urlscan.io logo urlscan.io
SecurityTrails logo

ciat.hyva.alessandrocostantino.dnalab.online Open in urlscan Pro
135.181.210.173  Public Scan

Go To Rescan Add Verdict Report
URL: https://ciat.hyva.alessandrocostantino.dnalab.online/
Submission: On December 02 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 16 HTTP transactions. The main IP is 135.181.210.173, located in Helsinki, Finland and belongs to HETZNER-AS, DE. The main domain is ciat.hyva.alessandrocostantino.dnalab.online.
TLS certificate: Issued by R3 on December 1st 2023. Valid for: 3 months.
This is the only time ciat.hyva.alessandrocostantino.dnalab.online was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
15 135.181.210.173 24940 (HETZNER-AS)
1 65.9.25.112 16509 (AMAZON-02)
16 2
Apex Domain
Subdomains		 Transfer
15 dnalab.online
ciat.hyva.alessandrocostantino.dnalab.online
276 KB
1 etrusted.com
integrations.etrusted.com — Cisco Umbrella Rank: 58247
2 KB
16 2
Domain Requested by
15 ciat.hyva.alessandrocostantino.dnalab.online ciat.hyva.alessandrocostantino.dnalab.online
1 integrations.etrusted.com ciat.hyva.alessandrocostantino.dnalab.online
16 2

This site contains links to these domains. Also see Links.

Domain
www.consorzionetcomm.it
www.adm.gov.it
www.dnafactory.it
Subject Issuer Validity Valid
ciat.hyva.alessandrocostantino.dnalab.online
R3		 2023-12-01 -
2024-02-29		 3 months crt.sh
integrations.etrusted.com
Amazon RSA 2048 M01		 2023-03-07 -
2024-04-04		 a year crt.sh

This page contains 1 frames:

Primary Page: https://ciat.hyva.alessandrocostantino.dnalab.online/
Frame ID: F4379288AFA397F1B7922D95D0AE464F
Requests: 16 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Home pagemenuxchevron-rightarrow-backchevron-rightarrow-backchevron-rightarrow-backchevron-rightarrow-backchevron-rightarrow-backmenuxarrow-rightarrow-rightsearchshopping-cartxpenciltrashloaderxxheroicons/outline/qty-plusheroicons/outline/qty-lessheroicons/outline/qty-plusheroicons/outline/qty-lessheroicons/outline/qty-plusheroicons/outline/qty-lessheroicons/outline/qty-plusheroicons/outline/qty-lessheroicons/solid/paypalheroicons/solid/visaheroicons/solid/mastercardheroicons/solid/amexheroicons/solid/klarnaheroicons/solid/instagramheroicons/solid/facebookheroicons/solid/pinterestheroicons/solid/logo_dnaxloader

