sipassione-it.event-armanibeauty.com Open in urlscan Pro
2606:4700::6812:5a9  Public Scan

Submitted URL: http://echo7.bluehornet.com/ct/55595385:6nj1GIbNO:m:1:3026323711:F110FDFD6E5EEFE7E0E6EE6607140A33:r
Effective URL: https://sipassione-it.event-armanibeauty.com/?email=[EMAIL]&source=TIO
Submission: On June 02 via api from BE

Summary

This website contacted 13 IPs in 5 countries across 15 domains to perform 37 HTTP transactions. The main IP is 2606:4700::6812:5a9, located in United States and belongs to CLOUDFLARENET, US. The main domain is sipassione-it.event-armanibeauty.com.
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on March 6th 2020. Valid for: 7 months.
This is the only time sipassione-it.event-armanibeauty.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 54.69.69.210 16509 (AMAZON-02)
1 1 52.210.174.128 16509 (AMAZON-02)
1 1 89.185.38.84 8426 (CLARANET-...)
1 2 34.95.109.120 15169 (GOOGLE)
1 13.224.95.110 16509 (AMAZON-02)
15 2606:4700::68... 13335 (CLOUDFLAR...)
1 188.165.150.177 16276 (OVH)
1 2a00:1450:400... 15169 (GOOGLE)
3 2606:2800:233... 15133 (EDGECAST)
2 209.197.3.24 20446 (HIGHWINDS3)
1 51.158.22.151 12876 (Online SAS)
1 2 2a00:1450:400... 15169 (GOOGLE)
7 13.224.89.185 16509 (AMAZON-02)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 195.154.94.172 12876 (Online SAS)
37 13
Domain Requested by
15 sipassione-it.event-armanibeauty.com clk.tradedoubler.com
sipassione-it.event-armanibeauty.com
7 d1h8fl8on3a554.cloudfront.net sipassione-it.event-armanibeauty.com
3 cdn.cookielaw.org sipassione-it.event-armanibeauty.com
cdn.cookielaw.org
2 sk.ht events.sk.ht
sipassione-it.event-armanibeauty.com
2 www.google-analytics.com 1 redirects www.googletagmanager.com
2 code.jquery.com sipassione-it.event-armanibeauty.com
cdn.cookielaw.org
2 clk.tradedoubler.com 1 redirects
1 tag.avent-media.fr sipassione-it.event-armanibeauty.com
1 www.google.de sipassione-it.event-armanibeauty.com
1 www.google.com 1 redirects
1 stats.g.doubleclick.net 1 redirects
1 events.sk.ht sipassione-it.event-armanibeauty.com
1 www.googletagmanager.com sipassione-it.event-armanibeauty.com
1 analytics.tradedoubler.com vht.tradedoubler.com
1 vht.tradedoubler.com clk.tradedoubler.com
1 tracking.publicidees.com 1 redirects
1 loudingads.go2cloud.org 1 redirects
1 echo7.bluehornet.com 1 redirects
37 18

This site contains links to these domains. Also see Links.

Domain
www.armanibeauty.it
onetrust.com
www.avent-media.fr
avent-media.fr
Subject Issuer Validity Valid
*.tradedoubler.com
GlobalSign Domain Validation CA - SHA256 - G2
2018-12-10 -
2021-01-27
2 years crt.sh
sni.cloudflaressl.com
CloudFlare Inc ECC CA-2
2020-03-06 -
2020-10-09
7 months crt.sh
analytics.tradedoubler.com
COMODO RSA Domain Validation Secure Server CA
2018-02-02 -
2021-02-01
3 years crt.sh
*.google-analytics.com
GTS CA 1O1
2020-05-20 -
2020-08-12
3 months crt.sh
sni9451gl.wpc.edgecastcdn.net
DigiCert SHA2 Secure Server CA
2020-05-07 -
2021-05-12
a year crt.sh
jquery.org
COMODO RSA Domain Validation Secure Server CA
2018-10-17 -
2020-10-16
2 years crt.sh
events.sk.ht
Let's Encrypt Authority X3
2020-05-10 -
2020-08-08
3 months crt.sh
*.cloudfront.net
DigiCert Global CA G2
2019-07-17 -
2020-07-05
a year crt.sh
www.google.de
GTS CA 1O1
2020-05-05 -
2020-07-28
3 months crt.sh
sk.ht
Let's Encrypt Authority X3
2020-03-25 -
2020-06-23
3 months crt.sh
tag.avent-media.fr
Let's Encrypt Authority X3
2020-03-25 -
2020-06-23
3 months crt.sh

This page contains 1 frames:

Primary Page: https://sipassione-it.event-armanibeauty.com/?email=[EMAIL]&source=TIO
Frame ID: 1603563E969F03B3AFA1C2362CB095A2
Requests: 39 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. http://echo7.bluehornet.com/ct/55595385:6nj1GIbNO:m:1:3026323711:F110FDFD6E5EEFE7E0E6EE6607140A33:r HTTP 302
    https://loudingads.go2cloud.org/aff_c?offer_id=1762&aff_id=1&file_id=3012&aff_sub=redeglisconti HTTP 302
    https://tracking.publicidees.com/clic.php?promoid=218536&progid=7509&partid=57795&url=https%3A%2F%2Fclk.trade... HTTP 302
    https://clk.tradedoubler.com/click?p=304566&a=2778258&g=24736120&epi2=[EMAIL]&epi=TIO Page URL
  2. https://clk.tradedoubler.com/click?p=304566&a=2778258&g=24736120&epi2=[EMAIL]&epi=TIO HTTP 302
    https://sipassione-it.event-armanibeauty.com/?email=[EMAIL]&source=TIO Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Overall confidence: 100%
Detected patterns
  • headers via /^1\.1 google$/i

Overall confidence: 100%
Detected patterns
  • script /jquery[.-]([\d.]*\d)[^/]*\.js/i
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

