVvbGJU0kvIL45Pz80qKMpNKS_KL0pLTUotTi8pSi-KNDIxMDA0MLPUMjOILDADHgE-0"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-UoaXOXE9TYrYAX2vn3gowA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin: *
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

GET
H2 200 AGSKWxVFrvVXjE1Xd_3kSuJdQoq6Wb64kaar-fYhCXRy-HwPKgwdOmytUBby0zI07knK3bo-Tg3XJ9VuKalsb3F8J64_sCoYBInu8ymhlU8CR6YqN4BnabaPi80Eaz9rijrgyLkzyo2Z1w== Show response
fundingchoicesmessages.google.com/f/ 10 KB
5 KB 64ms
63ms Script
application/javascript 142.250.186.78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxVFrvVXjE1Xd_3kSuJdQoq6Wb64kaar-fYhCXRy-HwPKgwdOmytUBby0zI07knK3bo-Tg3XJ9VuKalsb3F8J64_sCoYBInu8ymhlU8CR6YqN4BnabaPi80Eaz9rijrgyLkzyo2Z1w==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzI4ODMwMjIyLDY0MjAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOV0sbnVsbCwyLG51bGwsImJnIl0sImh0dHA6Ly9iYXJpZC5jb20vYXV0aC9sZ24iLG51bGwsW1s4LCJ0YUJnR3ZSUUMyMCJdLFs5LCJpdCJdLFsxOSwiMiJdLFsxNywiWzBdIl1dXQ

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f14.1e100.net

Software

ESF /

Resource Hash

7a03eeb209c838a282277fd9affeb47c03b1c95c00164c65bdafd5046bba98fd

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-K_AI6p65IXOjhMklInmhwA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: http://barid.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 13 Oct 2024 14:37:02 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjqtDikmII0pBiOO90h-k6EEt8fcmkBcRO6TNYQ4C49eY51ulAnPTvPGsJELtrXWT1B2JDhUuszkDsWHSJ1ROIVXsusZoD8f11l1ifA_HXPZdY_wLx3o-XWI8CcZHEFdYWIL7ddIX1MRAL8XD0bVu_g03gxZXpp5mUNJLyC-OT8_NKijKTSkvyi9KS01KLU4vKUovijQyMTAwNDCz1DIziCwwAVJdKrQ"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-K_AI6p65IXOjhMklInmhwA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin: *
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

GET
H/1.1 200
OK script-28.js Show response
barid.com/js/ 742 KB
148 KB 78ms
76ms Script
application/javascript 193.201.172.97
MAIL-

General

Check archive.org

Show headers Download Go to

Full URL: http://barid.com/js/script-28.js
Requested by: Host: barid.com
URL: http://barid.com/auth/lgn
Protocol: HTTP/1.1
Server: 193.201.172.97 , Bulgaria, ASN25166 (MAIL-, BG),
Reverse DNS: barid.com
Software: nginx/1.14.2 /
Resource Hash: fd15646c690d781523c8dbe3bcd46d1f922e6a7bb1bcdbcb0b2057c119494375

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: http://barid.com/auth/lgn

Response headers

Transfer-Encoding: chunked
Cache-Control: max-age=7776000, public
Content-Encoding: gzip
ETag: W/"65b57d64-b987d"
Connection: keep-alive
Expires: Sat, 11 Jan 2025 14:37:02 GMT
Date: Sun, 13 Oct 2024 14:37:02 GMT
Content-Control: cache
Content-Type: application/javascript
Vary: Accept-Encoding
Server: nginx/1.14.2
Edge-control: downstream-ttl=7776000

GET
H/1.1 200
OK favicon.ico
barid.com/ 4 KB
5 KB 76ms
75ms Other
image/x-icon 193.201.172.97
MAIL-

General

Check archive.org

Show headers Download Go to

Full URL: http://barid.com/favicon.ico
Protocol: HTTP/1.1
Server: 193.201.172.97 , Bulgaria, ASN25166 (MAIL-, BG),
Reverse DNS: barid.com
Software: nginx/1.14.2 /
Resource Hash: 6592af579960d0ad378af8e0930891adf9fb2608986f9847de3d387606c03082

