carisma-shop.com Open in urlscan Pro
2606:4700:20::681a:179  Malicious Activity! Public Scan

Submitted URL: https://kolhida.bg/ads/redirect.php?url=http%3A%2F%2Fpeachlifecoaching.org%2Fa6TxZq8dpxDsLMD5
Effective URL: https://carisma-shop.com/mun-ah/online.rbb.bg/
Submission: On May 26 via api from US

Summary

This website contacted 2 IPs in 4 countries across 4 domains to perform 25 HTTP transactions. The main IP is 2606:4700:20::681a:179, located in United States and belongs to CLOUDFLARENET, US. The main domain is carisma-shop.com.
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on February 10th 2020. Valid for: 8 months.
This is the only time carisma-shop.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Raiffeisen Bank (Banking)

Domain & IP information

IP Address AS Autonomous System
1 1 185.80.1.113 201200 (SUPERHOST...)
2 2 138.68.179.19 14061 (DIGITALOC...)
24 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
25 2
Apex Domain
Subdomains
Transfer
24 carisma-shop.com
carisma-shop.com
435 KB
2 peachlifecoaching.org
peachlifecoaching.org
449 B
1 youtube.com
www.youtube.com
1 kolhida.bg
kolhida.bg
107 B
25 4
Domain Requested by
24 carisma-shop.com carisma-shop.com
2 peachlifecoaching.org 2 redirects
1 www.youtube.com carisma-shop.com
1 kolhida.bg 1 redirects
25 4

This site contains links to these domains. Also see Links.

Domain
www.izberi.rbb.bg
youtu.be
www.rbb.bg
www.rbinternational.com
www.rlbg.bg
www.ram.bg
www.youtube.com
Subject Issuer Validity Valid
sni.cloudflaressl.com
CloudFlare Inc ECC CA-2
2020-02-10 -
2020-10-09
8 months crt.sh
*.google.com
GTS CA 1O1
2020-05-05 -
2020-07-28
3 months crt.sh

This page contains 2 frames:

Primary Page: https://carisma-shop.com/mun-ah/online.rbb.bg/
Frame ID: CD5702A79A61BA09D83E300097AE73FF
Requests: 24 HTTP requests in this frame

Frame: https://www.youtube.com/embed/u48tAZeI3io
Frame ID: 29882721B8EAD7DCBA846364A49109BE
Requests: 1 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. https://kolhida.bg/ads/redirect.php?url=http%3A%2F%2Fpeachlifecoaching.org%2Fa6TxZq8dpxDsLMD5 HTTP 302
    http://peachlifecoaching.org/a6TxZq8dpxDsLMD5 HTTP 301
    http://peachlifecoaching.org/a6TxZq8dpxDsLMD5/ HTTP 302
    https://carisma-shop.com/mun-ah/online.rbb.bg/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • url /\.php(?:$|\?)/i

Overall confidence: 100%
Detected patterns
  • script /require.*\.js/i

Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i

Page Statistics

25
Requests

100 %
HTTPS

50 %
IPv6

4
Domains

4
Subdomains

2
IPs

4
Countries

435 kB
Transfer

887 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://kolhida.bg/ads/redirect.php?url=http%3A%2F%2Fpeachlifecoaching.org%2Fa6TxZq8dpxDsLMD5 HTTP 302
    http://peachlifecoaching.org/a6TxZq8dpxDsLMD5 HTTP 301
    http://peachlifecoaching.org/a6TxZq8dpxDsLMD5/ HTTP 302
    https://carisma-shop.com/mun-ah/online.rbb.bg/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

25 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
carisma-shop.com/mun-ah/online.rbb.bg/
Redirect Chain
  • https://kolhida.bg/ads/redirect.php?url=http%3A%2F%2Fpeachlifecoaching.org%2Fa6TxZq8dpxDsLMD5
  • http://peachlifecoaching.org/a6TxZq8dpxDsLMD5
  • http://peachlifecoaching.org/a6TxZq8dpxDsLMD5/
  • https://carisma-shop.com/mun-ah/online.rbb.bg/
35 KB
6 KB
Document
General
Full URL
https://carisma-shop.com/mun-ah/online.rbb.bg/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:179 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a32c898212ce9414ad4655e170a212397a46e8942c904e14743286a3d7c24037
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