Detected technologies

Overall confidence: 75%
Detected patterns
  • <[^>]+[^\w-]x-data[^\w-][^<]+

Page Statistics

16
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

278 kB
Transfer

901 kB
Size

7
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

16 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
ciat.hyva.alessandrocostantino.dnalab.online/ 		253 KB
54 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ciat.hyva.alessandrocostantino.dnalab.online/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
135.181.210.173 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.173.210.181.135.clients.your-server.de
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3c8eff21d5d0d987318942ab01ae52909a2aa4d4622eb377e90774b5d9de3db6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
max-age=0, must-revalidate, no-cache, no-store
content-encoding
gzip
content-security-policy-report-only
font-src fonts.googleapis.com fonts.gstatic.com *.googleapis.com *.gstatic.com data: *.fontawesome.com maxcdn.bootstrapcdn.com https://widgets.trustedshops.com data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.cardinalcommerce.com *.paypal.com 3ds-secure.cardcomplete.com www.clicksafe.lloydstsb.com pay.activa-card.com *.wirecard.com acs.sia.eu *.touchtechpayments.com www.securesuite.co.uk rsa3dsauth.com *.monzo.com *.arcot.com *.wlp-acs.com * 'self' 'unsafe-inline'; frame-ancestors www.gstatic.com https://api.clerk.io https://cdn.clerk.io *.sella.it *.gestpay.net 'self'; frame-src fast.amc.demdex.net *.adobe.com bid.g.doubleclick.net *.youtube.com *.youtube-nocookie.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com https://www.google.com/recaptcha/ www.google.com *.sella.it *.gestpay.net c.paypal.com checkout.paypal.com assets.braintreegateway.com pay.google.com *.cardinalcommerce.com *.paypal.com * 'self' 'unsafe-inline'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com data: www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net analytics.google.com www.googletagmanager.com *.ftcdn.net *.behance.net t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com validator.swagger.io maps.googleapis.com maps.gstatic.com *.gstatic.com *.googleapis.com https://images.unsplash.com https://cdn.clerk.io www.sandbox.paypal.com b.stats.paypal.com dub.stats.paypal.com assets.braintreegateway.com c.paypal.com checkout.paypal.com *.paypal.com https://widgets.trustedshops.com https://widgets-qa.trustedshops.com data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https://www.gstatic.com/recaptcha/ https://www.google.com/recaptcha/ maps.googleapis.com maps.gstatic.com fonts.googleapis.com *.googleapis.com *.gstatic.com https://cdn.jsdelivr.net/npm/@ryangjchandler/spruce@2.x.x/dist/spruce.umd.js www.google.com/recaptcha/ www.gstatic.com/recaptcha/ https://api.clerk.io https://cdn.clerk.io *.sella.it *.gestpay.net *.avada.io js.braintreegateway.com assets.braintreegateway.com c.paypal.com pay.google.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.paypal.com songbirdstag.cardinalcommerce.com https://widgets.trustedshops.com https://widgets-qa.trustedshops.com https://integrations.etrusted.com https://integrations.etrusted.site https://static-app.connect.trustedshops.com https://static-app.connect-qa.trustedshops.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com fonts.googleapis.com https://api.clerk.io https://cdn.clerk.io *.fontawesome.com maxcdn.bootstrapcdn.com unsafe-inline assets.braintreegateway.com https://widgets.trustedshops.com https://static-app.connect.trustedshops.com https://static-app.connect-qa.trustedshops.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net www.google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net vimeo.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com maps.googleapis.com maps.gstatic.com fonts.googleapis.com *.googleapis.com https://get.geojs.io *.avada.io api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.braintree-api.com *.paypal.com *.cardinalcommerce.com *.google.com google.com *.trustedshops.com *.etrusted.com https://integrations.etrusted.site 'self' 'unsafe-inline'; child-src assets.braintreegateway.com c.paypal.com *.paypal.com http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';
content-type
text/html; charset=UTF-8
date
Sat, 02 Dec 2023 02:55:23 GMT
expires
Thu, 01 Dec 2022 14:56:47 GMT
pragma
no-cache
server
nginx/1.18.0 (Ubuntu)
vary
Accept-Encoding Accept-Encoding
x-built-with
Hyva Themes
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-magento-cache-control
max-age=86400, public, s-maxage=86400
x-magento-cache-debug
HIT
x-magento-tags
mp_smtp_script,amIsCookiePolicyAllowed-1,cms_b_footer_content,store,cms_b,cms_p_2,cms_b_footer_store,cms_b_after_footer,FPC
x-xss-protection
1; mode=block
styles.css
ciat.hyva.alessandrocostantino.dnalab.online/static/version1701442520/frontend/DNAFactory/ciat_hyva/it_IT/css/ 		373 KB
38 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ciat.hyva.alessandrocostantino.dnalab.online/static/version1701442520/frontend/DNAFactory/ciat_hyva/it_IT/css/styles.css
Requested by
Host: ciat.hyva.alessandrocostantino.dnalab.online
URL: https://ciat.hyva.alessandrocostantino.dnalab.online/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
135.181.210.173 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.173.210.181.135.clients.your-server.de
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
719d2c640d141250c60dd04e8dea205a60aa49c50ec82e49cb84d8035ec86473
