URL: http://shrew-soft-vpn-client.findmysoft.com/
Submission: On May 10 via manual from IT — Scanned from IT

Summary

This website contacted 78 IPs in 10 countries across 92 domains to perform 161 HTTP transactions. The main IP is 52.73.84.74, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is shrew-soft-vpn-client.findmysoft.com.
This is the only time shrew-soft-vpn-client.findmysoft.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
13 52.73.84.74 14618 (AMAZON-AES)
8 108.138.17.120 16509 (AMAZON-02)
1 192.102.6.94 57682 (HVDS-AS)
1 35.186.251.103 15169 (GOOGLE)
2 2a03:2880:f08... 32934 (FACEBOOK)
1 2 2a00:1450:400... 15169 (GOOGLE)
1 2 2a00:1450:400... 15169 (GOOGLE)
30 34 142.132.202.70 24940 (HETZNER-AS)
1 6 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:21f... 16509 (AMAZON-02)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 3 2a00:1450:400... 15169 (GOOGLE)
1 1 18.66.97.49 16509 (AMAZON-02)
1 18.66.97.53 16509 (AMAZON-02)
11 2400:52e0:1e0... 200325 (BUNNYCDN)
2 2a00:1450:400... 15169 (GOOGLE)
1 52.216.33.89 16509 (AMAZON-02)
1 1 176.9.60.211 24940 (HETZNER-AS)
1 17 104.102.42.226 16625 (AKAMAI-AS)
1 2a00:1450:400... 15169 (GOOGLE)
1 34.120.45.191 396982 (GOOGLE-CL...)
1 1 2600:9000:223... 16509 (AMAZON-02)
1 2600:9000:225... 16509 (AMAZON-02)
1 1 52.84.150.36 16509 (AMAZON-02)
1 13.224.189.39 16509 (AMAZON-02)
1 2a02:26f0:480... 20940 (AKAMAI-ASN1)
1 2 151.101.129.29 54113 (FASTLY)
1 217.16.189.39 43541 (VSHOSTING)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 2 195.85.23.89 209242 (CLOUDFLAR...)
1 1 31.192.112.221 48684 (VIKINGHOST)
1 195.85.23.96 209242 (CLOUDFLAR...)
3 3 52.49.136.217 16509 (AMAZON-02)
1 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
2 3 104.18.7.193 13335 (CLOUDFLAR...)
1 23.201.245.174 16625 (AKAMAI-AS)
1 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
1 2 23.36.162.214 20940 (AKAMAI-ASN1)
1 2 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2 2a04:4e42::285 54113 (FASTLY)
1 1 148.251.234.93 24940 (HETZNER-AS)
1 44.236.126.204 16509 (AMAZON-02)
1 104.22.54.190 13335 (CLOUDFLAR...)
1 2.23.196.184 16625 (AKAMAI-AS)
1 151.101.193.29 54113 (FASTLY)
2 3 23.41.180.10 16625 (AKAMAI-AS)
1 2600:9000:249... 16509 (AMAZON-02)
1 163.181.56.169 24429 (TAOBAO Zh...)
1 185.117.134.138 204006 (IQOPTION)
1 2.16.187.90 20940 (AKAMAI-ASN1)
1 2 104.16.106.108 13335 (CLOUDFLAR...)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
1 23.197.132.154 16625 (AKAMAI-AS)
1 2 2606:4700:311... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2 18.66.122.40 16509 (AMAZON-02)
1 13.32.27.64 16509 (AMAZON-02)
1 2606:4700:440... 13335 (CLOUDFLAR...)
1 2606:4700::68... ()
1 2 18.66.97.69 16509 (AMAZON-02)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
1 1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2 104.111.216.81 16625 (AKAMAI-AS)
1 1 99.81.52.213 16509 (AMAZON-02)
1 45.223.19.47 19551 (INCAPSULA)
1 104.160.64.8 46469 (GETRESPON...)
1 72.246.169.121 16625 (AKAMAI-AS)
1 23.45.103.78 ()
1 2 104.18.254.23 ()
1 104.26.14.122 ()
1 31.177.17.3 197651 (THEHUTGRO...)
1 23.45.99.31 ()
1 2a02:26f0:6c0... ()
1 2600:9000:225... ()
1 23.45.238.185 ()
7 163.181.56.193 24429 (TAOBAO Zh...)
2 2408:4001:f10... ()
8 47.246.110.43 45102 (ALIBABA-C...)
1 47.246.146.68 45102 (ALIBABA-C...)
3 34.220.132.2 16509 (AMAZON-02)
1 2a00:1450:400... ()
1 2a00:1450:400... ()
2 4 2a03:2880:f08... ()
1 151.101.64.84 ()
1 1 2a04:4e42:200... ()
1 151.101.65.140 ()
161 78
Apex Domain
Subdomains
Transfer
29 hlmiq.com
hlmiq.com — Cisco Umbrella Rank: 246504
14 KB
21 alicdn.com
assets.alicdn.com — Cisco Umbrella Rank: 10749
g.alicdn.com — Cisco Umbrella Rank: 6095
ae01.alicdn.com — Cisco Umbrella Rank: 5955
aeis.alicdn.com — Cisco Umbrella Rank: 18534
598 KB
21 findmysoft.com
shrew-soft-vpn-client.findmysoft.com
www.findmysoft.com
img.findmysoft.com
194 KB
13 sumo.com
load.sumo.com — Cisco Umbrella Rank: 13918
sumo.com — Cisco Umbrella Rank: 12819
355 KB
13 google.com
apis.google.com — Cisco Umbrella Rank: 124
www.google.com — Cisco Umbrella Rank: 2
developers.google.com — Cisco Umbrella Rank: 12371
accounts.google.com — Cisco Umbrella Rank: 40
clients6.google.com
138 KB
8 mmstat.com
ae.mmstat.com — Cisco Umbrella Rank: 16043
1 KB
4 facebook.com
graph.facebook.com
api.facebook.com
2 KB
4 aliexpress.com
s.click.aliexpress.com — Cisco Umbrella Rank: 21371
login.aliexpress.com — Cisco Umbrella Rank: 17272
de-wum.aliexpress.com — Cisco Umbrella Rank: 61054
17 KB
4 odnaknopka.ru
odnaknopka.ru — Cisco Umbrella Rank: 297651
2 KB
3 armani.com
www.armani.com — Cisco Umbrella Rank: 176666
4 KB
3 iherb.com
www.iherb.com — Cisco Umbrella Rank: 58292
it1.iherb.com
1 KB
3 tradedoubler.com
redirects.tradedoubler.com — Cisco Umbrella Rank: 133361
1 KB
3 bongacams.com
bongacams.com — Cisco Umbrella Rank: 48572
it.bongacams.com
1 KB
2 reddit.com
reddit.com
www.reddit.com
2 KB
2 taobao.com
fourier.taobao.com
2 KB
2 fiverr.com
www.fiverr.com
block.fiverr.com
2 KB
2 marriott.it
www.marriott.it — Cisco Umbrella Rank: 263252
373 B
2 airhelp.com
www.airhelp.com — Cisco Umbrella Rank: 606067
282 B
2 monday.com
monday.com — Cisco Umbrella Rank: 12031
951 B
2 interflora.it
www.interflora.it
454 B
2 stripchat.com
stripchat.com — Cisco Umbrella Rank: 16153
it.stripchat.com
349 B
2 canva.com
www.canva.com — Cisco Umbrella Rank: 3323
2 KB
2 rentalcars.com
www.rentalcars.com — Cisco Umbrella Rank: 50760
1017 B
2 kayak.it
www.kayak.it — Cisco Umbrella Rank: 485250
2 KB
2 vave.com
vave.com — Cisco Umbrella Rank: 552596
805 B
2 lightinthebox.com
www.lightinthebox.com — Cisco Umbrella Rank: 40541
1 KB
2 hotelscombined.it
www.hotelscombined.it
2 KB
2 binance.com
www.binance.com — Cisco Umbrella Rank: 14351
accounts.binance.com — Cisco Umbrella Rank: 125170
308 B
2 geekbuying.com
affiliate.geekbuying.com
www.geekbuying.com — Cisco Umbrella Rank: 412970
578 B
2 hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 695
853 B
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 62
45 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 39
17 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 161
89 KB
1 pinterest.com
widgets.pinterest.com
320 B
1 googleapis.com
fonts.googleapis.com
2 KB
1 gamestop.it
www.gamestop.it
1 tiqets.com
www.tiqets.com
1 hotels.com
it.hotels.com
1 fruugo.it
www.fruugo.it
1 lookfantastic.it
www.lookfantastic.it — Cisco Umbrella Rank: 440888
1 cdkeys.com
www.cdkeys.com
1 libraccio.it
www.libraccio.it
1 ebay.it
www.ebay.it — Cisco Umbrella Rank: 69747
1 getresponse.com
www.getresponse.com — Cisco Umbrella Rank: 584171
1 transavia.com
www.transavia.com — Cisco Umbrella Rank: 179292
1 tradetracker.net
sc.tradetracker.net — Cisco Umbrella Rank: 361060
431 B
1 getyourguide.it
www.getyourguide.it
1 getyourguide.com
www.getyourguide.com — Cisco Umbrella Rank: 58069
6 KB
1 udemy.com
www.udemy.com
1 vestiairecollective.com
www.vestiairecollective.com — Cisco Umbrella Rank: 69064
1 lingoda.com
www.lingoda.com — Cisco Umbrella Rank: 333258
1 c-and-a.com
www.c-and-a.com — Cisco Umbrella Rank: 152486
1 agoda.com
www.agoda.com — Cisco Umbrella Rank: 19584
1 warehouse-x.io
warehouse-x.io — Cisco Umbrella Rank: 887967
1 vrbo.com
www.vrbo.com — Cisco Umbrella Rank: 12202
1 iqbroker.com
iqbroker.com — Cisco Umbrella Rank: 149900
1 alibaba.com
offer.alibaba.com — Cisco Umbrella Rank: 49623
1 arcaplanet.it
www.arcaplanet.it — Cisco Umbrella Rank: 400826
1 momondo.it
www.momondo.it
1 expedia.it
www.expedia.it — Cisco Umbrella Rank: 143814
1 bidoo.com
it.bidoo.com
1 tomtop.com
www.tomtop.com — Cisco Umbrella Rank: 432044
1 iplogger.com
iplogger.com — Cisco Umbrella Rank: 234612
498 B
1 ticketone.it
www.ticketone.it — Cisco Umbrella Rank: 340140
1 viator.com
www.viator.com — Cisco Umbrella Rank: 24753
1 bata.it
www.bata.it — Cisco Umbrella Rank: 947050
1 bngtrak.com
bngtrak.com — Cisco Umbrella Rank: 44324
3 KB
1 cotosen.com
www.cotosen.com — Cisco Umbrella Rank: 344360
1 notino.it
www.notino.it — Cisco Umbrella Rank: 270341
1 dhgate.com
www.dhgate.com — Cisco Umbrella Rank: 27852
1 semrush.com
www.semrush.com — Cisco Umbrella Rank: 90349
1 gstatic.com
ssl.gstatic.com
6 KB
1 powered-by-revidy.com
powered-by-revidy.com — Cisco Umbrella Rank: 337868
402 B
1 adserver-mb.com
adserver-mb.com — Cisco Umbrella Rank: 276638
336 B
1 amazonaws.com
filamentapp.s3.amazonaws.com
1 sumome.com
load.sumome.com — Cisco Umbrella Rank: 47249
2 KB
1 google.it
www.google.it — Cisco Umbrella Rank: 19970
408 B
1 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 91
377 B
1 cloudfront.net
d1xxdi1bvp4gvz.cloudfront.net
876 B
1 totalav.com
static.totalav.com — Cisco Umbrella Rank: 661853
17 KB
1 instui201.info
www.instui201.info
532 B
0 bufferapp.com Failed
api.bufferapp.com Failed
0 aliyun.com Failed
acjs.aliyun.com Failed
0 giglio.com Failed
www.giglio.com Failed
0 qvc.it Failed
www.qvc.it Failed
0 miniinthebox.com Failed
www.miniinthebox.com Failed
0 hp.com Failed
www.hp.com Failed
0 volotea.com Failed
www.volotea.com Failed
0 coursera.org Failed
www.coursera.org Failed
0 wish.com Failed
www.wish.com Failed
0 kobo.com Failed
www.kobo.com Failed
0 kinsta.com Failed
kinsta.com Failed
161 92
Domain Requested by
29 hlmiq.com 27 redirects odnaknopka.ru
hlmiq.com
12 assets.alicdn.com login.aliexpress.com
assets.alicdn.com
g.alicdn.com
11 www.findmysoft.com shrew-soft-vpn-client.findmysoft.com
www.findmysoft.com
10 load.sumo.com load.sumome.com
8 ae.mmstat.com shrew-soft-vpn-client.findmysoft.com
login.aliexpress.com
8 img.findmysoft.com shrew-soft-vpn-client.findmysoft.com
6 apis.google.com 1 redirects shrew-soft-vpn-client.findmysoft.com
apis.google.com
accounts.google.com
5 g.alicdn.com login.aliexpress.com
g.alicdn.com
4 odnaknopka.ru 2 redirects shrew-soft-vpn-client.findmysoft.com
3 sumo.com load.sumo.com
3 www.armani.com 2 redirects hlmiq.com
3 redirects.tradedoubler.com 3 redirects
3 developers.google.com 2 redirects apis.google.com
2 api.facebook.com 1 redirects shrew-soft-vpn-client.findmysoft.com
2 graph.facebook.com 1 redirects shrew-soft-vpn-client.findmysoft.com
2 fourier.taobao.com login.aliexpress.com
g.alicdn.com
2 aeis.alicdn.com assets.alicdn.com
2 ae01.alicdn.com assets.alicdn.com
2 www.marriott.it 1 redirects hlmiq.com
2 www.airhelp.com 1 redirects hlmiq.com
2 monday.com 1 redirects hlmiq.com
2 www.interflora.it 1 redirects hlmiq.com
2 www.canva.com 1 redirects hlmiq.com
2 www.rentalcars.com 1 redirects hlmiq.com
2 www.kayak.it 1 redirects hlmiq.com
2 vave.com 1 redirects hlmiq.com
2 www.lightinthebox.com 1 redirects hlmiq.com
2 www.iherb.com 2 redirects
2 bongacams.com 2 redirects
2 www.hotelscombined.it 1 redirects hlmiq.com
2 login.aliexpress.com odnaknopka.ru
login.aliexpress.com
2 accounts.google.com apis.google.com
shrew-soft-vpn-client.findmysoft.com
2 static.hotjar.com 1 redirects shrew-soft-vpn-client.findmysoft.com
2 www.googletagmanager.com 1 redirects shrew-soft-vpn-client.findmysoft.com
2 www.google-analytics.com 1 redirects shrew-soft-vpn-client.findmysoft.com
2 connect.facebook.net shrew-soft-vpn-client.findmysoft.com
connect.facebook.net
2 shrew-soft-vpn-client.findmysoft.com shrew-soft-vpn-client.findmysoft.com
1 www.reddit.com shrew-soft-vpn-client.findmysoft.com
1 reddit.com 1 redirects
1 widgets.pinterest.com shrew-soft-vpn-client.findmysoft.com
1 fonts.googleapis.com client
1 clients6.google.com load.sumo.com
1 de-wum.aliexpress.com aeis.alicdn.com
1 www.gamestop.it hlmiq.com
1 www.tiqets.com hlmiq.com
1 it.hotels.com hlmiq.com
1 www.fruugo.it hlmiq.com
1 www.lookfantastic.it hlmiq.com
1 www.cdkeys.com hlmiq.com
1 block.fiverr.com hlmiq.com
1 www.fiverr.com 1 redirects
1 www.libraccio.it hlmiq.com
1 www.ebay.it hlmiq.com
1 www.getresponse.com hlmiq.com
1 www.transavia.com hlmiq.com
1 sc.tradetracker.net 1 redirects
1 www.getyourguide.it hlmiq.com
1 www.getyourguide.com 1 redirects
1 www.udemy.com hlmiq.com
1 www.vestiairecollective.com hlmiq.com
1 www.lingoda.com hlmiq.com
1 www.c-and-a.com hlmiq.com
1 it.stripchat.com hlmiq.com
1 stripchat.com 1 redirects
1 www.agoda.com hlmiq.com
1 warehouse-x.io hlmiq.com
1 www.vrbo.com hlmiq.com
1 iqbroker.com hlmiq.com
1 offer.alibaba.com hlmiq.com
1 www.arcaplanet.it hlmiq.com
1 www.momondo.it hlmiq.com
1 www.expedia.it hlmiq.com
1 it.bidoo.com hlmiq.com
1 www.tomtop.com hlmiq.com
1 iplogger.com 1 redirects
1 www.ticketone.it hlmiq.com
1 www.viator.com hlmiq.com
1 it1.iherb.com hlmiq.com
1 www.bata.it hlmiq.com
1 it.bongacams.com hlmiq.com
1 bngtrak.com 1 redirects
1 www.cotosen.com hlmiq.com
1 www.notino.it hlmiq.com
1 www.dhgate.com hlmiq.com
1 accounts.binance.com hlmiq.com
1 www.binance.com 1 redirects
1 www.geekbuying.com hlmiq.com
1 affiliate.geekbuying.com 1 redirects
1 www.semrush.com hlmiq.com
1 ssl.gstatic.com accounts.google.com
1 s.click.aliexpress.com 1 redirects
1 powered-by-revidy.com 1 redirects
1 adserver-mb.com 1 redirects
1 filamentapp.s3.amazonaws.com www.googletagmanager.com
1 load.sumome.com www.googletagmanager.com
1 www.google.it shrew-soft-vpn-client.findmysoft.com
1 www.google.com 1 redirects
1 stats.g.doubleclick.net 1 redirects
1 d1xxdi1bvp4gvz.cloudfront.net shrew-soft-vpn-client.findmysoft.com
1 static.totalav.com shrew-soft-vpn-client.findmysoft.com
1 www.instui201.info shrew-soft-vpn-client.findmysoft.com
0 api.bufferapp.com Failed load.sumo.com
0 acjs.aliyun.com Failed login.aliexpress.com
0 www.giglio.com Failed hlmiq.com
0 www.qvc.it Failed hlmiq.com
0 www.miniinthebox.com Failed hlmiq.com
0 www.hp.com Failed hlmiq.com
0 www.volotea.com Failed hlmiq.com
0 www.coursera.org Failed hlmiq.com
0 www.wish.com Failed hlmiq.com
0 www.kobo.com Failed hlmiq.com
0 kinsta.com Failed hlmiq.com
161 112
Subject Issuer Validity Valid
*.apis.google.com
GTS CA 1C3
2023-04-24 -
2023-07-17
3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2023-02-16 -
2023-05-17
3 months crt.sh
*.google.com
GTS CA 1C3
2023-04-24 -
2023-07-17
3 months crt.sh
accounts.google.com
GTS CA 1C3
2023-04-24 -
2023-07-17
3 months crt.sh
*.sumo.com
Sectigo RSA Domain Validation Secure Server CA
2023-02-16 -
2024-02-16
a year crt.sh
hlmiq.com
R3
2023-04-04 -
2023-07-03
3 months crt.sh
ru.aliexpress.com
DigiCert TLS RSA SHA256 2020 CA1
2022-12-19 -
2023-12-19
a year crt.sh
*.gstatic.com
GTS CA 1C3
2023-04-24 -
2023-07-17
3 months crt.sh
www.viator.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2023-03-06 -
2024-04-05
a year crt.sh
*.alibaba.com
GlobalSign Organization Validation CA - SHA256 - G2
2022-06-08 -
2023-07-10
a year crt.sh
*.iqbroker.com
R3
2023-04-28 -
2023-07-27
3 months crt.sh
vrbo.com
DigiCert TLS RSA SHA256 2020 CA1
2022-11-22 -
2023-11-23
a year crt.sh
warehouse-x.io
R3
2023-03-14 -
2023-06-12
3 months crt.sh
*.agoda.com
GeoTrust RSA CA 2018
2023-04-08 -
2024-04-10
a year crt.sh
*.getresponse.com
Go Daddy Secure Certificate Authority - G2
2023-03-27 -
2024-04-11
a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2022-06-16 -
2023-06-16
a year crt.sh
lookfantastic.com
DigiCert TLS RSA SHA256 2020 CA1
2022-06-14 -
2023-06-14
a year crt.sh
hotels.com
R3
2023-04-26 -
2023-07-25
3 months crt.sh
tiqets.com
Amazon RSA 2048 M02
2023-03-08 -
2024-04-05
a year crt.sh
*.tbcdn.cn
GlobalSign Organization Validation CA - SHA256 - G2
2022-07-22 -
2023-08-06
a year crt.sh
*.taobao.com
GlobalSign Organization Validation CA - SHA256 - G2
2023-01-16 -
2023-06-18
5 months crt.sh
*.mmstat.com
GlobalSign Organization Validation CA - SHA256 - G2
2022-07-18 -
2023-08-19
a year crt.sh
*.aliexpress.com
GlobalSign Organization Validation CA - SHA256 - G2
2022-08-23 -
2023-06-18
10 months crt.sh

This page contains 7 frames:

Primary Page: http://shrew-soft-vpn-client.findmysoft.com/
Frame ID: 5ADF92D4B630265098B72F6654AA3470
Requests: 57 HTTP requests in this frame

Frame: http://d1xxdi1bvp4gvz.cloudfront.net/?key=89d0769a0a84fffa39d6f6a41a6ba0c6&ch=
Frame ID: 3A9D1A2B60A899660610CD15BF22B4D3
Requests: 1 HTTP requests in this frame

Frame: https://developers.google.com/?hl=it
Frame ID: 90AEA95FFEE53055775FC9D6CF0525DA
Requests: 1 HTTP requests in this frame

Frame: https://accounts.google.com/o/oauth2/postmessageRelay?parent=http%3A%2F%2Fshrew-soft-vpn-client.findmysoft.com&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.it.p4hLA3PtgtI.O%2Fd%3D1%2Frs%3DAHpOoo9uGPed9WTSFQetSevIKPkLCGGyEQ%2Fm%3D__features__
Frame ID: BABB1E9ED2A2974A2C656E99BC3D9385
Requests: 5 HTTP requests in this frame

Frame: https://hlmiq.com/vu/it/
Frame ID: 9EB3B0A1343B826DF5E72B2EA6F9E653
Requests: 1 HTTP requests in this frame

Frame: https://login.aliexpress.com/?af=a&8469&cn=milano&cv=482179&dp=192.145.127.217&aff_fcid=a7cfe817f0b644d3a2fabcdc99f75a09-1683681851328-03377-_DEQI9az&tt=CPS_NORMAL&aff_fsk=_DEQI9az&aff_platform=portals-tool&sk=_DEQI9az&aff_trace_key=a7cfe817f0b644d3a2fabcdc99f75a09-1683681851328-03377-_DEQI9az&terminal_id=1c58bfd2c6134e8bb4348f30a995d8b4
Frame ID: 102987AD2984BE9FA300DC1AE9F85598
Requests: 35 HTTP requests in this frame

Frame: https://hlmiq.com/vu/it/
Frame ID: 0B861C65A271949C4C743186D1DECF3E
Requests: 59 HTTP requests in this frame

Screenshot

Page Title

» Download Shrew Soft VPN Client Free

Detected technologies

Overall confidence: 100%
Detected patterns

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • apis\.google\.com/js/[a-z]*\.js

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js

Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/

Overall confidence: 100%
Detected patterns
  • load\.sumome\.com

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

161
Requests

42 %
HTTPS

41 %
IPv6

92
Domains

112
Subdomains

78
IPs

10
Countries

1488 kB
Transfer

4371 kB
Size

166
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 17
  • http://connect.facebook.net/en_US/all.js HTTP 307
  • https://connect.facebook.net/en_US/all.js
Request Chain 18
  • http://www.google-analytics.com/ga.js HTTP 307
  • https://www.google-analytics.com/ga.js
Request Chain 19
  • http://www.googletagmanager.com/gtm.js?id=GTM-MJ4SPG HTTP 302
  • https://www.googletagmanager.com/gtm.js?id=GTM-MJ4SPG
Request Chain 20
  • http://odnaknopka.ru/ok9.js HTTP 301
  • https://odnaknopka.ru/ok9.js
Request Chain 29
  • http://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1943940509&utmhn=shrew-soft-vpn-client.findmysoft.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=%C2%BB%20Download%20Shrew%20Soft%20VPN%20Client%20Free&utmhid=372121480&utmr=-&utmp=%2F&utmht=1683681850253&utmac=UA-193652-7&utmcc=__utma%3D1.58582700.1683681850.1683681850.1683681850.1%3B%2B__utmz%3D1.1683681850.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=721670501&utmredir=1&utmu=qFAAAAAAAAAAAAAAAAAAAAAE~ HTTP 307
  • https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1943940509&utmhn=shrew-soft-vpn-client.findmysoft.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=%C2%BB%20Download%20Shrew%20Soft%20VPN%20Client%20Free&utmhid=372121480&utmr=-&utmp=%2F&utmht=1683681850253&utmac=UA-193652-7&utmcc=__utma%3D1.58582700.1683681850.1683681850.1683681850.1%3B%2B__utmz%3D1.1683681850.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=721670501&utmredir=1&utmu=qFAAAAAAAAAAAAAAAAAAAAAE~ HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-193652-7&cid=58582700.1683681850&jid=721670501&_v=5.7.2&z=1943940509 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-193652-7&cid=58582700.1683681850&jid=721670501&_v=5.7.2&z=1943940509 HTTP 302
  • https://www.google.it/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-193652-7&cid=58582700.1683681850&jid=721670501&_v=5.7.2&z=1943940509&slf_rd=1&random=2015892737
Request Chain 32
  • https://apis.google.com/u/0/se/0/_/+1/fastbutton?usegapi=1&size=medium&origin=http%3A%2F%2Fshrew-soft-vpn-client.findmysoft.com&url=http%3A%2F%2Fshrew-soft-vpn-client.findmysoft.com%2F&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.it.p4hLA3PtgtI.O%2Fd%3D1%2Frs%3DAHpOoo9uGPed9WTSFQetSevIKPkLCGGyEQ%2Fm%3D__features__ HTTP 301
  • http://developers.google.com/ HTTP 301
  • https://developers.google.com/ HTTP 302
  • https://developers.google.com/?hl=it
Request Chain 33
  • http://static.hotjar.com/c/hotjar-89549.js?sv=5 HTTP 301
  • https://static.hotjar.com/c/hotjar-89549.js?sv=5
Request Chain 35
  • http://odnaknopka.ru/stat.js HTTP 301
  • https://odnaknopka.ru/stat.js
Request Chain 40
  • https://adserver-mb.com/stat HTTP 302
  • https://hlmiq.com/vu/it/
Request Chain 41
  • https://powered-by-revidy.com/a HTTP 302
  • https://s.click.aliexpress.com/e/_DEQI9az?af=a;8469&cn=milano&cv=482179&dp=192.145.127.217 HTTP 302
  • https://login.aliexpress.com/?af=a&8469&cn=milano&cv=482179&dp=192.145.127.217&aff_fcid=a7cfe817f0b644d3a2fabcdc99f75a09-1683681851328-03377-_DEQI9az&tt=CPS_NORMAL&aff_fsk=_DEQI9az&aff_platform=portals-tool&sk=_DEQI9az&aff_trace_key=a7cfe817f0b644d3a2fabcdc99f75a09-1683681851328-03377-_DEQI9az&terminal_id=1c58bfd2c6134e8bb4348f30a995d8b4
Request Chain 47
  • https://hlmiq.com/to2/semrush.com/ HTTP 307
  • https://www.semrush.com/partner/semrushpro/?irclickid=R%3ANxK2X7TxyNR7TQ1CxahX8JUkAXzdRGXUjWwE0&utm_source=affiliate&utm_Medium=impact&utm_campaign=1394912&utm_terms=&utm_content=&irgwc=1&utm_medium=impact&utm_term=
Request Chain 48
  • https://affiliate.geekbuying.com/gkbaffiliate.php?id=1124 HTTP 301
  • https://www.geekbuying.com/?idev_id=1124&utm_source=affiliate.geekbuying.com&utm_medium=affiliate_1124&utm_campaign=1124
Request Chain 49
  • https://www.binance.com/ru/register?ref=KZTDOPQP HTTP 301
  • https://accounts.binance.com/ru/register?ref=KZTDOPQP
Request Chain 50
  • https://hlmiq.com/to2/dhgate/ HTTP 307
  • https://www.dhgate.com/?f=bm%7Caff%7Cimpact%7C2334778%7CSv23UEX%3A7xyNR7TQ1CxahX8JUkAXzD1HXUjWwE0%7C&irgwc=1
Request Chain 52
  • https://www.hotelscombined.it/?a_aid=172493 HTTP 302
  • https://www.hotelscombined.it/
Request Chain 53
  • https://hlmiq.com/to2/notino.it/ HTTP 307
  • https://www.notino.it/?utm_source=cj&utm_medium=affiliate&utm_campaign=3211745&utm_term=4260539&cjevent=20a385fceec811ed80cc02200a18ba72&cjdata=MXxZfFl8WXww
Request Chain 54
  • https://hlmiq.com/to2/cotosen.com/ HTTP 307
  • https://www.cotosen.com/?utm_source=affiliates&utm_medium=admitad&tagtag_uid=50c05444da5096c98cecd975a9ab48f8
Request Chain 55
  • https://bongacams.com/track?c=287325 HTTP 302
  • https://bngtrak.com/hit.php?c=287325 HTTP 302
  • https://bongacams.com/?bcs=d25mbzNlNTVmNjc4ZjZiMzBlNzAwODFlMTg3ZWZkN2Q1YWYxOjoxODMzNDY6Omh0dHBzOi8vaGxtaXEuY29tLzo6Ojo6OjI4NzMyNTo6MDo6MDo6MDo6OjowOjpkZWZhdWx0Ojow HTTP 302
  • https://it.bongacams.com/?bcs=d25mbzNlNTVmNjc4ZjZiMzBlNzAwODFlMTg3ZWZkN2Q1YWYxOjoxODMzNDY6Omh0dHBzOi8vaGxtaXEuY29tLzo6Ojo6OjI4NzMyNTo6MDo6MDo6MDo6OjowOjpkZWZhdWx0Ojow
Request Chain 56
  • https://hlmiq.com/to2/bata.it/ HTTP 307
  • https://redirects.tradedoubler.com/projectr/?utm_source=tradedoubler&utm_medium=affiliation&utm_campaign=1341325&utm_content=display&tduid=a125995705c8a023a0ffe7aef38895d8&_td_deeplink=https://www.bata.it/?utm_source=tradedoubler&utm_medium=affiliation&utm_campaign=1341325&utm_content=display HTTP 302
  • https://www.bata.it/?utm_source=tradedoubler&utm_medium=affiliation&utm_campaign=1341325&utm_content=display&tduid=a125995705c8a023a0ffe7aef38895d8
Request Chain 57
  • https://hlmiq.com/to2/iherb.com/ HTTP 307
  • https://www.iherb.com/?clickref=1100lwJJYrKH&utm_source=agruna&utm_medium=affiliate&utm_campaign=1011l44232 HTTP 301
  • https://www.iherb.com/?utm_source=agruna&utm_medium=affiliate&utm_campaign=1011l44232 HTTP 302
  • https://it1.iherb.com/?utm_source=agruna&utm_medium=affiliate&utm_campaign=1011l44232
Request Chain 59
  • https://hlmiq.com/to2/ticketone.it/ HTTP 307
  • https://www.ticketone.it/?api_key=526ce45b25e1f6dcb86f05e8f2c94e64&site_id=4e52405092d94c458711b4fff5efbfbd&type=url&source=clcktrck.com&yk_tag=1f86589826a41783233362718d2de2bb
Request Chain 60
  • https://www.lightinthebox.com/?utm_campaign=irpid&utm_content=Indoleads2019&utm_source=gan&utm_medium=affiliate&litb_from=affiliate_gan&clickid=yIcQh1X%3A8xyNR7TQ1CxahX8JUkAXzlyOXUjWwE0&irgwc=1 HTTP 302
  • https://www.lightinthebox.com/it/?utm_campaign=irpid&utm_content=Indoleads2019&utm_source=gan&utm_medium=affiliate&litb_from=affiliate_gan&clickid=yIcQh1X%3A8xyNR7TQ1CxahX8JUkAXzlyOXUjWwE0&irgwc=1
Request Chain 61
  • https://vave.com/?btag=657028_7457C709B74841759EFFB14E6BB3A6CC HTTP 302
  • https://vave.com/it?btag=657028_7457C709B74841759EFFB14E6BB3A6CC
Request Chain 62
  • https://hlmiq.com/to2/kobo.com/ HTTP 307
  • https://www.kobo.com/?utm_source=linkshare_fr&utm_medium=affiliate&utm_campaign=Linkbux&utm_term=lb_iy0qa0&ranMID=39331&ranEAID=wizKxmN8no4&ranSiteID=wizKxmN8no4-mL2h11xqwrpR2kyR57272Q&siteID=wizKxmN8no4-mL2h11xqwrpR2kyR57272Q
Request Chain 63
  • https://hlmiq.com/to2/kayak.it/ HTTP 307
  • https://www.kayak.it/in?a=tradetracker&encoder=19_4&enc_pubid=191272&enc_bid=0&enc_pid=32920&enc_refid=0%3A%3A191272%3A%3Av030300011382adfa8dbecbd04d7e8016be504c1a5152%3A%3A%3A%3A1683678362&utm_source=tradetracker&utm_medium=affiliate&utm_campaign=191272&utm_content=32920&url=https%3A%2F%2Fwww.kayak.it%2F HTTP 301
  • https://www.kayak.it/?utm_source=tradetracker&utm_medium=affiliate&utm_campaign=191272&utm_content=32920
Request Chain 64
  • https://iplogger.com/2QSAr5 HTTP 302
  • https://www.tomtop.com/?aid=agru
Request Chain 65
  • https://hlmiq.com/to2/bidoo.com/ HTTP 307
  • https://it.bidoo.com/?src=admitad&tagtag_uid=657ee5a1add6681fffaa4da0421529c9&target=admitad
Request Chain 66
  • https://hlmiq.com/to2/expedia.it/ HTTP 307
  • https://www.expedia.it/?clickref=1100lwJJRAC8&affcid=IT.DIRECT.PHG.1100l95727.0&ref_id=1100lwJJRAC8&my_ad=AFF.IT.DIRECT.PHG.1100l95727.0&afflid=1100lwJJRAC8&original_destination=https://www.expedia.it/?clickref=1100lwJJRAC8&affcid=IT.DIRECT.PHG.1100l95727.0&ref_id=1100lwJJRAC8&my_ad=AFF.IT.DIRECT.PHG.1100l95727.0&afflid=1100lwJJRAC8
Request Chain 67
  • https://hlmiq.com/to2/momondo.it/ HTTP 307
  • https://www.momondo.it/in?a=tradetracker&encoder=19_4&enc_pubid=191272&enc_bid=0&enc_pid=20430&enc_refid=0%3A%3A191272%3A%3Av0303000113828783ebccb2f44730ae22218572db1e34%3A%3A%3A%3A1683676202&utm_source=tradetracker&utm_medium=affiliate&utm_campaign=191272&utm_content=20430&url=https%3A%2F%2Fmomondo.it%2F
Request Chain 68
  • https://hlmiq.com/to2/armani.com/ HTTP 307
  • https://www.armani.com/affiliation/linkshare/Index?siteID=DyEaQ64qYSo-kbgCG5cO6PDt0uUXyBoQEw&url=https%3A%2F%2Fwww.armani.com%2F%3Futm_campaign%3Dus_armani_armani_ecommerce_linkshare_affiliation%26utm_content%3D10%26utm_medium%3Daffiliate%26utm_source%3Dlinkshare_us%26utm_keyword%3DDyEaQ64qYSo-kbgCG5cO6PDt0uUXyBoQEw%26tp%3D16715&LSNSUBSITE=LSNSUBSITE HTTP 302
  • https://www.armani.com/ HTTP 302
  • https://www.armani.com/it-it
Request Chain 69
  • https://hlmiq.com/to2/arcaplanet.it/ HTTP 307
  • https://www.arcaplanet.it/?kk=a4c6293-188031279a4-2ab5c&utm_campaign=kelkooclick_couponing_5.pp&utm_id=kelkoo&utm_medium=affiliate&utm_source=kelkooit
Request Chain 73
  • https://hlmiq.com/to2/rentalcars.com/ HTTP 307
  • https://www.rentalcars.com/Home.do?affiliateCode=chinesean&adplat=2a18802eddd7a HTTP 302
  • https://www.rentalcars.com/?affiliateCode=chinesean&adplat=2a18802eddd7a
Request Chain 75
  • https://www.canva.com/pricing/?clickId=0rYyL5X%3AbxyNR7TQ1CxahX8JUkAXzQ1HXUjWwE0&utm_medium=affiliate&utm_source=korfoorg_1394953&irgwc=1 HTTP 302
  • https://www.canva.com/it_it/prezzi/?clickId=0rYyL5X%3AbxyNR7TQ1CxahX8JUkAXzQ1HXUjWwE0&utm_medium=affiliate&utm_source=korfoorg_1394953&irgwc=1
Request Chain 77
  • https://stripchat.com/?affiliateId=73b0fbd3ee36ead2b74e59d3464a7035c57d58262dabefced6d54007bc244727 HTTP 302
  • https://it.stripchat.com/?affiliateId=73b0fbd3ee36ead2b74e59d3464a7035c57d58262dabefced6d54007bc244727
Request Chain 78
  • https://hlmiq.com/to2/c-and-a.it/ HTTP 307
  • https://www.c-and-a.com/it/it/shop?clickref=1101lwJU4L5W&utm_source=affiliate&utm_content=linkbux20&utm_medium=1101lwJU4L5W&utm_campaign=public-it&utm_term=partnerize-1011l105038
Request Chain 79
  • https://hlmiq.com/to2/interflora.it/ HTTP 307
  • https://www.interflora.it/Home/Index?belboon=2305100046022540058&utm_source=affiliate&utm_campaign=Takeads&utm_medium=belboon&utm_content=482065&utm_admedia=CRTC50yPro-&campaign=belboon+spacer&utm_term=Netzwerke+allgemein HTTP 301
  • https://www.interflora.it/?belboon=2305100046022540058&utm_source=affiliate&utm_campaign=Takeads&utm_medium=belboon&utm_content=482065&utm_admedia=CRTC50yPro-&campaign=belboon+spacer&utm_term=Netzwerke+allgemein
Request Chain 81
  • https://hlmiq.com/to2/lingoda.com/ HTTP 307
  • https://www.lingoda.com/ru/?utm_source=rakuten&utm_medium=affiliate&utm_campaign=admitad&utm_keyword=hL6ObH.7r3M-9iTCW4bV1UotJUgyM2eKBw&ranMID=49431&ranEAID=3354856&ranSiteID=hL6ObH.7r3M-9iTCW4bV1UotJUgyM2eKBw
Request Chain 82
  • https://hlmiq.com/to2/vestiairecollective.com/ HTTP 307
  • https://www.vestiairecollective.com/?utm_source=rakuten&utm_medium=affiliate&utm_campaign=2126220_Takeads+GmbH&utm_term=a1LgFw09t88-aEHBOLIMi2GAFadjSUlNTQ&ranMID=49104&ranEAID=a1LgFw09t88&ranSiteID=a1LgFw09t88-aEHBOLIMi2GAFadjSUlNTQ
Request Chain 83
  • https://hlmiq.com/to2/coursera2.org/ HTTP 307
  • https://www.coursera.org/?irclickid=2k7S0IX7xxyNR7TQ1CxahX8JUkAXzo0WXUjWwE0&irgwc=1&utm_medium=partners&utm_source=impact&utm_campaign=1310690&utm_content=b2c
Request Chain 84
  • https://hlmiq.com/to2/udemy2.com/ HTTP 307
  • https://www.udemy.com/?ranMID=39197&ranEAID=wizKxmN8no4&ranSiteID=wizKxmN8no4-D0jyPSnWBrrDXRfjSdCiPg&utm_source=aff-campaign&utm_medium=udemyads&LSNPUBID=wizKxmN8no4
Request Chain 85
  • https://hlmiq.com/to2/monday3.com/ HTTP 307
  • https://monday.com/?gspk=Y29vbnR4bWVkaWE1NTM4&gsxid=h7PWYog5d90j&pscd=try.monday.com&sid=102755743ddb6d7b8bc25e89557402&u=https://monday.com/?sid=102755743ddb6d7b8bc25e89557402&urlauth=846686347208551634434956341136&utm_campaign=partnerstack&utm_medium=coontxmedia5538&utm_source=partner HTTP 302
  • https://monday.com/lang/it/?gspk=Y29vbnR4bWVkaWE1NTM4&gsxid=zxAu9AgQhsEZ&pscd=try.monday.com&sid=102bee0826f83ed6da888a5acf1e5f&u=https:/monday.com
Request Chain 86
  • https://www.airhelp.com/?utm_medium=affiliate&utm_source=pap&utm_campaign=aff-agru&utm_content=&a_aid=agru&a_bid=2d914045 HTTP 302
  • https://www.airhelp.com/it/?utm_medium=affiliate&utm_source=pap&utm_campaign=aff-agru&utm_content=&a_aid=agru&a_bid=2d914045
Request Chain 87
  • https://www.getyourguide.com/?partner_id=ZUZJJY5&utm_medium=online_publisher&placement=%22banner%22 HTTP 302
  • https://www.getyourguide.it/?partner_id=ZUZJJY5&utm_medium=online_publisher&placement=%22banner%22&visitor-id=6R63D9LK9XL5NWJ00JD0N18GQYIA2LEG&locale_autoredirect_optout=true
Request Chain 88
  • https://hlmiq.com/to2/marriott.it/ HTTP 307
  • https://www.marriott.it/?api_key=6e214a2e5eaa4f87f699b7c54a542a6a&type=url&source=https%3A%2F%2Fwww.linkbux.com&site_id=2588750acba045468d0d6283a3c3afec&yk_tag=lb_iyb30n HTTP 301
  • https://www.marriott.it/default.mi?api_key=6e214a2e5eaa4f87f699b7c54a542a6a&type=url&source=https%3A%2F%2Fwww.linkbux.com&site_id=2588750acba045468d0d6283a3c3afec&yk_tag=lb_iyb30n
Request Chain 89
  • https://hlmiq.com/to2/transavia.it/ HTTP 307
  • https://sc.tradetracker.net/tracker/merchant?e=clk&cstid=167422&cid=27846&data=0%3A%3A218459%3A%3A71651224a2254e46b63898447414be57%3A%3A%3A%3A1683674703&url=https%3A%2F%2Fwww.transavia.com%2Fit-IT%2Fhome%2F%3Futm_source%3Daffiliate%26utm_medium%3Dcustom%26utm_campaign%3DHVTO_IT_218459_BuyOn HTTP 301
  • https://www.transavia.com/it-IT/home/?utm_source=affiliate&utm_medium=custom&utm_campaign=HVTO_IT_218459_BuyOn
Request Chain 91
  • https://hlmiq.com/to2/ebay.it/ HTTP 307
  • https://www.ebay.it/?mkevt=1&mkcid=1&mkrid=724-53478-19255-0&campid=5336482211&toolid=10001&customid=1e912d86e0c44125ab3cb8fe8ce525ce
Request Chain 92
  • https://hlmiq.com/to2/libraccio.it/ HTTP 307
  • https://redirects.tradedoubler.com/projectr/?utm_source=tradedoubler&utm_medium=cpa&utm_campaign=2353954&utm_content=affiliazione&tduid=c368a8247d955f0e347afc5d845b1652&_td_deeplink=https://www.libraccio.it/ HTTP 302
  • https://www.libraccio.it/?utm_source=tradedoubler&utm_medium=cpa&utm_campaign=2353954&utm_content=affiliazione&tduid=c368a8247d955f0e347afc5d845b1652
Request Chain 93
  • https://hlmiq.com/to2/fiverr.it/ HTTP 307
  • https://www.fiverr.com/?utm_source=3789&utm_medium=cx_affiliate&utm_campaign=789945&afp=6439d60bdfe20d00133800c0&cxd_token=3789_25107268_%7Cafp0%3A6439d60bdfe20d00133800c0%7Cafp1%3A6288_1683674641_8cd27bd1f8f4cc2c27e7f4cc8bc8c069%7Cafp2%3A789945%7Cafp10%3A789945&show_join=true HTTP 307
  • https://block.fiverr.com/?url=aHR0cDovL3d3dy5maXZlcnIuY29tLz9hZnA9NjQzOWQ2MGJkZmUyMGQwMDEzMzgwMGMwJnNob3dfam9pbj10cnVlJnV0bV9tZWRpdW09Y3hfYWZmaWxpYXRlJnV0bV9jYW1wYWlnbj03ODk5NDUmdXRtX3NvdXJjZT0zNzg5JmN4ZF90b2tlbj0zNzg5XzI1MTA3MjY4XyU3Q2FmcDAlM0E2NDM5ZDYwYmRmZTIwZDAwMTMzODAwYzAlN0NhZnAxJTNBNjI4OF8xNjgzNjc0NjQxXzhjZDI3YmQxZjhmNGNjMmMyN2U3ZjRjYzhiYzhjMDY5JTdDYWZwMiUzQTc4OTk0NSU3Q2FmcDEwJTNBNzg5OTQ1&uuid=5ffc4e0d-eed1-11ed-9398-48556d6d6e41&vid=
Request Chain 96
  • https://hlmiq.com/to2/fruugo.it/ HTTP 307
  • https://redirects.tradedoubler.com/projectr/?ac=tradedoubler&tduid=df5ef1339cad59a4669704a579a775d4&_td_deeplink=https://www.fruugo.it HTTP 302
  • https://www.fruugo.it/?ac=tradedoubler&tduid=df5ef1339cad59a4669704a579a775d4
Request Chain 97
  • https://hlmiq.com/to2/volotea.com/ HTTP 307
  • https://www.volotea.com/it?utm_campaign=IT&utm_source=CJ&utm_medium=affiliates&utm_term=4260539&cje=8afc8860eec211ed8203a8930a18b8fa&cjdata=MXxZfFl8WXww
Request Chain 98
  • https://hlmiq.com/to2/hp.it/ HTTP 307
  • https://redirects.tradedoubler.com/projectr/?_td_ifelse=hpinstantink*td_string*https%3A%2F%2Fwww.hp.com%2Fit-it%2Fshop%2F*td_true*_td_spaceport_encode=-1&utm_source=affiliate&utm_medium=instantink&utm_campaign=BuyOn&utm_term=af_f06bb1c2e8&tduid=68b98e9fec38599bb6d539b9e6fc1fcb&_td_deeplink=https%3A%2F%2Fwww.hp.com%2Fit-it%2Fshop%2F*td_false*_td_spaceport_encode=-1&_td_softclick=248494&utm_source=affiliate&utm_medium=cpa&utm_campaign=BuyOn&_td_url=https://www.hp.com/it-it/shop/GenericLandingPage.aspx?tduid=68b98e9fec38599bb6d539b9e6fc1fcb&_td_deeplink=https%3A%2F%2Fwww.hp.com%2Fit-it%2Fshop%2F HTTP 302
  • https://www.hp.com/it-it/shop/GenericLandingPage.aspx?tduid=68b98e9fec38599bb6d539b9e6fc1fcb&url=https://www.hp.com/it-it/shop/?utm_source=affiliate&utm_medium=cpa&utm_campaign=BuyOn
Request Chain 100
  • https://www.miniinthebox.com/?utm_campaign=1398851&utm_content=Indoleads2019&utm_source=gan&utm_medium=affiliate&litb_from=affiliate_gan&clickid=Was0QpX%3AKxyNR7TQ1CxahX8JUkAXz3TGXUjWwE0&irgwc=1 HTTP 302
  • https://www.miniinthebox.com/it/?utm_campaign=1398851&utm_content=Indoleads2019&utm_source=gan&utm_medium=affiliate&litb_from=affiliate_gan&clickid=Was0QpX%3AKxyNR7TQ1CxahX8JUkAXz3TGXUjWwE0&irgwc=1
Request Chain 101
  • https://hlmiq.com/to2/qvc.it/ HTTP 307
  • https://www.qvc.it/?api_key=526ce45b25e1f6dcb86f05e8f2c94e64&site_id=4e52405092d94c458711b4fff5efbfbd&type=url&source=clcktrck.com&yk_tag=146120de1542c0622441428ba50fe4c6
Request Chain 104
  • https://hlmiq.com/to2/gamestop.it/ HTTP 307
  • https://www.gamestop.it/?kk=a4c6293-18802adc4d8-28073&utm_campaign=kelkooclick&utm_medium=cpc&utm_source=kelkooit
Request Chain 153
  • http://graph.facebook.com/?id=http%3A%2F%2Fshrew-soft-vpn-client.findmysoft.com%2F&callback=jQuery1102043415200438588886_1683681850774&_=1683681850775 HTTP 301
  • https://graph.facebook.com/?id=http%3A%2F%2Fshrew-soft-vpn-client.findmysoft.com%2F&callback=jQuery1102043415200438588886_1683681850774&_=1683681850775
Request Chain 154
  • http://api.facebook.com/method/links.getStats?urls=http%3A%2F%2Fshrew-soft-vpn-client.findmysoft.com%2F&format=json&callback=jQuery1102043415200438588886_1683681850776&_=1683681850777 HTTP 301
  • https://api.facebook.com/method/links.getStats?urls=http%3A%2F%2Fshrew-soft-vpn-client.findmysoft.com%2F&format=json&callback=jQuery1102043415200438588886_1683681850776&_=1683681850777
Request Chain 156
  • http://widgets.pinterest.com/v1/urls/count.json?callback=jQuery1102043415200438588886_1683681850778&source=6&url=http%3A%2F%2Fshrew-soft-vpn-client.findmysoft.com%2F&_=1683681850779 HTTP 307
  • https://widgets.pinterest.com/v1/urls/count.json?callback=jQuery1102043415200438588886_1683681850778&source=6&url=http%3A%2F%2Fshrew-soft-vpn-client.findmysoft.com%2F&_=1683681850779
Request Chain 157
  • http://reddit.com/button_info.json?url=http%3A%2F%2Fshrew-soft-vpn-client.findmysoft.com%2F&jsonp=jQuery1102043415200438588886_1683681850780&_=1683681850781 HTTP 307
  • https://reddit.com/button_info.json?url=http%3A%2F%2Fshrew-soft-vpn-client.findmysoft.com%2F&jsonp=jQuery1102043415200438588886_1683681850780&_=1683681850781 HTTP 301
  • https://www.reddit.com/button_info.json?url=http%3A%2F%2Fshrew-soft-vpn-client.findmysoft.com%2F&jsonp=jQuery1102043415200438588886_1683681850780&_=1683681850781