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: http://barid.com/auth/lgn

Response headers

Cache-Control: max-age=7776000, public
ETag: "621115c4-10be"
Connection: keep-alive
Expires: Sat, 11 Jan 2025 14:37:02 GMT
Accept-Ranges: bytes
Content-Length: 4286
Date: Sun, 13 Oct 2024 14:37:02 GMT
Content-Control: cache
Content-Type: image/x-icon
Edge-control: downstream-ttl=7776000
Server: nginx/1.14.2

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 93 KB
30 KB 646ms
102ms Script
text/javascript 178.250.1.3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.js

Requested by

Host: adsy.mail.bg
URL: http://adsy.mail.bg/js/prebid3.7.1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

ed16fa3a22d2b0c3c773c71f4d12212522494e8bb20e3e7c9f72d0aba419dba0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: http://barid.com/

Response headers

strict-transport-security: max-age=31536000; preload;
cache-control: max-age=86400, public
timing-allow-origin: *
content-encoding: gzip
etag: W/"66d98e6d-1748b"
cross-origin-resource-policy: cross-origin
expires: Mon, 14 Oct 2024 14:37:03 GMT
access-control-allow-origin: *
date: Sun, 13 Oct 2024 14:37:03 GMT
content-type: text/javascript
last-modified: Thu, 05 Sep 2024 10:56:45 GMT
server: nginx

GET json
barid.com/auth/corstest/format/ 0
0

GET
H2

200

dc.js Show response
stats.g.doubleclick.net/
Redirect Chain

http://stats.g.doubleclick.net/dc.js
https://stats.g.doubleclick.net/dc.js

45 KB
17 KB

69ms
67ms

Script
text/javascript

142.251.168.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/dc.js

Protocol

Server

142.251.168.155 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

wh-in-f155.1e100.net

Software

Golfe2 /

Resource Hash

6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: http://barid.com/

Response headers

content-encoding: gzip
age: 3093
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgdc:123:0"}],}
x-content-type-options: nosniff
expires: Sun, 13 Oct 2024 15:45:30 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 13 Oct 2024 13:45:30 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
content-type: text/javascript
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgdc:123:0
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 17093
server: Golfe2

Redirect headers

Cross-Origin-Resource-Policy: Cross-Origin
Location: https://stats.g.doubleclick.net/dc.js
Non-Authoritative-Reason: HSTS

OPTIONS
H/1.1 204
No Content json
barid.com/auth/corstest/format/ Frame 0
0 390ms
167ms Preflight 193.201.172.97
MAIL-

General

Check archive.org

Show headers Download Go to

Full URL: https://barid.com/auth/corstest/format/json
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 193.201.172.97 , Bulgaria, ASN25166 (MAIL-, BG),
Reverse DNS: barid.com
Software: nginx/1.14.2 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: x-requested-with
Access-Control-Request-Method: GET
Origin: http://barid.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: x-requested-with
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: http://barid.com
Connection: keep-alive
Date: Sun, 13 Oct 2024 14:37:03 GMT
Server: nginx/1.14.2
X-Server: web2

GET
H2

200

__utm.gif
stats.g.doubleclick.net/r/
Redirect Chain

http://stats.g.doubleclick.net/r/__utm.gif?utmwv=5.7.2dc&utms=1&utmn=1324153827&utmhn=barid.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=it-it&utmje=0&utmfl=-&utmdt=Barid.com%...
https://stats.g.doubleclick.net/r/__utm.gif?utmwv=5.7.2dc&utms=1&utmn=1324153827&utmhn=barid.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=it-it&utmje=0&utmfl=-&utmdt=Barid.com...