:method
GET
:authority
carisma-shop.com
:scheme
https
:path
/mun-ah/online.rbb.bg/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Tue, 26 May 2020 14:43:29 GMT
content-type
text/html
set-cookie
__cfduid=d8386fe79713f7be336e3a2bfb503ff221590504209; expires=Thu, 25-Jun-20 14:43:29 GMT; path=/; domain=.carisma-shop.com; HttpOnly; SameSite=Lax; Secure
vary
Accept-Encoding
last-modified
Mon, 25 May 2020 12:09:10 GMT
cf-cache-status
DYNAMIC
cf-request-id
02f309557900001f413891d200000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
x-content-type-options
nosniff
server
cloudflare
cf-ray
599844cf2b2c1f41-FRA
content-encoding
br

Redirect headers

Server
nginx
Date
Tue, 26 May 2020 14:43:29 GMT
Content-Type
text/html; charset=UTF-8
Content-Length
0
Connection
keep-alive
Location
https://carisma-shop.com/mun-ah/online.rbb.bg/
smartbanner.min.css
carisma-shop.com/mun-ah/online.rbb.bg/Content/css/smartbanner/
12 KB
4 KB
Stylesheet
General
Full URL
https://carisma-shop.com/mun-ah/online.rbb.bg/Content/css/smartbanner/smartbanner.min.css
Requested by
Host: carisma-shop.com
URL: https://carisma-shop.com/mun-ah/online.rbb.bg/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:179 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1af1054fde4c9fa4ab8cd305fb5d88dda8124e214556b1338bfbb0a5b762cb75
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://carisma-shop.com/mun-ah/online.rbb.bg/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 26 May 2020 14:43:30 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
2984
status
200
vary
Accept-Encoding
cf-request-id
02f309567d00001f413894e200000001
last-modified
Mon, 25 May 2020 12:09:10 GMT
server
cloudflare
etag
W/"2f2a-5a677d8b5df92"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
content-type
text/css
cache-control
max-age=14400
cf-ray
599844d0cfa71f41-FRA
style.min.css
carisma-shop.com/mun-ah/online.rbb.bg/Content/css/
369 KB
45 KB
Stylesheet
General
Full URL
https://carisma-shop.com/mun-ah/online.rbb.bg/Content/css/style.min.css
Requested by
Host: carisma-shop.com
URL: https://carisma-shop.com/mun-ah/online.rbb.bg/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:179 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
11e91af5e9bb7f2fafac07f7dbc27eed34238213f4d5f71b7f0f85129275e929
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://carisma-shop.com/mun-ah/online.rbb.bg/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 26 May 2020 14:43:30 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
2984
status
200
vary
Accept-Encoding
cf-request-id
02f309567e00001f413894f200000001
last-modified
Mon, 25 May 2020 12:09:10 GMT
server
cloudflare
etag
W/"5c498-5a677d8b5ef32"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
content-type
text/css
cache-control
max-age=14400
cf-ray
599844d0cfa91f41-FRA
require.js
carisma-shop.com/mun-ah/online.rbb.bg/Scripts/libs/
86 KB
20 KB
Script
General
Full URL
https://carisma-shop.com/mun-ah/online.rbb.bg/Scripts/libs/require.js
Requested by
Host: carisma-shop.com
URL: https://carisma-shop.com/mun-ah/online.rbb.bg/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:179 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
07311a5d21599d827142e7551c4a9c2a69db5a0f3b7a54b1d1dc4485cb8a5d1a
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://carisma-shop.com/mun-ah/online.rbb.bg/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 26 May 2020 14:43:30 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
2984
status
200
vary
Accept-Encoding
cf-request-id
02f309567f00001f4138950200000001
last-modified
Mon, 25 May 2020 12:09:10 GMT
server
cloudflare
etag
W/"15951-5a677d8b69b14"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
content-type
application/javascript
cache-control
max-age=14400
cf-ray
599844d0cfaa1f41-FRA
promise.js
carisma-shop.com/mun-ah/online.rbb.bg/Scripts/libs/
6 KB
2 KB
Script
General
Full URL
https://carisma-shop.com/mun-ah/online.rbb.bg/Scripts/libs/promise.js
Requested by
Host: carisma-shop.com
URL: https://carisma-shop.com/mun-ah/online.rbb.bg/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:179 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9fbbf200dbf021f29455b9d6d7f30684651c947c2a4efb2d25c899ba8aa0305b