161 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
shrew-soft-vpn-client.findmysoft.com/
30 KB
9 KB
Document
General
Full URL
http://shrew-soft-vpn-client.findmysoft.com/
Protocol
HTTP/1.1
Server
52.73.84.74 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-73-84-74.compute-1.amazonaws.com
Software
nginx / PHP/5.4.16 PleskLin
Resource Hash
a01cc276994f239218382714a98ab745548580a1ed48ce1effe1ae28762beb16

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
it-IT,it;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html
Date
Wed, 10 May 2023 01:24:09 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Pragma
no-cache
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Powered-By
PHP/5.4.16 PleskLin
s4.css
www.findmysoft.com/
42 KB
42 KB
Stylesheet
General
Full URL
http://www.findmysoft.com/s4.css
Requested by
Host: shrew-soft-vpn-client.findmysoft.com
URL: http://shrew-soft-vpn-client.findmysoft.com/
Protocol
HTTP/1.1
Server
52.73.84.74 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-73-84-74.compute-1.amazonaws.com
Software
nginx / PHP/5.4.16, PleskLin
Resource Hash
3a8ff59a7ddd1bff1862756337a59a3ef2660eeb346ce85f0a016cf4f0ae00df

Request headers

accept-language
it-IT,it;q=0.9
Referer
http://shrew-soft-vpn-client.findmysoft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Wed, 10 May 2023 01:24:09 GMT
Server
nginx
Connection
keep-alive
X-Powered-By
PHP/5.4.16, PleskLin
Transfer-Encoding
chunked
Content-Type
text/css
js.js
img.findmysoft.com/js3/
19 KB
20 KB
Script
General
Full URL
http://img.findmysoft.com/js3/js.js
Requested by
Host: shrew-soft-vpn-client.findmysoft.com
URL: http://shrew-soft-vpn-client.findmysoft.com/
Protocol
HTTP/1.1
Server
108.138.17.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-17-120.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e8f1415f11afa97bbaf1ea4fddfaeca7fcf6b2184b839b0d56f564455bc3651a

Request headers

accept-language
it-IT,it;q=0.9
Referer
http://shrew-soft-vpn-client.findmysoft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Tue, 09 May 2023 09:36:11 GMT
Via
1.1 56317bf75183e752b06c880e8a1e502a.cloudfront.net (CloudFront)
Last-Modified
Tue, 22 Jul 2014 12:32:33 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA56-P7
Age
56878
x-amz-meta-cb-modifiedtime
Tue, 05 Feb 2013 18:17:43 GMT
ETag
"700722778315d497388f357e2c432e25"
X-Cache
Hit from cloudfront
Content-Type
application/x-javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
19793
X-Amz-Cf-Id
Id06cbNWu1I4WDJ2VTx4_wYefcNuoGt2pcPuwBRltdKkwSPa1ZYxbw==
behavior.js
img.findmysoft.com/js3/
8 KB
8 KB
Script
General
Full URL
http://img.findmysoft.com/js3/behavior.js
Requested by
Host: shrew-soft-vpn-client.findmysoft.com
URL: http://shrew-soft-vpn-client.findmysoft.com/
Protocol
HTTP/1.1
Server
108.138.17.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-17-120.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
dc23bc46254c776c75d2cbac30b1a97a1d37fc832ee2a98b269d6ea0eb07d800

Request headers

accept-language
it-IT,it;q=0.9
Referer
http://shrew-soft-vpn-client.findmysoft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Wed, 10 May 2023 00:27:27 GMT
Via
1.1 f3d57c6f1e03e389abd50b7f7535cee4.cloudfront.net (CloudFront)
Last-Modified
Wed, 14 Mar 2012 09:31:23 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA56-P7
Age
3403
x-amz-meta-cb-modifiedtime
Sun, 18 Mar 2007 09:15:12 GMT
ETag
"6287c9b096cf43bb5790893bcc78fc3b"
X-Cache
Hit from cloudfront
Content-Type
application/x-javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
7896
X-Amz-Cf-Id
gtgklSBhIaS_qIVQbCBUsto9eJoIIT889uGK9LZsWXaGZmMFZPvdGg==
rating.js
img.findmysoft.com/js3/
3 KB
4 KB
Script
General
Full URL
http://img.findmysoft.com/js3/rating.js
Requested by
Host: shrew-soft-vpn-client.findmysoft.com
URL: http://shrew-soft-vpn-client.findmysoft.com/
Protocol
HTTP/1.1
Server
108.138.17.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-17-120.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b38ad8bc1e195c67915de1d2305c631d17982b6066d6cd8eeb392ef9861c5ee3

Request headers

accept-language
it-IT,it;q=0.9
Referer
http://shrew-soft-vpn-client.findmysoft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Tue, 09 May 2023 09:24:17 GMT
Via
1.1 099a327961f82798658bf21aa210d4a0.cloudfront.net (CloudFront)
Last-Modified
Wed, 14 Mar 2012 09:31:27 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA56-P7
Age
57593
x-amz-meta-cb-modifiedtime
Tue, 13 Sep 2011 07:40:32 GMT
ETag
"f21bd523822b9a9873f0f0f9d8885ae9"
X-Cache
Hit from cloudfront
Content-Type
application/x-javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3573
X-Amz-Cf-Id
eDql7-RC0RrF1R3LJarkew1CWKd3sHyh0EDVNjkJfhbZrmKXjDs82Q==
ga_social_tracking.js
img.findmysoft.com/js3/
5 KB
5 KB
Script
General
Full URL
http://img.findmysoft.com/js3/ga_social_tracking.js
Requested by
Host: shrew-soft-vpn-client.findmysoft.com
URL: http://shrew-soft-vpn-client.findmysoft.com/
Protocol
HTTP/1.1
Server
108.138.17.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-17-120.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
adb6de4817a59a7447597d3431bff2a7b48b0ead564b9a863536d8c1de2f7524

Request headers

accept-language
it-IT,it;q=0.9
Referer
http://shrew-soft-vpn-client.findmysoft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Tue, 09 May 2023 09:34:10 GMT
Via
1.1 62e7b24ca032b612bb93fa7f3437469c.cloudfront.net (CloudFront)
Last-Modified
Wed, 14 Mar 2012 09:06:28 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA56-P7
Age
56999
x-amz-meta-cb-modifiedtime
Wed, 14 Mar 2012 09:06:20 GMT
ETag
"19df44baedd49786df8a49aaa35280d5"
X-Cache
Hit from cloudfront
Content-Type
application/x-javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4816
X-Amz-Cf-Id
q9oAk-npOKbjvmyCoKhapZbHW85S1cbjwq4oIuVhNO5uVz5csmlVQA==
logo.png
img.findmysoft.com/i3/
9 KB
9 KB
Image
General
Full URL
http://img.findmysoft.com/i3/logo.png
Requested by
Host: shrew-soft-vpn-client.findmysoft.com
URL: http://shrew-soft-vpn-client.findmysoft.com/
Protocol
HTTP/1.1
Server
108.138.17.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-17-120.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
eee06e3f30375c3ed6a4b4f4056e5fcf2c048c6b089fb97018ad922bc668d125

Request headers

accept-language
it-IT,it;q=0.9
Referer
http://shrew-soft-vpn-client.findmysoft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Tue, 09 May 2023 08:20:42 GMT
Via
1.1 62e7b24ca032b612bb93fa7f3437469c.cloudfront.net (CloudFront)
Last-Modified
Tue, 13 Mar 2012 09:25:06 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA56-P7
Age
61408
x-amz-meta-cb-modifiedtime
Wed, 31 Aug 2011 09:24:56 GMT
ETag
"5359f397c2e27b8a60647288f4e37ee4"
X-Cache
Hit from cloudfront
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
9167
X-Amz-Cf-Id
jJr7XMDrFD4qgW5SQ1RSmHKbi4tpvY2W22fzcCDau1Gqasi3ABesPA==
blank.gif
img.findmysoft.com/i3/
49 B
569 B
Image
General
Full URL
http://img.findmysoft.com/i3/blank.gif
Requested by
Host: shrew-soft-vpn-client.findmysoft.com
URL: http://shrew-soft-vpn-client.findmysoft.com/
Protocol
HTTP/1.1
Server
108.138.17.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-17-120.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
02d2855c8a5417cd637df1e81f781e42ff2b12ad6dffb923a3822f16b5bfa82a

Request headers

accept-language
it-IT,it;q=0.9
Referer
http://shrew-soft-vpn-client.findmysoft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Tue, 09 May 2023 06:27:46 GMT
Via
1.1 62e7b24ca032b612bb93fa7f3437469c.cloudfront.net (CloudFront)
Last-Modified
Tue, 13 Mar 2012 09:24:17 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA56-P7
Age
68184
x-amz-meta-cb-modifiedtime
Wed, 31 Aug 2011 17:58:48 GMT
ETag
"76084e29cb2cf72b320e888edc583dfb"
X-Cache
Hit from cloudfront
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
49
X-Amz-Cf-Id
EvSjEypB-NBcgSFATqQ_K8lpmqdo-i5O1KjARSQ5leCoMgflKbCGHQ==
sprite_ico.png
img.findmysoft.com/i3/
11 KB
11 KB
Image
General
Full URL
http://img.findmysoft.com/i3/sprite_ico.png
Requested by
Host: shrew-soft-vpn-client.findmysoft.com
URL: http://shrew-soft-vpn-client.findmysoft.com/
Protocol
HTTP/1.1
Server
108.138.17.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-17-120.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9ff9843b07fc44904ccd9f097f84ef04b2002d9ecbb19ca93e5cdf1f5a73a98c

Request headers

accept-language
it-IT,it;q=0.9
Referer
http://shrew-soft-vpn-client.findmysoft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Tue, 09 May 2023 07:31:45 GMT
Via
1.1 62e7b24ca032b612bb93fa7f3437469c.cloudfront.net (CloudFront)
Last-Modified
Tue, 13 Mar 2012 09:25:24 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA56-P7
Age
64345
x-amz-meta-cb-modifiedtime
Tue, 04 Oct 2011 17:06:42 GMT
ETag
"5aa49e50f2aa18d23a558d2d0b2115f5"
X-Cache
Hit from cloudfront
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
10988
X-Amz-Cf-Id
fhOulr_d6rsstK_o8LyrUejLOrAurIW5Iu2_ER0Rwuog9Fqmb6Liag==
close-popover.png
shrew-soft-vpn-client.findmysoft.com/img/
1 KB
2 KB
Image
General
Full URL
http://shrew-soft-vpn-client.findmysoft.com/img/close-popover.png
Requested by
Host: shrew-soft-vpn-client.findmysoft.com
URL: http://shrew-soft-vpn-client.findmysoft.com/
Protocol
HTTP/1.1
Server
52.73.84.74 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-73-84-74.compute-1.amazonaws.com
Software
nginx / PleskLin
Resource Hash
397ffcfb5320ceb408d20901fd627c6e6714ba522e68f8d6c0d832f78a2d788e

Request headers

accept-language
it-IT,it;q=0.9
Referer
http://shrew-soft-vpn-client.findmysoft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Wed, 10 May 2023 01:24:10 GMT
Last-Modified
Tue, 29 Mar 2016 11:44:40 GMT
Server
nginx
ETag
"56fa6aa8-5a3"
X-Powered-By
PleskLin
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1443
dl_icon.gif
www.findmysoft.com/i3/
3 KB
3 KB
Image
General
Full URL
http://www.findmysoft.com/i3/dl_icon.gif
Requested by
Host: shrew-soft-vpn-client.findmysoft.com
URL: http://shrew-soft-vpn-client.findmysoft.com/
Protocol
HTTP/1.1
Server
52.73.84.74 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-73-84-74.compute-1.amazonaws.com
Software
nginx / PleskLin
Resource Hash
6ec7158cb35fe5114293b5986862bbc06c0230962c56d8de9e0d8c686945bf42

Request headers

accept-language
it-IT,it;q=0.9
Referer
http://shrew-soft-vpn-client.findmysoft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Wed, 10 May 2023 01:24:10 GMT
Last-Modified
Wed, 04 Nov 2015 06:55:48 GMT
Server
nginx
ETag
"5639abf4-b1a"
X-Powered-By
PleskLin
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2842
var.js
www.instui201.info/else/
312 B
532 B
Script
General
Full URL
http://www.instui201.info/else/var.js?0510013
Requested by
Host: shrew-soft-vpn-client.findmysoft.com
URL: http://shrew-soft-vpn-client.findmysoft.com/
Protocol
HTTP/1.1
Server
192.102.6.94 Kyiv, Ukraine, ASN57682 (HVDS-AS, UA),
Reverse DNS
s3.zevshost.net
Software
nginx/1.14.1 / PHP/7.3.4
Resource Hash
a66cbaa6396f8b7923fffa0939d3ed8502aa3563963bab760f2e029c9a4602bd

Request headers

accept-language
it-IT,it;q=0.9
Referer
http://shrew-soft-vpn-client.findmysoft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Wed, 10 May 2023 01:24:09 GMT
Server
nginx/1.14.1
Connection
keep-alive
X-Powered-By
PHP/7.3.4
Transfer-Encoding
chunked
Content-Type
application/javascript; charset=UTF-8
132055.jpg
img.findmysoft.com/ico/
1 KB
2 KB
Image
General
Full URL
http://img.findmysoft.com/ico/132055.jpg
Requested by
Host: shrew-soft-vpn-client.findmysoft.com
URL: http://shrew-soft-vpn-client.findmysoft.com/
Protocol
HTTP/1.1
Server
108.138.17.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-17-120.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
67023ba35a5cc7d36d6d953220fb5bb7a27d9ec6a3694d3896cc4408950e87b0

Request headers

accept-language
it-IT,it;q=0.9
Referer
http://shrew-soft-vpn-client.findmysoft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Tue, 09 May 2023 07:37:40 GMT
Via
1.1 62e7b24ca032b612bb93fa7f3437469c.cloudfront.net (CloudFront)
Last-Modified
Thu, 24 Jul 2014 05:17:14 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA56-P7
Age
63991
ETag
"6ca11776ebc2a048f6c586a28ae26de0"
X-Cache
Hit from cloudfront
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1438
X-Amz-Cf-Id
GKRExFkFTztiOn12vxHWqpr2BvMetvznIDPNH4f6lRcFDI5GJpcSvg==
132055.jpg
www.findmysoft.com/thumb/
15 KB
15 KB
Image
General
Full URL
http://www.findmysoft.com/thumb/132055.jpg
Requested by
Host: shrew-soft-vpn-client.findmysoft.com
URL: http://shrew-soft-vpn-client.findmysoft.com/
Protocol
HTTP/1.1
Server
52.73.84.74 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-73-84-74.compute-1.amazonaws.com
Software
nginx / PleskLin
Resource Hash
fd9b5046c749037a714eec9e37855a82330ebb0a0c9de4541504d2370e784464

Request headers

accept-language
it-IT,it;q=0.9
Referer
http://shrew-soft-vpn-client.findmysoft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Wed, 10 May 2023 01:24:10 GMT
Last-Modified
Thu, 17 Jul 2014 06:22:37 GMT
Server
nginx
ETag
"53c76bad-3b12"
X-Powered-By
PleskLin
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
15122
George-Norman_th.jpg
www.findmysoft.com/img/users/
1 KB
2 KB
Image
General
Full URL
http://www.findmysoft.com/img/users/George-Norman_th.jpg
Requested by
Host: shrew-soft-vpn-client.findmysoft.com
URL: http://shrew-soft-vpn-client.findmysoft.com/
Protocol
HTTP/1.1
Server
52.73.84.74 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-73-84-74.compute-1.amazonaws.com
Software
nginx / PleskLin
Resource Hash
a3fd37958dfdb099bac3039069910b97314c0f92024ae1e99c8b97398cbf9cba

Request headers

accept-language
it-IT,it;q=0.9
Referer
http://shrew-soft-vpn-client.findmysoft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Wed, 10 May 2023 01:24:10 GMT
Last-Modified
Fri, 24 Feb 2012 12:27:58 GMT
Server
nginx
ETag
"4f47824e-5f7"
X-Powered-By
PleskLin
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1527
review2_5_Shrew%20Soft%20VPN%20Client_award.png
www.findmysoft.com/
3 KB
3 KB
Image
General
Full URL
http://www.findmysoft.com/review2_5_Shrew%20Soft%20VPN%20Client_award.png
Requested by
Host: shrew-soft-vpn-client.findmysoft.com
URL: http://shrew-soft-vpn-client.findmysoft.com/
Protocol
HTTP/1.1
Server
52.73.84.74 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-73-84-74.compute-1.amazonaws.com
Software
nginx / PHP/5.4.16, PleskLin
Resource Hash
e120d4108d783848da7af350edbc4ffc61ec1ce90c3c28024591b908914b3006

Request headers

accept-language
it-IT,it;q=0.9
Referer
http://shrew-soft-vpn-client.findmysoft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Wed, 10 May 2023 01:24:10 GMT
Server
nginx
Connection
keep-alive
X-Powered-By
PHP/5.4.16, PleskLin
Transfer-Encoding
chunked
Content-Type
image/png
blank.jpg
www.findmysoft.com/dl/
695 B
1 KB
Image
General
Full URL
http://www.findmysoft.com/dl/blank.jpg?1036
Requested by
Host: shrew-soft-vpn-client.findmysoft.com
URL: http://shrew-soft-vpn-client.findmysoft.com/
Protocol
HTTP/1.1
Server
52.73.84.74 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-73-84-74.compute-1.amazonaws.com
Software
nginx / PHP/5.4.16, PleskLin
Resource Hash
ad853a72ac4fa4a7ea4700fb824906dbba6fd62e4f61e92449a5cba3f60ff1dc

Request headers

accept-language
it-IT,it;q=0.9
Referer
http://shrew-soft-vpn-client.findmysoft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 10 May 2023 01:24:10 GMT
Server
nginx
X-Powered-By
PHP/5.4.16, PleskLin
Transfer-Encoding
chunked
Content-Type
image/jpeg
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
keep-alive
Expires
Thu, 19 Nov 1981 08:52:00 GMT
tav_v1_300x250.png
static.totalav.com/img/global/_totalav/marketing/
16 KB
17 KB
Image
General
Full URL
http://static.totalav.com/img/global/_totalav/marketing/tav_v1_300x250.png
Requested by
Host: shrew-soft-vpn-client.findmysoft.com
URL: http://shrew-soft-vpn-client.findmysoft.com/
Protocol
HTTP/1.1
Server
35.186.251.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.251.186.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
1c49c354c6e38714224c046944d887bf2a0be88a6460588f10e9941fcef7c821

Request headers

accept-language
it-IT,it;q=0.9
Referer
http://shrew-soft-vpn-client.findmysoft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Thu, 20 Apr 2023 08:58:07 GMT
Age
1700763
X-GUploader-UploadID
ADPycdtzS2rSGaLn-jUvkNpRczNwdv6k2LjLzvOCjpfoUhdgM3MFebIuaw5YOZC8PM5HHXrW9b4N0Ckdle9Ot82eZfU2yHxVJHiW
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
8
x-goog-stored-content-encoding
identity
Content-Length
16655
Last-Modified
Tue, 13 Aug 2019 08:16:01 GMT
Server
UploadServer
ETag
"0004540c3afb7e74c3cc42fa8ea8124b"
x-goog-generation
1565684161521441
x-goog-hash
crc32c=YHgM4w==, md5=AARUDDr7fnTDzEL6jqgSSw==
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Type
Cache-Control
public,max-age=31536000
x-goog-stored-content-length
16655
Accept-Ranges
bytes
Content-Type
image/png
Expires
Fri, 19 Apr 2024 08:58:07 GMT
all.js
connect.facebook.net/en_US/
Redirect Chain
  • http://connect.facebook.net/en_US/all.js
  • https://connect.facebook.net/en_US/all.js
3 KB
2 KB
Script
General
Full URL
https://connect.facebook.net/en_US/all.js
Requested by
Host: shrew-soft-vpn-client.findmysoft.com
URL: http://shrew-soft-vpn-client.findmysoft.com/
Protocol
H2
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
7f3ab6073398ef58bdaff91dbead25aee78ec3b3846f91322d96c7d91e4405c9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
it-IT,it;q=0.9
Referer
http://shrew-soft-vpn-client.findmysoft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 10 May 2023 01:24:09 GMT
content-md5
ZRXhkNjtKE6rVIr4/1fK/g==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1686
x-fb-rlafr
0
x-fb-debug
xln8NAgG25iHiq9i6F5Fghy/PRcJGatdHD0Mceijqoq8aEQKotkJELu2NNEriNl0REg3o+m0fuyy2H+NP2tzEQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-trip-id
1679558926
x-fb-content-md5
419270d8b1e4b1c79329970bced10f25
cross-origin-opener-policy
same-origin-allow-popups
etag
"e731ba60c3dce480374a3272bdad4b8c"
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
permissions-policy
accelerometer=()
x-frame-options
DENY
timing-allow-origin
*
expires
Wed, 10 May 2023 01:42:54 GMT

Redirect headers

Location
https://connect.facebook.net/en_US/all.js#xfbml=1
Non-Authoritative-Reason
HSTS
Cross-Origin-Resource-Policy
Cross-Origin
ga.js
www.google-analytics.com/
Redirect Chain
  • http://www.google-analytics.com/ga.js
  • https://www.google-analytics.com/ga.js
45 KB
17 KB
Script
General
Full URL
https://www.google-analytics.com/ga.js
Requested by
Host: shrew-soft-vpn-client.findmysoft.com
URL: http://shrew-soft-vpn-client.findmysoft.com/
Protocol
H2
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
it-IT,it;q=0.9
Referer
http://shrew-soft-vpn-client.findmysoft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 10 May 2023 00:07:32 GMT
last-modified
Mon, 17 Apr 2023 22:36:01 GMT
server
Golfe2
age
4598
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17168
expires
Wed, 10 May 2023 02:07:32 GMT

Redirect headers

Location
https://www.google-analytics.com/ga.js
Non-Authoritative-Reason
HSTS
Cross-Origin-Resource-Policy
Cross-Origin
gtm.js
www.googletagmanager.com/
Redirect Chain
  • http://www.googletagmanager.com/gtm.js?id=GTM-MJ4SPG
  • https://www.googletagmanager.com/gtm.js?id=GTM-MJ4SPG
113 KB
44 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MJ4SPG
Requested by
Host: shrew-soft-vpn-client.findmysoft.com
URL: http://shrew-soft-vpn-client.findmysoft.com/
Protocol
H2
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
25d7d6a654ddd9817448bd2382c131af3f227c21f7a6f41a2a0077078f1e69a6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
http://shrew-soft-vpn-client.findmysoft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 10 May 2023 01:24:10 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
45108
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 10 May 2023 01:24:10 GMT

Redirect headers

Location
https://www.googletagmanager.com/gtm.js?id=GTM-MJ4SPG
Date
Wed, 10 May 2023 01:24:10 GMT
Cross-Origin-Resource-Policy
cross-origin
Server
Google Tag Manager
Content-Length
250
X-XSS-Protection
0
Content-Type
text/html; charset=UTF-8
ok9.js
odnaknopka.ru/
Redirect Chain
  • http://odnaknopka.ru/ok9.js
  • https://odnaknopka.ru/ok9.js
143 B
411 B
Script
General
Full URL
https://odnaknopka.ru/ok9.js
Requested by
Host: shrew-soft-vpn-client.findmysoft.com
URL: http://shrew-soft-vpn-client.findmysoft.com/
Protocol
HTTP/1.1
Server
142.132.202.70 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.70.202.132.142.clients.your-server.de
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
f70c6e0720a4769e224d4ceb25d9908ae0f9da93dac347971cac311be73b1022

Request headers

accept-language
it-IT,it;q=0.9
Referer
http://shrew-soft-vpn-client.findmysoft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 10 May 2023 01:24:10 GMT
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
ETag
1ff4a2780edd4cb7733f0fc915522f49
Transfer-Encoding
chunked
Content-Type
text/javascript; charset=UTF-8

Redirect headers

Location
https://odnaknopka.ru/ok9.js
Date
Wed, 10 May 2023 01:24:10 GMT
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Content-Length
178
Content-Type
text/html
plusone.js
apis.google.com/js/
54 KB
21 KB
Script
General
Full URL
https://apis.google.com/js/plusone.js
Requested by
Host: shrew-soft-vpn-client.findmysoft.com
URL: http://shrew-soft-vpn-client.findmysoft.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
16321fe9e22fee2b05269ef1368905571029ba684273ca21057b0ca173966782
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
http://shrew-soft-vpn-client.findmysoft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-security-policy
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 10 May 2023 01:24:10 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21025
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="gapi-team"
etag
"8998d12a26a3b32e"
vary
Accept-Encoding
report-to
{"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 10 May 2023 01:24:10 GMT
all.js
connect.facebook.net/en_US/
308 KB
86 KB
Script
General
Full URL
https://connect.facebook.net/en_US/all.js?hash=8fabe2e43e9e993b770425905a2a5b8e
Requested by
Host: connect.facebook.net
URL: http://connect.facebook.net/en_US/all.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
d6fb29bff62f470ba82e4ed36acb0743bbc4ed9fe19f80667e2c99dadaaf6b10
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
http://shrew-soft-vpn-client.findmysoft.com/
Origin
http://shrew-soft-vpn-client.findmysoft.com
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 10 May 2023 01:24:10 GMT
content-md5
UvOQ+OGbX+UGftuRbtzu6w==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
88513
x-fb-rlafr
0
x-fb-debug
jgNCAij5YIZ58DN2aMHIILet7TgenFEbvv9m89tlCMSCJdJ9zCqk0PpMJNteTFItlk8U/0yKdBv0NUh+gSPBAQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-content-md5
1830c116671f31faf5a33b7868447e5f
cross-origin-opener-policy
same-origin-allow-popups
etag
"6ceac0ae217d9baf7bbb945a294ac1fc"
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy
accelerometer=()
x-frame-options
DENY
timing-allow-origin
*
priority
u=3,i
expires
Thu, 09 May 2024 00:02:52 GMT
/
d1xxdi1bvp4gvz.cloudfront.net/ Frame 3A9D
524 B
876 B
Document
General
Full URL
http://d1xxdi1bvp4gvz.cloudfront.net/?key=89d0769a0a84fffa39d6f6a41a6ba0c6&ch=
Requested by
Host: shrew-soft-vpn-client.findmysoft.com
URL: http://shrew-soft-vpn-client.findmysoft.com/
Protocol
HTTP/1.1
Server
2600:9000:21f3:be00:1d:1ec:dfc0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
awselb/2.0 /
Resource Hash
311531734a617089da26f33a00b04c59f7f43ec730022c19fb7dbb1c0c86e551

