shoppy.payback.it Open in urlscan Pro
45.60.14.82 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://shoppy.payback.it/
Effective URL:
https://shoppy.payback.it/
Submission: On December 07 via manual (December 7th 2022, 3:53:26 pm UTC) from CH — Scanned from IT

Summary HTTP 163 Redirects Behaviour Indicators

Summary

This website contacted 65 IPs in 9 countries across 54 domains to perform 163 HTTP transactions. The main IP is 45.60.14.82, located in United States and belongs to INCAPSULA, US. The main domain is shoppy.payback.it.
TLS certificate: Issued by DigiCert SHA2 Extended Validation Ser... on June 23rd 2022. Valid for: a year.

This is the only time shoppy.payback.it was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 41	45.60.14.82 45.60.14.82	19551 (INCAPSULA) (INCAPSULA)
8	2a02:26f0:480... 2a02:26f0:480:287::1e80	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:1b	20446 (STACKPATH...) (STACKPATH-CDN)
2	13.36.218.177 13.36.218.177	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:800::200e	15169 (GOOGLE) (GOOGLE)
21	2606:4700::68... 2606:4700::6810:9440	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:811::2004	15169 (GOOGLE) (GOOGLE)
1	18.66.97.49 18.66.97.49	16509 (AMAZON-02) (AMAZON-02)
4 9	142.250.186.134 142.250.186.134	15169 (GOOGLE) (GOOGLE)
3	2606:4700::68... 2606:4700::6812:1b55	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	52.222.236.43 52.222.236.43	16509 (AMAZON-02) (AMAZON-02)
1	143.204.215.118 143.204.215.118	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
1	34.250.18.31 34.250.18.31	16509 (AMAZON-02) (AMAZON-02)
1 2	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
1	2a02:2638::3 2a02:2638::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2.23.193.36 2.23.193.36	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a00:1450:400... 2a00:1450:4001:82a::2008	15169 (GOOGLE) (GOOGLE)
3	152.195.132.24 152.195.132.24	15133 (EDGECAST) (EDGECAST)
2	2620:116:800d... 2620:116:800d:21:c5a4:625:6563:a5bb	16509 (AMAZON-02) (AMAZON-02)
3 4	185.89.211.84 185.89.211.84	29990 (ASN-APPNEX) (ASN-APPNEX)
1 5	62.212.64.230 62.212.64.230	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1	2600:9000:223... 2600:9000:223c:5400:1:76cf:fe80:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:223... 2600:9000:223c:8600:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
4 5	2a02:2638:1::13 2a02:2638:1::13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2 5	193.0.160.128 193.0.160.128	54312 (ROCKETFUEL) (ROCKETFUEL)
3	185.89.210.180 185.89.210.180	29990 (ASN-APPNEX) (ASN-APPNEX)
4 4	142.250.184.194 142.250.184.194	15169 (GOOGLE) (GOOGLE)
1 3	52.19.242.51 52.19.242.51	16509 (AMAZON-02) (AMAZON-02)
1	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
1	3.125.70.222 3.125.70.222	16509 (AMAZON-02) (AMAZON-02)
2	18.156.32.70 18.156.32.70	16509 (AMAZON-02) (AMAZON-02)
2	88.221.168.23 88.221.168.23	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	13.224.189.88 13.224.189.88	16509 (AMAZON-02) (AMAZON-02)
1 3	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
1	54.81.25.165 54.81.25.165	14618 (AMAZON-AES) (AMAZON-AES)
1 2	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
1	104.76.200.221 104.76.200.221	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	185.94.180.125 185.94.180.125	35220 (SPOTX-AMS) (SPOTX-AMS)
2	2600:1f18:612... 2600:1f18:612b:4216:f6:411e:ff52:dd4b	14618 (AMAZON-AES) (AMAZON-AES)
1	18.200.229.106 18.200.229.106	16509 (AMAZON-02) (AMAZON-02)
2	52.214.172.145 52.214.172.145	16509 (AMAZON-02) (AMAZON-02)
1 3	18.193.170.39 18.193.170.39	16509 (AMAZON-02) (AMAZON-02)
2 2	151.101.130.49 151.101.130.49	54113 (FASTLY) (FASTLY)
1	178.250.0.157 178.250.0.157	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	178.250.0.163 178.250.0.163	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	178.250.2.151 178.250.2.151	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	104.18.33.19 104.18.33.19	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	52.208.172.23 52.208.172.23	16509 (AMAZON-02) (AMAZON-02)
1	70.42.32.31 70.42.32.31	13789 (INTERNAP-...) (INTERNAP-BLK3)
1	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
1	18.159.205.223 18.159.205.223	16509 (AMAZON-02) (AMAZON-02)
1	185.86.137.132 185.86.137.132	201081 (SMARTADSE...) (SMARTADSERVER)
1	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
1	104.75.89.75 104.75.89.75	16625 (AKAMAI-AS) (AKAMAI-AS)
1	76.223.111.18 76.223.111.18	16509 (AMAZON-02) (AMAZON-02)
1 2	18.156.0.31 18.156.0.31	16509 (AMAZON-02) (AMAZON-02)
1	37.157.3.30 37.157.3.30	198622 (ADFORM) (ADFORM)
1	185.255.84.152 185.255.84.152	200271 (IGUANE-) (IGUANE-)
1	141.95.33.111 141.95.33.111	16276 (OVH) (OVH)
1	34.117.157.22 34.117.157.22	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	52.58.68.225 52.58.68.225	16509 (AMAZON-02) (AMAZON-02)
1	185.64.190.80 185.64.190.80	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	184.24.4.64 184.24.4.64	16625 (AKAMAI-AS) (AKAMAI-AS)
1	34.251.236.239 34.251.236.239	16509 (AMAZON-02) (AMAZON-02)
1	3.23.121.164 3.23.121.164	16509 (AMAZON-02) (AMAZON-02)
163	65

41 45.60.14.82 (United States) 1 redirects

ASN19551 (INCAPSULA, US)

shoppy.payback.it	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
images.payback.it	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.payback.it	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a02:26f0:480:287::1e80 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

assets.adobedtm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:1b (Netherlands)

ASN20446 (STACKPATH-CDN, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.36.218.177 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-36-218-177.eu-west-3.compute.amazonaws.com

smetrics.payback.it	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2606:4700::6810:9440 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:811::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.97.49 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-49.fra56.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 142.250.186.134 (United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f6.1e100.net

6633226.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
4370323.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
8942221.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
10041007.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6812:1b55 (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.236.43 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-43.fra56.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.215.118 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-118.fra53.r.cloudfront.net

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.250.18.31 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-250-18-31.eu-west-1.compute.amazonaws.com

in.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

adservice.google.it	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.23.193.36 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a2-23-193-36.deploy.static.akamaitechnologies.com

t.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 152.195.132.24 (United States)

ASN15133 (EDGECAST, US)

cdn.tradelab.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:c5a4:625:6563:a5bb (United States)

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.89.211.84 (Frankfurt am Main, Germany) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 62.212.64.230 (Netherlands) 1 redirects

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: tradelab.fr

its.tradelab.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223c:5400:1:76cf:fe80:93a1 (United States)

ASN16509 (AMAZON-02, US)

c1.rfihub.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223c:8600:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a02:2638:1::13 (France) 4 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 193.0.160.128 (United States) 2 redirects

ASN54312 (ROCKETFUEL, US)

20755798p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
a.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.89.210.180 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.184.194 (United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.19.242.51 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-19-242-51.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.125.70.222 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-125-70-222.eu-central-1.compute.amazonaws.com

ps.eyeota.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.156.32.70 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-32-70.eu-central-1.compute.amazonaws.com

e1.emxdgt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.221.168.23 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a88-221-168-23.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.189.88 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-88.fra2.r.cloudfront.net

live.rezync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.244.174.68 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.81.25.165 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-81-25-165.compute-1.amazonaws.com

bpi.rtactivate.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.80.39.216 (Canada) 1 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.76.200.221 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-76-200-221.deploy.static.akamaitechnologies.com

x.dlx.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.94.180.125 (Amsterdam, Netherlands) 1 redirects

ASN35220 (SPOTX-AMS, US)

sync.search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1f18:612b:4216:f6:411e:ff52:dd4b (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
criteo-partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.200.229.106 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-200-229-106.eu-west-1.compute.amazonaws.com

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.214.172.145 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-214-172-145.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.193.170.39 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-193-170-39.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.130.49 (United States) 2 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.163 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

sslwidget.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.2.151 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.33.19 (None, )

ASN13335 (CLOUDFLARENET, US)

r.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.208.172.23 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-208-172-23.eu-west-1.compute.amazonaws.com

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 70.42.32.31 (United States)

ASN13789 (INTERNAP-BLK3, US)
PTR: ny.outbrain.com

sync.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.159.205.223 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-159-205-223.eu-central-1.compute.amazonaws.com

match.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.137.132 (France)

ASN201081 (SMARTADSERVER, FR)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)

sync-t1.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.75.89.75 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-75-89-75.deploy.static.akamaitechnologies.com

criteo-sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 76.223.111.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.156.0.31 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.3.30 (Denmark)

ASN198622 (ADFORM, DK)

cm.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.255.84.152 (France)

ASN200271 (IGUANE-, FR)

visitor.omnitagjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.95.33.111 (Germany)

ASN16276 (OVH, FR)
PTR: ns3203177.ip-141-95-33.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.117.157.22 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 22.157.117.34.bc.googleusercontent.com

matching.ivitrack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.58.68.225 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-58-68-225.eu-central-1.compute.amazonaws.com

exchange.mediavine.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.24.4.64 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-24-4-64.deploy.static.akamaitechnologies.com

ad.yieldlab.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.251.236.239 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-251-236-239.eu-west-1.compute.amazonaws.com

sync-criteo.ads.yieldmo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.23.121.164 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-23-121-164.us-east-2.compute.amazonaws.com

s.thebrighttag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
43	payback.it 1 redirects shoppy.payback.it images.payback.it smetrics.payback.it www.payback.it	2 MB
21	cookielaw.org cdn.cookielaw.org — Cisco Umbrella Rank: 473	384 KB
13	doubleclick.net 8 redirects 6633226.fls.doubleclick.net 4370323.fls.doubleclick.net 8942221.fls.doubleclick.net 10041007.fls.doubleclick.net cm.g.doubleclick.net — Cisco Umbrella Rank: 234	4 KB
9	criteo.com 4 redirects gum.criteo.com — Cisco Umbrella Rank: 429 mug.criteo.com — Cisco Umbrella Rank: 2441 sslwidget.criteo.com — Cisco Umbrella Rank: 1793 dis.criteo.com — Cisco Umbrella Rank: 752	13 KB
8	tradelab.fr 1 redirects cdn.tradelab.fr — Cisco Umbrella Rank: 132203 its.tradelab.fr — Cisco Umbrella Rank: 125825	13 KB
8	adobedtm.com assets.adobedtm.com — Cisco Umbrella Rank: 471	62 KB
7	adnxs.com 3 redirects ib.adnxs.com — Cisco Umbrella Rank: 238 secure.adnxs.com — Cisco Umbrella Rank: 486	7 KB
7	google.com www.google.com — Cisco Umbrella Rank: 2 adservice.google.com — Cisco Umbrella Rank: 87	3 KB
5	rfihub.com 2 redirects 20755798p.rfihub.com a.rfihub.com — Cisco Umbrella Rank: 3161 p.rfihub.com — Cisco Umbrella Rank: 887	7 KB
4	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 701 script.hotjar.com — Cisco Umbrella Rank: 978 vars.hotjar.com — Cisco Umbrella Rank: 1056 in.hotjar.com — Cisco Umbrella Rank: 1915	73 KB
3	bidswitch.net 1 redirects x.bidswitch.net — Cisco Umbrella Rank: 322	1006 B
3	casalemedia.com 1 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 588 r.casalemedia.com — Cisco Umbrella Rank: 1403	2 KB
3	rlcdn.com 1 redirects idsync.rlcdn.com — Cisco Umbrella Rank: 392	525 B
3	demdex.net 1 redirects dpm.demdex.net — Cisco Umbrella Rank: 222	3 KB
3	gstatic.com www.gstatic.com	482 KB
3	onetrust.com geolocation.onetrust.com — Cisco Umbrella Rank: 760	610 B
2	yahoo.com 1 redirects ups.analytics.yahoo.com — Cisco Umbrella Rank: 317	507 B
2	360yield.com 1 redirects ad.360yield.com — Cisco Umbrella Rank: 719	854 B
2	everesttech.net 2 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 638	609 B
2	krxd.net beacon.krxd.net — Cisco Umbrella Rank: 601	674 B
2	tremorhub.com partners.tremorhub.com — Cisco Umbrella Rank: 1162 criteo-partners.tremorhub.com — Cisco Umbrella Rank: 2364	365 B
2	spotxchange.com 1 redirects sync.search.spotxchange.com — Cisco Umbrella Rank: 620	1 KB
2	media.net contextual.media.net — Cisco Umbrella Rank: 600	1 KB
2	emxdgt.com e1.emxdgt.com — Cisco Umbrella Rank: 891	100 B
2	quantserve.com secure.quantserve.com — Cisco Umbrella Rank: 1113 pixel.quantserve.com — Cisco Umbrella Rank: 729	10 KB
2	teads.tv t.teads.tv — Cisco Umbrella Rank: 2665 criteo-sync.teads.tv — Cisco Umbrella Rank: 1940	315 B
2	google.it 1 redirects adservice.google.it — Cisco Umbrella Rank: 46417	1 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 38	20 KB
1	thebrighttag.com s.thebrighttag.com — Cisco Umbrella Rank: 2142	268 B
1	yieldmo.com sync-criteo.ads.yieldmo.com — Cisco Umbrella Rank: 2014	220 B
1	yieldlab.net ad.yieldlab.net — Cisco Umbrella Rank: 4348	360 B
1	pubmatic.com simage2.pubmatic.com — Cisco Umbrella Rank: 723	579 B
1	mediavine.com exchange.mediavine.com — Cisco Umbrella Rank: 1303	884 B
1	ivitrack.com matching.ivitrack.com — Cisco Umbrella Rank: 2615	274 B
1	id5-sync.com id5-sync.com — Cisco Umbrella Rank: 476	1 KB
1	omnitagjs.com visitor.omnitagjs.com — Cisco Umbrella Rank: 952	235 B
1	adform.net cm.adform.net — Cisco Umbrella Rank: 1674	163 B
1	3lift.com eb2.3lift.com — Cisco Umbrella Rank: 404	140 B
1	taboola.com sync-t1.taboola.com — Cisco Umbrella Rank: 1257	99 B
1	smartadserver.com rtb-csync.smartadserver.com — Cisco Umbrella Rank: 602	163 B
1	sharethrough.com match.sharethrough.com — Cisco Umbrella Rank: 557	35 B
1	rubiconproject.com pixel.rubiconproject.com — Cisco Umbrella Rank: 351	239 B
1	outbrain.com sync.outbrain.com — Cisco Umbrella Rank: 820	145 B
1	agkn.com aa.agkn.com — Cisco Umbrella Rank: 507	377 B
1	addthis.com x.dlx.addthis.com — Cisco Umbrella Rank: 1428	191 B
1	rtactivate.com bpi.rtactivate.com — Cisco Umbrella Rank: 2307	109 B
1	rezync.com 1 redirects live.rezync.com — Cisco Umbrella Rank: 2132	780 B
1	eyeota.net ps.eyeota.net — Cisco Umbrella Rank: 1083	344 B
1	openx.net us-u.openx.net — Cisco Umbrella Rank: 468	273 B
1	quantcount.com rules.quantcount.com — Cisco Umbrella Rank: 1022	4 KB
1	rfihub.net c1.rfihub.net — Cisco Umbrella Rank: 5141	6 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 65	44 KB
1	criteo.net static.criteo.net — Cisco Umbrella Rank: 675	14 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 759	81 KB
163	54

	Domain	Requested by
21	cdn.cookielaw.org	www.payback.it cdn.cookielaw.org
15	images.payback.it	shoppy.payback.it www.payback.it images.payback.it
14	shoppy.payback.it	1 redirects shoppy.payback.it
12	www.payback.it	images.payback.it www.payback.it
8	assets.adobedtm.com	shoppy.payback.it assets.adobedtm.com
5	gum.criteo.com	4 redirects static.criteo.net
5	its.tradelab.fr	1 redirects 4370323.fls.doubleclick.net
4	cm.g.doubleclick.net	4 redirects
4	ib.adnxs.com	3 redirects 4370323.fls.doubleclick.net
4	adservice.google.com	6633226.fls.doubleclick.net 4370323.fls.doubleclick.net 8942221.fls.doubleclick.net 10041007.fls.doubleclick.net
3	x.bidswitch.net	1 redirects
3	idsync.rlcdn.com	1 redirects 4370323.fls.doubleclick.net
3	p.rfihub.com	2 redirects
3	dpm.demdex.net	1 redirects 4370323.fls.doubleclick.net
3	secure.adnxs.com	4370323.fls.doubleclick.net
3	cdn.tradelab.fr	4370323.fls.doubleclick.net cdn.tradelab.fr
3	www.gstatic.com	www.google.com
3	4370323.fls.doubleclick.net	1 redirects shoppy.payback.it adservice.google.com
3	geolocation.onetrust.com	cdn.cookielaw.org
3	www.google.com	www.payback.it
2	ups.analytics.yahoo.com	1 redirects
2	ad.360yield.com	1 redirects
2	dis.criteo.com
2	sync-tm.everesttech.net	2 redirects
2	beacon.krxd.net	4370323.fls.doubleclick.net
2	sync.search.spotxchange.com	1 redirects
2	dsum-sec.casalemedia.com	1 redirects 4370323.fls.doubleclick.net
2	contextual.media.net	4370323.fls.doubleclick.net
2	e1.emxdgt.com	4370323.fls.doubleclick.net
2	10041007.fls.doubleclick.net	1 redirects shoppy.payback.it
2	8942221.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	adservice.google.it	1 redirects adservice.google.com
2	6633226.fls.doubleclick.net	1 redirects shoppy.payback.it
2	www.google-analytics.com	shoppy.payback.it www.google-analytics.com
2	smetrics.payback.it	assets.adobedtm.com shoppy.payback.it
1	s.thebrighttag.com
1	sync-criteo.ads.yieldmo.com
1	ad.yieldlab.net
1	criteo-partners.tremorhub.com
1	simage2.pubmatic.com
1	exchange.mediavine.com
1	matching.ivitrack.com
1	id5-sync.com
1	visitor.omnitagjs.com
1	cm.adform.net
1	eb2.3lift.com
1	criteo-sync.teads.tv
1	sync-t1.taboola.com
1	rtb-csync.smartadserver.com
1	match.sharethrough.com
1	pixel.rubiconproject.com
1	sync.outbrain.com
1	r.casalemedia.com
1	sslwidget.criteo.com	static.criteo.net
1	mug.criteo.com	4370323.fls.doubleclick.net
1	aa.agkn.com	4370323.fls.doubleclick.net
1	partners.tremorhub.com	4370323.fls.doubleclick.net
1	x.dlx.addthis.com	4370323.fls.doubleclick.net
1	bpi.rtactivate.com	4370323.fls.doubleclick.net
1	live.rezync.com	1 redirects
1	ps.eyeota.net	4370323.fls.doubleclick.net
1	us-u.openx.net	4370323.fls.doubleclick.net
1	a.rfihub.com	4370323.fls.doubleclick.net
1	pixel.quantserve.com	4370323.fls.doubleclick.net
1	20755798p.rfihub.com	c1.rfihub.net
1	rules.quantcount.com	secure.quantserve.com
1	c1.rfihub.net	4370323.fls.doubleclick.net
1	secure.quantserve.com	4370323.fls.doubleclick.net
1	www.googletagmanager.com	4370323.fls.doubleclick.net
1	t.teads.tv	4370323.fls.doubleclick.net
1	static.criteo.net	4370323.fls.doubleclick.net
1	in.hotjar.com	script.hotjar.com
1	vars.hotjar.com	static.hotjar.com
1	script.hotjar.com	static.hotjar.com
1	static.hotjar.com	shoppy.payback.it
1	code.jquery.com	shoppy.payback.it
163	76

This site contains no links.

Subject Issuer	Validity	Valid
shoppy.payback.it DigiCert SHA2 Extended Validation Server CA	`2022-06-23` - `2023-07-13`	a year	crt.sh
assets.adobedtm.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-19` - `2023-08-19`	a year	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2022-08-03` - `2023-07-14`	a year	crt.sh
images.payback.it DigiCert SHA2 Extended Validation Server CA	`2022-04-06` - `2023-05-07`	a year	crt.sh
smetrics.payback.it DigiCert TLS RSA SHA256 2020 CA1	`2022-02-18` - `2023-03-21`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
payback.it DigiCert SHA2 Extended Validation Server CA	`2022-08-16` - `2023-09-06`	a year	crt.sh
cookielaw.org Cloudflare Inc ECC CA-3	`2022-05-01` - `2023-05-01`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.hotjar.com Amazon	`2022-10-25` - `2023-11-23`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
onetrust.com Cloudflare Inc ECC CA-3	`2022-01-12` - `2023-01-12`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.google.it GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-11-08` - `2023-02-04`	3 months	crt.sh
teads.tv R3	`2022-10-27` - `2023-01-25`	3 months	crt.sh
cdn.tradelab.fr GeoTrust Global TLS RSA4096 SHA256 2022 CA1	`2022-10-21` - `2023-10-21`	a year	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
*.rfihub.net Amazon	`2022-11-29` - `2023-12-29`	a year	crt.sh
quantserve.com R3	`2022-11-11` - `2023-02-09`	3 months	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-10-31` - `2023-01-26`	3 months	crt.sh
*.rfihub.com Sectigo RSA Domain Validation Secure Server CA	`2022-05-24` - `2023-05-24`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2022-02-11` - `2023-03-14`	a year	crt.sh
*.tradelab.fr Go Daddy Secure Certificate Authority - G2	`2022-08-01` - `2023-09-02`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
*.emxdgt.com Go Daddy Secure Certificate Authority - G2	`2022-05-18` - `2023-06-19`	a year	crt.sh
*.media.net DigiCert SHA2 Secure Server CA	`2022-02-20` - `2023-02-22`	a year	crt.sh
rtactivate.com Amazon	`2022-04-13` - `2023-05-12`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2022-02-03` - `2023-02-25`	a year	crt.sh
odc-pixel-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2022-02-26` - `2023-03-01`	a year	crt.sh
*.tremorhub.com Amazon	`2022-03-24` - `2023-04-22`	a year	crt.sh
*.agkn.com RapidSSL Global TLS RSA4096 SHA256 2022 CA1	`2022-09-06` - `2023-09-21`	a year	crt.sh
beacon.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2022-10-20` - `2023-10-19`	a year	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2022-04-05` - `2023-05-04`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-23` - `2023-06-22`	a year	crt.sh
*.outbrain.com Thawte RSA CA 2018	`2022-11-06` - `2023-11-28`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-08` - `2023-04-04`	a year	crt.sh
*.sharethrough.com Amazon	`2022-07-14` - `2023-08-12`	a year	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-01-25` - `2023-01-25`	a year	crt.sh
*.taboola.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-11-28` - `2022-12-29`	a year	crt.sh
*.3lift.com Amazon	`2022-05-13` - `2023-06-11`	a year	crt.sh
*.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2022-05-18` - `2023-06-16`	a year	crt.sh
omnitagjs.com Sectigo RSA Domain Validation Secure Server CA	`2022-06-21` - `2023-07-21`	a year	crt.sh
*.id5-sync.com R3	`2022-11-09` - `2023-02-07`	3 months	crt.sh
itm.ivitrack.com R3	`2022-12-05` - `2023-03-05`	3 months	crt.sh
exchange.mediavine.com Amazon	`2022-07-06` - `2023-08-04`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2022-06-13` - `2023-07-14`	a year	crt.sh
*.yieldlab.net DigiCert TLS RSA SHA256 2020 CA1	`2022-11-16` - `2023-11-15`	a year	crt.sh
*.ads.yieldmo.com Amazon	`2022-06-02` - `2023-07-01`	a year	crt.sh

This page contains 16 frames:

Primary Page: https://shoppy.payback.it/
Frame ID: 83D3E4AEB92131C3E9E1E5023D7615BA
Requests: 30 HTTP requests in this frame

Frame: https://www.payback.it/3rd-party-header?frameId=pb-iframe0&parentUrl=https://shoppy.payback.it
Frame ID: 9D87418D2F61AD5E4097E5093475F7A4
Requests: 20 HTTP requests in this frame

Frame: https://www.payback.it/eintegration?frameId=pb-iframe1&parentUrl=https://shoppy.payback.it
Frame ID: 9A3EFFD039CF6A7801EBA03BB06DCF91
Requests: 17 HTTP requests in this frame

Frame: https://www.payback.it/3rd-party-footer?frameId=pb-iframe2&parentUrl=https://shoppy.payback.it
Frame ID: 1709D448BB8130B27110345A80013C9B
Requests: 20 HTTP requests in this frame

Frame: https://6633226.fls.doubleclick.net/activityi;dc_pre=CM_R5Nvu5_sCFQwToQod99UNsg;src=6633226;type=payba0;cat=cooki0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4235256527953452.5
Frame ID: E0D54A0C4A46250BF50BCF0CDCD44323
Requests: 1 HTTP requests in this frame

Frame: https://4370323.fls.doubleclick.net/activityi;dc_pre=CLT-5tvu5_sCFWFIwQodt9gBvA;src=4370323;type=LP2Kp0;cat=lp_of0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4180279457161993
Frame ID: DADC2B25A38AE339CA4F8A4EAB3A1F10
Requests: 1 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-5e66f98b4ee957db209dc6f63e3d59dd.html
Frame ID: FE5370F6C9EFFF4FFE70BA03131C910D
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CM_R5Nvu5_sCFQwToQod99UNsg;src=6633226;type=payba0;cat=cooki0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4235256527953452.5;~oref=https://shoppy.payback.it/
Frame ID: 7A07EAF1C75C44062132E2BE522D0420
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CLT-5tvu5_sCFWFIwQodt9gBvA;src=4370323;type=LP2Kp0;cat=lp_of0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4180279457161993;~oref=https://shoppy.payback.it/
Frame ID: 0113CC17FADAE949159654920ECE8F4B
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.it/ddm/fls/i/dc_pre=CM_R5Nvu5_sCFQwToQod99UNsg;src=6633226;type=payba0;cat=cooki0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4235256527953452.5;~oref=https://shoppy.payback.it/
Frame ID: 414CC7BEC0D65CCF80A3D0C72CD80468
Requests: 1 HTTP requests in this frame

Frame: https://4370323.fls.doubleclick.net/ddm/fls/r/dc_pre=CLT-5tvu5_sCFWFIwQodt9gBvA;src=4370323;type=LP2Kp0;cat=lp_of0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4180279457161993;~oref=https://shoppy.payback.it/
Frame ID: 39FE75211DA7CA697460349278ACC2E3
Requests: 19 HTTP requests in this frame

Frame: https://8942221.fls.doubleclick.net/activityi;dc_pre=CLWvutzu5_sCFUVBwQodInoJsQ;src=8942221;type=invmedia;cat=dg-lp00;ord=8139995151860;gtm=2odbu0;~oref=https%3A%2F%2F4370323.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCLT-5tvu5_sCFWFIwQodt9gBvA%3Bsrc%3D4370323%3Btype%3DLP2Kp0%3Bcat%3Dlp_of0%3Bdc_lat%3D%3Bdc_rdid%3D%3Btag_for_child_directed_treatment%3D%3Bord%3D4180279457161993%3B~oref%3Dhttps%3A%2F%2Fshoppy.payback.it%2F
Frame ID: B97D34FB7B72C5381D14E2BAB46041AE
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=shoppy.payback.it&origin=onetag
Frame ID: A76CBEE336459F26A5A6611617C20EA6
Requests: 2 HTTP requests in this frame

Frame: https://20755798p.rfihub.com/ca.html?ver=9&rb=18773&ca=20755798&pe=https%3A%2F%2F4370323.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCLT-5tvu5_sCFWFIwQodt9gBvA%3Bsrc%3D4370323%3Btype%3DLP2Kp0%3Bcat%3Dlp_of0%3Bdc_lat%3D%3Bdc_rdid%3D%3Btag_for_child_directed_treatment%3D%3Bord%3D4180279457161993%3B%7Eoref%3Dhttps%3A%2F%2Fshoppy.payback.it%2F&pf=https%3A%2F%2Fadservice.google.com%2F&ra=48309488375515164
Frame ID: 701473E57D67CA85A3579638EC2A42BC
Requests: 19 HTTP requests in this frame

Frame: https://10041007.fls.doubleclick.net/activityi;dc_pre=CN2Nydzu5_sCFQMjwQodifIJ4A;src=10041007;type=invmedia;cat=simpl0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=[SessionID]
Frame ID: B5C37679DD7E8BA962B7AEFB852B255B
Requests: 2 HTTP requests in this frame

Frame: https://x.bidswitch.net/sync?dsp_id=46&user_id=k-xp2UkjKM4qRcR0oP2Lz9IjI6U0jsON9gvIk-sA&expires=30
Frame ID: 37C30D7DA3A91691C14C965CEF771CCF
Requests: 27 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Le migliori offerte PAYBACK su tanti Partner Online!