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ciat.hyva.alessandrocostantino.dnalab.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 02:55:24 GMT
content-encoding
gzip
last-modified
Fri, 01 Dec 2023 14:55:22 GMT
server
nginx/1.18.0 (Ubuntu)
etag
W/"6569f3da-5d5fc"
vary
Accept-Encoding, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
max-age=31536000, public
expires
Sun, 01 Dec 2024 02:55:24 GMT
amsociallogin.css
ciat.hyva.alessandrocostantino.dnalab.online/static/version1701442520/frontend/DNAFactory/ciat_hyva/it_IT/Amasty_SocialLogin/css/source/mkcss/ 		38 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ciat.hyva.alessandrocostantino.dnalab.online/static/version1701442520/frontend/DNAFactory/ciat_hyva/it_IT/Amasty_SocialLogin/css/source/mkcss/amsociallogin.css
Requested by
Host: ciat.hyva.alessandrocostantino.dnalab.online
URL: https://ciat.hyva.alessandrocostantino.dnalab.online/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
135.181.210.173 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.173.210.181.135.clients.your-server.de
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
1540d553d93ce436f832212fecc3685f99e86c046c49ca8700081a3a460f48f2
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ciat.hyva.alessandrocostantino.dnalab.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 02:55:24 GMT
content-encoding
gzip
last-modified
Fri, 01 Dec 2023 14:55:22 GMT
server
nginx/1.18.0 (Ubuntu)
etag
W/"6569f3da-977c"
vary
Accept-Encoding, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
max-age=31536000, public
expires
Sun, 01 Dec 2024 02:55:24 GMT
Switzer-Light.woff2
ciat.hyva.alessandrocostantino.dnalab.online/static/version1701442520/frontend/DNAFactory/ciat_hyva/it_IT/fonts/Switzer/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ciat.hyva.alessandrocostantino.dnalab.online/static/version1701442520/frontend/DNAFactory/ciat_hyva/it_IT/fonts/Switzer/Switzer-Light.woff2
Requested by
Host: ciat.hyva.alessandrocostantino.dnalab.online
URL: https://ciat.hyva.alessandrocostantino.dnalab.online/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
135.181.210.173 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.173.210.181.135.clients.your-server.de
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
c345686e277e61002fd90582285a80a03c9ed55237a0cad1a4d1a1aa37371fc0
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://ciat.hyva.alessandrocostantino.dnalab.online/
Origin
https://ciat.hyva.alessandrocostantino.dnalab.online
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 02:55:24 GMT
last-modified
Fri, 01 Dec 2023 14:55:22 GMT
server
nginx/1.18.0 (Ubuntu)
etag
"6569f3da-460c"
x-frame-options
SAMEORIGIN
content-type
application/octet-stream
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
17932
expires
Sun, 01 Dec 2024 02:55:24 GMT
Switzer-Medium.woff2
ciat.hyva.alessandrocostantino.dnalab.online/static/version1701442520/frontend/DNAFactory/ciat_hyva/it_IT/fonts/Switzer/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ciat.hyva.alessandrocostantino.dnalab.online/static/version1701442520/frontend/DNAFactory/ciat_hyva/it_IT/fonts/Switzer/Switzer-Medium.woff2
Requested by
Host: ciat.hyva.alessandrocostantino.dnalab.online
URL: https://ciat.hyva.alessandrocostantino.dnalab.online/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
135.181.210.173 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.173.210.181.135.clients.your-server.de
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
7393d1abac009ede0da9f95d6c83479a08d798e28d3509575e02fb1d2346866f
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://ciat.hyva.alessandrocostantino.dnalab.online/
Origin
https://ciat.hyva.alessandrocostantino.dnalab.online
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 02:55:24 GMT
last-modified
Fri, 01 Dec 2023 14:55:22 GMT
server
nginx/1.18.0 (Ubuntu)
etag
"6569f3da-4c6c"
x-frame-options
SAMEORIGIN
content-type
application/octet-stream
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
19564
expires
Sun, 01 Dec 2024 02:55:24 GMT
Switzer-Bold.woff2
ciat.hyva.alessandrocostantino.dnalab.online/static/version1701442520/frontend/DNAFactory/ciat_hyva/it_IT/fonts/Switzer/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ciat.hyva.alessandrocostantino.dnalab.online/static/version1701442520/frontend/DNAFactory/ciat_hyva/it_IT/fonts/Switzer/Switzer-Bold.woff2
Requested by
Host: ciat.hyva.alessandrocostantino.dnalab.online
URL: https://ciat.hyva.alessandrocostantino.dnalab.online/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
135.181.210.173 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.173.210.181.135.clients.your-server.de
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
7aecbe035c1e311eabe7cac089f565c917558c365f809d5a9684881782370e1f
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://ciat.hyva.alessandrocostantino.dnalab.online/
Origin
https://ciat.hyva.alessandrocostantino.dnalab.online
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 02:55:24 GMT
last-modified
Fri, 01 Dec 2023 14:55:22 GMT
server
nginx/1.18.0 (Ubuntu)
etag
"6569f3da-4be8"
x-frame-options
SAMEORIGIN
content-type
application/octet-stream
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
19432
expires
Sun, 01 Dec 2024 02:55:24 GMT
Zodiak-LightItalic.woff2