35 B
349 B

71ms
71ms

Image
image/gif

142.251.168.155
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stats.g.doubleclick.net/r/__utm.gif?utmwv=5.7.2dc&utms=1&utmn=1324153827&utmhn=barid.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=it-it&utmje=0&utmfl=-&utmdt=Barid.com%3A%20%D8%AA%D8%B3%D8%AC%D9%8A%D9%84%20%D8%A7%D9%84%D8%AF%D8%AE%D9%88%D9%84%3A%20%D8%AA%D8%B3%D8%AC%D9%8A%D9%84%20%D8%A7%D9%84%D8%AF%D8%AE%D9%88%D9%84%3A%20%D8%AA%D8%B3%D8%AC%D9%8A%D9%84%20%D8%A7%D9%84%D8%AF%D8%AE%D9%88%D9%84&utmhid=578177866&utmr=-&utmp=%2Fauth%2Flgn&utmht=1728830223240&utmac=UA-5624009-3&utmcc=__utma%3D226145417.874608951.1728830220.1728830223.1728830223.1%3B%2B__utmz%3D226145417.1728830223.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=489661583&utmredir=3&utmu=CAAAAAAAACAAAAAAAAABAAAE~

Protocol

Server

142.251.168.155 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

wh-in-f155.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: http://barid.com/

Response headers

report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgdc:143:0"}],}
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 13 Oct 2024 14:37:03 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
content-type: image/gif
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgdc:143:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 35
server: Golfe2

Redirect headers

Cross-Origin-Resource-Policy: Cross-Origin
Location: https://stats.g.doubleclick.net/r/__utm.gif?utmwv=5.7.2dc&utms=1&utmn=1324153827&utmhn=barid.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=it-it&utmje=0&utmfl=-&utmdt=Barid.com%3A%20%D8%AA%D8%B3%D8%AC%D9%8A%D9%84%20%D8%A7%D9%84%D8%AF%D8%AE%D9%88%D9%84%3A%20%D8%AA%D8%B3%D8%AC%D9%8A%D9%84%20%D8%A7%D9%84%D8%AF%D8%AE%D9%88%D9%84%3A%20%D8%AA%D8%B3%D8%AC%D9%8A%D9%84%20%D8%A7%D9%84%D8%AF%D8%AE%D9%88%D9%84&utmhid=578177866&utmr=-&utmp=%2Fauth%2Flgn&utmht=1728830223240&utmac=UA-5624009-3&utmcc=__utma%3D226145417.874608951.1728830220.1728830223.1728830223.1%3B%2B__utmz%3D226145417.1728830223.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=489661583&utmredir=3&utmu=CAAAAAAAACAAAAAAAAABAAAE~
Non-Authoritative-Reason: HSTS

GET
H2 200 microad. Show response
fundingchoicesmessages.google.com/f/AGSKWxXy1suE_bXDab6CCHhY1RzVa5yEE3LNSHMjIR6fZZXLemyo9rvijVNxdfl0GtjB_kLQIqZrSGUn_SLdtgOrkRLtutnoR3-vPj-BiM2DeE6TYfUevdmrOMhMPlPijrhW6k_MM5hbQdktQFZQtjUOwSCnScbxs... 54 B
529 B 57ms
51ms Script
application/javascript 142.250.186.78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXy1suE_bXDab6CCHhY1RzVa5yEE3LNSHMjIR6fZZXLemyo9rvijVNxdfl0GtjB_kLQIqZrSGUn_SLdtgOrkRLtutnoR3-vPj-BiM2DeE6TYfUevdmrOMhMPlPijrhW6k_MM5hbQdktQFZQtjUOwSCnScbxsIEH1gIIZgnuA8dJ6z28vfWTbyctwW_b/_/pagepeelpro./revboostprocdnadsprod./glam300./adnet./microad.

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.it.taBgGvRQC20.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMyZxBDBfgcyEVlxP65vl9_VV9nMtw/m=ad_blocking_detection_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f14.1e100.net

Software

ESF /

Resource Hash

2e9878dcaf11cb14f5a9d203c2e09cf65f40042240683812e295d8672f6e6046

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-xTwyKPYfNuTEWu65Ytb_lQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: http://barid.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 13 Oct 2024 14:37:03 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjqtDikmLw1ZBiOO90h-k6EEt8fcmkBcRO6TNYQ4C49eY51ulAnPTvPGsJELtrXWT1B2JDhUuszkDsWHSJ1ROIVXsusZoD8f11l1ifA_HXPZdY_wLx3o-XWI8CcZHEFdYWIL7ddIX1MRAL8XD0b1u_g03gwf0H-xiVNJLyC-OT8_NKijKTSkvyi9KS01KLU4vKUovijQyMTAwNDCz1DIziCwwAXGBK5w"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-xTwyKPYfNuTEWu65Ytb_lQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