Page URL History Show full URLs

http://shoppy.payback.it/ HTTP 301
https://shoppy.payback.it/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

ZURB Foundation (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<div [^>]*class="[^"]*(?:small|medium|large)-\d{1,2} columns

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Criteo (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

//static\.criteo\.net/js/ld/ld\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

Imperva (Security) Expand

Overall confidence: 100%
Detected patterns

/_Incapsula_Resource

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cdn\.cookielaw\.org
otSDKStub\.js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Quantcast Measure (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.quantserve\.com/quant\.js

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

163
Requests

89 %
HTTPS

24 %
IPv6

54
Domains

76
Subdomains

65
IPs

9
Countries

3522 kB
Transfer

12851 kB
Size

77
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://shoppy.payback.it/ HTTP 301
https://shoppy.payback.it/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 48

https://6633226.fls.doubleclick.net/activityi;src=6633226;type=payba0;cat=cooki0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4235256527953452.5 HTTP 302
https://6633226.fls.doubleclick.net/activityi;dc_pre=CM_R5Nvu5_sCFQwToQod99UNsg;src=6633226;type=payba0;cat=cooki0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4235256527953452.5

Request Chain 54

https://4370323.fls.doubleclick.net/activityi;src=4370323;type=LP2Kp0;cat=lp_of0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4180279457161993 HTTP 302
https://4370323.fls.doubleclick.net/activityi;dc_pre=CLT-5tvu5_sCFWFIwQodt9gBvA;src=4370323;type=LP2Kp0;cat=lp_of0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4180279457161993

Request Chain 85

https://adservice.google.it/ddm/fls/i/dc_pre=CLT-5tvu5_sCFWFIwQodt9gBvA;src=4370323;type=LP2Kp0;cat=lp_of0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4180279457161993;~oref=https://shoppy.payback.it/ HTTP 302
https://4370323.fls.doubleclick.net/ddm/fls/r/dc_pre=CLT-5tvu5_sCFWFIwQodt9gBvA;src=4370323;type=LP2Kp0;cat=lp_of0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4180279457161993;~oref=https://shoppy.payback.it/

Request Chain 98

https://ib.adnxs.com/getuid?//its.tradelab.fr/?type=tlsync&uuid2=$UID&callback=tl_sync HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3F%2F%2Fits.tradelab.fr%2F%3Ftype%3Dtlsync%26uuid2%3D%24UID%26callback%3Dtl_sync HTTP 302
https://its.tradelab.fr/?type=tlsync&uuid2=7343488845556826741&callback=tl_sync

Request Chain 100

https://8942221.fls.doubleclick.net/activityi;src=8942221;type=invmedia;cat=dg-lp00;ord=8139995151860;gtm=2odbu0;~oref=https%3A%2F%2F4370323.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCLT-5tvu5_sCFWFIwQodt9gBvA%3Bsrc%3D4370323%3Btype%3DLP2Kp0%3Bcat%3Dlp_of0%3Bdc_lat%3D%3Bdc_rdid%3D%3Btag_for_child_directed_treatment%3D%3Bord%3D4180279457161993%3B~oref%3Dhttps%3A%2F%2Fshoppy.payback.it%2F HTTP 302
https://8942221.fls.doubleclick.net/activityi;dc_pre=CLWvutzu5_sCFUVBwQodInoJsQ;src=8942221;type=invmedia;cat=dg-lp00;ord=8139995151860;gtm=2odbu0;~oref=https%3A%2F%2F4370323.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCLT-5tvu5_sCFWFIwQodt9gBvA%3Bsrc%3D4370323%3Btype%3DLP2Kp0%3Bcat%3Dlp_of0%3Bdc_lat%3D%3Bdc_rdid%3D%3Btag_for_child_directed_treatment%3D%3Bord%3D4180279457161993%3B~oref%3Dhttps%3A%2F%2Fshoppy.payback.it%2F

Request Chain 107

https://10041007.fls.doubleclick.net/activityi;src=10041007;type=invmedia;cat=simpl0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=[SessionID] HTTP 302
https://10041007.fls.doubleclick.net/activityi;dc_pre=CN2Nydzu5_sCFQMjwQodifIJ4A;src=10041007;type=invmedia;cat=simpl0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=[SessionID]

Request Chain 108

https://its.tradelab.fr/?type=tp&advid=2870957&uuid=7343488845556826741&adata=%7B%22c%22%3A%7B%22ref_url%22%3A%22%22%2C%22ref_ts%22%3A1670428403%2C%22page_url%22%3A%22adservice.google.com%2F%22%2C%22dm%22%3A%22doubleclick.net%22%7D%2C%22v%22%3A%7B%22vis_cnt%22%3A1%2C%22frst_vis_ts%22%3A1670428402%2C%22prev_vis_ts%22%3A1670428402%2C%22curr_vis_ts%22%3A1670428403%2C%22total_page_cnt%22%3A1%2C%22prev_page_cnt%22%3A1%2C%22curr_page_cnt%22%3A1%7D%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=tradelab_dmp&google_cm HTTP 302
https://its.tradelab.fr/?type=tlsync_dbm&google_gid=CAESEENOT0Og56NaUpCJevZ-X84&google_cver=1

Request Chain 115

https://cm.g.doubleclick.net/pixel?&in=0&google_nid=zeta_interactive&google_cm=&google_sc=&google_hm=NTEzMTA3NzcyMzU0MjkyNDE5OA==&forward= HTTP 302
https://a.rfihub.com/cm?pub=445&in=0&forward=&google_gid=CAESEMSMKSUF_9eJA7AGt4VmVEA&google_cver=1

Request Chain 117

https://dpm.demdex.net/ibs:dpid=1121&dpuuid=5131077723542924198&redir= HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=5131077723542924198&redir=

Request Chain 119

https://p.rfihub.com/cm?pub=24472&in=1 HTTP 302
https://ps.eyeota.net/match?uid=5131077723542924198&bid=omt9pi0

Request Chain 122

https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5131077723542924198&referrer=https%3A%2F%2Fadservice.google.com%2F HTTP 302
https://p.rfihub.com/cm?pub=39342&in=0&userid=3813a7b8-d113-4269-925d-a0c1892250c2%3A1670428403.0690567&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3D3813a7b8-d113-4269-925d-a0c1892250c2%253A1670428403.0690567 HTTP 302
https://idsync.rlcdn.com/501709.gif?partner_uid=3813a7b8-d113-4269-925d-a0c1892250c2%3A1670428403.0690567 HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm HTTP 302
https://idsync.rlcdn.com/362358.gif?google_gid=CAESEC9e1PskK5_tavsjbQ2Rrvk&google_cver=1

Request Chain 124

https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5131077723542924198&forward= HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5131077723542924198&forward=&C=1

Request Chain 127

https://sync.search.spotxchange.com/partner?adv_id=7180&uid=5131077723542924198&img=1 HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7180&uid=5131077723542924198&img=1&__user_check__=1&sync_id=47752676-7647-11ed-a07f-1fd522ee0106

Request Chain 131

https://x.bidswitch.net/sync?dsp_id=119&user_id=5131077723542924198&expires=30 HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=119&user_id=5131077723542924198&expires=30

Request Chain 132

https://sync-tm.everesttech.net/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D&_test=Y5C28wACMSBwQgAZ HTTP 302
https://p.rfihub.com/cm?in=1&pub=21653&userid=Y5C28wACMSBwQgAZ&_test=Y5C28wACMSBwQgAZ

Request Chain 133

https://gum.criteo.com/sid/json?origin=onetag&domain=4370323.fls.doubleclick.net&sn=ChromeSyncframe&so=0&topUrl=shoppy.payback.it&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=XnJ9pHxScTRaaTBkU0kzdHhNNFBGeGtHNzB1NytZekRVa2VmUDFHK3VYVVBYdnNETnJYeUJwWE9yaWhFK0tkRHJNNkl5TTd2R2JVMHVmY1I3OFZmaHRKTmoyak1Gd3ZIRDhJaTkwaHpvcjRNZXNtTlY2eGEwZ2NINllWMS9ieTV6SVNzd0hzMjIvV0EwMDVQZlEySGlBejc5ekZxd0VUVUZ4MzVKb1MrOU41SlZ1cUczajJVQmROMXlJbFpSQ2M2cHdtZmFXUnpnUTdOVGJzZzZvUEdRNm0zamxKb1pFbXZWVTJwWEVlVWRCa2ZUMVJKOE9xSExTcG5pT2l5dFpOL1FvMzJLTndkaEpyZVhIV01RaTM3VHNlV1ptNklsYmtkSFpxeDRjRGZhYXNiZDNqa2s3NW00cDM5eTZVU0RvMStJUlZOZHw&cppv=2

Request Chain 137

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-nIAVfTKM4qRcR0oP2Lz9IjI6U0gqqE_w9TB7SQ&google_cm&google_hm=ay1uSUFWZlRLTTRxUmNSMG9QMkx6OUlqSTZVMGdxcUVfdzlUQjdTUQ HTTP 302
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-nIAVfTKM4qRcR0oP2Lz9IjI6U0gqqE_w9TB7SQ&google_gid=CAESEBL8dsQ8CZ3M4-pyY2j3FSU&google_cver=1&google_ula=913071,0

Request Chain 138

https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP 302
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=7343488845556826741

Request Chain 140

https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-y1pnDTKM4qRcR0oP2Lz9IjI6U0hFUleBFsU9tA HTTP 302
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-y1pnDTKM4qRcR0oP2Lz9IjI6U0hFUleBFsU9tA

Request Chain 149

https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k--ftBaDKM4qRcR0oP2Lz9IjI6U0hg3b3D30EuSA HTTP 302
https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k--ftBaDKM4qRcR0oP2Lz9IjI6U0hg3b3D30EuSA&verify=true

Request Chain 153

https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40 HTTP 302
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=bp3PQx_aVubZi_anladPcviIBZNG00NB

Request Chain 161

https://gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40 HTTP 302
https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=4gDeSFfyezSGND-cT6coJljWIZBs3HGP

Request Chain 162

https://gum.criteo.com/sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40 HTTP 302
https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=Eahll28FiPjQdxSJCPTvq7CD5sVIf4r9

163 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
shoppy.payback.it/
Redirect Chain

http://shoppy.payback.it/
https://shoppy.payback.it/

26 KB
8 KB

127ms
92ms

Document
text/html

45.60.14.82
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://shoppy.payback.it/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.14.82 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.8 / PHP/7.4.8

Resource Hash

d79279b415a6f42fe038aa33e794d0209b7c54ce2be4634d26dbebbaf9c4f0ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate
Connection: close
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Wed, 07 Dec 2022 15:44:30 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Link: <https://shoppy.payback.it/wp-json/>; rel="https://api.w.org/" <https://shoppy.payback.it/>; rel=shortlink
Pragma: no-cache
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.8
Strict-Transport-Security: max-age=31536000
Transfer-Encoding: chunked
X-CDN: Imperva
X-Iinfo: 2-31344819-31344820 NNYY CT(9 9 0) RT(1670428399629 19) q(0 0 0 0) r(1 1) U5
X-Powered-By: PHP/7.4.8

Redirect headers

Connection: close
Content-Length: 0
Location: https://shoppy.payback.it/

GET
H2 200 satelliteLib-f2d1022690bd2e431f16ceb9ee791ef963398317.js Show response
assets.adobedtm.com/3c0072855184ab95ab93abfc1fff6f8a505403fb/ 138 KB
43 KB 554ms
305ms Script
application/x-javascript 2a02:26f0:480:287::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/3c0072855184ab95ab93abfc1fff6f8a505403fb/satelliteLib-f2d1022690bd2e431f16ceb9ee791ef963398317.js
Requested by: Host: shoppy.payback.it
URL: https://shoppy.payback.it/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:287::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: cb32bd9e570a351bf4a6d035919b69cd928331359f64207aa243b49998a1466b

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://shoppy.payback.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 15:53:20 GMT
content-encoding: gzip
last-modified: Tue, 28 Jun 2022 07:47:17 GMT
server: AkamaiNetStorage
etag: "5858dec0b0759ba0fb3067061e8006c7:1656402437.619456"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://shoppy.payback.it
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 44138
expires: Wed, 07 Dec 2022 16:53:20 GMT

GET
H/1.1 200
OK style.min.css
shoppy.payback.it/wp-content/themes/payback/dist/ 271 KB
36 KB 75ms
44ms Stylesheet
text/css 45.60.14.82
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://shoppy.payback.it/wp-content/themes/payback/dist/style.min.css?v=1.3.1

Requested by

Host: shoppy.payback.it
URL: https://shoppy.payback.it/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.14.82 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.8 /

Resource Hash

cfb756e3b6b0db5bf5803bc8cedda375c7130c07cfd990c4c7040777b99d4059

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://shoppy.payback.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date: Wed, 07 Dec 2022 15:44:30 GMT
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
Last-Modified: Fri, 22 May 2020 10:39:24 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.8
X-CDN: Imperva
ETag: "43d9c-5a63a3e1daf00"
Transfer-Encoding: chunked
Content-Type: text/css
X-Iinfo: 13-181675013-181675016 NNYN CT(8 8 0) RT(1670428399759 17) q(0 0 0 -1) r(1 1) U5
Connection: close
Accept-Ranges: bytes

GET
H2 200 jquery-3.4.0.js Show response
code.jquery.com/ 273 KB
81 KB 101ms
31ms Script
application/javascript 2001:4de0:ac18::1:a:1b
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.4.0.js
Requested by: Host: shoppy.payback.it
URL: https://shoppy.payback.it/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:1b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: 0d864c082f074c2f900ebe5035a21c7d1ed548fb5c212ca477ee9e4a6056e6aa

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://shoppy.payback.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 15:53:20 GMT
content-encoding: gzip
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
server: nginx
etag: W/"611feac9-44534"
vary: Accept-Encoding
x-hw: 1670428400.dop012.ml1.t,1670428400.cds203.ml1.hn,1670428400.cds220.ml1.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 82681

GET
H/1.1 200
OK partner.min.js Show response
images.payback.it/static/js/lib/eintegration/ 114 KB
39 KB 143ms
79ms Script
application/javascript 45.60.14.82
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://images.payback.it/static/js/lib/eintegration/partner.min.js

Requested by

Host: shoppy.payback.it
URL: https://shoppy.payback.it/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.14.82 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Apache /

Resource Hash

1512d0cae110340d3c531924f88ff7648fbe7f58ec9d34a489d9e39ae6218035

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://shoppy.payback.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date: Wed, 07 Dec 2022 15:53:20 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=31536000
X-CDN: Imperva
X-Portal-Request-Id: Y5C28IDGG0HE3xo-4IQqTAAAAEM
X-Iinfo: 12-125037318-125037319 NNNY CT(20 33 0) RT(1670428399790 19) q(0 0 0 1) r(0 0) U5
Connection: Keep-Alive
Content-Length: 38917
Last-Modified: Wed, 07 Dec 2022 08:40:18 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: public,max-age=604800,s-maxage=604800
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Keep-Alive: timeout=5, max=200
Expires: Wed, 21 Dec 2022 15:53:20 GMT

GET
H/1.1 200
OK payback-lgt.css
shoppy.payback.it/wp-content/plugins/payback-lgt/css/ 3 KB
1 KB 76ms
45ms Stylesheet
text/css 45.60.14.82
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://shoppy.payback.it/wp-content/plugins/payback-lgt/css/payback-lgt.css?ver=4.9.14

Requested by

Host: shoppy.payback.it
URL: https://shoppy.payback.it/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.14.82 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.8 /

Resource Hash

c48b5e7b4b89e15ba330ad51596cfd0742a237eecf0c014125f794a1ffec248b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://shoppy.payback.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date: Wed, 07 Dec 2022 15:44:30 GMT
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
Last-Modified: Fri, 22 May 2020 10:39:24 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.8
X-CDN: Imperva
ETag: "bab-5a63a3e1daf00"
Transfer-Encoding: chunked
Content-Type: text/css
X-Iinfo: 13-181675014-181675017 NNYN CT(8 8 0) RT(1670428399760 19) q(0 0 0 -1) r(1 1) U5
Connection: close
Accept-Ranges: bytes

GET
H/1.1 200
OK payback-lgt.js Show response
shoppy.payback.it/wp-content/plugins/payback-lgt/js/ 1 KB
1002 B 79ms
47ms Script
application/javascript 45.60.14.82
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://shoppy.payback.it/wp-content/plugins/payback-lgt/js/payback-lgt.js?ver=4.9.14

Requested by

Host: shoppy.payback.it
URL: https://shoppy.payback.it/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.14.82 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.8 /

Resource Hash

91dff0cde19b5bdac4528d0250e13a025d546e67041e0b69e35271e165d6c62b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://shoppy.payback.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date: Wed, 07 Dec 2022 15:44:30 GMT
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
Last-Modified: Fri, 22 May 2020 10:39:24 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.8
X-CDN: Imperva
ETag: "48e-5a63a3e1daf00"
Transfer-Encoding: chunked
Content-Type: application/javascript
X-Iinfo: 13-181675015-181675018 NNYN CT(8 8 0) RT(1670428399760 22) q(0 0 1 -1) r(1 1) U5
Connection: close
Accept-Ranges: bytes

GET
H/1.1 200
OK banner_speciali_offerte_online_1903x212_05.jpg
shoppy.payback.it/wp-content/uploads/ 128 KB
128 KB 60ms
28ms Image
image/jpeg 45.60.14.82
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://shoppy.payback.it/wp-content/uploads/banner_speciali_offerte_online_1903x212_05.jpg

Requested by

Host: shoppy.payback.it
URL: https://shoppy.payback.it/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.14.82 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.8 /

Resource Hash

26ea12bf4b4c56e8bbd9ff137c59a1eff276a4eab5b7dc11ef8a318477eb18d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://shoppy.payback.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date: Wed, 07 Dec 2022 15:44:30 GMT
Strict-Transport-Security: max-age=31536000
Last-Modified: Fri, 10 May 2019 13:32:44 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.8
X-CDN: Imperva
ETag: "1fede-5888899fd5700"
Content-Type: image/jpeg
X-Iinfo: 9-64136380-64136381 NNNY CT(8 8 0) RT(1670428399964 16) q(0 0 0 -1) r(0 0) U5
Connection: close
Accept-Ranges: bytes
Content-Length: 130782

GET
H/1.1 200
OK app.min.js Show response
shoppy.payback.it/wp-content/themes/payback/dist/ 1 MB
184 KB 60ms
28ms Script
application/javascript 45.60.14.82
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://shoppy.payback.it/wp-content/themes/payback/dist/app.min.js?v=1.3.1

Requested by

Host: shoppy.payback.it
URL: https://shoppy.payback.it/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.14.82 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.8 /

Resource Hash

d158d0b20c5c981fbbe81b0149b30670214d4ea8450fe5a1bfb096b526ebcec9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://shoppy.payback.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date: Wed, 07 Dec 2022 15:44:30 GMT
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
Last-Modified: Fri, 22 May 2020 10:39:24 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.8
X-CDN: Imperva
ETag: "1081db-5a63a3e1daf00"
Transfer-Encoding: chunked
Content-Type: application/javascript
X-Iinfo: 7-115559795-115559800 NNYY CT(8 8 0) RT(1670428400102 17) q(0 0 0 -1) r(0 0) U5
Connection: close
Accept-Ranges: bytes

GET
H/1.1 200
OK _Incapsula_Resource Show response
shoppy.payback.it/ 137 KB
20 KB 56ms
25ms Script
application/javascript 45.60.14.82
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://shoppy.payback.it/_Incapsula_Resource?SWJIYLWA=719d34d31c8e3a6e6fffd425f7e032f3&ns=1&cb=1100620039

Requested by

Host: shoppy.payback.it
URL: https://shoppy.payback.it/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.14.82 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

ca05feded1e2121cc61e699eb775638085d8bd60e1c18765dd8e442319f81a10

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://shoppy.payback.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store
Content-Encoding: gzip
X-Robots-Tag: noindex
Content-Length: 19783
Content-Type: application/javascript

GET
H2 200 id Show response
smetrics.payback.it/ 89 B
608 B 143ms
45ms XHR
application/x-javascript 13.36.218.177
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://smetrics.payback.it/id?d_visid_ver=5.4.0&d_fieldgroup=A&mcorgid=124538B3527845100A490D4C%40AdobeOrg&mid=09600439071886566818136243517261976985&d_coppa=true&ts=1670428400692

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/3c0072855184ab95ab93abfc1fff6f8a505403fb/satelliteLib-f2d1022690bd2e431f16ceb9ee791ef963398317.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.36.218.177 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-36-218-177.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

3ebf1feee2c186d93b326a44ac13526af3c4ba818e11c62e0763e63217b9248b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://shoppy.payback.it/
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 07 Dec 2022 15:53:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
server: jag
vary: Origin
content-type: application/x-javascript;charset=utf-8
access-control-allow-origin: https://shoppy.payback.it
p3p: CP="This is not a P3P policy"
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
content-length: 89
x-xss-protection: 1; mode=block

GET
H2 200 AppMeasurement.min.js Show response
assets.adobedtm.com/extensions/EP171e731c9ba34f1c950c36d26e3efd61/ 33 KB
12 KB 43ms
42ms Script
application/x-javascript 2a02:26f0:480:287::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/extensions/EP171e731c9ba34f1c950c36d26e3efd61/AppMeasurement.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/3c0072855184ab95ab93abfc1fff6f8a505403fb/satelliteLib-f2d1022690bd2e431f16ceb9ee791ef963398317.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:287::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 9219086b4f2c3bf77854b2e06ccd97ad32b9b7a140e65ff8b974a3bae6c7854c

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://shoppy.payback.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 15:53:20 GMT
content-encoding: gzip
last-modified: Mon, 14 Feb 2022 16:35:31 GMT
server: AkamaiNetStorage
etag: "d860c16ac938f7d839f0ec158d02d0f0:1644856531.418573"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://shoppy.payback.it
cache-control: no-cache
accept-ranges: bytes
timing-allow-origin: *
content-length: 12163
expires: Wed, 07 Dec 2022 16:53:20 GMT

GET
H2 200 AppMeasurement_Module_ActivityMap.min.js Show response
assets.adobedtm.com/extensions/EP171e731c9ba34f1c950c36d26e3efd61/ 3 KB
2 KB 47ms
46ms Script
application/x-javascript 2a02:26f0:480:287::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/extensions/EP171e731c9ba34f1c950c36d26e3efd61/AppMeasurement_Module_ActivityMap.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/3c0072855184ab95ab93abfc1fff6f8a505403fb/satelliteLib-f2d1022690bd2e431f16ceb9ee791ef963398317.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:287::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 462a66acbf50e933685e7587e9f1441df8225b2bb4d6b7bc5e757eccf4ff6575

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://shoppy.payback.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 15:53:20 GMT
content-encoding: gzip
last-modified: Mon, 14 Feb 2022 16:35:31 GMT
server: AkamaiNetStorage
etag: "2d1382c349d480b6b41574ac0c1af066:1644856531.739514"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://shoppy.payback.it
cache-control: no-cache
accept-ranges: bytes
timing-allow-origin: *
content-length: 1597
expires: Wed, 07 Dec 2022 16:53:20 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 85ms
25ms Script
text/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: shoppy.payback.it
URL: https://shoppy.payback.it/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://shoppy.payback.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 07 Dec 2022 15:24:40 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 1720
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Wed, 07 Dec 2022 17:24:40 GMT

GET
H/1.1 200
OK PAYBACK_Regular.woff
shoppy.payback.it/wp-content/themes/payback/font/ 84 KB
84 KB 59ms
30ms Font
application/font-woff 45.60.14.82
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://shoppy.payback.it/wp-content/themes/payback/font/PAYBACK_Regular.woff

Requested by

Host: shoppy.payback.it
URL: https://shoppy.payback.it/wp-content/themes/payback/dist/style.min.css?v=1.3.1

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.14.82 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.8 /

Resource Hash

99eea6fd17c74ac50672d2e66d260f8b0e43d8ed34087543ffd3640d74d35966

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://shoppy.payback.it/wp-content/themes/payback/dist/style.min.css?v=1.3.1
Origin: https://shoppy.payback.it
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date: Wed, 07 Dec 2022 15:44:30 GMT
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
Last-Modified: Fri, 22 May 2020 10:39:24 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.8
X-CDN: Imperva
ETag: "15007-5a63a3e1daf00"
Transfer-Encoding: chunked
Content-Type: application/font-woff
X-Iinfo: 13-181675074-181675081 NNYY CT(8 9 0) RT(1670428400359 61) q(0 0 0 -1) r(0 0) U5
Connection: close
Accept-Ranges: bytes

GET
H/1.1 200
OK icomoon.ttf
shoppy.payback.it/wp-content/themes/payback/font/icons/ 2 KB
2 KB 60ms
27ms Font
application/font-sfnt 45.60.14.82
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://shoppy.payback.it/wp-content/themes/payback/font/icons/icomoon.ttf?a11ik2

Requested by

Host: shoppy.payback.it
URL: https://shoppy.payback.it/wp-content/themes/payback/dist/style.min.css?v=1.3.1

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.14.82 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.8 /