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://carisma-shop.com/mun-ah/online.rbb.bg/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 26 May 2020 14:43:30 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
2984
status
200
vary
Accept-Encoding
cf-request-id
02f309568100001f4138952200000001
last-modified
Mon, 25 May 2020 12:09:10 GMT
server
cloudflare
etag
W/"185b-5a677d8b69b14"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
content-type
application/javascript
cache-control
max-age=14400
cf-ray
599844d0cfaf1f41-FRA
smartbanner.min.js
carisma-shop.com/mun-ah/online.rbb.bg/Scripts/libs/
12 KB
3 KB
Script
General
Full URL
https://carisma-shop.com/mun-ah/online.rbb.bg/Scripts/libs/smartbanner.min.js
Requested by
Host: carisma-shop.com
URL: https://carisma-shop.com/mun-ah/online.rbb.bg/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:179 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
904c302cb2ccd19750872336d4c39fbd7d2bc96a032f26822b2331e40ef0b181
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://carisma-shop.com/mun-ah/online.rbb.bg/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 26 May 2020 14:43:30 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
2984
status
200
vary
Accept-Encoding
cf-request-id
02f309568100001f4138953200000001
last-modified
Mon, 25 May 2020 12:09:10 GMT
server
cloudflare
etag
W/"3182-5a677d8b69b14"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
content-type
application/javascript
cache-control
max-age=14400
cf-ray
599844d0cfb01f41-FRA
fb.png
carisma-shop.com/mun-ah/online.rbb.bg/Content/images/
291 B
523 B
Image
General
Full URL
https://carisma-shop.com/mun-ah/online.rbb.bg/Content/images/fb.png
Requested by
Host: carisma-shop.com
URL: https://carisma-shop.com/mun-ah/online.rbb.bg/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:179 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3333395f393164d71cbce871f6b2be53b3103cf2602984ee3c8190ff48f4c830
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://carisma-shop.com/mun-ah/online.rbb.bg/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 26 May 2020 14:43:30 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
2984
status
200
vary
Accept-Encoding
content-length
291
cf-request-id
02f30956b800001f413895b200000001
last-modified
Mon, 25 May 2020 12:09:10 GMT
server
cloudflare
etag
"123-5a677d8b66c33"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
599844d1287d1f41-FRA
youtube.png
carisma-shop.com/mun-ah/online.rbb.bg/Content/images/
344 B
450 B
Image
General
Full URL
https://carisma-shop.com/mun-ah/online.rbb.bg/Content/images/youtube.png
Requested by
Host: carisma-shop.com
URL: https://carisma-shop.com/mun-ah/online.rbb.bg/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:179 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4790fb5310a230878b624fa3e977c791051268f788cf0eeeed7bcf1e8c289cd4
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://carisma-shop.com/mun-ah/online.rbb.bg/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 26 May 2020 14:43:30 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
2984
status
200
vary
Accept-Encoding
content-length
344
cf-request-id
02f30956c400001f413895e200000001
last-modified
Mon, 25 May 2020 12:09:10 GMT
server
cloudflare
etag
"158-5a677d8b67bd4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
599844d138bd1f41-FRA
linkedin.png
carisma-shop.com/mun-ah/online.rbb.bg/Content/images/
295 B
400 B
Image
General
Full URL
https://carisma-shop.com/mun-ah/online.rbb.bg/Content/images/linkedin.png
Requested by
Host: carisma-shop.com
URL: https://carisma-shop.com/mun-ah/online.rbb.bg/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:179 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8766ee9d4e1b82f102c7282685e6f0b2c4fa91bf28fba8f722a438a740bfe358
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://carisma-shop.com/mun-ah/online.rbb.bg/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 26 May 2020 14:43:30 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
2984
status
200
vary
Accept-Encoding
content-length
295
cf-request-id
02f30956e900001f4138962200000001
last-modified
Mon, 25 May 2020 12:09:10 GMT
server
cloudflare
etag
"127-5a677d8b66c33"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
599844d179541f41-FRA
twitter.png