37
Requests

100 %
HTTPS

41 %
IPv6

15
Domains

18
Subdomains

13
IPs

5
Countries

28218 kB
Transfer

32002 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://echo7.bluehornet.com/ct/55595385:6nj1GIbNO:m:1:3026323711:F110FDFD6E5EEFE7E0E6EE6607140A33:r HTTP 302
    https://loudingads.go2cloud.org/aff_c?offer_id=1762&aff_id=1&file_id=3012&aff_sub=redeglisconti HTTP 302
    https://tracking.publicidees.com/clic.php?promoid=218536&progid=7509&partid=57795&url=https%3A%2F%2Fclk.tradedoubler.com%2Fclick%3Fp%3D304566%26a%3D2778258%26g%3D24736120%26epi2%3D%5BEMAIL%5D%26epi%3DTIO HTTP 302
    https://clk.tradedoubler.com/click?p=304566&a=2778258&g=24736120&epi2=[EMAIL]&epi=TIO Page URL
  2. https://clk.tradedoubler.com/click?p=304566&a=2778258&g=24736120&epi2=[EMAIL]&epi=TIO HTTP 302
    https://sipassione-it.event-armanibeauty.com/?email=[EMAIL]&source=TIO Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://echo7.bluehornet.com/ct/55595385:6nj1GIbNO:m:1:3026323711:F110FDFD6E5EEFE7E0E6EE6607140A33:r HTTP 302
  • https://loudingads.go2cloud.org/aff_c?offer_id=1762&aff_id=1&file_id=3012&aff_sub=redeglisconti HTTP 302
  • https://tracking.publicidees.com/clic.php?promoid=218536&progid=7509&partid=57795&url=https%3A%2F%2Fclk.tradedoubler.com%2Fclick%3Fp%3D304566%26a%3D2778258%26g%3D24736120%26epi2%3D%5BEMAIL%5D%26epi%3DTIO HTTP 302
  • https://clk.tradedoubler.com/click?p=304566&a=2778258&g=24736120&epi2=[EMAIL]&epi=TIO
Request Chain 28
  • https://www.google-analytics.com/r/collect?v=1&_v=j82&a=871373946&t=pageview&_s=1&dl=https%3A%2F%2Fsipassione-it.event-armanibeauty.com%2F%3Femail%3D%5BEMAIL%5D%26source%3DTIO&dr=https%3A%2F%2Fclk.tradedoubler.com%2F&ul=en-us&de=UTF-8&dt=ARMANI%20BEAUTY&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUAB~&jid=810011745&gjid=1837091549&cid=930917571.1591141675&tid=UA-11299701-7&_gid=965062348.1591141675&_r=1&gtm=2ou5k1&z=1664082295 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-11299701-7&cid=930917571.1591141675&jid=810011745&_gid=965062348.1591141675&gjid=1837091549&_v=j82&z=1664082295 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-11299701-7&cid=930917571.1591141675&jid=810011745&_v=j82&z=1664082295 HTTP 302
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-11299701-7&cid=930917571.1591141675&jid=810011745&_v=j82&z=1664082295&slf_rd=1&random=219932063

37 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
click
clk.tradedoubler.com/
Redirect Chain
  • http://echo7.bluehornet.com/ct/55595385:6nj1GIbNO:m:1:3026323711:F110FDFD6E5EEFE7E0E6EE6607140A33:r
  • https://loudingads.go2cloud.org/aff_c?offer_id=1762&aff_id=1&file_id=3012&aff_sub=redeglisconti
  • https://tracking.publicidees.com/clic.php?promoid=218536&progid=7509&partid=57795&url=https%3A%2F%2Fclk.tradedoubler.com%2Fclick%3Fp%3D304566%26a%3D2778258%26g%3D24736120%26epi2%3D%5BEMAIL%5D%26epi...
  • https://clk.tradedoubler.com/click?p=304566&a=2778258&g=24736120&epi2=[EMAIL]&epi=TIO
879 B
1 KB
Document
General
Full URL
https://clk.tradedoubler.com/click?p=304566&a=2778258&g=24736120&epi2=[EMAIL]&epi=TIO
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.109.120 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
120.109.95.34.bc.googleusercontent.com
Software
TXServerHttp /
Resource Hash
91aa3b8f1288822eb7c7a73c711886aa0bd4a1d7ab1b44a8440d43019ab56c82

Request headers

:method
GET
:authority
clk.tradedoubler.com
:scheme
https
:path
/click?p=304566&a=2778258&g=24736120&epi2=[EMAIL]&epi=TIO
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
content-type
text/html; charset=ISO-8859-1
server
TXServerHttp
access-control-allow-origin
*
cache-control
private, max-age=0
pragma
no-cache
p3p
policyref="http://tracker.tradedoubler.com/w3c/p3p.xml",CP="NOI DSP COR NID CUR OUR NOR"
referrer-policy
origin
date
Tue, 02 Jun 2020 23:47:53 GMT
content-length
879
via
1.1 google
alt-svc
clear

Redirect headers

Server
nginx/1.14.0
Date
Tue, 02 Jun 2020 23:47:53 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Pragma
no-cache
Expires
0
Last-Modified
Tue, 02 Jun 2020 23:47:53 GMT
Cache-Control
no-cache, must-revalidate
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie
IC=eJwzNzWwrE6xMjS1NDQ0MTQzN64pAXGMzY2NQZwCK1Nzc0vTmoIiKyNDC1Njs5rkJKtaAGqmDi4; expires=Wed, 02-Jun-2021 23:47:53 GMT; Max-Age=31536000; path=/; SameSite=None; secure WUC=eJxFzDEOwCAIAMAnVQqI8BsVm3QzTTf1741Tx1tOOOhwA1YAgig43w0UxI1uLKI8%7C2MnJMY4a7F1j2DqV66ooBSqVufUOINTcUmiQO34y_UBZMEbMg; expires=Wed, 02-Jun-2021 23:47:53 GMT; Max-Age=31536000; path=/; SameSite=None; secure SC=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0
Location
https://clk.tradedoubler.com/click?p=304566&a=2778258&g=24736120&epi2=[EMAIL]&epi=TIO
prefs.js
vht.tradedoubler.com/fp/
9 KB
4 KB
Script
General
Full URL
https://vht.tradedoubler.com/fp/prefs.js
Requested by
Host: clk.tradedoubler.com
URL: https://clk.tradedoubler.com/click?p=304566&a=2778258&g=24736120&epi2=[EMAIL]&epi=TIO
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.224.95.110 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-95-110.zrh50.r.cloudfront.net
Software
Apache /
Resource Hash
17ee72d8421cc64e48d5e885c090851028f91129555be935403a51c55eff2e9d

Request headers

Referer
https://clk.tradedoubler.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 30 May 2020 14:53:23 GMT
Content-Encoding
gzip
Connection
keep-alive
Last-Modified
Mon, 15 Oct 2018 09:28:46 GMT
Server
Apache
Age
291270
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Via
1.1 376bac901e689131d2a41914df1245d9.cloudfront.net (CloudFront)
Cache-Control
max-age=604800, public
Transfer-Encoding
chunked
X-Amz-Cf-Pop
ZRH50-C1
X-Amz-Cf-Id
3o_SyP6arcMlHqN6DKlfwGVIGzTU3UaKVkQdQ-HY0fW7fPJxMt2a2g==
Expires
Sat, 06 Jun 2020 14:53:23 GMT
Primary Request /
sipassione-it.event-armanibeauty.com/
Redirect Chain
  • https://clk.tradedoubler.com/click?p=304566&a=2778258&g=24736120&epi2=[EMAIL]&epi=TIO
  • https://sipassione-it.event-armanibeauty.com/?email=[EMAIL]&source=TIO
13 KB
4 KB
Document
General
Full URL
https://sipassione-it.event-armanibeauty.com/?email=[EMAIL]&source=TIO
Requested by
Host: clk.tradedoubler.com
URL: https://clk.tradedoubler.com/click?p=304566&a=2778258&g=24736120&epi2=[EMAIL]&epi=TIO
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:5a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3e8186ac14062fe6c94b5acd57bae817dfcce0d4788099d6d5354e026ee9a468
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
sipassione-it.event-armanibeauty.com
:scheme
https
:path
/?email=[EMAIL]&source=TIO
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
https://clk.tradedoubler.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
Origin
https://clk.tradedoubler.com
Content-Type
application/x-www-form-urlencoded
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://clk.tradedoubler.com/