Resource Hash

2366fcb82cd714526fc1971b6de66a0f1459df9dfc22548fc8fe4f6ee40ee408

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://shoppy.payback.it/wp-content/themes/payback/dist/style.min.css?v=1.3.1
Origin: https://shoppy.payback.it
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date: Wed, 07 Dec 2022 15:44:30 GMT
Strict-Transport-Security: max-age=31536000
Last-Modified: Fri, 22 May 2020 10:39:24 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.8
X-CDN: Imperva
ETag: "7a4-5a63a3e1daf00"
Content-Type: application/font-sfnt
X-Iinfo: 6-71122290-71122292 NNNY CT(8 9 0) RT(1670428400405 18) q(0 0 0 -1) r(0 0) U5
Connection: close
Accept-Ranges: bytes
Content-Length: 1956

GET
H/1.1 200
OK Lato-Regular.woff
shoppy.payback.it/wp-content/themes/payback/font/ 302 KB
274 KB 53ms
29ms Font
application/font-woff 45.60.14.82
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://shoppy.payback.it/wp-content/themes/payback/font/Lato-Regular.woff

Requested by

Host: shoppy.payback.it
URL: https://shoppy.payback.it/wp-content/themes/payback/dist/style.min.css?v=1.3.1

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.14.82 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.8 /

Resource Hash

5b9025dda4d7688e3311b0c17eddc501133b807def33effaef6593843cf5416e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://shoppy.payback.it/wp-content/themes/payback/dist/style.min.css?v=1.3.1
Origin: https://shoppy.payback.it
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date: Wed, 07 Dec 2022 15:44:30 GMT
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
Last-Modified: Fri, 22 May 2020 10:39:24 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.8
X-CDN: Imperva
ETag: "4b7c8-5a63a3e1daf00"
Transfer-Encoding: chunked
Content-Type: application/font-woff
X-Iinfo: 12-125037349-125037350 NNYY CT(8 9 0) RT(1670428400406 17) q(0 0 0 -1) r(0 0) U5
Connection: close
Accept-Ranges: bytes

GET
H2 200 RC61b3a2c0dda54bc486be56202a1fb336-source.min.js Show response
assets.adobedtm.com/ec73232191d2/7a35ee5f0b15/c46997dc20bb/ 629 B
666 B 171ms
171ms Script
application/x-javascript 2a02:26f0:480:287::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/ec73232191d2/7a35ee5f0b15/c46997dc20bb/RC61b3a2c0dda54bc486be56202a1fb336-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/3c0072855184ab95ab93abfc1fff6f8a505403fb/satelliteLib-f2d1022690bd2e431f16ceb9ee791ef963398317.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:287::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 060081f3ddfb6beb9eaa3de00b3d3986f0a801e450420e3a899a9623b7c40ca5

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://shoppy.payback.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 15:53:20 GMT
content-encoding: gzip
last-modified: Tue, 28 Jun 2022 07:47:18 GMT
server: AkamaiNetStorage
etag: "f97e260fe663f38a30608df493fb4502:1656402438.864877"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://shoppy.payback.it
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 400
expires: Wed, 07 Dec 2022 16:53:20 GMT

GET
H2 200 RC60d37136bea6499a89e967ede0f8e4ff-source.min.js Show response
assets.adobedtm.com/ec73232191d2/7a35ee5f0b15/c46997dc20bb/ 963 B
835 B 167ms
166ms Script
application/x-javascript 2a02:26f0:480:287::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/ec73232191d2/7a35ee5f0b15/c46997dc20bb/RC60d37136bea6499a89e967ede0f8e4ff-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/3c0072855184ab95ab93abfc1fff6f8a505403fb/satelliteLib-f2d1022690bd2e431f16ceb9ee791ef963398317.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:287::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: a62edb0be4536750c127ad1f2bdfbdf3b088b37aa84236b2e9892cc42bfd57f0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://shoppy.payback.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 15:53:20 GMT
content-encoding: gzip
last-modified: Tue, 28 Jun 2022 07:47:18 GMT
server: AkamaiNetStorage
etag: "f97e260fe663f38a30608df493fb4502:1656402438.864877"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://shoppy.payback.it
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 568
expires: Wed, 07 Dec 2022 16:53:20 GMT

GET
H2 200 RC43ca655fad934fc6a72438770c2ce53d-source.min.js Show response
assets.adobedtm.com/ec73232191d2/7a35ee5f0b15/c46997dc20bb/ 1 KB
920 B 332ms
331ms Script
application/x-javascript 2a02:26f0:480:287::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/ec73232191d2/7a35ee5f0b15/c46997dc20bb/RC43ca655fad934fc6a72438770c2ce53d-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/3c0072855184ab95ab93abfc1fff6f8a505403fb/satelliteLib-f2d1022690bd2e431f16ceb9ee791ef963398317.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:287::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 0e4fd57edb22e5b7808c3445ebea120c9539891dd775e553fa72bbad2e05b4a5

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://shoppy.payback.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 15:53:21 GMT
content-encoding: gzip
last-modified: Tue, 28 Jun 2022 07:47:18 GMT
server: AkamaiNetStorage
etag: "f97e260fe663f38a30608df493fb4502:1656402438.864877"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://shoppy.payback.it
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 653
expires: Wed, 07 Dec 2022 16:53:21 GMT

GET
H2 200 RCe95fa8bfee134844887c9d239fcbfb87-source.min.js Show response
assets.adobedtm.com/ec73232191d2/7a35ee5f0b15/c46997dc20bb/ 2 KB
1 KB 168ms
167ms Script
application/x-javascript 2a02:26f0:480:287::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/ec73232191d2/7a35ee5f0b15/c46997dc20bb/RCe95fa8bfee134844887c9d239fcbfb87-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/3c0072855184ab95ab93abfc1fff6f8a505403fb/satelliteLib-f2d1022690bd2e431f16ceb9ee791ef963398317.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:287::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 83c44166852d421aeef2c21345fee892f77a4495dea52a500fd0954c51a4fbe1

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://shoppy.payback.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 15:53:20 GMT
content-encoding: gzip
last-modified: Tue, 28 Jun 2022 07:47:18 GMT
server: AkamaiNetStorage
etag: "f97e260fe663f38a30608df493fb4502:1656402438.864877"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://shoppy.payback.it
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 1108
expires: Wed, 07 Dec 2022 16:53:20 GMT

GET
H2 200 RCbe986ee320f547cfb2f805e13a500639-source.min.js Show response
assets.adobedtm.com/ec73232191d2/7a35ee5f0b15/c46997dc20bb/ 2 KB
1 KB 291ms
290ms Script
application/x-javascript 2a02:26f0:480:287::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/ec73232191d2/7a35ee5f0b15/c46997dc20bb/RCbe986ee320f547cfb2f805e13a500639-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/3c0072855184ab95ab93abfc1fff6f8a505403fb/satelliteLib-f2d1022690bd2e431f16ceb9ee791ef963398317.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:287::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: e25f08d953ae4fc69bccf2a1279e56aa33425de22cbc3643208a8fcbc351b5db

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://shoppy.payback.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 15:53:21 GMT
content-encoding: gzip
last-modified: Tue, 28 Jun 2022 07:47:18 GMT
server: AkamaiNetStorage
etag: "f97e260fe663f38a30608df493fb4502:1656402438.864877"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://shoppy.payback.it
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 1114
expires: Wed, 07 Dec 2022 16:53:21 GMT

GET
H/1.1 200
OK 3rd-party-header Show response
www.payback.it/ Frame 9D87 31 KB
8 KB 160ms
73ms Document
text/html 45.60.14.82
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.payback.it/3rd-party-header?frameId=pb-iframe0&parentUrl=https://shoppy.payback.it

Requested by

Host: images.payback.it
URL: https://images.payback.it/static/js/lib/eintegration/partner.min.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.14.82 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Apache /

Resource Hash

9f344df33c4dd72d9d0a7c84a2a01ebb3f3fef42f90e9d1bb1392b2e06061f2d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors *.payback.it
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://shoppy.payback.it/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate
Connection: Keep-Alive
Content-Encoding: gzip
Content-Security-Policy: frame-ancestors *.payback.it
Content-Type: text/html; charset=UTF-8
Date: Wed, 07 Dec 2022 15:53:20 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive: timeout=5, max=174
Pragma: no-cache
Server: Apache
Strict-Transport-Security: max-age=31536000
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-CDN: Imperva
X-Content-Type-Options: nosniff
X-Iinfo: 9-64136399-64136401 NNNY CT(19 17 0) RT(1670428400482 34) q(0 0 0 0) r(0 0) U5
X-Permitted-Cross-Domain-Policies: none
X-Portal-Request-Id: Y5C28BEoVirje9N2IhMTugAAADk
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK eintegration Show response
www.payback.it/ Frame 9A3E 8 KB
4 KB 146ms
60ms Document
text/html 45.60.14.82
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.payback.it/eintegration?frameId=pb-iframe1&parentUrl=https://shoppy.payback.it

Requested by

Host: images.payback.it
URL: https://images.payback.it/static/js/lib/eintegration/partner.min.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.14.82 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Apache /

Resource Hash

b055061da7c77e79a287c8b4240d3fdc84a8bcf824baabcbc686164bcec72664

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors *.payback.it
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://shoppy.payback.it/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate
Connection: Keep-Alive
Content-Encoding: gzip
Content-Security-Policy: frame-ancestors *.payback.it
Content-Type: text/html; charset=UTF-8
Date: Wed, 07 Dec 2022 15:53:20 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive: timeout=5, max=145
Pragma: no-cache
Server: Apache
Strict-Transport-Security: max-age=31536000
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-CDN: Imperva
X-Content-Type-Options: nosniff
X-Iinfo: 13-181675093-181674829 PNNy RT(1670428400482 24) q(0 0 0 2) r(0 0) U5
X-Permitted-Cross-Domain-Policies: none
X-Portal-Request-Id: Y5C28L80VbXgjpyIfy6jzgAAAEU
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK 3rd-party-footer Show response
www.payback.it/ Frame 1709 25 KB
6 KB 162ms
78ms Document
text/html 45.60.14.82
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.payback.it/3rd-party-footer?frameId=pb-iframe2&parentUrl=https://shoppy.payback.it

Requested by

Host: images.payback.it
URL: https://images.payback.it/static/js/lib/eintegration/partner.min.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.14.82 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Apache /

Resource Hash

f1ac695c1600f96139b3b8483ab11e96eb24d182934b1eebe438726c741e2127

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors *.payback.it
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://shoppy.payback.it/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate
Connection: Keep-Alive
Content-Encoding: gzip
Content-Security-Policy: frame-ancestors *.payback.it
Content-Type: text/html; charset=UTF-8
Date: Wed, 07 Dec 2022 15:53:20 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive: timeout=5, max=105
Pragma: no-cache
Server: Apache
Strict-Transport-Security: max-age=31536000
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-CDN: Imperva
X-Content-Type-Options: nosniff
X-Iinfo: 13-181675094-181675100 NNNY CT(18 19 0) RT(1670428400482 25) q(0 0 0 6) r(0 0) U5
X-Permitted-Cross-Domain-Policies: none
X-Portal-Request-Id: Y5C28CJr7nAB2Rul40Lh9wAAABs
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK _Incapsula_Resource
shoppy.payback.it/ 1 B
168 B 16ms
15ms Image
text/plain 45.60.14.82
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://shoppy.payback.it/_Incapsula_Resource?SWKMTFSR=1&e=0.306910131531976

Requested by

Host: shoppy.payback.it
URL: https://shoppy.payback.it/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.14.82 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://shoppy.payback.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store
X-Robots-Tag: noindex
Content-Length: 1
Content-Type: text/plain

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
208 B 33ms
33ms XHR
text/plain 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=1412768265&t=pageview&_s=1&dl=https%3A%2F%2Fshoppy.payback.it%2F&ul=en-us&de=UTF-8&dt=Le%20migliori%20offerte%20PAYBACK%20su%20tanti%20Partner%20Online!&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=839127034&gjid=1064455346&cid=1102844996.1670428401&tid=UA-111391490-1&_gid=292391155.1670428401&_r=1&_slc=1&z=479653064

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://shoppy.payback.it/
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 07 Dec 2022 15:53:20 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://shoppy.payback.it
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK deals Show response
shoppy.payback.it/api/ 53 B
669 B 72ms
72ms XHR
application/json 45.60.14.82
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://shoppy.payback.it/api/deals

Requested by

Host: shoppy.payback.it
URL: https://shoppy.payback.it/wp-content/themes/payback/dist/app.min.js?v=1.3.1

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.14.82 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.8 / PHP/7.4.8

Resource Hash

3c971f1f3b619a30acf212b1d8ac3726c91a870b6f960cd98bfbf06343a38bdd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Referer: https://shoppy.payback.it/
X-Requested-With: XMLHttpRequest
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type: application/json;

Response headers

Pragma: no-cache
Date: Wed, 07 Dec 2022 15:44:30 GMT
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.8
X-CDN: Imperva
X-Powered-By: PHP/7.4.8
Transfer-Encoding: chunked
Content-Type: application/json
X-Iinfo: 5-111486796-111486798 NNYY CT(8 9 0) RT(1670428400416 130) q(0 0 0 -1) r(1 1) U5
Cache-Control: no-store, no-cache, must-revalidate
Connection: close
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ Frame 9A3E 21 KB
7 KB 77ms
32ms Script
application/javascript 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Requested by

Host: www.payback.it
URL: https://www.payback.it/eintegration?frameId=pb-iframe1&parentUrl=https://shoppy.payback.it

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bbc4456bca95006683a8f081d0d2ed645eef5b14c62eca12c70f7e1cec26c1a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.payback.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 07 Dec 2022 15:53:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: bKkFjZE43AfZo3jm8gqLew==
age: 52121
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 7151
x-ms-lease-status: unlocked
last-modified: Tue, 06 Dec 2022 07:45:09 GMT
server: cloudflare
etag: 0x8DAD75DCC9E2F9F
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: b80b8554-f01e-014c-18d0-0959ac000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 775e6f021fd33756-MXP

GET
H/1.1 200
OK styles.min.css
images.payback.it/static/css/layouts/payback/ Frame 9A3E 402 KB
62 KB 53ms
53ms Stylesheet
text/css 45.60.14.82
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://images.payback.it/static/css/layouts/payback/styles.min.css?v=2022.49-3093634

Requested by

Host: www.payback.it
URL: https://www.payback.it/eintegration?frameId=pb-iframe1&parentUrl=https://shoppy.payback.it

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.14.82 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Apache /

Resource Hash

ad19f7f9d6cf32c692adfccc2dbb38c7b7a901fd7360c6d657f5332dcf9e0890

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.payback.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date: Wed, 07 Dec 2022 15:53:20 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=31536000
X-CDN: Imperva
Transfer-Encoding: chunked
X-Portal-Request-Id: Y5C28KfUbrQYN26tLwP5GQAAAAU
X-Iinfo: 12-125037318-125037356 NNNY CT(20 17 0) RT(1670428399790 808) q(0 1 1 -1) r(1 1) U5
Connection: Keep-Alive
Last-Modified: Wed, 07 Dec 2022 08:40:16 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: public,max-age=604800,s-maxage=604800
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Keep-Alive: timeout=5, max=200
Expires: Wed, 21 Dec 2022 15:53:20 GMT

GET
H/1.1 200
OK min.js Show response
images.payback.it/static/js/payback/ Frame 9A3E 2 MB
379 KB 134ms
87ms Script
application/javascript 45.60.14.82
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://images.payback.it/static/js/payback/min.js?v=2022.49-3093634

Requested by

Host: www.payback.it
URL: https://www.payback.it/eintegration?frameId=pb-iframe1&parentUrl=https://shoppy.payback.it

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.14.82 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Apache /

Resource Hash

09497c21add8bb0db9905871ded0bd92a146f8da071fba477cbb80c9f3e128d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.payback.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date: Wed, 07 Dec 2022 15:53:21 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=31536000
X-CDN: Imperva
Transfer-Encoding: chunked
X-Portal-Request-Id: Y5C28QBwVi6eBFdxBbnbkAAAADA
X-Iinfo: 11-123610463-123610466 NNNN CT(17 19 0) RT(1670428400627 18) q(0 0 0 -1) r(1 1) U5
Connection: Keep-Alive
Last-Modified: Wed, 07 Dec 2022 08:40:50 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: public,max-age=604800,s-maxage=604800
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Keep-Alive: timeout=5, max=200
Expires: Wed, 21 Dec 2022 15:53:21 GMT

GET
H/1.1 200
OK portal.min.js Show response
images.payback.it/static/js/lib/eintegration/ Frame 9A3E 14 KB
5 KB 121ms
74ms Script
application/javascript 45.60.14.82
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://images.payback.it/static/js/lib/eintegration/portal.min.js?v=2022.49-3093634

Requested by

Host: www.payback.it
URL: https://www.payback.it/eintegration?frameId=pb-iframe1&parentUrl=https://shoppy.payback.it

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.14.82 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Apache /

Resource Hash

61a8cacd8d5f7bde75f5fd5b5ea813adcee5c4627d678da5b818432a329cbe37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.payback.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date: Wed, 07 Dec 2022 15:53:21 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=31536000
X-CDN: Imperva
X-Portal-Request-Id: Y5C28TZoou5Z5VguNeSRXQAAAFg
X-Iinfo: 14-225768461-225768466 NNNN CT(18 18 0) RT(1670428400627 17) q(0 0 0 -1) r(1 1) U5
Connection: Keep-Alive
Content-Length: 4299
Last-Modified: Wed, 07 Dec 2022 08:40:18 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: public,max-age=604800,s-maxage=604800
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Keep-Alive: timeout=5, max=200
Expires: Wed, 21 Dec 2022 15:53:21 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ Frame 9A3E 912 B
645 B 101ms
37ms Script
text/javascript 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?hl=it&onload=recaptchaCallback&render=explicit

Requested by

Host: www.payback.it
URL: https://www.payback.it/eintegration?frameId=pb-iframe1&parentUrl=https://shoppy.payback.it

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

5774c7771501c10cacb9438c866e7373a7aa1c70fa8205966c3dcf4b31f6c24c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.payback.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 15:53:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 580
x-xss-protection: 1; mode=block
expires: Wed, 07 Dec 2022 15:53:21 GMT

GET
H/1.1 200
OK _Incapsula_Resource Show response
www.payback.it/ Frame 9A3E 137 KB
20 KB 438ms
437ms Script
application/javascript 45.60.14.82
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.payback.it/_Incapsula_Resource?SWJIYLWA=719d34d31c8e3a6e6fffd425f7e032f3&ns=1&cb=2034089387

Requested by

Host: www.payback.it
URL: https://www.payback.it/eintegration?frameId=pb-iframe1&parentUrl=https://shoppy.payback.it

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.14.82 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

db9fc712d0c8bd60ca057e5c2da5ee094ccca2fbb3fa5690f8240cd2d20a97e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.payback.it/eintegration?frameId=pb-iframe1&parentUrl=https://shoppy.payback.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store
Content-Encoding: gzip
X-Robots-Tag: noindex
Content-Length: 19791
Content-Type: application/javascript

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ Frame 9D87 21 KB
7 KB 57ms
26ms Script
application/javascript 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Requested by

Host: www.payback.it
URL: https://www.payback.it/3rd-party-header?frameId=pb-iframe0&parentUrl=https://shoppy.payback.it

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bbc4456bca95006683a8f081d0d2ed645eef5b14c62eca12c70f7e1cec26c1a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.payback.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 07 Dec 2022 15:53:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: bKkFjZE43AfZo3jm8gqLew==
age: 52121
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 7151
x-ms-lease-status: unlocked
last-modified: Tue, 06 Dec 2022 07:45:09 GMT
server: cloudflare
etag: 0x8DAD75DCC9E2F9F
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: b80b8554-f01e-014c-18d0-0959ac000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 775e6f022fd73756-MXP

GET
H/1.1 200
OK styles.min.css
images.payback.it/static/css/layouts/payback/ Frame 9D87 402 KB
62 KB 66ms
48ms Stylesheet
text/css 45.60.14.82
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://images.payback.it/static/css/layouts/payback/styles.min.css?v=2022.49-3093634

Requested by

Host: www.payback.it
URL: https://www.payback.it/3rd-party-header?frameId=pb-iframe0&parentUrl=https://shoppy.payback.it

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.14.82 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Apache /

Resource Hash

ad19f7f9d6cf32c692adfccc2dbb38c7b7a901fd7360c6d657f5332dcf9e0890

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.payback.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date: Wed, 07 Dec 2022 15:53:20 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=31536000
X-CDN: Imperva
Transfer-Encoding: chunked
X-Portal-Request-Id: Y5C28IicW3@LBTxrvKl8jwAAAEA
X-Iinfo: 14-225768460-225767898 PNNy RT(1670428400612 18) q(0 0 0 -1) r(0 0) U5
Connection: Keep-Alive
Last-Modified: Wed, 07 Dec 2022 08:40:16 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: public,max-age=604800,s-maxage=604800
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Keep-Alive: timeout=5, max=197
Expires: Wed, 21 Dec 2022 15:53:20 GMT

GET
H/1.1 200
OK min.js Show response
images.payback.it/static/js/payback/ Frame 9D87 2 MB
379 KB 132ms
98ms Script
application/javascript 45.60.14.82
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://images.payback.it/static/js/payback/min.js?v=2022.49-3093634

Requested by

Host: www.payback.it
URL: https://www.payback.it/3rd-party-header?frameId=pb-iframe0&parentUrl=https://shoppy.payback.it

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.14.82 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Apache /

Resource Hash

09497c21add8bb0db9905871ded0bd92a146f8da071fba477cbb80c9f3e128d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.payback.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date: Wed, 07 Dec 2022 15:53:21 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=31536000
X-CDN: Imperva
Transfer-Encoding: chunked
X-Portal-Request-Id: Y5C28b4CI6mUauCR3Xs-mgAAAEc
X-Iinfo: 14-225768462-225768467 NNNN CT(20 21 0) RT(1670428400627 19) q(0 0 0 -1) r(1 1) U5
Connection: Keep-Alive
Last-Modified: Wed, 07 Dec 2022 08:40:50 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: public,max-age=604800,s-maxage=604800
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Keep-Alive: timeout=5, max=200
Expires: Wed, 21 Dec 2022 15:53:21 GMT

GET
H/1.1 200
OK portal.min.js Show response
images.payback.it/static/js/lib/eintegration/ Frame 9D87 14 KB
5 KB 113ms
38ms Script
application/javascript 45.60.14.82
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://images.payback.it/static/js/lib/eintegration/portal.min.js?v=2022.49-3093634

Requested by

Host: www.payback.it
URL: https://www.payback.it/3rd-party-header?frameId=pb-iframe0&parentUrl=https://shoppy.payback.it

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.14.82 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Apache /

Resource Hash

61a8cacd8d5f7bde75f5fd5b5ea813adcee5c4627d678da5b818432a329cbe37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.payback.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date: Wed, 07 Dec 2022 15:53:21 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=31536000
X-CDN: Imperva
X-Portal-Request-Id: Y5C28afUbrQYN26tLwP5GgAAAAU
X-Iinfo: 12-125037318-125037356 SNNy RT(1670428399790 896) q(0 0 0 -1) r(1 1) U5
Connection: Keep-Alive
Content-Length: 4299
Last-Modified: Wed, 07 Dec 2022 08:40:18 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: public,max-age=604800,s-maxage=604800
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Keep-Alive: timeout=5, max=199
Expires: Wed, 21 Dec 2022 15:53:21 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ Frame 9D87 912 B
993 B 98ms
36ms Script
text/javascript 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?hl=it&onload=recaptchaCallback&render=explicit

Requested by

Host: www.payback.it
URL: https://www.payback.it/3rd-party-header?frameId=pb-iframe0&parentUrl=https://shoppy.payback.it

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

5774c7771501c10cacb9438c866e7373a7aa1c70fa8205966c3dcf4b31f6c24c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.payback.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 15:53:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 580
x-xss-protection: 1; mode=block
expires: Wed, 07 Dec 2022 15:53:21 GMT

GET
H/1.1 200
OK firstspirit_1546875279455payback_logo_highres.svg
images.payback.it/media/global/editorial/logo-header/ Frame 9D87 4 KB
2 KB 42ms
40ms Image
image/svg+xml 45.60.14.82
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.payback.it/media/global/editorial/logo-header/firstspirit_1546875279455payback_logo_highres.svg

Requested by

Host: www.payback.it
URL: https://www.payback.it/3rd-party-header?frameId=pb-iframe0&parentUrl=https://shoppy.payback.it

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.14.82 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Apache /

Resource Hash

bf7bed9067125e4194b2b8be487f50bb57d91fa02529caf6cd4aee826ff9b42e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.payback.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date: Wed, 07 Dec 2022 15:53:21 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=31536000
X-CDN: Imperva
X-Portal-Request-Id: Y5C28ZXuFU7AGX7Y16o9xAAAADA
X-Iinfo: 8-49783163-49783164 SNNN RT(1670428400613 214) q(0 0 0 -1) r(0 0) U5
Connection: Keep-Alive
Content-Length: 1499
Last-Modified: Wed, 07 Dec 2022 13:35:27 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
Cache-Control: public,max-age=604800,s-maxage=604800
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Keep-Alive: timeout=5, max=199
Expires: Wed, 14 Dec 2022 15:53:21 GMT

GET
H/1.1 200
OK firstspirit_1546875279455payback_logo_highres_small.svg
images.payback.it/media/global/editorial/logo-header/ Frame 9D87 5 KB
2 KB 78ms
77ms Image
image/svg+xml 45.60.14.82
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.payback.it/media/global/editorial/logo-header/firstspirit_1546875279455payback_logo_highres_small.svg

Requested by

Host: www.payback.it
URL: https://www.payback.it/3rd-party-header?frameId=pb-iframe0&parentUrl=https://shoppy.payback.it

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.14.82 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Apache /

Resource Hash

180cf8f4a7cf5881c42a40f00cb72d1af052aedba9f66d068093b123dd398000

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.payback.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date: Wed, 07 Dec 2022 15:53:21 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=31536000
X-CDN: Imperva
X-Portal-Request-Id: Y5C28YicW3@LBTxrvKl8kQAAAEA
X-Iinfo: 14-225768460-225767898 SNNy RT(1670428400612 316) q(0 0 0 -1) r(0 0) U5
Connection: Keep-Alive
Content-Length: 1875
Last-Modified: Wed, 07 Dec 2022 13:35:27 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
Cache-Control: public,max-age=604800,s-maxage=604800
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Keep-Alive: timeout=5, max=195
Expires: Wed, 14 Dec 2022 15:53:21 GMT

GET
H/1.1 200
OK _Incapsula_Resource Show response
www.payback.it/ Frame 9D87 133 KB
19 KB 23ms
23ms Script
application/javascript 45.60.14.82
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.payback.it/_Incapsula_Resource?SWJIYLWA=719d34d31c8e3a6e6fffd425f7e032f3&ns=3&cb=1058273169

Requested by

Host: www.payback.it
URL: https://www.payback.it/3rd-party-header?frameId=pb-iframe0&parentUrl=https://shoppy.payback.it

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.14.82 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

1f8d5b49b77e42a873246d472f19909dc5a7af0d51a354b04d5c675a2891219c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.payback.it/3rd-party-header?frameId=pb-iframe0&parentUrl=https://shoppy.payback.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store
Content-Encoding: gzip
X-Robots-Tag: noindex
Content-Length: 19045
Content-Type: application/javascript

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ Frame 1709 21 KB
8 KB 48ms
25ms Script
application/javascript 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Requested by

