login.2take.it Open in urlscan Pro
3.121.125.142 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://login.2take.it/
Submission: On October 08 via automatic, source certstream-suspicious (October 8th 2021, 5:43:35 am UTC) — Scanned from DE

Summary HTTP 71 Redirects Behaviour Indicators

Summary

This website contacted 21 IPs in 3 countries across 17 domains to perform 71 HTTP transactions. The main IP is 3.121.125.142, located in Frankfurt am Main, Germany and belongs to AMAZON-02, US. The main domain is login.2take.it.
TLS certificate: Issued by R3 on October 8th 2021. Valid for: 3 months.

This is the only time login.2take.it was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
8	3.121.125.142 3.121.125.142	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:80e::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:5614	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:82f::200e	15169 (GOOGLE) (GOOGLE)
10	35.158.222.40 35.158.222.40	16509 (AMAZON-02) (AMAZON-02)
1	104.111.230.79 104.111.230.79	16625 (AKAMAI-AS) (AKAMAI-AS)
13	3.124.133.227 3.124.133.227	16509 (AMAZON-02) (AMAZON-02)
4	2a03:2880:f01... 2a03:2880:f01c:216:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1450:400... 2a00:1450:4001:812::2008	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
1	142.250.184.194 142.250.184.194	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:6c0... 2a02:26f0:6c00::210:ba11	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2 8	2600:9000:215... 2600:9000:2156:4800:6:9280:1080:93a1	16509 (AMAZON-02) (AMAZON-02)
5	2a03:2880:f11... 2a03:2880:f11c:8083:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2 2	2620:119:50e1... 2620:119:50e1:101::6cae:b25	14413 (LINKEDIN) (LINKEDIN)
1 1	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	108.174.10.14 108.174.10.14	14413 (LINKEDIN) (LINKEDIN)
1	2a00:1450:400... 2a00:1450:400c:c01::9d	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
2 4	35.164.196.246 35.164.196.246	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:803::2004	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1288:80:... 2a00:1288:80:800::7000	203220 (YAHOO-DEB) (YAHOO-DEB)
71	21

8 3.121.125.142 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-121-125-142.eu-central-1.compute.amazonaws.com

login.2take.it	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5614 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 35.158.222.40 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-158-222-40.eu-central-1.compute.amazonaws.com

system.blovly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.230.79 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-230-79.deploy.static.akamaitechnologies.com

appleid.cdn-apple.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 3.124.133.227 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-124-133-227.eu-central-1.compute.amazonaws.com

chat.system.blovly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f01c:216:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.184.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00::210:ba11 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2600:9000:2156:4800:6:9280:1080:93a1 (United States) 2 redirects

ASN16509 (AMAZON-02, US)

s.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a03:2880:f11c:8083:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:119:50e1:101::6cae:b25 (United States) 2 redirects

ASN14413 (LINKEDIN, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:21::14 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.174.10.14 (United States)

ASN14413 (LINKEDIN, US)
PTR: 108-174-10-14.fwd.linkedin.com

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c01::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.164.196.246 (Boardman, United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-164-196-246.us-west-2.compute.amazonaws.com

d.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:803::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1288:80:800::7000 (Frankfurt am Main, Germany)

ASN203220 (YAHOO-DEB, GB)

ads.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
23	blovly.com system.blovly.com chat.system.blovly.com	531 KB
12	adroll.com 4 redirects s.adroll.com d.adroll.com	28 KB
8	2take.it login.2take.it	377 KB
5	facebook.com www.facebook.com	763 B
5	google.com apis.google.com www.google.com	113 KB
4	linkedin.com 3 redirects px.ads.linkedin.com www.linkedin.com px4.ads.linkedin.com	3 KB
4	facebook.net connect.facebook.net	457 KB
3	google.de www.google.de	784 B
3	doubleclick.net stats.g.doubleclick.net googleads.g.doubleclick.net	3 KB
2	google-analytics.com www.google-analytics.com	20 KB
2	googletagmanager.com www.googletagmanager.com	95 KB
2	googleapis.com fonts.googleapis.com	2 KB
1	yahoo.com ads.yahoo.com	444 B
1	licdn.com snap.licdn.com	2 KB
1	googleadservices.com www.googleadservices.com	15 KB
1	cdn-apple.com appleid.cdn-apple.com	17 KB
1	jsdelivr.net cdn.jsdelivr.net	46 KB
71	17

	Domain	Requested by
13	chat.system.blovly.com	login.2take.it chat.system.blovly.com
10	system.blovly.com	login.2take.it
8	s.adroll.com	2 redirects www.googletagmanager.com login.2take.it s.adroll.com d.adroll.com
8	login.2take.it	login.2take.it
5	www.facebook.com	login.2take.it
4	d.adroll.com	2 redirects s.adroll.com login.2take.it
4	connect.facebook.net	login.2take.it connect.facebook.net
3	www.google.de	login.2take.it
3	www.google.com	login.2take.it
2	googleads.g.doubleclick.net	www.googleadservices.com
2	px.ads.linkedin.com	2 redirects
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	www.googletagmanager.com	login.2take.it www.googletagmanager.com
2	apis.google.com	login.2take.it apis.google.com
2	fonts.googleapis.com	login.2take.it
1	ads.yahoo.com	login.2take.it
1	stats.g.doubleclick.net	www.google-analytics.com
1	px4.ads.linkedin.com	login.2take.it
1	www.linkedin.com	1 redirects
1	snap.licdn.com	www.googletagmanager.com
1	www.googleadservices.com	www.googletagmanager.com
1	appleid.cdn-apple.com	login.2take.it
1	cdn.jsdelivr.net	login.2take.it
71	23

This site contains no links.

Subject Issuer	Validity	Valid
login.2take.it R3	`2021-10-08` - `2022-01-06`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-03` - `2022-07-02`	a year	crt.sh
*.apis.google.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
2take.it Amazon	`2020-10-12` - `2021-11-11`	a year	crt.sh
appleid.cdn-apple.com Apple Public EV Server RSA CA 2 - G1	`2021-01-19` - `2022-02-18`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-09-09` - `2021-12-08`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.licdn.com DigiCert SHA2 Secure Server CA	`2021-07-15` - `2022-07-20`	a year	crt.sh
s.adroll.com Amazon	`2021-08-02` - `2022-08-31`	a year	crt.sh
px.ads.linkedin.com DigiCert SHA2 Secure Server CA	`2021-09-16` - `2022-03-16`	6 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
adroll.mgr.consensu.org Amazon	`2021-07-01` - `2022-07-30`	a year	crt.sh
www.google.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
www.google.de GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.ads.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-09-27` - `2021-11-17`	2 months	crt.sh

This page contains 1 frames:

Primary Page: https://login.2take.it/
Frame ID: 259DBC24FE4B0E3234B7928C1484BADD
Requests: 71 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Platforma lojalnościowa

Detected technologies

Apple Sign-in (Social logins) Expand

Overall confidence: 100%
Detected patterns

appleid\.auth\.js

Vuetify (UI frameworks) Expand

Overall confidence: 100%
Detected patterns

<div data-app[^>]+class="v-application

AdRoll (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

(?:a|s)\.adroll\.com

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
//cdn\.jsdelivr\.net/

Page Statistics

71
Requests

100 %
HTTPS

70 %
IPv6

17
Domains

23
Subdomains

21
IPs

3
Countries

1706 kB
Transfer

4910 kB
Size

21
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 45

https://s.adroll.com/j/exp/EAAJQQLXN5ECRBJ7EEPVAA/index.js HTTP 302
https://s.adroll.com/j/exp/index.js

Request Chain 46

https://s.adroll.com/j/pre/EAAJQQLXN5ECRBJ7EEPVAA/C6VYEG4ENFBS7OHJLSA4NZ/fpconsent.js HTTP 302
https://s.adroll.com/j/pre/index.js

Request Chain 49

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=46241&time=1633671810079&url=https%3A%2F%2Flogin.2take.it%2F HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D46241%26time%3D1633671810079%26url%3Dhttps%253A%252F%252Flogin.2take.it%252F%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=46241&time=1633671810079&url=https%3A%2F%2Flogin.2take.it%2F&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=46241&time=1633671810079&url=https%3A%2F%2Flogin.2take.it%2F&liSync=true&e_ipv6=AQIxCRbkhC16TwAAAXxebY-cRojvv9b1X0M2IkdELZL5jmOOGsf4R97VsRZJkSCb4BzAIF3KZ1U

Request Chain 62

https://d.adroll.com/pixel/EAAJQQLXN5ECRBJ7EEPVAA/C6VYEG4ENFBS7OHJLSA4NZ?adroll_fpc=7e1b0cf1d7ea932b54fe1afe51404bd0-1633671810676&arrfrr=https%3A%2F%2Flogin.2take.it%2F&xid_ch=f&pv=90933148210.21298&cookie=&adroll_s_ref=&keyw=&name=2ti HTTP 302
https://s.adroll.com/pixel/EAAJQQLXN5ECRBJ7EEPVAA/C6VYEG4ENFBS7OHJLSA4NZ/IYEZOTUONJHBXKFEEV5K2H.js

Request Chain 65

https://d.adroll.com/cm/r/out?adroll_fpc=7e1b0cf1d7ea932b54fe1afe51404bd0-1633671810676&arrfrr=https%3A%2F%2Flogin.2take.it%2F&xid_ch=f&advertisable=EAAJQQLXN5ECRBJ7EEPVAA HTTP 302
https://ads.yahoo.com/cms/v1?esig=1~bf4e7dc4546a90c08591652d78a230d3f2ef5733&nwid=10001032567&sigv=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA

71 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
login.2take.it/ 4 KB
2 KB 44ms
8ms Document
text/html 3.121.125.142
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://login.2take.it/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 3.121.125.142 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-121-125-142.eu-central-1.compute.amazonaws.com
Software: Apache/2.4.29 (Ubuntu) mod_fcgid/2.3.9 OpenSSL/1.1.1 /
Resource Hash: e10f693d9b885987efcd2ac1c2eb3cf545ae5b876cbc0118d620f323b7f4f9d7

Request headers

Host: login.2take.it
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Date: Fri, 08 Oct 2021 05:43:29 GMT
Server: Apache/2.4.29 (Ubuntu) mod_fcgid/2.3.9 OpenSSL/1.1.1
Last-Modified: Tue, 05 Oct 2021 14:48:18 GMT
ETag: "1071-5cd9c1ecbd201-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1650
Connection: close
Content-Type: text/html