Request headers

Referer
http://shrew-soft-vpn-client.findmysoft.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
it-IT,it;q=0.9

Response headers

Connection
keep-alive
Content-Length
524
Content-Type
text/html
Date
Wed, 10 May 2023 01:24:10 GMT
Server
awselb/2.0
Via
1.1 04ce5a607a98db6d08257633417b84d6.cloudfront.net (CloudFront)
X-Amz-Cf-Id
rTMLS8m1Lcu8637OhJLGBD0wbfDhcOLClPEA8FdNmg0yrZ7PCNBGnw==
X-Amz-Cf-Pop
FRA2-C2
X-Cache
Error from cloudfront
verticalbg.gif
www.findmysoft.com/i3/
7 KB
7 KB
Image
General
Full URL
http://www.findmysoft.com/i3/verticalbg.gif
Requested by
Host: www.findmysoft.com
URL: http://www.findmysoft.com/s4.css
Protocol
HTTP/1.1
Server
52.73.84.74 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-73-84-74.compute-1.amazonaws.com
Software
nginx / PleskLin
Resource Hash
0def7d427fa544c082d6b9c5c79a5e1a2a26727caf801defd7eb7254834fc9cc

Request headers

accept-language
it-IT,it;q=0.9
Referer
http://www.findmysoft.com/s4.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Wed, 10 May 2023 01:24:10 GMT
Last-Modified
Tue, 06 Sep 2011 12:39:58 GMT
Server
nginx
ETag
"4e66149e-1a66"
X-Powered-By
PleskLin
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6758
header.jpg
www.findmysoft.com/i3/
16 KB
16 KB
Image
General
Full URL
http://www.findmysoft.com/i3/header.jpg
Requested by
Host: www.findmysoft.com
URL: http://www.findmysoft.com/s4.css
Protocol
HTTP/1.1
Server
52.73.84.74 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-73-84-74.compute-1.amazonaws.com
Software
nginx / PleskLin
Resource Hash
eb0ff6310984300d30b043dc4ef505d20da8934ce32684598b8920a0867474e9

Request headers

accept-language
it-IT,it;q=0.9
Referer
http://www.findmysoft.com/s4.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Wed, 10 May 2023 01:24:10 GMT
Last-Modified
Tue, 06 Sep 2011 13:39:02 GMT
Server
nginx
ETag
"4e662276-3f18"
X-Powered-By
PleskLin
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
16152
sprite.png
www.findmysoft.com/i3/
15 KB
16 KB
Image
General
Full URL
http://www.findmysoft.com/i3/sprite.png
Requested by
Host: www.findmysoft.com
URL: http://www.findmysoft.com/s4.css
Protocol
HTTP/1.1
Server
52.73.84.74 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-73-84-74.compute-1.amazonaws.com
Software
nginx / PleskLin
Resource Hash
03d146cdaa4328bef3e99ab7f36508e2ac2c2b14152a690d1bf40fb7f9d44f69

Request headers

accept-language
it-IT,it;q=0.9
Referer
http://www.findmysoft.com/s4.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Wed, 10 May 2023 01:24:10 GMT
Last-Modified
Thu, 15 Sep 2011 08:40:18 GMT
Server
nginx
ETag
"4e71b9f2-3d04"
X-Powered-By
PleskLin
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
15620
dl.gif
www.findmysoft.com/i3/
7 KB
8 KB
Image
General
Full URL
http://www.findmysoft.com/i3/dl.gif
Requested by
Host: www.findmysoft.com
URL: http://www.findmysoft.com/s4.css
Protocol
HTTP/1.1
Server
52.73.84.74 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-73-84-74.compute-1.amazonaws.com
Software
nginx / PleskLin
Resource Hash
ecb723f9aca798139d451e08a9e0becea360c87848b9089dc31f856cda367c1b

Request headers

accept-language
it-IT,it;q=0.9
Referer
http://www.findmysoft.com/s4.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Wed, 10 May 2023 01:24:10 GMT
Last-Modified
Wed, 04 Nov 2015 06:51:21 GMT
Server
nginx
ETag
"5639aae9-1d51"
X-Powered-By
PleskLin
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
7505
sprite_ico.png
www.findmysoft.com/i3/
11 KB
11 KB
Image
General
Full URL
http://www.findmysoft.com/i3/sprite_ico.png
Requested by
Host: www.findmysoft.com
URL: http://www.findmysoft.com/s4.css
Protocol
HTTP/1.1
Server
52.73.84.74 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-73-84-74.compute-1.amazonaws.com
Software
nginx / PleskLin
Resource Hash
9ff9843b07fc44904ccd9f097f84ef04b2002d9ecbb19ca93e5cdf1f5a73a98c

Request headers

accept-language
it-IT,it;q=0.9
Referer
http://www.findmysoft.com/s4.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Wed, 10 May 2023 01:24:10 GMT
Last-Modified
Tue, 04 Oct 2011 16:06:42 GMT
Server
nginx
ETag
"4e8b2f12-2aec"
X-Powered-By
PleskLin
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
10988
ga-audiences
www.google.it/ads/
Redirect Chain
  • http://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1943940509&utmhn=shrew-soft-vpn-client.findmysoft.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=...
  • https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1943940509&utmhn=shrew-soft-vpn-client.findmysoft.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-193652-7&cid=58582700.1683681850&jid=721670501&_v=5.7.2&z=1943940509
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-193652-7&cid=58582700.1683681850&jid=721670501&_v=5.7.2&z=1943940509
  • https://www.google.it/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-193652-7&cid=58582700.1683681850&jid=721670501&_v=5.7.2&z=1943940509&slf_rd=1&random=2015892737
42 B
408 B
Image
General
Full URL
https://www.google.it/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-193652-7&cid=58582700.1683681850&jid=721670501&_v=5.7.2&z=1943940509&slf_rd=1&random=2015892737
Requested by
Host: shrew-soft-vpn-client.findmysoft.com
URL: http://shrew-soft-vpn-client.findmysoft.com/
Protocol
H2
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
http://shrew-soft-vpn-client.findmysoft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 May 2023 01:24:10 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 10 May 2023 01:24:10 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://www.google.it/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-193652-7&cid=58582700.1683681850&jid=721670501&_v=5.7.2&z=1943940509&slf_rd=1&random=2015892737
content-type
text/html; charset=UTF-8
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cb=gapi.loaded_0
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.it.p4hLA3PtgtI.O/m=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9uGPed9WTSFQetSevIKPkLCGGyEQ/
151 KB
52 KB
Script
General
Full URL
https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.it.p4hLA3PtgtI.O/m=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9uGPed9WTSFQetSevIKPkLCGGyEQ/cb=gapi.loaded_0?le=scs
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/plusone.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
315aeff2441467b44be1afda5d621beda31bc0b345e174a2e4b1f3c6920b6164
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
http://shrew-soft-vpn-client.findmysoft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sat, 06 May 2023 02:35:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
341327
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53298
x-xss-protection
0
last-modified
Sat, 01 Apr 2023 15:23:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="social-frontend-mpm-access"
vary
Accept-Encoding
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 05 May 2024 02:35:23 GMT
cb=gapi.loaded_1
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.it.p4hLA3PtgtI.O/m=auth/exm=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9uGPed9WTSFQetSevIKPkLCGGyEQ/
102 KB
35 KB
Script
General
Full URL
https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.it.p4hLA3PtgtI.O/m=auth/exm=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9uGPed9WTSFQetSevIKPkLCGGyEQ/cb=gapi.loaded_1?le=scs
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/plusone.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d7fc920686d3336379d7b0ea7276a01789533e71e3d36d27d14de9b93dbabd92
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
http://shrew-soft-vpn-client.findmysoft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sat, 06 May 2023 15:43:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
294011
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36094
x-xss-protection
0
last-modified
Sat, 01 Apr 2023 15:23:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="social-frontend-mpm-access"
vary
Accept-Encoding
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 05 May 2024 15:43:59 GMT
/
developers.google.com/ Frame 90AE
Redirect Chain
  • https://apis.google.com/u/0/se/0/_/+1/fastbutton?usegapi=1&size=medium&origin=http%3A%2F%2Fshrew-soft-vpn-client.findmysoft.com&url=http%3A%2F%2Fshrew-soft-vpn-client.findmysoft.com%2F&gsrc=3p&ic=1...
  • http://developers.google.com/
  • https://developers.google.com/
  • https://developers.google.com/?hl=it
0
0
Document
General
Full URL
https://developers.google.com/?hl=it
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/plusone.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
Security Headers
Name Value
Content-Security-Policy base-uri 'self'; object-src 'none'; script-src 'strict-dynamic' 'unsafe-inline' https: http: 'nonce-vxHUrbsFjWeUiYxXHk+LKyr5HDrQh2' 'unsafe-eval'; report-uri https://csp.withgoogle.com/csp/devsite/v2
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
http://shrew-soft-vpn-client.findmysoft.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
it-IT,it;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
gzip
content-length
30785
content-security-policy
base-uri 'self'; object-src 'none'; script-src 'strict-dynamic' 'unsafe-inline' https: http: 'nonce-vxHUrbsFjWeUiYxXHk+LKyr5HDrQh2' 'unsafe-eval'; report-uri https://csp.withgoogle.com/csp/devsite/v2
content-type
text/html; charset=utf-8
date
Wed, 10 May 2023 01:24:11 GMT
expires
0
last-modified
Mon, 08 May 2023 21:55:05 GMT
pragma
no-cache
server
Google Frontend
strict-transport-security
max-age=63072000; includeSubdomains; preload
vary
Accept-Encoding
x-cloud-trace-context
727c976fbbf3c31e7cd8dcd5295d4d71
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
gzip
content-length
163
content-security-policy
base-uri 'self'; object-src 'none'; script-src 'strict-dynamic' 'unsafe-inline' https: http: 'nonce-GW+23+LbD5vV9Z28b8B/H2wgwVbNik' 'unsafe-eval'; report-uri https://csp.withgoogle.com/csp/devsite/v2
content-type
text/html; charset=utf-8
date
Wed, 10 May 2023 01:24:11 GMT
expires
0
location
/?hl=it
pragma
no-cache
server
Google Frontend
strict-transport-security
max-age=63072000; includeSubdomains; preload
vary
Accept-Encoding
x-cloud-trace-context
86fa67e348616c5529fa6f46b54f35e0
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
hotjar-89549.js
static.hotjar.com/c/
Redirect Chain
  • http://static.hotjar.com/c/hotjar-89549.js?sv=5
  • https://static.hotjar.com/c/hotjar-89549.js?sv=5
0
431 B
Script
General
Full URL
https://static.hotjar.com/c/hotjar-89549.js?sv=5
Requested by
Host: shrew-soft-vpn-client.findmysoft.com
URL: http://shrew-soft-vpn-client.findmysoft.com/
Protocol
H2
Server
18.66.97.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-53.fra56.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
it-IT,it;q=0.9
Referer
http://shrew-soft-vpn-client.findmysoft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security
max-age=2592000; includeSubDomains
date
Wed, 10 May 2023 01:24:10 GMT
x-content-type-options
nosniff
via
1.1 e44e0b24e706487eaec6b9e01f2166dc.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
etag
W/d41d8cd98f00b204e9800998ecf8427e
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-cache-hit
1
cache-control
max-age=60
cross-origin-resource-policy
cross-origin
content-length
0
x-amz-cf-id
JcLp3GjNCP_cEkFtXWaAGmVoIX1RsGp723bQXyHxTZJUppzdBt7fPg==

Redirect headers

Date
Wed, 10 May 2023 01:24:10 GMT
Via
1.1 3a3c1dcacd115187f53f40028ae4bd24.cloudfront.net (CloudFront)
Server
CloudFront
X-Amz-Cf-Pop
FRA56-P2
X-Cache
Redirect from cloudfront
Content-Type
text/html
Location
https://static.hotjar.com/c/hotjar-89549.js?sv=5
Connection
keep-alive
Content-Length
167
X-Amz-Cf-Id
m8JWGt9Unf_ASJJ54Uh1cc7M2m2WtRZ6zGXaZWoI3_K-1PwhhdZRUQ==
/
load.sumome.com/
2 KB
2 KB
Script
General
Full URL
http://load.sumome.com/
Requested by
Host: www.googletagmanager.com
URL: http://www.googletagmanager.com/gtm.js?id=GTM-MJ4SPG
Protocol
HTTP/1.1
Server
2400:52e0:1e00::713:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-713 /
Resource Hash
75cde5cd327239276b3bafb85d50f38fbd3b77bd15984deb9f6c02dd01b8ff86

Request headers

accept-language
it-IT,it;q=0.9
Referer
http://shrew-soft-vpn-client.findmysoft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Wed, 10 May 2023 01:24:10 GMT
Content-Encoding
gzip
CDN-EdgeStorageId
1049
x-amz-request-id
TRQXBGQAQP7625JS
Transfer-Encoding
chunked
CDN-CachedAt
04/11/2023 19:14:57
CDN-PullZone
53731
Connection
keep-alive
x-amz-id-2
ixec4wyBUOFDAOzxzpg+zidhfAZwzGeaURWqKUThqbmEWyEv4Uknygl8EIf/drGIfcrAWUM2Frk=
Last-Modified
Wed, 05 Oct 2022 16:50:13 GMT
Server
BunnyCDN-DE1-713
CDN-ProxyVer
1.03
CDN-RequestPullCode
200
ETag
W/"415c9608bc47ee8a16b3a2f2c0aee7b0"
Vary
Accept-Encoding
Content-Type
text/javascript
Access-Control-Allow-Origin
*
CDN-Cache
HIT
CDN-Uid
a61f2e95-f685-45ef-9e80-35f4adfb29cb
Access-Control-Expose-Headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
Cache-Control
max-age=600
CDN-RequestId
3f5217daa0cb56ef21d3a19a18e0b298
CDN-RequestCountryCode
IT
Access-Control-Allow-Headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
CDN-Status
200
CDN-RequestPullSuccess
True
stat.js
odnaknopka.ru/
Redirect Chain
  • http://odnaknopka.ru/stat.js
  • https://odnaknopka.ru/stat.js
775 B
996 B
Script
General
Full URL
https://odnaknopka.ru/stat.js
Requested by
Host: shrew-soft-vpn-client.findmysoft.com
URL: http://shrew-soft-vpn-client.findmysoft.com/
Protocol
HTTP/1.1
Server
142.132.202.70 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.70.202.132.142.clients.your-server.de
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
a772d84f817667230b1db41b5611757807db174d803801c5faec80fe0827b968

Request headers

accept-language
it-IT,it;q=0.9
Referer
http://shrew-soft-vpn-client.findmysoft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 10 May 2023 01:24:10 GMT
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
application/javascript

Redirect headers

Location
https://odnaknopka.ru/stat.js
Date
Wed, 10 May 2023 01:24:10 GMT
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Content-Length
178
Content-Type
text/html
postmessageRelay
accounts.google.com/o/oauth2/ Frame BABB
566 B
810 B
Document
General
Full URL
https://accounts.google.com/o/oauth2/postmessageRelay?parent=http%3A%2F%2Fshrew-soft-vpn-client.findmysoft.com&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.it.p4hLA3PtgtI.O%2Fd%3D1%2Frs%3DAHpOoo9uGPed9WTSFQetSevIKPkLCGGyEQ%2Fm%3D__features__
Requested by
Host: apis.google.com
URL: https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.it.p4hLA3PtgtI.O/m=auth/exm=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9uGPed9WTSFQetSevIKPkLCGGyEQ/cb=gapi.loaded_1?le=scs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d41b46e11a4df9636c6bd6f09783b454c8275581039fd80a137d33f6d8a29dbf
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-YsPHkpoyGL_08RlbZigrfA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport require-trusted-types-for 'script';report-uri /o/cspreport
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://shrew-soft-vpn-client.findmysoft.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
it-IT,it;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-YsPHkpoyGL_08RlbZigrfA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport require-trusted-types-for 'script';report-uri /o/cspreport
content-type
text/html; charset=utf-8
date
Wed, 10 May 2023 01:24:10 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
ESF
x-content-type-options
nosniff
x-xss-protection
0
72.0a035390359aab65eb82.js
load.sumo.com/
131 KB
44 KB
Script
General
Full URL
https://load.sumo.com/72.0a035390359aab65eb82.js
Requested by
Host: load.sumome.com
URL: http://load.sumome.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::713:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-713 /
Resource Hash
73c748a03b271d7a4d7c1ed120f668653c1d7ed4632748920048ddcde2e6d759

Request headers

accept-language
it-IT,it;q=0.9
Referer
http://shrew-soft-vpn-client.findmysoft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 10 May 2023 01:24:10 GMT
content-encoding
br
cdn-edgestorageid
1082
x-amz-request-id
DWH3EZTXQGETBFDB
cdn-cachedat
01/05/2023 13:19:16
cdn-pullzone
53731
x-amz-id-2
Rw1xVINT2j50j9I6kG8DKvMCsaenbxK7VMBQ0tvyDvTYd5p/peDoVzbf2snyDrK0p3sjxYcqUro=
last-modified
Wed, 05 Oct 2022 16:49:50 GMT
server
BunnyCDN-DE1-713
cdn-proxyver
1.03
cdn-requestpullcode
200
etag
W/"a1c4ecc2ca5bc12d61068cd427f9729f"
vary
Accept-Encoding, Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
a61f2e95-f685-45ef-9e80-35f4adfb29cb
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
max-age=31536000
cdn-requestid
c25b60e99c895d2a6a9828f40e1cd401
cdn-requestcountrycode
IT
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
73.0a035390359aab65eb82.js
load.sumo.com/
289 KB
100 KB
Script
General
Full URL
https://load.sumo.com/73.0a035390359aab65eb82.js
Requested by
Host: load.sumome.com
URL: http://load.sumome.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::713:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-713 /
Resource Hash
f452c0a329f17acfb74497d9ddef4a0d5af4166d43da2a3824387fc71205cd4f

Request headers

accept-language
it-IT,it;q=0.9
Referer
http://shrew-soft-vpn-client.findmysoft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 10 May 2023 01:24:10 GMT
content-encoding
br
cdn-edgestorageid
1081
x-amz-request-id
DWH88T81ZZEBPF44
cdn-cachedat
01/05/2023 13:19:16
cdn-pullzone
53731
x-amz-id-2
jOqTwrO7CKADB6A99P2KE8erCfBGDinliCUfMCHx9ofCH5Hyp/WWaFB+LMZTpDm3rXJNnXg+404=
last-modified
Wed, 05 Oct 2022 16:49:51 GMT
server
BunnyCDN-DE1-713
cdn-proxyver
1.03
cdn-requestpullcode
200
etag
W/"ad6f2454f01de902ffd473d51c1207bf"
vary
Accept-Encoding, Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
a61f2e95-f685-45ef-9e80-35f4adfb29cb
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
max-age=31536000
cdn-requestid
119c0dcf4304f5616726cab9d594a704
cdn-requestcountrycode
IT
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
ed743a9994b0a6e69939f0b5b4447eda.js
filamentapp.s3.amazonaws.com/
0
0
Script
General
Full URL
http://filamentapp.s3.amazonaws.com/ed743a9994b0a6e69939f0b5b4447eda.js
Requested by
Host: www.googletagmanager.com
URL: http://www.googletagmanager.com/gtm.js?id=GTM-MJ4SPG
Protocol
HTTP/1.1
Server
52.216.33.89 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
/
Resource Hash

Request headers

accept-language
it-IT,it;q=0.9
Referer
http://shrew-soft-vpn-client.findmysoft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

/
hlmiq.com/vu/it/ Frame 9EB3
Redirect Chain
  • https://adserver-mb.com/stat
  • https://hlmiq.com/vu/it/
188 B
380 B
Document
General
Full URL
https://hlmiq.com/vu/it/
Requested by
Host: odnaknopka.ru
URL: http://odnaknopka.ru/stat.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
142.132.202.70 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.70.202.132.142.clients.your-server.de
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
f54b7353db73262d193f0cec9d355905cb487e22bf7b180793e7a8b683067276

Request headers

Referer
http://shrew-soft-vpn-client.findmysoft.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
it-IT,it;q=0.9

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Wed, 10 May 2023 01:24:11 GMT
Server
nginx/1.18.0 (Ubuntu)
Transfer-Encoding
chunked

Redirect headers

Access-Control-Allow-Origin
*
Connection
close
Content-Type
text/html; charset=UTF-8
Date
Wed, 10 May 2023 01:24:10 GMT
Location
https://hlmiq.com/vu/it/
Server
nginx/1.12.2
Transfer-Encoding
chunked
/
login.aliexpress.com/ Frame 1029
Redirect Chain
  • https://powered-by-revidy.com/a
  • https://s.click.aliexpress.com/e/_DEQI9az?af=a;8469&cn=milano&cv=482179&dp=192.145.127.217
  • https://login.aliexpress.com/?af=a&8469&cn=milano&cv=482179&dp=192.145.127.217&aff_fcid=a7cfe817f0b644d3a2fabcdc99f75a09-1683681851328-03377-_DEQI9az&tt=CPS_NORMAL&aff_fsk=_DEQI9az&aff_platform=por...
31 KB
13 KB
Document
General
Full URL
https://login.aliexpress.com/?af=a&8469&cn=milano&cv=482179&dp=192.145.127.217&aff_fcid=a7cfe817f0b644d3a2fabcdc99f75a09-1683681851328-03377-_DEQI9az&tt=CPS_NORMAL&aff_fsk=_DEQI9az&aff_platform=portals-tool&sk=_DEQI9az&aff_trace_key=a7cfe817f0b644d3a2fabcdc99f75a09-1683681851328-03377-_DEQI9az&terminal_id=1c58bfd2c6134e8bb4348f30a995d8b4
Requested by
Host: odnaknopka.ru
URL: http://odnaknopka.ru/stat.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.102.42.226 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-102-42-226.deploy.static.akamaitechnologies.com
Software
Apache-Coyote/1.1 /
Resource Hash
3c1f002ddf26d65dbbbdf486b2eba83aef3b7ef2ee046f48b7684e681d51dc87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
http://shrew-soft-vpn-client.findmysoft.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
it-IT,it;q=0.9

Response headers

content-encoding
gzip
content-language
en-US
content-length
11433
content-type
text/html;charset=UTF-8
date
Wed, 10 May 2023 01:24:11 GMT
eagleeye-traceid
21038eda16836818515622096e584a
hvn_host
536633615936324a48737a6a53587557796964666653464d4d5652517a78726a526171454152493d 536633615936324a48737a6a53587557796964666653464d4d5652577759372f2f7278704c70303d
p3p
CP="CAO PSA OUR"
server
Apache-Coyote/1.1
server-timing
ak_p; desc="467689_34664582_24062761_4279_671_34_0";dur=1
strict-transport-security
max-age=31536000
timing-allow-origin
*
vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-methods
GET, POST, OPTION
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-language
en-US
content-length
0
date
Wed, 10 May 2023 01:24:11 GMT
eagleeye-traceid
211b88ef16836818513464628e1d4b
expires
0
location
https://login.aliexpress.com/?af=a&8469&cn=milano&cv=482179&dp=192.145.127.217&aff_fcid=a7cfe817f0b644d3a2fabcdc99f75a09-1683681851328-03377-_DEQI9az&tt=CPS_NORMAL&aff_fsk=_DEQI9az&aff_platform=portals-tool&sk=_DEQI9az&aff_trace_key=a7cfe817f0b644d3a2fabcdc99f75a09-1683681851328-03377-_DEQI9az&terminal_id=1c58bfd2c6134e8bb4348f30a995d8b4
p3p
CP="CAO PSA OUR"
pragma
no-cache
server
Tengine
server-timing
ak_p; desc="467689_34664582_24062520_1502_616_34_0";dur=1
strict-transport-security
max-age=31536000 ; includeSubDomains max-age=31536000
timing-allow-origin
*
x-application-context
global-traffic-holmes-f:7001
x-content-type-options
nosniff
x-frame-options
DENY
x-xss-protection
1; mode=block
cspreport
accounts.google.com/o/ Frame BABB
0
250 B
Other
General
Full URL
https://accounts.google.com/o/cspreport
Requested by
Host: shrew-soft-vpn-client.findmysoft.com
URL: http://shrew-soft-vpn-client.findmysoft.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-bQyigJJhKQaWvjYDYj__YA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport, require-trusted-types-for 'script';report-uri /o/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://accounts.google.com/o/oauth2/postmessageRelay?parent=http%3A%2F%2Fshrew-soft-vpn-client.findmysoft.com&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.it.p4hLA3PtgtI.O%2Fd%3D1%2Frs%3DAHpOoo9uGPed9WTSFQetSevIKPkLCGGyEQ%2Fm%3D__features__
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
application/csp-report

Response headers

pragma
no-cache
date
Wed, 10 May 2023 01:24:10 GMT
content-security-policy
script-src 'report-sample' 'nonce-bQyigJJhKQaWvjYDYj__YA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport, require-trusted-types-for 'script';report-uri /o/cspreport
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Mon, 01 Jan 1990 00:00:00 GMT
3698212825-postmessagerelay.js
ssl.gstatic.com/accounts/o/ Frame BABB
12 KB
6 KB
Script
General
Full URL
https://ssl.gstatic.com/accounts/o/3698212825-postmessagerelay.js
Requested by
Host: accounts.google.com
URL: https://accounts.google.com/o/oauth2/postmessageRelay?parent=http%3A%2F%2Fshrew-soft-vpn-client.findmysoft.com&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.it.p4hLA3PtgtI.O%2Fd%3D1%2Frs%3DAHpOoo9uGPed9WTSFQetSevIKPkLCGGyEQ%2Fm%3D__features__
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
37acf5f6aa181790c9f46f7a25b5c89ecc46c35603b9b62c3086228faf72b26d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://accounts.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 09 May 2023 14:11:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
40366
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/federated-signon-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5184
x-xss-protection
0
last-modified
Fri, 05 May 2023 00:12:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="federated-signon-mpm-access"
vary
Accept-Encoding
report-to
{"group":"federated-signon-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/federated-signon-mpm-access"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 08 May 2024 14:11:24 GMT
rpc:shindig_random.js
apis.google.com/js/ Frame BABB
17 KB
7 KB
Script
General
Full URL
https://apis.google.com/js/rpc:shindig_random.js?onload=init
Requested by
Host: accounts.google.com
URL: https://accounts.google.com/o/oauth2/postmessageRelay?parent=http%3A%2F%2Fshrew-soft-vpn-client.findmysoft.com&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.it.p4hLA3PtgtI.O%2Fd%3D1%2Frs%3DAHpOoo9uGPed9WTSFQetSevIKPkLCGGyEQ%2Fm%3D__features__
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
56c2927009c08e5a199ba91882ef3608e2bc64e067ddeb09dfdea7882c653ddc
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://accounts.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-security-policy
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 10 May 2023 01:24:10 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6900
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="gapi-team"
etag
"db072a2263db2284"
vary
Accept-Encoding
report-to
{"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 10 May 2023 01:24:10 GMT
cb=gapi.loaded_0
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.it.p4hLA3PtgtI.O/m=rpc,shindig_random/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9uGPed9WTSFQetSevIKPkLCGGyEQ/ Frame BABB
57 KB
20 KB
Script
General
Full URL
https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.it.p4hLA3PtgtI.O/m=rpc,shindig_random/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9uGPed9WTSFQetSevIKPkLCGGyEQ/cb=gapi.loaded_0?le=scs
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/rpc:shindig_random.js?onload=init
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d563bc1561bdb0e298779896c085ccf1d27e0dc41f7269414a8dcd513b8a754d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://accounts.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sat, 06 May 2023 23:05:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
267497
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20756
x-xss-protection
0
last-modified
Sat, 01 Apr 2023 15:23:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="social-frontend-mpm-access"
vary
Accept-Encoding
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 05 May 2024 23:05:53 GMT
/
hlmiq.com/vu/it/ Frame 0B86
5 KB
2 KB
Document
General
Full URL
https://hlmiq.com/vu/it/?
Requested by
Host: hlmiq.com
URL: https://hlmiq.com/vu/it/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
142.132.202.70 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.70.202.132.142.clients.your-server.de
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
c565fe4d6611526b28f06e0b9c170e54a58f06d94fd4281c8cbda8e062693474

Request headers

Referer
https://hlmiq.com/vu/it/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
it-IT,it;q=0.9

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Wed, 10 May 2023 01:24:11 GMT
Server
nginx/1.18.0 (Ubuntu)
Transfer-Encoding
chunked
/
www.semrush.com/partner/semrushpro/ Frame 0B86
Redirect Chain
  • https://hlmiq.com/to2/semrush.com/
  • https://www.semrush.com/partner/semrushpro/?irclickid=R%3ANxK2X7TxyNR7TQ1CxahX8JUkAXzdRGXUjWwE0&utm_source=affiliate&utm_Medium=impact&utm_campaign=1394912&utm_terms=&utm_content=&irgwc=1&utm_mediu...
0
0
Script
General
Full URL
https://www.semrush.com/partner/semrushpro/?irclickid=R%3ANxK2X7TxyNR7TQ1CxahX8JUkAXzdRGXUjWwE0&utm_source=affiliate&utm_Medium=impact&utm_campaign=1394912&utm_terms=&utm_content=&irgwc=1&utm_medium=impact&utm_term=
Requested by
Host: hlmiq.com
URL: https://hlmiq.com/vu/it/?
Protocol
H2
Server
34.120.45.191 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
191.45.120.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
it-IT,it;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Redirect headers

Location
https://www.semrush.com/partner/semrushpro/?irclickid=R%3ANxK2X7TxyNR7TQ1CxahX8JUkAXzdRGXUjWwE0&utm_source=affiliate&utm_Medium=impact&utm_campaign=1394912&utm_terms=&utm_content=&irgwc=1&utm_medium=impact&utm_term=
Date
Wed, 10 May 2023 01:24:11 GMT
Referrer-Policy
no-referrer
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
/
www.geekbuying.com/ Frame 0B86
Redirect Chain
  • https://affiliate.geekbuying.com/gkbaffiliate.php?id=1124
  • https://www.geekbuying.com/?idev_id=1124&utm_source=affiliate.geekbuying.com&utm_medium=affiliate_1124&utm_campaign=1124
0
0
Script
General
Full URL
https://www.geekbuying.com/?idev_id=1124&utm_source=affiliate.geekbuying.com&utm_medium=affiliate_1124&utm_campaign=1124
Requested by
Host: hlmiq.com
URL: https://hlmiq.com/vu/it/?
Protocol
H2
Server
2600:9000:225e:4000:1f:1abb:6580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://hlmiq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Redirect headers

pragma
no-cache
date
Wed, 10 May 2023 01:24:11 GMT
via
1.1 803246727539350977d724c9e4a027c6.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
FRA56-P4
x-cache
Miss from cloudfront
content-type
text/html; charset=UTF-8
location
https://www.geekbuying.com/?idev_id=1124&utm_source=affiliate.geekbuying.com&utm_medium=affiliate_1124&utm_campaign=1124
cache-control
no-store, no-cache, must-revalidate
x-amz-cf-id
6FJ0fowxpRbzybugWtDdSU19YJecPV6QrbRKX6tIZvhC6DZ55KFGWA==
expires
Thu, 19 Nov 1981 08:52:00 GMT
register
accounts.binance.com/ru/ Frame 0B86
Redirect Chain
  • https://www.binance.com/ru/register?ref=KZTDOPQP
  • https://accounts.binance.com/ru/register?ref=KZTDOPQP
0
0
Script
General
Full URL
https://accounts.binance.com/ru/register?ref=KZTDOPQP
Requested by
Host: hlmiq.com
URL: https://hlmiq.com/vu/it/?
Protocol
H2
Server
13.224.189.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-39.fra2.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://hlmiq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Redirect headers

date
Wed, 10 May 2023 01:24:00 GMT
via
1.1 46c9f6285b432bb7ca825d1b5670a6b0.cloudfront.net (CloudFront)
server
Tengine
x-amz-cf-pop
MXP64-C1
age
11
x-cache
Hit from cloudfront
content-type
text/html
location
https://accounts.binance.com/ru/register?ref=KZTDOPQP
cache-control
no-store,max-age=0,must-revalidate
content-length
239
x-amz-cf-id
dGmTWHc8IkZPLHuPhYSq4J7mOLNIx6VHY63JZlQRAygpBGK59XnxIQ==
/
www.dhgate.com/ Frame 0B86
Redirect Chain
  • https://hlmiq.com/to2/dhgate/
  • https://www.dhgate.com/?f=bm%7Caff%7Cimpact%7C2334778%7CSv23UEX%3A7xyNR7TQ1CxahX8JUkAXzD1HXUjWwE0%7C&irgwc=1
0
0
Script
General
Full URL
https://www.dhgate.com/?f=bm%7Caff%7Cimpact%7C2334778%7CSv23UEX%3A7xyNR7TQ1CxahX8JUkAXzD1HXUjWwE0%7C&irgwc=1
Requested by
Host: hlmiq.com
URL: https://hlmiq.com/vu/it/?
Protocol
H2
Server
2a02:26f0:480:586::3305 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
it-IT,it;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Redirect headers

Location
https://www.dhgate.com/?f=bm%7Caff%7Cimpact%7C2334778%7CSv23UEX%3A7xyNR7TQ1CxahX8JUkAXzD1HXUjWwE0%7C&irgwc=1
Date
Wed, 10 May 2023 01:24:11 GMT
Referrer-Policy
no-referrer
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
/
kinsta.com/ Frame 0B86
0
0

/
www.hotelscombined.it/ Frame 0B86
Redirect Chain
  • https://www.hotelscombined.it/?a_aid=172493
  • https://www.hotelscombined.it/
0
0
Script
General
Full URL
https://www.hotelscombined.it/
Requested by
Host: hlmiq.com
URL: https://hlmiq.com/vu/it/?
Protocol
H2
Server
151.101.129.29 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://hlmiq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Redirect headers

x-sn-waf-code
content-security-policy
upgrade-insecure-requests; frame-ancestors 'self'
strict-transport-security
max-age=10886400; preload
x-content-type-options
nosniff
referrer-policy
origin-when-cross-origin
server
KAYAK/1.0
date
Wed, 10 May 2023 01:24:11 GMT
content-security-policy-report-only
default-src https: blob:; connect-src https:; font-src https: data:; frame-src https:; img-src https: data: blob:; media-src https:; object-src https: data: blob:; script-src 'unsafe-inline' 'unsafe-eval' https:; style-src 'unsafe-inline' https: data:; worker-src blob:; report-uri /s/run/cspreport/reportHttp; report-to csp-log
report-to
{ "group": "csp-log", "max_age": 43200, "endpoints": [ { "url": "https://www.kayak.com/s/run/cspreport/reportHttp" } ] }
location
/
permissions-policy
camera=(), microphone=(), midi=(), geolocation=(self), usb=()
accept-ranges
bytes
content-length
0
x-xss-protection
1; mode=block
/
www.notino.it/ Frame 0B86
Redirect Chain
  • https://hlmiq.com/to2/notino.it/
  • https://www.notino.it/?utm_source=cj&utm_medium=affiliate&utm_campaign=3211745&utm_term=4260539&cjevent=20a385fceec811ed80cc02200a18ba72&cjdata=MXxZfFl8WXww
0
0
Script
General
Full URL
https://www.notino.it/?utm_source=cj&utm_medium=affiliate&utm_campaign=3211745&utm_term=4260539&cjevent=20a385fceec811ed80cc02200a18ba72&cjdata=MXxZfFl8WXww
Requested by
Host: hlmiq.com
URL: https://hlmiq.com/vu/it/?
Protocol
H2
Server
217.16.189.39 , Czech Republic, ASN43541 (VSHOSTING, CZ),
Reverse DNS
www.notino.it
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
it-IT,it;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Redirect headers

Location
https://www.notino.it/?utm_source=cj&utm_medium=affiliate&utm_campaign=3211745&utm_term=4260539&cjevent=20a385fceec811ed80cc02200a18ba72&cjdata=MXxZfFl8WXww
Date
Wed, 10 May 2023 01:24:11 GMT
Referrer-Policy
no-referrer
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
/
www.cotosen.com/ Frame 0B86
Redirect Chain
  • https://hlmiq.com/to2/cotosen.com/
  • https://www.cotosen.com/?utm_source=affiliates&utm_medium=admitad&tagtag_uid=50c05444da5096c98cecd975a9ab48f8
0
0
Script
General
Full URL
https://www.cotosen.com/?utm_source=affiliates&utm_medium=admitad&tagtag_uid=50c05444da5096c98cecd975a9ab48f8
Requested by
Host: hlmiq.com
URL: https://hlmiq.com/vu/it/?
Protocol
H2
Server
2606:4700::6811:e321 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
it-IT,it;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Redirect headers