carisma-shop.com/mun-ah/online.rbb.bg/Content/images/
1 KB
1 KB
Image
General
Full URL
https://carisma-shop.com/mun-ah/online.rbb.bg/Content/images/twitter.png
Requested by
Host: carisma-shop.com
URL: https://carisma-shop.com/mun-ah/online.rbb.bg/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:179 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bba7e0c0befd437d855e6d1e2095dee55a201b407be60ce943a53faf315cd7c1
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://carisma-shop.com/mun-ah/online.rbb.bg/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 26 May 2020 14:43:30 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
2984
status
200
vary
Accept-Encoding
content-length
1196
cf-request-id
02f30956eb00001f4138963200000001
last-modified
Mon, 25 May 2020 12:09:10 GMT
server
cloudflare
etag
"4ac-5a677d8b67bd4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
599844d1795d1f41-FRA
instagram.png
carisma-shop.com/mun-ah/online.rbb.bg/Content/images/
323 B
428 B
Image
General
Full URL
https://carisma-shop.com/mun-ah/online.rbb.bg/Content/images/instagram.png
Requested by
Host: carisma-shop.com
URL: https://carisma-shop.com/mun-ah/online.rbb.bg/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:179 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a1c6b668bd68eaa6f1438dbb4ec1f8e5bcffbee4833992f30fa19409ce601507
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://carisma-shop.com/mun-ah/online.rbb.bg/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 26 May 2020 14:43:30 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
2984
status
200
vary
Accept-Encoding
content-length
323
cf-request-id
02f30956ff00001f4138969200000001
last-modified
Mon, 25 May 2020 12:09:10 GMT
server
cloudflare
etag
"143-5a677d8b66c33"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
599844d199b11f41-FRA
viber.png
carisma-shop.com/mun-ah/online.rbb.bg/Content/images/
1 KB
1 KB
Image
General
Full URL
https://carisma-shop.com/mun-ah/online.rbb.bg/Content/images/viber.png
Requested by
Host: carisma-shop.com
URL: https://carisma-shop.com/mun-ah/online.rbb.bg/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:179 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ea2658517b34337b535a2a5206391c71fcde18ca46d0adabf2756d4911ac12c4
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://carisma-shop.com/mun-ah/online.rbb.bg/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 26 May 2020 14:43:30 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
2984
status
200
vary
Accept-Encoding
content-length
1313
cf-request-id
02f30956ff00001f413896a200000001
last-modified
Mon, 25 May 2020 12:09:10 GMT
server
cloudflare
etag
"521-5a677d8b67bd4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
599844d199b81f41-FRA
rbb-blog.png
carisma-shop.com/mun-ah/online.rbb.bg/Content/images/
1 KB
1 KB
Image
General
Full URL
https://carisma-shop.com/mun-ah/online.rbb.bg/Content/images/rbb-blog.png
Requested by
Host: carisma-shop.com
URL: https://carisma-shop.com/mun-ah/online.rbb.bg/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:179 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c0e179357c02bd1bedefd8592140ad69463a322361467c828f8779900cf3aba4
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://carisma-shop.com/mun-ah/online.rbb.bg/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 26 May 2020 14:43:30 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
2984
status
200
vary
Accept-Encoding
content-length
1364
cf-request-id
02f30956ff00001f413896b200000001
last-modified
Mon, 25 May 2020 12:09:10 GMT
server
cloudflare
etag
"554-5a677d8b66c33"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
599844d199bf1f41-FRA
u48tAZeI3io
www.youtube.com/embed/ Frame 2988
0
0
Document
General
Full URL
https://www.youtube.com/embed/u48tAZeI3io
Requested by
Host: carisma-shop.com
URL: https://carisma-shop.com/mun-ah/online.rbb.bg/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
YouTube Frontend Proxy /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.youtube.com
:scheme
https
:path
/embed/u48tAZeI3io
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://carisma-shop.com/mun-ah/online.rbb.bg/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://carisma-shop.com/mun-ah/online.rbb.bg/