GET
H/1.1 200
OK app.2cab0984.css
login.2take.it/css/ 27 KB
10 KB 22ms
8ms Stylesheet
text/css 3.121.125.142
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://login.2take.it/css/app.2cab0984.css
Requested by: Host: login.2take.it
URL: https://login.2take.it/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 3.121.125.142 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-121-125-142.eu-central-1.compute.amazonaws.com
Software: Apache/2.4.29 (Ubuntu) mod_fcgid/2.3.9 OpenSSL/1.1.1 /
Resource Hash: 7e6ba09595777651f4d020043ef51c7c4d577f83356bb953988dae9b028d139b

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: login.2take.it
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://login.2take.it/
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://login.2take.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Fri, 08 Oct 2021 05:43:29 GMT
Content-Encoding: gzip
Last-Modified: Fri, 01 Oct 2021 22:21:30 GMT
Server: Apache/2.4.29 (Ubuntu) mod_fcgid/2.3.9 OpenSSL/1.1.1
ETag: "6c8a-5cd51fc35b079-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: close
Accept-Ranges: bytes
Content-Length: 10289

GET
H/1.1 200
OK chunk-vendors.0fd159e1.css
login.2take.it/css/ 348 KB
40 KB 31ms
16ms Stylesheet
text/css 3.121.125.142
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://login.2take.it/css/chunk-vendors.0fd159e1.css
Requested by: Host: login.2take.it
URL: https://login.2take.it/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 3.121.125.142 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-121-125-142.eu-central-1.compute.amazonaws.com
Software: Apache/2.4.29 (Ubuntu) mod_fcgid/2.3.9 OpenSSL/1.1.1 /
Resource Hash: 96dcb5b41865fda63f5d0fb228d2e654d8ea438f637f9e3b30675065a97ebc99

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: login.2take.it
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://login.2take.it/
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://login.2take.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Fri, 08 Oct 2021 05:43:29 GMT
Content-Encoding: gzip
Last-Modified: Fri, 01 Oct 2021 22:21:31 GMT
Server: Apache/2.4.29 (Ubuntu) mod_fcgid/2.3.9 OpenSSL/1.1.1
ETag: "56f54-5cd51fc37d359-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: close
Accept-Ranges: bytes
Content-Length: 40883

GET
H/1.1 200
OK app.b25c3dbb.js Show response
login.2take.it/js/ 199 KB
45 KB 49ms
14ms Script
application/javascript 3.121.125.142
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://login.2take.it/js/app.b25c3dbb.js
Requested by: Host: login.2take.it
URL: https://login.2take.it/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 3.121.125.142 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-121-125-142.eu-central-1.compute.amazonaws.com
Software: Apache/2.4.29 (Ubuntu) mod_fcgid/2.3.9 OpenSSL/1.1.1 /
Resource Hash: 952cc5d0198ef30fbe42133e7f799fbad9ac18921278e690086a625f94e93de9

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: login.2take.it
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://login.2take.it/
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://login.2take.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Fri, 08 Oct 2021 05:43:29 GMT
Content-Encoding: gzip
Last-Modified: Tue, 05 Oct 2021 14:48:18 GMT
Server: Apache/2.4.29 (Ubuntu) mod_fcgid/2.3.9 OpenSSL/1.1.1
ETag: "31bc6-5cd9c1ecde542-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: close
Accept-Ranges: bytes
Content-Length: 45764

GET
H/1.1 200
OK chunk-vendors.85839fad.js Show response
login.2take.it/js/ 844 KB
268 KB 50ms
15ms Script
application/javascript 3.121.125.142
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://login.2take.it/js/chunk-vendors.85839fad.js
Requested by: Host: login.2take.it
URL: https://login.2take.it/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 3.121.125.142 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-121-125-142.eu-central-1.compute.amazonaws.com
Software: Apache/2.4.29 (Ubuntu) mod_fcgid/2.3.9 OpenSSL/1.1.1 /
Resource Hash: 960faef2d1f7c0a01d85cb7ec3d1b9bd2bae00bd9b5357288aae0f9d4256b8f4

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: login.2take.it
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://login.2take.it/
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://login.2take.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Fri, 08 Oct 2021 05:43:29 GMT
Content-Encoding: gzip
Last-Modified: Fri, 01 Oct 2021 22:21:31 GMT
Server: Apache/2.4.29 (Ubuntu) mod_fcgid/2.3.9 OpenSSL/1.1.1
ETag: "d3004-5cd51fc42339c-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: close
Accept-Ranges: bytes

GET
H/1.1 200
OK loading.css
login.2take.it/ 2 KB
747 B 33ms
8ms Stylesheet
text/css 3.121.125.142
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://login.2take.it/loading.css
Requested by: Host: login.2take.it
URL: https://login.2take.it/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 3.121.125.142 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-121-125-142.eu-central-1.compute.amazonaws.com
Software: Apache/2.4.29 (Ubuntu) mod_fcgid/2.3.9 OpenSSL/1.1.1 /
Resource Hash: c2cb8d5ca724ea85d9f7c0c857a05a35f4bbde3faaebae7e21457bfd52b6cb2f

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: login.2take.it
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://login.2take.it/
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://login.2take.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Fri, 08 Oct 2021 05:43:29 GMT
Content-Encoding: gzip
Last-Modified: Mon, 27 Sep 2021 11:56:20 GMT
Server: Apache/2.4.29 (Ubuntu) mod_fcgid/2.3.9 OpenSSL/1.1.1
ETag: "60c-5ccf8c908f9f1-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: close
Accept-Ranges: bytes
Content-Length: 418

GET
H2 200 css
fonts.googleapis.com/ 12 KB
2 KB 40ms
15ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:100,300,400,500,700,900

Requested by

Host: login.2take.it
URL: https://login.2take.it/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ba5c75008a133ef73a0eb980a0c37c168b6bd5db7279a90105697670440eeedf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://login.2take.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 08 Oct 2021 05:04:05 GMT
server: ESF
date: Fri, 08 Oct 2021 05:43:29 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires: Fri, 08 Oct 2021 05:43:29 GMT

GET
H2 200 css
fonts.googleapis.com/ 569 B
441 B 44ms
20ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Material+Icons

Requested by

Host: login.2take.it
URL: https://login.2take.it/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

cc78bbc89ae37cbd14089271a95f875d19faf024cbaf7474d4529d150108c0b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://login.2take.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 08 Oct 2021 05:43:29 GMT
server: ESF
date: Fri, 08 Oct 2021 05:43:29 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires: Fri, 08 Oct 2021 05:43:29 GMT

GET
H2 200 materialdesignicons.min.css
cdn.jsdelivr.net/npm/@mdi/font@latest/css/ 284 KB
46 KB 41ms
23ms Stylesheet
text/css 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/@mdi/font@latest/css/materialdesignicons.min.css

Requested by

Host: login.2take.it
URL: https://login.2take.it/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

42bb60211a7b7a99c48006e4e63d608bd81191956a7605210982b37eaffc58bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://login.2take.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 05:43:29 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 39924
x-jsd-version: 6.2.95
x-cache: HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by: cache-fra19125-FRA
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"46ece-BHd0jjk4erXkpQXEKTjVcccAnxo"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
cf-ray: 69ad0d4ae9d14aaa-FRA

GET
H2 200 api:client.js Show response
apis.google.com/js/ 12 KB
6 KB 74ms
47ms Script
application/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/api:client.js

Requested by

Host: login.2take.it
URL: https://login.2take.it/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

183750d769349faedbb6c7348ff7642fd2a77c64004e88b73dd63408ced7016e

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-hVkHsCWecZwsxoM5+2wTeA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://login.2take.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 05:43:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
x-ua-compatible: IE=edge, chrome=1
server: ESF
etag: "693a15f3af6f6cb512ea94bb3bb5d4ec"
x-frame-options: SAMEORIGIN
report-to: {"group":"AZM8iraZH88pL4jQdjcWpuaSZEaZk6SzMEy_nItKJ7e9QFtt","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraZH88pL4jQdjcWpuaSZEaZk6SzMEy_nItKJ7e9QFtt"}]}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
content-security-policy: script-src 'report-sample' 'nonce-hVkHsCWecZwsxoM5+2wTeA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="AZM8iraZH88pL4jQdjcWpuaSZEaZk6SzMEy_nItKJ7e9QFtt"
expires: Fri, 08 Oct 2021 05:43:29 GMT

GET
H/1.1 200
OK jquery.1.9.1.min.js Show response
system.blovly.com/assets/js/ 90 KB
33 KB 66ms
29ms Script
application/javascript 35.158.222.40
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://system.blovly.com/assets/js/jquery.1.9.1.min.js
Requested by: Host: login.2take.it
URL: https://login.2take.it/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.158.222.40 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-158-222-40.eu-central-1.compute.amazonaws.com
Software: Apache/2.4.48 (Ubuntu) /
Resource Hash: 7215ee4f0b6be500e7108320b5674583a97a9161bbd37d5f8a521d88fcf46ee3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://login.2take.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Fri, 08 Oct 2021 05:43:29 GMT
Content-Encoding: gzip
Last-Modified: Fri, 10 Jul 2020 12:38:37 GMT
Server: Apache/2.4.48 (Ubuntu)
ETag: "169dc-5aa159eb12d40-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-control: no-cache="set-cookie"
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 32779

GET
H/1.1 200
OK jquery.ui.widget.js Show response
system.blovly.com/assets/js/vendor/ 16 KB
6 KB 48ms
10ms Script
application/javascript 35.158.222.40
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://system.blovly.com/assets/js/vendor/jquery.ui.widget.js
Requested by: Host: login.2take.it
URL: https://login.2take.it/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.158.222.40 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-158-222-40.eu-central-1.compute.amazonaws.com
Software: Apache/2.4.48 (Ubuntu) /
Resource Hash: 0afa8c947b435fc74382c870974ded570bf39dcaaa30a37414bcd9acd6a9e3e2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://login.2take.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Fri, 08 Oct 2021 05:43:29 GMT
Content-Encoding: gzip
Last-Modified: Fri, 10 Jul 2020 12:38:37 GMT
Server: Apache/2.4.48 (Ubuntu)
ETag: "3ed9-5aa159eb12d40-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-control: no-cache="set-cookie"
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4977

GET
H/1.1 200
OK exif-js.js Show response
system.blovly.com/assets/js/ 40 KB
10 KB 50ms
11ms Script
application/javascript 35.158.222.40
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://system.blovly.com/assets/js/exif-js.js
Requested by: Host: login.2take.it
URL: https://login.2take.it/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.158.222.40 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-158-222-40.eu-central-1.compute.amazonaws.com
Software: Apache/2.4.48 (Ubuntu) /
Resource Hash: 06d7bce50ef847992ab4751c8584ced8d5abf7d55e6a62721599edc78419eeb0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://login.2take.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Fri, 08 Oct 2021 05:43:29 GMT
Content-Encoding: gzip
Last-Modified: Fri, 10 Jul 2020 12:38:37 GMT
Server: Apache/2.4.48 (Ubuntu)
ETag: "9e08-5aa159eb12d40-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-control: no-cache="set-cookie"
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 9214