GET
H2 200 rum.js Show response
pagead2.googlesyndication.com/pagead/js/ 71 KB
27 KB 604ms
40ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/rum.js?fcd=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

2409342dfa772d485974fad5471e728e8d37e4716816a5d66bfc99b49f5abf63

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: http://barid.com/

Response headers

content-encoding: br
etag: 6705690374923259634
age: 3390
x-content-type-options: nosniff
expires: Sun, 13 Oct 2024 14:40:33 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Sun, 13 Oct 2024 13:40:33 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 26732
x-xss-protection: 0
server: cafe

POST
H2 204 AGSKWxUxBubY9b18HtTvuVUFDDsRve-_-vk8N300212ljuR9BZun2qNBV8FJcUmAzcdsvrLdrZqOMVjsxi7Ysqfmglx98cl9mQsH2GWNEFuCNJRqPMJuzJJ13_bS0NmwdXXvq2bzW0Ai5g== Show response
fundingchoicesmessages.google.com/el/ 0
1 KB 512ms
64ms XHR
text/html 142.250.186.78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUxBubY9b18HtTvuVUFDDsRve-_-vk8N300212ljuR9BZun2qNBV8FJcUmAzcdsvrLdrZqOMVjsxi7Ysqfmglx98cl9mQsH2GWNEFuCNJRqPMJuzJJ13_bS0NmwdXXvq2bzW0Ai5g==

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-yp4_OZN2pId2ydtXIckZsQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: http://barid.com/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 13 Oct 2024 14:37:03 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tDikmJw15BicEqfwRoCxO5aF1n9gfjrnkusf4F478dLrEeBWIiHo3_b-h1sAie-zJvKrOSSlF8Yn5yfV5KaV6KbmFKsC2IXZSaVluQXobBTy0AqcvLT0zPz0uONDIxMDA0MDfQMzOILDADWai9Y"
content-security-policy: script-src 'report-sample' 'nonce-yp4_OZN2pId2ydtXIckZsQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: http://barid.com
content-length: 0
x-xss-protection: 0
server: ESF

POST
H2 204 AGSKWxUxBubY9b18HtTvuVUFDDsRve-_-vk8N300212ljuR9BZun2qNBV8FJcUmAzcdsvrLdrZqOMVjsxi7Ysqfmglx98cl9mQsH2GWNEFuCNJRqPMJuzJJ13_bS0NmwdXXvq2bzW0Ai5g== Show response
fundingchoicesmessages.google.com/el/ 0
367 B 474ms
86ms XHR
text/html 142.250.186.78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUxBubY9b18HtTvuVUFDDsRve-_-vk8N300212ljuR9BZun2qNBV8FJcUmAzcdsvrLdrZqOMVjsxi7Ysqfmglx98cl9mQsH2GWNEFuCNJRqPMJuzJJ13_bS0NmwdXXvq2bzW0Ai5g==

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-HQGSPTj_vJxGxXZDf3boRA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: http://barid.com/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 13 Oct 2024 14:37:03 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tDikmJw1ZBicEqfwRoCxO5aF1n9gfjrnkusf4F478dLrEeBWIiHo3_b-h1sAhPunJjKrOSSlF8Yn5yfV5KaV6KbmFKsC2IXZSaVluQXobBTy0AqcvLT0zPz0uONDIxMDA0MDfQMzOILDADKHC8w"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-HQGSPTj_vJxGxXZDf3boRA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: http://barid.com
content-length: 0
x-xss-protection: 0
server: ESF

GET
H2 200 syncframe
gum.criteo.com/ Frame 2717 0
0 594ms
74ms Document
text/html 178.250.1.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=barid.com&gdpr=0&gdpr_consent=