ciat.hyva.alessandrocostantino.dnalab.online/static/version1701442520/frontend/DNAFactory/ciat_hyva/it_IT/fonts/Zodiak/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ciat.hyva.alessandrocostantino.dnalab.online/static/version1701442520/frontend/DNAFactory/ciat_hyva/it_IT/fonts/Zodiak/Zodiak-LightItalic.woff2
Requested by
Host: ciat.hyva.alessandrocostantino.dnalab.online
URL: https://ciat.hyva.alessandrocostantino.dnalab.online/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
135.181.210.173 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.173.210.181.135.clients.your-server.de
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
bca6c4402a37888dca3bcf5e6f9a456e667a401b46c05a6693dbfff25e435ca4
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://ciat.hyva.alessandrocostantino.dnalab.online/
Origin
https://ciat.hyva.alessandrocostantino.dnalab.online
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 02:55:24 GMT
last-modified
Fri, 01 Dec 2023 14:55:22 GMT
server
nginx/1.18.0 (Ubuntu)
etag
"6569f3da-5b38"
x-frame-options
SAMEORIGIN
content-type
application/octet-stream
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
23352
expires
Sun, 01 Dec 2024 02:55:24 GMT
Zodiak-BoldItalic.woff2
ciat.hyva.alessandrocostantino.dnalab.online/static/version1701442520/frontend/DNAFactory/ciat_hyva/it_IT/fonts/Zodiak/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ciat.hyva.alessandrocostantino.dnalab.online/static/version1701442520/frontend/DNAFactory/ciat_hyva/it_IT/fonts/Zodiak/Zodiak-BoldItalic.woff2
Requested by
Host: ciat.hyva.alessandrocostantino.dnalab.online
URL: https://ciat.hyva.alessandrocostantino.dnalab.online/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
135.181.210.173 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.173.210.181.135.clients.your-server.de
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
4101b2c1d5fe5acee5ae2559bc873a59c69efa31c1035570684f4a49845488b8
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://ciat.hyva.alessandrocostantino.dnalab.online/
Origin
https://ciat.hyva.alessandrocostantino.dnalab.online
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 02:55:24 GMT
last-modified
Fri, 01 Dec 2023 14:55:22 GMT
server
nginx/1.18.0 (Ubuntu)
etag
"6569f3da-5bcc"
x-frame-options
SAMEORIGIN
content-type
application/octet-stream
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
23500
expires
Sun, 01 Dec 2024 02:55:24 GMT
v2
integrations.etrusted.com/applications/widget.js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://integrations.etrusted.com/applications/widget.js/v2
Requested by
Host: ciat.hyva.alessandrocostantino.dnalab.online
URL: https://ciat.hyva.alessandrocostantino.dnalab.online/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.25.112 Hollywood, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-25-112.zag50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0f285340fde233e4bf0042716b33a9aae7ef38bf6768663286012870f5a648cb
Security Headers
Name Value
Strict-Transport-Security max-age= 63072000; includeSubdomains; preload
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ciat.hyva.alessandrocostantino.dnalab.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-amz-version-id
y6m_lv3sPnnC8IKMQAxgSJ.CL61RpuYE
content-encoding
gzip
via
1.1 3180232852f42d0e8ed2a6999ef03c92.cloudfront.net (CloudFront)
date
Fri, 01 Dec 2023 07:09:10 GMT
strict-transport-security
max-age= 63072000; includeSubdomains; preload
age
71176
x-amz-cf-pop
ZAG50-C1
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Tue, 25 Jul 2023 10:18:33 GMT
server
AmazonS3
etag
W/"d7237287c6c61682525e80a1904e6609"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=86400
x-amz-cf-id
NIuf74SSZo3UMEULpR6-myQGZCbxWCrqSHXskb67toHUWUWvM6Bkjg==
logo.svg
ciat.hyva.alessandrocostantino.dnalab.online/static/version1701442520/frontend/DNAFactory/ciat_hyva/it_IT/images/ 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ciat.hyva.alessandrocostantino.dnalab.online/static/version1701442520/frontend/DNAFactory/ciat_hyva/it_IT/images/logo.svg
Requested by
Host: ciat.hyva.alessandrocostantino.dnalab.online
URL: https://ciat.hyva.alessandrocostantino.dnalab.online/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
135.181.210.173 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.173.210.181.135.clients.your-server.de
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
25049e18f3345297181e7d741a15e071d0fcb9158091429eaa4c89c1ef459c54
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ciat.hyva.alessandrocostantino.dnalab.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 02:55:24 GMT
content-encoding
gzip
last-modified
Fri, 01 Dec 2023 14:55:21 GMT
server
nginx/1.18.0 (Ubuntu)
etag
W/"6569f3d9-15fb"
vary
Accept-Encoding, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
cache-control
max-age=31536000, public
expires
Sun, 01 Dec 2024 02:55:24 GMT
alpine3.min.js
ciat.hyva.alessandrocostantino.dnalab.online/static/version1701442520/frontend/DNAFactory/ciat_hyva/it_IT/Hyva_Theme/js/ 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ciat.hyva.alessandrocostantino.dnalab.online/static/version1701442520/frontend/DNAFactory/ciat_hyva/it_IT/Hyva_Theme/js/alpine3.min.js
Requested by
Host: ciat.hyva.alessandrocostantino.dnalab.online
URL: https://ciat.hyva.alessandrocostantino.dnalab.online/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
135.181.210.173 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.173.210.181.135.clients.your-server.de
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
78f4007773caa52f8d9d9a997387c92f979ecef0484bf88a2d6fea889635cdcc
