urlscan.io logo urlscan.io
SecurityTrails logo

7ee276ee28.smapp.work Open in urlscan Pro
35.186.250.143  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://dertovafe1970.blogspot.it/
Effective URL: https://7ee276ee28.smapp.work/trkclk/?pid=2701&cid=3299322&custom1=zr15ac1870faa211ee85480affeb50fcafde5bca6b76714d02a2d7c36cb...
Submission: On April 14 via api from US — Scanned from IT
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 1 countries across 11 domains to perform 19 HTTP transactions. The main IP is 35.186.250.143, located in Kansas City, United States and belongs to GOOGLE, US. The main domain is 7ee276ee28.smapp.work.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on December 5th 2023. Valid for: a year.
This is the only time 7ee276ee28.smapp.work was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 3 142.250.186.161 15169 (GOOGLE)
4 142.250.185.201 15169 (GOOGLE)
1 2 23.82.12.31 30633 (LEASEWEB-...)
1 54.84.226.251 14618 (AMAZON-AES)
1 18.214.154.60 14618 (AMAZON-AES)
2 35.186.250.143 15169 (GOOGLE)
1 35.186.206.92 ()
2 172.217.16.219 ()
2 172.217.18.10 ()
19 10
3    142.250.186.161 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f1.1e100.net
dertovafe1970.blogspot.it
dertovafe1970.blogspot.com
4    142.250.185.201 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f9.1e100.net
www.blogger.com
2    23.82.12.31 (Manassas, United States)

ASN30633 (LEASEWEB-USA-WDC, US)
forkinz.com
1    54.84.226.251 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-84-226-251.compute-1.amazonaws.com
deird-vyh.com
1    18.214.154.60 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-214-154-60.compute-1.amazonaws.com
wulfw-ydi.com
2    35.186.250.143 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 143.250.186.35.bc.googleusercontent.com
7ee276ee28.smapp.work
1    35.186.206.92 (None, )

ASN- ()
ads.instal.com
2    172.217.16.219 (None, )

ASN- ()
storage.googleapis.com
2    172.217.18.10 (None, )

ASN- ()
fonts.googleapis.com
Domain Requested by
4 www.blogger.com dertovafe1970.blogspot.com
2 fonts.googleapis.com 7ee276ee28.smapp.work
2 storage.googleapis.com 7ee276ee28.smapp.work
2 7ee276ee28.smapp.work wulfw-ydi.com
7ee276ee28.smapp.work
2 forkinz.com 1 redirects
2 dertovafe1970.blogspot.com
1 ads.instal.com 7ee276ee28.smapp.work
1 wulfw-ydi.com deird-vyh.com
1 deird-vyh.com forkinz.com
1 dertovafe1970.blogspot.it 1 redirects
0 fonts.gstatic.com Failed fonts.googleapis.com
0 farm.performyze.com Failed storage.googleapis.com
19 12

This site contains no links.

Subject Issuer Validity Valid
misc-sni.blogspot.com
GTS CA 1C3		 2024-03-04 -
2024-05-27		 3 months crt.sh
*.blogger.com
GTS CA 1C3		 2024-03-04 -
2024-05-27		 3 months crt.sh
forkinz.com
R3		 2024-03-10 -
2024-06-08		 3 months crt.sh
zeropark.com
Amazon RSA 2048 M01		 2023-07-12 -
2024-08-09		 a year crt.sh
wulfw-ydi.com
Amazon RSA 2048 M03		 2024-01-25 -
2025-02-22		 a year crt.sh
*.smapp.work
Sectigo RSA Domain Validation Secure Server CA		 2023-12-05 -
2025-01-04		 a year crt.sh
ads.instal.com
GTS CA 1D4		 2024-03-26 -
2024-06-24		 3 months crt.sh
storage.googleapis.com
GTS CA 1C3		 2024-03-04 -
2024-05-27		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2024-03-04 -
2024-05-27		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://7ee276ee28.smapp.work/trkclk/?pid=2701&cid=3299322&custom1=zr15ac1870faa211ee85480affeb50fcafde5bca6b76714d02a2d7c36cb0eaeddc08140545ed2ed4327d&custom3=unknown&custom2=forkinz%2Cforkinz.com%2Cforking&custom4=&custom5=DOMAIN&fw1=badious-buzzard&aff_sub_id=alpha-ohm-1jdje3zdqe&gaid=&idfa=
Frame ID: 4D329D8AD4A0B012743C8BADFBF4A975
Requests: 19 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://dertovafe1970.blogspot.it/ HTTP 307
    https://dertovafe1970.blogspot.it/ HTTP 302
    https://dertovafe1970.blogspot.com/ Page URL
  2. http://forkinz.com/de.html HTTP 307
    https://forkinz.com/de.html Page URL
  3. https://forkinz.com/de.html?ch=1&js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV... HTTP 302
    http://deird-vyh.com/zclkvisitor/15ac1870-faa2-11ee-8548-0affeb50fcaf/72092e88-2c53-401c-b988-51e... HTTP 307
    https://deird-vyh.com/zclkvisitor/15ac1870-faa2-11ee-8548-0affeb50fcaf/72092e88-2c53-401c-b988-51e... Page URL
  4. https://wulfw-ydi.com/zclkredirect?visitid=15ac1870-faa2-11ee-8548-0affeb50fcaf&type=js&browserWid... Page URL
  5. https://7ee276ee28.smapp.work/trkclk/?pid=2701&cid=3299322&custom1=zr15ac1870faa211ee85480affeb50fcafde5bc... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \bangular.{0,32}\.js