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: http://barid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 13 Oct 2024 14:37:03 GMT
server: Kestrel
server-processing-duration-in-ticks: 298431
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
x-robots-tag: noindex

GET
H2 200 publishertag.prebid.157.js Show response
static.criteo.net/js/ld/ 93 KB
30 KB 619ms
114ms XHR
text/javascript 178.250.1.3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.157.js

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

ed16fa3a22d2b0c3c773c71f4d12212522494e8bb20e3e7c9f72d0aba419dba0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: http://barid.com/

Response headers

strict-transport-security: max-age=31536000; preload;
cache-control: max-age=86400, public
timing-allow-origin: *
content-encoding: gzip
etag: W/"66d98e6d-1748b"
cross-origin-resource-policy: cross-origin
expires: Mon, 14 Oct 2024 14:37:04 GMT
access-control-allow-origin: *
date: Sun, 13 Oct 2024 14:37:04 GMT
content-type: text/javascript
last-modified: Thu, 05 Sep 2024 10:56:45 GMT
server: nginx

POST
H2 204 AGSKWxUxBubY9b18HtTvuVUFDDsRve-_-vk8N300212ljuR9BZun2qNBV8FJcUmAzcdsvrLdrZqOMVjsxi7Ysqfmglx98cl9mQsH2GWNEFuCNJRqPMJuzJJ13_bS0NmwdXXvq2bzW0Ai5g== Show response
fundingchoicesmessages.google.com/el/ 0
366 B 53ms
52ms XHR
text/html 142.250.186.78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUxBubY9b18HtTvuVUFDDsRve-_-vk8N300212ljuR9BZun2qNBV8FJcUmAzcdsvrLdrZqOMVjsxi7Ysqfmglx98cl9mQsH2GWNEFuCNJRqPMJuzJJ13_bS0NmwdXXvq2bzW0Ai5g==

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-Y9r4yM_fsp6y-GvPQNctLQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: http://barid.com/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 13 Oct 2024 14:37:04 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tDikmII0pBicEqfwRoCxO5aF1n9gfjrnkusf4F478dLrEeBWIibY8K29TvYBHY82SOt5JKUXxifnJ9XkppXopuYUqwLYhdlJpWW5BehsFPLQCpy8tPTM_PS440MjEwMDQwN9AzM4gsMAKHbLuQ"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-Y9r4yM_fsp6y-GvPQNctLQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: http://barid.com
content-length: 0
x-xss-protection: 0
server: ESF

POST
H2 204 AGSKWxUxBubY9b18HtTvuVUFDDsRve-_-vk8N300212ljuR9BZun2qNBV8FJcUmAzcdsvrLdrZqOMVjsxi7Ysqfmglx98cl9mQsH2GWNEFuCNJRqPMJuzJJ13_bS0NmwdXXvq2bzW0Ai5g== Show response
fundingchoicesmessages.google.com/el/ 0
366 B 54ms
54ms XHR
text/html 142.250.186.78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUxBubY9b18HtTvuVUFDDsRve-_-vk8N300212ljuR9BZun2qNBV8FJcUmAzcdsvrLdrZqOMVjsxi7Ysqfmglx98cl9mQsH2GWNEFuCNJRqPMJuzJJ13_bS0NmwdXXvq2bzW0Ai5g==

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-AfPuI5OEup25k3k1YqeeCg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: http://barid.com/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 13 Oct 2024 14:37:04 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tDikmII1JBicEqfwRoCxO5aF1n9gfjrnkusf4F478dLrEeBWIibY8K29TvYBF5s_SCt5JKUXxifnJ9XkppXopuYUqwLYhdlJpWW5BehsFPLQCpy8tPTM_PS440MjEwMDQwN9AzM4gsMALB9Lxg"
content-security-policy: script-src 'report-sample' 'nonce-AfPuI5OEup25k3k1YqeeCg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: http://barid.com
content-length: 0
x-xss-protection: 0
server: ESF