Location
https://www.cotosen.com/?utm_source=affiliates&utm_medium=admitad&tagtag_uid=50c05444da5096c98cecd975a9ab48f8
Date
Wed, 10 May 2023 01:24:11 GMT
Referrer-Policy
no-referrer
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
/
it.bongacams.com/ Frame 0B86
Redirect Chain
  • https://bongacams.com/track?c=287325
  • https://bngtrak.com/hit.php?c=287325
  • https://bongacams.com/?bcs=d25mbzNlNTVmNjc4ZjZiMzBlNzAwODFlMTg3ZWZkN2Q1YWYxOjoxODMzNDY6Omh0dHBzOi8vaGxtaXEuY29tLzo6Ojo6OjI4NzMyNTo6MDo6MDo6MDo6OjowOjpkZWZhdWx0Ojow
  • https://it.bongacams.com/?bcs=d25mbzNlNTVmNjc4ZjZiMzBlNzAwODFlMTg3ZWZkN2Q1YWYxOjoxODMzNDY6Omh0dHBzOi8vaGxtaXEuY29tLzo6Ojo6OjI4NzMyNTo6MDo6MDo6MDo6OjowOjpkZWZhdWx0Ojow
0
0
Script
General
Full URL
https://it.bongacams.com/?bcs=d25mbzNlNTVmNjc4ZjZiMzBlNzAwODFlMTg3ZWZkN2Q1YWYxOjoxODMzNDY6Omh0dHBzOi8vaGxtaXEuY29tLzo6Ojo6OjI4NzMyNTo6MDo6MDo6MDo6OjowOjpkZWZhdWx0Ojow
Requested by
Host: hlmiq.com
URL: https://hlmiq.com/vu/it/?
Protocol
H2
Server
195.85.23.96 , Czech Republic, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
net-96-23-conversasro.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://hlmiq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Redirect headers

date
Wed, 10 May 2023 01:24:11 GMT
cf-cache-status
DYNAMIC
server
cloudflare
content-type
text/html; charset=utf-8
location
https://it.bongacams.com/?bcs=d25mbzNlNTVmNjc4ZjZiMzBlNzAwODFlMTg3ZWZkN2Q1YWYxOjoxODMzNDY6Omh0dHBzOi8vaGxtaXEuY29tLzo6Ojo6OjI4NzMyNTo6MDo6MDo6MDo6OjowOjpkZWZhdWx0Ojow
cache-control
no-cache, no-store, must-revalidate
x-zone
m3-4-web10
cf-ray
7c4e61943bc7bac9-MXP
/
www.bata.it/ Frame 0B86
Redirect Chain
  • https://hlmiq.com/to2/bata.it/
  • https://redirects.tradedoubler.com/projectr/?utm_source=tradedoubler&utm_medium=affiliation&utm_campaign=1341325&utm_content=display&tduid=a125995705c8a023a0ffe7aef38895d8&_td_deeplink=https://www....
  • https://www.bata.it/?utm_source=tradedoubler&utm_medium=affiliation&utm_campaign=1341325&utm_content=display&tduid=a125995705c8a023a0ffe7aef38895d8
0
0
Script
General
Full URL
https://www.bata.it/?utm_source=tradedoubler&utm_medium=affiliation&utm_campaign=1341325&utm_content=display&tduid=a125995705c8a023a0ffe7aef38895d8
Requested by
Host: hlmiq.com
URL: https://hlmiq.com/vu/it/?
Protocol
H2
Server
2a02:26f0:6c00::210:bb5a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
it-IT,it;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Redirect headers

Location
https://www.bata.it/?utm_source=tradedoubler&utm_medium=affiliation&utm_campaign=1341325&utm_content=display&tduid=a125995705c8a023a0ffe7aef38895d8
Date
Wed, 10 May 2023 01:24:11 GMT
Cache-control
no-cache="set-cookie"
Server
Apache/2.4.55 (Ubuntu)
Connection
keep-alive
Content-Length
1
Content-Type
text/html; charset=UTF-8
/
it1.iherb.com/ Frame 0B86
Redirect Chain
  • https://hlmiq.com/to2/iherb.com/
  • https://www.iherb.com/?clickref=1100lwJJYrKH&utm_source=agruna&utm_medium=affiliate&utm_campaign=1011l44232
  • https://www.iherb.com/?utm_source=agruna&utm_medium=affiliate&utm_campaign=1011l44232
  • https://it1.iherb.com/?utm_source=agruna&utm_medium=affiliate&utm_campaign=1011l44232
0
0
Script
General
Full URL
https://it1.iherb.com/?utm_source=agruna&utm_medium=affiliate&utm_campaign=1011l44232
Requested by
Host: hlmiq.com
URL: https://hlmiq.com/vu/it/?
Protocol
H2
Server
104.18.7.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
it-IT,it;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Redirect headers

date
Wed, 10 May 2023 01:24:11 GMT
strict-transport-security
max-age=31536000; includeSubDomains
datacenter
production/catalog/frankfurt
cf-cache-status
EXPIRED
server
cloudflare
vary
Accept-Encoding
location
https://it1.iherb.com/?utm_source=agruna&utm_medium=affiliate&utm_campaign=1011l44232
cache-control
no-cache
x-client-id
page-home
buildnumber
1925
cf-ray
7c4e61942dfb3742-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-request-id
2f39dbca16a936cbea1597c08d2279a3
/
www.viator.com/ Frame 0B86
0
0
Script
General
Full URL
https://www.viator.com/?pid=P00062740&mcid=42383&medium=link
Requested by
Host: hlmiq.com
URL: https://hlmiq.com/vu/it/?
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.201.245.174 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-201-245-174.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://hlmiq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

/
www.ticketone.it/ Frame 0B86
Redirect Chain
  • https://hlmiq.com/to2/ticketone.it/
  • https://www.ticketone.it/?api_key=526ce45b25e1f6dcb86f05e8f2c94e64&site_id=4e52405092d94c458711b4fff5efbfbd&type=url&source=clcktrck.com&yk_tag=1f86589826a41783233362718d2de2bb
0
0
Script
General
Full URL
https://www.ticketone.it/?api_key=526ce45b25e1f6dcb86f05e8f2c94e64&site_id=4e52405092d94c458711b4fff5efbfbd&type=url&source=clcktrck.com&yk_tag=1f86589826a41783233362718d2de2bb
Requested by
Host: hlmiq.com
URL: https://hlmiq.com/vu/it/?
Protocol
H2
Server
2a02:26f0:6c00:199::3801 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
it-IT,it;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Redirect headers

Location
https://www.ticketone.it/?api_key=526ce45b25e1f6dcb86f05e8f2c94e64&site_id=4e52405092d94c458711b4fff5efbfbd&type=url&source=clcktrck.com&yk_tag=1f86589826a41783233362718d2de2bb
Date
Wed, 10 May 2023 01:24:11 GMT
Referrer-Policy
no-referrer
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
/
www.lightinthebox.com/it/ Frame 0B86
Redirect Chain
  • https://www.lightinthebox.com/?utm_campaign=irpid&utm_content=Indoleads2019&utm_source=gan&utm_medium=affiliate&litb_from=affiliate_gan&clickid=yIcQh1X%3A8xyNR7TQ1CxahX8JUkAXzlyOXUjWwE0&irgwc=1
  • https://www.lightinthebox.com/it/?utm_campaign=irpid&utm_content=Indoleads2019&utm_source=gan&utm_medium=affiliate&litb_from=affiliate_gan&clickid=yIcQh1X%3A8xyNR7TQ1CxahX8JUkAXzlyOXUjWwE0&irgwc=1
0
0
Script
General
Full URL
https://www.lightinthebox.com/it/?utm_campaign=irpid&utm_content=Indoleads2019&utm_source=gan&utm_medium=affiliate&litb_from=affiliate_gan&clickid=yIcQh1X%3A8xyNR7TQ1CxahX8JUkAXzlyOXUjWwE0&irgwc=1
Requested by
Host: hlmiq.com
URL: https://hlmiq.com/vu/it/?
Protocol
H2
Server
23.36.162.214 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-162-214.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://hlmiq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Redirect headers

vela_v
strict-transport-security
max-age=31536000
date
Wed, 10 May 2023 01:24:11 GMT
x-content-type-options
nosniff
vela_v_c
p3p
CP="CAO PSA OUR"
vela_w_c
vela_is_first_visit
server-timing
ak_p; desc="467689_399431126_981668648_3801_5594_42_0";dur=1
x-xss-protection
1;mode=block
pragma
no-cache
vela_device
server
litb-web1server
x-frame-options
allow-from https://gw.lightinthebox.com
access-control-allow-methods
GET,POST,PUT,DELETE,OPTIONS
content-type
text/html; charset=UTF-8
location
https://www.lightinthebox.com/it/?utm_campaign=irpid&utm_content=Indoleads2019&utm_source=gan&utm_medium=affiliate&litb_from=affiliate_gan&clickid=yIcQh1X%3A8xyNR7TQ1CxahX8JUkAXzlyOXUjWwE0&irgwc=1
access-control-allow-origin
0
vela_s
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vela_w
access-control-allow-headers
Keep-Alive,User-Agent,Cache-Control,Content-Type,token
vela_s_c
expires
Wed, 10 May 2023 01:24:11 GMT
it
vave.com/ Frame 0B86
Redirect Chain
  • https://vave.com/?btag=657028_7457C709B74841759EFFB14E6BB3A6CC
  • https://vave.com/it?btag=657028_7457C709B74841759EFFB14E6BB3A6CC
0
0
Script
General
Full URL
https://vave.com/it?btag=657028_7457C709B74841759EFFB14E6BB3A6CC
Requested by
Host: hlmiq.com
URL: https://hlmiq.com/vu/it/?
Protocol
H2
Server
2606:4700:20::681a:203 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://hlmiq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Redirect headers

date
Wed, 10 May 2023 01:24:12 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html; charset=UTF-8
location
/it?btag=657028_7457C709B74841759EFFB14E6BB3A6CC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BzSAQCFN3tEgZpvwGKYOYFXZShgw4%2BplyRe%2BPfETg%2Fh5ZJ2ID6TpCsIBl8nuewAa4W2VcJV69BkOLl9vl5r1bdzgXdr2TFaIY5wHGITXYJgBsXPImVz7wSn9frmtqPin0ho2Z46u"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
Content-Length,Content-Range
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
7c4e61967b5d0e29-MXP
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
/
www.kobo.com/ Frame 0B86
Redirect Chain
  • https://hlmiq.com/to2/kobo.com/
  • https://www.kobo.com/?utm_source=linkshare_fr&utm_medium=affiliate&utm_campaign=Linkbux&utm_term=lb_iy0qa0&ranMID=39331&ranEAID=wizKxmN8no4&ranSiteID=wizKxmN8no4-mL2h11xqwrpR2kyR57272Q&siteID=wizKx...
0
0

/
www.kayak.it/ Frame 0B86
Redirect Chain
  • https://hlmiq.com/to2/kayak.it/
  • https://www.kayak.it/in?a=tradetracker&encoder=19_4&enc_pubid=191272&enc_bid=0&enc_pid=32920&enc_refid=0%3A%3A191272%3A%3Av030300011382adfa8dbecbd04d7e8016be504c1a5152%3A%3A%3A%3A1683678362&utm_sou...
  • https://www.kayak.it/?utm_source=tradetracker&utm_medium=affiliate&utm_campaign=191272&utm_content=32920
0
0
Script
General
Full URL
https://www.kayak.it/?utm_source=tradetracker&utm_medium=affiliate&utm_campaign=191272&utm_content=32920
Requested by
Host: hlmiq.com
URL: https://hlmiq.com/vu/it/?
Protocol
H2
Server
2a04:4e42::285 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
it-IT,it;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Redirect headers

x-sn-waf-code
strict-transport-security
max-age=10886400; preload
date
Wed, 10 May 2023 01:24:12 GMT
server
KAYAK/1.0
report-to
{ "group": "csp-log", "max_age": 43200, "endpoints": [ { "url": "https://www.kayak.com/s/run/cspreport/reportHttp" } ] }
location
https://www.kayak.it/?utm_source=tradetracker&utm_medium=affiliate&utm_campaign=191272&utm_content=32920
cache-control
no-cache
permissions-policy
camera=(), microphone=(), midi=(), geolocation=(self), usb=()
accept-ranges
bytes
content-length
0
/
www.tomtop.com/ Frame 0B86
Redirect Chain
  • https://iplogger.com/2QSAr5
  • https://www.tomtop.com/?aid=agru
0
0
Script
General
Full URL
https://www.tomtop.com/?aid=agru
Requested by
Host: hlmiq.com
URL: https://hlmiq.com/vu/it/?
Protocol
H2
Server
44.236.126.204 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-236-126-204.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://hlmiq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Redirect headers

date
Wed, 10 May 2023 01:24:12 GMT
strict-transport-security
max-age=604800, max-age=31536000
content-security-policy
img-src https: data:; upgrade-insecure-requests
server
nginx
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
location
https://www.tomtop.com?aid=agru
cache-control
no-store, no-cache, must-revalidate
expires
Wed, 10 May 2023 01:24:12 +0000
/
it.bidoo.com/ Frame 0B86
Redirect Chain
  • https://hlmiq.com/to2/bidoo.com/
  • https://it.bidoo.com/?src=admitad&tagtag_uid=657ee5a1add6681fffaa4da0421529c9&target=admitad
0
0
Script
General
Full URL
https://it.bidoo.com/?src=admitad&tagtag_uid=657ee5a1add6681fffaa4da0421529c9&target=admitad
Requested by
Host: hlmiq.com
URL: https://hlmiq.com/vu/it/?
Protocol
H2
Server
104.22.54.190 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
it-IT,it;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Redirect headers

Location
https://it.bidoo.com/?src=admitad&tagtag_uid=657ee5a1add6681fffaa4da0421529c9&target=admitad
Date
Wed, 10 May 2023 01:24:12 GMT
Referrer-Policy
no-referrer
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
/
www.expedia.it/ Frame 0B86
Redirect Chain
  • https://hlmiq.com/to2/expedia.it/
  • https://www.expedia.it/?clickref=1100lwJJRAC8&affcid=IT.DIRECT.PHG.1100l95727.0&ref_id=1100lwJJRAC8&my_ad=AFF.IT.DIRECT.PHG.1100l95727.0&afflid=1100lwJJRAC8&original_destination=https://www.expedia...
0
0
Script
General
Full URL
https://www.expedia.it/?clickref=1100lwJJRAC8&affcid=IT.DIRECT.PHG.1100l95727.0&ref_id=1100lwJJRAC8&my_ad=AFF.IT.DIRECT.PHG.1100l95727.0&afflid=1100lwJJRAC8&original_destination=https://www.expedia.it/?clickref=1100lwJJRAC8&affcid=IT.DIRECT.PHG.1100l95727.0&ref_id=1100lwJJRAC8&my_ad=AFF.IT.DIRECT.PHG.1100l95727.0&afflid=1100lwJJRAC8
Requested by
Host: hlmiq.com
URL: https://hlmiq.com/vu/it/?
Protocol
H2
Server
2.23.196.184 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-23-196-184.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
it-IT,it;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Redirect headers

Location
https://www.expedia.it/?clickref=1100lwJJRAC8&affcid=IT.DIRECT.PHG.1100l95727.0&ref_id=1100lwJJRAC8&my_ad=AFF.IT.DIRECT.PHG.1100l95727.0&afflid=1100lwJJRAC8&original_destination=https://www.expedia.it/?clickref=1100lwJJRAC8&affcid=IT.DIRECT.PHG.1100l95727.0&ref_id=1100lwJJRAC8&my_ad=AFF.IT.DIRECT.PHG.1100l95727.0&afflid=1100lwJJRAC8
Date
Wed, 10 May 2023 01:24:12 GMT
Referrer-Policy
no-referrer
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
in
www.momondo.it/ Frame 0B86
Redirect Chain
  • https://hlmiq.com/to2/momondo.it/
  • https://www.momondo.it/in?a=tradetracker&encoder=19_4&enc_pubid=191272&enc_bid=0&enc_pid=20430&enc_refid=0%3A%3A191272%3A%3Av0303000113828783ebccb2f44730ae22218572db1e34%3A%3A%3A%3A1683676202&utm_s...
0
0
Script
General
Full URL
https://www.momondo.it/in?a=tradetracker&encoder=19_4&enc_pubid=191272&enc_bid=0&enc_pid=20430&enc_refid=0%3A%3A191272%3A%3Av0303000113828783ebccb2f44730ae22218572db1e34%3A%3A%3A%3A1683676202&utm_source=tradetracker&utm_medium=affiliate&utm_campaign=191272&utm_content=20430&url=https%3A%2F%2Fmomondo.it%2F
Requested by
Host: hlmiq.com
URL: https://hlmiq.com/vu/it/?
Protocol
H2
Server
151.101.193.29 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
it-IT,it;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Redirect headers

Location
https://www.momondo.it/in?a=tradetracker&encoder=19_4&enc_pubid=191272&enc_bid=0&enc_pid=20430&enc_refid=0%3A%3A191272%3A%3Av0303000113828783ebccb2f44730ae22218572db1e34%3A%3A%3A%3A1683676202&utm_source=tradetracker&utm_medium=affiliate&utm_campaign=191272&utm_content=20430&url=https%3A%2F%2Fmomondo.it%2F
Date
Wed, 10 May 2023 01:24:12 GMT
Referrer-Policy
no-referrer
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
it-it
www.armani.com/ Frame 0B86
Redirect Chain
  • https://hlmiq.com/to2/armani.com/
  • https://www.armani.com/affiliation/linkshare/Index?siteID=DyEaQ64qYSo-kbgCG5cO6PDt0uUXyBoQEw&url=https%3A%2F%2Fwww.armani.com%2F%3Futm_campaign%3Dus_armani_armani_ecommerce_linkshare_affiliation%26...
  • https://www.armani.com/
  • https://www.armani.com/it-it
0
0
Script
General
Full URL
https://www.armani.com/it-it
Requested by
Host: hlmiq.com
URL: https://hlmiq.com/vu/it/?
Protocol
H2
Server
23.41.180.10 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-41-180-10.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
it-IT,it;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Redirect headers

x-edgeconnect-origin-mex-latency
17
date
Wed, 10 May 2023 01:24:12 GMT
strict-transport-security
max-age=31536000
origin
armani-prd-01-head
x-content-type-options
nosniff
x-edgeconnect-midmile-rtt
16
server-timing
cdn-cache; desc=MISS, edge; dur=26, origin; dur=17, ak_p; desc="467689_390277165_11849144_4273_9480_41_0";dur=1
content-length
123
x-xss-protection
1; mode=block
server
Microsoft-IIS/10.0
x-frame-options
SAMEORIGIN
content-type
text/html; charset=utf-8
location
/it-it
cache-control
private
x-yuri-type
Yuri localized rewrite temporary
x-content-security-policy
default-src 'self'; base-uri 'self';
/
www.arcaplanet.it/ Frame 0B86
Redirect Chain
  • https://hlmiq.com/to2/arcaplanet.it/
  • https://www.arcaplanet.it/?kk=a4c6293-188031279a4-2ab5c&utm_campaign=kelkooclick_couponing_5.pp&utm_id=kelkoo&utm_medium=affiliate&utm_source=kelkooit
0
0
Script
General
Full URL
https://www.arcaplanet.it/?kk=a4c6293-188031279a4-2ab5c&utm_campaign=kelkooclick_couponing_5.pp&utm_id=kelkoo&utm_medium=affiliate&utm_source=kelkooit
Requested by
Host: hlmiq.com
URL: https://hlmiq.com/vu/it/?
Protocol
H2
Server
2600:9000:2491:2800:17:e47d:5040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
it-IT,it;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Redirect headers

Location
https://www.arcaplanet.it/?kk=a4c6293-188031279a4-2ab5c&utm_campaign=kelkooclick_couponing_5.pp&utm_id=kelkoo&utm_medium=affiliate&utm_source=kelkooit
Date
Wed, 10 May 2023 01:24:12 GMT
Referrer-Policy
no-referrer
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
j19u1ne5
offer.alibaba.com/cps/ Frame 0B86
0
0
Script
General
Full URL
https://offer.alibaba.com/cps/j19u1ne5?bm=cps&src=saf&tp1=ba3350b6db00357cb4b55ed43c59eacc&pid=656490
Requested by
Host: hlmiq.com
URL: https://hlmiq.com/vu/it/?
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
163.181.56.169 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://hlmiq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

/
iqbroker.com/lp/ultimate-trading/ Frame 0B86
0
0
Script
General
Full URL
https://iqbroker.com/lp/ultimate-trading/?active=forex2&aff=7792
Requested by
Host: hlmiq.com
URL: https://hlmiq.com/vu/it/?
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.117.134.138 , Cyprus, ASN204006 (IQOPTION, CY),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://hlmiq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

/
www.vrbo.com/it-it/ Frame 0B86
0
0
Script
General
Full URL
https://www.vrbo.com/it-it/?CID=a_ph_6&utm_source=aff_ph&utm_medium=partner&utm_campaign=phgagru_1100l265&utm_content=0&k_clickid=1011lwMYqNWb&affcid=VRBO-IT.DIRECT.PHG.1100l95727
Requested by
Host: hlmiq.com
URL: https://hlmiq.com/vu/it/?
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.187.90 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-187-90.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://hlmiq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

/
www.rentalcars.com/ Frame 0B86
Redirect Chain
  • https://hlmiq.com/to2/rentalcars.com/
  • https://www.rentalcars.com/Home.do?affiliateCode=chinesean&adplat=2a18802eddd7a
  • https://www.rentalcars.com/?affiliateCode=chinesean&adplat=2a18802eddd7a
0
0
Script
General
Full URL
https://www.rentalcars.com/?affiliateCode=chinesean&adplat=2a18802eddd7a
Requested by
Host: hlmiq.com
URL: https://hlmiq.com/vu/it/?
Protocol
H2
Server
104.16.106.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
it-IT,it;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Redirect headers

date
Wed, 10 May 2023 01:24:12 GMT
strict-transport-security
max-age=31536000
referrer-policy
no-referrer-when-downgrade
cf-cache-status
DYNAMIC
x-content-type-options
nosniff
server
cloudflare
vary
Accept, Accept-Encoding
content-type
text/plain; charset=utf-8
location
/?affiliateCode=chinesean&adplat=2a18802eddd7a
x-envoy-upstream-service-time
38
cf-ray
7c4e619b8e7b0e27-MXP
content-length
68
x-xss-protection
1; mode=block
/
warehouse-x.io/ Frame 0B86
0
0
Script
General
Full URL
https://warehouse-x.io/?clickid=83cdc2tm7a4b73y4c9&campaign=554&uclick=2tm7a4b73y&uclickhash=2tm7a4b73y-2tm7a4b73y-howj-0-e2wj-q5u3-q5lp-7d4321
Requested by
Host: hlmiq.com
URL: https://hlmiq.com/vu/it/?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4b7f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://hlmiq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

/
www.canva.com/it_it/prezzi/ Frame 0B86
Redirect Chain
  • https://www.canva.com/pricing/?clickId=0rYyL5X%3AbxyNR7TQ1CxahX8JUkAXzQ1HXUjWwE0&utm_medium=affiliate&utm_source=korfoorg_1394953&irgwc=1
  • https://www.canva.com/it_it/prezzi/?clickId=0rYyL5X%3AbxyNR7TQ1CxahX8JUkAXzQ1HXUjWwE0&utm_medium=affiliate&utm_source=korfoorg_1394953&irgwc=1
0
0
Script
General
Full URL
https://www.canva.com/it_it/prezzi/?clickId=0rYyL5X%3AbxyNR7TQ1CxahX8JUkAXzQ1HXUjWwE0&utm_medium=affiliate&utm_source=korfoorg_1394953&irgwc=1
Requested by
Host: hlmiq.com
URL: https://hlmiq.com/vu/it/?
Protocol
H2
Server
2606:4700::6810:e30a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://hlmiq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Redirect headers

date
Wed, 10 May 2023 01:24:12 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-security-policy
frame-ancestors https://canvateam.zendesk.com https://phoenix.canva.com;
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-xss-protection
1; mode=block
x-request-id
7c4e619c581a0d80
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
x-frame-options
deny
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HXBpUjIOLislGtryJMU9MTtzlQ2NuSFwWoyROpE9yj3TkuaqvnwaDwBBjWxTyxm4Xxxr1G%2Fzqo7eB%2FYVs82Evrfi1cvGmypKOAi2xoiyNQQLOiCIlsjJwZ%2F7iXDavm9DqXre0ZbmVubxBAM%3D"}],"group":"cf-nel","max_age":604800}
content-language
it-IT
location
https://www.canva.com/it_it/prezzi/?clickId=0rYyL5X%3AbxyNR7TQ1CxahX8JUkAXzQ1HXUjWwE0&utm_medium=affiliate&utm_source=korfoorg_1394953&irgwc=1
cache-control
no-cache, no-store
vary
Accept-Encoding
cf-ray
7c4e619c581a0d80-MXP
expires
Thu, 01 Jan 1970 00:00:00 GMT
/
www.agoda.com/ Frame 0B86
0
0
Script
General
Full URL
https://www.agoda.com/?pcs=1&cid=1815903
Requested by
Host: hlmiq.com
URL: https://hlmiq.com/vu/it/?
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.197.132.154 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-197-132-154.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://hlmiq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

/
it.stripchat.com/ Frame 0B86
Redirect Chain
  • https://stripchat.com/?affiliateId=73b0fbd3ee36ead2b74e59d3464a7035c57d58262dabefced6d54007bc244727
  • https://it.stripchat.com/?affiliateId=73b0fbd3ee36ead2b74e59d3464a7035c57d58262dabefced6d54007bc244727
0
0
Script
General
Full URL
https://it.stripchat.com/?affiliateId=73b0fbd3ee36ead2b74e59d3464a7035c57d58262dabefced6d54007bc244727
Requested by
Host: hlmiq.com
URL: https://hlmiq.com/vu/it/?
Protocol
H2
Server
2606:4700:311f::6812:3f82 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://hlmiq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Redirect headers

date
Wed, 10 May 2023 01:24:13 GMT
strict-transport-security
max-age=15768000
cf-cache-status
DYNAMIC
server
cloudflare
x-frame-options
deny
content-type
text/html
location
https://it.stripchat.com/?affiliateId=73b0fbd3ee36ead2b74e59d3464a7035c57d58262dabefced6d54007bc244727
cf-ray
7c4e619dfb4b59c5-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
shop
www.c-and-a.com/it/it/ Frame 0B86
Redirect Chain
  • https://hlmiq.com/to2/c-and-a.it/
  • https://www.c-and-a.com/it/it/shop?clickref=1101lwJU4L5W&utm_source=affiliate&utm_content=linkbux20&utm_medium=1101lwJU4L5W&utm_campaign=public-it&utm_term=partnerize-1011l105038
0
0
Script
General
Full URL
https://www.c-and-a.com/it/it/shop?clickref=1101lwJU4L5W&utm_source=affiliate&utm_content=linkbux20&utm_medium=1101lwJU4L5W&utm_campaign=public-it&utm_term=partnerize-1011l105038
Requested by
Host: hlmiq.com
URL: https://hlmiq.com/vu/it/?
Protocol
H2
Server
2606:4700::6812:1829 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
it-IT,it;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Redirect headers

Location
https://www.c-and-a.com/it/it/shop?clickref=1101lwJU4L5W&utm_source=affiliate&utm_content=linkbux20&utm_medium=1101lwJU4L5W&utm_campaign=public-it&utm_term=partnerize-1011l105038
Date
Wed, 10 May 2023 01:24:13 GMT
Referrer-Policy
no-referrer
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
/
www.interflora.it/ Frame 0B86
Redirect Chain
  • https://hlmiq.com/to2/interflora.it/
  • https://www.interflora.it/Home/Index?belboon=2305100046022540058&utm_source=affiliate&utm_campaign=Takeads&utm_medium=belboon&utm_content=482065&utm_admedia=CRTC50yPro-&campaign=belboon+spacer&utm_...
  • https://www.interflora.it/?belboon=2305100046022540058&utm_source=affiliate&utm_campaign=Takeads&utm_medium=belboon&utm_content=482065&utm_admedia=CRTC50yPro-&campaign=belboon+spacer&utm_term=Netzw...
0
0
Script
General
Full URL
https://www.interflora.it/?belboon=2305100046022540058&utm_source=affiliate&utm_campaign=Takeads&utm_medium=belboon&utm_content=482065&utm_admedia=CRTC50yPro-&campaign=belboon+spacer&utm_term=Netzwerke+allgemein
Requested by
Host: hlmiq.com
URL: https://hlmiq.com/vu/it/?
Protocol
H2
Server
18.66.122.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-40.fra60.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
it-IT,it;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Redirect headers

date
Wed, 10 May 2023 01:24:13 GMT
via
1.1 d4f777a2d5a6d5aeb7eb6201b41775ea.cloudfront.net (CloudFront)
x-unique-id
n6k1GD-FarTYqNZb0sG7WsyNFYDVjzP2x9VK-sBkA3qCKDkWALp7mg==
x-fstrz
r,cf
server
Fasterize
x-amz-cf-pop
FRA60-P2
x-cache
LambdaGeneratedResponse from cloudfront
location
https://www.interflora.it/?belboon=2305100046022540058&utm_source=affiliate&utm_campaign=Takeads&utm_medium=belboon&utm_content=482065&utm_admedia=CRTC50yPro-&campaign=belboon+spacer&utm_term=Netzwerke+allgemein
content-length
0
x-amz-cf-id
n6k1GD-FarTYqNZb0sG7WsyNFYDVjzP2x9VK-sBkA3qCKDkWALp7mg==
/
www.wish.com/ Frame 0B86
0
0

/
www.lingoda.com/ru/ Frame 0B86
Redirect Chain
  • https://hlmiq.com/to2/lingoda.com/
  • https://www.lingoda.com/ru/?utm_source=rakuten&utm_medium=affiliate&utm_campaign=admitad&utm_keyword=hL6ObH.7r3M-9iTCW4bV1UotJUgyM2eKBw&ranMID=49431&ranEAID=3354856&ranSiteID=hL6ObH.7r3M-9iTCW4bV1U...
0
0
Script
General
Full URL
https://www.lingoda.com/ru/?utm_source=rakuten&utm_medium=affiliate&utm_campaign=admitad&utm_keyword=hL6ObH.7r3M-9iTCW4bV1UotJUgyM2eKBw&ranMID=49431&ranEAID=3354856&ranSiteID=hL6ObH.7r3M-9iTCW4bV1UotJUgyM2eKBw
Requested by
Host: hlmiq.com
URL: https://hlmiq.com/vu/it/?
Protocol
H2
Server
13.32.27.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-64.fra56.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
it-IT,it;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Redirect headers

Location
https://www.lingoda.com/ru/?utm_source=rakuten&utm_medium=affiliate&utm_campaign=admitad&utm_keyword=hL6ObH.7r3M-9iTCW4bV1UotJUgyM2eKBw&ranMID=49431&ranEAID=3354856&ranSiteID=hL6ObH.7r3M-9iTCW4bV1UotJUgyM2eKBw
Date
Wed, 10 May 2023 01:24:13 GMT
Referrer-Policy
no-referrer
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
/
www.vestiairecollective.com/ Frame 0B86
Redirect Chain
  • https://hlmiq.com/to2/vestiairecollective.com/
  • https://www.vestiairecollective.com/?utm_source=rakuten&utm_medium=affiliate&utm_campaign=2126220_Takeads+GmbH&utm_term=a1LgFw09t88-aEHBOLIMi2GAFadjSUlNTQ&ranMID=49104&ranEAID=a1LgFw09t88&ranSiteID...
0
0
Script
General
Full URL
https://www.vestiairecollective.com/?utm_source=rakuten&utm_medium=affiliate&utm_campaign=2126220_Takeads+GmbH&utm_term=a1LgFw09t88-aEHBOLIMi2GAFadjSUlNTQ&ranMID=49104&ranEAID=a1LgFw09t88&ranSiteID=a1LgFw09t88-aEHBOLIMi2GAFadjSUlNTQ
Requested by
Host: hlmiq.com
URL: https://hlmiq.com/vu/it/?
Protocol
H2
Server
2606:4700:4400::6812:23a4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
it-IT,it;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Redirect headers

Location
https://www.vestiairecollective.com/?utm_source=rakuten&utm_medium=affiliate&utm_campaign=2126220_Takeads+GmbH&utm_term=a1LgFw09t88-aEHBOLIMi2GAFadjSUlNTQ&ranMID=49104&ranEAID=a1LgFw09t88&ranSiteID=a1LgFw09t88-aEHBOLIMi2GAFadjSUlNTQ
Date
Wed, 10 May 2023 01:24:13 GMT
Referrer-Policy
no-referrer
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
/
www.coursera.org/ Frame 0B86
Redirect Chain
  • https://hlmiq.com/to2/coursera2.org/
  • https://www.coursera.org/?irclickid=2k7S0IX7xxyNR7TQ1CxahX8JUkAXzo0WXUjWwE0&irgwc=1&utm_medium=partners&utm_source=impact&utm_campaign=1310690&utm_content=b2c
0
0

/
www.udemy.com/ Frame 0B86
Redirect Chain
  • https://hlmiq.com/to2/udemy2.com/
  • https://www.udemy.com/?ranMID=39197&ranEAID=wizKxmN8no4&ranSiteID=wizKxmN8no4-D0jyPSnWBrrDXRfjSdCiPg&utm_source=aff-campaign&utm_medium=udemyads&LSNPUBID=wizKxmN8no4
0
0
Script
General
Full URL
https://www.udemy.com/?ranMID=39197&ranEAID=wizKxmN8no4&ranSiteID=wizKxmN8no4-D0jyPSnWBrrDXRfjSdCiPg&utm_source=aff-campaign&utm_medium=udemyads&LSNPUBID=wizKxmN8no4
Requested by
Host: hlmiq.com
URL: https://hlmiq.com/vu/it/?
Protocol
H2
Server
2606:4700::6810:e25b -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
it-IT,it;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Redirect headers