Host: www.payback.it
URL: https://www.payback.it/3rd-party-footer?frameId=pb-iframe2&parentUrl=https://shoppy.payback.it

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bbc4456bca95006683a8f081d0d2ed645eef5b14c62eca12c70f7e1cec26c1a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.payback.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 07 Dec 2022 15:53:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: bKkFjZE43AfZo3jm8gqLew==
age: 52121
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 7151
x-ms-lease-status: unlocked
last-modified: Tue, 06 Dec 2022 07:45:09 GMT
server: cloudflare
etag: 0x8DAD75DCC9E2F9F
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: b80b8554-f01e-014c-18d0-0959ac000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 775e6f022fd63756-MXP

GET
H/1.1 200
OK styles.min.css
images.payback.it/static/css/layouts/payback/ Frame 1709 402 KB
62 KB 99ms
89ms Stylesheet
text/css 45.60.14.82
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://images.payback.it/static/css/layouts/payback/styles.min.css?v=2022.49-3093634

Requested by

Host: www.payback.it
URL: https://www.payback.it/3rd-party-footer?frameId=pb-iframe2&parentUrl=https://shoppy.payback.it

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.14.82 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Apache /

Resource Hash

ad19f7f9d6cf32c692adfccc2dbb38c7b7a901fd7360c6d657f5332dcf9e0890

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.payback.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date: Wed, 07 Dec 2022 15:53:21 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=31536000
X-CDN: Imperva
Transfer-Encoding: chunked
X-Portal-Request-Id: Y5C28ZXuFU7AGX7Y16o9wwAAADA
X-Iinfo: 8-49783163-49783164 NNNN CT(18 19 0) RT(1670428400613 16) q(0 0 0 -1) r(0 0) U5
Connection: Keep-Alive
Last-Modified: Wed, 07 Dec 2022 08:40:16 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: public,max-age=604800,s-maxage=604800
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Keep-Alive: timeout=5, max=200
Expires: Wed, 21 Dec 2022 15:53:21 GMT

GET
H/1.1 200
OK min.js Show response
images.payback.it/static/js/payback/ Frame 1709 2 MB
379 KB 148ms
55ms Script
application/javascript 45.60.14.82
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://images.payback.it/static/js/payback/min.js?v=2022.49-3093634

Requested by

Host: www.payback.it
URL: https://www.payback.it/3rd-party-footer?frameId=pb-iframe2&parentUrl=https://shoppy.payback.it

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.14.82 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Apache /

Resource Hash

09497c21add8bb0db9905871ded0bd92a146f8da071fba477cbb80c9f3e128d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.payback.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date: Wed, 07 Dec 2022 15:53:21 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=31536000
X-CDN: Imperva
Transfer-Encoding: chunked
X-Portal-Request-Id: Y5C28YicW3@LBTxrvKl8kAAAAEA
X-Iinfo: 14-225768460-225767898 SNNy RT(1670428400612 103) q(0 0 0 -1) r(0 0) U5
Connection: Keep-Alive
Last-Modified: Wed, 07 Dec 2022 08:40:50 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: public,max-age=604800,s-maxage=604800
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Keep-Alive: timeout=5, max=196
Expires: Wed, 21 Dec 2022 15:53:21 GMT

GET
H/1.1 200
OK portal.min.js Show response
images.payback.it/static/js/lib/eintegration/ Frame 1709 14 KB
5 KB 138ms
38ms Script
application/javascript 45.60.14.82
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://images.payback.it/static/js/lib/eintegration/portal.min.js?v=2022.49-3093634

Requested by

Host: www.payback.it
URL: https://www.payback.it/3rd-party-footer?frameId=pb-iframe2&parentUrl=https://shoppy.payback.it

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.14.82 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Apache /

Resource Hash

61a8cacd8d5f7bde75f5fd5b5ea813adcee5c4627d678da5b818432a329cbe37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.payback.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date: Wed, 07 Dec 2022 15:53:21 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=31536000
X-CDN: Imperva
X-Portal-Request-Id: Y5C28TZoou5Z5VguNeSRXgAAAFg
X-Iinfo: 14-225768461-225768466 SNNN RT(1670428400627 93) q(0 0 0 -1) r(0 0) U5
Connection: Keep-Alive
Content-Length: 4299
Last-Modified: Wed, 07 Dec 2022 08:40:18 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: public,max-age=604800,s-maxage=604800
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Keep-Alive: timeout=5, max=199
Expires: Wed, 21 Dec 2022 15:53:21 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ Frame 1709 912 B
645 B 56ms
38ms Script
text/javascript 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?hl=it&onload=recaptchaCallback&render=explicit

Requested by

Host: www.payback.it
URL: https://www.payback.it/3rd-party-footer?frameId=pb-iframe2&parentUrl=https://shoppy.payback.it

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

5774c7771501c10cacb9438c866e7373a7aa1c70fa8205966c3dcf4b31f6c24c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.payback.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 15:53:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 580
x-xss-protection: 1; mode=block
expires: Wed, 07 Dec 2022 15:53:21 GMT

GET
H/1.1 200
OK _Incapsula_Resource Show response
www.payback.it/ Frame 1709 140 KB
20 KB 27ms
27ms Script
application/javascript 45.60.14.82
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.payback.it/_Incapsula_Resource?SWJIYLWA=719d34d31c8e3a6e6fffd425f7e032f3&ns=2&cb=1317738676

Requested by

Host: www.payback.it
URL: https://www.payback.it/3rd-party-footer?frameId=pb-iframe2&parentUrl=https://shoppy.payback.it

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.14.82 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

9e389c3ac416ee65a060d4a298a39a96de59cd6a69ca3903907d8c2c467b06fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.payback.it/3rd-party-footer?frameId=pb-iframe2&parentUrl=https://shoppy.payback.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store
Content-Encoding: gzip
X-Robots-Tag: noindex
Content-Length: 20185
Content-Type: application/javascript

GET
H2 200 hotjar-1171451.js Show response
static.hotjar.com/c/ 7 KB
3 KB 133ms
75ms Script
application/javascript 18.66.97.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-1171451.js?sv=6

Requested by

Host: shoppy.payback.it
URL: https://shoppy.payback.it/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.97.49 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-97-49.fra56.r.cloudfront.net

Software

Resource Hash

ff97f1e98f415751c82b0cef1c791fd76a9f2b6e5a52cdc1d9e1b7a0d88ff746

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://shoppy.payback.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 15:53:21 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 e9101023ffbe04130b9d4cac0cf9eebc.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
etag: W/fc17fda118221b432ccddbabecd8c696
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=60
x-cache-hit: 1
cross-origin-resource-policy: cross-origin
x-amz-cf-id: 70sCduX_GguB4mDZGHxn_IfCD-SZK7nbr-PUCXxn5myg9Bqxxc4sMg==

GET
H3

200

activityi;dc_pre=CM_R5Nvu5_sCFQwToQod99UNsg;src=6633226;type=payba0;cat=cooki0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4235256527953452.5 Show response
6633226.fls.doubleclick.net/ Frame E0D5
Redirect Chain

https://6633226.fls.doubleclick.net/activityi;src=6633226;type=payba0;cat=cooki0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4235256527953452.5?
https://6633226.fls.doubleclick.net/activityi;dc_pre=CM_R5Nvu5_sCFQwToQod99UNsg;src=6633226;type=payba0;cat=cooki0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4235256527953452.5?

490 B
280 B

182ms
130ms

Document
text/html

142.250.186.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://6633226.fls.doubleclick.net/activityi;dc_pre=CM_R5Nvu5_sCFQwToQod99UNsg;src=6633226;type=payba0;cat=cooki0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4235256527953452.5?

Requested by

Host: shoppy.payback.it
URL: https://shoppy.payback.it/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f6.1e100.net

Software

cafe /

Resource Hash

a21c1969866a38c7d453773f91de70645a6e6191e66619ca33f03285903dc4c9

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://shoppy.payback.it/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 255
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 07 Dec 2022 15:53:21 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 07 Dec 2022 15:53:21 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://6633226.fls.doubleclick.net/activityi;dc_pre=CM_R5Nvu5_sCFQwToQod99UNsg;src=6633226;type=payba0;cat=cooki0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4235256527953452.5?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 404a51a2-8b91-4a23-8a34-464b90c884b3.json Show response
cdn.cookielaw.org/consent/404a51a2-8b91-4a23-8a34-464b90c884b3/ Frame 1709 3 KB
2 KB 71ms
36ms XHR
application/x-javascript 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/404a51a2-8b91-4a23-8a34-464b90c884b3/404a51a2-8b91-4a23-8a34-464b90c884b3.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c32a54f9a6329af569922c49861e4c9a333bae0207092a3d2e18695df9ea1ad0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.payback.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 07 Dec 2022 15:53:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: b6TJARb8tXPsoEeevsb3+Q==
age: 45119
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 1252
x-ms-lease-status: unlocked
last-modified: Tue, 11 Jan 2022 12:54:33 GMT
server: cloudflare
etag: 0x8D9D50183F51DFE
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 15d014ac-a01e-00d8-2706-077f37000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 775e6f028fdc3752-MXP
expires: Thu, 08 Dec 2022 15:53:21 GMT

GET
H2 200 404a51a2-8b91-4a23-8a34-464b90c884b3.json Show response
cdn.cookielaw.org/consent/404a51a2-8b91-4a23-8a34-464b90c884b3/ Frame 9D87 3 KB
1 KB 78ms
45ms XHR
application/x-javascript 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/404a51a2-8b91-4a23-8a34-464b90c884b3/404a51a2-8b91-4a23-8a34-464b90c884b3.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c32a54f9a6329af569922c49861e4c9a333bae0207092a3d2e18695df9ea1ad0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.payback.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 07 Dec 2022 15:53:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: b6TJARb8tXPsoEeevsb3+Q==
age: 45119
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 1252
x-ms-lease-status: unlocked
last-modified: Tue, 11 Jan 2022 12:54:33 GMT
server: cloudflare
etag: 0x8D9D50183F51DFE
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 15d014ac-a01e-00d8-2706-077f37000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 775e6f028fe53752-MXP
expires: Thu, 08 Dec 2022 15:53:21 GMT

GET
H2 200 404a51a2-8b91-4a23-8a34-464b90c884b3.json Show response
cdn.cookielaw.org/consent/404a51a2-8b91-4a23-8a34-464b90c884b3/ Frame 9A3E 3 KB
1 KB 67ms
37ms XHR
application/x-javascript 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/404a51a2-8b91-4a23-8a34-464b90c884b3/404a51a2-8b91-4a23-8a34-464b90c884b3.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c32a54f9a6329af569922c49861e4c9a333bae0207092a3d2e18695df9ea1ad0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.payback.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 07 Dec 2022 15:53:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: b6TJARb8tXPsoEeevsb3+Q==
age: 45119
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 1252
x-ms-lease-status: unlocked
last-modified: Tue, 11 Jan 2022 12:54:33 GMT
server: cloudflare
etag: 0x8D9D50183F51DFE
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 15d014ac-a01e-00d8-2706-077f37000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 775e6f028fe43752-MXP
expires: Thu, 08 Dec 2022 15:53:21 GMT

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ Frame 1709 69 B
142 B 103ms
52ms XHR
application/json 2606:4700::6812:1b55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1b55 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6964d03a8ab5896300c3dd5cb3fc6fa302ef3d1b5453d2021282038af12e5679

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept: application/json
Referer: https://www.payback.it/
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 15:53:21 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
cf-ray: 775e6f031da13753-MXP
access-control-allow-headers: Content-Type

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ Frame 9A3E 69 B
317 B 87ms
36ms XHR
application/json 2606:4700::6812:1b55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1b55 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6964d03a8ab5896300c3dd5cb3fc6fa302ef3d1b5453d2021282038af12e5679

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept: application/json
Referer: https://www.payback.it/
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 15:53:21 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
cf-ray: 775e6f031da63753-MXP
access-control-allow-headers: Content-Type

GET
H3

200

activityi;dc_pre=CLT-5tvu5_sCFWFIwQodt9gBvA;src=4370323;type=LP2Kp0;cat=lp_of0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4180279457161993 Show response
4370323.fls.doubleclick.net/ Frame DADC
Redirect Chain

https://4370323.fls.doubleclick.net/activityi;src=4370323;type=LP2Kp0;cat=lp_of0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4180279457161993?
https://4370323.fls.doubleclick.net/activityi;dc_pre=CLT-5tvu5_sCFWFIwQodt9gBvA;src=4370323;type=LP2Kp0;cat=lp_of0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4180279457161993?

488 B
285 B

187ms
129ms

Document
text/html

142.250.186.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://4370323.fls.doubleclick.net/activityi;dc_pre=CLT-5tvu5_sCFWFIwQodt9gBvA;src=4370323;type=LP2Kp0;cat=lp_of0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4180279457161993?

Requested by

Host: shoppy.payback.it
URL: https://shoppy.payback.it/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f6.1e100.net

Software

cafe /

Resource Hash

400990e5a441ae9762554d8d3ec46daae3faa5033c1a1f05b65bcd6a59e932f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://shoppy.payback.it/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 260
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 07 Dec 2022 15:53:21 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 07 Dec 2022 15:53:21 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://4370323.fls.doubleclick.net/activityi;dc_pre=CLT-5tvu5_sCFWFIwQodt9gBvA;src=4370323;type=LP2Kp0;cat=lp_of0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4180279457161993?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ Frame 9D87 69 B
151 B 84ms
41ms XHR
application/json 2606:4700::6812:1b55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1b55 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6964d03a8ab5896300c3dd5cb3fc6fa302ef3d1b5453d2021282038af12e5679

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept: application/json
Referer: https://www.payback.it/
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 15:53:21 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
cf-ray: 775e6f031da73753-MXP
access-control-allow-headers: Content-Type

GET
H2 200 modules.bc0a4c72d88d266f15af.js Show response
script.hotjar.com/ 263 KB
68 KB 91ms
31ms Script
application/javascript 52.222.236.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.bc0a4c72d88d266f15af.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1171451.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.43 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-43.fra56.r.cloudfront.net

Software

Resource Hash

5266a11278de436c711a6fc1ab0618616f2495135c0157b21899c11f19ab163a

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://shoppy.payback.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 14:35:06 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 944dc31277adc1021b0776fe818f07f6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P4
age: 4695
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 68590
last-modified: Wed, 07 Dec 2022 14:34:24 GMT
etag: "2375e31c5dc0ca09d740bee5c1486c2b"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: rUKRAEf1mRTA8jFNwRcJWBSEkS9b4uLwdWqqu44tM4ZukxnvlQbJuw==

GET
H2 200 box-5e66f98b4ee957db209dc6f63e3d59dd.html Show response
vars.hotjar.com/ Frame FE53 2 KB
1 KB 87ms
30ms Document
text/html 143.204.215.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://vars.hotjar.com/box-5e66f98b4ee957db209dc6f63e3d59dd.html

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1171451.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-118.fra53.r.cloudfront.net

Software

Resource Hash

cbffce6f8642619af7ed7335e32750f7f2933765d32c113115da0710aa7deadc

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

Referer: https://shoppy.payback.it/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

accept-ranges: bytes
age: 1219395
cache-control: max-age=31536000
content-encoding: br
content-length: 1035
content-type: text/html
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 23 Nov 2022 13:10:06 GMT
etag: "e0652b84b7b3b650769c759fc520c3f8"
last-modified: Wed, 23 Nov 2022 13:09:18 GMT
strict-transport-security: max-age=2592000; includeSubDomains
vary: Accept-Encoding
via: 1.1 997f66fda0069dac50a85c7a4fa51b7e.cloudfront.net (CloudFront)
x-amz-cf-id: jBp1FQS5GMoqLJ2zTW579jeFWMnIp8zVVpafYTgpRIwOaGcGI5PQyA==
x-amz-cf-pop: FRA53-C1
x-cache: Hit from cloudfront
x-robots-tag: none

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/6.22.0/ Frame 9A3E 311 KB
74 KB 24ms
24ms Script
application/javascript 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.22.0/otBannerSdk.js

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

89b6606e0f94c827dffac0f1a54394399a20a84328b54d60e0fcf084c368cbf5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.payback.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 07 Dec 2022 15:53:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: Uj6Yo16pL9bm0y1nKKjJjg==
age: 49279
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 75930
x-ms-lease-status: unlocked
last-modified: Thu, 19 Aug 2021 02:39:18 GMT
server: cloudflare
etag: 0x8D962BA8ADAEF03
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: da8c0a6e-e01e-0031-6cf1-e78331000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 775e6f04fc2c3756-MXP

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/6.22.0/ Frame 9D87 311 KB
74 KB 29ms
29ms Script
application/javascript 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.22.0/otBannerSdk.js

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

89b6606e0f94c827dffac0f1a54394399a20a84328b54d60e0fcf084c368cbf5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.payback.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 07 Dec 2022 15:53:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: Uj6Yo16pL9bm0y1nKKjJjg==
age: 49279
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 75930
x-ms-lease-status: unlocked
last-modified: Thu, 19 Aug 2021 02:39:18 GMT
server: cloudflare
etag: 0x8D962BA8ADAEF03
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: da8c0a6e-e01e-0031-6cf1-e78331000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 775e6f057d173756-MXP

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/6.22.0/ Frame 1709 311 KB
74 KB 24ms
24ms Script
application/javascript 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.22.0/otBannerSdk.js

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

89b6606e0f94c827dffac0f1a54394399a20a84328b54d60e0fcf084c368cbf5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.payback.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 07 Dec 2022 15:53:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: Uj6Yo16pL9bm0y1nKKjJjg==
age: 49279
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 75930
x-ms-lease-status: unlocked
last-modified: Thu, 19 Aug 2021 02:39:18 GMT
server: cloudflare
etag: 0x8D962BA8ADAEF03
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: da8c0a6e-e01e-0031-6cf1-e78331000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 775e6f03ba383756-MXP

GET
DATA 200
OK truncated
/ Frame 1709 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 recaptcha__it.js Show response
www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/ Frame 1709 401 KB
161 KB 94ms
28ms Script
text/javascript 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__it.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?hl=it&onload=recaptchaCallback&render=explicit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2321160280270575587cd7920d7514da966aff8f91d867ee6eb52f560f373e78

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.payback.it/
Origin: https://www.payback.it
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 16:01:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 431530
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 164079
x-xss-protection: 0
last-modified: Mon, 14 Nov 2022 03:01:59 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 02 Dec 2023 16:01:11 GMT

GET
H2 200 / Show response
adservice.google.com/ddm/fls/i/dc_pre=CM_R5Nvu5_sCFQwToQod99UNsg;src=6633226;type=payba0;cat=cooki0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4235256527953452.5;~oref=https://shoppy.pa... Frame 7A07 489 B
723 B 250ms
171ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/ddm/fls/i/dc_pre=CM_R5Nvu5_sCFQwToQod99UNsg;src=6633226;type=payba0;cat=cooki0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4235256527953452.5;~oref=https://shoppy.payback.it/

Requested by

Host: 6633226.fls.doubleclick.net
URL: https://6633226.fls.doubleclick.net/activityi;dc_pre=CM_R5Nvu5_sCFQwToQod99UNsg;src=6633226;type=payba0;cat=cooki0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4235256527953452.5?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

699defbd584ad3d7cd6fa9c171690eef6e4c3104a00e405cad690d452a38a70c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6633226.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 255
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 07 Dec 2022 15:53:21 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 it.json Show response
cdn.cookielaw.org/consent/404a51a2-8b91-4a23-8a34-464b90c884b3/8dac4f13-8faf-45db-bc20-23487d19327f/ Frame 1709 145 KB
27 KB 22ms
22ms Fetch
application/x-javascript 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/404a51a2-8b91-4a23-8a34-464b90c884b3/8dac4f13-8faf-45db-bc20-23487d19327f/it.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.22.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

695f56f1a0225002123caa9dd2cf15c06787efc58dfdde19cfb3e2828cf94bf2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.payback.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 07 Dec 2022 15:53:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: ITsxAzRIBPwbBZPMppIWCw==
age: 50024
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 27101
x-ms-lease-status: unlocked
last-modified: Tue, 11 Jan 2022 12:54:39 GMT
server: cloudflare
etag: 0x8D9D501879986F7
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: c6f5c1ef-801e-004c-47ef-061ff9000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 775e6f05bdc63752-MXP
expires: Thu, 08 Dec 2022 15:53:21 GMT

GET
H2 200 / Show response
adservice.google.com/ddm/fls/i/dc_pre=CLT-5tvu5_sCFWFIwQodt9gBvA;src=4370323;type=LP2Kp0;cat=lp_of0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4180279457161993;~oref=https://shoppy.payb... Frame 0113 487 B
329 B 248ms
173ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/ddm/fls/i/dc_pre=CLT-5tvu5_sCFWFIwQodt9gBvA;src=4370323;type=LP2Kp0;cat=lp_of0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4180279457161993;~oref=https://shoppy.payback.it/

Requested by

Host: 4370323.fls.doubleclick.net
URL: https://4370323.fls.doubleclick.net/activityi;dc_pre=CLT-5tvu5_sCFWFIwQodt9gBvA;src=4370323;type=LP2Kp0;cat=lp_of0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4180279457161993?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1435ce0e8dadc4b08b35285c40263943674b81549a99c8b8461665d8b73143f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://4370323.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 259
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 07 Dec 2022 15:53:21 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 recaptcha__it.js Show response
www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/ Frame 9A3E 401 KB
160 KB 76ms
58ms Script
text/javascript 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__it.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?hl=it&onload=recaptchaCallback&render=explicit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2321160280270575587cd7920d7514da966aff8f91d867ee6eb52f560f373e78

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.payback.it/
Origin: https://www.payback.it
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 16:01:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 431530
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 164079
x-xss-protection: 0
last-modified: Mon, 14 Nov 2022 03:01:59 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 02 Dec 2023 16:01:11 GMT

GET
H/1.1 200
OK _Incapsula_Resource
www.payback.it/ Frame 1709 1 B
168 B 32ms
32ms Image
text/plain 45.60.14.82
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.payback.it/_Incapsula_Resource?SWKMTFSR=1&e=0.28163260689397385

Requested by

Host: www.payback.it
URL: https://www.payback.it/3rd-party-footer?frameId=pb-iframe2&parentUrl=https://shoppy.payback.it

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.14.82 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.payback.it/3rd-party-footer?frameId=pb-iframe2&parentUrl=https://shoppy.payback.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store
X-Robots-Tag: noindex
Content-Length: 1
Content-Type: text/plain

POST
H2 200 visit-data Show response
in.hotjar.com/api/v2/client/sites/1171451/ 147 B
322 B 158ms
55ms XHR
application/json 34.250.18.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://in.hotjar.com/api/v2/client/sites/1171451/visit-data?sv=6
Requested by: Host: script.hotjar.com
URL: https://script.hotjar.com/modules.bc0a4c72d88d266f15af.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.250.18.31 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-250-18-31.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 29bf487d6b47153521b439bde8dde0e63d8f95bf81b10ce6a81343e6ed1f92f5

Request headers

Referer: https://shoppy.payback.it/
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

date: Wed, 07 Dec 2022 15:53:21 GMT
content-encoding: br
vary: Accept-Encoding
access-control-max-age: 86400
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, no-store
access-control-allow-credentials: true

GET
H/1.1 200
OK payback_light-webfont.woff
images.payback.it/static/fonts/payback/light/ Frame 9D87 82 KB
82 KB 86ms
53ms Font
font/woff 45.60.14.82
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://images.payback.it/static/fonts/payback/light/payback_light-webfont.woff

Requested by

Host: images.payback.it
URL: https://images.payback.it/static/css/layouts/payback/styles.min.css?v=2022.49-3093634

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.14.82 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Apache /

Resource Hash

c0b00ab76d19327e40b9765e2f0e0996e45f473a0485fd2dfe5c89b03af26b2b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://images.payback.it/static/css/layouts/payback/styles.min.css?v=2022.49-3093634
Origin: https://www.payback.it
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date: Wed, 07 Dec 2022 15:53:21 GMT
Strict-Transport-Security: max-age=31536000
Last-Modified: Wed, 07 Dec 2022 08:39:20 GMT
Server: Apache
X-CDN: Imperva
Content-Type: font/woff
X-Portal-Request-Id: Y5C28Ws1eCH23ROYmeAUmgAAAC4
Access-Control-Allow-Origin: *
X-Iinfo: 7-115559933-115559934 NNNY CT(18 18 0) RT(1670428401300 18) q(0 0 0 0) r(0 0) U5
Cache-Control: public,max-age=604800,s-maxage=604800
Connection: Keep-Alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Content-Length: 83468
Keep-Alive: timeout=5, max=200

GET
H/1.1 200
OK appstorebuttonbig.png
images.payback.it/media/global/editorial/mobile-icon/ Frame 1709 1 KB
2 KB 37ms
37ms Image
image/png 45.60.14.82
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.payback.it/media/global/editorial/mobile-icon/appstorebuttonbig.png

Requested by

Host: www.payback.it
URL: https://www.payback.it/3rd-party-footer?frameId=pb-iframe2&parentUrl=https://shoppy.payback.it

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.14.82 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Apache /

Resource Hash

eb8714afe8bb405368dc0934224fa8d5059c31b6870652324d3c8dcdb1b27070

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.payback.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date: Wed, 07 Dec 2022 15:53:21 GMT
Strict-Transport-Security: max-age=31536000
X-CDN: Imperva
X-Portal-Request-Id: Y5C28b4CI6mUauCR3Xs-mwAAAEc
X-Iinfo: 14-225768462-225768467 SNNN RT(1670428400627 702) q(0 0 0 -1) r(0 0) U5
Connection: Keep-Alive
Content-Length: 1526
Last-Modified: Wed, 07 Dec 2022 13:35:27 GMT
Server: Apache
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: public,max-age=604800,s-maxage=604800
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Keep-Alive: timeout=5, max=199
Expires: Wed, 14 Dec 2022 15:53:21 GMT

GET
H/1.1 200
OK googleplaybuttonbig.png
images.payback.it/media/global/editorial/mobile-icon/ Frame 1709 3 KB
3 KB 39ms
38ms Image
image/png 45.60.14.82
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.payback.it/media/global/editorial/mobile-icon/googleplaybuttonbig.png

Requested by

Host: www.payback.it
URL: https://www.payback.it/3rd-party-footer?frameId=pb-iframe2&parentUrl=https://shoppy.payback.it

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.14.82 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Apache /

Resource Hash

51e17eb8d2553f17fe41fd5d1908273136ff315a0e60fd4cc71cb0c0f4a069cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.payback.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date: Wed, 07 Dec 2022 15:53:21 GMT
Strict-Transport-Security: max-age=31536000
X-CDN: Imperva
X-Portal-Request-Id: Y5C28YicW3@LBTxrvKl8kgAAAEA
X-Iinfo: 14-225768460-225767898 SNNy RT(1670428400612 720) q(0 0 0 -1) r(0 0) U5
Connection: Keep-Alive
Content-Length: 2612
Last-Modified: Wed, 07 Dec 2022 13:35:27 GMT
Server: Apache
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: public,max-age=604800,s-maxage=604800
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Keep-Alive: timeout=5, max=194
Expires: Wed, 14 Dec 2022 15:53:21 GMT