GET
H2 200 AGSKWxWnRc3E9fIsMbwLqxmQu5-W20TaO0g1G9IUA0AqhRQainYOh4fhJiZ7bQ-7Accrvy4rlWvA8Yd8J6nUbfwJbH--X884qjxwOOjY_jD4qWrjnnyyFBzHTytvbjcBficl8T93fTHxWA== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 77ms
77ms Script
application/javascript 142.250.186.78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxWnRc3E9fIsMbwLqxmQu5-W20TaO0g1G9IUA0AqhRQainYOh4fhJiZ7bQ-7Accrvy4rlWvA8Yd8J6nUbfwJbH--X884qjxwOOjY_jD4qWrjnnyyFBzHTytvbjcBficl8T93fTHxWA==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzI4ODMwMjI0LDM1MDAwMDAwXSxudWxsLG51bGwsbnVsbCxbbnVsbCxbNyw5LDZdLG51bGwsMixudWxsLCJiZyIsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLDFdLCJodHRwOi8vYmFyaWQuY29tL2F1dGgvbGduIixudWxsLFtbOCwidGFCZ0d2UlFDMjAiXSxbOSwiaXQiXSxbMTksIjIiXSxbMTcsIlswXSJdXV0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f14.1e100.net

Software

ESF /

Resource Hash

08e0343fe83dafef1a2ff8b1f164a2fbaf31b986066b8ca94fdb9b6e71ad6732

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-ikXYmrZkufE01ptMwfbOtQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: http://barid.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 13 Oct 2024 14:37:04 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjqtDikmLw0JBiOO90h-k6EEt8fcmkBcRO6TNYQ4C49eY51ulAnPTvPGsJELtrXWT1B2JDhUuszkDsWHSJ1ROIVXsusZoD8f11l1ifA_HXPZdY_wLx3o-XWI8CcZHEFdYWIL7ddIX1MRALcXNM2LZ-B5vAi5nftJQ0kvIL45Pz80qKMpNKS_KL0pLTUotTi8pSi-KNDIxMDA0MLPUMjOILDAD8Rkol"
content-security-policy: script-src 'report-sample' 'nonce-ikXYmrZkufE01ptMwfbOtQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin: *
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

POST
H2 204 csi
csi.gstatic.com/ 0
532 B 605ms
82ms Ping
image/gif 216.239.32.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&top=1&puid=1~m27ovmao&ctx=0&met.9=1.2lf~2.3bh
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/rum.js?fcd=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.32.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: http://barid.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgcc:41:0"}],}
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgcc:41:0
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 13 Oct 2024 14:37:04 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
content-type: image/gif
server: Golfe2

POST
H2 204 AGSKWxVjK5yKWeY4fM5S2-sfKwiJFgWZblNoBLOCgEU39ludsqqhJDEpp3llbHqgsFRS4iACJlz6vkv5sljIsl7_vBS8zVISmtTMOWE1VYafTXVqn6PmCJZ-3G6DWFYYC7tvzVD-XYMVhA== Show response
fundingchoicesmessages.google.com/el/ 0
366 B 49ms
47ms XHR
text/html 142.250.186.78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVjK5yKWeY4fM5S2-sfKwiJFgWZblNoBLOCgEU39ludsqqhJDEpp3llbHqgsFRS4iACJlz6vkv5sljIsl7_vBS8zVISmtTMOWE1VYafTXVqn6PmCJZ-3G6DWFYYC7tvzVD-XYMVhA==

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Mupbcbr6j3lHAzRU6unlBw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: http://barid.com/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 13 Oct 2024 14:37:04 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tDikmII1JBicEqfwRoCxO5aF1n9gfjrnkusf4F478dLrEeBWIibY8K29TvYBHZ8nOak5JKUXxifnJ9XkppXopuYUqwLYhdlJpWW5BehsFPLQCpy8tPTM_PS440MjEwMDQwN9AzM4gsMAKU6LvE"
content-security-policy: script-src 'report-sample' 'nonce-Mupbcbr6j3lHAzRU6unlBw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: http://barid.com
content-length: 0
x-xss-protection: 0
server: ESF

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: barid.com
URL: https://barid.com/auth/corstest/format/json