Page Statistics

19
Requests

79 %
HTTPS

0 %
IPv6

11
Domains

12
Subdomains

10
IPs

1
Countries

267 kB
Transfer

482 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://dertovafe1970.blogspot.it/ HTTP 307
    https://dertovafe1970.blogspot.it/ HTTP 302
    https://dertovafe1970.blogspot.com/ Page URL
  2. http://forkinz.com/de.html HTTP 307
    https://forkinz.com/de.html Page URL
  3. https://forkinz.com/de.html?ch=1&js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTcxMzEzNTY1NCwiaWF0IjoxNzEzMTI4NDU0LCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIydjM0Mmc2ZGZoM2VqcHBrdGcwdHM5OGgiLCJuYmYiOjE3MTMxMjg0NTQsInRzIjoxNzEzMTI4NDU0ODQyMTU2fQ.CPaz5wd5xzOtMMPSO2aVZVKjSamyyuDrjZtTafaq4IE&sid=158ee9ec-faa2-11ee-b55f-7155bb16c687 HTTP 302
    http://deird-vyh.com/zclkvisitor/15ac1870-faa2-11ee-8548-0affeb50fcaf/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=18544240-ecf2-11ee-bf4b-123af5e664ff HTTP 307
    https://deird-vyh.com/zclkvisitor/15ac1870-faa2-11ee-8548-0affeb50fcaf/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=18544240-ecf2-11ee-bf4b-123af5e664ff Page URL
  4. https://wulfw-ydi.com/zclkredirect?visitid=15ac1870-faa2-11ee-8548-0affeb50fcaf&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false&webdriverDetected=false&gpu=Intel%20Inc.%3B%20Intel%20Iris%20OpenGL%20Engine&timezone=UTC%2B02%3A00&timezoneName=Europe%2FRome Page URL
  5. https://7ee276ee28.smapp.work/trkclk/?pid=2701&cid=3299322&custom1=zr15ac1870faa211ee85480affeb50fcafde5bca6b76714d02a2d7c36cb0eaeddc08140545ed2ed4327d&custom3=unknown&custom2=forkinz%2Cforkinz.com%2Cforking&custom4=&custom5=DOMAIN&fw1=badious-buzzard&aff_sub_id=alpha-ohm-1jdje3zdqe&gaid=&idfa= Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://dertovafe1970.blogspot.it/ HTTP 307
  • https://dertovafe1970.blogspot.it/ HTTP 302
  • https://dertovafe1970.blogspot.com/
Request Chain 5
  • http://forkinz.com/de.html HTTP 307
  • https://forkinz.com/de.html
Request Chain 7
  • https://forkinz.com/de.html?ch=1&js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTcxMzEzNTY1NCwiaWF0IjoxNzEzMTI4NDU0LCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIydjM0Mmc2ZGZoM2VqcHBrdGcwdHM5OGgiLCJuYmYiOjE3MTMxMjg0NTQsInRzIjoxNzEzMTI4NDU0ODQyMTU2fQ.CPaz5wd5xzOtMMPSO2aVZVKjSamyyuDrjZtTafaq4IE&sid=158ee9ec-faa2-11ee-b55f-7155bb16c687 HTTP 302
  • http://deird-vyh.com/zclkvisitor/15ac1870-faa2-11ee-8548-0affeb50fcaf/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=18544240-ecf2-11ee-bf4b-123af5e664ff HTTP 307
  • https://deird-vyh.com/zclkvisitor/15ac1870-faa2-11ee-8548-0affeb50fcaf/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=18544240-ecf2-11ee-bf4b-123af5e664ff