GET
H/1.1 200
OK jquery.iframe-transport.js Show response
system.blovly.com/assets/js/ 11 KB
4 KB 49ms
10ms Script
application/javascript 35.158.222.40
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://system.blovly.com/assets/js/jquery.iframe-transport.js
Requested by: Host: login.2take.it
URL: https://login.2take.it/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.158.222.40 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-158-222-40.eu-central-1.compute.amazonaws.com
Software: Apache/2.4.48 (Ubuntu) /
Resource Hash: f6e9864c545c938343a869fcf464beaad8cdf5fadc80a68842f47836adf225b4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://login.2take.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Fri, 08 Oct 2021 05:43:29 GMT
Content-Encoding: gzip
Last-Modified: Fri, 10 Jul 2020 12:38:37 GMT
Server: Apache/2.4.48 (Ubuntu)
ETag: "2a8b-5aa159eb12d40-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-control: no-cache="set-cookie"
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2927

GET
H/1.1 200
OK load-image.all.min.js Show response
system.blovly.com/assets/js/ 17 KB
7 KB 52ms
11ms Script
application/javascript 35.158.222.40
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://system.blovly.com/assets/js/load-image.all.min.js
Requested by: Host: login.2take.it
URL: https://login.2take.it/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.158.222.40 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-158-222-40.eu-central-1.compute.amazonaws.com
Software: Apache/2.4.48 (Ubuntu) /
Resource Hash: 9c16e4871aa531f4cb14a841858c9dc42cc8d7ce6d5d3a30d5784521a46706dc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://login.2take.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Fri, 08 Oct 2021 05:43:29 GMT
Content-Encoding: gzip
Last-Modified: Fri, 10 Jul 2020 12:38:37 GMT
Server: Apache/2.4.48 (Ubuntu)
ETag: "4518-5aa159eb12d40-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-control: no-cache="set-cookie"
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5958

GET
H/1.1 200
OK canvas-to-blob.min.js Show response
system.blovly.com/assets/js/ 1 KB
1 KB 50ms
9ms Script
application/javascript 35.158.222.40
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://system.blovly.com/assets/js/canvas-to-blob.min.js
Requested by: Host: login.2take.it
URL: https://login.2take.it/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.158.222.40 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-158-222-40.eu-central-1.compute.amazonaws.com
Software: Apache/2.4.48 (Ubuntu) /
Resource Hash: 7e4e389c072794cb0cc4a4e610be9ea14ab7ccd12d566a2fa17b7209561b768b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://login.2take.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Fri, 08 Oct 2021 05:43:29 GMT
Content-Encoding: gzip
Last-Modified: Fri, 10 Jul 2020 12:38:37 GMT
Server: Apache/2.4.48 (Ubuntu)
ETag: "4cb-5aa159eb12d40-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-control: no-cache="set-cookie"
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 654

GET
H/1.1 200
OK jquery.fileupload.js Show response
system.blovly.com/assets/js/ 63 KB
14 KB 62ms
14ms Script
application/javascript 35.158.222.40
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://system.blovly.com/assets/js/jquery.fileupload.js
Requested by: Host: login.2take.it
URL: https://login.2take.it/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.158.222.40 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-158-222-40.eu-central-1.compute.amazonaws.com
Software: Apache/2.4.48 (Ubuntu) /
Resource Hash: 2f114f4b9f5459beb8be619b5142337e199b27bfa95247af98f6ed5da6a7b721

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://login.2take.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Fri, 08 Oct 2021 05:43:29 GMT
Content-Encoding: gzip
Last-Modified: Fri, 10 Jul 2020 12:38:37 GMT
Server: Apache/2.4.48 (Ubuntu)
ETag: "fa5c-5aa159eb12d40-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-control: no-cache="set-cookie"
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 13545

GET
H/1.1 200
OK jquery.fileupload-process.js Show response
system.blovly.com/assets/js/ 7 KB
2 KB 57ms
8ms Script
application/javascript 35.158.222.40
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://system.blovly.com/assets/js/jquery.fileupload-process.js
Requested by: Host: login.2take.it
URL: https://login.2take.it/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.158.222.40 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-158-222-40.eu-central-1.compute.amazonaws.com
Software: Apache/2.4.48 (Ubuntu) /
Resource Hash: 1f9f92d8345eb67acf8cc21aad2b1387b7ddadcb7a3308049736647b267f2ca2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://login.2take.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Fri, 08 Oct 2021 05:43:29 GMT
Content-Encoding: gzip
Last-Modified: Fri, 10 Jul 2020 12:38:37 GMT
Server: Apache/2.4.48 (Ubuntu)
ETag: "1a27-5aa159eb12d40-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-control: no-cache="set-cookie"
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1771

GET
H/1.1 200
OK jquery.fileupload-image.js Show response
system.blovly.com/assets/js/ 12 KB
3 KB 59ms
8ms Script
application/javascript 35.158.222.40
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://system.blovly.com/assets/js/jquery.fileupload-image.js
Requested by: Host: login.2take.it
URL: https://login.2take.it/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.158.222.40 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-158-222-40.eu-central-1.compute.amazonaws.com
Software: Apache/2.4.48 (Ubuntu) /
Resource Hash: 20087affa8555ecfb043a6157626682a1c961f97b7a08163940852d676df5cea

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://login.2take.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Fri, 08 Oct 2021 05:43:29 GMT
Content-Encoding: gzip
Last-Modified: Fri, 10 Jul 2020 12:38:37 GMT
Server: Apache/2.4.48 (Ubuntu)
ETag: "300b-5aa159eb12d40-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-control: no-cache="set-cookie"
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2664

GET
H/1.1 200
OK adapter-latest.js Show response
system.blovly.com/rest/js/ 163 KB
34 KB 68ms
17ms Script
application/javascript 35.158.222.40
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://system.blovly.com/rest/js/adapter-latest.js
Requested by: Host: login.2take.it
URL: https://login.2take.it/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.158.222.40 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-158-222-40.eu-central-1.compute.amazonaws.com
Software: Apache/2.4.48 (Ubuntu) /
Resource Hash: f1db1d65006747ab7d6dac08fe342b77292c279e5cb399a0e30fd5af694cb485

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://login.2take.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Fri, 08 Oct 2021 05:43:29 GMT
Content-Encoding: gzip
Last-Modified: Fri, 10 Jul 2020 12:38:35 GMT
Server: Apache/2.4.48 (Ubuntu)
ETag: "28c09-5aa159e92a8c0-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-control: no-cache="set-cookie"
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 34035

GET
H/1.1 200
OK appleid.auth.js Show response
appleid.cdn-apple.com/appleauth/static/jsapi/appleid/1/en_US/ 42 KB
17 KB 61ms
7ms Script
application/javascript 104.111.230.79
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://appleid.cdn-apple.com/appleauth/static/jsapi/appleid/1/en_US/appleid.auth.js

Requested by

Host: login.2take.it
URL: https://login.2take.it/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.111.230.79 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-230-79.deploy.static.akamaitechnologies.com

Software

Apple /

Resource Hash

60e60bf2583cf7444b00a4b0b8d46de5fd5816f768fc72fd71c643357132df69

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://login.2take.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Encoding: gzip
Last-Modified: Wed, 06 Oct 2021 18:02:38 GMT
Server: Apple
ETag: W/"42671-1633543358405"
Vary: accept-encoding
Content-Type: application/javascript;charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=86400,stale-while-revalidate=86400
Date: Fri, 08 Oct 2021 05:43:29 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 17247

GET
H/1.1 200
OK main.js Show response
chat.system.blovly.com/supportboard/js/ 152 KB
152 KB 49ms
18ms Script
application/javascript 3.124.133.227
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://chat.system.blovly.com/supportboard/js/main.js
Requested by: Host: login.2take.it
URL: https://login.2take.it/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.124.133.227 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-133-227.eu-central-1.compute.amazonaws.com
Software: Apache/2.4.25 (Unix) OpenSSL/1.0.2h mod_fcgid/2.3.9 PHP/7.1.4 /
Resource Hash: 1a2732a1de36370f13652e1411c785559e2ee43f93a7470f56e9c4dc71461ff0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://login.2take.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Fri, 08 Oct 2021 05:43:29 GMT
Last-Modified: Fri, 18 Jun 2021 15:20:13 GMT
Server: Apache/2.4.25 (Unix) OpenSSL/1.0.2h mod_fcgid/2.3.9 PHP/7.1.4
ETag: "26042-5c50bdc37a56d"
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 155714

GET
H/1.1 200
OK init.js Show response
chat.system.blovly.com/supportboard/js/ 4 KB
4 KB 43ms
11ms Script
application/javascript 3.124.133.227
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://chat.system.blovly.com/supportboard/js/init.js
Requested by: Host: login.2take.it
URL: https://login.2take.it/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.124.133.227 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-133-227.eu-central-1.compute.amazonaws.com
Software: Apache/2.4.25 (Unix) OpenSSL/1.0.2h mod_fcgid/2.3.9 PHP/7.1.4 /
Resource Hash: f3145c6ede5ef87c304d2da0a3cb3c2608a5bfe4426eb9634cf9e5dc7cdc053e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://login.2take.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Fri, 08 Oct 2021 05:43:29 GMT
Last-Modified: Mon, 12 Oct 2020 22:25:21 GMT
Server: Apache/2.4.25 (Unix) OpenSSL/1.0.2h mod_fcgid/2.3.9 PHP/7.1.4
ETag: "f6e-5b180c6244752"
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3950

GET
H2 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.yUoUa-d8e1E.O/m=client/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCMxrycmnC1khz2ORddaX90UOzgNPA/ 311 KB
106 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.yUoUa-d8e1E.O/m=client/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCMxrycmnC1khz2ORddaX90UOzgNPA/cb=gapi.loaded_0

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/api:client.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c70f4d8f51a2419bd5481f7dc4651538c1e1f1f0e7bd9b44622726f0e92100d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://login.2take.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 19:09:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 210844
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 107879
x-xss-protection: 0
last-modified: Fri, 10 Sep 2021 23:24:10 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="social-frontend-mpm-access"
expires: Wed, 05 Oct 2022 19:09:25 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 98 KB
26 KB 29ms
7ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: login.2take.it
URL: https://login.2take.it/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