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://ciat.hyva.alessandrocostantino.dnalab.online/
Origin
https://ciat.hyva.alessandrocostantino.dnalab.online
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 02:55:24 GMT
content-encoding
gzip
last-modified
Fri, 01 Dec 2023 14:55:21 GMT
server
nginx/1.18.0 (Ubuntu)
etag
W/"6569f3d9-a417"
vary
Accept-Encoding, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=31536000, public
expires
Sun, 01 Dec 2024 02:55:24 GMT
netcomm.webp
ciat.hyva.alessandrocostantino.dnalab.online/static/version1701442520/frontend/DNAFactory/ciat_hyva/it_IT/images/footer/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ciat.hyva.alessandrocostantino.dnalab.online/static/version1701442520/frontend/DNAFactory/ciat_hyva/it_IT/images/footer/netcomm.webp
Requested by
Host: ciat.hyva.alessandrocostantino.dnalab.online
URL: https://ciat.hyva.alessandrocostantino.dnalab.online/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
135.181.210.173 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.173.210.181.135.clients.your-server.de
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
c0d250bda256540dc87deb00dd09de2a23f91317abe3ef0b6b555c0b01ccdf26
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ciat.hyva.alessandrocostantino.dnalab.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 02:55:24 GMT
last-modified
Fri, 01 Dec 2023 14:56:47 GMT
server
nginx/1.18.0 (Ubuntu)
etag
"6569f42f-3d90"
x-frame-options
SAMEORIGIN
content-type
image/webp
accept-ranges
bytes
content-length
15760
AEO.webp
ciat.hyva.alessandrocostantino.dnalab.online/static/version1701442520/frontend/DNAFactory/ciat_hyva/it_IT/images/footer/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ciat.hyva.alessandrocostantino.dnalab.online/static/version1701442520/frontend/DNAFactory/ciat_hyva/it_IT/images/footer/AEO.webp
Requested by
Host: ciat.hyva.alessandrocostantino.dnalab.online
URL: https://ciat.hyva.alessandrocostantino.dnalab.online/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
135.181.210.173 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.173.210.181.135.clients.your-server.de
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
14deb74e2fcb6c372869f20db92edf2267f39533ff2f8c50e60c6c5d6d6c87cf
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ciat.hyva.alessandrocostantino.dnalab.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 02:55:24 GMT
last-modified
Fri, 01 Dec 2023 14:56:47 GMT
server
nginx/1.18.0 (Ubuntu)
etag
"6569f42f-1788"
x-frame-options
SAMEORIGIN
content-type
image/webp
accept-ranges
bytes
content-length
6024
cookies
ciat.hyva.alessandrocostantino.dnalab.online/default/amcookie/cookie/ 		5 KB
6 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ciat.hyva.alessandrocostantino.dnalab.online/default/amcookie/cookie/cookies
Requested by
Host: ciat.hyva.alessandrocostantino.dnalab.online
URL: https://ciat.hyva.alessandrocostantino.dnalab.online/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
135.181.210.173 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.173.210.181.135.clients.your-server.de
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
cad97998eca6f45fc3e214af1383e65c50afb6b0980be254a1d02e9fa0c07927
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ciat.hyva.alessandrocostantino.dnalab.online/
X-Requested-With
XMLHttpRequest
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Sat, 02 Dec 2023 02:55:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
font-src fonts.googleapis.com fonts.gstatic.com *.googleapis.com *.gstatic.com data: *.fontawesome.com maxcdn.bootstrapcdn.com https://widgets.trustedshops.com data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.cardinalcommerce.com *.paypal.com 3ds-secure.cardcomplete.com www.clicksafe.lloydstsb.com pay.activa-card.com *.wirecard.com acs.sia.eu *.touchtechpayments.com www.securesuite.co.uk rsa3dsauth.com *.monzo.com *.arcot.com *.wlp-acs.com * 'self' 'unsafe-inline'; frame-ancestors www.gstatic.com https://api.clerk.io https://cdn.clerk.io *.sella.it *.gestpay.net 'self'; frame-src fast.amc.demdex.net *.adobe.com bid.g.doubleclick.net *.youtube.com *.youtube-nocookie.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com https://www.google.com/recaptcha/ www.google.com *.sella.it *.gestpay.net c.paypal.com checkout.paypal.com assets.braintreegateway.com pay.google.com *.cardinalcommerce.com *.paypal.com * 'self' 'unsafe-inline'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com data: www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net analytics.google.com www.googletagmanager.com *.ftcdn.net *.behance.net t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com validator.swagger.io maps.googleapis.com maps.gstatic.com *.gstatic.com *.googleapis.com https://images.unsplash.com https://cdn.clerk.io www.sandbox.paypal.com b.stats.paypal.com dub.stats.paypal.com assets.braintreegateway.com c.paypal.com checkout.paypal.com *.paypal.com https://widgets.trustedshops.com https://widgets-qa.trustedshops.com data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https://www.gstatic.com/recaptcha/ https://www.google.com/recaptcha/ maps.googleapis.com maps.gstatic.com fonts.googleapis.com *.googleapis.com *.gstatic.com https://cdn.jsdelivr.net/npm/@ryangjchandler/spruce@2.x.x/dist/spruce.umd.js www.google.com/recaptcha/ www.gstatic.com/recaptcha/ https://api.clerk.io https://cdn.clerk.io *.sella.it *.gestpay.net *.avada.io js.braintreegateway.com assets.braintreegateway.com c.paypal.com pay.google.