Response headers

status
200
date
Tue, 02 Jun 2020 23:47:54 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=d46be50ebe308b10cb12ab585a6bf17281591141674; expires=Thu, 02-Jul-20 23:47:54 GMT; path=/; domain=.event-armanibeauty.com; HttpOnly; SameSite=Lax; Secure ci_session=803kmekdlqelekofdphom36j9otgmhgi; expires=Wed, 03-Jun-2020 01:47:54 GMT; Max-Age=7200; path=/; secure; HttpOnly
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma
no-cache
vary
Accept-Encoding
x-xss-protection
1; mode=block
referrer-policy
same-origin
cf-cache-status
DYNAMIC
cf-request-id
03190844c7000064552dad3200000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
59d50fe7aae86455-FRA
content-encoding
br

Redirect headers

status
302
location
https://sipassione-it.event-armanibeauty.com/?email=[EMAIL]&source=TIO
set-cookie
EH_0=1z11z1ziPz1vaVqLz1Oa6yYGDGcLgyCZDJ0hTZTMak68.FLBVPd_%7apcIvg_.x44louZZcbuW6MnvWTL%7aC.x%79oNm5mxtvQO%79nhPlcVT7%7aWIV;expires=Wed, 02-Jun-2021 23:47:54 GMT;path=/;domain=.tradedoubler.com;SameSite=None; Secure GUID=1z11zziPz2C3QFiz48ad486af2e911b1787ae31debe252bf;expires=Wed, 02-Jun-2021 23:47:54 GMT;path=/;domain=.tradedoubler.com;SameSite=None; Secure TradeDoublerGUID=48ad486af2e911b1787ae31debe252bf;expires=Wed, 02-Jun-2021 23:47:54 GMT;path=/;domain=.tradedoubler.com;SameSite=None; Secure
server
TXServerHttp
access-control-allow-origin
*
cache-control
private, max-age=0
pragma
no-cache
p3p
policyref="http://tracker.tradedoubler.com/w3c/p3p.xml",CP="NOI DSP COR NID CUR OUR NOR"
referrer-policy
origin
date
Tue, 02 Jun 2020 23:47:53 GMT
content-length
275
content-type
text/html; charset=ISO-8859-1
via
1.1 google
alt-svc
clear
/
analytics.tradedoubler.com/
0
241 B
Other
General
Full URL
https://analytics.tradedoubler.com/
Requested by
Host: vht.tradedoubler.com
URL: https://vht.tradedoubler.com/fp/prefs.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
188.165.150.177 , France, ASN16276 (OVH, FR),
Reverse DNS
lb01.net.royalcactus.com
Software
nginx /
Resource Hash

Request headers

Referer
https://clk.tradedoubler.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Tue, 02 Jun 2020 23:47:54 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
Server
nginx
Connection
keep-alive
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
screen.css
sipassione-it.event-armanibeauty.com/assets/css/prod/
32 KB
5 KB
Stylesheet
General
Full URL
https://sipassione-it.event-armanibeauty.com/assets/css/prod/screen.css
Requested by
Host: sipassione-it.event-armanibeauty.com
URL: https://sipassione-it.event-armanibeauty.com/?email=[EMAIL]&source=TIO
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:5a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
39e49b23a56aa8eaeec9b96b4dfb6a8ad72a9b1d1d0eb6f905e4fa98d40ff896
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://sipassione-it.event-armanibeauty.com/?email=[EMAIL]&source=TIO
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Jun 2020 23:47:54 GMT
content-encoding
br
referrer-policy
same-origin
cf-cache-status
DYNAMIC
last-modified
Mon, 25 May 2020 16:11:00 GMT
server
cloudflare
etag
W/"80d6-5a67b3990c42d-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
status
200
x-xss-protection
1; mode=block
cache-control
max-age=28800, public
cf-ray
59d50fe90b3b6455-FRA
cf-request-id
03190845a1000064552dad9200000001
js
www.googletagmanager.com/gtag/
83 KB
33 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-11299701-7
Requested by
Host: sipassione-it.event-armanibeauty.com
URL: https://sipassione-it.event-armanibeauty.com/?email=[EMAIL]&source=TIO
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
bcc4131cf51048e74f5a908ed0d9bf6c115dd17335d1730f621b24244d666fec
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Jun 2020 23:47:54 GMT
content-encoding
br
vary
Accept-Encoding
status
200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33195
x-xss-protection
0
last-modified
Tue, 02 Jun 2020 21:37:36 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 02 Jun 2020 23:47:54 GMT
parfumleft.png
sipassione-it.event-armanibeauty.com/assets/img/landing/
54 KB
54 KB
Image
General
Full URL
https://sipassione-it.event-armanibeauty.com/assets/img/landing/parfumleft.png
Requested by
Host: sipassione-it.event-armanibeauty.com
URL: https://sipassione-it.event-armanibeauty.com/?email=[EMAIL]&source=TIO
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:5a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
99a1e44df5cf3af313a2989cd5625556a2ba6380a68dcf0467b1ce5cedfee9fa
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://sipassione-it.event-armanibeauty.com/?email=[EMAIL]&source=TIO
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Jun 2020 23:47:54 GMT
referrer-policy
same-origin
cf-cache-status
DYNAMIC
last-modified
Mon, 25 May 2020 16:11:00 GMT
server
cloudflare
etag
"d7c6-5a67b3990c42d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/png
status
200
x-xss-protection
1; mode=block
cache-control
max-age=28800, public
accept-ranges
bytes
cf-ray
59d50fe94b516455-FRA
content-length
55238
cf-request-id
03190845d1000064552dae3200000001
logo-avent.png
sipassione-it.event-armanibeauty.com/assets/img/realisation/
8 KB
8 KB
Image
General
Full URL
https://sipassione-it.event-armanibeauty.com/assets/img/realisation/logo-avent.png
Requested by
Host: sipassione-it.event-armanibeauty.com
URL: https://sipassione-it.event-armanibeauty.com/?email=[EMAIL]&source=TIO
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:5a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6f5ef9857a74d5127fb777f0f68890c6af8eb05e7e3fa8f2cce25aaf8ef85671
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://sipassione-it.event-armanibeauty.com/?email=[EMAIL]&source=TIO
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Jun 2020 23:47:54 GMT
referrer-policy
same-origin
cf-cache-status
DYNAMIC
last-modified
Mon, 25 May 2020 16:11:00 GMT
server
cloudflare
etag
"2103-5a67b3990c42d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/png
status
200
x-xss-protection
1; mode=block
cache-control
max-age=28800, public
accept-ranges
bytes
cf-ray
59d50fe94b526455-FRA
content-length
8451
cf-request-id
03190845d1000064552dae4200000001
email-decode.min.js
sipassione-it.event-armanibeauty.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/
1 KB
859 B
Script
General
Full URL
https://sipassione-it.event-armanibeauty.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: sipassione-it.event-armanibeauty.com
URL: https://sipassione-it.event-armanibeauty.com/?email=[EMAIL]&source=TIO
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:5a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://sipassione-it.event-armanibeauty.com/?email=[EMAIL]&source=TIO
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Jun 2020 23:47:54 GMT
content-encoding
gzip
vary
Accept-Encoding
last-modified
Tue, 26 May 2020 17:48:24 GMT
server
cloudflare
etag
W/"5ecd5668-4d7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
content-type
application/javascript
status
200
cache-control
max-age=172800, public
cf-ray
59d50fe93b456455-FRA
cf-request-id
03190845bf000064552dada200000001
expires
Thu, 04 Jun 2020 23:47:54 GMT
a2eb3b52-52a9-439f-928c-d4beecbb3017.js
cdn.cookielaw.org/langswitch/
2 KB
1 KB
Script
General
Full URL
https://cdn.cookielaw.org/langswitch/a2eb3b52-52a9-439f-928c-d4beecbb3017.js
Requested by
Host: sipassione-it.event-armanibeauty.com
URL: https://sipassione-it.event-armanibeauty.com/?email=[EMAIL]&source=TIO
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8F2A) /
Resource Hash
68ee26ae38d861951d00f9b7c53a322137921ca5ab828d78fa31065c98554452