2bc2179dbcac09de834853fc91b815d3bea8112276b7b789f610078d399bcb47

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://login.2take.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 25967
x-xss-protection: 0
pragma: public
x-fb-debug: EalfiKchoVVOMfNKioLj9s+KJyo8Ggi3K0B47yp1mCPvHG9//cLgrheJroE/6O0xY4/L9NDMvoxO2Huh5SqGOA==
x-fb-trip-id: 686109401
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Fri, 08 Oct 2021 05:43:29 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 156 KB
57 KB 43ms
21ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PCZWGL9

Requested by

Host: login.2take.it
URL: https://login.2take.it/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c40ddcb120b5e1659bb740ccf3a9ee5841adb629f38a4315ccc462658007b1fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://login.2take.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 05:43:29 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 57366
x-xss-protection: 0
last-modified: Fri, 08 Oct 2021 03:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 08 Oct 2021 05:43:29 GMT

GET
H/1.1 400
Bad Request getstyles
login.2take.it/api/web/company/ 0
0 45ms
31ms Stylesheet
application/json 3.121.125.142
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://login.2take.it/api/web/company/getstyles?url_name=null
Requested by: Host: login.2take.it
URL: https://login.2take.it/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 3.121.125.142 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-121-125-142.eu-central-1.compute.amazonaws.com
Software: Apache/2.4.29 (Ubuntu) mod_fcgid/2.3.9 OpenSSL/1.1.1 /
Resource Hash

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: login.2take.it
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://login.2take.it/
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://login.2take.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Fri, 08 Oct 2021 05:43:29 GMT
Server: Apache/2.4.29 (Ubuntu) mod_fcgid/2.3.9 OpenSSL/1.1.1
Connection: close
Access-Control-Expose-Headers
Content-Length: 43
Vary: Accept
Content-Type: application/json; charset=UTF-8

GET
H/1.1 200
OK language Show response
login.2take.it/api/web/user/ 11 KB
11 KB 64ms
49ms XHR
application/json 3.121.125.142
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://login.2take.it/api/web/user/language?lang=en
Requested by: Host: login.2take.it
URL: https://login.2take.it/js/chunk-vendors.85839fad.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 3.121.125.142 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-121-125-142.eu-central-1.compute.amazonaws.com
Software: Apache/2.4.29 (Ubuntu) mod_fcgid/2.3.9 OpenSSL/1.1.1 /
Resource Hash: 05515afa1f063d54b0921debbb8f4d2a08ed0e6f13ec4d5751bbd1924610d382

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: login.2take.it
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: cors
Accept: application/json, text/plain, */*
Cache-Control: no-cache
Sec-Fetch-Dest: empty
Authorization
Connection: keep-alive
Referer: https://login.2take.it/
Accept: application/json, text/plain, */*
Cache-Control: no-cache
Authorization
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Referer: https://login.2take.it/

Response headers

Date: Fri, 08 Oct 2021 05:43:29 GMT
Vary: Accept
Server: Apache/2.4.29 (Ubuntu) mod_fcgid/2.3.9 OpenSSL/1.1.1
Connection: close
Access-Control-Expose-Headers
Transfer-Encoding: chunked
Content-Type: application/json; charset=UTF-8

GET
H/1.1 200
OK init.php Show response
chat.system.blovly.com/supportboard/include/ 7 KB
7 KB 35ms
19ms XHR
text/html 3.124.133.227
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://chat.system.blovly.com/supportboard/include/init.php?lang=pl
Requested by: Host: chat.system.blovly.com
URL: https://chat.system.blovly.com/supportboard/js/init.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.124.133.227 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-133-227.eu-central-1.compute.amazonaws.com
Software: Apache/2.4.25 (Unix) OpenSSL/1.0.2h mod_fcgid/2.3.9 PHP/7.1.4 / PHP/7.1.4
Resource Hash: 44644e5150aba37a872a759584bb278c5ca807fa616759d1f3ff7a76a5ea328f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://login.2take.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 08 Oct 2021 05:43:29 GMT
Server: Apache/2.4.25 (Unix) OpenSSL/1.0.2h mod_fcgid/2.3.9 PHP/7.1.4
X-Powered-By: PHP/7.1.4
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Length: 7108
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 200
OK main.min.css
chat.system.blovly.com/supportboard/css/min/ 54 KB
54 KB 16ms
16ms Stylesheet
text/css 3.124.133.227
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://chat.system.blovly.com/supportboard/css/min/main.min.css?v=3.0.4
Requested by: Host: chat.system.blovly.com
URL: https://chat.system.blovly.com/supportboard/js/init.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.124.133.227 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-133-227.eu-central-1.compute.amazonaws.com
Software: Apache/2.4.25 (Unix) OpenSSL/1.0.2h mod_fcgid/2.3.9 PHP/7.1.4 /
Resource Hash: f928e5cc1fdc43a2fb202de6a697f081462a46fd35f6a1346f58c149bb1af447

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://login.2take.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Fri, 08 Oct 2021 05:43:29 GMT
Last-Modified: Wed, 11 Nov 2020 20:04:56 GMT
Server: Apache/2.4.25 (Unix) OpenSSL/1.0.2h mod_fcgid/2.3.9 PHP/7.1.4
ETag: "d85b-5b3da4f2d0060"
Content-Type: text/css
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 55387

GET
H/1.1 200
OK main.js Show response
chat.system.blovly.com/supportboard/js/ 152 KB
152 KB 19ms
18ms Script
application/javascript 3.124.133.227
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://chat.system.blovly.com/supportboard/js/main.js?v=3.0.4
Requested by: Host: chat.system.blovly.com
URL: https://chat.system.blovly.com/supportboard/js/init.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.124.133.227 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-133-227.eu-central-1.compute.amazonaws.com
Software: Apache/2.4.25 (Unix) OpenSSL/1.0.2h mod_fcgid/2.3.9 PHP/7.1.4 /
Resource Hash: 1a2732a1de36370f13652e1411c785559e2ee43f93a7470f56e9c4dc71461ff0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://login.2take.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Fri, 08 Oct 2021 05:43:29 GMT
Last-Modified: Fri, 18 Jun 2021 15:20:13 GMT
Server: Apache/2.4.25 (Unix) OpenSSL/1.0.2h mod_fcgid/2.3.9 PHP/7.1.4
ETag: "26042-5c50bdc37a56d"
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 155714

GET
H/1.1 200
OK bell.svg
chat.system.blovly.com/supportboard/media/ 2 KB
2 KB 28ms
9ms Image
image/svg+xml 3.124.133.227
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://chat.system.blovly.com/supportboard/media/bell.svg
Requested by: Host: login.2take.it
URL: https://login.2take.it/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.124.133.227 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-133-227.eu-central-1.compute.amazonaws.com
Software: Apache/2.4.25 (Unix) OpenSSL/1.0.2h mod_fcgid/2.3.9 PHP/7.1.4 /
Resource Hash: 331673250a349eaed66c3aad0147381ea76002b1a40c165e2a016ee10e69488c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://login.2take.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Fri, 08 Oct 2021 05:43:30 GMT
Last-Modified: Mon, 12 Oct 2020 22:25:22 GMT
Server: Apache/2.4.25 (Unix) OpenSSL/1.0.2h mod_fcgid/2.3.9 PHP/7.1.4
ETag: "644-5b180c6297773"
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1604

GET
H/1.1 200
OK loader.svg
chat.system.blovly.com/supportboard/media/ 657 B
985 B 33ms
14ms Image
image/svg+xml 3.124.133.227
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://chat.system.blovly.com/supportboard/media/loader.svg
Requested by: Host: login.2take.it
URL: https://login.2take.it/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.124.133.227 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-133-227.eu-central-1.compute.amazonaws.com
Software: Apache/2.4.25 (Unix) OpenSSL/1.0.2h mod_fcgid/2.3.9 PHP/7.1.4 /
Resource Hash: 0aa0af4eb29e8ac243d5879f4b1b70cb4dcab4069686ee082ad9a11f16392cc1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://login.2take.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Fri, 08 Oct 2021 05:43:30 GMT
Last-Modified: Sat, 20 Jun 2020 13:53:14 GMT
Server: Apache/2.4.25 (Unix) OpenSSL/1.0.2h mod_fcgid/2.3.9 PHP/7.1.4
ETag: "291-5a88454bbce49"
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 657

GET
H/1.1 200
OK chat-icon.png
chat.system.blovly.com/supportboard/media/ 3 KB
3 KB 36ms
16ms Image
image/png 3.124.133.227
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://chat.system.blovly.com/supportboard/media/chat-icon.png
Requested by: Host: login.2take.it
URL: https://login.2take.it/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.124.133.227 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-133-227.eu-central-1.compute.amazonaws.com
Software: Apache/2.4.25 (Unix) OpenSSL/1.0.2h mod_fcgid/2.3.9 PHP/7.1.4 /
Resource Hash: b154742e45cce0f7bb88b804909e7912cf974c539d7043eb636bb2f25e2931b3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://login.2take.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Fri, 08 Oct 2021 05:43:30 GMT
Last-Modified: Thu, 12 Nov 2020 14:34:57 GMT
Server: Apache/2.4.25 (Unix) OpenSSL/1.0.2h mod_fcgid/2.3.9 PHP/7.1.4
ETag: "b7d-5b3e9d0eb9549"
Content-Type: image/png
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2941

GET
H/1.1 200
OK close.svg
chat.system.blovly.com/supportboard/media/ 1 KB
1 KB 36ms
16ms Image
image/svg+xml 3.124.133.227
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://chat.system.blovly.com/supportboard/media/close.svg
Requested by: Host: login.2take.it
URL: https://login.2take.it/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.124.133.227 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-133-227.eu-central-1.compute.amazonaws.com
Software: Apache/2.4.25 (Unix) OpenSSL/1.0.2h mod_fcgid/2.3.9 PHP/7.1.4 /
Resource Hash: e486e2cf644291fcce8b0b867ff01ef9dba9269306bcb2e66608163dfda98947

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://login.2take.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Fri, 08 Oct 2021 05:43:30 GMT
Last-Modified: Sat, 20 Jun 2020 13:53:05 GMT
Server: Apache/2.4.25 (Unix) OpenSSL/1.0.2h mod_fcgid/2.3.9 PHP/7.1.4
ETag: "42a-5a884542eeff4"
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1066

GET
H2 200 1168953883119698 Show response
connect.facebook.net/signals/config/ 490 KB
144 KB 11ms
10ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1168953883119698?v=2.9.47&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