Verdicts & Comments Add Verdict or Comment

392 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

14 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.barid.com/	1969-12-31 23:59:59	Name: s Value: 6dcf94eac7b04d4adee5935c9317dfc6
.barid.com/	1970-01-21 08:59:26	Name: t Value: l.ar_f
barid.com/	1970-01-21 08:59:26	Name: vid Value: 1634121417-0-6154711258652355340
.barid.com/	1970-01-21 09:49:50	Name: _ga Value: GA1.1.874608951.1728830220
.barid.com/	1970-01-21 09:49:50	Name: _ga_3FP48KE4G0 Value: GS1.1.1728830220.1.0.1728830220.60.0.0
.barid.com/	1970-01-21 09:49:50	Name: __utma Value: 226145417.874608951.1728830220.1728830223.1728830223.1
.barid.com/	1969-12-31 23:59:59	Name: __utmc Value: 226145417
.barid.com/	1970-01-21 04:36:38	Name: __utmz Value: 226145417.1728830223.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none)
.barid.com/	1970-01-21 00:13:50	Name: __utmt Value: 1
.barid.com/	1970-01-21 00:13:52	Name: __utmb Value: 226145417.1.10.1728830223
.barid.com/	1970-01-21 08:59:26	Name: FCNEC Value: %5B%5B%22AKsRol_JFl0G1M1qPIbUiAXQ1aJ7XROGBSfMq0SuUU_TWB0eAqJh8tMc7xI5UsHjvO_I632vlwwMTIit4uOn-fsmSp5TXDEe_YqqcdX8MMKNtPY4M0pXdNl-VKGPd7ky-0yNKRS-Hgg1vD9uwhyM-72U1gcfGWHthw%3D%3D%22%5D%5D
.criteo.com/	1970-01-21 09:35:26	Name: uid Value: ddaadaa5-0936-489e-9108-9a3e2d5cefe1
.criteo.com/	1970-01-21 09:35:26	Name: receive-cookie-deprecation Value: 1
.barid.com/	1970-01-21 09:35:26	Name: cto_bundle Value: E129r19RUHNkR2RYYjBaOVR4d0xjd0U4emJZTE42d0VYV3QyNFB3JTJCZmg0OG5VaVNsaEQlMkZ0N0F1THZqJTJCdTM5ZnFuSWVoY2t1RVVpZ1lqRTloQ1AxWkhnc1JPRnR4Vk1RalhBaiUyRnFkT255bnkwbE1XRWdrTSUyRkZqaGVtbXdGUTFqc3FIYzFWUFVrZCUyRkpjQTZzWG82dHUzS2FvTnclM0QlM0Q