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 02 Jun 2020 23:47:54 GMT
content-encoding
gzip
content-md5
TFDCcuW/gXkPjbvFMVddPw==
age
18
x-cache
HIT
status
200
content-length
701
x-ms-lease-status
unlocked
last-modified
Tue, 18 Feb 2020 12:47:10 GMT
server
ECAcc (frc/8F2A)
etag
0x8D7B470AB6DE645
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
38c6840a-b01e-0000-6638-39d8e6000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
expires
Wed, 03 Jun 2020 03:47:54 GMT
jquery-3.4.1.min.js
code.jquery.com/
86 KB
30 KB
Script
General
Full URL
https://code.jquery.com/jquery-3.4.1.min.js
Requested by
Host: sipassione-it.event-armanibeauty.com
URL: https://sipassione-it.event-armanibeauty.com/?email=[EMAIL]&source=TIO
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.197.3.24 Phoenix, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
vip0x018.map2.ssl.hwcdn.net
Software
nginx /
Resource Hash
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
Origin
https://sipassione-it.event-armanibeauty.com

Response headers

Date
Tue, 02 Jun 2020 23:47:55 GMT
Content-Encoding
gzip
Last-Modified
Wed, 01 May 2019 21:14:27 GMT
Server
nginx
ETag
W/"5cca0c33-15851"
Vary
Accept-Encoding
X-HW
1591141674.dop032.pa1.t,1591141675.cds006.pa1.shn,1591141675.cds006.pa1.c
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=315360000, public
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
30638
slick.min.js
sipassione-it.event-armanibeauty.com/assets/js/libs/
36 KB
9 KB
Script
General
Full URL
https://sipassione-it.event-armanibeauty.com/assets/js/libs/slick.min.js
Requested by
Host: sipassione-it.event-armanibeauty.com
URL: https://sipassione-it.event-armanibeauty.com/?email=[EMAIL]&source=TIO
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:5a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f295ebe06fc74dd639fc1d926abdea188a4c960b17266e73da205d034ac37f0e
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://sipassione-it.event-armanibeauty.com/?email=[EMAIL]&source=TIO
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Jun 2020 23:47:54 GMT
content-encoding
br
referrer-policy
same-origin
cf-cache-status
DYNAMIC
last-modified
Mon, 25 May 2020 16:11:00 GMT
server
cloudflare
etag
W/"8f1d-5a67b3990f842-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
x-xss-protection
1; mode=block
cache-control
max-age=28800, public
cf-ray
59d50fe94b4a6455-FRA
cf-request-id
03190845d0000064552dadc200000001
jquery.validate.min.js
sipassione-it.event-armanibeauty.com/assets/js/libs/
21 KB
7 KB
Script
General
Full URL
https://sipassione-it.event-armanibeauty.com/assets/js/libs/jquery.validate.min.js
Requested by
Host: sipassione-it.event-armanibeauty.com
URL: https://sipassione-it.event-armanibeauty.com/?email=[EMAIL]&source=TIO
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:5a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
38d44a986cf44c041c3b451fad85b10e217793e28556e1f2577fa997750ff38b
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://sipassione-it.event-armanibeauty.com/?email=[EMAIL]&source=TIO
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Jun 2020 23:47:54 GMT
content-encoding
br
referrer-policy
same-origin
cf-cache-status
DYNAMIC
last-modified
Mon, 25 May 2020 16:11:00 GMT
server
cloudflare
etag
W/"543a-5a67b3990eb3d-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
x-xss-protection
1; mode=block
cache-control
max-age=28800, public
cf-ray
59d50fe94b4b6455-FRA
cf-request-id
03190845d0000064552dadd200000001
additional-methods.js
sipassione-it.event-armanibeauty.com/assets/js/libs/
35 KB
9 KB
Script
General
Full URL
https://sipassione-it.event-armanibeauty.com/assets/js/libs/additional-methods.js
Requested by
Host: sipassione-it.event-armanibeauty.com
URL: https://sipassione-it.event-armanibeauty.com/?email=[EMAIL]&source=TIO
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:5a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c9f436ae79092323b81bfb1cd4c4646e24ad8e6254634c68a3b8c447c6dc1383
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://sipassione-it.event-armanibeauty.com/?email=[EMAIL]&source=TIO
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Jun 2020 23:47:54 GMT
content-encoding
br
referrer-policy
same-origin
cf-cache-status
DYNAMIC
last-modified
Mon, 25 May 2020 16:11:00 GMT
server
cloudflare
etag
W/"8a3b-5a67b3990eb3d-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
x-xss-protection
1; mode=block
cache-control
max-age=28800, public
cf-ray
59d50fe94b4c6455-FRA
cf-request-id
03190845d0000064552dade200000001
remodal.min.js
sipassione-it.event-armanibeauty.com/assets/js/libs/
7 KB
2 KB
Script
General
Full URL
https://sipassione-it.event-armanibeauty.com/assets/js/libs/remodal.min.js
Requested by
Host: sipassione-it.event-armanibeauty.com
URL: https://sipassione-it.event-armanibeauty.com/?email=[EMAIL]&source=TIO
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:5a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4a07722a6f12b33c61fecdb7c412c258d8ca99cef79045b4b07932d3c8dde4c3
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://sipassione-it.event-armanibeauty.com/?email=[EMAIL]&source=TIO
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Jun 2020 23:47:54 GMT
content-encoding
br
referrer-policy
same-origin
cf-cache-status
DYNAMIC
last-modified
Mon, 25 May 2020 16:11:00 GMT
server
cloudflare
etag
W/"1de5-5a67b3990f842-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
x-xss-protection
1; mode=block
cache-control
max-age=28800, public
cf-ray
59d50fe94b4d6455-FRA
cf-request-id
03190845d0000064552dadf200000001
response.min.js
sipassione-it.event-armanibeauty.com/assets/js/libs/
9 KB
4 KB
Script
General
Full URL
https://sipassione-it.event-armanibeauty.com/assets/js/libs/response.min.js
Requested by
Host: sipassione-it.event-armanibeauty.com
URL: https://sipassione-it.event-armanibeauty.com/?email=[EMAIL]&source=TIO
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:5a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9ce429741964cbd15a2adabc55b221240d2131aae1fa4b8ea4d6356107359b96
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://sipassione-it.event-armanibeauty.com/?email=[EMAIL]&source=TIO
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Jun 2020 23:47:54 GMT
content-encoding
br
referrer-policy
same-origin
cf-cache-status
DYNAMIC
last-modified
Mon, 25 May 2020 16:11:00 GMT
server
cloudflare
etag
W/"2211-5a67b3990f842-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
x-xss-protection
1; mode=block
cache-control
max-age=28800, public
cf-ray
59d50fe94b4e6455-FRA
cf-request-id
03190845d1000064552dae0200000001
main.js
sipassione-it.event-armanibeauty.com/assets/js/
4 KB
1 KB
Script
General
Full URL
https://sipassione-it.event-armanibeauty.com/assets/js/main.js
Requested by
Host: sipassione-it.event-armanibeauty.com
URL: https://sipassione-it.event-armanibeauty.com/?email=[EMAIL]&source=TIO
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:5a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
79ee9a935494501548e0317d5db89f7bba9f20fe903aba8b7a4ed67d339d262c
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://sipassione-it.event-armanibeauty.com/?email=[EMAIL]&source=TIO
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Jun 2020 23:47:54 GMT
content-encoding
br
referrer-policy
same-origin
cf-cache-status
DYNAMIC
last-modified
Mon, 25 May 2020 16:11:00 GMT
server
cloudflare
etag
W/"fff-5a67b3990f842-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
x-xss-protection
1; mode=block
cache-control
max-age=28800, public
cf-ray
59d50fe94b4f6455-FRA
cf-request-id
03190845d1000064552dae1200000001
index.js
sipassione-it.event-armanibeauty.com/assets/js/
6 KB
2 KB
Script
General
Full URL
https://sipassione-it.event-armanibeauty.com/assets/js/index.js
Requested by
Host: sipassione-it.event-armanibeauty.com
URL: https://sipassione-it.event-armanibeauty.com/?email=[EMAIL]&source=TIO
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:5a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ad449665502fc1501f7c118a76c94b91f2fe2dcfc07ba54cd2565e67ad9bc943
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://sipassione-it.event-armanibeauty.com/?email=[EMAIL]&source=TIO
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Jun 2020 23:47:54 GMT
content-encoding
br
referrer-policy
same-origin
cf-cache-status
DYNAMIC
last-modified
Mon, 25 May 2020 16:11:00 GMT
server
cloudflare
etag
W/"1982-5a67b3990eb3d-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
x-xss-protection
1; mode=block
cache-control
max-age=28800, public
cf-ray
59d50fe94b506455-FRA
cf-request-id
03190845d1000064552dae2200000001
lib.js
events.sk.ht/avent/
21 KB
21 KB
Script
General
Full URL
https://events.sk.ht/avent/lib.js
Requested by
Host: sipassione-it.event-armanibeauty.com
URL: https://sipassione-it.event-armanibeauty.com/?email=[EMAIL]&source=TIO
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.158.22.151 Paris, France, ASN12876 (Online SAS, FR),
Reverse DNS
cdn.sk.ht
Software
nginx/1.14.2 /
Resource Hash
66b91349f8cbad640e32aa8c1ab3660f80b069d0c3232fb4715a72a6e434d965