19 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
dertovafe1970.blogspot.com/
Redirect Chain
  • http://dertovafe1970.blogspot.it/
  • https://dertovafe1970.blogspot.it/
  • https://dertovafe1970.blogspot.com/
9 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://dertovafe1970.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f1.1e100.net
Software
GSE /
Resource Hash
4865ebe7b0ed9e32aabc576695a7835b214348e00f1e8dd5ad88125933d21e79
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
it-IT,it;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
gzip
content-length
2782
content-type
text/html; charset=UTF-8
date
Sun, 14 Apr 2024 21:00:53 GMT
etag
W/"34fefa3441f4fd4eaf4d2c608bdf3b33397dba4c6d4c5d8e6a1a35037a4871c6"
expires
Sun, 14 Apr 2024 21:00:53 GMT
last-modified
Fri, 08 Mar 2024 13:04:58 GMT
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
gzip
content-length
202
content-security-policy
frame-ancestors 'self'
content-type
text/html; charset=UTF-8
date
Sun, 14 Apr 2024 21:00:52 GMT
expires
Sun, 14 Apr 2024 21:00:52 GMT
location
https://dertovafe1970.blogspot.com/
server
GSE
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
55013136-widget_css_bundle.css
www.blogger.com/static/v1/widgets/ 		30 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.blogger.com/static/v1/widgets/55013136-widget_css_bundle.css
Requested by
Host: dertovafe1970.blogspot.com
URL: https://dertovafe1970.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.201 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f9.1e100.net
Software
sffe /
Resource Hash
1a2eca9e492e3a21e02dd77ad44d7af45c4091d35ede79e948b7a3f23e5b3617
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://dertovafe1970.blogspot.com/
Accept-Language
it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 13 Apr 2024 07:50:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
133823
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6620
x-xss-protection
0
last-modified
Fri, 12 Apr 2024 08:02:41 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="blogger-tech"
expires
Sun, 13 Apr 2025 07:50:30 GMT
2322749050-widgets.js
www.blogger.com/static/v1/widgets/ 		141 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.blogger.com/static/v1/widgets/2322749050-widgets.js
Requested by
Host: dertovafe1970.blogspot.com
URL: https://dertovafe1970.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.201 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f9.1e100.net
Software
sffe /
Resource Hash
8d24bde20b363f28e460e4d80a3ac98536458559b241cbcacbe75cc27bb21d5c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://dertovafe1970.blogspot.com/
Accept-Language
it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 08 Apr 2024 01:55:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
587150
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51587
x-xss-protection
0
last-modified
Mon, 08 Apr 2024 00:50:33 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="blogger-tech"
expires
Tue, 08 Apr 2025 01:55:03 GMT
authorization.css
www.blogger.com/dyn-css/ 		1 B
684 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.blogger.com/dyn-css/authorization.css?targetBlogID=5527585534347123624&zx=aa2d8e28-1264-48c4-8b69-24460fecf195
Requested by
Host: dertovafe1970.blogspot.com
URL: https://dertovafe1970.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.201 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f9.1e100.net
Software
GSE /
Resource Hash
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
Security Headers
Name Value
Content-Security-Policy script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://dertovafe1970.blogspot.com/
Accept-Language
it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
content-security-policy
script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
date
Sun, 14 Apr 2024 21:00:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Sun, 14 Apr 2024 21:00:53 GMT
server
GSE
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-type
text/css; charset=UTF-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21
x-xss-protection
1; mode=block
expires
Mon, 01 Jan 1990 00:00:00 GMT
authorization.css
www.blogger.com/dyn-css/ 		1 B
111 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.blogger.com/dyn-css/authorization.css?targetBlogID=5527585534347123624&zx=aa2d8e28-1264-48c4-8b69-24460fecf195
Requested by
Host: dertovafe1970.blogspot.com
URL: https://dertovafe1970.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.201 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f9.1e100.net
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://dertovafe1970.blogspot.com/
Accept-Language
it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
content-security-policy
script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
date
Sun, 14 Apr 2024 21:00:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Sun, 14 Apr 2024 21:00:54 GMT
server
GSE
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-type
text/css; charset=UTF-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21
x-xss-protection
1; mode=block
expires
Mon, 01 Jan 1990 00:00:00 GMT
de.html
forkinz.com/
Redirect Chain
  • http://forkinz.com/de.html
  • https://forkinz.com/de.html
480 B
758 B 		Document
General
Check archive.org
Download Go to
Full URL
https://forkinz.com/de.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.82.12.31 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
Cowboy /
Resource Hash