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
recommendation	verbose	URL: http://barid.com/auth/lgn Message: [DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o
recommendation	verbose	URL: http://barid.com/auth/lgn Message: [DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o
network	error	URL: http://barid.com/css/style_w360-1.css Message: Failed to load resource: the server responded with a status of 404 (Not Found)
javascript	error	URL: http://barid.com/auth/lgn Message: Access to XMLHttpRequest at 'https://barid.com/auth/corstest/format/json' from origin 'http://barid.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://barid.com/auth/corstest/format/json Message: Failed to load resource: net::ERR_FAILED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adsy.mail.bg
analytics.google.com
barid.com
bidder.criteo.com
csi.gstatic.com
fundingchoicesmessages.google.com
gum.criteo.com
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
static.criteo.net
stats.g.doubleclick.net
www.googletagmanager.com
www.googletagservices.com
barid.com
142.250.181.238
142.250.185.194
142.250.185.226
142.250.185.98
142.250.186.78
142.251.168.155
178.250.1.11
178.250.1.3
178.250.1.56
193.201.172.97
193.201.172.98
216.239.32.3
216.58.206.72
216.58.212.162
08e0343fe83dafef1a2ff8b1f164a2fbaf31b986066b8ca94fdb9b6e71ad6732
095d743b246e5e49c21f846015d77f53e7d7176b7ed162314e186711403cf373
14fb18e98482aad92fe16a14789a08dfcbd593ba3e15446111059fa013e53301
190500824ce37dcd2c2a3529233ffa408da2a28cf32dbf055098d1c98e859ee3
2293ac61ab60f45b62c7504505bfc0357df6dbe63aaf66026b034e873e3e2e31
2409342dfa772d485974fad5471e728e8d37e4716816a5d66bfc99b49f5abf63
2a2473623b8541529d038b10b49f6ac263410a7482c16c7b4cf75049d578b1ae
2d9bae224061cf02f397268862d48674837832f7467e5cc144e5580b5b66a6e9
2e9878dcaf11cb14f5a9d203c2e09cf65f40042240683812e295d8672f6e6046
32f30dd2df311ad1ab5a1f1e6cf55fb8a3a25f9889f67294f823ac484950cdbb
35dee14504fb0f5c9f007c4262fca9abfb5e61278eabdae9bb89002fc1ac7f61
3665f7d9a9cc998425ed2e80b9e0140cc417807cc20c2926c29a38918da03174
479965496c594cba4917c8600ab70b6b35930a17ace849e39699887ae9a95edc
4bbba80ea6ee23acf88db1bd666e648e4232243e7895c871355f3ddbd404a3c5
4db4b533093b2372c4bf3f9faa2ffbd8538c3ef2dd514225e2fd8c1353afec22
549ed6f8fe3b2004779abea4da25e8457e505b6d8a35d3d9b7cfcb96128d82f3
602188f8cce8773e5a2d52333ef4638b6006f9871bab1763932fff29cf0ee6cc
6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8
6592af579960d0ad378af8e0930891adf9fb2608986f9847de3d387606c03082
6902710997bc288947449126ee6535e1aff79396a1ff4ed3287a756f0c89f228
6d2b20daea3d33d0635e3c42fa243e8c5138eff187e5bc99b01bc57022eb91d1
7a03eeb209c838a282277fd9affeb47c03b1c95c00164c65bdafd5046bba98fd
812e3096df0f1d9f563825f342d517a96e3e37ff4c1eac80939740c86f730cfd
816d4f96e309665b705e074c282d83d49720526c3d5433db418670d78c121ff3
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8f674c07db40d0c0cc84aaa712802d2e8c6c00b5c8f9932f215a906c0e9f502b
9e3ecd4d4b7df452f388720e803f1ff88437028ce4ff06aa28a6b9df1bc5ef11
acc61bdbd5f5f058bc46be02ebed5542ff70563655ab3d10a61afc5751612cd5
cb1fd342415b8e03808534146a27d543affdb6434133000e861a9e20a15c43de
da56c140f2aff86b9c7e5dd6557888b38ae3bf608cf88ad80e41009ebd75c523
dd98ff739138c05693b76f909568d4a7bd558c7612f943571db6cbac1ebf0e16
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ed16fa3a22d2b0c3c773c71f4d12212522494e8bb20e3e7c9f72d0aba419dba0
f2a9e4801e552f3d9b2d8eb979e97e84f05c89a6eea43e24b78cb20de5ed6cdd
f4dc06d79a4bcfb87f7e75d8bf3287f6f361d61c571289a37af3cecc3a9881b0
f8add30c39a89f5e92aa555d5968f1b0439c28fb63057e077fb56ffcc4636e4d
fd15646c690d781523c8dbe3bcd46d1f922e6a7bb1bcdbcb0b2057c119494375

barid.com Open in urlscan Pro 193.201.172.97 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

49 Requests

39 %HTTPS

0 %IPv6

10 Domains

13 Subdomains

14 IPs

3 Countries

918 kBTransfer

2673 kBSize

14 Cookies

2 Outgoing links

Page URL History

Redirected requests

49 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

barid.com Open in urlscan Pro
193.201.172.97 Public Scan

Screenshot
Live screenshot

Full Image

49
Requests

39 %
HTTPS

0 %
IPv6

10
Domains

13
Subdomains

14
IPs

3
Countries

918 kB
Transfer

2673 kB
Size

14
Cookies

49 HTTP transactions
1 data transactions