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 02 Jun 2020 23:47:54 GMT
Last-Modified
Wed, 26 Feb 2020 10:18:19 GMT
Server
nginx/1.14.2
ETag
"5e5645eb-533f"
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
21311
analytics.js
www.google-analytics.com/
45 KB
18 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-11299701-7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
2f1fd973e6c48489ae07c467e3278635b856c698d1f502e06af3ab555937deac
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 30 Apr 2020 21:54:13 GMT
server
Golfe2
age
3095
date
Tue, 02 Jun 2020 22:56:19 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18433
expires
Wed, 03 Jun 2020 00:56:19 GMT
bg@2x.jpg
sipassione-it.event-armanibeauty.com/assets/img/landing/
31 KB
32 KB
Image
General
Full URL
https://sipassione-it.event-armanibeauty.com/assets/img/landing/bg@2x.jpg
Requested by
Host: sipassione-it.event-armanibeauty.com
URL: https://sipassione-it.event-armanibeauty.com/?email=[EMAIL]&source=TIO
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:5a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4da17daae3e5819d5def5836300a058f600d3d56827d574f20713609caec9108
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://sipassione-it.event-armanibeauty.com/assets/css/prod/screen.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Jun 2020 23:47:54 GMT
referrer-policy
same-origin
cf-cache-status
DYNAMIC
last-modified
Mon, 25 May 2020 16:11:00 GMT
server
cloudflare
etag
"7d86-5a67b3990c42d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/jpeg
status
200
x-xss-protection
1; mode=block
cache-control
max-age=28800, public
accept-ranges
bytes
cf-ray
59d50fe94b546455-FRA
content-length
32134
cf-request-id
03190845d1000064552dae5200000001
truncated
/
2 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9d02d662da8a47fb5fb610b545007507b6017028043dbb63cd09ec897d3b9627

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
truncated
/
715 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
Montserrat-Regular.woff2
d1h8fl8on3a554.cloudfront.net/fonts/Montserrat/
15 KB
16 KB
Font
General
Full URL
https://d1h8fl8on3a554.cloudfront.net/fonts/Montserrat/Montserrat-Regular.woff2
Requested by
Host: sipassione-it.event-armanibeauty.com
URL: https://sipassione-it.event-armanibeauty.com/?email=[EMAIL]&source=TIO
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.224.89.185 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-89-185.zrh50.r.cloudfront.net
Software
Apache /
Resource Hash
a8b8c72db243f51d566818bb0a232d3da9d6a99c73416fd42332fc0a18be7e60

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
Origin
https://sipassione-it.event-armanibeauty.com

Response headers

Date
Tue, 02 Jun 2020 22:13:21 GMT
Via
1.1 f0f5607a03d2ae4c43b553dc2cef0c9e.cloudfront.net (CloudFront)
Age
5992
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
15488
With-Dyn
(null)
Last-Modified
Mon, 06 Apr 2020 18:31:29 GMT
Server
Apache
Vary
Accept-Encoding
Content-Type
font/woff2
Access-Control-Allow-Origin
*
Cache-Control
max-age=7200, public
X-Amz-Cf-Pop
ZRH50-C1
Accept-Ranges
bytes
X-Amz-Cf-Id
3UF5F2lQNOXrS3aRZQohU9Pmh9IqoNz9k6-J5ZOnOOBd32c9zNjplg==
BaronDidot-Text.woff2
d1h8fl8on3a554.cloudfront.net/fonts/BaronDidot/
19 KB
20 KB
Font
General
Full URL
https://d1h8fl8on3a554.cloudfront.net/fonts/BaronDidot/BaronDidot-Text.woff2
Requested by
Host: sipassione-it.event-armanibeauty.com
URL: https://sipassione-it.event-armanibeauty.com/?email=[EMAIL]&source=TIO
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.224.89.185 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-89-185.zrh50.r.cloudfront.net
Software
Apache /
Resource Hash
f6a7b542481d03dcbd392a77d878f05330c75ff58c478ea2a6a64807bab70b5d

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
Origin
https://sipassione-it.event-armanibeauty.com