Request headers

Accept-Language
it-IT,it;q=0.9;q=0.9
Referer
https://dertovafe1970.blogspot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile
cache-control
max-age=0, private, must-revalidate
content-length
480
content-type
text/html; charset=utf-8
date
Sun, 14 Apr 2024 21:00:54 GMT
server
Cowboy

Redirect headers

Location
https://forkinz.com/de.html
Non-Authoritative-Reason
HttpsUpgrades
favicon.ico
dertovafe1970.blogspot.com/ 		4 KB
540 B 		Other
General
Check archive.org
Download Go to
Full URL
https://dertovafe1970.blogspot.com/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f1.1e100.net
Software
GSE /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://dertovafe1970.blogspot.com/
Accept-Language
it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 14 Apr 2024 21:00:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 08 Mar 2024 13:04:58 GMT
server
GSE
etag
W/"34fefa3441f4fd4eaf4d2c608bdf3b33397dba4c6d4c5d8e6a1a35037a4871c6"
content-type
image/x-icon; charset=UTF-8
cache-control
private, max-age=86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
412
x-xss-protection
1; mode=block
expires
Sun, 14 Apr 2024 21:00:54 GMT
72092e88-2c53-401c-b988-51ef43ce1034
deird-vyh.com/zclkvisitor/15ac1870-faa2-11ee-8548-0affeb50fcaf/
Redirect Chain
  • https://forkinz.com/de.html?ch=1&js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTcxMzEzNTY1NCwiaWF0IjoxNzEzMTI4NDU0LCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIydjM0Mmc2ZGZoM2VqcHBr...
  • http://deird-vyh.com/zclkvisitor/15ac1870-faa2-11ee-8548-0affeb50fcaf/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=18544240-ecf2-11ee-bf4b-123af5e664ff
  • https://deird-vyh.com/zclkvisitor/15ac1870-faa2-11ee-8548-0affeb50fcaf/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=18544240-ecf2-11ee-bf4b-123af5e664ff
3 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://deird-vyh.com/zclkvisitor/15ac1870-faa2-11ee-8548-0affeb50fcaf/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=18544240-ecf2-11ee-bf4b-123af5e664ff
Requested by
Host: forkinz.com
URL: https://forkinz.com/de.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.84.226.251 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-84-226-251.compute-1.amazonaws.com
Software
/
Resource Hash
1796b0f1b24c1e9f8db83b0f1b08a13da011f1f3e4a37751c9bd7db25a68e920
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline'
X-Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline'

Request headers

Accept-Language
it-IT,it;q=0.9;q=0.9
Referer
https://forkinz.com/de.html
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"
sec-ch-ua-platform-version
"10.0.0"

Response headers

access-control-allow-headers
X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
*
cache-control
no-store, no-cache, pre-check=0, post-check=0
content-length
2732
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline'
content-type
text/html;charset=UTF-8
date
Sun, 14 Apr 2024 21:00:56 GMT
x-content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline'
x-webkit-csp
default-src 'self'; script-src 'self' 'unsafe-inline'