GET
H2 200 it.json Show response
cdn.cookielaw.org/consent/404a51a2-8b91-4a23-8a34-464b90c884b3/8dac4f13-8faf-45db-bc20-23487d19327f/ Frame 9A3E 145 KB
27 KB 29ms
28ms Fetch
application/x-javascript 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/404a51a2-8b91-4a23-8a34-464b90c884b3/8dac4f13-8faf-45db-bc20-23487d19327f/it.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.22.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

695f56f1a0225002123caa9dd2cf15c06787efc58dfdde19cfb3e2828cf94bf2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.payback.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 07 Dec 2022 15:53:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: ITsxAzRIBPwbBZPMppIWCw==
age: 50024
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 27101
x-ms-lease-status: unlocked
last-modified: Tue, 11 Jan 2022 12:54:39 GMT
server: cloudflare
etag: 0x8D9D501879986F7
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: c6f5c1ef-801e-004c-47ef-061ff9000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 775e6f06bf8f3752-MXP
expires: Thu, 08 Dec 2022 15:53:21 GMT

GET
H3 200 recaptcha__it.js Show response
www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/ Frame 9D87 401 KB
160 KB 80ms
27ms Script
text/javascript 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__it.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?hl=it&onload=recaptchaCallback&render=explicit

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2321160280270575587cd7920d7514da966aff8f91d867ee6eb52f560f373e78

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.payback.it/
Origin: https://www.payback.it
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 16:01:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 431530
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 164079
x-xss-protection: 0
last-modified: Mon, 14 Nov 2022 03:01:59 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 02 Dec 2023 16:01:11 GMT

POST
H/1.1 200
OK 957e2bb324b747bbcc0e1db0628e525726b1ae09c6e9ab4f76c8f0688a93 Show response
www.payback.it/ Frame 9A3E 0
595 B 51ms
51ms XHR
text/html 45.60.14.82
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.payback.it/957e2bb324b747bbcc0e1db0628e525726b1ae09c6e9ab4f76c8f0688a93?key=sb2Bjt_lFr5d1ZenT8f-RXLSN5CwnO8e6zD.srlJ

Requested by

Host: images.payback.it
URL: https://images.payback.it/static/js/payback/min.js?v=2022.49-3093634

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.14.82 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://www.payback.it/eintegration?frameId=pb-iframe1&parentUrl=https://shoppy.payback.it
X-Requested-With: XMLHttpRequest
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Wed, 07 Dec 2022 15:53:21 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Server: Apache
X-Permitted-Cross-Domain-Policies: none
X-CDN: Imperva
X-Frame-Options: SAMEORIGIN
Content-Type: text/html; charset=UTF-8
X-Portal-Request-Id: Y5C28b80VbXgjpyIfy6j0AAAAEU
X-Iinfo: 9-64136399-64136401 SNNy RT(1670428400482 906) q(0 0 0 -1) r(1 1) U5
Connection: Keep-Alive
Keep-Alive: timeout=5, max=143
Content-Length: 0
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK fe_logout Show response
shoppy.payback.it/api/user/ 55 B
589 B 84ms
53ms XHR
application/json 45.60.14.82
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://shoppy.payback.it/api/user/fe_logout

Requested by

Host: shoppy.payback.it
URL: https://shoppy.payback.it/wp-content/themes/payback/dist/app.min.js?v=1.3.1

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.14.82 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.8 / PHP/7.4.8

Resource Hash

1fd1dd380db1457605d68a5b806df0f3f291537aac9a8549aaa839267b80573f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Referer: https://shoppy.payback.it/
X-Requested-With: XMLHttpRequest
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type: application/json;

Response headers

Pragma: no-cache
Date: Wed, 07 Dec 2022 15:44:31 GMT
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.8
X-CDN: Imperva
X-Powered-By: PHP/7.4.8
Transfer-Encoding: chunked
Content-Type: application/json
X-Iinfo: 12-125037421-125037424 NNYY CT(8 8 0) RT(1670428401405 17) q(0 0 0 -1) r(0 0) U5
Cache-Control: no-store, no-cache, must-revalidate
Connection: close
Expires: Thu, 19 Nov 1981 08:52:00 GMT

POST
H/1.1 200
OK 957e2bb324b747bbcc0e1db0628e525726b1ae09c6e9ab4f76c8f0688a93 Show response
www.payback.it/ Frame 1709 0
598 B 44ms
43ms XHR
text/html 45.60.14.82
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.payback.it/957e2bb324b747bbcc0e1db0628e525726b1ae09c6e9ab4f76c8f0688a93?key=sb2Bjt_lFr5d1ZenT8f-RXLSN5CwnO8e6zD.srlJ

Requested by

Host: images.payback.it
URL: https://images.payback.it/static/js/payback/min.js?v=2022.49-3093634

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.14.82 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://www.payback.it/3rd-party-footer?frameId=pb-iframe2&parentUrl=https://shoppy.payback.it
X-Requested-With: XMLHttpRequest
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Wed, 07 Dec 2022 15:53:21 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Server: Apache
X-Permitted-Cross-Domain-Policies: none
X-CDN: Imperva
X-Frame-Options: SAMEORIGIN
Content-Type: text/html; charset=UTF-8
X-Portal-Request-Id: Y5C28SJr7nAB2Rul40Lh@QAAABs
X-Iinfo: 13-181675094-181675100 SNNy RT(1670428400482 914) q(0 0 0 -1) r(1 1) U5
Connection: Keep-Alive
Keep-Alive: timeout=5, max=103
Content-Length: 0
X-XSS-Protection: 1; mode=block

GET
H2 200 it.json Show response
cdn.cookielaw.org/consent/404a51a2-8b91-4a23-8a34-464b90c884b3/8dac4f13-8faf-45db-bc20-23487d19327f/ Frame 9D87 145 KB
27 KB 24ms
23ms Fetch
application/x-javascript 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/404a51a2-8b91-4a23-8a34-464b90c884b3/8dac4f13-8faf-45db-bc20-23487d19327f/it.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.22.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

695f56f1a0225002123caa9dd2cf15c06787efc58dfdde19cfb3e2828cf94bf2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.payback.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 07 Dec 2022 15:53:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: ITsxAzRIBPwbBZPMppIWCw==
age: 50024
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 27101
x-ms-lease-status: unlocked
last-modified: Tue, 11 Jan 2022 12:54:39 GMT
server: cloudflare
etag: 0x8D9D501879986F7
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: c6f5c1ef-801e-004c-47ef-061ff9000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 775e6f06efe93752-MXP
expires: Thu, 08 Dec 2022 15:53:21 GMT

GET
H2 200 otFlat.json Show response
cdn.cookielaw.org/scripttemplates/6.22.0/assets/ Frame 1709 13 KB
3 KB 23ms
22ms Fetch
application/json 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.22.0/assets/otFlat.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.22.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

72562f00bd821b6edc0368065bf009468955ba01f8ead742d8bbc2470c4358c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.payback.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 07 Dec 2022 15:53:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: eS/vZlhjCBp2QvELx7IrSQ==
age: 50338
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 2950
x-ms-lease-status: unlocked
last-modified: Thu, 19 Aug 2021 02:39:10 GMT
server: cloudflare
etag: 0x8D962BA867F281F
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 7d067497-401e-00d2-706c-c466be000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 775e6f06f8053752-MXP

GET
H2 200 otPcCenter.json Show response
cdn.cookielaw.org/scripttemplates/6.22.0/assets/v2/ Frame 1709 47 KB
11 KB 24ms
23ms Fetch
application/json 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.22.0/assets/v2/otPcCenter.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.22.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

59415c8f1106151e421f5a3e46e8f8aca679ea9cefba5eb1d386ca0381d48c18

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.payback.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 07 Dec 2022 15:53:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: GFR+l7BquU30fyA1BeQlDw==
age: 47990
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 11387
x-ms-lease-status: unlocked
last-modified: Thu, 19 Aug 2021 02:39:12 GMT
server: cloudflare
etag: 0x8D962BA87864242
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 9bc96ce3-901e-003e-63ec-e76ec7000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 775e6f06f8063752-MXP

GET
H2 200 otCommonStyles.css Show response
cdn.cookielaw.org/scripttemplates/6.22.0/assets/ Frame 1709 20 KB
4 KB 23ms
23ms Fetch
text/css 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.22.0/assets/otCommonStyles.css

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.22.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6be3efeb998248db9cc1083aef162ee483cbde10b893057e4b5ae1a612c0ae3a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.payback.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 07 Dec 2022 15:53:21 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: F/Fs54+x9bQK/ULkNRp4fA==
age: 44549
x-ms-lease-status: unlocked
last-modified: Thu, 19 Aug 2021 02:39:24 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: 6cc2e2fd-a01e-0072-266c-c4a9d8000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 775e6f06f8073752-MXP

GET
H/1.1 200
OK _Incapsula_Resource
www.payback.it/ Frame 9A3E 1 B
250 B 16ms
16ms Image
text/plain 45.60.14.82
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.payback.it/_Incapsula_Resource?SWKMTFSR=1&e=0.30042610014600646

Requested by

Host: www.payback.it
URL: https://www.payback.it/eintegration?frameId=pb-iframe1&parentUrl=https://shoppy.payback.it

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.14.82 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.payback.it/eintegration?frameId=pb-iframe1&parentUrl=https://shoppy.payback.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store
X-Robots-Tag: noindex
Content-Length: 1
Content-Type: text/plain

GET
H/1.1 200
OK _Incapsula_Resource
www.payback.it/ Frame 9D87 1 B
250 B 18ms
17ms Image
text/plain 45.60.14.82
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.payback.it/_Incapsula_Resource?SWKMTFSR=1&e=0.1125465881380252

Requested by

Host: www.payback.it
URL: https://www.payback.it/3rd-party-header?frameId=pb-iframe0&parentUrl=https://shoppy.payback.it

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.14.82 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.payback.it/3rd-party-header?frameId=pb-iframe0&parentUrl=https://shoppy.payback.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store
X-Robots-Tag: noindex
Content-Length: 1
Content-Type: text/plain

GET
H2 200 s91893887537213
smetrics.payback.it/b/ss/loyaltyppbitonlineprod/1/JS-2.22.4-LCUM/ 43 B
438 B 39ms
38ms Image
image/gif 13.36.218.177
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://smetrics.payback.it/b/ss/loyaltyppbitonlineprod/1/JS-2.22.4-LCUM/s91893887537213?AQB=1&ndh=1&pf=1&t=7%2F11%2F2022%2015%3A53%3A21%203%200&mid=09600439071886566818136243517261976985&aid=31C85B78156502C7-60000AE3EDFB46C7&ce=UTF-8&ns=loyaltypartner&cl=7776000&pageName=it%7Cshopping%3Ashop&g=https%3A%2F%2Fshoppy.payback.it%2F&cc=EUR&ch=shopping&server=shoppy.payback.it&events=event26&v1=D%3DpageName&c3=it&c6=partner%20page&c9=standalone&c10=it&c11=guest&v11=D%3Dc11&v12=guest&v38=https%3A%2F%2Fshoppy.payback.it&c39=deals%3Aall%3Aall%2Cspecialoffers%3Aall&v39=D%3Dc39&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=124538B3527845100A490D4C%40AdobeOrg&AQE=1

Requested by

Host: shoppy.payback.it
URL: https://shoppy.payback.it/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.36.218.177 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-36-218-177.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://shoppy.payback.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Dec 2022 15:53:21 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
last-modified: Thu, 08 Dec 2022 15:53:21 GMT
server: jag
etag: 3587217677962969088-4619726218376434605
vary: *
p3p: CP="This is not a P3P policy"
access-control-allow-origin: *
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0, no-transform, private
content-length: 43
x-xss-protection: 1; mode=block
expires: Tue, 06 Dec 2022 15:53:21 GMT

GET
H2 200 / Show response
adservice.google.it/ddm/fls/i/dc_pre=CM_R5Nvu5_sCFQwToQod99UNsg;src=6633226;type=payba0;cat=cooki0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4235256527953452.5;~oref=https://shoppy.pay... Frame 414C 194 B
776 B 272ms
173ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.it/ddm/fls/i/dc_pre=CM_R5Nvu5_sCFQwToQod99UNsg;src=6633226;type=payba0;cat=cooki0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4235256527953452.5;~oref=https://shoppy.payback.it/

Requested by

Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=CM_R5Nvu5_sCFQwToQod99UNsg;src=6633226;type=payba0;cat=cooki0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4235256527953452.5;~oref=https://shoppy.payback.it/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://adservice.google.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=0
content-encoding: br
content-length: 85
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 07 Dec 2022 15:53:22 GMT
expires: Wed, 07 Dec 2022 15:53:22 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

/ Show response
4370323.fls.doubleclick.net/ddm/fls/r/dc_pre=CLT-5tvu5_sCFWFIwQodt9gBvA;src=4370323;type=LP2Kp0;cat=lp_of0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4180279457161993;~oref=https://shop... Frame 39FE
Redirect Chain

https://adservice.google.it/ddm/fls/i/dc_pre=CLT-5tvu5_sCFWFIwQodt9gBvA;src=4370323;type=LP2Kp0;cat=lp_of0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4180279457161993;~oref=https://shop...
https://4370323.fls.doubleclick.net/ddm/fls/r/dc_pre=CLT-5tvu5_sCFWFIwQodt9gBvA;src=4370323;type=LP2Kp0;cat=lp_of0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4180279457161993;~oref=http...

3 KB
1 KB

133ms
133ms

Document
text/html

142.250.186.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://4370323.fls.doubleclick.net/ddm/fls/r/dc_pre=CLT-5tvu5_sCFWFIwQodt9gBvA;src=4370323;type=LP2Kp0;cat=lp_of0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4180279457161993;~oref=https://shoppy.payback.it/

Requested by

Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=CLT-5tvu5_sCFWFIwQodt9gBvA;src=4370323;type=LP2Kp0;cat=lp_of0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4180279457161993;~oref=https://shoppy.payback.it/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f6.1e100.net

Software

cafe /

Resource Hash

3e88ee884f6af99fd2ce003f710f957cdb47cc5c67669ef8453fb0d1ec553c73

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://adservice.google.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=0
content-encoding: br
content-length: 1170
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 07 Dec 2022 15:53:22 GMT
expires: Wed, 07 Dec 2022 15:53:22 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 07 Dec 2022 15:53:22 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
location: https://4370323.fls.doubleclick.net/ddm/fls/r/dc_pre=CLT-5tvu5_sCFWFIwQodt9gBvA;src=4370323;type=LP2Kp0;cat=lp_of0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4180279457161993;~oref=https://shoppy.payback.it/
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H/1.1 200
OK 957e2bb324b747bbcc0e1db0628e525726b1ae09c6e9ab4f76c8f0688a93 Show response
www.payback.it/ Frame 9D87 0
517 B 43ms
43ms XHR
text/html 45.60.14.82
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.payback.it/957e2bb324b747bbcc0e1db0628e525726b1ae09c6e9ab4f76c8f0688a93?key=sb2Bjt_lFr5d1ZenT8f-RXLSN5CwnO8e6zD.srlJ

Requested by

Host: images.payback.it
URL: https://images.payback.it/static/js/payback/min.js?v=2022.49-3093634

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.14.82 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://www.payback.it/3rd-party-header?frameId=pb-iframe0&parentUrl=https://shoppy.payback.it
X-Requested-With: XMLHttpRequest
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Wed, 07 Dec 2022 15:53:21 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Server: Apache
X-Permitted-Cross-Domain-Policies: none
X-CDN: Imperva
X-Frame-Options: SAMEORIGIN
Content-Type: text/html; charset=UTF-8
X-Portal-Request-Id: Y5C28REoVirje9N2IhMTvAAAADk
X-Iinfo: 13-181675094-181675100 SNNy RT(1670428400482 1072) q(0 0 0 -1) r(0 0) U5
Connection: Keep-Alive
Keep-Alive: timeout=5, max=172
Content-Length: 0
X-XSS-Protection: 1; mode=block

GET
H2 200 otFlat.json Show response
cdn.cookielaw.org/scripttemplates/6.22.0/assets/ Frame 9A3E 13 KB
3 KB 27ms
26ms Fetch
application/json 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.22.0/assets/otFlat.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.22.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

72562f00bd821b6edc0368065bf009468955ba01f8ead742d8bbc2470c4358c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.payback.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 07 Dec 2022 15:53:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: eS/vZlhjCBp2QvELx7IrSQ==
age: 50338
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 2950
x-ms-lease-status: unlocked
last-modified: Thu, 19 Aug 2021 02:39:10 GMT
server: cloudflare
etag: 0x8D962BA867F281F
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 7d067497-401e-00d2-706c-c466be000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 775e6f07d9993752-MXP

GET
H2 200 otPcCenter.json Show response
cdn.cookielaw.org/scripttemplates/6.22.0/assets/v2/ Frame 9A3E 47 KB
11 KB 23ms
22ms Fetch
application/json 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.22.0/assets/v2/otPcCenter.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.22.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

59415c8f1106151e421f5a3e46e8f8aca679ea9cefba5eb1d386ca0381d48c18

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.payback.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 07 Dec 2022 15:53:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: GFR+l7BquU30fyA1BeQlDw==
age: 47990
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 11387
x-ms-lease-status: unlocked
last-modified: Thu, 19 Aug 2021 02:39:12 GMT
server: cloudflare
etag: 0x8D962BA87864242
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 9bc96ce3-901e-003e-63ec-e76ec7000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 775e6f07d99c3752-MXP

GET
H2 200 otCommonStyles.css Show response
cdn.cookielaw.org/scripttemplates/6.22.0/assets/ Frame 9A3E 20 KB
4 KB 25ms
24ms Fetch
text/css 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.22.0/assets/otCommonStyles.css

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.22.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6be3efeb998248db9cc1083aef162ee483cbde10b893057e4b5ae1a612c0ae3a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.payback.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 07 Dec 2022 15:53:21 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: F/Fs54+x9bQK/ULkNRp4fA==
age: 44549
x-ms-lease-status: unlocked
last-modified: Thu, 19 Aug 2021 02:39:24 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: 6cc2e2fd-a01e-0072-266c-c4a9d8000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 775e6f07d99d3752-MXP

GET
H2 200 otFlat.json Show response
cdn.cookielaw.org/scripttemplates/6.22.0/assets/ Frame 9D87 13 KB
3 KB 25ms
24ms Fetch
application/json 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.22.0/assets/otFlat.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.22.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

72562f00bd821b6edc0368065bf009468955ba01f8ead742d8bbc2470c4358c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.payback.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 07 Dec 2022 15:53:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: eS/vZlhjCBp2QvELx7IrSQ==
age: 50338
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 2950
x-ms-lease-status: unlocked
last-modified: Thu, 19 Aug 2021 02:39:10 GMT
server: cloudflare
etag: 0x8D962BA867F281F
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 7d067497-401e-00d2-706c-c466be000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 775e6f07f9ba3752-MXP

GET
H2 200 otPcCenter.json Show response
cdn.cookielaw.org/scripttemplates/6.22.0/assets/v2/ Frame 9D87 47 KB
11 KB 25ms
25ms Fetch
application/json 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.22.0/assets/v2/otPcCenter.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.22.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

59415c8f1106151e421f5a3e46e8f8aca679ea9cefba5eb1d386ca0381d48c18

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.payback.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 07 Dec 2022 15:53:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: GFR+l7BquU30fyA1BeQlDw==
age: 47990
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 11387
x-ms-lease-status: unlocked
last-modified: Thu, 19 Aug 2021 02:39:12 GMT
server: cloudflare
etag: 0x8D962BA87864242
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 9bc96ce3-901e-003e-63ec-e76ec7000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 775e6f07f9bd3752-MXP

GET
H2 200 otCommonStyles.css Show response
cdn.cookielaw.org/scripttemplates/6.22.0/assets/ Frame 9D87 20 KB
4 KB 26ms
26ms Fetch
text/css 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.22.0/assets/otCommonStyles.css

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.22.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6be3efeb998248db9cc1083aef162ee483cbde10b893057e4b5ae1a612c0ae3a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.payback.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 07 Dec 2022 15:53:21 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: F/Fs54+x9bQK/ULkNRp4fA==
age: 44549
x-ms-lease-status: unlocked
last-modified: Thu, 19 Aug 2021 02:39:24 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: 6cc2e2fd-a01e-0072-266c-c4a9d8000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 775e6f07f9be3752-MXP

GET
H2 200 ld.js Show response
static.criteo.net/js/ld/ Frame 39FE 42 KB
14 KB 152ms
64ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/ld.js

Requested by

Host: 4370323.fls.doubleclick.net
URL: https://4370323.fls.doubleclick.net/ddm/fls/r/dc_pre=CLT-5tvu5_sCFWFIwQodt9gBvA;src=4370323;type=LP2Kp0;cat=lp_of0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4180279457161993;~oref=https://shoppy.payback.it/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

d6c1aa198589b0a87b22f515905607c1c11839948491cea44a74b88116b40561

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://4370323.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 15:53:22 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 08 Nov 2022 15:05:46 GMT
server: nginx
etag: W/"636a704a-a8d9"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 08 Dec 2022 15:53:22 GMT

GET
H2 200 track
t.teads.tv/ Frame 39FE 23 B
143 B 313ms
102ms Image
image/gif 2.23.193.36
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.teads.tv/track?action=conversion&conversion_type=ITPaybackNOV18&advertiser_id=3510
Requested by: Host: 4370323.fls.doubleclick.net
URL: https://4370323.fls.doubleclick.net/ddm/fls/r/dc_pre=CLT-5tvu5_sCFWFIwQodt9gBvA;src=4370323;type=LP2Kp0;cat=lp_of0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4180279457161993;~oref=https://shoppy.payback.it/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.23.193.36 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-23-193-36.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://4370323.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

expires: Sat, 26 Jul 1997 05:00:00 GMT
date: Wed, 07 Dec 2022 15:53:22 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 23
content-type: image/gif

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ Frame 39FE 110 KB
44 KB 96ms
38ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-8942221

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6057408d25e3e33683e10732bab4b7c681abc6309b677beb82b8ab4b3d19222e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://4370323.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 15:53:22 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44103
x-xss-protection: 0
last-modified: Wed, 07 Dec 2022 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 07 Dec 2022 15:53:22 GMT

GET
H2 200 3e4e296e54.js Show response
cdn.tradelab.fr/tag/ Frame 39FE 22 KB
5 KB 85ms
18ms Script
application/javascript 152.195.132.24
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.tradelab.fr/tag/3e4e296e54.js
Requested by: Host: 4370323.fls.doubleclick.net
URL: https://4370323.fls.doubleclick.net/ddm/fls/r/dc_pre=CLT-5tvu5_sCFWFIwQodt9gBvA;src=4370323;type=LP2Kp0;cat=lp_of0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4180279457161993;~oref=https://shoppy.payback.it/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.195.132.24 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (mil/6C06) /
Resource Hash: 152340dde72c32da07052794a4748100ee7b74bb52864449f7319d8ea1fc8e0a

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://4370323.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 15:53:22 GMT
content-encoding: gzip
last-modified: Mon, 30 Nov 2020 14:58:20 GMT
server: ECAcc (mil/6C06)
age: 1557
etag: "59dc-5b5543db52968-gzip"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1800
accept-ranges: bytes
access-control-allow-headers: x-requested-with, Content-Type, origin, authorization, accept, client-security-token
content-length: 4875
expires: Wed, 07 Dec 2022 16:23:22 GMT

GET
H2 200 quant.js Show response
secure.quantserve.com/ Frame 39FE 25 KB
10 KB 143ms
28ms Script
application/javascript 2620:116:800d:21:c5a4:625:6563:a5bb
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: 4370323.fls.doubleclick.net
URL: https://4370323.fls.doubleclick.net/ddm/fls/r/dc_pre=CLT-5tvu5_sCFWFIwQodt9gBvA;src=4370323;type=LP2Kp0;cat=lp_of0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4180279457161993;~oref=https://shoppy.payback.it/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:c5a4:625:6563:a5bb , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 10c055e552cd4e8121eded0e5227a20534bfc3484aacecd99b553c069a332f53

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://4370323.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 15:53:22 GMT
content-encoding: gzip
etag: "KvGSi9leJgKNKEGESzHjYw=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
accept-ranges: bytes
expires: Wed, 14 Dec 2022 15:53:22 GMT

GET
H/1.1

200
OK

/ Show response
its.tradelab.fr/ Frame 39FE
Redirect Chain

https://ib.adnxs.com/getuid?//its.tradelab.fr/?type=tlsync&uuid2=$UID&callback=tl_sync
https://ib.adnxs.com/bounce?%2Fgetuid%3F%2F%2Fits.tradelab.fr%2F%3Ftype%3Dtlsync%26uuid2%3D%24UID%26callback%3Dtl_sync
https://its.tradelab.fr/?type=tlsync&uuid2=7343488845556826741&callback=tl_sync

53 B
686 B

137ms
40ms

Script
application/javascript

62.212.64.230
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://its.tradelab.fr/?type=tlsync&uuid2=7343488845556826741&callback=tl_sync
Requested by: Host: 4370323.fls.doubleclick.net
URL: https://4370323.fls.doubleclick.net/ddm/fls/r/dc_pre=CLT-5tvu5_sCFWFIwQodt9gBvA;src=4370323;type=LP2Kp0;cat=lp_of0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4180279457161993;~oref=https://shoppy.payback.it/
Protocol: HTTP/1.1
Server: 62.212.64.230 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS: tradelab.fr
Software: nginx/1.17.7 /
Resource Hash: aa9b5f20d5ec051ee2babf4860a93c23d9bb8e1d6b3f8762a00ea60ef9c79c6d

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://4370323.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 07 Dec 2022 15:53:22 GMT
Server: nginx/1.17.7
Transfer-Encoding: chunked
Content-Type: application/javascript
Access-Control-Allow-Origin: *
P3p: CP="CAO PSA OUR"
Cache-Control: no-store, no-cache, must-revalidate, max-age=0,post-check=0,pre-check=0
Connection: keep-alive

Redirect headers

Pragma: no-cache
Date: Wed, 07 Dec 2022 15:53:22 GMT
AN-X-Request-Uuid: 3a2ad8fa-8791-4bf0-8e07-781e1b544e80
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Location: //its.tradelab.fr/?type=tlsync&uuid2=7343488845556826741&callback=tl_sync
Connection: keep-alive
X-Proxy-Origin: 192.145.127.213; 192.145.127.213; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 tc.min.js Show response
c1.rfihub.net/js/ Frame 39FE 19 KB
6 KB 135ms
29ms Script
application/x-javascript 2600:9000:223c:5400:1:76cf:fe80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c1.rfihub.net/js/tc.min.js
Requested by: Host: 4370323.fls.doubleclick.net
URL: https://4370323.fls.doubleclick.net/ddm/fls/r/dc_pre=CLT-5tvu5_sCFWFIwQodt9gBvA;src=4370323;type=LP2Kp0;cat=lp_of0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4180279457161993;~oref=https://shoppy.payback.it/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:5400:1:76cf:fe80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Jetty(9.3.29.v20201019) /
Resource Hash: 7ef97b12890fc6fee67f869c6e1f74b6719de7d66ac0d649c8d7386a80b4c30f

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://4370323.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 15:30:56 GMT
content-encoding: gzip
via: 1.1 84294257ed643a88ee54d2e3f7d7ccea.cloudfront.net (CloudFront)
last-modified: Wed, 07 Dec 2022 15:30:46 GMT
server: Jetty(9.3.29.v20201019)
x-amz-cf-pop: FRA56-P2
age: 1346
x-cache: Hit from cloudfront
content-type: application/x-javascript
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: public, max-age=3600
content-length: 6162
x-amz-cf-id: L04nnYcU63_rAPgcGkbD2v9t4zFwtjIaq9DvOkWE5xfLQDqygY3nfw==
expires: Wed, 07 Dec 2022 16:30:56 GMT

GET
H3

200

activityi;dc_pre=CLWvutzu5_sCFUVBwQodInoJsQ;src=8942221;type=invmedia;cat=dg-lp00;ord=8139995151860;gtm=2odbu0;~oref=https%3A%2F%2F4370323.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCLT-5tvu5_s... Show response
8942221.fls.doubleclick.net/ Frame B97D
Redirect Chain

https://8942221.fls.doubleclick.net/activityi;src=8942221;type=invmedia;cat=dg-lp00;ord=8139995151860;gtm=2odbu0;~oref=https%3A%2F%2F4370323.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCLT-5tvu5...
https://8942221.fls.doubleclick.net/activityi;dc_pre=CLWvutzu5_sCFUVBwQodInoJsQ;src=8942221;type=invmedia;cat=dg-lp00;ord=8139995151860;gtm=2odbu0;~oref=https%3A%2F%2F4370323.fls.doubleclick.net%2F...