Response headers

Date
Tue, 02 Jun 2020 23:07:44 GMT
Via
1.1 e8a7e21f51478f02a6e51b69e3450928.cloudfront.net (CloudFront)
Age
2410
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
19744
With-Dyn
(null)
Last-Modified
Tue, 07 Apr 2020 00:01:48 GMT
Server
Apache
Vary
Accept-Encoding
Content-Type
font/woff2
Access-Control-Allow-Origin
*
Cache-Control
max-age=7200, public
X-Amz-Cf-Pop
ZRH50-C1
Accept-Ranges
bytes
X-Amz-Cf-Id
iiWIuX9og576e9zBbh-NDEhOsz4ArlrE9zAW0wAVfOJUbDB_pvwqCQ==
Montserrat-Bold.woff2
d1h8fl8on3a554.cloudfront.net/fonts/Montserrat/
15 KB
16 KB
Font
General
Full URL
https://d1h8fl8on3a554.cloudfront.net/fonts/Montserrat/Montserrat-Bold.woff2
Requested by
Host: sipassione-it.event-armanibeauty.com
URL: https://sipassione-it.event-armanibeauty.com/?email=[EMAIL]&source=TIO
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.224.89.185 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-89-185.zrh50.r.cloudfront.net
Software
Apache /
Resource Hash
a953bd785796440bd042c5cf09adf88a62582ccbb2aea81b1bcce54a1bba7210

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
Origin
https://sipassione-it.event-armanibeauty.com

Response headers

Date
Tue, 02 Jun 2020 21:50:50 GMT
Via
1.1 8455bcb2c0203b0c4ee93b610d75e69b.cloudfront.net (CloudFront)
Age
7071
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
15380
With-Dyn
(null)
Last-Modified
Mon, 06 Apr 2020 18:31:02 GMT
Server
Apache
Vary
Accept-Encoding
Content-Type
font/woff2
Access-Control-Allow-Origin
*
Cache-Control
max-age=7200, public
X-Amz-Cf-Pop
ZRH50-C1
Accept-Ranges
bytes
X-Amz-Cf-Id
p6_Xwp5e37eR6tOK8zEqgMip8LE0gzUtwceFQ-YbpKc99_KxWaA-QQ==
Montserrat-UltraLight.woff2
d1h8fl8on3a554.cloudfront.net/fonts/Montserrat/
20 KB
21 KB
Font
General
Full URL
https://d1h8fl8on3a554.cloudfront.net/fonts/Montserrat/Montserrat-UltraLight.woff2
Requested by
Host: sipassione-it.event-armanibeauty.com
URL: https://sipassione-it.event-armanibeauty.com/?email=[EMAIL]&source=TIO
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.224.89.185 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-89-185.zrh50.r.cloudfront.net
Software
Apache /
Resource Hash
db13e7f52b8ffe082ae9d681f815f2179c7948855350d6e3b575baa5a711e4d6

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
Origin
https://sipassione-it.event-armanibeauty.com

Response headers

Date
Tue, 02 Jun 2020 23:40:59 GMT
Via
1.1 c07945b00aad28e34fbfebb3d3907061.cloudfront.net (CloudFront)
Age
415
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
20484
With-Dyn
(null)
Last-Modified
Mon, 06 Apr 2020 18:30:47 GMT
Server
Apache
Vary
Accept-Encoding
Content-Type
font/woff2
Access-Control-Allow-Origin
*
Cache-Control
max-age=7200, public
X-Amz-Cf-Pop
ZRH50-C1
Accept-Ranges
bytes
X-Amz-Cf-Id
Vsk7ZHWhf-nMl-ZLe41zESTMQDChwBU0An8g5-2klng1rKY3-KNMlA==
videofr.mp4
d1h8fl8on3a554.cloudfront.net/www-armani-multilangues/videos/
27 MB
27 MB
Media
General
Full URL
https://d1h8fl8on3a554.cloudfront.net/www-armani-multilangues/videos/videofr.mp4
Requested by
Host: sipassione-it.event-armanibeauty.com
URL: https://sipassione-it.event-armanibeauty.com/?email=[EMAIL]&source=TIO
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.224.89.185 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-89-185.zrh50.r.cloudfront.net
Software
Apache /
Resource Hash

Request headers

Referer
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Range
bytes=0-

Response headers

Date
Tue, 05 May 2020 10:26:53 GMT
Via
1.1 ebbd7f31e48ea8cf77f6021cdd92bf62.cloudfront.net (CloudFront)
Age
2467261
X-Cache
Hit from cloudfront
Content-Range
bytes 0-28490751/28490752
Connection
keep-alive
Content-Length
28490752
With-Dyn
(null)
Last-Modified
Mon, 06 Apr 2020 18:02:57 GMT
Server
Apache
Vary
Accept-Encoding
Content-Type
video/mp4
Access-Control-Allow-Origin
*
Cache-Control
max-age=2592000, public
X-Amz-Cf-Pop
ZRH50-C1
Accept-Ranges
bytes
X-Amz-Cf-Id
ryRNpSWrTmOkCchJb-CbdIaYZVar2bDQMmVg9_L72F259KAcE-tdWA==
395016fd-85b0-43df-a281-ab17b11c0fc5.js
cdn.cookielaw.org/consent/
48 KB
13 KB
Script
General
Full URL
https://cdn.cookielaw.org/consent/395016fd-85b0-43df-a281-ab17b11c0fc5.js
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/langswitch/a2eb3b52-52a9-439f-928c-d4beecbb3017.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8F26) /
Resource Hash
90a67e8ef6e4fde8aa112b67a5f7559d3a149cd57dee5c2b14699053f042d841

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 02 Jun 2020 23:47:54 GMT
content-encoding
gzip
content-md5
xNetDZpPYrKiFn1WzHJMQA==
age
18
x-cache
HIT
status
200
content-length
13296
x-ms-lease-status
unlocked
last-modified
Tue, 18 Feb 2020 12:47:11 GMT
server
ECAcc (frc/8F26)
etag
0x8D7B470ABF8B44F
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
eeab0012-301e-0099-0c38-395724000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
expires
Wed, 03 Jun 2020 03:47:54 GMT
ga-audiences
www.google.de/ads/
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j82&a=871373946&t=pageview&_s=1&dl=https%3A%2F%2Fsipassione-it.event-armanibeauty.com%2F%3Femail%3D%5BEMAIL%5D%26source%3DTIO&dr=https%3A%2F%2Fclk....
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-11299701-7&cid=930917571.1591141675&jid=810011745&_gid=965062348.1591141675&gjid=1837091549&_v=j82&z=1664082295
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-11299701-7&cid=930917571.1591141675&jid=810011745&_v=j82&z=1664082295
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-11299701-7&cid=930917571.1591141675&jid=810011745&_v=j82&z=1664082295&slf_rd=1&random=219932063
42 B
106 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-11299701-7&cid=930917571.1591141675&jid=810011745&_v=j82&z=1664082295&slf_rd=1&random=219932063
Requested by
Host: sipassione-it.event-armanibeauty.com
URL: https://sipassione-it.event-armanibeauty.com/?email=[EMAIL]&source=TIO
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jun 2020 23:47:54 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 02 Jun 2020 23:47:54 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
302
content-type
text/html; charset=UTF-8
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-11299701-7&cid=930917571.1591141675&jid=810011745&_v=j82&z=1664082295&slf_rd=1&random=219932063
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
optanon.css
cdn.cookielaw.org/skins/5.12.0/default_flat_bottom_two_button_black/v2/css/
23 KB
6 KB
Stylesheet
General
Full URL
https://cdn.cookielaw.org/skins/5.12.0/default_flat_bottom_two_button_black/v2/css/optanon.css
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/consent/395016fd-85b0-43df-a281-ab17b11c0fc5.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8FE9) /
Resource Hash
3e48e8dada6c1e8a5fb31c28a198f2931138504a6a292ee8635fadeff84f595c