Response headers

status
200
strict-transport-security
max-age=31536000
cache-control
no-cache
x-content-type-options
nosniff
expires
Tue, 27 Apr 1971 19:44:06 GMT
content-type
text/html; charset=utf-8
content-encoding
br
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
date
Tue, 26 May 2020 14:43:30 GMT
server
YouTube Frontend Proxy
x-xss-protection
0
set-cookie
VISITOR_INFO1_LIVE=1IJszcR1Ynk; path=/; domain=.youtube.com; secure; expires=Sun, 22-Nov-2020 14:43:30 GMT; httponly; samesite=None VISITOR_INFO1_LIVE=1IJszcR1Ynk; path=/; domain=.youtube.com; secure; expires=Sun, 22-Nov-2020 14:43:30 GMT; httponly; samesite=None YSC=NgexWtmLBvM; path=/; domain=.youtube.com; secure; httponly; samesite=None GPS=1; path=/; domain=.youtube.com; expires=Tue, 26-May-2020 15:13:30 GMT
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
bg-body.png
carisma-shop.com/mun-ah/online.rbb.bg/Content/images/
33 KB
33 KB
Image
General
Full URL
https://carisma-shop.com/mun-ah/online.rbb.bg/Content/images/bg-body.png
Requested by
Host: carisma-shop.com
URL: https://carisma-shop.com/mun-ah/online.rbb.bg/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:179 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
975a67bfdded2b81ee5e32452eda5cdcb5d407fc20e8e484da8740220cd52b0c
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://carisma-shop.com/mun-ah/online.rbb.bg/Content/css/style.min.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 26 May 2020 14:43:30 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
2984
status
200
vary
Accept-Encoding
content-length
33870
cf-request-id
02f309571900001f413896f200000001
last-modified
Mon, 25 May 2020 12:09:10 GMT
server
cloudflare
etag
"844e-5a677d8b65c93"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
599844d1ca2e1f41-FRA
logo-rbb-white-bg.svg
carisma-shop.com/mun-ah/online.rbb.bg/Content/svg/
10 KB
4 KB
Image
General
Full URL
https://carisma-shop.com/mun-ah/online.rbb.bg/Content/svg/logo-rbb-white-bg.svg
Requested by
Host: carisma-shop.com
URL: https://carisma-shop.com/mun-ah/online.rbb.bg/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:179 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
89dff036ab45ec3efd6e551ab3679501670c50882bcb04e3aefbc787983773b0
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://carisma-shop.com/mun-ah/online.rbb.bg/Content/css/style.min.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 26 May 2020 14:43:30 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
2984
status
200
vary
Accept-Encoding
cf-request-id
02f309571a00001f4138970200000001
last-modified
Mon, 25 May 2020 12:09:10 GMT
server
cloudflare
etag
W/"274d-5a677d8b68b74"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
content-type
image/svg+xml
cache-control
max-age=14400
cf-ray
599844d1ca361f41-FRA
RBB_1920x500_2.jpg
carisma-shop.com/mun-ah/online.rbb.bg/Content/images/
159 KB
159 KB
Image
General
Full URL
https://carisma-shop.com/mun-ah/online.rbb.bg/Content/images/RBB_1920x500_2.jpg
Requested by
Host: carisma-shop.com
URL: https://carisma-shop.com/mun-ah/online.rbb.bg/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:179 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fb6d9913fdfd75348edf598b959631ab33d4cdfc3bd531939170811e722f71f9
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://carisma-shop.com/mun-ah/online.rbb.bg/Content/css/style.min.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 26 May 2020 14:43:30 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
1274
status
200
vary
Accept-Encoding
content-length
162763
cf-request-id
02f309571f00001f4138972200000001
last-modified
Mon, 25 May 2020 12:09:10 GMT
server
cloudflare
etag
"27bcb-5a677d8b67bd4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
599844d1ca471f41-FRA
cf-bgj
h2pri
326381_1_0.woff
carisma-shop.com/mun-ah/online.rbb.bg/Content/fonts/webfonts/
43 KB
43 KB
Font
General
Full URL
https://carisma-shop.com/mun-ah/online.rbb.bg/Content/fonts/webfonts/326381_1_0.woff
Requested by
Host: carisma-shop.com
URL: https://carisma-shop.com/mun-ah/online.rbb.bg/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:179 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cfbe041dcde6485921f668c97c7ccf6c4469013776e0c0e08a0d06dc1c5f4c43
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://carisma-shop.com/mun-ah/online.rbb.bg/Content/css/style.min.css
Origin
https://carisma-shop.com