8d80ca933559684239a9569393e0b45d0520e918f96d49e1a14a23166534c1d6

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://login.2take.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 146767
x-xss-protection: 0
pragma: public
x-fb-debug: 9PjgswHYryfNTsGJbfWa7VS+2SK4X7DqRmOR8pSbUMFh1eEqxYLPbaFt2u5Xsd00+JZ+8xdLwq3NtsjIiqYOaw==
x-fb-trip-id: 686109401
x-frame-options: DENY
date: Fri, 08 Oct 2021 05:43:30 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 206
Partial Content sound.mp3
chat.system.blovly.com/supportboard/media/ 16 KB
16 KB 20ms
18ms Media
audio/mpeg 3.124.133.227
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://chat.system.blovly.com/supportboard/media/sound.mp3
Requested by: Host: login.2take.it
URL: https://login.2take.it/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.124.133.227 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-133-227.eu-central-1.compute.amazonaws.com
Software: Apache/2.4.25 (Unix) OpenSSL/1.0.2h mod_fcgid/2.3.9 PHP/7.1.4 /
Resource Hash: 1ecd085b6d0693df4081d97f01b27b60d82418b83da600a340d6efd629f7c591

Request headers

Referer: https://login.2take.it/
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Range: bytes=0-

Response headers

Date: Fri, 08 Oct 2021 05:43:30 GMT
Last-Modified: Sat, 20 Jun 2020 13:53:14 GMT
Server: Apache/2.4.25 (Unix) OpenSSL/1.0.2h mod_fcgid/2.3.9 PHP/7.1.4
Access-Control-Allow-Origin: *
ETag: "3f2c-5a88454bd9368"
Content-Type: audio/mpeg
Content-Range: bytes 0-16171/16172
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 16172

GET
H/1.1 206
Partial Content sound-out.mp3
chat.system.blovly.com/supportboard/media/ 17 KB
17 KB 14ms
14ms Media
audio/mpeg 3.124.133.227
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://chat.system.blovly.com/supportboard/media/sound-out.mp3
Requested by: Host: login.2take.it
URL: https://login.2take.it/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.124.133.227 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-133-227.eu-central-1.compute.amazonaws.com
Software: Apache/2.4.25 (Unix) OpenSSL/1.0.2h mod_fcgid/2.3.9 PHP/7.1.4 /
Resource Hash: 8679c992d10ed3daa402e1c839defa668a5c75e5aa76cd21af26a1c83dbb7a26

Request headers

Referer: https://login.2take.it/
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Range: bytes=0-

Response headers

Date: Fri, 08 Oct 2021 05:43:30 GMT
Last-Modified: Sat, 20 Jun 2020 13:53:14 GMT
Server: Apache/2.4.25 (Unix) OpenSSL/1.0.2h mod_fcgid/2.3.9 PHP/7.1.4
Access-Control-Allow-Origin: *
ETag: "431c-5a88454bcf728"
Content-Type: audio/mpeg
Content-Range: bytes 0-17179/17180
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 17180

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
20 KB 30ms
7ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PCZWGL9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://login.2take.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 11 Aug 2021 00:32:57 GMT
server: Golfe2
age: 6144
date: Fri, 08 Oct 2021 04:01:06 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19747
expires: Fri, 08 Oct 2021 06:01:06 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 37 KB
15 KB 58ms
31ms Script
text/javascript 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PCZWGL9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

c7395cb3e42311d894b6f20d9877912ec71e9d81c63a1292455923588c6e803b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://login.2take.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 05:43:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14394
x-xss-protection: 0
server: cafe
etag: 14335902481360483811
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 08 Oct 2021 05:43:30 GMT

GET
H/1.1 200
OK insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 5 KB
2 KB 47ms
7ms Script
application/x-javascript 2a02:26f0:6c00::210:ba11
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PCZWGL9
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba11 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: fed785a6a8ca96fb67230fec5d85f9c508db49f4075aa0ef284af56cd89813e3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://login.2take.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Fri, 08 Oct 2021 05:43:30 GMT
Content-Encoding: gzip
Last-Modified: Wed, 29 Sep 2021 19:17:49 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=19714
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2036

GET
H/1.1 200
OK roundtrip.js Show response
s.adroll.com/j/ 45 KB
15 KB 28ms
8ms Script
text/javascript 2600:9000:2156:4800:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/roundtrip.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PCZWGL9
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:4800:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 00a838051c95fd70f609e56b14160f3b11f9cc925ebf863b6b6d05aa05f18410

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://login.2take.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

X-Amz-Version-Id: 9NNHadHlPAJi_ZEEDzqWdczclsfujfUk
Content-Encoding: gzip
Etag: W/"42b7053581646365ea5fe1cf37686183"
X-Edge-Origin-Shield-Skipped: 0
X-Amz-Server-Side-Encryption: AES256
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Access-Control-Max-Age: 600
Connection: keep-alive
Access-Control-Allow-Origin: *
Last-Modified: Thu, 30 Sep 2021 23:17:42 GMT
Server: AmazonS3
Date: Fri, 08 Oct 2021 05:19:02 GMT
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: text/javascript
Via: 1.1 a1098f0eeab192209962e3a9d76d0339.cloudfront.net (CloudFront)
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
X-Amz-Cf-Pop: FRA50-C1
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: KKsqRVlrT0KqLEGnyU5hA35eghSCqkeYNsJ9iUS9UBQ3er7puWSYeg==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 97 KB
39 KB 36ms
35ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-944885369

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PCZWGL9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3598b3b51a13903e42051ce9bb1025c872063417227a66bce1542188e756ed3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://login.2take.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 05:43:30 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39536
x-xss-protection: 0
last-modified: Fri, 08 Oct 2021 03:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 08 Oct 2021 05:43:30 GMT

POST
H/1.1 200
OK ajax.php Show response
chat.system.blovly.com/supportboard/include/ 5 KB
6 KB 35ms
35ms XHR
text/html 3.124.133.227
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://chat.system.blovly.com/supportboard/include/ajax.php
Requested by: Host: login.2take.it
URL: https://login.2take.it/js/chunk-vendors.85839fad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.124.133.227 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-133-227.eu-central-1.compute.amazonaws.com
Software: Apache/2.4.25 (Unix) OpenSSL/1.0.2h mod_fcgid/2.3.9 PHP/7.1.4 / PHP/7.1.4
Resource Hash: 3a21e0af6b3ee300f6b003045a540e51f8db2af91560df11052635353f666c71

Request headers

Accept: */*
Referer: https://login.2take.it/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma: no-cache
Date: Fri, 08 Oct 2021 05:43:30 GMT
Server: Apache/2.4.25 (Unix) OpenSSL/1.0.2h mod_fcgid/2.3.9 PHP/7.1.4
X-Powered-By: PHP/7.1.4
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Length: 5249
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 227267281028028 Show response
connect.facebook.net/signals/config/ 489 KB
143 KB 8ms
8ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/227267281028028?v=2.9.47&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

522ad34d4389e4358221744e9885e9377de0d9919fd9008eeaba7ce9b966a4cb

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://login.2take.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 146662
x-xss-protection: 0
pragma: public
x-fb-debug: qI7G0SlDRvYeCQwzLH0hi9MzrxtBRgFLUN3SktHSBfW3kK2QWZZmVuyT+yBsRUM7KXwtbMs9VRl5BhgwIfi/uw==
x-fb-trip-id: 686109401
x-frame-options: DENY
date: Fri, 08 Oct 2021 05:43:30 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
313 B 21ms
6ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1168953883119698&ev=PageView&dl=https%3A%2F%2Flogin.2take.it%2F&rl=&if=false&ts=1633671810068&sw=1600&sh=1200&v=2.9.47&r=stable&ec=0&o=30&fbp=fb.1.1633671810066.1752085421&it=1633671809998&coo=false&rqm=GET

Requested by

Host: login.2take.it
URL: https://login.2take.it/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://login.2take.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 05:43:30 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Fri, 08 Oct 2021 05:43:30 GMT

GET
H/1.1

200
OK

index.js Show response
s.adroll.com/j/exp/
Redirect Chain

https://s.adroll.com/j/exp/EAAJQQLXN5ECRBJ7EEPVAA/index.js
https://s.adroll.com/j/exp/index.js

28 B
783 B

8ms
8ms

Script
application/javascript

2600:9000:2156:4800:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/exp/index.js
Requested by: Host: login.2take.it
URL: https://login.2take.it/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:4800:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://login.2take.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

X-Amz-Version-Id: negMAsSEs.M1Zq1srV8VMS7DU8lxhds7
Via: 1.1 ba77f90aac0ddbc2c4c2c02062fac762.cloudfront.net (CloudFront)
Etag: "5816cced8568d223aa09d889f300692b"
X-Edge-Origin-Shield-Skipped: 0
X-Amz-Server-Side-Encryption: AES256
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 28
Last-Modified: Mon, 19 Jul 2021 22:23:14 GMT
Server: AmazonS3
Date: Thu, 07 Oct 2021 19:30:51 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
X-Amz-Cf-Pop: FRA50-C1
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: Z4L3kzO_F82Da0suUjHweM3LpCNbzqbvVZiztRi-DRuGac47RlbQ3w==

Redirect headers

Date: Thu, 07 Oct 2021 21:55:09 GMT
Via: 1.1 a1098f0eeab192209962e3a9d76d0339.cloudfront.net (CloudFront)
X-Edge-Origin-Shield-Skipped: 0
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 0
Access-Control-Allow-Origin: *
Server: AmazonS3
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: application/xml
Location: https://s.adroll.com/j/exp/index.js
Access-Control-Allow-Credentials: false
X-Amz-Cf-Pop: FRA50-C1
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: phl6uADDtRzvyhzmSdg4NXvc9vi8yRfyR8TVBqd2YIToo_bHHwI6UQ==

GET
H/1.1

200
OK

index.js Show response
s.adroll.com/j/pre/
Redirect Chain

https://s.adroll.com/j/pre/EAAJQQLXN5ECRBJ7EEPVAA/C6VYEG4ENFBS7OHJLSA4NZ/fpconsent.js
https://s.adroll.com/j/pre/index.js

0
754 B

8ms
8ms

Script
application/javascript

2600:9000:2156:4800:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/pre/index.js
Requested by: Host: login.2take.it
URL: https://login.2take.it/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:4800:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://login.2take.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

X-Amz-Version-Id: nQEe8wQ7h0ROt7P4GJfDfstto6x684Hy
Via: 1.1 d627b75d0c1aedd3691390ac8498d3b0.cloudfront.net (CloudFront)
Etag: "d41d8cd98f00b204e9800998ecf8427e"
X-Edge-Origin-Shield-Skipped: 0
X-Amz-Server-Side-Encryption: AES256
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 0
Last-Modified: Wed, 15 Jan 2020 23:54:18 GMT
Server: AmazonS3
Date: Fri, 08 Oct 2021 04:45:29 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
X-Amz-Cf-Pop: FRA50-C1
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: zX32oDnh7f0Wvl_yoarsGHmGBwOGXVdbxkBGJmbQNaqbBMRDvw2U2Q==