628 B
385 B

138ms
138ms

Document
text/html

142.250.186.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8942221.fls.doubleclick.net/activityi;dc_pre=CLWvutzu5_sCFUVBwQodInoJsQ;src=8942221;type=invmedia;cat=dg-lp00;ord=8139995151860;gtm=2odbu0;~oref=https%3A%2F%2F4370323.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCLT-5tvu5_sCFWFIwQodt9gBvA%3Bsrc%3D4370323%3Btype%3DLP2Kp0%3Bcat%3Dlp_of0%3Bdc_lat%3D%3Bdc_rdid%3D%3Btag_for_child_directed_treatment%3D%3Bord%3D4180279457161993%3B~oref%3Dhttps%3A%2F%2Fshoppy.payback.it%2F?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-8942221

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f6.1e100.net

Software

cafe /

Resource Hash

df952e9a54be39e513fd310f87c99fc8dc382b27b2c021f1f582c7dd3c65696e

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://4370323.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=0
content-encoding: br
content-length: 362
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 07 Dec 2022 15:53:22 GMT
expires: Wed, 07 Dec 2022 15:53:22 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 07 Dec 2022 15:53:22 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://8942221.fls.doubleclick.net/activityi;dc_pre=CLWvutzu5_sCFUVBwQodInoJsQ;src=8942221;type=invmedia;cat=dg-lp00;ord=8139995151860;gtm=2odbu0;~oref=https%3A%2F%2F4370323.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCLT-5tvu5_sCFWFIwQodt9gBvA%3Bsrc%3D4370323%3Btype%3DLP2Kp0%3Bcat%3Dlp_of0%3Bdc_lat%3D%3Bdc_rdid%3D%3Btag_for_child_directed_treatment%3D%3Bord%3D4180279457161993%3B~oref%3Dhttps%3A%2F%2Fshoppy.payback.it%2F?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 rules-p-3QxsdS8G87NY_.js Show response
rules.quantcount.com/ Frame 39FE 18 KB
4 KB 95ms
26ms Script
application/javascript 2600:9000:223c:8600:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-3QxsdS8G87NY_.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:8600:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1bcb8574c1f63634e5bedc00f44ee5572a359b0bf4f4bfd4ec9aaa9de1f1897e

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://4370323.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 15:36:27 GMT
content-encoding: gzip
via: 1.1 11e35514d631a9a9566fd489de935c06.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 1127
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
last-modified: Fri, 14 Oct 2022 00:54:01 GMT
server: AmazonS3
etag: W/"f7226ddca140391880ca48514279a5ff"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
x-amz-cf-id: 9sw9AmgoGGDaHbc1NRp8p32_yEEFrsLmSEIxHakpP8qYDbRDqbpW_w==

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame A76C 15 KB
6 KB 506ms
46ms Document
text/html 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?topUrl=shoppy.payback.it&origin=onetag

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/ld.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

d0f07190791630edc058ad6e5a33a3cda6a8f85c470e593ce0bbed46ffec148b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://4370323.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 07 Dec 2022 15:53:22 GMT
server: Kestrel
server-processing-duration-in-ticks: 882701
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H/1.1 200
OK ca.html Show response
20755798p.rfihub.com/ Frame 7014 2 KB
3 KB 234ms
42ms Document
text/html 193.0.160.128
ROCKETFUEL

General

Check archive.org

Show headers Download Go to

Full URL: https://20755798p.rfihub.com/ca.html?ver=9&rb=18773&ca=20755798&pe=https%3A%2F%2F4370323.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCLT-5tvu5_sCFWFIwQodt9gBvA%3Bsrc%3D4370323%3Btype%3DLP2Kp0%3Bcat%3Dlp_of0%3Bdc_lat%3D%3Bdc_rdid%3D%3Btag_for_child_directed_treatment%3D%3Bord%3D4180279457161993%3B%7Eoref%3Dhttps%3A%2F%2Fshoppy.payback.it%2F&pf=https%3A%2F%2Fadservice.google.com%2F&ra=48309488375515164
Requested by: Host: c1.rfihub.net
URL: https://c1.rfihub.net/js/tc.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 193.0.160.128 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software: Jetty(9.3.29.v20201019) /
Resource Hash: 1db167b6937d2b031630b9e8e5c83c25b7351cd17628b55e06a267c80ee3593d

Request headers

Referer: https://4370323.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

Cache-Control: no-cache
Content-Length: 2502
Content-Type: text/html;charset=utf-8
Date: Wed, 07 Dec 2022 15:53:22 GMT
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server: Jetty(9.3.29.v20201019)

GET
H2 200 pixel;r=496690066;labels=_fp.event.Default;rf=0;a=p-3QxsdS8G87NY_;url=https%3A%2F%2F4370323.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCLT-5tvu5_sCFWFIwQodt9gBvA%3Bsrc%3D4370323%3Btype%3DLP2Kp0...
pixel.quantserve.com/ Frame 39FE 35 B
471 B 44ms
30ms Image
image/gif 2620:116:800d:21:c5a4:625:6563:a5bb
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=496690066;labels=_fp.event.Default;rf=0;a=p-3QxsdS8G87NY_;url=https%3A%2F%2F4370323.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCLT-5tvu5_sCFWFIwQodt9gBvA%3Bsrc%3D4370323%3Btype%3DLP2Kp0%3Bcat%3Dlp_of0%3Bdc_lat%3D%3Bdc_rdid%3D%3Btag_for_child_directed_treatment%3D%3Bord%3D4180279457161993%3B~oref%3Dhttps%3A%2F%2Fshoppy.payback.it%2F;ref=https%3A%2F%2Fadservice.google.com%2F;uht=2;fpan=1;fpa=P0-1767932657-1670428402456;pbc=;ns=1;ce=1;qjs=1;qv=b2bd41b7-20221206125257;cm=;gdpr=0;d=4370323.fls.doubleclick.net;dst=0;et=1670428402556;tzo=0;ogl=;ses=56debaed-a642-437e-8706-a7e41c732f13

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:c5a4:625:6563:a5bb , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://4370323.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Dec 2022 15:53:22 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H/1.1 200
OK seg
secure.adnxs.com/ Frame 39FE 43 B
1 KB 133ms
57ms Image
image/gif 185.89.210.180
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/seg?add=2491894:41&t=2

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.180 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://4370323.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 07 Dec 2022 15:53:22 GMT
AN-X-Request-Uuid: 8098989b-98d5-40b4-a3c8-a89083873e2a
Server: nginx/1.21.3
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 192.145.127.213; 192.145.127.213; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 2446.js Show response
cdn.tradelab.fr/fseg/ Frame 39FE 7 KB
3 KB 18ms
18ms Script
application/javascript 152.195.132.24
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.tradelab.fr/fseg/2446.js?add=14779763
Requested by: Host: cdn.tradelab.fr
URL: https://cdn.tradelab.fr/tag/3e4e296e54.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.195.132.24 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (mil/6C1C) /
Resource Hash: d2d2a9d13ba0bdf988e702c1bd0bef55e63f0dc9a389b61be68cd510e77f44ad

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://4370323.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 15:53:22 GMT
content-encoding: gzip
last-modified: Mon, 01 Apr 2019 15:51:38 GMT
server: ECAcc (mil/6C1C)
age: 1433
etag: "1db4-58579fef49bb3-gzip"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1800
accept-ranges: bytes
access-control-allow-headers: x-requested-with, Content-Type, origin, authorization, accept, client-security-token
content-length: 2664
expires: Wed, 07 Dec 2022 16:23:22 GMT

GET
H3

200

activityi;dc_pre=CN2Nydzu5_sCFQMjwQodifIJ4A;src=10041007;type=invmedia;cat=simpl0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D... Show response
10041007.fls.doubleclick.net/ Frame B5C3
Redirect Chain

https://10041007.fls.doubleclick.net/activityi;src=10041007;type=invmedia;cat=simpl0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755...
https://10041007.fls.doubleclick.net/activityi;dc_pre=CN2Nydzu5_sCFQMjwQodifIJ4A;src=10041007;type=invmedia;cat=simpl0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D...

449 B
278 B

136ms
136ms

Document
text/html

142.250.186.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://10041007.fls.doubleclick.net/activityi;dc_pre=CN2Nydzu5_sCFQMjwQodifIJ4A;src=10041007;type=invmedia;cat=simpl0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=[SessionID]?

Requested by

Host: shoppy.payback.it
URL: https://shoppy.payback.it/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f6.1e100.net

Software

cafe /

Resource Hash

1c504d6b007fee6b7ebfa1a29ae251846ab6fcb71d9692d8d8434c8b333e83d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://4370323.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=0
content-encoding: br
content-length: 255
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 07 Dec 2022 15:53:22 GMT
expires: Wed, 07 Dec 2022 15:53:22 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 07 Dec 2022 15:53:22 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://10041007.fls.doubleclick.net/activityi;dc_pre=CN2Nydzu5_sCFQMjwQodifIJ4A;src=10041007;type=invmedia;cat=simpl0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=[SessionID]?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1

200
OK

/
its.tradelab.fr/ Frame 39FE
Redirect Chain

https://its.tradelab.fr/?type=tp&advid=2870957&uuid=7343488845556826741&adata=%7B%22c%22%3A%7B%22ref_url%22%3A%22%22%2C%22ref_ts%22%3A1670428403%2C%22page_url%22%3A%22adservice.google.com%2F%22%2C%...
https://cm.g.doubleclick.net/pixel?google_nid=tradelab_dmp&google_cm
https://its.tradelab.fr/?type=tlsync_dbm&google_gid=CAESEENOT0Og56NaUpCJevZ-X84&google_cver=1

43 B
578 B

40ms
40ms

Image
image/gif

62.212.64.230
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://its.tradelab.fr/?type=tlsync_dbm&google_gid=CAESEENOT0Og56NaUpCJevZ-X84&google_cver=1
Requested by: Host: 4370323.fls.doubleclick.net
URL: https://4370323.fls.doubleclick.net/ddm/fls/r/dc_pre=CLT-5tvu5_sCFWFIwQodt9gBvA;src=4370323;type=LP2Kp0;cat=lp_of0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4180279457161993;~oref=https://shoppy.payback.it/
Protocol: HTTP/1.1
Server: 62.212.64.230 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS: tradelab.fr
Software: nginx/1.17.7 / Tradelab ITS / node4.tradelab.fr
Resource Hash: 42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://4370323.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 07 Dec 2022 15:53:22 GMT
Server: nginx/1.17.7
X-Powered-By: Tradelab ITS / node4.tradelab.fr
Transfer-Encoding: chunked
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *

Redirect headers

pragma: no-cache
date: Wed, 07 Dec 2022 15:53:22 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://its.tradelab.fr/?type=tlsync_dbm&google_gid=CAESEENOT0Og56NaUpCJevZ-X84&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 298
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 1036808.js Show response
cdn.tradelab.fr/conv/ Frame 39FE 5 KB
2 KB 19ms
19ms Script
application/javascript 152.195.132.24
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.tradelab.fr/conv/1036808.js
Requested by: Host: cdn.tradelab.fr
URL: https://cdn.tradelab.fr/fseg/2446.js?add=14779763
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.195.132.24 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (mil/6CC3) /
Resource Hash: 40c1976d30b519f6771cdabdb845b95932183b4b4ddd168b5ca54789f59389ee

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://4370323.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 15:53:22 GMT
content-encoding: gzip
last-modified: Wed, 25 Mar 2020 09:21:56 GMT
server: ECAcc (mil/6CC3)
age: 727
etag: "1441-5a1aa664ecf58-gzip"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1800
accept-ranges: bytes
access-control-allow-headers: x-requested-with, Content-Type, origin, authorization, accept, client-security-token
content-length: 1887
expires: Wed, 07 Dec 2022 16:23:22 GMT

GET
H/1.1 200
OK /
its.tradelab.fr/ Frame 39FE 43 B
423 B 41ms
41ms Image
image/gif 62.212.64.230
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://its.tradelab.fr/?type=convr&x=1&cdata=%7B%22a%22%3A1036808%2C%22l%22%3A%5B6604020%2C6604042%2C6604119%2C6616499%2C6624363%2C6673963%2C6762695%2C6783798%2C6909697%2C6909698%2C6938850%2C7105494%2C7293516%2C7293978%2C7293984%2C7325548%2C7507643%2C7507648%2C7507664%2C7542625%2C7542683%2C7700671%2C7700679%2C7701043%2C7738509%2C7767445%2C7782013%2C7974806%2C8049423%2C8097264%2C8097272%2C8097276%2C8149533%2C8302572%2C8365689%2C8365690%2C8430693%2C9408868%2C9408917%2C9408997%2C10076567%2C10092381%2C10099479%2C10104990%2C10735905%2C10735922%2C10994579%2C11117565%2C11117566%2C11210435%2C11425551%2C11425552%5D%2C%22i%22%3A7%2C%22c%22%3A30%2C%22t%22%3A%22h%22%2C%22m%22%3A%22null%22%2C%22vi%22%3A0%2C%22vc%22%3A0%2C%22hf%22%3A0%2C%22x%22%3A%7B%22order_id%22%3A%22%22%2C%22value%22%3A%22%22%7D%7D&advid=2870957&xur=adservice.google.com%2F&adata=%7B%22c%22%3A%7B%22ref_url%22%3A%22%22%2C%22ref_ts%22%3A1670428403%2C%22page_url%22%3A%22adservice.google.com%2F%22%2C%22dm%22%3A%22doubleclick.net%22%7D%2C%22v%22%3A%7B%22vis_cnt%22%3A1%2C%22frst_vis_ts%22%3A1670428402%2C%22prev_vis_ts%22%3A1670428402%2C%22curr_vis_ts%22%3A1670428403%2C%22total_page_cnt%22%3A1%2C%22prev_page_cnt%22%3A1%2C%22curr_page_cnt%22%3A1%7D%7D
Requested by: Host: 4370323.fls.doubleclick.net
URL: https://4370323.fls.doubleclick.net/ddm/fls/r/dc_pre=CLT-5tvu5_sCFWFIwQodt9gBvA;src=4370323;type=LP2Kp0;cat=lp_of0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4180279457161993;~oref=https://shoppy.payback.it/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 62.212.64.230 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS: tradelab.fr
Software: nginx/1.17.7 / Tradelab ITS / node1.tradelab.fr
Resource Hash: 42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://4370323.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 07 Dec 2022 15:53:22 GMT
Server: nginx/1.17.7
X-Powered-By: Tradelab ITS / node1.tradelab.fr
Transfer-Encoding: chunked
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *

GET
H/1.1 200
OK px
secure.adnxs.com/ Frame 39FE 43 B
965 B 111ms
37ms Image
image/gif 185.89.210.180
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/px?id=1036808&order_id=&value=&t=2

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.180 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://4370323.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 07 Dec 2022 15:53:22 GMT
AN-X-Request-Uuid: 1f5e5f77-5405-43e3-945e-b8b57eb520d8
Server: nginx/1.21.3
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 192.145.127.213; 192.145.127.213; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK seg
secure.adnxs.com/ Frame 39FE 43 B
1 KB 119ms
45ms Image
image/gif 185.89.210.180
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/seg?add=14779763&t=2

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.180 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://4370323.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 07 Dec 2022 15:53:22 GMT
AN-X-Request-Uuid: 06c4bd1d-859a-49b8-8d80-92ade067fcf0
Server: nginx/1.21.3
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 192.145.127.213; 192.145.127.213; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK /
its.tradelab.fr/ Frame 39FE 43 B
873 B 82ms
41ms Image
image/gif 62.212.64.230
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://its.tradelab.fr/?type=fseg&uuid2=7343488845556826741&sid=14779763&val=undefined&fun=2446&step=1&siev=14779753&fp=0&advid=2870957&isregen=0&ua=Mozilla%252F5.0%2520(Windows%2520NT%252010.0%253B%2520Win64%253B%2520x64)%2520AppleWebKit%252F537.36%2520(KHTML%252C%2520like%2520Gecko)%2520Chrome%252F108.0.5359.94%2520Safari%252F537.36&ur=https%253A%252F%252Fadservice.google.com%252F&adata=%7B%22c%22%3A%7B%22ref_url%22%3A%22%22%2C%22ref_ts%22%3A1670428403%2C%22page_url%22%3A%22adservice.google.com%2F%22%2C%22dm%22%3A%22doubleclick.net%22%7D%2C%22v%22%3A%7B%22vis_cnt%22%3A1%2C%22frst_vis_ts%22%3A1670428402%2C%22prev_vis_ts%22%3A1670428402%2C%22curr_vis_ts%22%3A1670428403%2C%22total_page_cnt%22%3A1%2C%22prev_page_cnt%22%3A1%2C%22curr_page_cnt%22%3A1%7D%7D
Requested by: Host: 4370323.fls.doubleclick.net
URL: https://4370323.fls.doubleclick.net/ddm/fls/r/dc_pre=CLT-5tvu5_sCFWFIwQodt9gBvA;src=4370323;type=LP2Kp0;cat=lp_of0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4180279457161993;~oref=https://shoppy.payback.it/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 62.212.64.230 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS: tradelab.fr
Software: nginx/1.17.7 / Tradelab ITS / node5.tradelab.fr
Resource Hash: 42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://4370323.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 07 Dec 2022 15:53:22 GMT
Server: nginx/1.17.7
X-Powered-By: Tradelab ITS / node5.tradelab.fr
Transfer-Encoding: chunked
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *

GET
H3 200 dc_pre=CLWvutzu5_sCFUVBwQodInoJsQ;src=8942221;type=invmedia;cat=dg-lp00;ord=8139995151860;gtm=2odbu0;~oref=https%3A%2F%2F4370323.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCLT-5tvu5_sCFWFIwQodt...
adservice.google.com/ddm/fls/z/ Frame B97D 42 B
63 B 247ms
172ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CLWvutzu5_sCFUVBwQodInoJsQ;src=8942221;type=invmedia;cat=dg-lp00;ord=8139995151860;gtm=2odbu0;~oref=https%3A%2F%2F4370323.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCLT-5tvu5_sCFWFIwQodt9gBvA%3Bsrc%3D4370323%3Btype%3DLP2Kp0%3Bcat%3Dlp_of0%3Bdc_lat%3D%3Bdc_rdid%3D%3Btag_for_child_directed_treatment%3D%3Bord%3D4180279457161993%3B~oref%3Dhttps%3A%2F%2Fshoppy.payback.it%2F

Requested by

Host: 8942221.fls.doubleclick.net
URL: https://8942221.fls.doubleclick.net/activityi;dc_pre=CLWvutzu5_sCFUVBwQodInoJsQ;src=8942221;type=invmedia;cat=dg-lp00;ord=8139995151860;gtm=2odbu0;~oref=https%3A%2F%2F4370323.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCLT-5tvu5_sCFWFIwQodt9gBvA%3Bsrc%3D4370323%3Btype%3DLP2Kp0%3Bcat%3Dlp_of0%3Bdc_lat%3D%3Bdc_rdid%3D%3Btag_for_child_directed_treatment%3D%3Bord%3D4180279457161993%3B~oref%3Dhttps%3A%2F%2Fshoppy.payback.it%2F?

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://8942221.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Dec 2022 15:53:22 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

cm
a.rfihub.com/ Frame 7014
Redirect Chain

https://cm.g.doubleclick.net/pixel?&in=0&google_nid=zeta_interactive&google_cm=&google_sc=&google_hm=NTEzMTA3NzcyMzU0MjkyNDE5OA==&forward=
https://a.rfihub.com/cm?pub=445&in=0&forward=&google_gid=CAESEMSMKSUF_9eJA7AGt4VmVEA&google_cver=1

42 B
1004 B

151ms
39ms

Image
image/gif

193.0.160.128
ROCKETFUEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.rfihub.com/cm?pub=445&in=0&forward=&google_gid=CAESEMSMKSUF_9eJA7AGt4VmVEA&google_cver=1
Requested by: Host: 4370323.fls.doubleclick.net
URL: https://4370323.fls.doubleclick.net/ddm/fls/r/dc_pre=CLT-5tvu5_sCFWFIwQodt9gBvA;src=4370323;type=LP2Kp0;cat=lp_of0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4180279457161993;~oref=https://shoppy.payback.it/
Protocol: HTTP/1.1
Server: 193.0.160.128 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software: Jetty(9.3.29.v20201019) /
Resource Hash: 47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://20755798p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Content-Type: image/gif
Date: Wed, 07 Dec 2022 15:53:22 GMT
Cache-Control: no-cache
Server: Jetty(9.3.29.v20201019)
Content-Length: 42
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma: no-cache
date: Wed, 07 Dec 2022 15:53:22 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://a.rfihub.com/cm?pub=445&in=0&forward=&google_gid=CAESEMSMKSUF_9eJA7AGt4VmVEA&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 311
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK setuid
ib.adnxs.com/ Frame 7014 43 B
1010 B 39ms
37ms Image
image/gif 185.89.211.84
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=18&code=5131077723542924198

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.211.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://20755798p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 07 Dec 2022 15:53:22 GMT
AN-X-Request-Uuid: 2ec259ac-a6c3-427e-968e-d6533ae50f98
Server: nginx/1.21.3
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 192.145.127.213; 192.145.127.213; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

demconf.jpg
dpm.demdex.net/ Frame 7014
Redirect Chain

https://dpm.demdex.net/ibs:dpid=1121&dpuuid=5131077723542924198&redir=
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=5131077723542924198&redir=

42 B
942 B

50ms
50ms

Image
image/gif

52.19.242.51
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=5131077723542924198&redir=

Requested by

Protocol

HTTP/1.1

Server

52.19.242.51 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-19-242-51.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://20755798p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v045-00960800d.edge-irl1.demdex.com 1 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: /rjGa7CfRpw=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS: dcs-prod-irl1-2-v045-0b398da67.edge-irl1.demdex.com 0 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: uD4mK5ZMQiI=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=5131077723542924198&redir=
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 sd
us-u.openx.net/w/1.0/ Frame 7014 43 B
273 B 77ms
34ms Image
image/gif 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537073062&val=5131077723542924198&r=
Requested by: Host: 4370323.fls.doubleclick.net
URL: https://4370323.fls.doubleclick.net/ddm/fls/r/dc_pre=CLT-5tvu5_sCFWFIwQodt9gBvA;src=4370323;type=LP2Kp0;cat=lp_of0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4180279457161993;~oref=https://shoppy.payback.it/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://20755798p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Dec 2022 15:53:22 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1

200
OK

match
ps.eyeota.net/ Frame 7014
Redirect Chain

https://p.rfihub.com/cm?pub=24472&in=1
https://ps.eyeota.net/match?uid=5131077723542924198&bid=omt9pi0

0
344 B

267ms
71ms

Image
text/plain

3.125.70.222
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/match?uid=5131077723542924198&bid=omt9pi0
Requested by: Host: 4370323.fls.doubleclick.net
URL: https://4370323.fls.doubleclick.net/ddm/fls/r/dc_pre=CLT-5tvu5_sCFWFIwQodt9gBvA;src=4370323;type=LP2Kp0;cat=lp_of0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4180279457161993;~oref=https://shoppy.payback.it/
Protocol: HTTP/1.1
Server: 3.125.70.222 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-125-70-222.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://20755798p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date: Wed, 07 Dec 2022 15:53:23 GMT
Content-Length: 0
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

Location: https://ps.eyeota.net/match?uid=5131077723542924198&bid=omt9pi0
Date: Wed, 07 Dec 2022 15:53:22 GMT
Server: Jetty(9.3.29.v20201019)
Content-Length: 0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 204 put
e1.emxdgt.com/ Frame 7014 0
55 B 219ms
60ms Image
text/html 18.156.32.70
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e1.emxdgt.com/put?d=d16&uid=5131077723542924198
Requested by: Host: 4370323.fls.doubleclick.net
URL: https://4370323.fls.doubleclick.net/ddm/fls/r/dc_pre=CLT-5tvu5_sCFWFIwQodt9gBvA;src=4370323;type=LP2Kp0;cat=lp_of0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4180279457161993;~oref=https://shoppy.payback.it/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.156.32.70 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-32-70.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://20755798p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 15:53:21 GMT
content-length: 0
content-type: text/html

GET
H2 200 cksync.php
contextual.media.net/ Frame 7014 45 B
616 B 118ms
45ms Image
image/gif 88.221.168.23
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?cs=3&type=rkt&ovsid=5131077723542924198

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

88.221.168.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a88-221-168-23.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://20755798p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Wed, 07 Dec 2022 15:53:22 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
content-length: 45
x-mnet-hl2: E
expires: Wed, 07 Dec 2022 15:53:22 GMT

GET
H3

200

362358.gif
idsync.rlcdn.com/ Frame 7014
Redirect Chain

https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5131077723542924198&referrer=https%3A%2F%2Fadservice.google.com%2F
https://p.rfihub.com/cm?pub=39342&in=0&userid=3813a7b8-d113-4269-925d-a0c1892250c2%3A1670428403.0690567&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3D3813a7b8-d113-4269-925d-a0c1892...
https://idsync.rlcdn.com/501709.gif?partner_uid=3813a7b8-d113-4269-925d-a0c1892250c2%3A1670428403.0690567
https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm
https://idsync.rlcdn.com/362358.gif?google_gid=CAESEC9e1PskK5_tavsjbQ2Rrvk&google_cver=1

42 B
60 B

35ms
34ms

Image
image/gif

35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/362358.gif?google_gid=CAESEC9e1PskK5_tavsjbQ2Rrvk&google_cver=1
Protocol: H3
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://20755798p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 15:53:23 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

Redirect headers

pragma: no-cache
date: Wed, 07 Dec 2022 15:53:23 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://idsync.rlcdn.com/362358.gif?google_gid=CAESEC9e1PskK5_tavsjbQ2Rrvk&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 289
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
bpi.rtactivate.com/tag/ Frame 7014 43 B
109 B 428ms
133ms Image
image/gif 54.81.25.165
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bpi.rtactivate.com/tag/?id=11017&user_id=5131077723542924198
Requested by: Host: 4370323.fls.doubleclick.net
URL: https://4370323.fls.doubleclick.net/ddm/fls/r/dc_pre=CLT-5tvu5_sCFWFIwQodt9gBvA;src=4370323;type=LP2Kp0;cat=lp_of0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4180279457161993;~oref=https://shoppy.payback.it/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.81.25.165 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-81-25-165.compute-1.amazonaws.com
Software: awselb/2.0 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://20755798p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 15:53:23 GMT
server: awselb/2.0
content-length: 43
content-type: image/gif