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 02 Jun 2020 23:47:54 GMT
content-encoding
gzip
content-md5
yXXBLaayRCrkDWNZnbQ6/g==
age
5374
x-cache
HIT
status
200
content-length
5553
x-ms-lease-status
unlocked
last-modified
Fri, 21 Feb 2020 20:12:27 GMT
server
ECAcc (frc/8FE9)
etag
0x8D7B70A5F587C32
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
ccdc2a3f-301e-0011-7b2b-39effd000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
expires
Wed, 03 Jun 2020 03:47:54 GMT
jquery-3.3.1.min.js
code.jquery.com/
85 KB
30 KB
Script
General
Full URL
https://code.jquery.com/jquery-3.3.1.min.js
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/consent/395016fd-85b0-43df-a281-ab17b11c0fc5.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.197.3.24 Phoenix, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
vip0x018.map2.ssl.hwcdn.net
Software
nginx /
Resource Hash
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
Origin
https://sipassione-it.event-armanibeauty.com

Response headers

Date
Tue, 02 Jun 2020 23:47:55 GMT
Content-Encoding
gzip
Last-Modified
Sat, 20 Jan 2018 17:26:44 GMT
Server
nginx
ETag
W/"5a637bd4-1538f"
Vary
Accept-Encoding
X-HW
1591141674.dop032.pa1.t,1591141675.cds006.pa1.shn,1591141675.cds006.pa1.c
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=315360000, public
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
30288
/
sk.ht/aventmedia/
37 B
701 B
XHR
General
Full URL
https://sk.ht/aventmedia/
Requested by
Host: events.sk.ht
URL: https://events.sk.ht/avent/lib.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.154.94.172 , France, ASN12876 (Online SAS, FR),
Reverse DNS
195-154-94-172.rev.poneytelecom.eu
Software
nginx/1.14.2 /
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Pragma
no-cache
Date
Tue, 02 Jun 2020 23:47:55 GMT
Last-Modified
Tue, 02 Jun 2020 23:47:55 GMT
Server
nginx/1.14.2
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
https://sipassione-it.event-armanibeauty.com
Access-Control-Expose-Headers
Content-Length,Content-Range
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
keep-alive
Access-Control-Allow-Headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Expires
Thu, 01 Jan 1970 00:00:00 GMT
/
sk.ht/ck/
37 B
762 B
Image
General
Full URL
https://sk.ht/ck/?c=E5EC1266-762C-9081-F2DD-8F9EC4DE1DE5&r=1591141675308
Requested by
Host: sipassione-it.event-armanibeauty.com
URL: https://sipassione-it.event-armanibeauty.com/?email=[EMAIL]&source=TIO
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.154.94.172 , France, ASN12876 (Online SAS, FR),
Reverse DNS
195-154-94-172.rev.poneytelecom.eu
Software
nginx/1.14.2 /
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 02 Jun 2020 23:47:55 GMT
Last-Modified
Tue, 02 Jun 2020 23:47:55 GMT
Server
nginx/1.14.2
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
image/gif
Access-Control-Expose-Headers
Content-Length,Content-Range
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
keep-alive
Access-Control-Allow-Headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Expires
Thu, 01 Jan 1970 00:00:00 GMT
/
tag.avent-media.fr/ck/
37 B
771 B
Image
General
Full URL
https://tag.avent-media.fr/ck/?c=E5EC1266-762C-9081-F2DD-8F9EC4DE1DE5&r=1591141675308
Requested by
Host: sipassione-it.event-armanibeauty.com
URL: https://sipassione-it.event-armanibeauty.com/?email=[EMAIL]&source=TIO
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.154.94.172 , France, ASN12876 (Online SAS, FR),
Reverse DNS
195-154-94-172.rev.poneytelecom.eu
Software
nginx/1.14.2 /
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 02 Jun 2020 23:47:55 GMT
Last-Modified
Tue, 02 Jun 2020 23:47:55 GMT
Server
nginx/1.14.2
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
image/gif
Access-Control-Expose-Headers
Content-Length,Content-Range
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
keep-alive
Access-Control-Allow-Headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Expires
Thu, 01 Jan 1970 00:00:00 GMT
logo.png
sipassione-it.event-armanibeauty.com/assets/img/landing/
4 KB
4 KB
Image
General
Full URL
https://sipassione-it.event-armanibeauty.com/assets/img/landing/logo.png
Requested by
Host: sipassione-it.event-armanibeauty.com
URL: https://sipassione-it.event-armanibeauty.com/?email=[EMAIL]&source=TIO
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:5a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
df4896ea6218e3e09e547e00fdde730d8dbcf2e971809e24f2ccc9d931067a18
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://sipassione-it.event-armanibeauty.com/?email=[EMAIL]&source=TIO
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Jun 2020 23:47:55 GMT
referrer-policy
same-origin
cf-cache-status
DYNAMIC
last-modified
Mon, 25 May 2020 16:11:00 GMT
server
cloudflare
etag
"ee8-5a67b3990c42d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/png
status
200
x-xss-protection
1; mode=block
cache-control
max-age=28800, public
accept-ranges
bytes
cf-ray
59d50feecca56455-FRA
content-length
3816
cf-request-id
031908493a000064552dafa200000001
produit.png
sipassione-it.event-armanibeauty.com/assets/img/landing/
21 KB
21 KB
Image
General
Full URL
https://sipassione-it.event-armanibeauty.com/assets/img/landing/produit.png
Requested by
Host: sipassione-it.event-armanibeauty.com
URL: https://sipassione-it.event-armanibeauty.com/?email=[EMAIL]&source=TIO
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:5a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fdbdb4be5b19bbcc02750fa72a3c78e3b34d6445ecec7eb0335ec36067a87dce
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://sipassione-it.event-armanibeauty.com/?email=[EMAIL]&source=TIO
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Jun 2020 23:47:55 GMT
referrer-policy
same-origin
cf-cache-status
DYNAMIC
last-modified
Mon, 25 May 2020 16:11:00 GMT
server
cloudflare
etag
"52f9-5a67b3990c42d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/png
status
200
x-xss-protection
1; mode=block
cache-control
max-age=28800, public
accept-ranges
bytes
cf-ray
59d50feecca66455-FRA
content-length
21241
cf-request-id
031908493a000064552dafb200000001
videofr.mp4
d1h8fl8on3a554.cloudfront.net/www-armani-multilangues/videos/
2 MB
0
Media
General
Full URL
https://d1h8fl8on3a554.cloudfront.net/www-armani-multilangues/videos/videofr.mp4
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.224.89.185 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-89-185.zrh50.r.cloudfront.net
Software
Apache /
Resource Hash