Redirect headers

Date: Thu, 07 Oct 2021 19:52:56 GMT
Via: 1.1 a1098f0eeab192209962e3a9d76d0339.cloudfront.net (CloudFront)
X-Edge-Origin-Shield-Skipped: 0
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 0
Access-Control-Allow-Origin: *
Server: AmazonS3
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: application/xml
Location: https://s.adroll.com/j/pre/index.js
Access-Control-Allow-Credentials: false
X-Amz-Cf-Pop: FRA50-C1
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: y6XLe7Z5B8ybW0cwCIYPhNRJ18PKTTbYUslr5CvpigijozM9ferx1A==

GET
H/1.1 200
OK index.js Show response
s.adroll.com/j/pre/EAAJQQLXN5ECRBJ7EEPVAA/C6VYEG4ENFBS7OHJLSA4NZ/ 0
808 B 30ms
15ms Script
text/javascript 2600:9000:2156:4800:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/pre/EAAJQQLXN5ECRBJ7EEPVAA/C6VYEG4ENFBS7OHJLSA4NZ/index.js
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:4800:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://login.2take.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

X-Amz-Version-Id: EeoXfOZ5q.T0Th26Waiz9L06dQIQrh6U
Via: 1.1 d627b75d0c1aedd3691390ac8498d3b0.cloudfront.net (CloudFront)
Etag: "d41d8cd98f00b204e9800998ecf8427e"
X-Edge-Origin-Shield-Skipped: 0
X-Amz-Server-Side-Encryption: AES256
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 0
Last-Modified: Thu, 07 Oct 2021 04:20:19 GMT
Server: AmazonS3
Date: Fri, 08 Oct 2021 05:43:30 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
X-Amz-Cf-Pop: FRA50-C1
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: rBOYN8ZO4ggVBSa9cQ028sjbVY7A0h3q7LSuLcNMgfm_xA6eIwCJAg==

POST
H/1.1 200
OK ajax.php Show response
chat.system.blovly.com/supportboard/include/ 17 B
453 B 9ms
9ms XHR
text/html 3.124.133.227
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://chat.system.blovly.com/supportboard/include/ajax.php
Requested by: Host: login.2take.it
URL: https://login.2take.it/js/chunk-vendors.85839fad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.124.133.227 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-133-227.eu-central-1.compute.amazonaws.com
Software: Apache/2.4.25 (Unix) OpenSSL/1.0.2h mod_fcgid/2.3.9 PHP/7.1.4 / PHP/7.1.4
Resource Hash: 7a7e0a12a132c6400af7b1b665a3615298ce15466c5c25daa8acb793a549206b

Request headers

Accept: */*
Referer: https://login.2take.it/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma: no-cache
Date: Fri, 08 Oct 2021 05:43:30 GMT
Server: Apache/2.4.25 (Unix) OpenSSL/1.0.2h mod_fcgid/2.3.9 PHP/7.1.4
X-Powered-By: PHP/7.1.4
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Length: 17
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=46241&time=1633671810079&url=https%3A%2F%2Flogin.2take.it%2F
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D46241%26time%3D1633671810079%26url%3Dhttps%253A%252F%252Flogin.2take.it%252F%26li...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=46241&time=1633671810079&url=https%3A%2F%2Flogin.2take.it%2F&liSync=true
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=46241&time=1633671810079&url=https%3A%2F%2Flogin.2take.it%2F&liSync=true&e_ipv6=AQIxCRbkhC16TwAAAXxebY-cRojvv9b1X0M2IkdELZL5jmOOGsf4R97VsRZJkSCb4...

0
156 B

371ms
177ms

Image
application/javascript

108.174.10.14
LINKEDIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=46241&time=1633671810079&url=https%3A%2F%2Flogin.2take.it%2F&liSync=true&e_ipv6=AQIxCRbkhC16TwAAAXxebY-cRojvv9b1X0M2IkdELZL5jmOOGsf4R97VsRZJkSCb4BzAIF3KZ1U
Requested by: Host: login.2take.it
URL: https://login.2take.it/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.174.10.14 , United States, ASN14413 (LINKEDIN, US),
Reverse DNS: 108-174-10-14.fwd.linkedin.com
Software: Play /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://login.2take.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 05:43:31 GMT
server: Play
linkedin-action: 1
x-li-fabric: prod-lor1
x-li-proto: http/2
x-li-pop: prod-edc2
content-type: application/javascript
content-length: 0
x-li-uuid: AlBbWNv3qxZQ2EmN7CoAAA==

Redirect headers

date: Fri, 08 Oct 2021 05:43:30 GMT
server: Play
linkedin-action: 1
x-li-fabric: prod-lor1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=46241&time=1633671810079&url=https%3A%2F%2Flogin.2take.it%2F&liSync=true&e_ipv6=AQIxCRbkhC16TwAAAXxebY-cRojvv9b1X0M2IkdELZL5jmOOGsf4R97VsRZJkSCb4BzAIF3KZ1U
x-li-proto: http/2
x-li-pop: prod-esv5
content-length: 0
x-li-uuid: 5IOMQ9v3qxZAQvPADSsAAA==

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
206 B 14ms
14ms XHR
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j93&a=1419082610&t=pageview&_s=1&dl=https%3A%2F%2Flogin.2take.it%2F&ul=en-us&de=UTF-8&dt=Platforma%20lojalno%C5%9Bciowa&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=520964443&gjid=1456333370&cid=260396851.1633671810&tid=UA-64042902-3&_gid=1652052568.1633671810&_r=1&gtm=2wga60PCZWGL9&z=1005467304

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://login.2take.it/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 08 Oct 2021 05:43:30 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://login.2take.it
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
462 B 43ms
15ms XHR
text/plain 2a00:1450:400c:c01::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-64042902-3&cid=260396851.1633671810&jid=520964443&gjid=1456333370&_gid=1652052568.1633671810&_u=YEBAAEAAAAAAAC~&z=49278870

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c01::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://login.2take.it/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 08 Oct 2021 05:43:30 GMT
content-type: text/plain
access-control-allow-origin: https://login.2take.it
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/944885369/ 2 KB
1 KB 40ms
18ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/944885369/?random=1633671810165&cv=9&fst=1633671810165&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaa60&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Flogin.2take.it%2F&tiba=Platforma%20lojalno%C5%9Bciowa&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f358770a1d95188b1627af2cbf17baabd23e2db789ebb0d892ecd1caad039f71

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://login.2take.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Oct 2021 05:43:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1040
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/944885369/ 2 KB
2 KB 38ms
17ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/944885369/?random=1633671810168&cv=9&fst=1633671810168&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wga60&sendb=1&ig=1&frm=0&url=https%3A%2F%2Flogin.2take.it%2F&tiba=Platforma%20lojalno%C5%9Bciowa&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

26e3617dfd27c28b19ed45dfbb4376562870b515a2d69cb1b3b97ba26b91fee5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://login.2take.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Oct 2021 05:43:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1009
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
101 B 7ms
6ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=227267281028028&ev=PageView&dl=https%3A%2F%2Flogin.2take.it%2F&rl=&if=false&ts=1633671810171&sw=1600&sh=1200&v=2.9.47&r=stable&ec=0&o=30&fbp=fb.1.1633671810066.1752085421&it=1633671809998&coo=false&rqm=GET

Requested by

Host: login.2take.it
URL: https://login.2take.it/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://login.2take.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 05:43:30 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Fri, 08 Oct 2021 05:43:30 GMT

GET
H2 200 EAAJQQLXN5ECRBJ7EEPVAA Show response
d.adroll.com/consent/check/ 395 B
864 B 496ms
163ms Script
application/javascript 35.164.196.246
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d.adroll.com/consent/check/EAAJQQLXN5ECRBJ7EEPVAA?arrfrr=https%3A%2F%2Flogin.2take.it%2F&_s=8c1b364fa2f7b6eef1a8f99c3daa0998&_b=2
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.164.196.246 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-164-196-246.us-west-2.compute.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash: 14ad5a47eab25a2e1877f0ba67b6599100eefc361f1a8119233adc5bcaca9373

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://login.2take.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Oct 2021 05:43:30 GMT
cache-control: no-store, no-cache, must-revalidate
server: nginx/1.20.0
content-type: application/javascript
content-length: 395
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
522 B 44ms
21ms Image
image/gif 2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-64042902-3&cid=260396851.1633671810&jid=520964443&_u=YEBAAEAAAAAAAC~&z=890347714

Requested by

Host: login.2take.it
URL: https://login.2take.it/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://login.2take.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Oct 2021 05:43:30 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
522 B 41ms
17ms Image
image/gif 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-64042902-3&cid=260396851.1633671810&jid=520964443&_u=YEBAAEAAAAAAAC~&z=890347714

Requested by

Host: login.2take.it
URL: https://login.2take.it/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://login.2take.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Oct 2021 05:43:30 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/944885369/ 42 B
154 B 77ms
55ms Image
image/gif 2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/944885369/?random=1633671810168&cv=9&fst=1633669200000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wga60&sendb=1&frm=0&url=https%3A%2F%2Flogin.2take.it%2F&tiba=Platforma%20lojalno%C5%9Bciowa&async=1&fmt=3&is_vtc=1&random=3664194474&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: login.2take.it
URL: https://login.2take.it/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://login.2take.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Oct 2021 05:43:30 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/944885369/ 42 B
108 B 42ms
19ms Image
image/gif 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/944885369/?random=1633671810168&cv=9&fst=1633669200000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wga60&sendb=1&frm=0&url=https%3A%2F%2Flogin.2take.it%2F&tiba=Platforma%20lojalno%C5%9Bciowa&async=1&fmt=3&is_vtc=1&random=3664194474&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: login.2take.it
URL: https://login.2take.it/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://login.2take.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Oct 2021 05:43:30 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/944885369/ 42 B
108 B 78ms
56ms Image
image/gif 2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/944885369/?random=1633671810165&cv=9&fst=1633669200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaa60&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Flogin.2take.it%2F&tiba=Platforma%20lojalno%C5%9Bciowa&async=1&fmt=3&is_vtc=1&random=2801805428&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: login.2take.it
URL: https://login.2take.it/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://login.2take.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Oct 2021 05:43:30 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/944885369/ 42 B
154 B 40ms
19ms Image
image/gif 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/944885369/?random=1633671810165&cv=9&fst=1633669200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaa60&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Flogin.2take.it%2F&tiba=Platforma%20lojalno%C5%9Bciowa&async=1&fmt=3&is_vtc=1&random=2801805428&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: login.2take.it
URL: https://login.2take.it/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://login.2take.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Oct 2021 05:43:30 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