Redirect headers

Location
https://deird-vyh.com/zclkvisitor/15ac1870-faa2-11ee-8548-0affeb50fcaf/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=18544240-ecf2-11ee-bf4b-123af5e664ff
Non-Authoritative-Reason
HttpsUpgrades
zclkredirect
wulfw-ydi.com/ 		772 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://wulfw-ydi.com/zclkredirect?visitid=15ac1870-faa2-11ee-8548-0affeb50fcaf&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false&webdriverDetected=false&gpu=Intel%20Inc.%3B%20Intel%20Iris%20OpenGL%20Engine&timezone=UTC%2B02%3A00&timezoneName=Europe%2FRome
Requested by
Host: deird-vyh.com
URL: https://deird-vyh.com/zclkvisitor/15ac1870-faa2-11ee-8548-0affeb50fcaf/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=18544240-ecf2-11ee-bf4b-123af5e664ff
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.214.154.60 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-214-154-60.compute-1.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline'
X-Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline'

Request headers

Accept-Language
it-IT,it;q=0.9;q=0.9
Referer
https://deird-vyh.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-headers
X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
*
cache-control
no-store, no-cache, pre-check=0, post-check=0
content-length
772
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline'
content-type
text/html;charset=UTF-8
date
Sun, 14 Apr 2024 21:00:56 GMT
redirected
JS
x-content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline'
x-webkit-csp
default-src 'self'; script-src 'self' 'unsafe-inline'
Primary Request /
7ee276ee28.smapp.work/trkclk/ 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://7ee276ee28.smapp.work/trkclk/?pid=2701&cid=3299322&custom1=zr15ac1870faa211ee85480affeb50fcafde5bca6b76714d02a2d7c36cb0eaeddc08140545ed2ed4327d&custom3=unknown&custom2=forkinz%2Cforkinz.com%2Cforking&custom4=&custom5=DOMAIN&fw1=badious-buzzard&aff_sub_id=alpha-ohm-1jdje3zdqe&gaid=&idfa=
Requested by
Host: wulfw-ydi.com
URL: https://wulfw-ydi.com/zclkredirect?visitid=15ac1870-faa2-11ee-8548-0affeb50fcaf&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false&webdriverDetected=false&gpu=Intel%20Inc.%3B%20Intel%20Iris%20OpenGL%20Engine&timezone=UTC%2B02%3A00&timezoneName=Europe%2FRome
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.250.143 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
143.250.186.35.bc.googleusercontent.com
Software
TornadoServer/5.1.1 /
Resource Hash
bbc7ab39ecdf26a8615f48f8abe3aed2ffeb4b3e1afc39ad267311e8d31a9530

Request headers

Accept-Language
it-IT,it;q=0.9;q=0.9
Referer
https://wulfw-ydi.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
clickid
6a7b42bc-8dce-4caa-a029-3a86e959ded7:3cc2ce490f0d67302b88d0a42d5f1158e6cb0ddc
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sun, 14 Apr 2024 21:00:56 GMT
etag
W/"462fc935c137ed5fd1e916c21b725556e69894b8"
ot_code
no_budget
server
TornadoServer/5.1.1
via
1.1 google
x-service-version
2.0.1
instal_style_v2.css
7ee276ee28.smapp.work/static/app/css/ 		105 KB
28 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://7ee276ee28.smapp.work/static/app/css/instal_style_v2.css
Requested by
Host: 7ee276ee28.smapp.work
URL: https://7ee276ee28.smapp.work/trkclk/?pid=2701&cid=3299322&custom1=zr15ac1870faa211ee85480affeb50fcafde5bca6b76714d02a2d7c36cb0eaeddc08140545ed2ed4327d&custom3=unknown&custom2=forkinz%2Cforkinz.com%2Cforking&custom4=&custom5=DOMAIN&fw1=badious-buzzard&aff_sub_id=alpha-ohm-1jdje3zdqe&gaid=&idfa=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.250.143 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
143.250.186.35.bc.googleusercontent.com
Software
nginx/1.13.12 /
Resource Hash
ff87a78315db08d2f23644e1d301f7ff809306d4265a72bc04c670a4758e4e9f