Request headers

Referer
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Range
bytes=0-

Response headers

Date
Tue, 05 May 2020 10:26:53 GMT
Via
1.1 ebbd7f31e48ea8cf77f6021cdd92bf62.cloudfront.net (CloudFront)
Age
2467276
X-Cache
Hit from cloudfront
Content-Range
bytes 0-28490751/28490752
Connection
keep-alive
Content-Length
28490752
With-Dyn
(null)
Last-Modified
Mon, 06 Apr 2020 18:02:57 GMT
Server
Apache
Vary
Accept-Encoding
Content-Type
video/mp4
Access-Control-Allow-Origin
*
Cache-Control
max-age=2592000, public
X-Amz-Cf-Pop
ZRH50-C1
Accept-Ranges
bytes
X-Amz-Cf-Id
iZrmOpco5ayJdyf2BEVzkq-W0mFaf52z7ksRrYj2nFxSkBG2nkX62Q==
videofr.mp4
d1h8fl8on3a554.cloudfront.net/www-armani-multilangues/videos/
1 MB
0
Media
General
Full URL
https://d1h8fl8on3a554.cloudfront.net/www-armani-multilangues/videos/videofr.mp4
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.224.89.185 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-89-185.zrh50.r.cloudfront.net
Software
Apache /
Resource Hash

Request headers

Referer
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Range
bytes=2228224-

Response headers

Date
Tue, 05 May 2020 10:26:53 GMT
Via
1.1 9349ae4f82564896b96f5303b030d189.cloudfront.net (CloudFront)
Age
2467278
X-Cache
Hit from cloudfront
Content-Range
bytes 2228224-28490751/28490752
Connection
keep-alive
Content-Length
26262528
With-Dyn
(null)
Last-Modified
Mon, 06 Apr 2020 18:02:57 GMT
Server
Apache
Vary
Accept-Encoding
Content-Type
video/mp4
Access-Control-Allow-Origin
*
Cache-Control
max-age=2592000, public
X-Amz-Cf-Pop
ZRH50-C1
Accept-Ranges
bytes
X-Amz-Cf-Id
LENp_ceYGmFhUbjWAia1HycpE-bXnmQQ54glu3skNQb1td6cgZej_w==

Verdicts & Comments Add Verdict or Comment

36 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate object| google_tag_manager object| dataLayer function| gtag object| google_tag_data string| GoogleAnalyticsObject function| ga string| marche object| OneTrust string| containerName string| languageSwitcherFileName string| useDocumentLanguage string| languageSwitcherFilePathPart string| languageSwitcherURL function| getLanguageSwitcherScriptPath function| isLanguageSwitcherFile function| OptanonWrapper object| gaplugins object| gaGlobal object| gaData undefined| a undefined| c function| jsonFeed object| Optanon string| OnetrustActiveGroups string| OptanonActiveGroups function| $ function| jQuery boolean| alreadySentEmail function| IsNumeric function| validateEmail object| avmd number| iterator string| url object| page

5 Cookies

Domain/Path Name / Value
.event-armanibeauty.com/ Name: _gat_gtag_UA_11299701_7
Value: 1
.event-armanibeauty.com/ Name: _gid
Value: GA1.2.965062348.1591141675
.event-armanibeauty.com/ Name: _ga
Value: GA1.2.930917571.1591141675
sipassione-it.event-armanibeauty.com/ Name: ci_session
Value: 803kmekdlqelekofdphom36j9otgmhgi
.event-armanibeauty.com/ Name: __cfduid
Value: d46be50ebe308b10cb12ab585a6bf17281591141674

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.tradedoubler.com
cdn.cookielaw.org
clk.tradedoubler.com
code.jquery.com
d1h8fl8on3a554.cloudfront.net
echo7.bluehornet.com
events.sk.ht
loudingads.go2cloud.org
sipassione-it.event-armanibeauty.com
sk.ht
stats.g.doubleclick.net
tag.avent-media.fr
tracking.publicidees.com
vht.tradedoubler.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
13.224.89.185
13.224.95.110
188.165.150.177
195.154.94.172
209.197.3.24
2606:2800:233:1cb7:261b:1f9c:2074:3c
2606:4700::6812:5a9
2a00:1450:4001:800::2008
2a00:1450:4001:815::2003
2a00:1450:4001:81b::200e
2a00:1450:4001:81f::2004
2a00:1450:400c:c03::9c
34.95.109.120
51.158.22.151
52.210.174.128
54.69.69.210
89.185.38.84
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
17ee72d8421cc64e48d5e885c090851028f91129555be935403a51c55eff2e9d
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2f1fd973e6c48489ae07c467e3278635b856c698d1f502e06af3ab555937deac
38d44a986cf44c041c3b451fad85b10e217793e28556e1f2577fa997750ff38b
39e49b23a56aa8eaeec9b96b4dfb6a8ad72a9b1d1d0eb6f905e4fa98d40ff896
3e48e8dada6c1e8a5fb31c28a198f2931138504a6a292ee8635fadeff84f595c
3e8186ac14062fe6c94b5acd57bae817dfcce0d4788099d6d5354e026ee9a468
4a07722a6f12b33c61fecdb7c412c258d8ca99cef79045b4b07932d3c8dde4c3
4da17daae3e5819d5def5836300a058f600d3d56827d574f20713609caec9108
5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd
66b91349f8cbad640e32aa8c1ab3660f80b069d0c3232fb4715a72a6e434d965
68ee26ae38d861951d00f9b7c53a322137921ca5ab828d78fa31065c98554452
6f5ef9857a74d5127fb777f0f68890c6af8eb05e7e3fa8f2cce25aaf8ef85671
79ee9a935494501548e0317d5db89f7bba9f20fe903aba8b7a4ed67d339d262c
90a67e8ef6e4fde8aa112b67a5f7559d3a149cd57dee5c2b14699053f042d841
91aa3b8f1288822eb7c7a73c711886aa0bd4a1d7ab1b44a8440d43019ab56c82
99a1e44df5cf3af313a2989cd5625556a2ba6380a68dcf0467b1ce5cedfee9fa
9ce429741964cbd15a2adabc55b221240d2131aae1fa4b8ea4d6356107359b96
9d02d662da8a47fb5fb610b545007507b6017028043dbb63cd09ec897d3b9627
a8b8c72db243f51d566818bb0a232d3da9d6a99c73416fd42332fc0a18be7e60
a953bd785796440bd042c5cf09adf88a62582ccbb2aea81b1bcce54a1bba7210
ad449665502fc1501f7c118a76c94b91f2fe2dcfc07ba54cd2565e67ad9bc943
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bcc4131cf51048e74f5a908ed0d9bf6c115dd17335d1730f621b24244d666fec
c9f436ae79092323b81bfb1cd4c4646e24ad8e6254634c68a3b8c447c6dc1383
db13e7f52b8ffe082ae9d681f815f2179c7948855350d6e3b575baa5a711e4d6
df4896ea6218e3e09e547e00fdde730d8dbcf2e971809e24f2ccc9d931067a18
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f295ebe06fc74dd639fc1d926abdea188a4c960b17266e73da205d034ac37f0e
f6a7b542481d03dcbd392a77d878f05330c75ff58c478ea2a6a64807bab70b5d
fdbdb4be5b19bbcc02750fa72a3c78e3b34d6445ecec7eb0335ec36067a87dce