Location
https://www.udemy.com/?ranMID=39197&ranEAID=wizKxmN8no4&ranSiteID=wizKxmN8no4-D0jyPSnWBrrDXRfjSdCiPg&utm_source=aff-campaign&utm_medium=udemyads&LSNPUBID=wizKxmN8no4
Date
Wed, 10 May 2023 01:24:13 GMT
Referrer-Policy
no-referrer
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
/
monday.com/lang/it/ Frame 0B86
Redirect Chain
  • https://hlmiq.com/to2/monday3.com/
  • https://monday.com/?gspk=Y29vbnR4bWVkaWE1NTM4&gsxid=h7PWYog5d90j&pscd=try.monday.com&sid=102755743ddb6d7b8bc25e89557402&u=https://monday.com/?sid=102755743ddb6d7b8bc25e89557402&urlauth=846686347208...
  • https://monday.com/lang/it/?gspk=Y29vbnR4bWVkaWE1NTM4&gsxid=zxAu9AgQhsEZ&pscd=try.monday.com&sid=102bee0826f83ed6da888a5acf1e5f&u=https:/monday.com
0
0
Script
General
Full URL
https://monday.com/lang/it/?gspk=Y29vbnR4bWVkaWE1NTM4&gsxid=zxAu9AgQhsEZ&pscd=try.monday.com&sid=102bee0826f83ed6da888a5acf1e5f&u=https:/monday.com
Requested by
Host: hlmiq.com
URL: https://hlmiq.com/vu/it/?
Protocol
H2
Server
18.66.97.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-69.fra56.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
it-IT,it;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Redirect headers

date
Tue, 09 May 2023 17:00:27 GMT
content-encoding
gzip
via
1.1 84294257ed643a88ee54d2e3f7d7ccea.cloudfront.net (CloudFront)
strict-transport-security
max-age=15552000; includeSubDomains; preload
cloudfront-is-desktop-viewer
true
x-amz-cf-pop
FRA56-P2
age
30226
x-powered-by
Express
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
3
cloudfront-viewer-country
IT
x-xss-protection
1; mode=block
server
monday edge
cloudfront-is-mobile-viewer
false
vary
Accept-Encoding
content-type
text/plain; charset=utf-8
location
/lang/it/?gspk=Y29vbnR4bWVkaWE1NTM4&gsxid=zxAu9AgQhsEZ&pscd=try.monday.com&sid=102bee0826f83ed6da888a5acf1e5f&u=https:/monday.com
cloudfront-is-tablet-viewer
false
x-amz-cf-id
keHC1B44ImllVu6tOyeVpHJ0Aq4bfztq2dng_N7MGRG9C0RUaO8xJA==
/
www.airhelp.com/it/ Frame 0B86
Redirect Chain
  • https://www.airhelp.com/?utm_medium=affiliate&utm_source=pap&utm_campaign=aff-agru&utm_content=&a_aid=agru&a_bid=2d914045
  • https://www.airhelp.com/it/?utm_medium=affiliate&utm_source=pap&utm_campaign=aff-agru&utm_content=&a_aid=agru&a_bid=2d914045
0
0
Script
General
Full URL
https://www.airhelp.com/it/?utm_medium=affiliate&utm_source=pap&utm_campaign=aff-agru&utm_content=&a_aid=agru&a_bid=2d914045
Requested by
Host: hlmiq.com
URL: https://hlmiq.com/vu/it/?
Protocol
H2
Server
2606:4700::6810:970f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://hlmiq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Redirect headers

date
Wed, 10 May 2023 01:24:13 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-cache-status
EXPIRED
server
cloudflare
vary
Accept-Encoding
content-type
text/html
location
https://www.airhelp.com/it/?utm_medium=affiliate&utm_source=pap&utm_campaign=aff-agru&utm_content=&a_aid=agru&a_bid=2d914045
cache-control
public, max-age=86400
cf-ray
7c4e619efb6b83a2-MXP
expires
Thu, 11 May 2023 01:24:13 GMT
/
www.getyourguide.it/ Frame 0B86
Redirect Chain
  • https://www.getyourguide.com/?partner_id=ZUZJJY5&utm_medium=online_publisher&placement=%22banner%22
  • https://www.getyourguide.it/?partner_id=ZUZJJY5&utm_medium=online_publisher&placement=%22banner%22&visitor-id=6R63D9LK9XL5NWJ00JD0N18GQYIA2LEG&locale_autoredirect_optout=true
0
0
Script
General
Full URL
https://www.getyourguide.it/?partner_id=ZUZJJY5&utm_medium=online_publisher&placement=%22banner%22&visitor-id=6R63D9LK9XL5NWJ00JD0N18GQYIA2LEG&locale_autoredirect_optout=true
Requested by
Host: hlmiq.com
URL: https://hlmiq.com/vu/it/?
Protocol
H2
Server
2606:4700::6812:5d2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://hlmiq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Redirect headers

date
Wed, 10 May 2023 01:24:13 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-security-policy-report-only
default-src 'self';font-src 'self' data: https://*.getyourguide.com https://fonts.gstatic.com https://fonts.googleapis.com https://use.fontawesome.com;style-src 'self' 'unsafe-inline' https://*.getyourguide.com https://accounts.google.com https://tagmanager.google.com https://*.googletagmanager.com https://www.gstatic.com https://fonts.googleapis.com https://use.fontawesome.com;object-src 'none';connect-src 'self' https://*.getyourguide.com https://*.google.com https://*.analytics.google.com https://*.google-analytics.com https://*.googletagmanager.com https://*.g.doubleclick.net https://*.googleapis.com https://*.sentry.io https://*.ingest.sentry.io https://*.onetrust.com https://*.braze.com https://*.braze.eu https://*.fra-01.braze.eu https://*.rageagainstthesoap.com cloudflareinsights.com https://bat.bing.com https://*.clarity.ms https://api.3bears.ai https://www.facebook.com https://*.adyen.com https://*.hotjar.io wss://*.hotjar.com https://sslwidget.criteo.com;script-src 'nonce-7ef5d5ce9dd48e4d16b153f4f9ec20bd' 'self' https://*.getyourguide.com https://www.googleadservices.com https://tpc.googlesyndication.com https://*.google.com https://*.analytics.google.com https://*.google-analytics.com https://*.googletagmanager.com https://tagmanager.google.com https://*.g.doubleclick.net https://*.googleapis.com https://*.rageagainstthesoap.com https://bat.bing.com https://www.clarity.ms https://api.microsofttranslator.com https://www.microsofttranslator.com https://js.appboycdn.com https://polyfill.io https://cdn.siftscience.com https://script.hotjar.com https://connect.facebook.net https://static.cloudflareinsights.com https://challenges.cloudflare.com https://dynamic.criteo.com https://sslwidget.criteo.com https://static.criteo.net https://widget.us.criteo.com https://widget.eu.criteo.com https://cdn.3bears.ai;img-src 'nonce-7ef5d5ce9dd48e4d16b153f4f9ec20bd' 'self' data: https://images.contentstack.io https://*.getyourguide.com https://sem-gtm-event-handler.gygservice.com https://*.google-analytics.com https://*.googletagmanager.com https://*.g.doubleclick.net https://www.googleadservices.com https://*.googleapis.com https://*.google.com https://*.gstatic.com https://*.youtube.com *.google.ad *.google.ae *.google.com.af *.google.com.ag *.google.com.ai *.google.al *.google.am *.google.co.ao *.google.com.ar *.google.as *.google.at *.google.com.au *.google.az *.google.ba *.google.com.bd *.google.be *.google.bf *.google.bg *.google.com.bh *.google.bi *.google.bj *.google.com.bn *.google.com.bo *.google.com.br *.google.bs *.google.bt *.google.co.bw *.google.by *.google.com.bz *.google.ca *.google.cd *.google.cf *.google.cg *.google.ch *.google.ci *.google.co.ck *.google.cl *.google.cm *.google.cn *.google.com.co *.google.co.cr *.google.com.cu *.google.cv *.google.com.cy *.google.cz *.google.de *.google.dj *.google.dk *.google.dm *.google.com.do *.google.dz *.google.com.ec *.google.ee *.google.com.eg *.google.es *.google.com.et *.google.fi *.google.com.fj *.google.fm *.google.fr *.google.ga *.google.ge *.google.gg *.google.com.gh *.google.com.gi *.google.gl *.google.gm *.google.gr *.google.com.gt *.google.gy *.google.com.hk *.google.hn *.google.hr *.google.ht *.google.hu *.google.co.id *.google.ie *.google.co.il *.google.im *.google.co.in *.google.iq *.google.is *.google.it *.google.je *.google.com.jm *.google.jo *.google.co.jp *.google.co.ke *.google.com.kh *.google.ki *.google.kg *.google.co.kr *.google.com.kw *.google.kz *.google.la *.google.com.lb *.google.li *.google.lk *.google.co.ls *.google.lt *.google.lu *.google.lv *.google.com.ly *.google.co.ma *.google.md *.google.me *.google.mg *.google.mk *.google.ml *.google.com.mm *.google.mn *.google.ms *.google.com.mt *.google.mu *.google.mv *.google.mw *.google.com.mx *.google.com.my *.google.co.mz *.google.com.na *.google.com.ng *.google.com.ni *.google.ne *.google.nl *.google.no *.google.com.np *.google.nr *.google.nu *.google.co.nz *.google.com.om *.google.com.pa *.google.com.pe *.google.com.pg *.google.com.ph *.google.com.pk *.google.pl *.google.pn *.google.com.pr *.google.ps *.google.pt *.google.com.py *.google.com.qa *.google.ro *.google.ru *.google.rw *.google.com.sa *.google.com.sb *.google.sc *.google.se *.google.com.sg *.google.sh *.google.si *.google.sk *.google.com.sl *.google.sn *.google.so *.google.sm *.google.sr *.google.st *.google.com.sv *.google.td *.google.tg *.google.co.th *.google.com.tj *.google.tl *.google.tm *.google.tn *.google.to *.google.com.tr *.google.tt *.google.com.tw *.google.co.tz *.google.com.ua *.google.co.ug *.google.co.uk *.google.com.uy *.google.co.uz *.google.com.vc *.google.co.ve *.google.vg *.google.co.vi *.google.com.vn *.google.vu *.google.ws *.google.rs *.google.co.za *.google.co.zm *.google.co.zw *.google.cat https://*.rageagainstthesoap.com https://*.bing.com https://*.clarity.ms https://gum.criteo.com https://dis.criteo.com https://www.facebook.com https://*.adyen.com https://hexagon-analytics.com;base-uri 'self';worker-src blob: https://*.getyourguide.com;manifest-src https://*.getyourguide.com;frame-src https://*.getyourguide.com https://*.googletagmanager.com https://*.google.com https://*.fls.doubleclick.net https://tpc.googlesyndication.com https://www.facebook.com https://*.rageagainstthesoap.com https://challenges.cloudflare.com https://gum.criteo.com https://*.adyen.com https://secure7.arcot.com
x-envoy-upstream-service-time
14
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
e66a1141-dc87-47e9-8224-4a4167ba64e9
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
x-gyg-view-id
15r2xb1yeeow6e8awosnzqg16pqsfbym
vary
Accept-Encoding
x-frame-options
DENY
content-type
text/html; charset=utf-8
location
https://www.getyourguide.it/?partner_id=ZUZJJY5&utm_medium=online_publisher&placement=%22banner%22&visitor-id=6R63D9LK9XL5NWJ00JD0N18GQYIA2LEG&locale_autoredirect_optout=true
cache-control
private, no-store, max-age=0, s-max-age=0, must-revalidate
cf-ray
7c4e61a02b3883ba-MXP
default.mi
www.marriott.it/ Frame 0B86
Redirect Chain
  • https://hlmiq.com/to2/marriott.it/
  • https://www.marriott.it/?api_key=6e214a2e5eaa4f87f699b7c54a542a6a&type=url&source=https%3A%2F%2Fwww.linkbux.com&site_id=2588750acba045468d0d6283a3c3afec&yk_tag=lb_iyb30n
  • https://www.marriott.it/default.mi?api_key=6e214a2e5eaa4f87f699b7c54a542a6a&type=url&source=https%3A%2F%2Fwww.linkbux.com&site_id=2588750acba045468d0d6283a3c3afec&yk_tag=lb_iyb30n
0
0
Script
General
Full URL
https://www.marriott.it/default.mi?api_key=6e214a2e5eaa4f87f699b7c54a542a6a&type=url&source=https%3A%2F%2Fwww.linkbux.com&site_id=2588750acba045468d0d6283a3c3afec&yk_tag=lb_iyb30n
Requested by
Host: hlmiq.com
URL: https://hlmiq.com/vu/it/?
Protocol
H2
Server
104.111.216.81 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-216-81.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
it-IT,it;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Redirect headers

pragma
no-cache
date
Wed, 10 May 2023 01:24:13 GMT
strict-transport-security
max-age=86400 ; includeSubDomains
server
AkamaiGHost
location
https://www.marriott.it/default.mi?api_key=6e214a2e5eaa4f87f699b7c54a542a6a&type=url&source=https%3A%2F%2Fwww.linkbux.com&site_id=2588750acba045468d0d6283a3c3afec&yk_tag=lb_iyb30n
cache-control
max-age=0, no-cache, no-store
er_information
ER_EXECUTED:;ER_EXECUTED_RULE:
server-timing
ak_p; desc="467689_34650934_52257618_20_15417_49_0";dur=1
content-length
0
expires
Wed, 10 May 2023 01:24:13 GMT
/
www.transavia.com/it-IT/home/ Frame 0B86
Redirect Chain
  • https://hlmiq.com/to2/transavia.it/
  • https://sc.tradetracker.net/tracker/merchant?e=clk&cstid=167422&cid=27846&data=0%3A%3A218459%3A%3A71651224a2254e46b63898447414be57%3A%3A%3A%3A1683674703&url=https%3A%2F%2Fwww.transavia.com%2Fit-IT%...
  • https://www.transavia.com/it-IT/home/?utm_source=affiliate&utm_medium=custom&utm_campaign=HVTO_IT_218459_BuyOn
0
0
Script
General
Full URL
https://www.transavia.com/it-IT/home/?utm_source=affiliate&utm_medium=custom&utm_campaign=HVTO_IT_218459_BuyOn
Requested by
Host: hlmiq.com
URL: https://hlmiq.com/vu/it/?
Protocol
H2
Server
45.223.19.47 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
it-IT,it;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Redirect headers

location
https://www.transavia.com/it-IT/home/?utm_source=affiliate&utm_medium=custom&utm_campaign=HVTO_IT_218459_BuyOn
date
Wed, 10 May 2023 01:24:14 GMT
content-type
text/html;charset=UTF-8
server
NOYB 2.0.0
x-powered-by
NOYB 2.0.0
p3p
CP="ALL PUR DSP CUR ADMi DEVi CONi OUR COR IND", policyref="https://tm.tradetracker.net/public/w3c/p3p.xml"
/
www.getresponse.com/ Frame 0B86
0
0
Script
General
Full URL
https://www.getresponse.com/?a=agru
Requested by
Host: hlmiq.com
URL: https://hlmiq.com/vu/it/?
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.160.64.8 , United States, ASN46469 (GETRESPONSE-IMPLIX, US),
Reverse DNS
getresponse.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://hlmiq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

/
www.ebay.it/ Frame 0B86
Redirect Chain
  • https://hlmiq.com/to2/ebay.it/
  • https://www.ebay.it/?mkevt=1&mkcid=1&mkrid=724-53478-19255-0&campid=5336482211&toolid=10001&customid=1e912d86e0c44125ab3cb8fe8ce525ce
0
0
Script
General
Full URL
https://www.ebay.it/?mkevt=1&mkcid=1&mkrid=724-53478-19255-0&campid=5336482211&toolid=10001&customid=1e912d86e0c44125ab3cb8fe8ce525ce
Requested by
Host: hlmiq.com
URL: https://hlmiq.com/vu/it/?
Protocol
H2
Server
72.246.169.121 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a72-246-169-121.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
it-IT,it;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Redirect headers

Location
https://www.ebay.it/?mkevt=1&mkcid=1&mkrid=724-53478-19255-0&campid=5336482211&toolid=10001&customid=1e912d86e0c44125ab3cb8fe8ce525ce
Date
Wed, 10 May 2023 01:24:13 GMT
Referrer-Policy
no-referrer
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
/
www.libraccio.it/ Frame 0B86
Redirect Chain
  • https://hlmiq.com/to2/libraccio.it/
  • https://redirects.tradedoubler.com/projectr/?utm_source=tradedoubler&utm_medium=cpa&utm_campaign=2353954&utm_content=affiliazione&tduid=c368a8247d955f0e347afc5d845b1652&_td_deeplink=https://www.lib...
  • https://www.libraccio.it/?utm_source=tradedoubler&utm_medium=cpa&utm_campaign=2353954&utm_content=affiliazione&tduid=c368a8247d955f0e347afc5d845b1652
0
0
Script
General
Full URL
https://www.libraccio.it/?utm_source=tradedoubler&utm_medium=cpa&utm_campaign=2353954&utm_content=affiliazione&tduid=c368a8247d955f0e347afc5d845b1652
Requested by
Host: hlmiq.com
URL: https://hlmiq.com/vu/it/?
Protocol
H2
Server
23.45.103.78 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
it-IT,it;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Redirect headers

Location
https://www.libraccio.it/?utm_source=tradedoubler&utm_medium=cpa&utm_campaign=2353954&utm_content=affiliazione&tduid=c368a8247d955f0e347afc5d845b1652
Date
Wed, 10 May 2023 01:24:14 GMT
Server
Apache/2.4.55 (Ubuntu)
Connection
keep-alive
Content-Length
1
Content-Type
text/html; charset=UTF-8
/
block.fiverr.com/ Frame 0B86
Redirect Chain
  • https://hlmiq.com/to2/fiverr.it/
  • https://www.fiverr.com/?utm_source=3789&utm_medium=cx_affiliate&utm_campaign=789945&afp=6439d60bdfe20d00133800c0&cxd_token=3789_25107268_%7Cafp0%3A6439d60bdfe20d00133800c0%7Cafp1%3A6288_1683674641_...
  • https://block.fiverr.com/?url=aHR0cDovL3d3dy5maXZlcnIuY29tLz9hZnA9NjQzOWQ2MGJkZmUyMGQwMDEzMzgwMGMwJnNob3dfam9pbj10cnVlJnV0bV9tZWRpdW09Y3hfYWZmaWxpYXRlJnV0bV9jYW1wYWlnbj03ODk5NDUmdXRtX3NvdXJjZT0zNzg...
0
0
Script
General
Full URL
https://block.fiverr.com/?url=aHR0cDovL3d3dy5maXZlcnIuY29tLz9hZnA9NjQzOWQ2MGJkZmUyMGQwMDEzMzgwMGMwJnNob3dfam9pbj10cnVlJnV0bV9tZWRpdW09Y3hfYWZmaWxpYXRlJnV0bV9jYW1wYWlnbj03ODk5NDUmdXRtX3NvdXJjZT0zNzg5JmN4ZF90b2tlbj0zNzg5XzI1MTA3MjY4XyU3Q2FmcDAlM0E2NDM5ZDYwYmRmZTIwZDAwMTMzODAwYzAlN0NhZnAxJTNBNjI4OF8xNjgzNjc0NjQxXzhjZDI3YmQxZjhmNGNjMmMyN2U3ZjRjYzhiYzhjMDY5JTdDYWZwMiUzQTc4OTk0NSU3Q2FmcDEwJTNBNzg5OTQ1&uuid=5ffc4e0d-eed1-11ed-9398-48556d6d6e41&vid=
Requested by
Host: hlmiq.com
URL: https://hlmiq.com/vu/it/?
Protocol
H2
Server
104.18.254.23 -, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
it-IT,it;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Redirect headers

date
Wed, 10 May 2023 01:24:14 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
accept-ch
UA,Sec-CH-UA-Mobile,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,ECT
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kmjg5eFTscHuTHLtp3Phc5ml08Ur0CHGMMh%2Bn%2Fxz0n2aU7kjGqKMk%2FOdRzxvd2alpUO7%2FAR4%2BzzRg3DApDh4zCT5UNonhZqhA%2FVmEZ5U9olEL%2BvIh4UBaOIA%2FHwPiYqB"}],"group":"cf-nel","max_age":604800}
content-type
text/html
location
https://block.fiverr.com/?url=aHR0cDovL3d3dy5maXZlcnIuY29tLz9hZnA9NjQzOWQ2MGJkZmUyMGQwMDEzMzgwMGMwJnNob3dfam9pbj10cnVlJnV0bV9tZWRpdW09Y3hfYWZmaWxpYXRlJnV0bV9jYW1wYWlnbj03ODk5NDUmdXRtX3NvdXJjZT0zNzg5JmN4ZF90b2tlbj0zNzg5XzI1MTA3MjY4XyU3Q2FmcDAlM0E2NDM5ZDYwYmRmZTIwZDAwMTMzODAwYzAlN0NhZnAxJTNBNjI4OF8xNjgzNjc0NjQxXzhjZDI3YmQxZjhmNGNjMmMyN2U3ZjRjYzhiYzhjMDY5JTdDYWZwMiUzQTc4OTk0NSU3Q2FmcDEwJTNBNzg5OTQ1&uuid=5ffc4e0d-eed1-11ed-9398-48556d6d6e41&vid=
server-timing
nx;dur=0.038;desc="External Load Balancer", cfRequestDuration;dur=157.000065, earlyhints
cf-ray
7c4e61a5ac660d53-MXP
content-length
187
/
www.cdkeys.com/ Frame 0B86
0
0
Script
General
Full URL
https://www.cdkeys.com/?mw_aref=agru
Requested by
Host: hlmiq.com
URL: https://hlmiq.com/vu/it/?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.14.122 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://hlmiq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

referrals.list
www.lookfantastic.it/ Frame 0B86
0
0
Script
General
Full URL
https://www.lookfantastic.it/referrals.list?applyCode=TOP-R1Q
Requested by
Host: hlmiq.com
URL: https://hlmiq.com/vu/it/?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.177.17.3 , United Kingdom, ASN197651 (THEHUTGROUPLIMITED, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://hlmiq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

/
www.fruugo.it/ Frame 0B86
Redirect Chain
  • https://hlmiq.com/to2/fruugo.it/
  • https://redirects.tradedoubler.com/projectr/?ac=tradedoubler&tduid=df5ef1339cad59a4669704a579a775d4&_td_deeplink=https://www.fruugo.it
  • https://www.fruugo.it/?ac=tradedoubler&tduid=df5ef1339cad59a4669704a579a775d4
0
0
Script
General
Full URL
https://www.fruugo.it/?ac=tradedoubler&tduid=df5ef1339cad59a4669704a579a775d4
Requested by
Host: hlmiq.com
URL: https://hlmiq.com/vu/it/?
Protocol
H2
Server
23.45.99.31 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
it-IT,it;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Redirect headers

Location
https://www.fruugo.it?ac=tradedoubler&tduid=df5ef1339cad59a4669704a579a775d4
Date
Wed, 10 May 2023 01:24:14 GMT
Server
Apache/2.4.55 (Ubuntu)
Connection
keep-alive
Content-Length
1
Content-Type
text/html; charset=UTF-8
it
www.volotea.com/ Frame 0B86
Redirect Chain
  • https://hlmiq.com/to2/volotea.com/
  • https://www.volotea.com/it?utm_campaign=IT&utm_source=CJ&utm_medium=affiliates&utm_term=4260539&cje=8afc8860eec211ed8203a8930a18b8fa&cjdata=MXxZfFl8WXww
0
0

GenericLandingPage.aspx
www.hp.com/it-it/shop/ Frame 0B86
Redirect Chain
  • https://hlmiq.com/to2/hp.it/
  • https://redirects.tradedoubler.com/projectr/?_td_ifelse=hpinstantink*td_string*https%3A%2F%2Fwww.hp.com%2Fit-it%2Fshop%2F*td_true*_td_spaceport_encode=-1&utm_source=affiliate&utm_medium=instantink&...
  • https://www.hp.com/it-it/shop/GenericLandingPage.aspx?tduid=68b98e9fec38599bb6d539b9e6fc1fcb&url=https://www.hp.com/it-it/shop/?utm_source=affiliate&utm_medium=cpa&utm_campaign=BuyOn
0
0

/
it.hotels.com/ Frame 0B86
0
0
Script
General
Full URL
https://it.hotels.com/?locale=it_IT&pos=HCOM_IT&rffrid=aff.hcom.IT.038.000.1100l95727.kwrd=1100lwJJVkHU&affcid=HCOM-IT.DIRECT.PHG.1100l95727&afflid=1100lwJJVkHU
Requested by
Host: hlmiq.com
URL: https://hlmiq.com/vu/it/?
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:1b6::277d -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://hlmiq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

/
www.miniinthebox.com/it/ Frame 0B86
Redirect Chain
  • https://www.miniinthebox.com/?utm_campaign=1398851&utm_content=Indoleads2019&utm_source=gan&utm_medium=affiliate&litb_from=affiliate_gan&clickid=Was0QpX%3AKxyNR7TQ1CxahX8JUkAXz3TGXUjWwE0&irgwc=1
  • https://www.miniinthebox.com/it/?utm_campaign=1398851&utm_content=Indoleads2019&utm_source=gan&utm_medium=affiliate&litb_from=affiliate_gan&clickid=Was0QpX%3AKxyNR7TQ1CxahX8JUkAXz3TGXUjWwE0&irgwc=1
0
0

/
www.qvc.it/ Frame 0B86
Redirect Chain
  • https://hlmiq.com/to2/qvc.it/
  • https://www.qvc.it/?api_key=526ce45b25e1f6dcb86f05e8f2c94e64&site_id=4e52405092d94c458711b4fff5efbfbd&type=url&source=clcktrck.com&yk_tag=146120de1542c0622441428ba50fe4c6
0
0

/
www.giglio.com/ Frame 0B86
0
0

/
www.tiqets.com/it/ Frame 0B86
0
0
Script
General
Full URL
https://www.tiqets.com/it/?partner=mtac
Requested by
Host: hlmiq.com
URL: https://hlmiq.com/vu/it/?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:4e00:12:ff18:1880:93a1 -, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://hlmiq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

/
www.gamestop.it/ Frame 0B86
Redirect Chain
  • https://hlmiq.com/to2/gamestop.it/
  • https://www.gamestop.it/?kk=a4c6293-18802adc4d8-28073&utm_campaign=kelkooclick&utm_medium=cpc&utm_source=kelkooit
0
0
Script
General
Full URL
https://www.gamestop.it/?kk=a4c6293-18802adc4d8-28073&utm_campaign=kelkooclick&utm_medium=cpc&utm_source=kelkooit
Requested by
Host: hlmiq.com
URL: https://hlmiq.com/vu/it/?
Protocol
H2
Server
23.45.238.185 -, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
it-IT,it;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Redirect headers

Location
https://www.gamestop.it/?kk=a4c6293-18802adc4d8-28073&utm_campaign=kelkooclick&utm_medium=cpc&utm_source=kelkooit
Date
Wed, 10 May 2023 01:24:14 GMT
Referrer-Policy
no-referrer
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
index.js
assets.alicdn.com/g/ae-fe/global/0.0.3/ Frame 1029
154 KB
43 KB
Script
General
Full URL
https://assets.alicdn.com/g/ae-fe/global/0.0.3/index.js
Requested by
Host: login.aliexpress.com
URL: https://login.aliexpress.com/?af=a&8469&cn=milano&cv=482179&dp=192.145.127.217&aff_fcid=a7cfe817f0b644d3a2fabcdc99f75a09-1683681851328-03377-_DEQI9az&tt=CPS_NORMAL&aff_fsk=_DEQI9az&aff_platform=portals-tool&sk=_DEQI9az&aff_trace_key=a7cfe817f0b644d3a2fabcdc99f75a09-1683681851328-03377-_DEQI9az&terminal_id=1c58bfd2c6134e8bb4348f30a995d8b4
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.102.42.226 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-102-42-226.deploy.static.akamaitechnologies.com
Software
Akamai Resource Optimizer /
Resource Hash
1e589330bfeb3738300c3c79d0bd373cd6f17cd8904927c7b99a06de2d1e647e

Request headers

Referer
https://login.aliexpress.com/
Origin
https://login.aliexpress.com
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 10 May 2023 01:24:11 GMT
content-encoding
br
x-oss-request-id
63F48DF976DE8F313278E92B
content-md5
prkhmRt0YCJQUoclmKII8Q==
x-swift-cachetime
3600
x-swift-savetime
Tue, 21 Feb 2023 09:25:14 GMT
content-length
43798
x-oss-object-type
Normal
last-modified
Sat, 06 May 2023 20:25:29 GMT
server
Akamai Resource Optimizer
ali-swift-global-savetime
1676971514
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=839426, s-maxage=3600
served-from
2.21.7.181
x-oss-storage-class
Standard
x-source-scheme
https
timing-allow-origin
*
network_info
DE_FRANKFURT_34164, IT_MILANO_9009
x-oss-hash-crc64ecma
16903611061583817401
eagleid
2ff6309b16769715138231231e
x-oss-server-time
6
expires
Fri, 19 May 2023 18:34:37 GMT
index.js
assets.alicdn.com/g/ae-fe/login-ui/0.0.69/ Frame 1029
296 KB
65 KB
Script
General
Full URL
https://assets.alicdn.com/g/ae-fe/login-ui/0.0.69/index.js
Requested by
Host: login.aliexpress.com
URL: https://login.aliexpress.com/?af=a&8469&cn=milano&cv=482179&dp=192.145.127.217&aff_fcid=a7cfe817f0b644d3a2fabcdc99f75a09-1683681851328-03377-_DEQI9az&tt=CPS_NORMAL&aff_fsk=_DEQI9az&aff_platform=portals-tool&sk=_DEQI9az&aff_trace_key=a7cfe817f0b644d3a2fabcdc99f75a09-1683681851328-03377-_DEQI9az&terminal_id=1c58bfd2c6134e8bb4348f30a995d8b4
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.102.42.226 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-102-42-226.deploy.static.akamaitechnologies.com
Software
Akamai Resource Optimizer /
Resource Hash
70caa0698f1eaf8926a63cf57562eebccdd8b4de4eb03db817d72573fec93672

Request headers

Referer
https://login.aliexpress.com/
Origin
https://login.aliexpress.com
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 10 May 2023 01:24:11 GMT
content-encoding
br
x-oss-request-id
644A65605D469B32331EC593
content-md5
a3TkRMSg+6ihnoa+AzVCQA==
x-swift-cachetime
86399
x-swift-savetime
Thu, 27 Apr 2023 12:06:57 GMT
content-length
65975
x-oss-object-type
Normal
last-modified
Thu, 27 Apr 2023 12:06:59 GMT
server
Akamai Resource Optimizer
ali-swift-global-savetime
1682597216
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=1507348, s-maxage=86400
served-from
23.206.194.197
x-oss-storage-class
Standard
x-source-scheme
https
timing-allow-origin
*
network_info
US_CHICAGO_35994, IT_MILANO_9009
x-oss-hash-crc64ecma
7461834688420766764
eagleid
2ff6299b16825972163114520e
x-oss-server-time
15
expires
Sat, 27 May 2023 12:06:39 GMT
index.css
assets.alicdn.com/g/ae-fe/login-ui/0.0.69/ Frame 1029
93 KB
14 KB
Stylesheet
General
Full URL
https://assets.alicdn.com/g/ae-fe/login-ui/0.0.69/index.css
Requested by
Host: login.aliexpress.com
URL: https://login.aliexpress.com/?af=a&8469&cn=milano&cv=482179&dp=192.145.127.217&aff_fcid=a7cfe817f0b644d3a2fabcdc99f75a09-1683681851328-03377-_DEQI9az&tt=CPS_NORMAL&aff_fsk=_DEQI9az&aff_platform=portals-tool&sk=_DEQI9az&aff_trace_key=a7cfe817f0b644d3a2fabcdc99f75a09-1683681851328-03377-_DEQI9az&terminal_id=1c58bfd2c6134e8bb4348f30a995d8b4
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.102.42.226 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-102-42-226.deploy.static.akamaitechnologies.com
Software
Akamai Resource Optimizer /
Resource Hash
fcec016faf1ff5e1d30a5b852ea2341a02d33f79d790ad7357148fbbc63683ec

Request headers

Referer
https://login.aliexpress.com/
Origin
https://login.aliexpress.com
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 10 May 2023 01:24:11 GMT
content-encoding
br
x-oss-request-id
644A6487C7F41B35334A4633
content-md5
+ag54HmjhF15p5Vg29F5lQ==
x-swift-cachetime
83861
x-swift-savetime
Thu, 27 Apr 2023 12:45:38 GMT
content-length
13553
x-oss-object-type
Normal
last-modified
Thu, 27 Apr 2023 12:59:36 GMT
server
Akamai Resource Optimizer
ali-swift-global-savetime
1682596999
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=1507131, s-maxage=86400
served-from
23.48.215.87
x-oss-storage-class
Standard
x-source-scheme
https
timing-allow-origin
*
network_info
US_SANTACLARA_20940, IT_MILANO_9009
x-oss-hash-crc64ecma
13767110009122417633
eagleid
082db09516826003756042805e
x-oss-server-time
4
expires
Sat, 27 May 2023 12:03:02 GMT
login_page_config.htm
login.aliexpress.com/join/ Frame 1029
1 KB
2 KB
XHR
General
Full URL
https://login.aliexpress.com/join/login_page_config.htm
Requested by
Host: login.aliexpress.com
URL: https://login.aliexpress.com/?af=a&8469&cn=milano&cv=482179&dp=192.145.127.217&aff_fcid=a7cfe817f0b644d3a2fabcdc99f75a09-1683681851328-03377-_DEQI9az&tt=CPS_NORMAL&aff_fsk=_DEQI9az&aff_platform=portals-tool&sk=_DEQI9az&aff_trace_key=a7cfe817f0b644d3a2fabcdc99f75a09-1683681851328-03377-_DEQI9az&terminal_id=1c58bfd2c6134e8bb4348f30a995d8b4
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.102.42.226 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-102-42-226.deploy.static.akamaitechnologies.com
Software
Apache-Coyote/1.1 /
Resource Hash
8d9f92d4bef91b410b88e9c1479812db2983d10ac53a730137fd6bc75e760a1b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://login.aliexpress.com/?af=a&8469&cn=milano&cv=482179&dp=192.145.127.217&aff_fcid=a7cfe817f0b644d3a2fabcdc99f75a09-1683681851328-03377-_DEQI9az&tt=CPS_NORMAL&aff_fsk=_DEQI9az&aff_platform=portals-tool&sk=_DEQI9az&aff_trace_key=a7cfe817f0b644d3a2fabcdc99f75a09-1683681851328-03377-_DEQI9az&terminal_id=1c58bfd2c6134e8bb4348f30a995d8b4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
date
Wed, 10 May 2023 01:24:11 GMT
server
Apache-Coyote/1.1
vary
Accept-Encoding
content-type
application/json;charset=utf-8
content-language
en-US
p3p
CP="CAO PSA OUR"
access-control-allow-credentials
true
server-timing
ak_p; desc="467689_34664582_24062897_1881_509_34_0";dur=1
timing-allow-origin
*
content-length
536
eagleeye-traceid
211b88ec16836818516512096e3e18
/
g.alicdn.com/aes/ Frame 1029
75 KB
26 KB
Script
General
Full URL
https://g.alicdn.com/aes/??tracker/1.0.34/index.js,tracker-plugin-event/1.2.5/index.js,tracker-plugin-jserror/1.0.13/index.js,tracker-plugin-api/1.1.14/index.js,tracker-plugin-perf/1.1.8/index.js,tracker-plugin-eventTiming/1.0.4/index.js,tracker-plugin-pv/2.4.5/index.js,tracker-plugin-blank/1.0.0/index.js,tracker-plugin-autolog/1.0.21/index.js
Requested by
Host: login.aliexpress.com
URL: https://login.aliexpress.com/?af=a&8469&cn=milano&cv=482179&dp=192.145.127.217&aff_fcid=a7cfe817f0b644d3a2fabcdc99f75a09-1683681851328-03377-_DEQI9az&tt=CPS_NORMAL&aff_fsk=_DEQI9az&aff_platform=portals-tool&sk=_DEQI9az&aff_trace_key=a7cfe817f0b644d3a2fabcdc99f75a09-1683681851328-03377-_DEQI9az&terminal_id=1c58bfd2c6134e8bb4348f30a995d8b4
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
163.181.56.193 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
88e90b6cee2e482fdc7b6ba16709a0cc5259f62b922c0b43dd27213fa52118b5

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://login.aliexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 09 May 2023 13:49:19 GMT
content-encoding
gzip
via
cache11.l2de2[92,108,200-0,C], cache20.l2de2[110,0], cache20.l2de2[120,0], ens-cache1.de4[0,0,200-0,H], ens-cache2.de4[2,0]
x-oss-request-id
645A4F5F601F6231364B92CC
content-md5
YaSdKZFnhdDkpkTJTXgyyw==
age
41692
x-swift-cachetime
86400
x-cache
HIT TCP_MEM_HIT dirn:8:434631310
x-swift-savetime
Tue, 09 May 2023 13:49:19 GMT
content-length
25843
x-bucket-code
3
x-oss-object-type
Normal
server
Tengine
vary
Accept-Encoding
ali-swift-global-savetime
1683640159
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000,s-maxage=86400
x-oss-storage-class
Standard
timing-allow-origin
*
x-oss-hash-crc64ecma
14157739603154525209
eagleid
2ff62b1a16836818517507173e
x-oss-server-time
39
/
assets.alicdn.com/g/ Frame 1029
37 KB
15 KB
Script
General
Full URL
https://assets.alicdn.com/g/??/AWSC/AWSC/awsc.js,/sd/baxia/2.0.39/baxiaCommon.js
Requested by
Host: login.aliexpress.com
URL: https://login.aliexpress.com/?af=a&8469&cn=milano&cv=482179&dp=192.145.127.217&aff_fcid=a7cfe817f0b644d3a2fabcdc99f75a09-1683681851328-03377-_DEQI9az&tt=CPS_NORMAL&aff_fsk=_DEQI9az&aff_platform=portals-tool&sk=_DEQI9az&aff_trace_key=a7cfe817f0b644d3a2fabcdc99f75a09-1683681851328-03377-_DEQI9az&terminal_id=1c58bfd2c6134e8bb4348f30a995d8b4
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.102.42.226 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-102-42-226.deploy.static.akamaitechnologies.com
Software
Tengine /
Resource Hash
1e30fbf65e2e8cf1e5fc829f1fe520509e8266f4478f856e89b2263d96f1950d

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://login.aliexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 10 May 2023 01:24:11 GMT
content-encoding
gzip
x-oss-request-id
645AD968360037303758CA3E
content-md5
mBq5uWusmgMlgzSnRdDoQQ==
x-swift-cachetime
3600
x-swift-savetime
Tue, 09 May 2023 23:38:17 GMT
content-length
14358
x-oss-object-type
Normal
server
Tengine
vary
Accept-Encoding
ali-swift-global-savetime
1683675497
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=818, s-maxage=3600
served-from
23.55.162.134
x-oss-storage-class
Standard
x-source-scheme
https
timing-allow-origin
*
x-oss-hash-crc64ecma
11772897745845597783
network_info
IT_MILANO_9009
eagleid
a3b55c9816836754961826441e
x-oss-server-time
2
index.js
g.alicdn.com/secdev/entry/ Frame 1029
5 KB
3 KB
Script
General
Full URL
https://g.alicdn.com/secdev/entry/index.js
Requested by
Host: login.aliexpress.com
URL: https://login.aliexpress.com/?af=a&8469&cn=milano&cv=482179&dp=192.145.127.217&aff_fcid=a7cfe817f0b644d3a2fabcdc99f75a09-1683681851328-03377-_DEQI9az&tt=CPS_NORMAL&aff_fsk=_DEQI9az&aff_platform=portals-tool&sk=_DEQI9az&aff_trace_key=a7cfe817f0b644d3a2fabcdc99f75a09-1683681851328-03377-_DEQI9az&terminal_id=1c58bfd2c6134e8bb4348f30a995d8b4
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
163.181.56.193 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
77135c19f0970d11093cfb5f0f76906d0b1e933106c1c1001aeeedae370cf425

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://login.aliexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 10 May 2023 01:01:59 GMT
content-encoding
gzip
via
cache21.l2de2[0,0,200-0,H], cache21.l2de2[0,0], cache21.l2de2[1,0], ens-cache8.de4[0,0,200-0,H], ens-cache2.de4[2,0]
x-oss-request-id
645AED0701FB55353104E7D3
content-md5
GVl07tSCeyGdnOi6W5lhAg==
age
1332
x-swift-cachetime
3600
x-cache
HIT TCP_MEM_HIT dirn:8:419376755
x-swift-savetime
Wed, 10 May 2023 01:01:59 GMT
content-length
2484
x-bucket-code
3
x-oss-object-type
Normal
server
Tengine
vary
Accept-Encoding
ali-swift-global-savetime
1683680519
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=7200,s-maxage=3600
x-oss-storage-class
Standard
timing-allow-origin
*
x-oss-hash-crc64ecma
891739218834275235
eagleid
2ff62b1a16836818517507175e
x-oss-server-time
1
H625cd629fe984c719391fc7289edb4a72.png
ae01.alicdn.com/kf/ Frame 1029
3 KB
3 KB
Image
General
Full URL
https://ae01.alicdn.com/kf/H625cd629fe984c719391fc7289edb4a72.png
Requested by
Host: assets.alicdn.com
URL: https://assets.alicdn.com/g/ae-fe/login-ui/0.0.69/index.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
163.181.56.193 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
762a540cc32fb868a998ff86b01c08de4e608410e07494d91c9f99af654663ad
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://assets.alicdn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 Aug 2022 08:53:50 GMT
strict-transport-security
max-age=0
via
cache29.l2us1[0,0,200-0,H], cache40.l2us1[1,0], ens-cache7.de4[0,0,200-0,H], ens-cache2.de4[6,0]
age
23128222
x-swift-cachetime
63337268
x-cache
HIT TCP_MEM_HIT dirn:9:395853342
x-swift-savetime
Tue, 09 May 2023 07:12:42 GMT
content-length
2677
cdn-type
alibaba
last-modified
Wed, 30 Mar 2022 09:50:43 GMT
server
Tengine
ali-swift-global-savetime
1660553630
content-type
image/png
traceid
4f85b09d16605536306331135e
access-control-allow-origin
*
cache-control
max-age=86400000
timing-allow-origin
*, *
eagleeye-traceid
4f85b09d16605536306331135e
eagleid
2ff62b1a16836818523137758e
H44c0698a1944450a9ac158772a32fe1aN.png
ae01.alicdn.com/kf/ Frame 1029
24 KB
24 KB
Image
General
Full URL
https://ae01.alicdn.com/kf/H44c0698a1944450a9ac158772a32fe1aN.png
Requested by
Host: assets.alicdn.com
URL: https://assets.alicdn.com/g/ae-fe/login-ui/0.0.69/index.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
163.181.56.193 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
873d4ea27e3132833fa2f3dc013d75b586cd7fdc9976013349b30cbaf6d6a1c9
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://assets.alicdn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sun, 18 Sep 2022 21:01:04 GMT
strict-transport-security
max-age=0
via
cache5.l2us1[0,0,200-0,H], cache34.l2us1[1,0], ens-cache6.de4[0,0,200-0,H], ens-cache2.de4[5,0]
age
20146988
x-swift-cachetime
66318157
x-cache
HIT TCP_MEM_HIT dirn:10:441196199
x-swift-savetime
Tue, 09 May 2023 07:18:27 GMT
content-length
24506
cdn-type
alibaba
last-modified
Wed, 16 Sep 2020 08:46:51 GMT
server
Tengine
ali-swift-global-savetime
1663534864
content-type
image/png
traceid
4f85b09716635348643247965e
access-control-allow-origin
*
cache-control
max-age=86400000
timing-allow-origin
*, *
eagleeye-traceid
4f85b09716635348643247965e
eagleid
2ff62b1a16836818523137754e
mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
assets.alicdn.com/g/ae-fe/static-ui/open-sans/ Frame 1029
9 KB
9 KB
Font
General
Full URL
https://assets.alicdn.com/g/ae-fe/static-ui/open-sans/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
Requested by
Host: assets.alicdn.com
URL: https://assets.alicdn.com/g/ae-fe/login-ui/0.0.69/index.css
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.102.42.226 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-102-42-226.deploy.static.akamaitechnologies.com
Software
Tengine /
Resource Hash
8868d2a2f803ea6802d54a11564b5b96c7d8be56117a328c8f605539d6dee167