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.paypal.com songbirdstag.cardinalcommerce.com https://widgets.trustedshops.com https://widgets-qa.trustedshops.com https://integrations.etrusted.com https://integrations.etrusted.site https://static-app.connect.trustedshops.com https://static-app.connect-qa.trustedshops.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com fonts.googleapis.com https://api.clerk.io https://cdn.clerk.io *.fontawesome.com maxcdn.bootstrapcdn.com unsafe-inline assets.braintreegateway.com https://widgets.trustedshops.com https://static-app.connect.trustedshops.com https://static-app.connect-qa.trustedshops.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net www.google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net vimeo.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com maps.googleapis.com maps.gstatic.com fonts.googleapis.com *.googleapis.com https://get.geojs.io *.avada.io api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.braintree-api.com *.paypal.com *.cardinalcommerce.com *.google.com google.com *.trustedshops.com *.etrusted.com https://integrations.etrusted.site 'self' 'unsafe-inline'; child-src assets.braintreegateway.com c.paypal.com *.paypal.com http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';
x-built-with
Hyva Themes
x-magento-tags
amasty_cookie_groups,amasty_cookie,FPC
x-xss-protection
1; mode=block
x-magento-cache-control
max-age=0, public, s-maxage=0
pragma
no-cache
server
nginx/1.18.0 (Ubuntu)
vary
Accept-Encoding, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/json
x-magento-cache-debug
MISS
cache-control
max-age=0, must-revalidate, no-cache, no-store
expires
Fri, 02 Dec 2022 02:55:25 GMT
popupData
ciat.hyva.alessandrocostantino.dnalab.online/default/gdpr/policy/ 		126 B
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ciat.hyva.alessandrocostantino.dnalab.online/default/gdpr/policy/popupData
Requested by
Host: ciat.hyva.alessandrocostantino.dnalab.online
URL: https://ciat.hyva.alessandrocostantino.dnalab.online/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
135.181.210.173 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.173.210.181.135.clients.your-server.de
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
046281c9f13ec8bda9637064474cc61603ef4a8cb3070bb308567eab93466e03
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ciat.hyva.alessandrocostantino.dnalab.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 02:55:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
font-src fonts.googleapis.com fonts.gstatic.com *.googleapis.com *.gstatic.com data: *.fontawesome.com maxcdn.bootstrapcdn.com https://widgets.trustedshops.com data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.cardinalcommerce.com *.paypal.com 3ds-secure.cardcomplete.com www.clicksafe.lloydstsb.com pay.activa-card.com *.wirecard.com acs.sia.eu *.touchtechpayments.com www.securesuite.co.uk rsa3dsauth.com *.monzo.com *.arcot.com *.wlp-acs.com * 'self' 'unsafe-inline'; frame-ancestors www.gstatic.com https://api.clerk.io https://cdn.clerk.io *.sella.it *.gestpay.net 'self'; frame-src fast.amc.demdex.net *.adobe.com bid.g.doubleclick.net *.youtube.com *.youtube-nocookie.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com https://www.google.com/recaptcha/ www.google.com *.sella.it *.gestpay.net c.paypal.com checkout.paypal.com assets.braintreegateway.com pay.google.com *.cardinalcommerce.com *.paypal.com * 'self' 'unsafe-inline'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com data: www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net analytics.google.com www.googletagmanager.com *.ftcdn.net *.behance.net t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com validator.swagger.io maps.googleapis.com maps.gstatic.com *.gstatic.com *.googleapis.com https://images.unsplash.com https://cdn.clerk.io www.sandbox.paypal.com b.stats.paypal.com dub.stats.paypal.com assets.braintreegateway.com c.paypal.com checkout.paypal.com *.paypal.com https://widgets.trustedshops.com https://widgets-qa.trustedshops.com data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https://www.gstatic.com/recaptcha/ https://www.google.com/recaptcha/ maps.googleapis.com maps.gstatic.com fonts.googleapis.com *.googleapis.com *.gstatic.com https://cdn.jsdelivr.net/npm/@ryangjchandler/spruce@2.x.x/dist/spruce.umd.js www.google.com/recaptcha/ www.gstatic.com/recaptcha/ https://api.clerk.io https://cdn.clerk.io *.sella.it *.gestpay.net *.avada.io js.braintreegateway.com assets.braintreegateway.com c.paypal.com pay.google.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.paypal.com songbirdstag.cardinalcommerce.com https://widgets.trustedshops.com https://widgets-qa.trustedshops.com https://integrations.etrusted.com https://integrations.etrusted.site https://static-app.connect.trustedshops.com https://static-app.connect-qa.trustedshops.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com fonts.googleapis.com https://api.clerk.io https://cdn.clerk.io *.fontawesome.com maxcdn.bootstrapcdn.com unsafe-inline assets.braintreegateway.com https://widgets.trustedshops.com https://static-app.connect.trustedshops.com https://static-app.connect-qa.trustedshops.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net www.google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net vimeo.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com maps.googleapis.com maps.gstatic.com fonts.googleapis.com *.googleapis.com https://get.geojs.io *.avada.io api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.braintree-api.com *.paypal.com *.cardinalcommerce.com *.google.com google.com *.trustedshops.com *.etrusted.com https://integrations.etrusted.site 'self' 'unsafe-inline'; child-src assets.braintreegateway.com c.paypal.com *.paypal.com http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';