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 7014
Redirect Chain

https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5131077723542924198&forward=
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5131077723542924198&forward=&C=1

43 B
766 B

25ms
25ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5131077723542924198&forward=&C=1
Requested by: Host: 4370323.fls.doubleclick.net
URL: https://4370323.fls.doubleclick.net/ddm/fls/r/dc_pre=CLT-5tvu5_sCFWFIwQodt9gBvA;src=4370323;type=LP2Kp0;cat=lp_of0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4180279457161993;~oref=https://shoppy.payback.it/
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://20755798p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 07 Dec 2022 15:53:23 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

Pragma: no-cache
Date: Wed, 07 Dec 2022 15:53:22 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: /rum?cm_dsp_id=57&external_user_id=5131077723542924198&forward=&C=1
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 0
Expires: 0

GET
H2 200 360947.gif
idsync.rlcdn.com/ Frame 7014 42 B
449 B 88ms
36ms Image
image/gif 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/360947.gif?partner_uid=5131077723542924198
Requested by: Host: 4370323.fls.doubleclick.net
URL: https://4370323.fls.doubleclick.net/ddm/fls/r/dc_pre=CLT-5tvu5_sCFWFIwQodt9gBvA;src=4370323;type=LP2Kp0;cat=lp_of0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4180279457161993;~oref=https://shoppy.payback.it/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://20755798p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 15:53:22 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

GET
H2 200 rocketfuel_sync
x.dlx.addthis.com/e/ Frame 7014 43 B
191 B 803ms
166ms Image
image/gif 104.76.200.221
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://x.dlx.addthis.com/e/rocketfuel_sync?na_exid=5131077723542924198

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.76.200.221 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-76-200-221.deploy.static.akamaitechnologies.com

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://20755798p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

expires: Wed, 07 Dec 2022 15:53:23 GMT
pragma: no-cache
date: Wed, 07 Dec 2022 15:53:23 GMT
cache-control: max-age=0, no-cache, no-store
strict-transport-security: max-age=2628000
content-length: 43
content-type: image/gif

GET
H/1.1

200

partner
sync.search.spotxchange.com/ Frame 7014
Redirect Chain

https://sync.search.spotxchange.com/partner?adv_id=7180&uid=5131077723542924198&img=1
https://sync.search.spotxchange.com/partner?adv_id=7180&uid=5131077723542924198&img=1&__user_check__=1&sync_id=47752676-7647-11ed-a07f-1fd522ee0106

43 B
549 B

51ms
50ms

Image
image/gif

185.94.180.125
SPOTX-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.search.spotxchange.com/partner?adv_id=7180&uid=5131077723542924198&img=1&__user_check__=1&sync_id=47752676-7647-11ed-a07f-1fd522ee0106
Protocol: HTTP/1.1
Server: 185.94.180.125 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://20755798p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date: Wed, 07 Dec 2022 15:53:23 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 118
Connection: keep-alive
Content-Length: 43

Redirect headers

Date: Wed, 07 Dec 2022 15:53:23 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Location: /partner?adv_id=7180&uid=5131077723542924198&img=1&__user_check__=1&sync_id=47752676-7647-11ed-a07f-1fd522ee0106
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 79
Connection: keep-alive
Content-Length: 0

GET
H2 200 sync
partners.tremorhub.com/ Frame 7014 43 B
183 B 423ms
121ms Image
image/gif 2600:1f18:612b:4216:f6:411e:ff52:dd4b
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://partners.tremorhub.com/sync?UIRF=5131077723542924198&r=DBHt6IiZpMn1
Requested by: Host: 4370323.fls.doubleclick.net
URL: https://4370323.fls.doubleclick.net/ddm/fls/r/dc_pre=CLT-5tvu5_sCFWFIwQodt9gBvA;src=4370323;type=LP2Kp0;cat=lp_of0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4180279457161993;~oref=https://shoppy.payback.it/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4216:f6:411e:ff52:dd4b Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://20755798p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date: Wed, 07 Dec 2022 15:53:23 GMT
server: Apache-Coyote/1.1
content-type: image/gif

GET
H2 200 g.pixel
aa.agkn.com/adscores/ Frame 7014 43 B
377 B 182ms
49ms Image
image/gif 18.200.229.106
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aa.agkn.com/adscores/g.pixel?sid=9212192898&rf=5131077723542924198
Requested by: Host: 4370323.fls.doubleclick.net
URL: https://4370323.fls.doubleclick.net/ddm/fls/r/dc_pre=CLT-5tvu5_sCFWFIwQodt9gBvA;src=4370323;type=LP2Kp0;cat=lp_of0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4180279457161993;~oref=https://shoppy.payback.it/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.200.229.106 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-200-229-106.eu-west-1.compute.amazonaws.com
Software: AAWebServer /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://20755798p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Dec 2022 15:53:23 GMT
server: AAWebServer
access-control-allow-methods: GET, POST, OPTIONS
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: accept, cache-control, origin, x-requested-with, x-file-name, content-type
content-length: 43
expires: 0

GET
H2 204 usermatch.gif
beacon.krxd.net/ Frame 7014 0
338 B 188ms
51ms Image
text/plain 52.214.172.145
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner_id=rfuel&partner_user_id=5131077723542924198
Requested by: Host: 4370323.fls.doubleclick.net
URL: https://4370323.fls.doubleclick.net/ddm/fls/r/dc_pre=CLT-5tvu5_sCFWFIwQodt9gBvA;src=4370323;type=LP2Kp0;cat=lp_of0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4180279457161993;~oref=https://shoppy.payback.it/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.214.172.145 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-214-172-145.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://20755798p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

x-served-by: beacon-n016-dub-prod.krxd.net
date: Wed, 07 Dec 2022 15:53:23 GMT
cache-control: private, no-cache, no-store
x-request-time: D=23 t=1670428403
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2

200

sync
x.bidswitch.net/ul_cb/ Frame 7014
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=119&user_id=5131077723542924198&expires=30
https://x.bidswitch.net/ul_cb/sync?dsp_id=119&user_id=5131077723542924198&expires=30

43 B
345 B

30ms
29ms

Image
image/gif

18.193.170.39
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/ul_cb/sync?dsp_id=119&user_id=5131077723542924198&expires=30
Protocol: H2
Server: 18.193.170.39 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-193-170-39.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://20755798p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 15:53:23 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

Redirect headers

location: https://x.bidswitch.net/ul_cb/sync?dsp_id=119&user_id=5131077723542924198&expires=30
date: Wed, 07 Dec 2022 15:53:23 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H/1.1

200
OK

cm
p.rfihub.com/ Frame 7014
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D
https://sync-tm.everesttech.net/ct/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D&_test=Y5C28wACMSBwQgAZ
https://p.rfihub.com/cm?in=1&pub=21653&userid=Y5C28wACMSBwQgAZ&_test=Y5C28wACMSBwQgAZ

42 B
1 KB

40ms
40ms

Image
image/gif

193.0.160.128
ROCKETFUEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.rfihub.com/cm?in=1&pub=21653&userid=Y5C28wACMSBwQgAZ&_test=Y5C28wACMSBwQgAZ
Protocol: HTTP/1.1
Server: 193.0.160.128 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software: Jetty(9.3.29.v20201019) /
Resource Hash: 47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://20755798p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Content-Type: image/gif
Date: Wed, 07 Dec 2022 15:53:23 GMT
Cache-Control: no-cache
Server: Jetty(9.3.29.v20201019)
Content-Length: 42
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

x-served-by: cache-mxp6952-MXP
pragma: no-cache
date: Wed, 07 Dec 2022 15:53:23 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1670428403.350399,VS0,VE0
x-cache: HIT
location: https://p.rfihub.com/cm?in=1&pub=21653&userid=Y5C28wACMSBwQgAZ&_test=Y5C28wACMSBwQgAZ
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2

200

sid Show response
mug.criteo.com/ Frame A76C
Redirect Chain

https://gum.criteo.com/sid/json?origin=onetag&domain=4370323.fls.doubleclick.net&sn=ChromeSyncframe&so=0&topUrl=shoppy.payback.it&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=XnJ9pHxScTRaaTBkU0kzdHhNNFBGeGtHNzB1NytZekRVa2VmUDFHK3VYVVBYdnNETnJYeUJwWE9yaWhFK0tkRHJNNkl5TTd2R2JVMHVmY1I3OFZmaHRKTmoyak1Gd3ZIRDhJaTkwaHpvcjRNZXNtTlY2eGEwZ2NINllWMS...

425 B
646 B

202ms
35ms

Fetch
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=XnJ9pHxScTRaaTBkU0kzdHhNNFBGeGtHNzB1NytZekRVa2VmUDFHK3VYVVBYdnNETnJYeUJwWE9yaWhFK0tkRHJNNkl5TTd2R2JVMHVmY1I3OFZmaHRKTmoyak1Gd3ZIRDhJaTkwaHpvcjRNZXNtTlY2eGEwZ2NINllWMS9ieTV6SVNzd0hzMjIvV0EwMDVQZlEySGlBejc5ekZxd0VUVUZ4MzVKb1MrOU41SlZ1cUczajJVQmROMXlJbFpSQ2M2cHdtZmFXUnpnUTdOVGJzZzZvUEdRNm0zamxKb1pFbXZWVTJwWEVlVWRCa2ZUMVJKOE9xSExTcG5pT2l5dFpOL1FvMzJLTndkaEpyZVhIV01RaTM3VHNlV1ptNklsYmtkSFpxeDRjRGZhYXNiZDNqa2s3NW00cDM5eTZVU0RvMStJUlZOZHw&cppv=2

Requested by

Protocol

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

9c24dba648c2cd676d8cf107c23b3ae65ac07a19fbccca3dbe4a92fd97417890

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Dec 2022 15:53:22 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2285248
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 07 Dec 2022 15:53:22 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=XnJ9pHxScTRaaTBkU0kzdHhNNFBGeGtHNzB1NytZekRVa2VmUDFHK3VYVVBYdnNETnJYeUJwWE9yaWhFK0tkRHJNNkl5TTd2R2JVMHVmY1I3OFZmaHRKTmoyak1Gd3ZIRDhJaTkwaHpvcjRNZXNtTlY2eGEwZ2NINllWMS9ieTV6SVNzd0hzMjIvV0EwMDVQZlEySGlBejc5ekZxd0VUVUZ4MzVKb1MrOU41SlZ1cUczajJVQmROMXlJbFpSQ2M2cHdtZmFXUnpnUTdOVGJzZzZvUEdRNm0zamxKb1pFbXZWVTJwWEVlVWRCa2ZUMVJKOE9xSExTcG5pT2l5dFpOL1FvMzJLTndkaEpyZVhIV01RaTM3VHNlV1ptNklsYmtkSFpxeDRjRGZhYXNiZDNqa2s3NW00cDM5eTZVU0RvMStJUlZOZHw&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 682697
content-length: 0
expires: 0

GET
H3 200 dc_pre=CN2Nydzu5_sCFQMjwQodifIJ4A;src=10041007;type=invmedia;cat=simpl0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=[Sess...
adservice.google.com/ddm/fls/z/ Frame B5C3 42 B
63 B 172ms
172ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CN2Nydzu5_sCFQMjwQodifIJ4A;src=10041007;type=invmedia;cat=simpl0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=[SessionID]

Requested by

Host: 10041007.fls.doubleclick.net
URL: https://10041007.fls.doubleclick.net/activityi;dc_pre=CN2Nydzu5_sCFQMjwQodifIJ4A;src=10041007;type=invmedia;cat=simpl0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=[SessionID]?

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://10041007.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Dec 2022 15:53:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 event Show response
sslwidget.criteo.com/ Frame 39FE 8 KB
4 KB 308ms
75ms Script
application/x-javascript 178.250.0.163
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://sslwidget.criteo.com/event?a=44644&v=5.12.3&p0=e%3Dce%26m%3D%255B%252523Email%252520address%252523%255D&p1=e%3Dexd%26site_type%3Dd%26ref%3Dhttps%253A%252F%252Fadservice.google.com&p2=e%3Dvp%26p%3D1&p3=e%3Ddis&bundle=1xoDtV9TYW9DSXZGNHQ0SlpUSkxzSXBTWEpoeEN4Rkt0OCUyQlJtdUhTSkFXVk9xWWZwcGxqUURtN3dKaXUxWXdFelBhTXBGWGNweXFTV0ZSeXBkRThtUnVDU3M4djltbm5adVNlMGF5ek9WUnBtd241dVV0NkM2NG92NU1jODlUNFExMHNaNm92JTJGQUtvVlRsQ2dXV3o0TXolMkJmUGclM0QlM0Q&tld=4370323.fls.doubleclick.net&fu=https%253A%252F%252Fshoppy.payback.it&pu=https%253A%252F%252Fshoppy.payback.it&dtycbr=42286

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/ld.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.163 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

14e216afd1dac9c5cee6978e5cb5c337409e0c4c33c730738b14828a0bd9b15e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://4370323.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Dec 2022 15:53:22 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Kestrel
content-type: application/x-javascript
access-control-allow-origin: *
p3p: NON DSP COR CURa PSA PSD OUR BUS NAV STA
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 40816445
timing-allow-origin: *
expires: 0

GET
H2 200 sync
x.bidswitch.net/ Frame 37C3 43 B
145 B 29ms
25ms Image
image/gif 18.193.170.39
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?dsp_id=46&user_id=k-xp2UkjKM4qRcR0oP2Lz9IjI6U0jsON9gvIk-sA&expires=30
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.193.170.39 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-193-170-39.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 15:53:23 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/google/ Frame 37C3
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-nIAVfTKM4qRcR0oP2Lz9IjI6U0gqqE_w9TB7SQ&google_cm&google_hm=ay1uSUFWZlRLTTRxUmNSMG9QMkx6OUlqSTZVMGdxcUVfd...
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-nIAVfTKM4qRcR0oP2Lz9IjI6U0gqqE_w9TB7SQ&google_gid=CAESEBL8dsQ8CZ3M4-pyY2j3FSU&google_cver=1&google_ula=913071,0

43 B
371 B

213ms
40ms

Image
image/gif

178.250.2.151
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-nIAVfTKM4qRcR0oP2Lz9IjI6U0gqqE_w9TB7SQ&google_gid=CAESEBL8dsQ8CZ3M4-pyY2j3FSU&google_cver=1&google_ula=913071,0

Protocol

Server

178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Dec 2022 15:53:23 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1622036
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 07 Dec 2022 15:53:23 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-nIAVfTKM4qRcR0oP2Lz9IjI6U0gqqE_w9TB7SQ&google_gid=CAESEBL8dsQ8CZ3M4-pyY2j3FSU&google_cver=1&google_ula=913071,0
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 398
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/appnexus/ Frame 37C3
Redirect Chain

https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=7343488845556826741

43 B
370 B

196ms
41ms

Image
image/gif

178.250.2.151
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=7343488845556826741

Protocol

Server

178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Dec 2022 15:53:23 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 2463590
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 07 Dec 2022 15:53:23 GMT
AN-X-Request-Uuid: b2d27be3-669c-4381-b25a-9404ae153811
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Location: https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=7343488845556826741
Connection: keep-alive
X-Proxy-Origin: 192.145.127.213; 192.145.127.213; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 rum
r.casalemedia.com/ Frame 37C3 43 B
869 B 206ms
132ms Image
image/gif 104.18.33.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-WC4P8zKM4qRcR0oP2Lz9IjI6U0ifS2wo5UOUgg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Dec 2022 15:53:23 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8%2Bg2WIZSdKDogw3PjrByKfsx6ujmCPBKA%2BofyyApgq7i2a3okJ0k7%2Bj9oBqcUTwGP6H%2BDpolXiDqiKrC5ljwA6BWQqoOa3I6e0CtK%2F4oLkQPEXElF9Y6sVnaEoxIN4a0R635"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 775e6f12cf70599b-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

GET
H2

200

match
ad.360yield.com/ul_cb/ Frame 37C3
Redirect Chain

https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-y1pnDTKM4qRcR0oP2Lz9IjI6U0hFUleBFsU9tA
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-y1pnDTKM4qRcR0oP2Lz9IjI6U0hFUleBFsU9tA

43 B
447 B

51ms
51ms

Image
image/gif

52.208.172.23
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-y1pnDTKM4qRcR0oP2Lz9IjI6U0hFUleBFsU9tA
Protocol: H2
Server: 52.208.172.23 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-208-172-23.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 07 Dec 2022 15:53:23 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

location: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-y1pnDTKM4qRcR0oP2Lz9IjI6U0hFUleBFsU9tA
date: Wed, 07 Dec 2022 15:53:23 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2 200 cksync.php
contextual.media.net/ Frame 37C3 45 B
622 B 48ms
44ms Image
image/gif 88.221.168.23
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-NbeKPDKM4qRcR0oP2Lz9IjI6U0i-F6dpI8ajwA

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

88.221.168.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a88-221-168-23.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Wed, 07 Dec 2022 15:53:23 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
content-length: 45
x-mnet-hl2: E
expires: Wed, 07 Dec 2022 15:53:23 GMT

GET
H/1.1 200
OK cookie-sync
sync.outbrain.com/ Frame 37C3 0
145 B 478ms
112ms Image
text/plain 70.42.32.31
INTERNAP-BLK3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=criteo&uid=k-btNXvTKM4qRcR0oP2Lz9IjI6U0grNJoshP7OaQ
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.31 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date: Wed, 07 Dec 2022 15:53:23 GMT
Cache-Control: no-cache
X-TraceId: 1ee9332276a2d89bf211ca9f416c74c2
Content-Length: 0

GET
H/1.1 204
No Content tap.php
pixel.rubiconproject.com/ Frame 37C3 0
239 B 143ms
30ms Image
image/gif 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-P9XRojKM4qRcR0oP2Lz9IjI6U0j2q6kEnxzJ1Q&expires=30
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: de8527bfa1ccfd6c1590da0d3b6cff52
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 204 v1
match.sharethrough.com/sync/ Frame 37C3 0
35 B 154ms
26ms Image
text/plain 18.159.205.223
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-6tU7VjKM4qRcR0oP2Lz9IjI6U0jn9NZiHQeUVw
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.159.205.223 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-159-205-223.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 15:53:23 GMT

GET
H/1.1 200
OK /
rtb-csync.smartadserver.com/redir/ Frame 37C3 43 B
163 B 174ms
36ms Image
image/gif 185.86.137.132
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-HESsnTKM4qRcR0oP2Lz9IjI6U0gX6MqnIVbR-g
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.137.132 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 15:53:22 GMT
transfer-encoding: chunked
content-type: image/gif

GET
H2 200 /
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame 37C3 0
99 B 190ms
41ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-h2bjYjKM4qRcR0oP2Lz9IjI6U0jZSAwEddDHCA
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 15:53:23 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 40465

GET
H2 200 um
criteo-sync.teads.tv/ Frame 37C3 23 B
172 B 186ms
71ms Image
image/gif 104.75.89.75
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://criteo-sync.teads.tv/um?eid=80&uid=k-RGFtzTKM4qRcR0oP2Lz9IjI6U0gJKBoXHyfrcQ
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.75.89.75 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-89-75.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.9 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

expires: Wed, 07 Dec 2022 15:53:23 GMT
pragma: no-cache
date: Wed, 07 Dec 2022 15:53:23 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.9
content-length: 23
content-type: image/gif

GET
H2 200 xuid
eb2.3lift.com/ Frame 37C3 37 B
140 B 91ms
26ms Image
image/gif 76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=2711&xuid=k-73lWLDKM4qRcR0oP2Lz9IjI6U0hKRB9pTF4lLg&dongle=013b
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 15:53:23 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H2

204

sync
ups.analytics.yahoo.com/ups/58301/ Frame 37C3
Redirect Chain

https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k--ftBaDKM4qRcR0oP2Lz9IjI6U0hg3b3D30EuSA
https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k--ftBaDKM4qRcR0oP2Lz9IjI6U0hg3b3D30EuSA&verify=true

0
121 B

37ms
37ms

Image
text/plain

18.156.0.31
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k--ftBaDKM4qRcR0oP2Lz9IjI6U0hg3b3D30EuSA&verify=true

Protocol

Server

18.156.0.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.25 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 15:53:23 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location: https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k--ftBaDKM4qRcR0oP2Lz9IjI6U0hg3b3D30EuSA&verify=true
date: Wed, 07 Dec 2022 15:53:23 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 204 put
e1.emxdgt.com/ Frame 37C3 0
45 B 29ms
27ms Image
text/html 18.156.32.70
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e1.emxdgt.com/put?d=d53&uid=k-BVpugjKM4qRcR0oP2Lz9IjI6U0hbbKN0f8UN3A
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.156.32.70 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-32-70.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 15:53:22 GMT
content-length: 0
content-type: text/html

GET
H2 200 pixel
cm.adform.net/ Frame 37C3 43 B
163 B 124ms
38ms Image
image/gif 37.157.3.30
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.adform.net/pixel?adform_pid=15&adform_pc=k-jocuMzKM4qRcR0oP2Lz9IjI6U0jchBpz2ouOKA
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.3.30 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 15:53:23 GMT
last-modified: Fri, 07 Feb 2020 08:03:24 GMT
server: nginx
accept-ranges: bytes
etag: "5e3d19cc-2b"
content-length: 43
content-type: image/gif

GET
H2 200 sync
visitor.omnitagjs.com/visitor/ Frame 37C3 49 B
235 B 137ms
36ms Image
image/gif 185.255.84.152
IGUANE-

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://visitor.omnitagjs.com/visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=CRITEO&visitor=k-iECEazKM4qRcR0oP2Lz9IjI6U0ji5s7ITLNFug

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.255.84.152 , France, ASN200271 (IGUANE-, FR),

Reverse DNS

Software

ayl-lb-fra02 /

Resource Hash

d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Dec 2022 15:53:23 GMT
x-content-type-options: nosniff
server: ayl-lb-fra02
vary: Accept-Encoding
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 2
content-length: 49
expires: 0

GET
H/1.1

200
OK

ibs:dpid=28645&dpuuid=bp3PQx_aVubZi_anladPcviIBZNG00NB
dpm.demdex.net/ Frame 37C3
Redirect Chain

https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=bp3PQx_aVubZi_anladPcviIBZNG00NB

42 B
942 B

54ms
54ms

Image
image/gif

52.19.242.51
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=28645&dpuuid=bp3PQx_aVubZi_anladPcviIBZNG00NB

Protocol

HTTP/1.1

Server

52.19.242.51 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-19-242-51.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v045-0f7e0a58c.edge-irl1.demdex.com 6 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: f0+X17wRSc8=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

location: https://dpm.demdex.net/ibs:dpid=28645&dpuuid=bp3PQx_aVubZi_anladPcviIBZNG00NB
date: Wed, 07 Dec 2022 15:53:22 GMT
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 888024
content-length: 0

GET
H/1.1 200 9.gif
id5-sync.com/s/966/ Frame 37C3 43 B
1 KB 100ms
29ms Image
image/gif 141.95.33.111
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/s/966/9.gif?puid=k--kl6DjKM4qRcR0oP2Lz9IjI6U0h__0PBOzr78g

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

141.95.33.111 , Germany, ASN16276 (OVH, FR),

Reverse DNS

ns3203177.ip-141-95-33.eu

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

content-type: image/gif;charset=UTF-8
date: Wed, 07 Dec 2022 15:53:23 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
transfer-encoding: chunked
p3p: CP="CAO PSA OUR"

GET
H2 200 sync
matching.ivitrack.com/ Frame 37C3 42 B
274 B 97ms
36ms Image
image/gif 34.117.157.22
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://matching.ivitrack.com/sync?realm=criteo&uid=k-aTr4kDKM4qRcR0oP2Lz9IjI6U0iEe_rA1ahk3Q
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.157.22 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 22.157.117.34.bc.googleusercontent.com
Software: istio-envoy /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 15:53:22 GMT
x-envoy-decorator-operation: tag-manager.programmatic.svc.cluster.local:3000/*
via: 1.1 google
server: istio-envoy
content-type: image/gif
cache-control: public, max-age=86400
x-envoy-upstream-service-time: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

GET
H2 200 push
exchange.mediavine.com/usersync/ Frame 37C3 0
884 B 99ms
30ms Image
text/html 52.58.68.225
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://exchange.mediavine.com/usersync/push?partner=criteo&partnerId=k-PA_HCzKM4qRcR0oP2Lz9IjI6U0gRklwDI_GqRA
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.58.68.225 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-58-68-225.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 15:53:23 GMT
cache-control: private, no-cache
access-control-allow-credentials: true
content-encoding: gzip
vary: Origin, Accept-Encoding
content-type: text/html; charset=utf-8

GET
H2 200 Pug
simage2.pubmatic.com/AdServer/ Frame 37C3 42 B
579 B 485ms
39ms Image
image/gif 185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-S7bzNzKM4qRcR0oP2Lz9IjI6U0gtD2pMnmJw1w
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Wed, 07 Dec 2022 15:53:23 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 200 sync
criteo-partners.tremorhub.com/ Frame 37C3 43 B
182 B 157ms
120ms Image
image/gif 2600:1f18:612b:4216:f6:411e:ff52:dd4b
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://criteo-partners.tremorhub.com/sync?UICR=k-pl1jHjKM4qRcR0oP2Lz9IjI6U0jippQKD5CtZg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4216:f6:411e:ff52:dd4b Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date: Wed, 07 Dec 2022 15:53:23 GMT
server: Apache-Coyote/1.1
content-type: image/gif

GET
H/1.1 204
No Content m
ad.yieldlab.net/ Frame 37C3 0
360 B 103ms
34ms Image
text/plain 184.24.4.64
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.yieldlab.net/m?dt_id=8664&ext_id=k-AMCVLjKM4qRcR0oP2Lz9IjI6U0iYn5oyalFKNg

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

184.24.4.64 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-24-4-64.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 07 Dec 2022 15:53:23 GMT
x-content-type-options: nosniff
x-frame-options: DENY
Cache-Control: no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection: keep-alive
x-xss-protection: 1; mode=block
x-application-context: application
Expires: Tue, 06 Dec 2022 15:53:23 GMT

GET
H2 200 sync
sync-criteo.ads.yieldmo.com/ Frame 37C3 43 B
220 B 261ms
50ms Image
image/gif 34.251.236.239
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-criteo.ads.yieldmo.com/sync?id=k-oADpszKM4qRcR0oP2Lz9IjI6U0jB-x1ges3jnQ&pn_id=criteo&ext=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.251.236.239 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-251-236-239.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Wed, 07 Dec 2022 15:53:24 GMT
content-type: image/gif
content-length: 43
access-control-allow-methods: GET, OPTIONS
access-control-request-headers: Cache-Control, Pragma

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame 37C3
Redirect Chain

https://gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40
https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=4gDeSFfyezSGND-cT6coJljWIZBs3HGP