Request headers

Referer
https://assets.alicdn.com/g/ae-fe/login-ui/0.0.69/index.css
Origin
https://login.aliexpress.com
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 10 May 2023 01:24:12 GMT
x-oss-request-id
64364D03DA062D3931871BDA
content-md5
jj+XinfRkann+U/55wkAhQ==
x-swift-cachetime
2231
x-swift-savetime
Wed, 12 Apr 2023 06:40:29 GMT
content-length
8892
x-oss-object-type
Normal
server
Tengine
ali-swift-global-savetime
1681280260
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=2414180, s-maxage=3600
served-from
2.16.240.156
x-oss-storage-class
Standard
accept-ranges
bytes
x-source-scheme
https
x-oss-hash-crc64ecma
838915909867765876
network_info
IT_MILANO_9009
eagleid
a3b55c9a16812816293194318e
x-oss-server-time
3
mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2
assets.alicdn.com/g/ae-fe/static-ui/open-sans/ Frame 1029
9 KB
9 KB
Font
General
Full URL
https://assets.alicdn.com/g/ae-fe/static-ui/open-sans/mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2
Requested by
Host: assets.alicdn.com
URL: https://assets.alicdn.com/g/ae-fe/login-ui/0.0.69/index.css
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.102.42.226 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-102-42-226.deploy.static.akamaitechnologies.com
Software
Tengine /
Resource Hash
fe32c9921874b35b87acb0a3b558784ca7b9fed91ed34c1d2a68b6566c9d09be

Request headers

Referer
https://assets.alicdn.com/g/ae-fe/login-ui/0.0.69/index.css
Origin
https://login.aliexpress.com
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 10 May 2023 01:24:12 GMT
x-oss-request-id
641ED5B1E7A13137316ED38D
content-md5
djHZ3HE80FRDAMWu+TlPVA==
x-swift-cachetime
3590
x-swift-savetime
Sat, 25 Mar 2023 11:06:36 GMT
content-length
8800
x-oss-object-type
Normal
server
Tengine
ali-swift-global-savetime
1679742386
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=884383, s-maxage=3600
served-from
2.16.240.151
x-oss-storage-class
Standard
accept-ranges
bytes
x-source-scheme
https
x-oss-hash-crc64ecma
622431805556229219
network_info
IT_MILANO_9009
eagleid
4f85b19a16797458017397869e
x-oss-server-time
3
/
assets.alicdn.com/g/ Frame 1029
15 KB
6 KB
Script
General
Full URL
https://assets.alicdn.com/g/??AWSC/AWSC/awsc.js,sd/baxia-entry/baxiaCommon.js
Requested by
Host: assets.alicdn.com
URL: https://assets.alicdn.com/g/ae-fe/login-ui/0.0.69/index.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.102.42.226 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-102-42-226.deploy.static.akamaitechnologies.com
Software
Tengine /
Resource Hash
d4385eed37307de3a9a2a8c194b2a6dfeb7a5227f632698652d9dc99bf4b2171

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://login.aliexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 10 May 2023 01:24:12 GMT
content-encoding
gzip
x-oss-request-id
645AF02F6AB30F3934E6FDB9
content-md5
mBq5uWusmgMlgzSnRdDoQQ==
x-swift-cachetime
3597
x-swift-savetime
Wed, 10 May 2023 01:15:30 GMT
content-length
5418
x-oss-object-type
Normal
server
Tengine
vary
Accept-Encoding
ali-swift-global-savetime
1683681327
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=6719, s-maxage=3600
served-from
23.55.162.134
x-oss-storage-class
Standard
x-source-scheme
https
timing-allow-origin
*
x-oss-hash-crc64ecma
11772897745845597783
network_info
IT_MILANO_9009
eagleid
2ff62b1d16836813300761835e
x-oss-server-time
2
/
assets.alicdn.com/g/alilog/ Frame 1029
25 KB
11 KB
Script
General
Full URL
https://assets.alicdn.com/g/alilog/??aplus_plugin_aefront/index.js,mlog/aplus_int.js
Requested by
Host: assets.alicdn.com
URL: https://assets.alicdn.com/g/ae-fe/login-ui/0.0.69/index.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.102.42.226 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-102-42-226.deploy.static.akamaitechnologies.com
Software
Tengine /
Resource Hash
5a5f6d94ab76fc2d6a73be82b664434e8ea5a9c49a9f902ad8f9929d7d59c5fd

Request headers

Referer
https://login.aliexpress.com/
Origin
https://login.aliexpress.com
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 10 May 2023 01:24:12 GMT
content-encoding
gzip
x-oss-request-id
645AECEE02D4ED3637C011A0
content-md5
gygBRN2M4MlVRBr7rF/+vA==
x-swift-cachetime
488
x-swift-savetime
Wed, 10 May 2023 01:23:26 GMT
content-length
10283
x-oss-object-type
Normal
server
Tengine
vary
Accept-Encoding
ali-swift-global-savetime
1683680494
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2317, s-maxage=1800
served-from
23.55.162.142
x-oss-storage-class
Standard
x-source-scheme
https
timing-allow-origin
*
x-oss-hash-crc64ecma
15290110112012039273
network_info
IT_MILANO_9009
eagleid
a3b55c9c16836818069146928e
x-oss-server-time
2
index.js
assets.alicdn.com/g/secdev/sufei_data/3.9.0/ Frame 1029
17 KB
7 KB
Script
General
Full URL
https://assets.alicdn.com/g/secdev/sufei_data/3.9.0/index.js
Requested by
Host: assets.alicdn.com
URL: https://assets.alicdn.com/g/ae-fe/login-ui/0.0.69/index.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.102.42.226 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-102-42-226.deploy.static.akamaitechnologies.com
Software
Akamai Resource Optimizer /
Resource Hash
5df942f1b2d4d42480553a6f9f0500e64cc499e2ca026f0268a25e7030083162

Request headers

Referer
https://login.aliexpress.com/
Origin
https://login.aliexpress.com
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 10 May 2023 01:24:12 GMT
content-encoding
br
x-oss-request-id
641C7BBBC075263830DC082C
content-md5
v6y4wmUmzyELLbY7JTm+2g==
x-swift-cachetime
3554
x-swift-savetime
Thu, 23 Mar 2023 16:18:49 GMT
content-length
6695
x-oss-object-type
Normal
last-modified
Thu, 23 Mar 2023 16:18:49 GMT
server
Akamai Resource Optimizer
ali-swift-global-savetime
1679588283
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=831227, s-maxage=3600
served-from
23.44.237.141
x-oss-storage-class
Standard
x-source-scheme
https
timing-allow-origin
*
network_info
US_CHICAGO_35994, IT_MILANO_9009
x-oss-hash-crc64ecma
11427884514220853186
eagleid
082d34a816795883293053005e
x-oss-server-time
3
expires
Fri, 19 May 2023 16:17:59 GMT
zoro-gep-sdk-H4PFq.js
assets.alicdn.com/g/ae-fe/login-ui/0.0.69/ Frame 1029
41 KB
12 KB
Script
General
Full URL
https://assets.alicdn.com/g/ae-fe/login-ui/0.0.69/zoro-gep-sdk-H4PFq.js
Requested by
Host: assets.alicdn.com
URL: https://assets.alicdn.com/g/ae-fe/login-ui/0.0.69/index.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.102.42.226 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-102-42-226.deploy.static.akamaitechnologies.com
Software
Akamai Resource Optimizer /
Resource Hash
7de4fcbcb257f88d2f071b48c3adef82b2160eccf958ba1a6db42a95d910c6ed

Request headers

Referer
https://login.aliexpress.com/
Origin
https://login.aliexpress.com
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 10 May 2023 01:24:12 GMT
content-encoding
br
x-oss-request-id
644A64CCED3C0C303094C35A
content-md5
m8M/iUb3oVtEfF+1Qtbvzw==
x-swift-cachetime
86400
x-swift-savetime
Thu, 27 Apr 2023 12:04:28 GMT
content-length
11902
x-oss-object-type
Normal
last-modified
Thu, 27 Apr 2023 12:04:29 GMT
server
Akamai Resource Optimizer
ali-swift-global-savetime
1682597068
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=1507182, s-maxage=86400
served-from
92.122.95.87
x-oss-storage-class
Standard
x-source-scheme
https
timing-allow-origin
*
network_info
US_SANTACLARA_20940, IT_MILANO_9009
x-oss-hash-crc64ecma
842839853269425343
eagleid
2ff62e9816825970684972550e
x-oss-server-time
12
expires
Sat, 27 May 2023 12:03:54 GMT
index.js
g.alicdn.com/secdev/sufei_data/3.9.11/ Frame 1029
17 KB
8 KB
Script
General
Full URL
https://g.alicdn.com/secdev/sufei_data/3.9.11/index.js
Requested by
Host: g.alicdn.com
URL: https://g.alicdn.com/secdev/entry/index.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
163.181.56.193 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
ceee3033a5ccf02fc21156c9fd1615582472daad8b1a55ccf3335c1efa4683a7

Request headers

Referer
https://login.aliexpress.com/?af=a&8469&cn=milano&cv=482179&dp=192.145.127.217&aff_fcid=a7cfe817f0b644d3a2fabcdc99f75a09-1683681851328-03377-_DEQI9az&tt=CPS_NORMAL&aff_fsk=_DEQI9az&aff_platform=portals-tool&sk=_DEQI9az&aff_trace_key=a7cfe817f0b644d3a2fabcdc99f75a09-1683681851328-03377-_DEQI9az&terminal_id=1c58bfd2c6134e8bb4348f30a995d8b4
Origin
https://login.aliexpress.com
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 09 May 2023 13:46:16 GMT
content-encoding
gzip
via
cache23.l2de2[0,0,200-0,H], cache20.l2de2[0,0], cache20.l2de2[1,0], ens-cache7.de4[0,0,200-0,H], ens-cache2.de4[1,0]
x-oss-request-id
645A4EA8ED81AC36314804C0
content-md5
ve/ADPirH1MqzNCrnK4gZA==
age
41876
x-swift-cachetime
86400
x-cache
HIT TCP_MEM_HIT dirn:10:464642589
x-swift-savetime
Tue, 09 May 2023 13:46:16 GMT
content-length
7588
x-bucket-code
3
x-oss-object-type
Normal
server
Tengine
vary
Accept-Encoding
ali-swift-global-savetime
1683639976
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000,s-maxage=86400
x-oss-storage-class
Standard
timing-allow-origin
*
x-oss-hash-crc64ecma
9049208490210758542
eagleid
2ff62b1a16836818522567715e
x-oss-server-time
11
/
g.alicdn.com/ Frame 1029
135 KB
56 KB
Script
General
Full URL
https://g.alicdn.com/??xlly/spl/rp.js,secdev/nsv/1.0.87/ns_f_95_3_f.js?v=1
Requested by
Host: g.alicdn.com
URL: https://g.alicdn.com/secdev/entry/index.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
163.181.56.193 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
30ef74ddf92b35cbef015816dc7da9b21623fd0e0f6a1fc0b2f4e00e523fba5d

Request headers

Referer
https://login.aliexpress.com/?af=a&8469&cn=milano&cv=482179&dp=192.145.127.217&aff_fcid=a7cfe817f0b644d3a2fabcdc99f75a09-1683681851328-03377-_DEQI9az&tt=CPS_NORMAL&aff_fsk=_DEQI9az&aff_platform=portals-tool&sk=_DEQI9az&aff_trace_key=a7cfe817f0b644d3a2fabcdc99f75a09-1683681851328-03377-_DEQI9az&terminal_id=1c58bfd2c6134e8bb4348f30a995d8b4
Origin
https://login.aliexpress.com
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 09 May 2023 13:06:37 GMT
content-encoding
gzip
via
cache2.l2de2[89,88,200-0,M], cache7.l2de2[90,0], cache7.l2de2[91,0], ens-cache6.de4[0,0,200-0,H], ens-cache2.de4[2,0]
x-oss-request-id
645A455D76D420313632F740
content-md5
xWa3V2X33BPyIBIBPhn6Vg==
age
44255
x-swift-cachetime
86400
x-cache
HIT TCP_MEM_HIT dirn:10:45914904
x-swift-savetime
Tue, 09 May 2023 13:06:37 GMT
content-length
56826
x-bucket-code
3
x-oss-object-type
Normal
server
Tengine
vary
Accept-Encoding
ali-swift-global-savetime
1683637597
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=86400,s-maxage=86400
x-oss-storage-class
Standard
timing-allow-origin
*
x-oss-hash-crc64ecma
16118199083463912186
eagleid
2ff62b1a16836818522567718e
x-oss-server-time
28
et_f.js
g.alicdn.com/AWSC/et/1.62.7/ Frame 1029
101 KB
37 KB
Script
General
Full URL
https://g.alicdn.com/AWSC/et/1.62.7/et_f.js
Requested by
Host: g.alicdn.com
URL: https://g.alicdn.com/secdev/entry/index.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
163.181.56.193 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
09f59dec091913bbeda475ff988bd016cbbf5214f4328ea22225c0349f3ceaa4

Request headers

Referer
https://login.aliexpress.com/?af=a&8469&cn=milano&cv=482179&dp=192.145.127.217&aff_fcid=a7cfe817f0b644d3a2fabcdc99f75a09-1683681851328-03377-_DEQI9az&tt=CPS_NORMAL&aff_fsk=_DEQI9az&aff_platform=portals-tool&sk=_DEQI9az&aff_trace_key=a7cfe817f0b644d3a2fabcdc99f75a09-1683681851328-03377-_DEQI9az&terminal_id=1c58bfd2c6134e8bb4348f30a995d8b4
Origin
https://login.aliexpress.com
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 09 May 2023 13:11:53 GMT
content-encoding
gzip
via
cache8.l2de2[30,29,200-0,M], cache7.l2de2[32,0], cache7.l2de2[32,0], ens-cache2.de4[0,0,200-0,H], ens-cache2.de4[2,0]
x-oss-request-id
645A4699AF49DB3634BACC2E
content-md5
ylUrzD5RQ8VyGZs0iikA4Q==
age
43939
x-swift-cachetime
86400
x-cache
HIT TCP_MEM_HIT dirn:8:36966905
x-swift-savetime
Tue, 09 May 2023 13:11:53 GMT
content-length
37721
x-bucket-code
3
x-oss-object-type
Normal
server
Tengine
vary
Accept-Encoding
ali-swift-global-savetime
1683637913
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000,s-maxage=86400
x-oss-storage-class
Standard
timing-allow-origin
*
x-oss-hash-crc64ecma
6221840793188915093
eagleid
2ff62b1a16836818522567716e
x-oss-server-time
17
/
assets.alicdn.com/g/ Frame 1029
26 KB
11 KB
Script
General
Full URL
https://assets.alicdn.com/g/??/sd/baxia/2.5.0/baxiaCommon.js
Requested by
Host: assets.alicdn.com
URL: https://assets.alicdn.com/g/??AWSC/AWSC/awsc.js,sd/baxia-entry/baxiaCommon.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.102.42.226 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-102-42-226.deploy.static.akamaitechnologies.com
Software
Tengine /
Resource Hash
25b330da2bc7a79e58107c7f720989e31f2e143d064c631a2776ad3a86bb6e31

Request headers

Referer
https://login.aliexpress.com/
Origin
https://login.aliexpress.com
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 10 May 2023 01:24:12 GMT
content-encoding
gzip
x-oss-request-id
644791583244B4353329F090
content-md5
s90OGsLppaUc5LCNxTffzA==
x-swift-cachetime
85088
x-swift-savetime
Tue, 25 Apr 2023 08:59:36 GMT
content-length
10490
x-oss-object-type
Normal
server
Tengine
vary
Accept-Encoding
ali-swift-global-savetime
1682411864
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=1321934, s-maxage=86400
served-from
2.16.240.134
x-oss-storage-class
Standard
x-source-scheme
https
timing-allow-origin
*
x-oss-hash-crc64ecma
14796409380524246032
network_info
IT_MILANO_9009
eagleid
2ff62b2016824163507825657e
x-oss-server-time
6
um.js
aeis.alicdn.com/AWSC/WebUMID/1.93.0/ Frame 1029
173 KB
76 KB
Script
General
Full URL
https://aeis.alicdn.com/AWSC/WebUMID/1.93.0/um.js
Requested by
Host: assets.alicdn.com
URL: https://assets.alicdn.com/g/??/AWSC/AWSC/awsc.js,/sd/baxia/2.0.39/baxiaCommon.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.102.42.226 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-102-42-226.deploy.static.akamaitechnologies.com
Software
Tengine /
Resource Hash
4c4701ca975df0019b9ce5ffd2a8d33f413bad55663a9f64ba9369da7a444db0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://login.aliexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 10 May 2023 01:24:12 GMT
content-encoding
gzip
x-oss-request-id
64454D68151A333738006B37
content-md5
pM/3ginlb95fKNGZlnmh0Q==
x-swift-cachetime
61623
fw_ip
104.102.42.226
x-swift-savetime
Sun, 23 Apr 2023 22:16:17 GMT
content-length
77438
x-oss-object-type
Normal
server
Tengine
vary
Accept-Encoding
ali-swift-global-savetime
1682263400
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
FW_IP
cache-control
max-age=1173567, s-maxage=86400
served-from
2.16.240.134
x-oss-storage-class
Standard
x-source-scheme
https
timing-allow-origin
*, *
x-oss-hash-crc64ecma
2332966527039349753
network_info
IT_MILANO_9009
eagleid
2ff62b1916822881776411122e
x-oss-server-time
7
expires
Tue, 23 May 2023 15:23:39 GMT
collina.js
aeis.alicdn.com/AWSC/uab/1.140.0/ Frame 1029
243 KB
117 KB
Script
General
Full URL
https://aeis.alicdn.com/AWSC/uab/1.140.0/collina.js
Requested by
Host: assets.alicdn.com
URL: https://assets.alicdn.com/g/??/AWSC/AWSC/awsc.js,/sd/baxia/2.0.39/baxiaCommon.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.102.42.226 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-102-42-226.deploy.static.akamaitechnologies.com
Software
Tengine /
Resource Hash
04975704505b42dc124568d9d4be26aee2d4592826a0487920cb1d016d1a8e58

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://login.aliexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 10 May 2023 01:24:12 GMT
content-encoding
gzip
x-oss-request-id
64438C8076A94437313531FA
content-md5
dftrlNyzqciau1mj/9dUbw==
x-swift-cachetime
86400
fw_ip
104.102.42.226
x-swift-savetime
Sat, 22 Apr 2023 07:28:00 GMT
content-length
119402
x-oss-object-type
Normal
server
Tengine
vary
Accept-Encoding
ali-swift-global-savetime
1682148480
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
FW_IP
cache-control
max-age=1058587, s-maxage=86400
served-from
2.16.240.141
x-oss-storage-class
Standard
x-source-scheme
https
timing-allow-origin
*, *
x-oss-hash-crc64ecma
17940526130122019226
network_info
IT_MILANO_9009
eagleid
2ff62b1e16821878412191013e
x-oss-server-time
4
expires
Mon, 22 May 2023 07:27:19 GMT
/
assets.alicdn.com/g/alilog/ Frame 1029
118 KB
46 KB
Fetch
General
Full URL
https://assets.alicdn.com/g/alilog/??s/8.15.21/plugin/aplus_client.js,aplus_cplugin/0.7.12/toolkit.js,aplus_cplugin/0.7.12/monitor.js,s/8.15.21/aplus_int.js,s/8.15.21/plugin/aplus_spmact.js,aplus_plugin_ae/0.0.9/index.js?v=20230504154638
Requested by
Host: g.alicdn.com
URL: https://g.alicdn.com/aes/??tracker/1.0.34/index.js,tracker-plugin-event/1.2.5/index.js,tracker-plugin-jserror/1.0.13/index.js,tracker-plugin-api/1.1.14/index.js,tracker-plugin-perf/1.1.8/index.js,tracker-plugin-eventTiming/1.0.4/index.js,tracker-plugin-pv/2.4.5/index.js,tracker-plugin-blank/1.0.0/index.js,tracker-plugin-autolog/1.0.21/index.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.102.42.226 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-102-42-226.deploy.static.akamaitechnologies.com
Software
Tengine /
Resource Hash
89022a4fe6cf4b0f3de7456eb6ba8b2b6b3ade9a18f71dd4a7f7e8f921cfaabe

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://login.aliexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 10 May 2023 01:24:12 GMT
content-encoding
gzip
x-oss-request-id
6453670CEC4AA63533B28D0D
content-md5
7UCU22izLmNjuwSn2FwdUA==
x-swift-cachetime
86386
x-swift-savetime
Thu, 04 May 2023 08:04:42 GMT
content-length
46879
x-oss-object-type
Normal
server
Tengine
vary
Accept-Encoding
ali-swift-global-savetime
1683187468
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2097542, s-maxage=86400
served-from
2.16.240.133
x-oss-storage-class
Standard
x-source-scheme
https
timing-allow-origin
*
x-oss-hash-crc64ecma
2785021216015343907
network_info
IT_MILANO_9009
eagleid
2ff62b1b16831874821532733e
x-oss-server-time
5
ts
fourier.taobao.com/ Frame 1029
0
140 B
Image
General
Full URL
https://fourier.taobao.com/ts?url=http%3A%2F%2Fshrew-soft-vpn-client.findmysoft.com%2F&token=BOvrv-AZC2ibeFe8v6SH7whleg_VAP-CEEB1N11oxyqB_Ate5dCP0olaVqSSR1d6&cna=&ext=1
Requested by
Host: login.aliexpress.com
URL: https://login.aliexpress.com/?af=a&8469&cn=milano&cv=482179&dp=192.145.127.217&aff_fcid=a7cfe817f0b644d3a2fabcdc99f75a09-1683681851328-03377-_DEQI9az&tt=CPS_NORMAL&aff_fsk=_DEQI9az&aff_platform=portals-tool&sk=_DEQI9az&aff_trace_key=a7cfe817f0b644d3a2fabcdc99f75a09-1683681851328-03377-_DEQI9az&terminal_id=1c58bfd2c6134e8bb4348f30a995d8b4
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2408:4001:f10::cf -, , ASN (),
Reverse DNS
Software
Tengine/Aserver /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://login.aliexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 10 May 2023 01:24:14 GMT
strict-transport-security
max-age=31536000
server
Tengine/Aserver
timing-allow-origin
*
content-length
0
eagleeye-traceid
2150409516836818546783298e2d87
content-type
image/gif
eg.js
ae.mmstat.com/ Frame 1029
91 B
321 B
Script
General
Full URL
https://ae.mmstat.com/eg.js?t=1683681852316
Requested by
Host: shrew-soft-vpn-client.findmysoft.com
URL: http://shrew-soft-vpn-client.findmysoft.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
47.246.110.43 , United States, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
nginx /
Resource Hash
ef9f6ebf16cb41993ad6caab052116b32b9fab1fc7a05c36e539c4797d4c7da3

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://login.aliexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 10 May 2023 01:24:13 GMT
stag
2
server
nginx
etag
"PeDhHA9CZgICAcCRf9kHzu5z"
content-type
application/javascript
cache-control
no-cache
content-length
91
expires
Thu, 01 Jan 1970 00:00:01 GMT
aes.1.1
ae.mmstat.com/ Frame 1029
43 B
232 B
Ping
General
Full URL
https://ae.mmstat.com/aes.1.1
Requested by
Host: shrew-soft-vpn-client.findmysoft.com
URL: http://shrew-soft-vpn-client.findmysoft.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
47.246.110.43 , United States, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://login.aliexpress.com/
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 10 May 2023 01:24:13 GMT
server
nginx
p3p
CP="NOI DSP COR CURa ADMa DEVa PSAa PSDa OUR IND UNI PUR NAV"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
content-length
43
expires
Thu, 01 Jan 1970 00:00:01 GMT
rp
fourier.taobao.com/ Frame 1029
1023 B
1 KB
Script
General
Full URL
https://fourier.taobao.com/rp?ext=51&data=jm_null&random=7862289642441416&href=https%3A%2F%2Flogin.aliexpress.com%2F%3Faf%3Da%268469%26cn%3Dmilano%26cv%3D482179%26dp%3D192.145.127.217%26aff_fcid%3Da7cfe817f0b644d3a2fabcdc99f75a09-1683681851328-03377-_DEQI9az%26tt%3DCPS_NORMAL%26aff_fsk%3D_DEQI9az%26aff_platform%3Dportals-tool%26sk%3D_DEQI9az%26aff_trace_key%3Da7cfe817f0b644d3a2fabcdc99f75a09-1683681851328-03377-_DEQI9az%26terminal_id%3D1c58bfd2c6134e8bb4348f30a995d8b4&protocol=https:
Requested by
Host: g.alicdn.com
URL: https://g.alicdn.com/??xlly/spl/rp.js,secdev/nsv/1.0.87/ns_f_95_3_f.js?v=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2408:4001:f10::cf -, , ASN (),
Reverse DNS
Software
Tengine/Aserver /
Resource Hash
486ba168351c19d6297fdb944a8c532ddb1c2be56b9f6b4404e60ddd044dc758
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://login.aliexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 10 May 2023 01:24:14 GMT
bxpunish
1
strict-transport-security
max-age=31536000
server
Tengine/Aserver
content-type
application/javascript;charset=UTF-8
cache-control
no-store
access-control-allow-credentials
true
bxuuid
b16b7c039d1a5bbf87d993906f94a28b, {"login-token":"b16b7c039d1a5bbf87d993906f94a28b___null___813ec7a8ae43328ab30d398eeab4492c"}
x5-punish-cache
miss
timing-allow-origin
*
content-length
1023
eagleeye-traceid
2150409516836818546783299e2d87
use-raw
true
wu.json
de-wum.aliexpress.com/w/ Frame 1029
156 B
787 B
Script
General
Full URL
https://de-wum.aliexpress.com/w/wu.json
Requested by
Host: aeis.alicdn.com
URL: https://aeis.alicdn.com/AWSC/WebUMID/1.93.0/um.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
47.246.146.68 , United States, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
Tengine /
Resource Hash
3abf0038682bdd59400f4c78643e3e20bfd86b7f580b9187dcfe1a48d508cfc2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains, max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://login.aliexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 10 May 2023 01:24:14 GMT
strict-transport-security
max-age=31536000 ; includeSubDomains, max-age=31536000
x-content-type-options
nosniff
server
Tengine
etag
G26D8B889013472B0A54F4A85846F17D64C3E6734878724B6BF
access-control-allow-methods
GET,POST,OPTIONS
content-type
text/javascript;charset=utf-8
cache-control
no-cache
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
Accept,X-PINGARUNER,CONTENT-TYPE,X-Requested-With
content-length
156
eagleeye-traceid
21038edf16836818541463839e907e
x-xss-protection
1; mode=block
x-application-context
umid-web:de-prod:7001
ae.pc_ctr.statweb_ae_ctr
ae.mmstat.com/ Frame 1029
43 B
75 B
Ping
General
Full URL
https://ae.mmstat.com/ae.pc_ctr.statweb_ae_ctr
Requested by
Host: shrew-soft-vpn-client.findmysoft.com
URL: http://shrew-soft-vpn-client.findmysoft.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
47.246.110.43 , United States, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://login.aliexpress.com/
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 10 May 2023 01:24:13 GMT
server
nginx
p3p
CP="NOI DSP COR CURa ADMa DEVa PSAa PSDa OUR IND UNI PUR NAV"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
content-length
43
expires
Thu, 01 Jan 1970 00:00:01 GMT
ae.pc_ctr.statweb_ae_ctr
ae.mmstat.com/ Frame 1029
43 B
75 B
Ping
General
Full URL
https://ae.mmstat.com/ae.pc_ctr.statweb_ae_ctr
Requested by
Host: shrew-soft-vpn-client.findmysoft.com
URL: http://shrew-soft-vpn-client.findmysoft.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
47.246.110.43 , United States, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://login.aliexpress.com/
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 10 May 2023 01:24:13 GMT
server
nginx
p3p
CP="NOI DSP COR CURa ADMa DEVa PSAa PSDa OUR IND UNI PUR NAV"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
content-length
43
expires
Thu, 01 Jan 1970 00:00:01 GMT
ae.pc_click.statweb_ae_click
ae.mmstat.com/ Frame 1029
43 B
75 B
Ping
General
Full URL
https://ae.mmstat.com/ae.pc_click.statweb_ae_click
Requested by
Host: shrew-soft-vpn-client.findmysoft.com
URL: http://shrew-soft-vpn-client.findmysoft.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
47.246.110.43 , United States, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://login.aliexpress.com/
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 10 May 2023 01:24:13 GMT
server
nginx
p3p
CP="NOI DSP COR CURa ADMa DEVa PSAa PSDa OUR IND UNI PUR NAV"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
content-length
43
expires
Thu, 01 Jan 1970 00:00:01 GMT
aes.1.1
ae.mmstat.com/ Frame 1029
43 B
75 B
Ping
General
Full URL
https://ae.mmstat.com/aes.1.1
Requested by
Host: shrew-soft-vpn-client.findmysoft.com
URL: http://shrew-soft-vpn-client.findmysoft.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
47.246.110.43 , United States, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://login.aliexpress.com/
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 10 May 2023 01:24:13 GMT
server
nginx
p3p
CP="NOI DSP COR CURa ADMa DEVa PSAa PSDa OUR IND UNI PUR NAV"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
content-length
43
expires
Thu, 01 Jan 1970 00:00:01 GMT
aes.1.1
ae.mmstat.com/ Frame 1029
43 B
75 B
Ping
General
Full URL
https://ae.mmstat.com/aes.1.1
Requested by
Host: shrew-soft-vpn-client.findmysoft.com
URL: http://shrew-soft-vpn-client.findmysoft.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
47.246.110.43 , United States, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://login.aliexpress.com/
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 10 May 2023 01:24:13 GMT
server
nginx
p3p
CP="NOI DSP COR CURa ADMa DEVa PSAa PSDa OUR IND UNI PUR NAV"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
content-length
43
expires
Thu, 01 Jan 1970 00:00:01 GMT
g.gif
ae.mmstat.com/ Frame 1029
43 B
147 B
Image
General
Full URL
https://ae.mmstat.com/g.gif?logtype=0&title=Buy%20Products%20Online%20from%20China%20Wholesalers%20at%20Aliexpress.com&pre=http%3A%2F%2Fshrew-soft-vpn-client.findmysoft.com%2F&scr=1600x1200&_p_url=https%3A%2F%2Flogin.aliexpress.com%2F%3Faf%3Da%268469%26cn%3Dmilano%26cv%3D482179%26dp%3D192.145.127.217%26aff_fcid%3Da7cfe817f0b644d3a2fabcdc99f75a09-1683681851328-03377-_DEQI9az%26tt%3DCPS_NORMAL%26aff_fsk%3D_DEQI9az%26aff_platform%3Dportals-tool%26sk%3D_DEQI9az%26aff_trace_key%3Da7cfe817f0b644d3a2fabcdc99f75a09-1683681851328-03377-_DEQI9az%26terminal_id%3D1c58bfd2c6134e8bb4348f30a995d8b4&cna=PeDhHA9CZgICAcCRf9kHzu5z&spm-cnt=a2g0s.buyerloginandregister.0.0.6f6d55a3yrbXsE&aplus=&sidx=aplusSidx&ckx=aplusCkx&pageid=18803423b3f19a627b6fe9ba787f130fa11b041778&dmtrack_b=%7Bifm%3D1%7Clogin%3D0%7D&dmtrack_c=%7Bacs_rt%3D1c58bfd2c6134e8bb4348f30a995d8b4%7Caep_usuc_f%3D-%7Caeu_cid%3Da7cfe817f0b644d3a2fabcdc99f75a09-1683681851328-03377-_DEQI9az%7D&ali_beacon_id=-&ali_apache_id=-&ali_apache_track=-&ali_apache_tracktmp=-&_p_uid=-&p=1&o=win10&b=chrome113&s=1600x1200&w=webkit&ism=pc&cache=a54ddbe&lver=8.15.21&jsver=aplus_int&pver=0.7.12&_pw=801&_ph=601&tag=0&stag=2&lstag=0&_slog=0
Requested by
Host: login.aliexpress.com
URL: https://login.aliexpress.com/?af=a&8469&cn=milano&cv=482179&dp=192.145.127.217&aff_fcid=a7cfe817f0b644d3a2fabcdc99f75a09-1683681851328-03377-_DEQI9az&tt=CPS_NORMAL&aff_fsk=_DEQI9az&aff_platform=portals-tool&sk=_DEQI9az&aff_trace_key=a7cfe817f0b644d3a2fabcdc99f75a09-1683681851328-03377-_DEQI9az&terminal_id=1c58bfd2c6134e8bb4348f30a995d8b4
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
47.246.110.43 , United States, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://login.aliexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 May 2023 01:24:13 GMT
server
nginx
p3p
CP="NOI DSP COR CURa ADMa DEVa PSAa PSDa OUR IND UNI PUR NAV"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
content-length
43
expires
Thu, 01 Jan 1970 00:00:01 GMT
/
sumo.com/api/load/
799 B
1 KB
XHR
General
Full URL
http://sumo.com/api/load/
Requested by
Host: load.sumo.com
URL: https://load.sumo.com/73.0a035390359aab65eb82.js
Protocol
HTTP/1.1
Server
34.220.132.2 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-220-132-2.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
2b069ca470dafc7139c8b72a8705d459127e4ae5651af7410bad97df6e697ffc
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
http://shrew-soft-vpn-client.findmysoft.com/
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date
Wed, 10 May 2023 01:24:14 GMT
Server
nginx
X-FRAME-OPTIONS
SAMEORIGIN
Vary
Origin, Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
http://shrew-soft-vpn-client.findmysoft.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Content-Length
799
error
acjs.aliyun.com/ Frame 1029
0
0

services
sumo.com/ Frame
0
0
Preflight
General
Full URL
http://sumo.com/services
Protocol
HTTP/1.1
Server
34.220.132.2 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-220-132-2.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
x-sumo-auth
Access-Control-Request-Method
POST
Origin
http://shrew-soft-vpn-client.findmysoft.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
pragma, x-requested-with, accept, x-sumo-auth, x-sumo-token, content-type
Access-Control-Allow-Methods
GET,HEAD,PUT,POST,DELETE
Access-Control-Allow-Origin
http://shrew-soft-vpn-client.findmysoft.com
Access-Control-Max-Age
2592000
Connection
keep-alive
Date
Wed, 10 May 2023 01:24:14 GMT
Server
nginx
services
sumo.com/
1 KB
1 KB
XHR
General
Full URL
http://sumo.com/services
Requested by
Host: load.sumo.com
URL: https://load.sumo.com/73.0a035390359aab65eb82.js
Protocol
HTTP/1.1
Server
34.220.132.2 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-220-132-2.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
30df34bd68d9d37f78d9d32cafddab0c3368e1fc8b9dc9acf6b5cc0061bfb739
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

X-Sumo-Auth
NmR2JncXHMGM35AooiCQvK31
Accept
application/json, text/javascript, */*; q=0.01
Referer
http://shrew-soft-vpn-client.findmysoft.com/
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date
Wed, 10 May 2023 01:24:14 GMT
Content-Encoding
gzip
Server
nginx
Vary
Origin, Accept-Encoding
Transfer-Encoding
chunked
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
http://shrew-soft-vpn-client.findmysoft.com
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
X-FRAME-OPTIONS
SAMEORIGIN
Access-Control-Allow-Credentials
true
Connection
keep-alive
4.0a035390359aab65eb82.js
load.sumo.com/
5 KB
3 KB
Script
General
Full URL
https://load.sumo.com/4.0a035390359aab65eb82.js
Requested by
Host: load.sumome.com
URL: http://load.sumome.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::713:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-713 /
Resource Hash
3f351eef4b0a3ccd70ff9d4239851252a0a6eba79471e530f9deec0b3421d132

Request headers

accept-language
it-IT,it;q=0.9
Referer
http://shrew-soft-vpn-client.findmysoft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 10 May 2023 01:24:14 GMT
content-encoding
br
cdn-edgestorageid
722
x-amz-request-id
H1FDZCEQD5H45Q05
cdn-cachedat
05/08/2023 18:22:08
cdn-pullzone
53731
x-amz-id-2
ZqFL8ia4NTjdTbLW8fktobWsGacreS2KZ9haLnOD8Idgs3WvgalZ0v3GPybC6GdD9MEAcKukCLU=
last-modified
Wed, 05 Oct 2022 16:49:25 GMT
server
BunnyCDN-DE1-713
cdn-proxyver
1.03
cdn-requestpullcode
200
etag
W/"a39d043b7c7bba70750cf288ee5ef71a"
vary
Accept-Encoding, Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
a61f2e95-f685-45ef-9e80-35f4adfb29cb
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
max-age=31536000
cdn-requestid
70f01dd293eeb462b5cb0f1212f49f40
cdn-requestcountrycode
IT
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
64.0a035390359aab65eb82.js
load.sumo.com/
1 KB
1 KB
Script
General
Full URL
https://load.sumo.com/64.0a035390359aab65eb82.js
Requested by
Host: load.sumome.com
URL: http://load.sumome.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::713:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-713 /
Resource Hash
fe39eced72c33ae4c1b3bdd9843bc853265b9909040d41555faa02f62cb29ef2