x-built-with
Hyva Themes
x-magento-tags
FPC
x-xss-protection
1; mode=block
x-magento-cache-control
max-age=0, must-revalidate, no-cache, no-store
pragma
no-cache
server
nginx/1.18.0 (Ubuntu)
vary
Accept-Encoding, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/json
cache-control
max-age=0, must-revalidate, no-cache, no-store
x-magento-cache-debug
MISS
expires
Fri, 02 Dec 2022 02:55:25 GMT
/
ciat.hyva.alessandrocostantino.dnalab.online/default/customer/section/load/ 		58 KB
21 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ciat.hyva.alessandrocostantino.dnalab.online/default/customer/section/load/?sections=
Requested by
Host: ciat.hyva.alessandrocostantino.dnalab.online
URL: https://ciat.hyva.alessandrocostantino.dnalab.online/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
135.181.210.173 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.173.210.181.135.clients.your-server.de
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
106e0267fe37346c54459f4a66868520238f671009c12994ee9e97ac7e0d00ab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ciat.hyva.alessandrocostantino.dnalab.online/
X-Requested-With
XMLHttpRequest
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 02 Dec 2023 02:55:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
font-src fonts.googleapis.com fonts.gstatic.com *.googleapis.com *.gstatic.com data: *.fontawesome.com maxcdn.bootstrapcdn.com https://widgets.trustedshops.com data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.cardinalcommerce.com *.paypal.com 3ds-secure.cardcomplete.com www.clicksafe.lloydstsb.com pay.activa-card.com *.wirecard.com acs.sia.eu *.touchtechpayments.com www.securesuite.co.uk rsa3dsauth.com *.monzo.com *.arcot.com *.wlp-acs.com * 'self' 'unsafe-inline'; frame-ancestors www.gstatic.com https://api.clerk.io https://cdn.clerk.io *.sella.it *.gestpay.net 'self'; frame-src fast.amc.demdex.net *.adobe.com bid.g.doubleclick.net *.youtube.com *.youtube-nocookie.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com https://www.google.com/recaptcha/ www.google.com *.sella.it *.gestpay.net c.paypal.com checkout.paypal.com assets.braintreegateway.com pay.google.com *.cardinalcommerce.com *.paypal.com * 'self' 'unsafe-inline'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com data: www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net analytics.google.com www.googletagmanager.com *.ftcdn.net *.behance.net t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com validator.swagger.io maps.googleapis.com maps.gstatic.com *.gstatic.com *.googleapis.com https://images.unsplash.com https://cdn.clerk.io www.sandbox.paypal.com b.stats.paypal.com dub.stats.paypal.com assets.braintreegateway.com c.paypal.com checkout.paypal.com *.paypal.com https://widgets.trustedshops.com https://widgets-qa.trustedshops.com data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https://www.gstatic.com/recaptcha/ https://www.google.com/recaptcha/ maps.googleapis.com maps.gstatic.com fonts.googleapis.com *.googleapis.com *.gstatic.com https://cdn.jsdelivr.net/npm/@ryangjchandler/spruce@2.x.x/dist/spruce.umd.js www.google.com/recaptcha/ www.gstatic.com/recaptcha/ https://api.clerk.io https://cdn.clerk.io *.sella.it *.gestpay.net *.avada.io js.braintreegateway.com assets.braintreegateway.com c.paypal.com pay.google.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.paypal.com songbirdstag.cardinalcommerce.com https://widgets.trustedshops.com https://widgets-qa.trustedshops.com https://integrations.etrusted.com https://integrations.etrusted.site https://static-app.connect.trustedshops.com https://static-app.connect-qa.trustedshops.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com fonts.googleapis.com https://api.clerk.io https://cdn.clerk.io *.fontawesome.com maxcdn.bootstrapcdn.com unsafe-inline assets.braintreegateway.com https://widgets.trustedshops.com https://static-app.connect.trustedshops.com https://static-app.connect-qa.trustedshops.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net www.google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net vimeo.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com maps.googleapis.com maps.gstatic.com fonts.googleapis.com *.googleapis.com https://get.geojs.io *.avada.io api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.braintree-api.com *.paypal.com *.cardinalcommerce.com *.google.com google.com *.trustedshops.com *.etrusted.com https://integrations.etrusted.site 'self' 'unsafe-inline'; child-src assets.braintreegateway.com c.paypal.com *.paypal.com http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';
x-built-with
Hyva Themes
x-magento-tags
FPC
x-xss-protection
1; mode=block
x-magento-cache-control
max-age=0, must-revalidate, no-cache, no-store
pragma
no-cache
server
nginx/1.18.0 (Ubuntu)
vary
Accept-Encoding, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/json
cache-control
max-age=0, must-revalidate, no-cache, no-store
x-magento-cache-debug
MISS
expires
Sun, 03 Dec 2023 02:55:25 GMT