IYEZOTUONJHBXKFEEV5K2H.js Show response
s.adroll.com/pixel/EAAJQQLXN5ECRBJ7EEPVAA/C6VYEG4ENFBS7OHJLSA4NZ/
Redirect Chain

https://d.adroll.com/pixel/EAAJQQLXN5ECRBJ7EEPVAA/C6VYEG4ENFBS7OHJLSA4NZ?adroll_fpc=7e1b0cf1d7ea932b54fe1afe51404bd0-1633671810676&arrfrr=https%3A%2F%2Flogin.2take.it%2F&xid_ch=f&pv=90933148210.212...
https://s.adroll.com/pixel/EAAJQQLXN5ECRBJ7EEPVAA/C6VYEG4ENFBS7OHJLSA4NZ/IYEZOTUONJHBXKFEEV5K2H.js

11 KB
4 KB

11ms
11ms

Script
text/javascript

2600:9000:2156:4800:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/pixel/EAAJQQLXN5ECRBJ7EEPVAA/C6VYEG4ENFBS7OHJLSA4NZ/IYEZOTUONJHBXKFEEV5K2H.js
Requested by: Host: login.2take.it
URL: https://login.2take.it/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:4800:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 26df3fc69c6208ec63c241207ef2ab03885d4d45d49124ad2eef632d12413e0d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://login.2take.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

X-Amz-Version-Id: 45GDMohYWRMOzISm976S8GwKU36La1nt
Content-Encoding: gzip
Etag: W/"eecba013c473c4997689fc8b6051a8c4"
X-Edge-Origin-Shield-Skipped: 0
X-Amz-Server-Side-Encryption: AES256
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Access-Control-Max-Age: 600
Connection: keep-alive
Access-Control-Allow-Origin: *
Last-Modified: Thu, 25 Mar 2021 21:48:56 GMT
Server: AmazonS3
Date: Fri, 08 Oct 2021 05:43:30 GMT
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: text/javascript; charset=utf-8
Via: 1.1 d627b75d0c1aedd3691390ac8498d3b0.cloudfront.net (CloudFront)
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
X-Amz-Cf-Pop: FRA50-C1
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: NE45y1A0odmWdSuuMtWFXdcLvaLrwJjHvmqxqRYndZOSeoruM6VCmw==

Redirect headers

pragma: no-cache
x-conversion-value: 0.00
server: nginx/1.20.0
x-rule: *
date: Fri, 08 Oct 2021 05:43:30 GMT
x-segment-eid: IYEZOTUONJHBXKFEEV5K2H
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location: https://s.adroll.com/pixel/EAAJQQLXN5ECRBJ7EEPVAA/C6VYEG4ENFBS7OHJLSA4NZ/IYEZOTUONJHBXKFEEV5K2H.js
cache-control: no-store, no-cache, must-revalidate
x-segment-display-name: Visitors to Unsegmented Pages
x-pixel-eid: C6VYEG4ENFBS7OHJLSA4NZ
x-segment-name: *
x-advertisable-eid: EAAJQQLXN5ECRBJ7EEPVAA
content-length: 0
x-conversion-currency

GET
H/1.1 200
OK sendrolling.js Show response
s.adroll.com/j/ 11 KB
3 KB 9ms
9ms Script
text/javascript 2600:9000:2156:4800:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/sendrolling.js
Requested by: Host: d.adroll.com
URL: https://d.adroll.com/pixel/EAAJQQLXN5ECRBJ7EEPVAA/C6VYEG4ENFBS7OHJLSA4NZ?adroll_fpc=7e1b0cf1d7ea932b54fe1afe51404bd0-1633671810676&arrfrr=https%3A%2F%2Flogin.2take.it%2F&xid_ch=f&pv=90933148210.21298&cookie=&adroll_s_ref=&keyw=&name=2ti
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:4800:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 134568be83d33ab28a55e78e8e8ac638ac6a57ff1bfc62bb5bc4e93fee39e20f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://login.2take.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

X-Amz-Version-Id: RZDk54WYcgBhtl9Yix60swXXFyAbbYeu
Content-Encoding: gzip
Etag: W/"c317a5be7d65fa0c4d68d9735af020e4"
X-Edge-Origin-Shield-Skipped: 0
X-Amz-Server-Side-Encryption: AES256
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Access-Control-Max-Age: 600
Connection: keep-alive
Access-Control-Allow-Origin: *
Last-Modified: Wed, 06 Oct 2021 19:48:59 GMT
Server: AmazonS3
Date: Fri, 08 Oct 2021 05:19:46 GMT
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: text/javascript
Via: 1.1 d627b75d0c1aedd3691390ac8498d3b0.cloudfront.net (CloudFront)
Cache-Control: max-age=3600
Access-Control-Allow-Credentials: false
X-Amz-Cf-Pop: FRA50-C1
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: DsoQE4-AZOTY7kiS9dY0KzWQT4qeYlfGg0wZmVEpZnMeUnHHg04wwQ==

GET
H2 200 1893733934181269 Show response
connect.facebook.net/signals/config/ 490 KB
143 KB 7ms
7ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1893733934181269?v=2.9.47&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

cc379236964d010a7fd3ee6881fd4b6190591e3c80ddc07f03aa3858bb6d8e20

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://login.2take.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 146693
x-xss-protection: 0
pragma: public
x-fb-debug: YnwsltXzQRk9YMTO1riFez73wDo/G9tgpPBXjb6X+NV7X1K2lC4FcsjV2KGMAYe19w+jFxJxjMpm1Z1aAhlQeg==
x-fb-trip-id: 686109401
x-frame-options: DENY
date: Fri, 08 Oct 2021 05:43:30 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

204

v1
ads.yahoo.com/cms/
Redirect Chain

https://d.adroll.com/cm/r/out?adroll_fpc=7e1b0cf1d7ea932b54fe1afe51404bd0-1633671810676&arrfrr=https%3A%2F%2Flogin.2take.it%2F&xid_ch=f&advertisable=EAAJQQLXN5ECRBJ7EEPVAA
https://ads.yahoo.com/cms/v1?esig=1~bf4e7dc4546a90c08591652d78a230d3f2ef5733&nwid=10001032567&sigv=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA

0
444 B

33ms
7ms

Image
text/plain

2a00:1288:80:800::7000
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.yahoo.com/cms/v1?esig=1~bf4e7dc4546a90c08591652d78a230d3f2ef5733&nwid=10001032567&sigv=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA

Requested by

Host: login.2take.it
URL: https://login.2take.it/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:800::7000 Frankfurt am Main, Germany, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://login.2take.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 05:43:31 GMT
cache-control: no-store
x-content-type-options: nosniff
server: ATS
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block

Redirect headers

location: https://ads.yahoo.com/cms/v1?esig=1~bf4e7dc4546a90c08591652d78a230d3f2ef5733&nwid=10001032567&sigv=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA
pragma: no-cache
date: Fri, 08 Oct 2021 05:43:30 GMT
cache-control: no-store, no-cache, must-revalidate
server: nginx/1.20.0
content-length: 165
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"

GET
H2 200 out
d.adroll.com/cm/l/ 42 B
180 B 162ms
162ms Image
image/gif 35.164.196.246
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.adroll.com/cm/l/out?adroll_fpc=7e1b0cf1d7ea932b54fe1afe51404bd0-1633671810676&arrfrr=https%3A%2F%2Flogin.2take.it%2F&xid_ch=f&advertisable=EAAJQQLXN5ECRBJ7EEPVAA
Requested by: Host: login.2take.it
URL: https://login.2take.it/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.164.196.246 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-164-196-246.us-west-2.compute.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://login.2take.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 05:43:30 GMT
cache-control: no-transform,public,max-age=300,s-maxage=900
server: nginx/1.20.0
content-length: 42
vary: Cookie
content-type: image/gif

GET
H2 200 /
www.facebook.com/tr/ 44 B
101 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1893733934181269&ev=PageView&dl=https%3A%2F%2Flogin.2take.it%2F&rl=&if=false&ts=1633671810890&cd[segment_eid]=IYEZOTUONJHBXKFEEV5K2H&sw=1600&sh=1200&v=2.9.47&r=stable&ec=0&o=29&fbp=fb.1.1633671810066.1752085421&it=1633671809998&coo=false&dpo=LDU&dpoco=0&dpost=0&rqm=GET

Requested by

Host: login.2take.it
URL: https://login.2take.it/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://login.2take.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 05:43:30 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Fri, 08 Oct 2021 05:43:30 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
147 B 7ms
6ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1168953883119698&ev=Microdata&dl=https%3A%2F%2Flogin.2take.it%2F&rl=&if=false&ts=1633671811571&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Platforma%20lojalno%C5%9Bciowa%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.47&r=stable&ec=1&o=30&fbp=fb.1.1633671810066.1752085421&it=1633671809998&coo=false&dpo=LDU&dpoco=0&dpost=0&es=automatic&tm=3&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://login.2take.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 05:43:31 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Fri, 08 Oct 2021 05:43:31 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
101 B 7ms
6ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=227267281028028&ev=Microdata&dl=https%3A%2F%2Flogin.2take.it%2F&rl=&if=false&ts=1633671811672&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Platforma%20lojalno%C5%9Bciowa%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.47&r=stable&ec=1&o=30&fbp=fb.1.1633671810066.1752085421&it=1633671809998&coo=false&dpo=LDU&dpoco=0&dpost=0&es=automatic&tm=3&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://login.2take.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 05:43:31 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Fri, 08 Oct 2021 05:43:31 GMT