Request headers

accept-language
it-IT,it;q=0.9
Referer
http://shrew-soft-vpn-client.findmysoft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 10 May 2023 01:24:14 GMT
content-encoding
br
cdn-edgestorageid
863
x-amz-request-id
8H61N35G2RBQ7PXF
cdn-cachedat
12/01/2022 21:36:39
cdn-pullzone
53731
x-amz-id-2
2w7cYZUJJNgeoP6s/3b6y2HlDGRF1zJA8DeFY/fnWC5/T9knCZT/pMhpS7oIZZ0DdFloaxYpaaM=
last-modified
Wed, 05 Oct 2022 16:49:45 GMT
server
BunnyCDN-DE1-713
cdn-proxyver
1.03
cdn-requestpullcode
200
etag
W/"d200986501135078d1fbd7f480e7bb08"
vary
Accept-Encoding, Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
a61f2e95-f685-45ef-9e80-35f4adfb29cb
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
max-age=31536000
cdn-requestid
0eafe2b52131b99e743f8a68e8261a0e
cdn-requestcountrycode
IT
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
0.0a035390359aab65eb82.js
load.sumo.com/
5 KB
3 KB
Script
General
Full URL
https://load.sumo.com/0.0a035390359aab65eb82.js
Requested by
Host: load.sumome.com
URL: http://load.sumome.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::713:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-713 /
Resource Hash
dd9c85c873b9b644468988e8165e079b0e747a550ce13fa3f7d0c1839b0fd503

Request headers

accept-language
it-IT,it;q=0.9
Referer
http://shrew-soft-vpn-client.findmysoft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 10 May 2023 01:24:14 GMT
content-encoding
br
cdn-edgestorageid
860
x-amz-request-id
C2QMR5M8QTNPQTZZ
cdn-cachedat
11/29/2022 14:21:07
cdn-pullzone
53731
x-amz-id-2
xxZe2xEJbPuTiu6w4dDd34BYH5aWaK9GlNrZA4m3oeBGCKtjLNOK5Y2owYinVzy8CWGRcKVfgVM=
last-modified
Wed, 05 Oct 2022 16:48:56 GMT
server
BunnyCDN-DE1-713
cdn-proxyver
1.03
cdn-requestpullcode
200
etag
W/"31baf056af3800bbd6e4f9e8b445d052"
vary
Accept-Encoding, Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
a61f2e95-f685-45ef-9e80-35f4adfb29cb
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
max-age=31536000
cdn-requestid
83b298b359356f4ea772431319353c55
cdn-requestcountrycode
IT
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
1.0a035390359aab65eb82.js
load.sumo.com/
1 KB
2 KB
Script
General
Full URL
https://load.sumo.com/1.0a035390359aab65eb82.js
Requested by
Host: load.sumome.com
URL: http://load.sumome.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::713:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-713 /
Resource Hash
b5d439b0a1670a4a56384b0b48fcdfabef6e8a5124683f32c6913d1fe22e9563

Request headers

accept-language
it-IT,it;q=0.9
Referer
http://shrew-soft-vpn-client.findmysoft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 10 May 2023 01:24:14 GMT
content-encoding
br
cdn-edgestorageid
860
x-amz-request-id
5B2V51ETXHQHY0WW
cdn-cachedat
11/29/2022 14:21:10
cdn-pullzone
53731
x-amz-id-2
m6xu0PAlSCGKnIvEcnz2TtYMKa8g19A9vmBVoRGAAYYHdN4p+vwtlroImYXSh2C5VFsOMfxz+IY=
last-modified
Wed, 05 Oct 2022 16:48:56 GMT
server
BunnyCDN-DE1-713
cdn-proxyver
1.03
cdn-requestpullcode
200
etag
W/"f9b0aedd5a94b36e30a06214fcc0644f"
vary
Accept-Encoding, Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
a61f2e95-f685-45ef-9e80-35f4adfb29cb
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
max-age=31536000
cdn-requestid
0f4d5971942b50dd5cd075e43943e397
cdn-requestcountrycode
IT
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
2.0a035390359aab65eb82.js
load.sumo.com/
3 KB
2 KB
Script
General
Full URL
https://load.sumo.com/2.0a035390359aab65eb82.js
Requested by
Host: load.sumome.com
URL: http://load.sumome.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::713:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-713 /
Resource Hash
5dc9d61931a73fa03b59af510868b7e89e4523df5a53935212ca8a9b31af0b8d

Request headers

accept-language
it-IT,it;q=0.9
Referer
http://shrew-soft-vpn-client.findmysoft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 10 May 2023 01:24:14 GMT
content-encoding
br
cdn-edgestorageid
1076
x-amz-request-id
X714PX85F1S81D8N
cdn-cachedat
01/04/2023 08:52:36
cdn-pullzone
53731
x-amz-id-2
ay2gZ9j3qtMDw71Zrkn8IPScUEq8sulVOv2utI+ZiuxSW0qLlCgpNXQiBB3YHxfUgKiUU1/1GnE=
last-modified
Wed, 05 Oct 2022 16:49:10 GMT
server
BunnyCDN-DE1-713
cdn-proxyver
1.03
cdn-requestpullcode
200
etag
W/"6bfdf1ae8492f107706ac037915be663"
vary
Accept-Encoding, Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
a61f2e95-f685-45ef-9e80-35f4adfb29cb
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
max-age=31536000
cdn-requestid
3a3e093c51097f86d6313a3068ce1ffe
cdn-requestcountrycode
IT
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
3.0a035390359aab65eb82.js
load.sumo.com/
5 KB
2 KB
Script
General
Full URL
https://load.sumo.com/3.0a035390359aab65eb82.js
Requested by
Host: load.sumome.com
URL: http://load.sumome.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::713:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-713 /
Resource Hash
9b9b439612eecd459a6edf2abfcf4ae252710e0069772b1b78c4970b3c0f1830

Request headers

accept-language
it-IT,it;q=0.9
Referer
http://shrew-soft-vpn-client.findmysoft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 10 May 2023 01:24:14 GMT
content-encoding
br
cdn-edgestorageid
864
x-amz-request-id
JRQ8J5YVJ6G8QTSM
cdn-cachedat
02/05/2023 21:16:49
cdn-pullzone
53731
x-amz-id-2
NpsKWv1SJve2p5Un2rLxgr2ywFG+gk57RGNT+X8la9AgYDEefzefaDIJbLZ5Y6mJ8VunkY/noHo=
last-modified
Wed, 05 Oct 2022 16:49:17 GMT
server
BunnyCDN-DE1-713
cdn-proxyver
1.03
cdn-requestpullcode
200
etag
W/"2e9797cb3f2d07795148e1bd54b404a0"
vary
Accept-Encoding, Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
a61f2e95-f685-45ef-9e80-35f4adfb29cb
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
max-age=31536000
cdn-requestid
9ca35dd35f232cabfb474b37b63c9ac0
cdn-requestcountrycode
IT
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
11.0a035390359aab65eb82.js
load.sumo.com/
438 KB
129 KB
Script
General
Full URL
https://load.sumo.com/11.0a035390359aab65eb82.js
Requested by
Host: load.sumome.com
URL: http://load.sumome.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::713:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-713 /
Resource Hash
a73a98563485541039998520eaa3f1b8475e8da1f9ae414a74c73df0d5f24f8a

Request headers

accept-language
it-IT,it;q=0.9
Referer
http://shrew-soft-vpn-client.findmysoft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 10 May 2023 01:24:14 GMT
content-encoding
br
cdn-edgestorageid
1080
x-amz-request-id
H48AXDGH5NM3KXXZ
cdn-cachedat
01/05/2023 11:07:40
cdn-pullzone
53731
x-amz-id-2
C8V7N0CBbPOtn4yXdkg3bYh64KwVtImgEhe2s0+p/TQ1qCar78fwc2oliQ7SPM0kl20KTrN4xtk=
last-modified
Wed, 05 Oct 2022 16:49:03 GMT
server
BunnyCDN-DE1-713
cdn-proxyver
1.03
cdn-requestpullcode
200
etag
W/"4624ceb9029a934a36424d836cf4cc37"
vary
Accept-Encoding, Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
a61f2e95-f685-45ef-9e80-35f4adfb29cb
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
max-age=31536000
cdn-requestid
fc02f372644208de1ccaef30fe5e05d3
cdn-requestcountrycode
IT
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
15.0a035390359aab65eb82.js
load.sumo.com/
711 KB
66 KB
Script
General
Full URL
https://load.sumo.com/15.0a035390359aab65eb82.js
Requested by
Host: load.sumome.com
URL: http://load.sumome.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::713:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-713 /
Resource Hash
e146694637c659ec76a75f2f92253956460decf38696b9f77d825dde8308efaa

Request headers

accept-language
it-IT,it;q=0.9
Referer
http://shrew-soft-vpn-client.findmysoft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 10 May 2023 01:24:14 GMT
content-encoding
br
cdn-edgestorageid
1049
x-amz-request-id
8H62ZWG01S62RCHB
cdn-cachedat
12/01/2022 21:36:39
cdn-pullzone
53731
x-amz-id-2
ej2QCs3U0s/jW+GIyizaF+tuVVSYePOh2+GBkUJPq/NlMK5l9MSwVLRBXQIpxvvTj2N3INPLp94=
last-modified
Wed, 05 Oct 2022 16:49:06 GMT
server
BunnyCDN-DE1-713
cdn-proxyver
1.03
cdn-requestpullcode
200
etag
W/"6e9c6264954bf1f04a63db8a9fd0f653"
vary
Accept-Encoding, Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
a61f2e95-f685-45ef-9e80-35f4adfb29cb
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
max-age=31536000
cdn-requestid
f8f7a0d95fcd8ebe7b51d509b258b18b
cdn-requestcountrycode
IT
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
rpc
clients6.google.com/ Frame
0
0
Preflight
General
Full URL
https://clients6.google.com/rpc?key=AIzaSyCKSbrvQasunBoV16zDH9R33D88CeLr9gQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200e -, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
http://shrew-soft-vpn-client.findmysoft.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1564
content-type
text/html; charset=UTF-8
date
Wed, 10 May 2023 01:24:15 GMT
referrer-policy
no-referrer
css
fonts.googleapis.com/
32 KB
2 KB
Stylesheet
General
Full URL
http://fonts.googleapis.com/css?family=Open+Sans:200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic,200,300,400,500,600,700,800
Requested by
Host: client
URL: about:client
Protocol
HTTP/1.1
Server
2a00:1450:4001:80f::200a -, , ASN (),
Reverse DNS
Software
ESF /
Resource Hash
836ea9b48d456de1a2f99647e7a98afc23cf0f65f4eb9a5a4da9f3daeb19d02f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
http://shrew-soft-vpn-client.findmysoft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Wed, 10 May 2023 01:24:14 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
Cross-Origin-Resource-Policy
cross-origin
X-XSS-Protection
0
Last-Modified
Wed, 10 May 2023 01:24:14 GMT
Server
ESF
Cross-Origin-Opener-Policy
same-origin-allow-popups
X-Frame-Options
SAMEORIGIN
Content-Type
text/css; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
private, max-age=86400, stale-while-revalidate=604800
Timing-Allow-Origin
*
Link
<http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires
Wed, 10 May 2023 01:24:14 GMT
shares.json
api.bufferapp.com/1/links/
0
0

/
graph.facebook.com/
Redirect Chain
  • http://graph.facebook.com/?id=http%3A%2F%2Fshrew-soft-vpn-client.findmysoft.com%2F&callback=jQuery1102043415200438588886_1683681850774&_=1683681850775
  • https://graph.facebook.com/?id=http%3A%2F%2Fshrew-soft-vpn-client.findmysoft.com%2F&callback=jQuery1102043415200438588886_1683681850774&_=1683681850775
252 B
640 B
Script
General
Full URL
https://graph.facebook.com/?id=http%3A%2F%2Fshrew-soft-vpn-client.findmysoft.com%2F&callback=jQuery1102043415200438588886_1683681850774&_=1683681850775
Requested by
Host: shrew-soft-vpn-client.findmysoft.com
URL: http://shrew-soft-vpn-client.findmysoft.com/
Protocol
H2
Server
2a03:2880:f083:6:face:b00c:0:2 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
51e58a8a9c2f46b6ac218f53da44c8cb282e0944b56ec288134aee5d7bd4a832
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload

Request headers

accept-language
it-IT,it;q=0.9
Referer
http://shrew-soft-vpn-client.findmysoft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; preload
content-encoding
br
www-authenticate
OAuth "Facebook Platform" "invalid_request" "(#2) Service temporarily unavailable"
date
Wed, 10 May 2023 01:24:14 GMT
x-fb-rev
1007463061
alt-svc
h3=":443"; ma=86400
content-length
193
x-fb-rlafr
0
pragma
no-cache
x-fb-debug
PG1pUu/UIaL8Z00gwc/xhawHbbVPh5gf3LvhAIcYw3nOnqgwpsc6idfLI25hmdGeM+yiQI+4RRIi53R6EyR8VQ==
x-fb-trace-id
BLMTRIN0dwh
vary
Origin, Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
x-fb-request-id
AMfhU3lvRfthbkROMH1Jc7w
cache-control
no-store
facebook-api-version
v10.0
expires
Sat, 01 Jan 2000 00:00:00 GMT

Redirect headers

Location
https://graph.facebook.com/?id=http%3A%2F%2Fshrew-soft-vpn-client.findmysoft.com%2F&callback=jQuery1102043415200438588886_1683681850774&_=1683681850775
Date
Wed, 10 May 2023 01:24:14 GMT
Server
proxygen-bolt
Connection
keep-alive
Content-Length
0
Content-Type
text/plain
links.getStats
api.facebook.com/method/
Redirect Chain
  • http://api.facebook.com/method/links.getStats?urls=http%3A%2F%2Fshrew-soft-vpn-client.findmysoft.com%2F&format=json&callback=jQuery1102043415200438588886_1683681850776&_=1683681850777
  • https://api.facebook.com/method/links.getStats?urls=http%3A%2F%2Fshrew-soft-vpn-client.findmysoft.com%2F&format=json&callback=jQuery1102043415200438588886_1683681850776&_=1683681850777
410 B
611 B
Script
General
Full URL
https://api.facebook.com/method/links.getStats?urls=http%3A%2F%2Fshrew-soft-vpn-client.findmysoft.com%2F&format=json&callback=jQuery1102043415200438588886_1683681850776&_=1683681850777
Requested by
Host: shrew-soft-vpn-client.findmysoft.com
URL: http://shrew-soft-vpn-client.findmysoft.com/
Protocol
H2
Server
2a03:2880:f083:6:face:b00c:0:2 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
439af7d3bdea84d733baecf1bcf1a10cce95296b71e688ad1f231b4cd2165179
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload

Request headers

accept-language
it-IT,it;q=0.9
Referer
http://shrew-soft-vpn-client.findmysoft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=15552000; preload
content-encoding
br
x-fb-debug
806KIrpp51QNFGW0dudHXLafPu/i/yVjStOqUkNJJVN4gaA/5cnrLMin6duwCTG4BugOVI1r/mhE0CYKNNNr5Q==
x-fb-trace-id
AaDgxmFuLsh
date
Wed, 10 May 2023 01:24:15 GMT
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
access-control-allow-origin
*
x-fb-request-id
AKt9SRmw_40ZH7b1WxHkEaC
cache-control
private, no-cache, no-store, must-revalidate
x-fb-rev
1007463061
facebook-api-version
v10.0
content-length
251
expires
Sat, 01 Jan 2000 00:00:00 GMT

Redirect headers

Location
https://api.facebook.com/method/links.getStats?urls=http%3A%2F%2Fshrew-soft-vpn-client.findmysoft.com%2F&format=json&callback=jQuery1102043415200438588886_1683681850776&_=1683681850777
Date
Wed, 10 May 2023 01:24:14 GMT
Server
proxygen-bolt
Connection
keep-alive
Content-Length
0
Content-Type
text/plain
rpc
clients6.google.com/
0
0

count.json
widgets.pinterest.com/v1/urls/
Redirect Chain
  • http://widgets.pinterest.com/v1/urls/count.json?callback=jQuery1102043415200438588886_1683681850778&source=6&url=http%3A%2F%2Fshrew-soft-vpn-client.findmysoft.com%2F&_=1683681850779
  • https://widgets.pinterest.com/v1/urls/count.json?callback=jQuery1102043415200438588886_1683681850778&source=6&url=http%3A%2F%2Fshrew-soft-vpn-client.findmysoft.com%2F&_=1683681850779
108 B
320 B
Script
General
Full URL
https://widgets.pinterest.com/v1/urls/count.json?callback=jQuery1102043415200438588886_1683681850778&source=6&url=http%3A%2F%2Fshrew-soft-vpn-client.findmysoft.com%2F&_=1683681850779
Requested by
Host: shrew-soft-vpn-client.findmysoft.com
URL: http://shrew-soft-vpn-client.findmysoft.com/
Protocol
H2
Server
151.101.64.84 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
7fe614fba48a859a342abbf024cc6cf640a4c44eda11668a25d0da115bc493d1
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
it-IT,it;q=0.9
Referer
http://shrew-soft-vpn-client.findmysoft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 10 May 2023 01:24:14 GMT
content-encoding
br
x-content-type-options
nosniff
vary
accept-encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
must-revalidate, max-age=887
x-envoy-upstream-service-time
1
accept-ranges
none
x-pinterest-rid
2102467545642909
expires
Wed, 10 May 2023 01:39:14 GMT

Redirect headers

Location
https://widgets.pinterest.com/v1/urls/count.json?callback=jQuery1102043415200438588886_1683681850778&source=6&url=http%3A%2F%2Fshrew-soft-vpn-client.findmysoft.com%2F&_=1683681850779
Non-Authoritative-Reason
HSTS
Cross-Origin-Resource-Policy
Cross-Origin
button_info.json
www.reddit.com/
Redirect Chain
  • http://reddit.com/button_info.json?url=http%3A%2F%2Fshrew-soft-vpn-client.findmysoft.com%2F&jsonp=jQuery1102043415200438588886_1683681850780&_=1683681850781
  • https://reddit.com/button_info.json?url=http%3A%2F%2Fshrew-soft-vpn-client.findmysoft.com%2F&jsonp=jQuery1102043415200438588886_1683681850780&_=1683681850781
  • https://www.reddit.com/button_info.json?url=http%3A%2F%2Fshrew-soft-vpn-client.findmysoft.com%2F&jsonp=jQuery1102043415200438588886_1683681850780&_=1683681850781
168 B
1 KB
Script
General
Full URL
https://www.reddit.com/button_info.json?url=http%3A%2F%2Fshrew-soft-vpn-client.findmysoft.com%2F&jsonp=jQuery1102043415200438588886_1683681850780&_=1683681850781
Requested by
Host: shrew-soft-vpn-client.findmysoft.com
URL: http://shrew-soft-vpn-client.findmysoft.com/
Protocol
H2
Server
151.101.65.140 -, , ASN (),
Reverse DNS
Software
snooserv /
Resource Hash
323d1a0eff82a9e675e1714076702af6460e750c0ca73852ce1e609f7be1fbb8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
it-IT,it;q=0.9
Referer
http://shrew-soft-vpn-client.findmysoft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-ratelimit-used
1
via
1.1 varnish
x-content-type-options
nosniff
date
Wed, 10 May 2023 01:24:15 GMT
nel
{"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.2, "failure_fraction": 0.2}
strict-transport-security
max-age=31536000; includeSubdomains
content-length
168
x-xss-protection
1; mode=block
x-ua-compatible
IE=edge
x-moose
majestic
server
snooserv
x-ratelimit-remaining
5999
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
report-to
{"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
access-control-expose-headers
X-Moose
cache-control
private, s-maxage=0, max-age=0, must-revalidate, no-store
x-ratelimit-reset
345
accept-ranges
bytes
expires
-1

Redirect headers

date
Wed, 10 May 2023 01:24:14 GMT
via
1.1 varnish
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubdomains; preload
nel
{"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.2, "failure_fraction": 0.2}
server
snooserv
x-frame-options
SAMEORIGIN
report-to
{"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
location
https://www.reddit.com/button_info.json?url=http%3A%2F%2Fshrew-soft-vpn-client.findmysoft.com%2F&jsonp=jQuery1102043415200438588886_1683681850780&_=1683681850781
cache-control
private, max-age=3600
accept-ranges
bytes
content-length
0
x-xss-protection
1; mode=block
retry-after
0
jsonpcallback
sumo.com/api/
0
0

jsonpcallback
sumo.com/api/
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
kinsta.com
URL
https://kinsta.com/?kaid=ARRPTWYMWIMC
Domain
www.kobo.com
URL
https://www.kobo.com/?utm_source=linkshare_fr&utm_medium=affiliate&utm_campaign=Linkbux&utm_term=lb_iy0qa0&ranMID=39331&ranEAID=wizKxmN8no4&ranSiteID=wizKxmN8no4-mL2h11xqwrpR2kyR57272Q&siteID=wizKxmN8no4-mL2h11xqwrpR2kyR57272Q
Domain
www.wish.com
URL
https://www.wish.com/?irclickid=SI1x53X%3APxyNR7TQ1CxahX8JUkAXz1UOXUjWwE0&utm_source=Impact&utm_medium=affiliate&utm_campaign=CITYADS%20MEDIA%20POLSKA%E2%80%8A&utm_term=1234031&utm_content=966Z1YAE2GZA44D&from_ad=Online%20Tracking%20Link&irgwc=1
Domain
www.coursera.org
URL
https://www.coursera.org/?irclickid=2k7S0IX7xxyNR7TQ1CxahX8JUkAXzo0WXUjWwE0&irgwc=1&utm_medium=partners&utm_source=impact&utm_campaign=1310690&utm_content=b2c
Domain
www.volotea.com
URL
https://www.volotea.com/it?utm_campaign=IT&utm_source=CJ&utm_medium=affiliates&utm_term=4260539&cje=8afc8860eec211ed8203a8930a18b8fa&cjdata=MXxZfFl8WXww
Domain
www.hp.com
URL
https://www.hp.com/it-it/shop/GenericLandingPage.aspx?tduid=68b98e9fec38599bb6d539b9e6fc1fcb&url=https://www.hp.com/it-it/shop/?utm_source=affiliate&utm_medium=cpa&utm_campaign=BuyOn
Domain
www.miniinthebox.com
URL
https://www.miniinthebox.com/it/?utm_campaign=1398851&utm_content=Indoleads2019&utm_source=gan&utm_medium=affiliate&litb_from=affiliate_gan&clickid=Was0QpX%3AKxyNR7TQ1CxahX8JUkAXz3TGXUjWwE0&irgwc=1
Domain
www.qvc.it
URL
https://www.qvc.it/?api_key=526ce45b25e1f6dcb86f05e8f2c94e64&site_id=4e52405092d94c458711b4fff5efbfbd&type=url&source=clcktrck.com&yk_tag=146120de1542c0622441428ba50fe4c6
Domain
www.giglio.com
URL
https://www.giglio.com/?utm_term=rl2xnKiLcHs&ranMID=42198&ranEAID=rl2xnKiLcHs&ranSiteID=rl2xnKiLcHs-tMVWiIrmlBh9bbyDfiFlCQ
Domain
acjs.aliyun.com
URL
https://acjs.aliyun.com/error?v=um_107_85&e=Illegal%20invocation&stack=TypeError%3A%20Illegal%20invocation%0A%20%20%20%20at%20https%3A%2F%2Faeis.alicdn.com%2FAWSC%2FWebUMID%2F1.93.0%2Fum.js%3A1%3A12368%0A%20%20%20%20at%20https%3A%2F%2Faeis.alicdn.com%2FAWSC%2FWebUMID%2F1.93.0%2Fum.js%3A1%3A12935%0A%20%20%20%20at%20e%20(https%3A%2F%2Faeis.alicdn.com%2FAWSC%2FWebUMID%2F1.93.0%2Fum.js%3A1%3A27137)%0A%20%20%20%20at%20https%3A%2F%2Faeis.alicdn.com%2FAWSC%2FWebUMID%2F1.93.0%2Fum.js%3A1%3A26921%0A%20%20%20%20at%20https%3A%2F%2Faeis.alicdn.com%2FAWSC%2FWebUMID%2F1.93.0%2Fum.js%3A1%3A27127%0A%20%20%20%20at%20e%20(https%3A%2F%2Faeis.alicdn.com%2FAWSC%2FWebUMID%2F1.93.0%2Fum.js%3A1%3A27137)%0A%20%20%20%20at%20X%20(https%3A%2F%2Faeis.alicdn.com%2FAWSC%2FWebUMID%2F1.93.0%2Fum.js%3A1%3A77517)
Domain
api.bufferapp.com
URL
https://api.bufferapp.com/1/links/shares.json?url=http%3A%2F%2Fshrew-soft-vpn-client.findmysoft.com%2F&callback=jQuery1102043415200438588886_1683681850772&_=1683681850773
Domain
clients6.google.com
URL
https://clients6.google.com/rpc?key=AIzaSyCKSbrvQasunBoV16zDH9R33D88CeLr9gQ
Domain
sumo.com
URL
http://sumo.com/api/jsonpcallback
Domain
sumo.com
URL
http://sumo.com/api/jsonpcallback

Verdicts & Comments Add Verdict or Comment

102 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 boolean| credentialless number| bustcachevar string| loadedobjects string| rootdomain string| bustcacheparameter number| ast function| sh_as function| sleep function| CreateBookmarkLink function| ajaxpage function| loadpage function| loadobjs boolean| http_request function| makePOSTRequest function| showhide function| showhide2div function| showhide_soft function| link_to function| view_l function| select_all function| img3 function| alertContents function| get_com function| get_ht function| get_rg function| get_spy function| get_dev function| get_srev function| get_newver function| get_rbl function| get_rnl function| detectBrowser function| open_chrome function| dl_pop function| displayMessage function| closeMessage function| ajaxRating function| play_vid function| start_dl function| start_dl_new function| start_dl_new_mac function| start_dl_new_tpl function| seal_open function| redir_time object| Behaviour function| getAllChildren object| xmlhttp function| myXMLHttpRequest function| sndReq function| handleResponse function| changeText object| ratingAction object| _gaq object| _ga object| dataLayer object| j object| d string| n boolean| popoverEnabled function| click_ls function| on object| popover object| closePopoverButton boolean| dangerZone function| showPopover function| closePopover object| FB object| __buffer object| _gat object| gaGlobal object| gapi object| ___jsl function| postscribe object| google_tag_manager_external object| google_tag_manager object| google_tag_data function| hj object| _hjSettings object| js object| osapi object| gadgets object| iframer object| __gapi_jstiming__ object| shindig function| ToolbarApi object| iframes function| IframeBase function| Iframe function| IframeProxy function| IframeWindow object| sumome object| webpackJsonpsumome object| ifrm object| sumo boolean| __smLoaded object| jQuery1102043415200438588886