Response headers

date
Tue, 26 May 2020 14:43:30 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
1708
status
200
vary
Accept-Encoding
content-length
43620
cf-request-id
02f309573800001f4138975200000001
last-modified
Mon, 25 May 2020 12:09:10 GMT
server
cloudflare
etag
"aa64-5a677d8b61e13"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
content-type
font/woff
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
599844d1faab1f41-FRA
FuturaPT-Medium.woff
carisma-shop.com/mun-ah/online.rbb.bg/Content/fonts/webfonts/
42 KB
42 KB
Font
General
Full URL
https://carisma-shop.com/mun-ah/online.rbb.bg/Content/fonts/webfonts/FuturaPT-Medium.woff
Requested by
Host: carisma-shop.com
URL: https://carisma-shop.com/mun-ah/online.rbb.bg/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:179 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dede30e9d41158bdc0427e2305bc2c851ca4d194548d9742c3f795bab981a5e4
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://carisma-shop.com/mun-ah/online.rbb.bg/Content/css/style.min.css
Origin
https://carisma-shop.com

Response headers

date
Tue, 26 May 2020 14:43:30 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
1708
status
200
vary
Accept-Encoding
content-length
42816
cf-request-id
02f309573800001f4138976200000001
last-modified
Mon, 25 May 2020 12:09:10 GMT
server
cloudflare
etag
"a740-5a677d8b65c93"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
content-type
font/woff
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
599844d1faac1f41-FRA
326381_0_0.woff
carisma-shop.com/mun-ah/online.rbb.bg/Content/fonts/webfonts/
41 KB
41 KB
Font
General
Full URL
https://carisma-shop.com/mun-ah/online.rbb.bg/Content/fonts/webfonts/326381_0_0.woff
Requested by
Host: carisma-shop.com
URL: https://carisma-shop.com/mun-ah/online.rbb.bg/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:179 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b00f22482408e0b6170728197b4c40db15b62ee9e37f79cdb0afa76cae772895
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://carisma-shop.com/mun-ah/online.rbb.bg/Content/css/style.min.css
Origin
https://carisma-shop.com