Verdicts & Comments Add Verdict or Comment

83 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

21 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
system.blovly.com/	1970-01-19 21:47:53	Name: AWSELBCORS Value: 01318D4B100E3B1CFB1BCD6B775C1B80A5CD1938DCC1B150A33B987327D12C96C44AB25B1BEB57907C2206B995BCDE2E08854E423E9D6AA073B03D53A13A5D9542D01810DA
.google.com/	1970-01-20 02:11:23	Name: NID Value: 511=OXIPn7jo60RS5qCFZa8yCTaFY3bB0HMl-0v1Zyj5kNp8VyySHkZCPms3SdiY02B8lAlgjwSNn4O9EReo-nk5fXgsrtyqSN5NvOgg9vZ2U6eDalFEqyToGi-cHXf6arTBi01My0ph73J-_jrg1q8QqE5ego0fRVWXPshhYnIoV3c
.2take.it/	1970-01-19 23:57:27	Name: _fbp Value: fb.1.1633671810066.1752085421
.2take.it/	1970-01-20 15:19:03	Name: _ga Value: GA1.2.260396851.1633671810
.2take.it/	1970-01-19 21:49:18	Name: _gid Value: GA1.2.1652052568.1633671810
.2take.it/	1970-01-19 21:47:51	Name: _gat_UA-64042902-3 Value: 1
.2take.it/	1970-01-19 23:57:27	Name: _gcl_au Value: 1.1.1418427047.1633671810
.doubleclick.net/	1970-01-19 21:47:52	Name: test_cookie Value: CheckForPermission
.linkedin.com/	1970-01-19 22:31:03	Name: UserMatchHistory Value: AQKeWwmoQTkCyQAAAXxebY4DOv0QDssH25wAnTGKUNawH3KOJEJ-CEHku1UmWBmmMrta9_tTCL858w
.linkedin.com/	1970-01-19 22:31:03	Name: AnalyticsSyncHistory Value: AQIUOhJ6SmjrZgAAAXxebY4DjI7GfRlLEu8rkxhl9ApCxlw2MF1_2nKfE7lzkpcV6L2F9SN3Qo-iyG14ckokyw
.ads.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.linkedin.com/	1970-01-20 15:19:45	Name: bcookie Value: "v=2&9030e6dd-3cdd-43d8-8db5-088c01eeb27a"
.linkedin.com/	1970-01-19 21:49:18	Name: lidc Value: "b=OGST07:s=O:r=O:a=O:p=O:g=2135:u=1:x=1:i=1633671810:t=1633758210:v=2:sig=AQGv45OCtL9Nx_4cmWn9mcwQPj4sl2Fn"
d.adroll.com/	1970-01-20 07:16:39	Name: __adroll Value: 5d2fcf50cdb9fa8c224bf7e944ba0bab-a_1633671810
.adroll.com/	1970-01-20 07:16:39	Name: __adroll_shared Value: 5d2fcf50cdb9fa8c224bf7e944ba0bab-a_1633671810
.login.2take.it/	1970-01-20 06:33:49	Name: __adroll_fpc Value: 7e1b0cf1d7ea932b54fe1afe51404bd0-1633671810676
.login.2take.it/	1970-01-20 06:33:27	Name: __ar_v4 Value: %7CEAAJQQLXN5ECRBJ7EEPVAA%3A20211007%3A1%7CC6VYEG4ENFBS7OHJLSA4NZ%3A20211007%3A1%7CIYEZOTUONJHBXKFEEV5K2H%3A20211007%3A1
.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=de-de
.www.linkedin.com/	1970-01-20 15:19:45	Name: bscookie Value: "v=1&2021100805433003cb9236-5706-432c-858c-2e8ecf331be4AQEaXX75LU6Oef5J63Ei6hiCKOdtdRRZ"
.linkedin.com/	1970-01-20 15:04:06	Name: li_gc Value: MTswOzE2MzM2NzE4MTA7MjswMjHPmgd0HefDfqGzRTniY3OI7i3H1XpbHCFrgSlFdtavog==
.yahoo.com/	1970-01-20 06:33:49	Name: A3 Value: d=AQABBIPaX2ECEOouXNv6E8ZdCtrOfv-XibAFEgEBAQEsYWFpYQAAAAAA_eMAAA&S=AQAAAk7dR3goTGnKlMabRGZL1Wg

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://login.2take.it/api/web/company/getstyles?url_name=null Message: Failed to load resource: the server responded with a status of 400 (Bad Request)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.yahoo.com
apis.google.com
appleid.cdn-apple.com
cdn.jsdelivr.net
chat.system.blovly.com
connect.facebook.net
d.adroll.com
fonts.googleapis.com
googleads.g.doubleclick.net
login.2take.it
px.ads.linkedin.com
px4.ads.linkedin.com
s.adroll.com
snap.licdn.com
stats.g.doubleclick.net
system.blovly.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.linkedin.com
104.111.230.79
108.174.10.14
142.250.184.194
2600:9000:2156:4800:6:9280:1080:93a1
2606:4700::6810:5614
2620:119:50e1:101::6cae:b25
2620:1ec:21::14
2a00:1288:80:800::7000
2a00:1450:4001:803::2004
2a00:1450:4001:80e::200a
2a00:1450:4001:812::2008
2a00:1450:4001:828::200e
2a00:1450:4001:82a::2003
2a00:1450:4001:82f::2002
2a00:1450:4001:82f::200e
2a00:1450:400c:c01::9d
2a02:26f0:6c00::210:ba11
2a03:2880:f01c:216:face:b00c:0:3
2a03:2880:f11c:8083:face:b00c:0:25de
3.121.125.142
3.124.133.227
35.158.222.40
35.164.196.246
00a838051c95fd70f609e56b14160f3b11f9cc925ebf863b6b6d05aa05f18410
05515afa1f063d54b0921debbb8f4d2a08ed0e6f13ec4d5751bbd1924610d382
06d7bce50ef847992ab4751c8584ced8d5abf7d55e6a62721599edc78419eeb0
0aa0af4eb29e8ac243d5879f4b1b70cb4dcab4069686ee082ad9a11f16392cc1
0afa8c947b435fc74382c870974ded570bf39dcaaa30a37414bcd9acd6a9e3e2
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
134568be83d33ab28a55e78e8e8ac638ac6a57ff1bfc62bb5bc4e93fee39e20f
14ad5a47eab25a2e1877f0ba67b6599100eefc361f1a8119233adc5bcaca9373
183750d769349faedbb6c7348ff7642fd2a77c64004e88b73dd63408ced7016e
1a2732a1de36370f13652e1411c785559e2ee43f93a7470f56e9c4dc71461ff0
1ecd085b6d0693df4081d97f01b27b60d82418b83da600a340d6efd629f7c591
1f9f92d8345eb67acf8cc21aad2b1387b7ddadcb7a3308049736647b267f2ca2
20087affa8555ecfb043a6157626682a1c961f97b7a08163940852d676df5cea
26df3fc69c6208ec63c241207ef2ab03885d4d45d49124ad2eef632d12413e0d
26e3617dfd27c28b19ed45dfbb4376562870b515a2d69cb1b3b97ba26b91fee5
2bc2179dbcac09de834853fc91b815d3bea8112276b7b789f610078d399bcb47
2f114f4b9f5459beb8be619b5142337e199b27bfa95247af98f6ed5da6a7b721
331673250a349eaed66c3aad0147381ea76002b1a40c165e2a016ee10e69488c
3598b3b51a13903e42051ce9bb1025c872063417227a66bce1542188e756ed3c
3a21e0af6b3ee300f6b003045a540e51f8db2af91560df11052635353f666c71
42bb60211a7b7a99c48006e4e63d608bd81191956a7605210982b37eaffc58bb
44644e5150aba37a872a759584bb278c5ca807fa616759d1f3ff7a76a5ea328f
522ad34d4389e4358221744e9885e9377de0d9919fd9008eeaba7ce9b966a4cb
5c70f4d8f51a2419bd5481f7dc4651538c1e1f1f0e7bd9b44622726f0e92100d
60e60bf2583cf7444b00a4b0b8d46de5fd5816f768fc72fd71c643357132df69
7215ee4f0b6be500e7108320b5674583a97a9161bbd37d5f8a521d88fcf46ee3
7a7e0a12a132c6400af7b1b665a3615298ce15466c5c25daa8acb793a549206b
7e4e389c072794cb0cc4a4e610be9ea14ab7ccd12d566a2fa17b7209561b768b
7e6ba09595777651f4d020043ef51c7c4d577f83356bb953988dae9b028d139b
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8679c992d10ed3daa402e1c839defa668a5c75e5aa76cd21af26a1c83dbb7a26
8d80ca933559684239a9569393e0b45d0520e918f96d49e1a14a23166534c1d6
952cc5d0198ef30fbe42133e7f799fbad9ac18921278e690086a625f94e93de9
960faef2d1f7c0a01d85cb7ec3d1b9bd2bae00bd9b5357288aae0f9d4256b8f4
96dcb5b41865fda63f5d0fb228d2e654d8ea438f637f9e3b30675065a97ebc99
9c16e4871aa531f4cb14a841858c9dc42cc8d7ce6d5d3a30d5784521a46706dc
b154742e45cce0f7bb88b804909e7912cf974c539d7043eb636bb2f25e2931b3
ba5c75008a133ef73a0eb980a0c37c168b6bd5db7279a90105697670440eeedf
c2cb8d5ca724ea85d9f7c0c857a05a35f4bbde3faaebae7e21457bfd52b6cb2f
c40ddcb120b5e1659bb740ccf3a9ee5841adb629f38a4315ccc462658007b1fb
c7395cb3e42311d894b6f20d9877912ec71e9d81c63a1292455923588c6e803b
cc379236964d010a7fd3ee6881fd4b6190591e3c80ddc07f03aa3858bb6d8e20
cc78bbc89ae37cbd14089271a95f875d19faf024cbaf7474d4529d150108c0b0
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e10f693d9b885987efcd2ac1c2eb3cf545ae5b876cbc0118d620f323b7f4f9d7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e486e2cf644291fcce8b0b867ff01ef9dba9269306bcb2e66608163dfda98947
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1db1d65006747ab7d6dac08fe342b77292c279e5cb399a0e30fd5af694cb485
f3145c6ede5ef87c304d2da0a3cb3c2608a5bfe4426eb9634cf9e5dc7cdc053e
f358770a1d95188b1627af2cbf17baabd23e2db789ebb0d892ecd1caad039f71
f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52
f6e9864c545c938343a869fcf464beaad8cdf5fadc80a68842f47836adf225b4
f928e5cc1fdc43a2fb202de6a697f081462a46fd35f6a1346f58c149bb1af447
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
fed785a6a8ca96fb67230fec5d85f9c508db49f4075aa0ef284af56cd89813e3

login.2take.it Open in urlscan Pro 3.121.125.142 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

71 Requests

100 %HTTPS

70 %IPv6

17 Domains

23 Subdomains

21 IPs

3 Countries

1706 kBTransfer

4910 kBSize

21 Cookies

0 Outgoing links

Redirected requests

71 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

login.2take.it Open in urlscan Pro
3.121.125.142 Public Scan

Screenshot
Live screenshot

Full Image

71
Requests

100 %
HTTPS

70 %
IPv6

17
Domains

23
Subdomains

21
IPs

3
Countries

1706 kB
Transfer

4910 kB
Size

21
Cookies

71 HTTP transactions
0 data transactions