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://7ee276ee28.smapp.work/trkclk/?pid=2701&cid=3299322&custom1=zr15ac1870faa211ee85480affeb50fcafde5bca6b76714d02a2d7c36cb0eaeddc08140545ed2ed4327d&custom3=unknown&custom2=forkinz%2Cforkinz.com%2Cforking&custom4=&custom5=DOMAIN&fw1=badious-buzzard&aff_sub_id=alpha-ohm-1jdje3zdqe&gaid=&idfa=
Accept-Language
it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 13 Apr 2024 22:21:53 GMT
content-encoding
gzip
via
1.1 google
x-goog-meta-goog-reserved-file-mtime
1618910907
age
81544
x-guploader-uploadid
ABPtcPo6bAdjFfpzHFKgIr1wnEQc7sPILAk8gYnjiLL8jCL3oqPkNAQmfrFQDBShEwmTiFztwuY
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28149
last-modified
Fri, 16 Jul 2021 10:04:09 GMT
server
nginx/1.13.12
etag
W/"11807082f3eac9badcc6bc44241d90e7"
vary
Origin
x-goog-generation
1626429849829226
content-language
en
content-type
text/css
x-goog-hash
crc32c=zuDJXw==, md5=EYBwgvPqybrcxrxEJB2Q5w==
cache-control
max-age=315360000,public
x-goog-stored-content-length
107808
expires
Thu, 31 Dec 2037 23:55:55 GMT
angular.min.js
ads.instal.com/static/app/js/ 		87 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.instal.com/static/app/js/angular.min.js
Requested by
Host: 7ee276ee28.smapp.work
URL: https://7ee276ee28.smapp.work/trkclk/?pid=2701&cid=3299322&custom1=zr15ac1870faa211ee85480affeb50fcafde5bca6b76714d02a2d7c36cb0eaeddc08140545ed2ed4327d&custom3=unknown&custom2=forkinz%2Cforkinz.com%2Cforking&custom4=&custom5=DOMAIN&fw1=badious-buzzard&aff_sub_id=alpha-ohm-1jdje3zdqe&gaid=&idfa=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.206.92 -, , ASN (),
Reverse DNS
Software
nginx/1.13.12 /
Resource Hash
13620cc565679ee11351aeec916d43cc30b583c93906a1cadf9f16bae217f83e

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://7ee276ee28.smapp.work/
Accept-Language
it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 13 Apr 2024 22:21:15 GMT
via
1.1 google
x-goog-meta-goog-reserved-file-mtime
1618910907
age
81582
x-guploader-uploadid
ABPtcPppwOaO6M2hJ-QgwYY6uygccw2GWGfv5F3663YpH_4BSrKQDyA3GeMG9RLAPxfhQRWjBA
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
88802
last-modified
Fri, 16 Jul 2021 10:04:10 GMT
server
nginx/1.13.12
etag
"df1c56732ca5e0cfe2a4725ec9517449"
vary
Origin
x-goog-generation
1626429850571126
content-language
en
content-type
application/javascript; charset=utf-8
x-goog-hash
crc32c=0SO4vA==, md5=3xxWcyyl4M/ipHJeyVF0SQ==
cache-control
max-age=315360000,public
x-goog-stored-content-length
88802
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
6b70f8d9d58ae8fa9c74bc77f684e2f7.bin
storage.googleapis.com/instal-dashboard/application/icon/3672/ 		74 KB
74 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://storage.googleapis.com/instal-dashboard/application/icon/3672/6b70f8d9d58ae8fa9c74bc77f684e2f7.bin
Requested by
Host: 7ee276ee28.smapp.work
URL: https://7ee276ee28.smapp.work/trkclk/?pid=2701&cid=3299322&custom1=zr15ac1870faa211ee85480affeb50fcafde5bca6b76714d02a2d7c36cb0eaeddc08140545ed2ed4327d&custom3=unknown&custom2=forkinz%2Cforkinz.com%2Cforking&custom4=&custom5=DOMAIN&fw1=badious-buzzard&aff_sub_id=alpha-ohm-1jdje3zdqe&gaid=&idfa=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.219 -, , ASN (),
Reverse DNS
Software
UploadServer /
Resource Hash
56371e24e5c731cb01f2c2859c09ed6a86812328f183a090d17163e437555a63