Response headers

date
Tue, 26 May 2020 14:43:30 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
1708
status
200
vary
Accept-Encoding
content-length
41737
cf-request-id
02f309573800001f4138977200000001
last-modified
Mon, 25 May 2020 12:09:10 GMT
server
cloudflare
etag
"a309-5a677d8b60e73"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
content-type
font/woff
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
599844d1fab21f41-FRA
iconset-rbbd5c3.ttf
carisma-shop.com/mun-ah/online.rbb.bg/Content/fonts/iconset-rbb/
19 KB
11 KB
Font
General
Full URL
https://carisma-shop.com/mun-ah/online.rbb.bg/Content/fonts/iconset-rbb/iconset-rbbd5c3.ttf?wxo579
Requested by
Host: carisma-shop.com
URL: https://carisma-shop.com/mun-ah/online.rbb.bg/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:179 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9706e1917a0f349757a1f8270a765d92239e55897bafdcc56b340c916dcdf5e2
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://carisma-shop.com/mun-ah/online.rbb.bg/Content/css/style.min.css
Origin
https://carisma-shop.com

Response headers

date
Tue, 26 May 2020 14:43:30 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
1708
status
200
vary
Accept-Encoding
cf-request-id
02f309573800001f4138978200000001
last-modified
Mon, 25 May 2020 12:09:10 GMT
server
cloudflare
etag
W/"4c9c-5a677d8b5fed2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
content-type
font/ttf
cache-control
max-age=14400
cf-ray
599844d1fab51f41-FRA
mobileApp.png
carisma-shop.com/mun-ah/online.rbb.bg/Content/images/
9 KB
9 KB
Image
General
Full URL
https://carisma-shop.com/mun-ah/online.rbb.bg/Content/images/mobileApp.png
Requested by
Host: carisma-shop.com
URL: https://carisma-shop.com/mun-ah/online.rbb.bg/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:179 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b2b769bc93904f1ed851dd0c266c5a14ae9fca670ec9cc39fa00065286fb1ae4
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://carisma-shop.com/mun-ah/online.rbb.bg/Content/css/style.min.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 26 May 2020 14:43:31 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
2985
status
200
vary
Accept-Encoding
content-length
9051
cf-request-id
02f3095a7f00001f41389e4200000001
last-modified
Mon, 25 May 2020 12:09:10 GMT
server
cloudflare
etag
"235b-5a677d8b66c33"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
599844d739ef1f41-FRA
app-store-bg.png
carisma-shop.com/mun-ah/online.rbb.bg/Content/images/
3 KB
3 KB
Image
General
Full URL
https://carisma-shop.com/mun-ah/online.rbb.bg/Content/images/app-store-bg.png
Requested by
Host: carisma-shop.com
URL: https://carisma-shop.com/mun-ah/online.rbb.bg/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:179 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5c95c6c1193ef4afdf14770fe02d2f008be731d477b38ad44e3a497241984696
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://carisma-shop.com/mun-ah/online.rbb.bg/Content/css/style.min.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 26 May 2020 14:43:31 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
2985
status
200
vary
Accept-Encoding
content-length
3127
cf-request-id
02f3095a8c00001f41389e5200000001
last-modified
Mon, 25 May 2020 12:09:10 GMT
server
cloudflare
etag
"c37-5a677d8b65c93"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
599844d74a2a1f41-FRA
google-play-bg.png
carisma-shop.com/mun-ah/online.rbb.bg/Content/images/
4 KB
4 KB
Image
General
Full URL
https://carisma-shop.com/mun-ah/online.rbb.bg/Content/images/google-play-bg.png
Requested by
Host: carisma-shop.com
URL: https://carisma-shop.com/mun-ah/online.rbb.bg/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:179 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c84158c02aa08b902be924e5b9b81fd349cd09510aa72710c70a6d55ac931fcd
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://carisma-shop.com/mun-ah/online.rbb.bg/Content/css/style.min.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 26 May 2020 14:43:31 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
2985
status
200
vary
Accept-Encoding
content-length
3783
cf-request-id
02f3095a8d00001f41389e7200000001
last-modified
Mon, 25 May 2020 12:09:10 GMT
server
cloudflare
etag
"ec7-5a677d8b66c33"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
599844d74a301f41-FRA
common.js
carisma-shop.com/Scripts/
0
0
Script
General
Full URL
https://carisma-shop.com/Scripts/common.js
Requested by
Host: carisma-shop.com
URL: https://carisma-shop.com/mun-ah/online.rbb.bg/Scripts/libs/require.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:179 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://carisma-shop.com/mun-ah/online.rbb.bg/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 26 May 2020 14:43:31 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/html; charset=iso-8859-1
status
404
cache-control
max-age=14400
strict-transport-security
max-age=0; includeSubDomains; preload
cf-ray
599844d75a631f41-FRA
cf-request-id
02f3095a9300001f41389ea200000001