Verdicts & Comments Add Verdict or Comment

36 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture string| BASE_URL string| THEME_PATH object| COOKIE_CONFIG string| CURRENT_STORE_CODE string| CURRENT_WEBSITE_ID object| hyva object| cookie_consent_groups object| cookie_consent_config object| amastyCookieManager function| initAmastyCookieBar function| initHeader function| initMiniSearch function| initHeaderCustomerMenu function| initCartDrawer function| initAuthentication function| initMessages function| hasWebP function| initAmGdprPolicyPopup function| dispatchMessages function| initCompareOnProductList function| initWishlist function| initConfigurableOptions function| initSwatchOptions function| initCarousel function| selectManager function| qtyManager function| dateInputManager function| setScrollbarWidthCssVar function| setMessage function| setAjaxCart function| initCookieGroupInfo_6569f42f5613d function| initCookieBarSettings object| Alpine boolean| isGdprCookieEnabled object| mageMessages

7 Cookies

Domain/Path Name / Value
.ciat.hyva.alessandrocostantino.dnalab.online/ Name: PHPSESSID
Value: 93nnu64c0dvla7gp84qn9dbqbp
.ciat.hyva.alessandrocostantino.dnalab.online/ Name: last_visited_store
Value: default
ciat.hyva.alessandrocostantino.dnalab.online/ Name: mage-cache-sessid
Value: true
.ciat.hyva.alessandrocostantino.dnalab.online/ Name: form_key
Value: Xye2FMKQLfTM3rB1
.ciat.hyva.alessandrocostantino.dnalab.online/ Name: amcookie_policy_restriction
Value: allowed
ciat.hyva.alessandrocostantino.dnalab.online/ Name: private_content_version
Value: c398229666806256e2fb7bed1d3fbb00
ciat.hyva.alessandrocostantino.dnalab.online/ Name: section_data_ids
Value: %7B%22messages%22%3A1701485725%2C%22customer%22%3A1701485725%2C%22compare-products%22%3A1701485725%2C%22last-ordered-items%22%3A1701485725%2C%22cart%22%3A1701485725%2C%22directory-data%22%3A1701485725%2C%22captcha%22%3A1701485725%2C%22instant-purchase%22%3A1701485725%2C%22loggedAsCustomer%22%3A1701485725%2C%22persistent%22%3A1701485725%2C%22review%22%3A1701485725%2C%22wishlist%22%3A1701485725%2C%22recently_viewed_product%22%3A1701485725%2C%22recently_compared_product%22%3A1701485725%2C%22product_data_storage%22%3A1701485725%2C%22paypal-billing-agreement%22%3A1701485725%7D

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block