0
336 B

51ms
51ms

Image
text/plain

52.214.172.145
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=4gDeSFfyezSGND-cT6coJljWIZBs3HGP
Protocol: H2
Server: 52.214.172.145 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-214-172-145.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

x-served-by: beacon-n023-dub-prod.krxd.net
date: Wed, 07 Dec 2022 15:53:23 GMT
cache-control: private, no-cache, no-store
x-request-time: D=20 t=1670428403
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=4gDeSFfyezSGND-cT6coJljWIZBs3HGP
date: Wed, 07 Dec 2022 15:53:23 GMT
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 1272097
content-length: 0

GET
H2

200

cs
s.thebrighttag.com/ Frame 37C3
Redirect Chain

https://gum.criteo.com/sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40
https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=Eahll28FiPjQdxSJCPTvq7CD5sVIf4r9

35 B
268 B

437ms
131ms

Image
image/gif

3.23.121.164
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=Eahll28FiPjQdxSJCPTvq7CD5sVIf4r9
Protocol: H2
Server: 3.23.121.164 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-23-121-164.us-east-2.compute.amazonaws.com
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Dec 2022 15:53:24 GMT
x-bt-requestid: 480cd6f0-7647-11ed-9e18-0000ac170251
server: nginx
content-type: image/gif
access-control-allow-origin
p3p: CP=NOI DSP COR NID
cache-control: private, must-revalidate
content-length: 35
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=Eahll28FiPjQdxSJCPTvq7CD5sVIf4r9
date: Wed, 07 Dec 2022 15:53:23 GMT
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 1236660
content-length: 0

Verdicts & Comments Add Verdict or Comment

51 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

77 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
shoppy.payback.it/	1970-01-20 08:43:40	Name: PHPSESSID Value: bctmdbb2m52kklt0rnuiov24i8
.payback.it/	1970-01-20 16:45:01	Name: visid_incap_2357172 Value: vlOV04kGQR2CyxdO1Sg02u+2kGMAAAAAQUIPAAAAAACiSBNaraVPKLFtatyZQrcw
.payback.it/	1969-12-31 23:59:59	Name: incap_ses_871_2357172 Value: nadnFuR1gQH8gqzPRmoWDO+2kGMAAAAAIgGFGrn4+S5aPTcM5AJaig==
.payback.it/	1970-01-20 16:45:00	Name: visid_incap_2251441 Value: 3ONWGTooR6yV9wwqAvQude+2kGMAAAAAQUIPAAAAAACnwG2EicWEgCm1UABcn2a6
.payback.it/	1969-12-31 23:59:59	Name: incap_ses_871_2251441 Value: M2T0aB1AnEYbg6zPRmoWDO+2kGMAAAAApjTZhh+TB4IgGKg9D9xFLg==
.payback.it/	1970-01-20 17:36:28	Name: _ga Value: GA1.2.1102844996.1670428401
.payback.it/	1970-01-20 08:01:54	Name: _gid Value: GA1.2.292391155.1670428401
.payback.it/	1970-01-20 08:00:28	Name: _gat Value: 1
.payback.it/	1970-01-20 10:10:04	Name: s_vi Value: [CS]v1\|31C85B78156502C7-60000AE3EDFB46C7[CE]
.payback.it/	1970-01-20 10:10:04	Name: s_ecid Value: MCMID%7C09600439071886566818136243517261976985
.payback.it/	1969-12-31 23:59:59	Name: AMCVS_124538B3527845100A490D4C%40AdobeOrg Value: 1
.payback.it/	1970-01-20 17:36:28	Name: AMCV_124538B3527845100A490D4C%40AdobeOrg Value: 1176715910%7CMCIDTS%7C19334%7CMCMID%7C09600439071886566818136243517261976985%7CMCAID%7C31C85B78156502C7-60000AE3EDFB46C7%7CMCOPTOUT-1670435600s%7CNONE%7CvVersion%7C5.4.0
.payback.it/	1970-01-20 16:45:00	Name: visid_incap_810778 Value: juYGUfEjQc2Q8RmYS7j81/C2kGMAAAAAQUIPAAAAAAAuSn1OtaeIhXW39EF4Bh+3
www.payback.it/	1969-12-31 23:59:59	Name: PBGLSESSION Value: cbc488c829b89725250804ffa580d254
.payback.it/	1969-12-31 23:59:59	Name: incap_ses_871_810778 Value: 7D8PMBNORQmqg6zPRmoWDPC2kGMAAAAA3mgSkM95WbC56weQrgzNGQ==
.payback.it/	1970-01-20 16:46:04	Name: _hjSessionUser_1171451 Value: eyJpZCI6IjhmZTg3MTlkLTJlNjMtNTc2OS1iZmM3LTdlM2NhYjYzNDUxNiIsImNyZWF0ZWQiOjE2NzA0Mjg0MDEyNjUsImV4aXN0aW5nIjpmYWxzZX0=
.payback.it/	1970-01-20 08:00:30	Name: _hjFirstSeen Value: 1
shoppy.payback.it/	1970-01-20 08:00:28	Name: _hjIncludedInSessionSample Value: 1
.payback.it/	1970-01-20 08:00:30	Name: _hjSession_1171451 Value: eyJpZCI6ImYyNTgxYjU0LTQwZWQtNGMwMy05NDcxLTg4ZWQzYTNlMTcwMiIsImNyZWF0ZWQiOjE2NzA0Mjg0MDE1OTcsImluU2FtcGxlIjp0cnVlfQ==
shoppy.payback.it/	1970-01-20 08:00:28	Name: _hjIncludedInPageviewSample Value: 1
.payback.it/	1970-01-20 08:00:30	Name: _hjAbsoluteSessionInProgress Value: 0
.payback.it/	1969-12-31 23:59:59	Name: s_cc Value: true
.payback.it/	1970-01-20 16:46:04	Name: OptanonConsent Value: isIABGlobal=false&datestamp=Wed+Dec+07+2022+15%3A53%3A22+GMT%2B0000+(GMT)&version=6.22.0&hosts=&consentId=f9c19767-1034-4b1e-8f5c-3af0ab4601e0&interactionCount=0&landingPath=NotLandingPage&AwaitingReconsent=false&groups=C0001%3A1%2CC0002%3A1%2CC0003%3A1%2CC0004%3A0
.doubleclick.net/	1970-01-20 17:22:04	Name: IDE Value: AHWqTUlD1xT4eNhMvgPEF10B-esa9Z1d3W5H6kKSeE6GFuBgCbRujJB-vRSsCKx4S6s
.adnxs.com/	1970-01-20 10:10:04	Name: uuid2 Value: 7343488845556826741
.quantserve.com/	1970-01-20 10:10:04	Name: d Value: EIUBBgHgJwISAdmfow2e6bRu
.quantserve.com/	1970-01-20 17:30:42	Name: mc Value: 6390b6f2-8f1b3-71220-0a771
.tradelab.fr/	1970-01-20 10:10:04	Name: uuid2 Value: 7343488845556826741
.tradelab.fr/	1970-01-20 10:10:04	Name: uuid Value: 7343488845556826741
.rfihub.com/	1970-01-20 17:22:04	Name: rud Value: H4sIAAAAAAAA_-MSNjU0NjQwNzc3MjY1MbI0MjG0tBDiM9Q1cvYyqDQqLzX0Tc0GAIvmB-olAAAA
.rfihub.com/	1969-12-31 23:59:59	Name: ruds Value: H4sIAAAAAAAA_-MSNjU0NjQwNzc3MjY1MbI0MjG0tBDiM9Q1cvYyqDQqLzX0Tc0GAIvmB-olAAAA
.tradelab.fr/	1970-01-20 10:10:04	Name: iev0 Value: eJxljkEKwyAQRe/y11moVSd6ldJVY4tQQnBMN+LdYyIJlO7evM/AK1AjCWcIviBlhpeWhFajFoqkGpCec4YXDaY1dWgmduKlb5/M8e/ztc7w94I4wUNpbTGAw7sdUhM5srddxPC9jDlMDstuDvztcaa5s4fPHr56uPfUR60bhDY4mQ==
.adnxs.com/	1970-01-20 10:10:04	Name: anj Value: dTM7k!M4/8CxrEQF']wIg2In5K6drI!@wnf-Te9(>wL5L!!'X'$k9UE
.media.net/	1970-01-20 16:46:04	Name: visitor-id Value: 3134300026091750000V10
.media.net/	1970-01-20 16:44:38	Name: data-rk Value: 5131077723542924198~~3
.tradelab.fr/	1970-01-20 08:20:38	Name: uuid3 Value: CAESEENOT0Og56NaUpCJevZ-X84
.criteo.com/	1970-01-20 17:22:04	Name: uid Value: 7ab87aa7-a2a6-43af-9739-9fa68711bfa9
.casalemedia.com/	1970-01-20 16:46:04	Name: CMID Value: Y5C28jo0cCLIPAkS8FnSAAAA
.casalemedia.com/	1970-01-20 10:10:04	Name: CMPS Value: 3341
.casalemedia.com/	1970-01-20 10:10:04	Name: CMPRO Value: 3341
.demdex.net/	1970-01-20 12:19:40	Name: demdex Value: 22665717330829161220737421356161437955
.dpm.demdex.net/	1970-01-20 12:19:40	Name: dpm Value: 22665717330829161220737421356161437955
.rezync.com/	1970-01-20 12:19:11	Name: zync-uuid Value: 3813a7b8-d113-4269-925d-a0c1892250c2:1670428403.0690567
live.rezync.com/	1970-01-20 12:19:40	Name: sd-session-id Value: .eJwNyjsOwyAMANC7eA6VbT7GXCZKgQG1oVVIlka5ezM-6Z0wf-u2Lr32HdK-HXWC_G63BqQTRvut9QUJPFlCEWHrHSs70gjXBKOO0T59buU-NpJd5BlNIbLGcVCj7ItZMFNUZo-ZEwVBx9GhfWBQ9EHg-gOKhCSe.Y5C28w.gxHFyrPlGKG6USNVVBWEg7xN4Wc
.eyeota.net/	1970-01-20 08:00:29	Name: SERVERID Value: 17165~DM
.krxd.net/	1970-01-20 12:19:40	Name: _kuid_ Value: PPmgrpXP
.spotxchange.com/	1970-01-20 08:40:47	Name: audience Value: 477525df-7647-11ed-a07f-1fd522ee0106
.rlcdn.com/	1970-01-20 16:46:04	Name: rlas3 Value: +bRjid6fCDobSV9mLAPHgWz+iRotLllROMXQmYpwKrg=
.rlcdn.com/	1970-01-20 09:26:52	Name: pxrc Value: CPPtwpwGEgYIuuoBEAA=
.everesttech.net/	1970-01-20 16:46:04	Name: everest_g_v2 Value: g_surferid~Y5C28wACMSBwQgAZ
.rfihub.com/	1969-12-31 23:59:59	Name: euds Value: H4sIAAAAAAAA_-OSMXR2dA129Q329Q4OdYu3TPVyNHd0LzEJyw1zdVzFKBBp6mxkUe7o7BvsVB6Y7hjVxGJubGFonGieZKGbYmhorGtiZGapa2lkmqKbaJBsaGFpZGRqkGxkZWhmbmBiZGFiYKxnYGZpYGpmDgAPySawawAAAA
.rfihub.com/	1970-01-20 17:22:04	Name: eud Value: H4sIAAAAAAAA_-OSMXR2dA129Q329Q4OdYu3TPVyNHd0LzEJyw1zdQziNTQzNzAxsjAxMLK0tJjFiMQ3NzHehcY_hcZ_hcb_hcafxITKn4XGX4TGX4XG34TG34WungWVfwuNv4hVINLU2cii3NHZN9ipPDDdMWoVK0KJsbGF4SZWNCu40YzgRfOSsDlQl3GieZKFboqhobGuiZGZpa6lkWmKbqJBsqGFpZGRqUGykRXCEj0DM0sDUzPzWcJINgNVLRJGNfkRGh8A_G7GhLoBAAA
.bidswitch.net/	1970-01-20 16:46:04	Name: tuuid Value: 50f2a3b0-3dbc-4b23-9e92-753e0aefdd5d
.bidswitch.net/	1970-01-20 16:46:04	Name: c Value: 1670428403
.bidswitch.net/	1970-01-20 16:46:04	Name: tuuid_lu Value: 1670428403
.media.net/	1970-01-20 08:43:40	Name: data-c Value: k-NbeKPDKM4qRcR0oP2Lz9IjI6U0i-F6dpI8ajwA~~3
.media.net/	1970-01-20 08:43:40	Name: data-c-ts Value: 1670428403
.casalemedia.com/	1970-01-20 10:10:04	Name: CMTS Value: 5190
.360yield.com/	1970-01-20 10:10:04	Name: tuuid Value: d58612ef-b8a4-4205-8782-9c9cc48c6deb
.360yield.com/	1970-01-20 10:10:04	Name: tuuid_lu Value: 1670428403
.360yield.com/	1970-01-20 10:10:04	Name: um Value: !38,d976F8qNdH5KeyF52LEQqr5Lj5eou3KnzunXEuPLZ03sMhwoKCghIYtsGPnv8nUSCt1WwPtc,1678204403
.360yield.com/	1970-01-20 10:10:04	Name: umeh Value: !38,0,1732636403,-1
.id5-sync.com/	1970-01-20 08:00:28	Name: cf Value:
.id5-sync.com/	1970-01-20 08:00:28	Name: cip Value:
.id5-sync.com/	1970-01-20 08:00:28	Name: cnac Value:
.id5-sync.com/	1970-01-20 08:00:28	Name: car Value:
.id5-sync.com/	1970-01-20 08:00:28	Name: gdpr Value:
.id5-sync.com/	1970-01-20 08:00:28	Name: callback Value:
exchange.mediavine.com/	1970-01-20 08:20:38	Name: mv_tokens Value: %7B%22mv_uuid%22%3A%2247d6f9e0-7647-11ed-b0f5-d95278d20b0f%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 08:20:38	Name: mv_tokens_eu-v1 Value: %7B%22mv_uuid%22%3A%2247d6f9e0-7647-11ed-b0f5-d95278d20b0f%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 08:20:38	Name: am_tokens Value: %7B%22mv_uuid%22%3A%2247d6f9e0-7647-11ed-b0f5-d95278d20b0f%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 08:20:38	Name: am_tokens_eu-v1 Value: %7B%22mv_uuid%22%3A%2247d6f9e0-7647-11ed-b0f5-d95278d20b0f%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 08:20:38	Name: criteo Value: %7B%22id%22%3A%22k-PA_HCzKM4qRcR0oP2Lz9IjI6U0gRklwDI_GqRA%22%2C%22version%22%3A%22criteo%22%7D
.yahoo.com/	1970-01-20 16:46:26	Name: A3 Value: d=AQABBPO2kGMCELdKgydJ9E6JoTYYHWnBfo4FEgEBAQEIkmOaYwAAAAAA_eMAAA&S=AQAAAld_FYW69aZp087duOiNcgY
.analytics.yahoo.com/	1970-01-20 16:46:04	Name: IDSYNC Value: 18zh~28pr
.pubmatic.com/	1970-01-20 08:43:40	Name: KRTBCOOKIE_97 Value: 3385-uid:k-S7bzNzKM4qRcR0oP2Lz9IjI6U0gtD2pMnmJw1w&KRTB&23144-uid:k-S7bzNzKM4qRcR0oP2Lz9IjI6U0gtD2pMnmJw1w&KRTB&23286-uid:k-S7bzNzKM4qRcR0oP2Lz9IjI6U0gtD2pMnmJw1w&KRTB&23287-uid:k-S7bzNzKM4qRcR0oP2Lz9IjI6U0gtD2pMnmJw1w
.pubmatic.com/	1970-01-20 08:43:40	Name: PugT Value: 1670428403

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

10041007.fls.doubleclick.net
20755798p.rfihub.com
4370323.fls.doubleclick.net
6633226.fls.doubleclick.net
8942221.fls.doubleclick.net
a.rfihub.com
aa.agkn.com
ad.360yield.com
ad.yieldlab.net
adservice.google.com
adservice.google.it
assets.adobedtm.com
beacon.krxd.net
bpi.rtactivate.com
c1.rfihub.net
cdn.cookielaw.org
cdn.tradelab.fr
cm.adform.net
cm.g.doubleclick.net
code.jquery.com
contextual.media.net
criteo-partners.tremorhub.com
criteo-sync.teads.tv
dis.criteo.com
dpm.demdex.net
dsum-sec.casalemedia.com
e1.emxdgt.com
eb2.3lift.com
exchange.mediavine.com
geolocation.onetrust.com
gum.criteo.com
ib.adnxs.com
id5-sync.com
idsync.rlcdn.com
images.payback.it
in.hotjar.com
its.tradelab.fr
live.rezync.com
match.sharethrough.com
matching.ivitrack.com
mug.criteo.com
p.rfihub.com
partners.tremorhub.com
pixel.quantserve.com
pixel.rubiconproject.com
ps.eyeota.net
r.casalemedia.com
rtb-csync.smartadserver.com
rules.quantcount.com
s.thebrighttag.com
script.hotjar.com
secure.adnxs.com
secure.quantserve.com
shoppy.payback.it
simage2.pubmatic.com
smetrics.payback.it
sslwidget.criteo.com
static.criteo.net
static.hotjar.com
sync-criteo.ads.yieldmo.com
sync-t1.taboola.com
sync-tm.everesttech.net
sync.outbrain.com
sync.search.spotxchange.com
t.teads.tv
ups.analytics.yahoo.com
us-u.openx.net
vars.hotjar.com
visitor.omnitagjs.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.gstatic.com
www.payback.it
x.bidswitch.net
x.dlx.addthis.com
104.18.33.19
104.75.89.75
104.76.200.221
13.224.189.88
13.36.218.177
141.226.228.48
141.95.33.111
142.250.184.194
142.250.186.134
143.204.215.118
151.101.130.49
152.195.132.24
178.250.0.157
178.250.0.163
178.250.2.151
18.156.0.31
18.156.32.70
18.159.205.223
18.193.170.39
18.200.229.106
18.66.97.49
184.24.4.64
185.255.84.152
185.64.190.80
185.80.39.216
185.86.137.132
185.89.210.180
185.89.211.84
185.94.180.125
193.0.160.128
2.23.193.36
2001:4de0:ac18::1:a:1b
2600:1f18:612b:4216:f6:411e:ff52:dd4b
2600:9000:223c:5400:1:76cf:fe80:93a1
2600:9000:223c:8600:6:44e3:f8c0:93a1
2606:4700::6810:9440
2606:4700::6812:1b55
2620:116:800d:21:c5a4:625:6563:a5bb
2a00:1450:4001:800::200e
2a00:1450:4001:80e::2002
2a00:1450:4001:811::2004
2a00:1450:4001:813::2003
2a00:1450:4001:82a::2008
2a00:1450:4001:82b::2002
2a02:2638:1::13
2a02:2638::3
2a02:26f0:480:287::1e80
3.125.70.222
3.23.121.164
34.117.157.22
34.250.18.31
34.251.236.239
35.244.159.8
35.244.174.68
37.157.3.30
45.60.14.82
52.19.242.51
52.208.172.23
52.214.172.145
52.222.236.43
52.58.68.225
54.81.25.165
62.212.64.230
69.173.144.165
70.42.32.31
76.223.111.18
88.221.168.23
05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf
060081f3ddfb6beb9eaa3de00b3d3986f0a801e450420e3a899a9623b7c40ca5
09497c21add8bb0db9905871ded0bd92a146f8da071fba477cbb80c9f3e128d2
0d864c082f074c2f900ebe5035a21c7d1ed548fb5c212ca477ee9e4a6056e6aa
0e4fd57edb22e5b7808c3445ebea120c9539891dd775e553fa72bbad2e05b4a5
10c055e552cd4e8121eded0e5227a20534bfc3484aacecd99b553c069a332f53
1435ce0e8dadc4b08b35285c40263943674b81549a99c8b8461665d8b73143f7
14e216afd1dac9c5cee6978e5cb5c337409e0c4c33c730738b14828a0bd9b15e
1512d0cae110340d3c531924f88ff7648fbe7f58ec9d34a489d9e39ae6218035
152340dde72c32da07052794a4748100ee7b74bb52864449f7319d8ea1fc8e0a
180cf8f4a7cf5881c42a40f00cb72d1af052aedba9f66d068093b123dd398000
1bcb8574c1f63634e5bedc00f44ee5572a359b0bf4f4bfd4ec9aaa9de1f1897e
1c504d6b007fee6b7ebfa1a29ae251846ab6fcb71d9692d8d8434c8b333e83d8
1db167b6937d2b031630b9e8e5c83c25b7351cd17628b55e06a267c80ee3593d
1f8d5b49b77e42a873246d472f19909dc5a7af0d51a354b04d5c675a2891219c
1fd1dd380db1457605d68a5b806df0f3f291537aac9a8549aaa839267b80573f
2321160280270575587cd7920d7514da966aff8f91d867ee6eb52f560f373e78
2366fcb82cd714526fc1971b6de66a0f1459df9dfc22548fc8fe4f6ee40ee408
26ea12bf4b4c56e8bbd9ff137c59a1eff276a4eab5b7dc11ef8a318477eb18d5
29bf487d6b47153521b439bde8dde0e63d8f95bf81b10ce6a81343e6ed1f92f5
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
3c971f1f3b619a30acf212b1d8ac3726c91a870b6f960cd98bfbf06343a38bdd
3e88ee884f6af99fd2ce003f710f957cdb47cc5c67669ef8453fb0d1ec553c73
3ebf1feee2c186d93b326a44ac13526af3c4ba818e11c62e0763e63217b9248b
400990e5a441ae9762554d8d3ec46daae3faa5033c1a1f05b65bcd6a59e932f6
40c1976d30b519f6771cdabdb845b95932183b4b4ddd168b5ca54789f59389ee
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
462a66acbf50e933685e7587e9f1441df8225b2bb4d6b7bc5e757eccf4ff6575
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
51e17eb8d2553f17fe41fd5d1908273136ff315a0e60fd4cc71cb0c0f4a069cb
5266a11278de436c711a6fc1ab0618616f2495135c0157b21899c11f19ab163a
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5774c7771501c10cacb9438c866e7373a7aa1c70fa8205966c3dcf4b31f6c24c
59415c8f1106151e421f5a3e46e8f8aca679ea9cefba5eb1d386ca0381d48c18
5b9025dda4d7688e3311b0c17eddc501133b807def33effaef6593843cf5416e
6057408d25e3e33683e10732bab4b7c681abc6309b677beb82b8ab4b3d19222e
61a8cacd8d5f7bde75f5fd5b5ea813adcee5c4627d678da5b818432a329cbe37
695f56f1a0225002123caa9dd2cf15c06787efc58dfdde19cfb3e2828cf94bf2
6964d03a8ab5896300c3dd5cb3fc6fa302ef3d1b5453d2021282038af12e5679
699defbd584ad3d7cd6fa9c171690eef6e4c3104a00e405cad690d452a38a70c
6be3efeb998248db9cc1083aef162ee483cbde10b893057e4b5ae1a612c0ae3a
72562f00bd821b6edc0368065bf009468955ba01f8ead742d8bbc2470c4358c4
7ef97b12890fc6fee67f869c6e1f74b6719de7d66ac0d649c8d7386a80b4c30f
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83c44166852d421aeef2c21345fee892f77a4495dea52a500fd0954c51a4fbe1
89b6606e0f94c827dffac0f1a54394399a20a84328b54d60e0fcf084c368cbf5
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
91dff0cde19b5bdac4528d0250e13a025d546e67041e0b69e35271e165d6c62b
9219086b4f2c3bf77854b2e06ccd97ad32b9b7a140e65ff8b974a3bae6c7854c
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
99eea6fd17c74ac50672d2e66d260f8b0e43d8ed34087543ffd3640d74d35966
9c24dba648c2cd676d8cf107c23b3ae65ac07a19fbccca3dbe4a92fd97417890
9e389c3ac416ee65a060d4a298a39a96de59cd6a69ca3903907d8c2c467b06fd
9f344df33c4dd72d9d0a7c84a2a01ebb3f3fef42f90e9d1bb1392b2e06061f2d
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a21c1969866a38c7d453773f91de70645a6e6191e66619ca33f03285903dc4c9
a62edb0be4536750c127ad1f2bdfbdf3b088b37aa84236b2e9892cc42bfd57f0
aa9b5f20d5ec051ee2babf4860a93c23d9bb8e1d6b3f8762a00ea60ef9c79c6d
ad19f7f9d6cf32c692adfccc2dbb38c7b7a901fd7360c6d657f5332dcf9e0890
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b055061da7c77e79a287c8b4240d3fdc84a8bcf824baabcbc686164bcec72664
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bbc4456bca95006683a8f081d0d2ed645eef5b14c62eca12c70f7e1cec26c1a0
bf7bed9067125e4194b2b8be487f50bb57d91fa02529caf6cd4aee826ff9b42e
c0b00ab76d19327e40b9765e2f0e0996e45f473a0485fd2dfe5c89b03af26b2b
c32a54f9a6329af569922c49861e4c9a333bae0207092a3d2e18695df9ea1ad0
c48b5e7b4b89e15ba330ad51596cfd0742a237eecf0c014125f794a1ffec248b
ca05feded1e2121cc61e699eb775638085d8bd60e1c18765dd8e442319f81a10
cb32bd9e570a351bf4a6d035919b69cd928331359f64207aa243b49998a1466b
cbffce6f8642619af7ed7335e32750f7f2933765d32c113115da0710aa7deadc
cfb756e3b6b0db5bf5803bc8cedda375c7130c07cfd990c4c7040777b99d4059
d0f07190791630edc058ad6e5a33a3cda6a8f85c470e593ce0bbed46ffec148b
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
d158d0b20c5c981fbbe81b0149b30670214d4ea8450fe5a1bfb096b526ebcec9
d2d2a9d13ba0bdf988e702c1bd0bef55e63f0dc9a389b61be68cd510e77f44ad
d6c1aa198589b0a87b22f515905607c1c11839948491cea44a74b88116b40561
d79279b415a6f42fe038aa33e794d0209b7c54ce2be4634d26dbebbaf9c4f0ee
db9fc712d0c8bd60ca057e5c2da5ee094ccca2fbb3fa5690f8240cd2d20a97e5
df952e9a54be39e513fd310f87c99fc8dc382b27b2c021f1f582c7dd3c65696e
e25f08d953ae4fc69bccf2a1279e56aa33425de22cbc3643208a8fcbc351b5db
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
eb8714afe8bb405368dc0934224fa8d5059c31b6870652324d3c8dcdb1b27070
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1ac695c1600f96139b3b8483ab11e96eb24d182934b1eebe438726c741e2127
ff97f1e98f415751c82b0cef1c791fd76a9f2b6e5a52cdc1d9e1b7a0d88ff746

shoppy.payback.it Open in urlscan Pro 45.60.14.82 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

163 Requests

89 %HTTPS

24 %IPv6

54 Domains

76 Subdomains

65 IPs

9 Countries

3522 kBTransfer

12851 kBSize

77 Cookies

0 Outgoing links

Page URL History

Redirected requests

163 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

shoppy.payback.it Open in urlscan Pro
45.60.14.82 Public Scan

Screenshot
Live screenshot

Full Image

163
Requests

89 %
HTTPS

24 %
IPv6

54
Domains

76
Subdomains

65
IPs

9
Countries

3522 kB
Transfer

12851 kB
Size

77
Cookies

163 HTTP transactions
1 data transactions