166 Cookies

Domain/Path Name / Value
.findmysoft.com/ Name: sess_id
Value: o0uk7if0dbnho5u7nr2nlkcfq2
.findmysoft.com/ Name: __utma
Value: 1.58582700.1683681850.1683681850.1683681850.1
.findmysoft.com/ Name: __utmc
Value: 1
.findmysoft.com/ Name: __utmz
Value: 1.1683681850.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
.findmysoft.com/ Name: __utmt
Value: 1
.findmysoft.com/ Name: __utmb
Value: 1.1.10.1683681850
shrew-soft-vpn-client.findmysoft.com/ Name: __smVID
Value: a261a18819b5cfa96ed4f5aa7f082e10d5a32d88ae515c09fccdc70e134c9683
.aliexpress.com/ Name: acs_usuc_t
Value: x_csrf=19sawnw8mucg6&acs_rt=1c58bfd2c6134e8bb4348f30a995d8b4
.aliexpress.com/ Name: aeu_cid
Value: a7cfe817f0b644d3a2fabcdc99f75a09-1683681851328-03377-_DEQI9az
.aliexpress.com/ Name: xman_t
Value: SQQY0KXIYLNE4BO6vS4Tx+soqu/WierpG8XB8t/WFXWIa+BQRLIWwtW9UCmE8bV4
.aliexpress.com/ Name: af_ss_a
Value: 1
.bongacams.com/ Name: __cf_bm
Value: SLlyHkThZmGejS.3MKeoH4fQE7eL5bAnQZiCIlqhn40-1683681851-0-Affo/CDrtq0XyKFmTygzubHn6u9z9rhzbChL45TnD9tfkbmch+XuKNyLVONBS9xm4ixbxdUebVhpxzjQvpsKb8A=
.iherb.com/ Name: iher-pref1
Value: storeid%3D0
.iherb.com/ Name: ih-preference
Value: store%3D0
.iherb.com/ Name: ihr-ea
Value: PerformanceHorizon-1100lwJJYrKH
.iherb.com/ Name: __cf_bm
Value: 9fmj6AMrTIjGPDg_5.gcECXlQw21Xv4tOAR7ZvjLKvk-1683681851-0-AZmAfyjruD0CXuV5yBFKUYd8qp5zZgVPBUW8zc1MkTCSjQCKV9CZodf/aq/zerEuAZ5yjizGXXsuX9s4Arhc4/xoXGf5gqa95yyYcXWM+I+0
.bongacams.com/ Name: bonga20120608
Value: 0034062fe789fa8c1636b04eec172df8
.aliexpress.com/ Name: xman_us_f
Value: x_l=0&acs_rt=1c58bfd2c6134e8bb4348f30a995d8b4&x_as_i=%7B%22aeuCID%22%3A%22a7cfe817f0b644d3a2fabcdc99f75a09-1683681851328-03377-_DEQI9az%22%2C%22af%22%3A%22a%22%2C%22affiliateKey%22%3A%22_DEQI9az%22%2C%22channel%22%3A%22AFFILIATE%22%2C%22cv%22%3A%221%22%2C%22isCookieCache%22%3A%22N%22%2C%22ms%22%3A%221%22%2C%22pid%22%3A%22716815331%22%2C%22tagtime%22%3A1683681851328%7D
.aliexpress.com/ Name: xman_f
Value: LDbkjkSrMTGxZHte1oBGUvgVItZuyvJiO9gqDTMFQm6kaq2Q/PUyWeozGcAvDQUY0bv8qAjp5RHfPIV6nlY6+vt3z2juUiaCe2N+KKt5fLrdxttllsQjbg==
redirects.tradedoubler.com/ Name: AWSELBCORS
Value: FF1BFB8F1C42D3E6A4BF4A0B044EDED4042A192C9290BEFD088C175CF1515E1B2535CA43E0ACB35A8119CA374522E5CD51D3AB65B8C1BA03E231E71D15DBA2CF9A7C59ACA2
www.notino.it/ Name: CommissionJunction
Value: 1
www.notino.it/ Name: CJEVENT
Value: 20a385fceec811ed80cc02200a18ba72
www.notino.it/ Name: source
Value: cj
www.notino.it/ Name: lastSource
Value: cj
www.notino.it/ Name: source45
Value: cj
.notino.it/ Name: USER
Value: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzaG9wIjoibm90aW5vLml0IiwiY2dycCI6IjM1MCIsImxhbmciOiIxOSIsImx0YWciOiJpdC1JVCIsImN1cnIiOiIxIiwiY2xpZW50Ijoid2ViIiwiZ3JkIjoiNjgxMDgxNjAwMzI0MTE1NzYiLCJzaWQiOiI3MUJEMDAwMC00NEJCLUQyMDItMjIyRi0wOERCNTBGNTQyN0QiLCJyb2xlIjoiQW5vbnltb3VzIiwiY2FydCI6IjcxQkQwMDAwLTQ0QkItRDIwMi0yMjQ4LTA4REI1MEY1NDI3RCIsImlhdCI6MTY4MzY4MTg1MSwiaXNzIjoibm90aW5vIn0.mNkqdTPguC90J1zBIw9yRo_HV0ATQaj8-A6C7OZgX-A
.notino.it/ Name: ab80
Value: 1
.notino.it/ Name: ab42069
Value: 2
.notino.it/ Name: grd
Value: 68108160032411576
.notino.it/ Name: JavascriptOn
Value: 0
.notino.it/ Name: npcount
Value: 1
.notino.it/ Name: lpv
Value: Lw==
www.hotelscombined.it/ Name: Apache
Value: wJF$2Q-AAABiANCOV4-a5-Z3XmnQ
www.hotelscombined.it/ Name: cluster
Value: 5
www.hotelscombined.it/ Name: kayak.t
Value: TOk1DurdKaROZobIxo_V
www.hotelscombined.it/ Name: p1.med.sid
Value: R-5Jey2EkH0sodko1ZKd0RI-SoErWUbybSSTBeGok1RHP3ad_ibKTTOlEUfylpi3O
www.hotelscombined.it/ Name: kanid
Value: kan_172493
www.hotelscombined.it/ Name: languageCode
Value: IT
www.hotelscombined.it/ Name: currencyCode
Value: EUR
www.hotelscombined.it/ Name: a_aid
Value: 172493
www.hotelscombined.it/ Name: brandId
Value:
www.hotelscombined.it/ Name: label
Value:
www.hotelscombined.it/ Name: Mobile
Value: 0
www.hotelscombined.it/ Name: visitor
Value: id=e740b89b-1f8d-46b7-96bd-6eea1cfa4c4d&tracked=false
www.hotelscombined.it/ Name: visit
Value: date=2023-05-10T11:24:11.763057946+10:00&id=dde7efb5-9e63-485b-9b8d-995b6ebaa663
www.hotelscombined.it/ Name: QueryBasedAffiliate
Value: 11
.bongacams.com/ Name: BONGAH_HIT
Value: 3e55f678f6b30e70081e187efd7d5af1%3A%3A183346%3A%3Ahttps%3A%2F%2Fhlmiq.com%2F%3A%3A%3A%3A%3A%3A287325%3A%3A%3A%3A%3A%3A0%3A%3A0%3A%3A0%3A%3A0%3A%3A%3A%3A0%3A%3Adefault%3A%3A0%3A%3A2023-05-10%2004%3A24%3A11
.bongacams.com/ Name: sg
Value: 211
.bongacams.com/ Name: warning18
Value: %5B%22it_IT%22%5D
vave.com/ Name: btag
Value: 657028_7457C709B74841759EFFB14E6BB3A6CC
.ticketone.it/ Name: permInfo
Value: 1683560809107066801A10052023A10052023
.ticketone.it/ Name: dd
Value: 1
.ticketone.it/ Name: webid
Value: SVRUX05PX1NFU1NJT05fSVQ=
.ticketone.it/ Name: webshop
Value: bG9naW49MCZldm9fbXljbHVic19tZW1iZXI9JnByaWNlPTAuMDAmYW1vdW50PTAmbWVya2l0ZW1zPTAmcmVzZXJ2YXRpb25fZHVyYXRpb249MCZrcHNfdXJsPSZhbW91bnRfZXZpZHM9MCZwa2lkc19pbl9jYXJ0PSZldmlkc19pbl9jYXJ0PSZ0aWNrZXRhbW91bnRfcHJpY2VzX3BraWQ9JnJhbmRvbT02MTM4MCZyZWZlcmVyPSZrZXk9RFpFMzU4aW45cTQzJm1vZD0xJmRldmljZV9pbmZvPTAmbGFuZ3VhZ2U9aXQmbG9jYWxlPWl0X2l0JnByaWNlX2Zvcm1hdHRlZD0wJTJDMDAmY3VycmVuY3lfY29kZT1FVVImY3VycmVuY3lfc3ltYm9sPSUyNmV1cm8lM0I=
.ticketone.it/ Name: _abck
Value: F88461C7168568E3BA1F9A1EA386D987~-1~YAAQNbsQAhhpb/6HAQAAdjpCAwlQnw7kC2sGF9e29N+gfca9ezd3Q2Cv8lucaKPf9n/6owD5TZDysTXWoVU3IOSYXZmUSjC1FLWkWXeIGfEAuRzGTVF5Y8rjkOPh2jIw5rsV73juRNCQ58Pgja38ODPNCM3cGhSZF5UlXMcNitetN4o8tXDaRIyOlMQ8/s5cHkUf1z6un+fXNlVFWQyk3WyERuDU0LtRvTTQNTI98Hn8JzCP+jlNTkcxKFaQLeBfwbDv8dyDvTHrLm2k/gc0oYxgo539u2ViHx7KLmdLmwz/0YbjIz5iwH+cKAs/1XIXqGdbzPbjGyYl1AdOiOuip6GKW2ZN7Zk/7TiNCxh/pHuatBaCKYyR9rIkIi21ww==~-1~-1~1683685417
.ticketone.it/ Name: ak_bmsc
Value: 9001FEA09EDD165423BF33F9E0B286A4~000000000000000000000000000000~YAAQNbsQAhlpb/6HAQAAdjpCAxMxo51mVt6SExW61nLckKeyaEJ3kj0JhLENQTY/zTPVcaQ2sc6fh0BoMC6nNuzRTx8TVlzBMHU4QPp+Hj6lGz+YiI8X/Nz9y0Fv6uci3+Jt8eXJon4fMederqB4C8A90GBpi0h4me1cMESXdbt2cQW+sESOKKS7LgG3Qy1b3ZAWlkRJ6O9VKGOw9WjOIRBdWJBuTmBeS2Ii8BAbqanbDN1YA/+A8egJSExlrOkC4JgV9liucKmVqTRZX0/nnREpj+6f/WXr8L3KsyZNoES5UrhST1bAxytRVRmFbWj0FfAGja9Js7JSwH9n/Atnn9i5Ezelh/6IhiaZRTnInXkHVwyAICRjDD5+zAdK07UXc9TsJcHbqrqamsO/w2tb/KU=
.ticketone.it/ Name: bm_sz
Value: D1646E620A04B13645E9568DA167AAEE~YAAQNbsQAhtpb/6HAQAAdjpCAxPomT/k62oBJelZ0Jm1lJitdZGwazujJqgTgAr1sTRilbInHz3vuZe3ZDE/WKUR5r7QlSCoeVwG0xbMU3oNvKsJAQGv375adVLfBhiemPlD6dPZv9bZhXEyoBlOq2zMe+Z3yn1XiaXxopgq3r71mVzIzAQyZmFcoF/aPOyAisgTXE4ND+x9gAX2i8DAYsOuih0HLHZLG4Gu43ArqoK/3QluxOcPW2gOTSskGI9im/+ZqxWGhmgm3I7JrVjX6Bmr4TilyJKqjWWNW169paOWaYcLfw==~4272439~3749702
.lightinthebox.com/ Name: vela_3m_c
Value: 42
.lightinthebox.com/ Name: vela_3m
Value: 645af23c119eb
.lightinthebox.com/ Name: local
Value: it%7CIT%7CEUR
www.kayak.it/ Name: Apache
Value: IAEKyAAkAEQAAAAAAAAAFA-AAABiANCOzQ-a5-R1eP7A
www.kayak.it/ Name: cluster
Value: 5
www.kayak.it/ Name: kayak.t
Value: ZgBiThe_ZvaGzRNuZTpG
www.kayak.it/ Name: p1.med.token
Value: 9RRxwJOI5BCxzwg_0YBfRk
www.kayak.it/ Name: p1.med.sid
Value: R-5dRuTmBfJ1uXmKto_pCdp-UGfdawXBu7UELxoBmRPj_gpPciLTdiKZMtZzACRDV
www.kayak.it/ Name: kanid
Value: tradetracker
www.kayak.it/ Name: kanlabel
Value: AcHXupcCCe_Rc9hbLwKdazJlRxJM6-86LktOKdIEDN_hdS65zPIznlS7pLYsjwVF6u5Be4cz05UMkyFJMQY-6v4CvGeZGTM1JliTvnSnD2S7xbOtwbkPBetZTyVFEgAatDth-OcNXiO19znyB7Iw7QH0zypHKN-HJ5ckdL7qBElJ4XY72gCm-5WHdTkJ1NvuCze1u3lvpwenYltZRA9szGrU19OOcJgVlDpbx39dQ874zmGpENwprAv5Yw9ahRaa4Q
www.bata.it/ Name: dwac_aac2171b9ed26717cbf309da5d
Value: 7Raf2sHdDozkfmIL069ECxO6eEU-hvhg66o%3D|dw-only|||EUR|false|Europe%2FRome|true
www.bata.it/ Name: cqcid
Value: abEg2w9HvFwGeQnxfMl7kpklZY
www.bata.it/ Name: cquid
Value: ||
www.bata.it/ Name: sid
Value: 7Raf2sHdDozkfmIL069ECxO6eEU-hvhg66o
www.bata.it/ Name: dwanonymous_243030726ea0aa6f97e98e76b3779ce9
Value: abEg2w9HvFwGeQnxfMl7kpklZY
www.bata.it/ Name: __cq_dnt
Value: 0
www.bata.it/ Name: dw_dnt
Value: 0
www.bata.it/ Name: dwsid
Value: zFI87YZ9fFXTiO2ey_e2_jL-23J5Joq53FyL82v1PiqZPJi2Dqhoup49CyMxkMmLo2gZ_Vsi3Ttmo0n6VqQpTg==
.bata.it/ Name: __cf_bm
Value: OGYjg1CZT_7MlHXaGfLLVO0KTGCxKLPl9rQxfrFNrxQ-1683681852-0-AajGuOlvoTRIEPuIZxuXOz5WQNKoC2GUtqJuZF4HqBzhjQHezrMANTge2N1T5Oh0LKAeMb9MlpxySChfyS6sFvY=
www.kayak.it/ Name: kayak.mc
Value: AZ3RfCNohc-qxZg_VhWMAjcXjtQgZWAiLM5puqkDuC5-xU-hcdRMfqaLkzG2sHhGR48EN9U_mGymq175OWcRIJmiuTm1f5yeEIUrDiJ9vZIrVRF42ICTcx5AEj8LmgpcPvn06JIIjYQwgWOKizdzoCFliJyLsEEv-PUoCJ7Gijg_ZoopO2y1MQMn5maHKq94AXvZ6ojaW-09qVK54867TfMCRXnBmOmHKXaYlllBufisZfnT0QpQCUxnnhylWsywSkqOVKZMjG26oQ2G3KMCzd3GAKL6G0xW10OViq5ENjvLuQF79GLPJrPsmaWSJsAopoyoOnZhUyAqEgesrKWetufL-L0SDT6ajC4c55wY59ExOLh3NERtW1QH0KTOTCVOTbkvyEKxFiurkK-_4Ynt_9Mr7sDuObOpQuxbtaDo3AktQsXuc16EGs1o4ci4OFCnfoed00DG3pWaVD03qyJRDgmNtd6B6chUFoCHfZ7IWrvHQ_7Uz-eaIBusVbxY9LR99JbyuHabUnvH9jbJcIlNgTjWooIczEOaznM03UM30-lN
.iqbroker.com/ Name: Traceid
Value: cb4d70a6d3e8fefb08d0ac45feb62d79
.iqbroker.com/ Name: aff
Value: 7792
.iqbroker.com/ Name: afftrack
Value:
.iqbroker.com/ Name: retrack
Value:
.iqbroker.com/ Name: affextra
Value:
.iqbroker.com/ Name: aff_model
Value:
.iqbroker.com/ Name: aff_ts
Value: 2023-05-10T01:24:12Z
.iqbroker.com/ Name: landing
Value: /lp/ultimate-trading/
.iqbroker.com/ Name: IsRestrictedCountry
Value: false
.iqbroker.com/ Name: IsRegulatedCountry
Value: true
.iqbroker.com/ Name: Country
Value: it
.iqbroker.com/ Name: CountryID
Value: 97
.iqbroker.com/ Name: AffTrackGroup
Value: Black_team_(partnerka)
.iqbroker.com/ Name: Serv
Value: NL
.iqbroker.com/ Name: referrer
Value: https://hlmiq.com/
.iqbroker.com/ Name: AppID
Value: id871125783
.iqbroker.com/ Name: brand_id
Value: 1
.iqbroker.com/ Name: platform
Value: 9
.iqbroker.com/ Name: client_platform_id
Value: 9
.iqbroker.com/ Name: support_email
Value: support@eu.iqoption.com
.iqbroker.com/ Name: company_id
Value: 1
.iqbroker.com/ Name: IsAppStoreCountry
Value: true
.iqbroker.com/ Name: RedirectDomain
Value: iqoption.com
.iqbroker.com/ Name: RedirectDomains
Value: iqoption.com,iqtrading.asia
.iqbroker.com/ Name: linkPolicy
Value: /it/terms-and-conditions/privacy-policy-new
.iqbroker.com/ Name: linkTerms
Value: /it/terms-and-conditions/terms-and-conditions
www.viator.com/ Name: x-viator-tapersistentcookie-xs
Value: 6e5df652-613d-4f2a-9c95-41b37f1a0dbd
.armani.com/ Name: RESOURCEINFO
Value: DEVICE=desktop&ORIGINALDEVICE=desktop
.armani.com/ Name: ytos-session-ARMANIGROUP
Value: 2335540922e2484ca7dada23d3ec4b0bmmh2Mctfj66piBbfT88J7g
www.canva.com/ Name: CDI
Value: 36f0c7fb-9300-423b-a816-14a3dc09550a
.canva.com/ Name: CAI
Value: 3121170d-1ffe-4209-b899-cd9511219eb6
www.canva.com/ Name: CPA
Value: uxgEPFz0-Zmrnz_8xi7PAXFBcUfElo8ojRQvZpF8guRrtHByq374I7SNfpM-HopZULGrnWLu61yGbbEvVRjLDjC4YdasxZaAtFPhOkAPlEok9RQAhfn_cAwFjxCyUEZ-deVCKlUVTyhe_7ZDZkoGyfE2uogcqk_ebfjXl7GmTxwBHg-Xsqf8oelaOencJmT6Naey10uWe37yE2VnPKg01Bof7radeH2oRIHQ6M7gTfQHyHTUMVUNuf628lS4ttqKL0n2h4VUgkElKN-bDAsNYxbIIYUoFG-tnF9hUIWKbcLXio8Lrldx4nZVA4v6jKuH95M8QQ
www.canva.com/ Name: CCK
Value: VwPYKzL2mrpjqCRrQFhQUw
.canva.com/ Name: __cf_bm
Value: izD9xmTgl7GQIhd4e.7cbZfzGq6jbzJcXpEbejwhB4s-1683681852-0-AbRjK6yBFjDY6i/w4KoN9L2hkO434ObBow0hWuU3BmqXtu6rVYrNL6A+HUMkTDSK7w+UYPwR+a73pjh/xqVBBOk=
.canva.com/ Name: __cfruid
Value: f0f7e1976eb8fd739f03a35eedd24581b3b2e3c5-1683681852
.vrbo.com/ Name: HMS
Value: f151d393-a6ed-4c2b-b02c-714de1850259
.vrbo.com/ Name: cesc
Value: %7B%22aff%22%3A%5B%22AFF.VRBO-IT.DIRECT.PHG.1100l95727%22%2C1683681852952%5D%2C%22marketingClick%22%3A%5B%22true%22%2C1683681852952%5D%2C%22hitNumber%22%3A%5B%221%22%2C1683681852952%5D%2C%22visitNumber%22%3A%5B%221%22%2C1683681852952%5D%2C%22cidVisit%22%3A%5B%22AFF.VRBO-IT.DIRECT.PHG.1100l95727%22%2C1683681852952%5D%2C%22entryPage%22%3A%5B%22Zq9wZdD0HsM0wH%2BVQfYb5CSu7%2BSYNJo7XZZZeMDWxTg%3D%22%2C1683681852952%5D%2C%22cid%22%3A%5B%22AFF.VRBO-IT.DIRECT.PHG.1100l95727%22%2C1683681852952%5D%7D
.vrbo.com/ Name: hav
Value: 21c9208c-d612-4c58-06f4-ba538b0353a0
.vrbo.com/ Name: MC1
Value: GUID=21c9208cd6124c5806f4ba538b0353a0
.vrbo.com/ Name: DUAID
Value: 21c9208c-d612-4c58-06f4-ba538b0353a0
.vrbo.com/ Name: OIP
Value: gdpr|-1
www.vrbo.com/ Name: ha-device-id
Value: 21c9208c-d612-4c58-06f4-ba538b0353a0
www.vrbo.com/ Name: hav
Value: 21c9208c-d612-4c58-06f4-ba538b0353a0
www.vrbo.com/ Name: has
Value: 2d7c2cd8-b323-8f80-00d0-0e4bf4b3e85c
www.vrbo.com/ Name: eu-site
Value: 1
.expedia.it/ Name: linfo
Value: v.4,|0|0|255|1|0||||||||1040|0|0||0|0|0|-1|-1
.expedia.it/ Name: CRQSS
Value: e|0
.expedia.it/ Name: CRQS
Value: t|8`s|8`l|it_IT`c|EUR
.expedia.it/ Name: currency
Value: EUR
.expedia.it/ Name: iEAPID
Value: 0
.expedia.it/ Name: tpid
Value: v.1,8
.expedia.it/ Name: cesc
Value: %7B%22aff%22%3A%5B%22AFF.IT.DIRECT.PHG.1100l95727.0.1100lwJJRAC8%22%2C1683681853039%5D%2C%22marketingClick%22%3A%5B%22true%22%2C1683681853039%5D%2C%22hitNumber%22%3A%5B%221%22%2C1683681853039%5D%2C%22visitNumber%22%3A%5B%221%22%2C1683681853039%5D%2C%22cidVisit%22%3A%5B%22AFF.IT.DIRECT.PHG.1100l95727.0%22%2C1683681853039%5D%2C%22entryPage%22%3A%5B%22Homepage%22%2C1683681853039%5D%2C%22cid%22%3A%5B%22AFF.IT.DIRECT.PHG.1100l95727.0%22%2C1683681853039%5D%7D
.expedia.it/ Name: HMS
Value: 7c4ba769-8071-4df3-9eae-8870d1b2dd3e
.expedia.it/ Name: MC1
Value: GUID=200c700d32094dbca1fac0502ccff440
.expedia.it/ Name: DUAID
Value: 200c700d-3209-4dbc-a1fa-c0502ccff440
.expedia.it/ Name: OIP
Value: gdpr|-1
.expedia.it/ Name: CRAS
Value: IT.DIRECT.PHG.1100l95727.0
www.hotelscombined.it/ Name: kayak.mc
Value: AQtm3NrjgGCy3dJqDQfogzA9Fk1x1UloopBQhklvxd28lUIFG0D0FeXW4Lfydp-KTQdpUWNO8nt5U2EEK6cPmq1QsF3vmZgCmKPSljW9mxNyTgQ_I02Xeep5Lmo8qgnYwjPzBbfKWz9N7cZS6ULcdsW4KYAlvQ5bBMBF6SDFm26BLfuQc4SmAxp70_C6FJq58tuY-Io9dku6edy5jZZ5j5Bc30wMSE_7Haa7fZg0xIkz
stripchat.com/ Name: __cflb
Value: 0H28vPd3FnpiGKN8zrWpn3sp2zNfrs2HZeH5VfsW7DE
.agoda.com/ Name: agoda.user.03
Value: UserId=ef6ff57f-c329-43b7-bb24-8a9ebd9d05fa
.vestiairecollective.com/ Name: __cf_bm
Value: .2gcKxa7gHYootzGwaqydAO8jbIjHPiFtXSIlK5S3Mc-1683681853-0-AevR1phOwaKiwHyefZ2VMHmOkp8sENz0SBYUEJpqOflM+P43/H/fHhV09zsM/94gRqqnyc1m73dtFLNWxE1Ca4s=
it.stripchat.com/ Name: __cflb
Value: 02DiuFntVtrkFMde1diEnm3SRWgD5TsR8zxfVC9fD979W
.mmstat.com/ Name: cna
Value: PeDhHA9CZgICAcCRf9kHzu5z
.mmstat.com/ Name: sca
Value: 9bdc3677
.aliexpress.com/ Name: cna
Value: PeDhHA9CZgICAcCRf9kHzu5z
.armani.com/ Name: UI-PERSISTENT
Value: abtest=&abtestperc=serviceworker&abtesth=zGe8bu17DoHWrRebwyxr6g&country=it
.armani.com/ Name: UI
Value: abtest=&abtestperc=serviceworker&abtesth=zGe8bu17DoHWrRebwyxr6g&cacheversion=f31-v055-armanigroup-w&device=desktop&version=2023-05-08-5395187&lang=
.getyourguide.com/ Name: visitor_id
Value: 6R63D9LK9XL5NWJ00JD0N18GQYIA2LEG
.getyourguide.com/ Name: __cf_bm
Value: uYFGNcJjNogOq6aA0ZiRbxZGNTyvDh7r8QE6E8fVYEQ-1683681853-0-AY5yDBSVszk3ZHFd7wB9p1rRxJr4rVKVYU3g62Z6MDGruU8qbhBb0DkkD8430GWD1yPvAdPSRnz1qbPLZus0Wr4=
.c-and-a.com/ Name: __cf_bm
Value: rk7w6_cAHZ..Xau0cwNk_1conAalPP3oTM4HC6.D3tU-1683681853-0-AVMHfjJZlnzMQVNDf5lI/HangXIPVCQ1EEnXwr3R7FuW61Pw/WBXY/voUaeaNAyVx/DCXG/YqlwLwnaD0EBQygDzyCldjCLzdRLaROtIoRZO
.getyourguide.it/ Name: visitor_id
Value: 6R63D9LK9XL5NWJ00JD0N18GQYIA2LEG
.getyourguide.it/ Name: __cf_bm
Value: eKZBDv1WEfoHntC41K5H9kUNdc3wfbm8xuttScnTjc4-1683681853-0-AYQA7Mpd9Ren/1YuTYSTR9VkvKs0mWQvZSpQ8r3q5KMNoK295alivc+EMSQ2QxRtJr7DSdxzXvO1H7iO0MU5GSM=
.mmstat.com/ Name: atpsida
Value: 443952e9443a29574c52a6ad_1683681853_1
.tradetracker.net/ Name: TTcst_167422
Value: 0%3A%3A218459%3A%3A71651224a2254e46b63898447414be57%3A%3A%3A%3A1683674703%3A%3A27846
.lookfantastic.it/ Name: chumewe_user
Value: d797a04f-c300-4c46-8e58-478dca437848
.lookfantastic.it/ Name: chumewe_sess
Value: 7a1b07c3-76a4-4f77-b8e4-b668735c7efb
.lookfantastic.it/ Name: locale_V6
Value: it_IT
www.lookfantastic.it/ Name: csrf_token
Value: 77631464992817422010
.de-wum.aliexpress.com/ Name: cbc
Value: G9D98E1A364B6E244CAA21A6BB355A3FC9F03F223E39C8D169C
shrew-soft-vpn-client.findmysoft.com/ Name: __smToken
Value: NmR2JncXHMGM35AooiCQvK31
www.marriott.it/ Name: sessionID
Value: F493ED77-1920-5CB0-90E1-07B84F178D15
www.marriott.it/ Name: MI_Visitor
Value: F493ED77-1920-5CB0-90E1-07B84F178D15
www.marriott.it/ Name: JVMID
Value: aries-play-search-app-blue-61-q5g5q
www.marriott.it/ Name: MI_SITE
Value: prod13
www.marriott.it/ Name: x-mi-tag
Value: rel-R23.4.4
www.marriott.it/ Name: 6eb4d3cf9a49b0ed41267c55041f35e7
Value: eb0cd7c8f3a07bd8d7c20a9d93b85957
www.marriott.it/ Name: akacd_Hybrid
Value: 3861134652~rv=99~id=5d2d24f43f657ea178da1c855b2b9947
.udemy.com/ Name: __cf_bm
Value: EZVSX0cOg.qDBw.p20FZipQtwNd0lHSgjVjnq3V1BOQ-1683681854-0-Afo1RG6V2LnWWF+fqEV8QiBLagF8CP3uSXSce2SsN4NVlk/0YeEV1UZJlGZubSGwRj1iCTCbgIRBfjWX4GEZsgc=
.udemy.com/ Name: __cfruid
Value: e4e834701148f15c87151ecc41d15f12ef64d2da-1683681854

13 Console Messages

Source Level URL
Text
security error (Line 6)
Message:
This document requires 'TrustedScript' assignment.
network error URL: http://d1xxdi1bvp4gvz.cloudfront.net/?key=89d0769a0a84fffa39d6f6a41a6ba0c6&ch=
Message:
Failed to load resource: the server responded with a status of 502 (Bad Gateway)
network error URL: http://filamentapp.s3.amazonaws.com/ed743a9994b0a6e69939f0b5b4447eda.js
Message:
Failed to load resource: the server responded with a status of 403 (Forbidden)
network error URL: https://kinsta.com/?kaid=ARRPTWYMWIMC
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
other error URL: chrome-error://chromewebdata/
Message:
Refused to display 'https://developers.google.com/' in a frame because it set 'X-Frame-Options' to 'sameorigin'.
network error URL: https://www.momondo.it/in?a=tradetracker&encoder=19_4&enc_pubid=191272&enc_bid=0&enc_pid=20430&enc_refid=0%3A%3A191272%3A%3Av0303000113828783ebccb2f44730ae22218572db1e34%3A%3A%3A%3A1683676202&utm_source=tradetracker&utm_medium=affiliate&utm_campaign=191272&utm_content=20430&url=https%3A%2F%2Fmomondo.it%2F
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://www.vestiairecollective.com/?utm_source=rakuten&utm_medium=affiliate&utm_campaign=2126220_Takeads+GmbH&utm_term=a1LgFw09t88-aEHBOLIMi2GAFadjSUlNTQ&ranMID=49104&ranEAID=a1LgFw09t88&ranSiteID=a1LgFw09t88-aEHBOLIMi2GAFadjSUlNTQ
Message:
Failed to load resource: the server responded with a status of 403 ()
security warning URL: https://login.aliexpress.com/?af=a&8469&cn=milano&cv=482179&dp=192.145.127.217&aff_fcid=a7cfe817f0b644d3a2fabcdc99f75a09-1683681851328-03377-_DEQI9az&tt=CPS_NORMAL&aff_fsk=_DEQI9az&aff_platform=portals-tool&sk=_DEQI9az&aff_trace_key=a7cfe817f0b644d3a2fabcdc99f75a09-1683681851328-03377-_DEQI9az&terminal_id=1c58bfd2c6134e8bb4348f30a995d8b4
Message:
Mixed Content: The page at 'https://login.aliexpress.com/?af=a&8469&cn=milano&cv=482179&dp=192.145.127.217&aff_fcid=a7cfe817f0b644d3a2fabcdc99f75a09-1683681851328-03377-_DEQI9az&tt=CPS_NORMAL&aff_fsk=_DEQI9az&aff_platform=portals-tool&sk=_DEQI9az&aff_trace_key=a7cfe817f0b644d3a2fabcdc99f75a09-1683681851328-03377-_DEQI9az&terminal_id=1c58bfd2c6134e8bb4348f30a995d8b4' was loaded over HTTPS, but requested an insecure element 'http://acjs.aliyun.com/error?v=um_107_85&e=Illegal%20invocation&stack=TypeError%3A%20Illegal%20invocation%0A%20%20%20%20at%20https%3A%2F%2Faeis.alicdn.com%2FAWSC%2FWebUMID%2F1.93.0%2Fum.js%3A1%3A12368%0A%20%20%20%20at%20https%3A%2F%2Faeis.alicdn.com%2FAWSC%2FWebUMID%2F1.93.0%2Fum.js%3A1%3A12935%0A%20%20%20%20at%20e%20(https%3A%2F%2Faeis.alicdn.com%2FAWSC%2FWebUMID%2F1.93.0%2Fum.js%3A1%3A27137)%0A%20%20%20%20at%20https%3A%2F%2Faeis.alicdn.com%2FAWSC%2FWebUMID%2F1.93.0%2Fum.js%3A1%3A26921%0A%20%20%20%20at%20https%3A%2F%2Faeis.alicdn.com%2FAWSC%2FWebUMID%2F1.93.0%2Fum.js%3A1%3A27127%0A%20%20%20%20at%20e%20(https%3A%2F%2Faeis.alicdn.com%2FAWSC%2FWebUMID%2F1.93.0%2Fum.js%3A1%3A27137)%0A%20%20%20%20at%20X%20(https%3A%2F%2Faeis.alicdn.com%2FAWSC%2FWebUMID%2F1.93.0%2Fum.js%3A1%3A77517)'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
network error URL: https://block.fiverr.com/?url=aHR0cDovL3d3dy5maXZlcnIuY29tLz9hZnA9NjQzOWQ2MGJkZmUyMGQwMDEzMzgwMGMwJnNob3dfam9pbj10cnVlJnV0bV9tZWRpdW09Y3hfYWZmaWxpYXRlJnV0bV9jYW1wYWlnbj03ODk5NDUmdXRtX3NvdXJjZT0zNzg5JmN4ZF90b2tlbj0zNzg5XzI1MTA3MjY4XyU3Q2FmcDAlM0E2NDM5ZDYwYmRmZTIwZDAwMTMzODAwYzAlN0NhZnAxJTNBNjI4OF8xNjgzNjc0NjQxXzhjZDI3YmQxZjhmNGNjMmMyN2U3ZjRjYzhiYzhjMDY5JTdDYWZwMiUzQTc4OTk0NSU3Q2FmcDEwJTNBNzg5OTQ1&uuid=5ffc4e0d-eed1-11ed-9398-48556d6d6e41&vid=
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://www.tiqets.com/it/?partner=mtac
Message:
Failed to load resource: the server responded with a status of 403 ()
javascript error URL: http://shrew-soft-vpn-client.findmysoft.com/
Message:
Access to XMLHttpRequest at 'https://clients6.google.com/rpc?key=AIzaSyCKSbrvQasunBoV16zDH9R33D88CeLr9gQ' from origin 'http://shrew-soft-vpn-client.findmysoft.com' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://clients6.google.com/rpc?key=AIzaSyCKSbrvQasunBoV16zDH9R33D88CeLr9gQ
Message:
Failed to load resource: net::ERR_FAILED
network error URL: https://www.gamestop.it/?kk=a4c6293-18802adc4d8-28073&utm_campaign=kelkooclick&utm_medium=cpc&utm_source=kelkooit
Message:
Failed to load resource: the server responded with a status of 403 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.binance.com
accounts.google.com
acjs.aliyun.com
adserver-mb.com
ae.mmstat.com
ae01.alicdn.com
aeis.alicdn.com
affiliate.geekbuying.com
api.bufferapp.com
api.facebook.com
apis.google.com
assets.alicdn.com
block.fiverr.com
bngtrak.com
bongacams.com
clients6.google.com
connect.facebook.net
d1xxdi1bvp4gvz.cloudfront.net
de-wum.aliexpress.com
developers.google.com
filamentapp.s3.amazonaws.com
fonts.googleapis.com
fourier.taobao.com
g.alicdn.com
graph.facebook.com
hlmiq.com
img.findmysoft.com
iplogger.com
iqbroker.com
it.bidoo.com
it.bongacams.com
it.hotels.com
it.stripchat.com
it1.iherb.com
kinsta.com
load.sumo.com
load.sumome.com
login.aliexpress.com
monday.com
odnaknopka.ru
offer.alibaba.com
powered-by-revidy.com
reddit.com
redirects.tradedoubler.com
s.click.aliexpress.com
sc.tradetracker.net
shrew-soft-vpn-client.findmysoft.com
ssl.gstatic.com
static.hotjar.com
static.totalav.com
stats.g.doubleclick.net
stripchat.com
sumo.com
vave.com
warehouse-x.io
widgets.pinterest.com
www.agoda.com
www.airhelp.com
www.arcaplanet.it
www.armani.com
www.bata.it
www.binance.com
www.c-and-a.com
www.canva.com
www.cdkeys.com
www.cotosen.com
www.coursera.org
www.dhgate.com
www.ebay.it
www.expedia.it
www.findmysoft.com
www.fiverr.com
www.fruugo.it
www.gamestop.it
www.geekbuying.com
www.getresponse.com
www.getyourguide.com
www.getyourguide.it
www.giglio.com
www.google-analytics.com
www.google.com
www.google.it
www.googletagmanager.com
www.hotelscombined.it
www.hp.com
www.iherb.com
www.instui201.info
www.interflora.it
www.kayak.it
www.kobo.com
www.libraccio.it
www.lightinthebox.com
www.lingoda.com
www.lookfantastic.it
www.marriott.it
www.miniinthebox.com
www.momondo.it
www.notino.it
www.qvc.it
www.reddit.com
www.rentalcars.com
www.semrush.com
www.ticketone.it
www.tiqets.com
www.tomtop.com
www.transavia.com
www.udemy.com
www.vestiairecollective.com
www.viator.com
www.volotea.com
www.vrbo.com
www.wish.com
acjs.aliyun.com
api.bufferapp.com
clients6.google.com
kinsta.com
sumo.com
www.coursera.org
www.giglio.com
www.hp.com
www.kobo.com
www.miniinthebox.com
www.qvc.it
www.volotea.com
www.wish.com
104.102.42.226
104.111.216.81
104.16.106.108
104.160.64.8
104.18.254.23
104.18.7.193
104.22.54.190
104.26.14.122
108.138.17.120
13.224.189.39
13.32.27.64
142.132.202.70
148.251.234.93
151.101.129.29
151.101.193.29
151.101.64.84
151.101.65.140
163.181.56.169
163.181.56.193
176.9.60.211
18.66.122.40
18.66.97.49
18.66.97.53
18.66.97.69
185.117.134.138
192.102.6.94
195.85.23.89
195.85.23.96
2.16.187.90
2.23.196.184
217.16.189.39
23.197.132.154
23.201.245.174
23.36.162.214
23.41.180.10
23.45.103.78
23.45.238.185
23.45.99.31
2400:52e0:1e00::713:1
2408:4001:f10::cf
2600:9000:21f3:be00:1d:1ec:dfc0:21
2600:9000:223e:fa00:0:63e5:e000:93a1
2600:9000:2250:4e00:12:ff18:1880:93a1
2600:9000:225e:4000:1f:1abb:6580:93a1
2600:9000:2491:2800:17:e47d:5040:93a1
2606:4700:20::681a:203
2606:4700:20::ac43:4b7f
2606:4700:311f::6812:3f82
2606:4700:4400::6812:23a4
2606:4700::6810:970f
2606:4700::6810:e25b
2606:4700::6810:e30a
2606:4700::6811:e321
2606:4700::6812:1829
2606:4700::6812:5d2
2606:4700::6812:e42b
2a00:1450:4001:806::2004
2a00:1450:4001:80f::200a
2a00:1450:4001:813::2003
2a00:1450:4001:813::200d
2a00:1450:4001:828::200e
2a00:1450:4001:82a::200e
2a00:1450:4001:82b::2003
2a00:1450:4001:82f::2008
2a00:1450:4001:82f::200e
2a00:1450:4001:830::200e
2a00:1450:400c:c00::9a
2a02:26f0:480:586::3305
2a02:26f0:6c00:199::3801
2a02:26f0:6c00:1b6::277d
2a02:26f0:6c00::210:bb5a
2a03:2880:f083:6:face:b00c:0:2
2a03:2880:f083:9:face:b00c:0:3
2a04:4e42:200::396
2a04:4e42::285
31.177.17.3
31.192.112.221
34.120.45.191
34.220.132.2
35.186.251.103
44.236.126.204
45.223.19.47
47.246.110.43
47.246.146.68
52.216.33.89
52.49.136.217
52.73.84.74
52.84.150.36
72.246.169.121
99.81.52.213
02d2855c8a5417cd637df1e81f781e42ff2b12ad6dffb923a3822f16b5bfa82a
03d146cdaa4328bef3e99ab7f36508e2ac2c2b14152a690d1bf40fb7f9d44f69
04975704505b42dc124568d9d4be26aee2d4592826a0487920cb1d016d1a8e58
09f59dec091913bbeda475ff988bd016cbbf5214f4328ea22225c0349f3ceaa4
0def7d427fa544c082d6b9c5c79a5e1a2a26727caf801defd7eb7254834fc9cc
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
16321fe9e22fee2b05269ef1368905571029ba684273ca21057b0ca173966782
1c49c354c6e38714224c046944d887bf2a0be88a6460588f10e9941fcef7c821
1e30fbf65e2e8cf1e5fc829f1fe520509e8266f4478f856e89b2263d96f1950d
1e589330bfeb3738300c3c79d0bd373cd6f17cd8904927c7b99a06de2d1e647e
25b330da2bc7a79e58107c7f720989e31f2e143d064c631a2776ad3a86bb6e31
25d7d6a654ddd9817448bd2382c131af3f227c21f7a6f41a2a0077078f1e69a6
2b069ca470dafc7139c8b72a8705d459127e4ae5651af7410bad97df6e697ffc
30df34bd68d9d37f78d9d32cafddab0c3368e1fc8b9dc9acf6b5cc0061bfb739
30ef74ddf92b35cbef015816dc7da9b21623fd0e0f6a1fc0b2f4e00e523fba5d
311531734a617089da26f33a00b04c59f7f43ec730022c19fb7dbb1c0c86e551
315aeff2441467b44be1afda5d621beda31bc0b345e174a2e4b1f3c6920b6164
323d1a0eff82a9e675e1714076702af6460e750c0ca73852ce1e609f7be1fbb8
37acf5f6aa181790c9f46f7a25b5c89ecc46c35603b9b62c3086228faf72b26d
397ffcfb5320ceb408d20901fd627c6e6714ba522e68f8d6c0d832f78a2d788e
3a8ff59a7ddd1bff1862756337a59a3ef2660eeb346ce85f0a016cf4f0ae00df
3abf0038682bdd59400f4c78643e3e20bfd86b7f580b9187dcfe1a48d508cfc2
3c1f002ddf26d65dbbbdf486b2eba83aef3b7ef2ee046f48b7684e681d51dc87
3f351eef4b0a3ccd70ff9d4239851252a0a6eba79471e530f9deec0b3421d132
439af7d3bdea84d733baecf1bcf1a10cce95296b71e688ad1f231b4cd2165179
486ba168351c19d6297fdb944a8c532ddb1c2be56b9f6b4404e60ddd044dc758
4c4701ca975df0019b9ce5ffd2a8d33f413bad55663a9f64ba9369da7a444db0
51e58a8a9c2f46b6ac218f53da44c8cb282e0944b56ec288134aee5d7bd4a832
56c2927009c08e5a199ba91882ef3608e2bc64e067ddeb09dfdea7882c653ddc
5a5f6d94ab76fc2d6a73be82b664434e8ea5a9c49a9f902ad8f9929d7d59c5fd
5dc9d61931a73fa03b59af510868b7e89e4523df5a53935212ca8a9b31af0b8d
5df942f1b2d4d42480553a6f9f0500e64cc499e2ca026f0268a25e7030083162
67023ba35a5cc7d36d6d953220fb5bb7a27d9ec6a3694d3896cc4408950e87b0
6ec7158cb35fe5114293b5986862bbc06c0230962c56d8de9e0d8c686945bf42
70caa0698f1eaf8926a63cf57562eebccdd8b4de4eb03db817d72573fec93672
73c748a03b271d7a4d7c1ed120f668653c1d7ed4632748920048ddcde2e6d759
75cde5cd327239276b3bafb85d50f38fbd3b77bd15984deb9f6c02dd01b8ff86
762a540cc32fb868a998ff86b01c08de4e608410e07494d91c9f99af654663ad
77135c19f0970d11093cfb5f0f76906d0b1e933106c1c1001aeeedae370cf425
7de4fcbcb257f88d2f071b48c3adef82b2160eccf958ba1a6db42a95d910c6ed
7f3ab6073398ef58bdaff91dbead25aee78ec3b3846f91322d96c7d91e4405c9
7fe614fba48a859a342abbf024cc6cf640a4c44eda11668a25d0da115bc493d1
836ea9b48d456de1a2f99647e7a98afc23cf0f65f4eb9a5a4da9f3daeb19d02f
873d4ea27e3132833fa2f3dc013d75b586cd7fdc9976013349b30cbaf6d6a1c9
8868d2a2f803ea6802d54a11564b5b96c7d8be56117a328c8f605539d6dee167
88e90b6cee2e482fdc7b6ba16709a0cc5259f62b922c0b43dd27213fa52118b5
89022a4fe6cf4b0f3de7456eb6ba8b2b6b3ade9a18f71dd4a7f7e8f921cfaabe
8d9f92d4bef91b410b88e9c1479812db2983d10ac53a730137fd6bc75e760a1b
9b9b439612eecd459a6edf2abfcf4ae252710e0069772b1b78c4970b3c0f1830
9ff9843b07fc44904ccd9f097f84ef04b2002d9ecbb19ca93e5cdf1f5a73a98c
a01cc276994f239218382714a98ab745548580a1ed48ce1effe1ae28762beb16
a3fd37958dfdb099bac3039069910b97314c0f92024ae1e99c8b97398cbf9cba
a66cbaa6396f8b7923fffa0939d3ed8502aa3563963bab760f2e029c9a4602bd
a73a98563485541039998520eaa3f1b8475e8da1f9ae414a74c73df0d5f24f8a
a772d84f817667230b1db41b5611757807db174d803801c5faec80fe0827b968
ad853a72ac4fa4a7ea4700fb824906dbba6fd62e4f61e92449a5cba3f60ff1dc
adb6de4817a59a7447597d3431bff2a7b48b0ead564b9a863536d8c1de2f7524
b38ad8bc1e195c67915de1d2305c631d17982b6066d6cd8eeb392ef9861c5ee3
b5d439b0a1670a4a56384b0b48fcdfabef6e8a5124683f32c6913d1fe22e9563
c565fe4d6611526b28f06e0b9c170e54a58f06d94fd4281c8cbda8e062693474
ceee3033a5ccf02fc21156c9fd1615582472daad8b1a55ccf3335c1efa4683a7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d41b46e11a4df9636c6bd6f09783b454c8275581039fd80a137d33f6d8a29dbf
d4385eed37307de3a9a2a8c194b2a6dfeb7a5227f632698652d9dc99bf4b2171
d563bc1561bdb0e298779896c085ccf1d27e0dc41f7269414a8dcd513b8a754d
d6fb29bff62f470ba82e4ed36acb0743bbc4ed9fe19f80667e2c99dadaaf6b10
d7fc920686d3336379d7b0ea7276a01789533e71e3d36d27d14de9b93dbabd92
dc23bc46254c776c75d2cbac30b1a97a1d37fc832ee2a98b269d6ea0eb07d800
dd9c85c873b9b644468988e8165e079b0e747a550ce13fa3f7d0c1839b0fd503
e120d4108d783848da7af350edbc4ffc61ec1ce90c3c28024591b908914b3006
e146694637c659ec76a75f2f92253956460decf38696b9f77d825dde8308efaa
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8f1415f11afa97bbaf1ea4fddfaeca7fcf6b2184b839b0d56f564455bc3651a
eb0ff6310984300d30b043dc4ef505d20da8934ce32684598b8920a0867474e9
ecb723f9aca798139d451e08a9e0becea360c87848b9089dc31f856cda367c1b
eee06e3f30375c3ed6a4b4f4056e5fcf2c048c6b089fb97018ad922bc668d125
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef9f6ebf16cb41993ad6caab052116b32b9fab1fc7a05c36e539c4797d4c7da3
f452c0a329f17acfb74497d9ddef4a0d5af4166d43da2a3824387fc71205cd4f
f54b7353db73262d193f0cec9d355905cb487e22bf7b180793e7a8b683067276
f70c6e0720a4769e224d4ceb25d9908ae0f9da93dac347971cac311be73b1022
fcec016faf1ff5e1d30a5b852ea2341a02d33f79d790ad7357148fbbc63683ec
fd9b5046c749037a714eec9e37855a82330ebb0a0c9de4541504d2370e784464
fe32c9921874b35b87acb0a3b558784ca7b9fed91ed34c1d2a68b6566c9d09be
fe39eced72c33ae4c1b3bdd9843bc853265b9909040d41555faa02f62cb29ef2