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Raiffeisen Bank (Banking)

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate function| requirejs function| require function| define

4 Cookies

Domain/Path Name / Value
.youtube.com/ Name: GPS
Value: 1
.youtube.com/ Name: YSC
Value: NgexWtmLBvM
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: 1IJszcR1Ynk
.carisma-shop.com/ Name: __cfduid
Value: d079a71e9dd1bc8b013762ae7dbc8b0711590504210

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

carisma-shop.com
kolhida.bg
peachlifecoaching.org
www.youtube.com
138.68.179.19
185.80.1.113
2606:4700:20::681a:179
2a00:1450:4001:806::200e
07311a5d21599d827142e7551c4a9c2a69db5a0f3b7a54b1d1dc4485cb8a5d1a
11e91af5e9bb7f2fafac07f7dbc27eed34238213f4d5f71b7f0f85129275e929
1af1054fde4c9fa4ab8cd305fb5d88dda8124e214556b1338bfbb0a5b762cb75
3333395f393164d71cbce871f6b2be53b3103cf2602984ee3c8190ff48f4c830
4790fb5310a230878b624fa3e977c791051268f788cf0eeeed7bcf1e8c289cd4
5c95c6c1193ef4afdf14770fe02d2f008be731d477b38ad44e3a497241984696
8766ee9d4e1b82f102c7282685e6f0b2c4fa91bf28fba8f722a438a740bfe358
89dff036ab45ec3efd6e551ab3679501670c50882bcb04e3aefbc787983773b0
904c302cb2ccd19750872336d4c39fbd7d2bc96a032f26822b2331e40ef0b181
9706e1917a0f349757a1f8270a765d92239e55897bafdcc56b340c916dcdf5e2
975a67bfdded2b81ee5e32452eda5cdcb5d407fc20e8e484da8740220cd52b0c
9fbbf200dbf021f29455b9d6d7f30684651c947c2a4efb2d25c899ba8aa0305b
a1c6b668bd68eaa6f1438dbb4ec1f8e5bcffbee4833992f30fa19409ce601507
a32c898212ce9414ad4655e170a212397a46e8942c904e14743286a3d7c24037
b00f22482408e0b6170728197b4c40db15b62ee9e37f79cdb0afa76cae772895
b2b769bc93904f1ed851dd0c266c5a14ae9fca670ec9cc39fa00065286fb1ae4
bba7e0c0befd437d855e6d1e2095dee55a201b407be60ce943a53faf315cd7c1
c0e179357c02bd1bedefd8592140ad69463a322361467c828f8779900cf3aba4
c84158c02aa08b902be924e5b9b81fd349cd09510aa72710c70a6d55ac931fcd
cfbe041dcde6485921f668c97c7ccf6c4469013776e0c0e08a0d06dc1c5f4c43
dede30e9d41158bdc0427e2305bc2c851ca4d194548d9742c3f795bab981a5e4
ea2658517b34337b535a2a5206391c71fcde18ca46d0adabf2756d4911ac12c4
fb6d9913fdfd75348edf598b959631ab33d4cdfc3bd531939170811e722f71f9