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://7ee276ee28.smapp.work/
Accept-Language
it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 14 Apr 2024 21:00:57 GMT
x-guploader-uploadid
ABPtcPoWBi23nL5nr2gNyiiOfGmmVBBlcMttWDWufyetmxuav8gYhXLbBKOMJ6sojtJ_-TDDXAWVZMzozg
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
75265
last-modified
Tue, 05 Mar 2024 15:42:59 GMT
server
UploadServer
etag
"6b70f8d9d58ae8fa9c74bc77f684e2f7"
vary
Origin
x-goog-generation
1709653379888278
content-type
application/octet-stream
x-goog-hash
crc32c=ZKVvYw==, md5=a3D42dWK6PqcdLx39oTi9w==
cache-control
public, max-age=3600
x-goog-stored-content-length
75265
accept-ranges
bytes
expires
Sun, 14 Apr 2024 22:00:57 GMT
main.js
storage.googleapis.com/performyze-conversion-farm/hank/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://storage.googleapis.com/performyze-conversion-farm/hank/main.js
Requested by
Host: 7ee276ee28.smapp.work
URL: https://7ee276ee28.smapp.work/trkclk/?pid=2701&cid=3299322&custom1=zr15ac1870faa211ee85480affeb50fcafde5bca6b76714d02a2d7c36cb0eaeddc08140545ed2ed4327d&custom3=unknown&custom2=forkinz%2Cforkinz.com%2Cforking&custom4=&custom5=DOMAIN&fw1=badious-buzzard&aff_sub_id=alpha-ohm-1jdje3zdqe&gaid=&idfa=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.219 -, , ASN (),
Reverse DNS
Software
UploadServer /
Resource Hash
29c778329e3f8015292955fc490e21c5de2e910f17e3d38faaca3193759f5935

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://7ee276ee28.smapp.work/
Accept-Language
it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 14 Apr 2024 20:51:41 GMT
age
556
x-guploader-uploadid
ABPtcPqiuy-4OYfnQxwMsIA2Sv0_8ba87B19QY8Ereomk-pqDkJyH4KpIeW28NkZW_NCWRZt9KqFys4qQQ
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2731
last-modified
Sat, 13 Apr 2024 14:56:38 GMT
server
UploadServer
etag
"b4fe2da83f0fd2ea375d38dd50b7d5ce"
x-goog-generation
1710271785009882
x-goog-hash
crc32c=grROfw==, md5=tP4tqD8P0uo3XTjdULfVzg==
content-type
application/javascript
cache-control
public, max-age=3600
x-goog-stored-content-length
2731
accept-ranges
bytes
expires
Sun, 14 Apr 2024 21:51:41 GMT
css
fonts.googleapis.com/ 		11 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,600
Requested by
Host: 7ee276ee28.smapp.work
URL: https://7ee276ee28.smapp.work/static/app/css/instal_style_v2.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.10 -, , ASN (),
Reverse DNS
Software
ESF /
Resource Hash
057c6db7176a4b988472143ad3797e478d31de02150c22e8b892d9887102a0c1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://7ee276ee28.smapp.work/
Accept-Language
it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Sun, 14 Apr 2024 21:00:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 14 Apr 2024 19:13:04 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 14 Apr 2024 21:00:57 GMT
css
fonts.googleapis.com/ 		3 KB
895 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Dosis:300,400,700
Requested by
Host: 7ee276ee28.smapp.work
URL: https://7ee276ee28.smapp.work/static/app/css/instal_style_v2.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.10 -, , ASN (),
Reverse DNS
Software
ESF /
Resource Hash
174bf2597fbd1f482bdd03395e9b448bf88dd3302b8370e4b106a895592eeb5d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://7ee276ee28.smapp.work/
Accept-Language
it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Sun, 14 Apr 2024 21:00:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 14 Apr 2024 21:00:57 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 14 Apr 2024 21:00:57 GMT
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
76638f6dc379defe3feacd9df10e6d883f0564bf642b4092c67101e15cafbcd1

Request headers

Accept-Language
it-IT,it;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
collect
farm.performyze.com/api/hank/browserinfo/ 		0
0
collect
farm.performyze.com/api/hank/browserinfo/ 		0
0
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
farm.performyze.com
URL
https://farm.performyze.com/api/hank/browserinfo/collect
Domain
farm.performyze.com
URL
https://farm.performyze.com/api/hank/browserinfo/collect
Domain
fonts.gstatic.com
URL
https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Domain/Path Name / Value
.forkinz.com/ Name: sid
Value: 158ee9ec-faa2-11ee-b55f-7155bb16c687
7ee276ee28.smapp.work/ Name: cx_ntsl_i
Value: 44effc72-8937-4d38-9a2f-112dd2d56cac

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block