urlscan.io logo urlscan.io
SecurityTrails logo

xinisterceiling.com Open in urlscan Pro
2a06:98c1:3120::a  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://storage.googleapis.com/cezayin/maurisio.html#UY5c4Mr0Yv.aspx?d88BcQccj7z3cxwwwcdcRBcJc4md4dV5Fcbbb4W
Effective URL: https://xinisterceiling.com/ffb5a73254b343079aecfa8e26e91d34
Submission: On May 17 via manual from IT — Scanned from IT
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 13 IPs in 3 countries across 14 domains to perform 59 HTTP transactions. The main IP is 2a06:98c1:3120::a, located in United States and belongs to CLOUDFLARENET, US. The main domain is xinisterceiling.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on April 20th 2022. Valid for: a year.
This is the only time xinisterceiling.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Customer Survey Spam (Consumer)

Domain & IP information

1    2a00:1450:4001:808::2010 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
storage.googleapis.com
1    45.10.23.225 (United States)

ASN64249 (ENDOFFICE, US)
PTR: servicepractical.com
goalonly.com
1    23.95.56.5 (United States)

ASN36352 (AS-COLOCROSSING, US)
PTR: 23-95-56-5-host.colocrossing.com
jadebarns.com
1    2606:4700:3034::ac43:d374 (United States)

ASN13335 (CLOUDFLARENET, US)
hobbydimension.com
33    2a06:98c1:3120::a (United States)

ASN13335 (CLOUDFLARENET, US)
xinisterceiling.com
2    2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
5    2a06:98c1:3121::a (United States)

ASN13335 (CLOUDFLARENET, US)
trk-tempore.com
event.trk-tempore.com
2    2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    13.225.81.245 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-81-245.fra2.r.cloudfront.net
sc-static.net
2    104.19.134.78 (None, )

ASN13335 (CLOUDFLARENET, US)
a.mgid.com
2    2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
3    2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
5    35.186.226.184 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 184.226.186.35.bc.googleusercontent.com
tr.snapchat.com
Apex Domain
Subdomains		 Transfer
33 xinisterceiling.com
xinisterceiling.com
593 KB
5 snapchat.com
tr.snapchat.com — Cisco Umbrella Rank: 1033
1 KB
5 trk-tempore.com
trk-tempore.com — Cisco Umbrella Rank: 79968
event.trk-tempore.com — Cisco Umbrella Rank: 181119
3 KB
3 facebook.com
www.facebook.com — Cisco Umbrella Rank: 102
711 B
2 gstatic.com
fonts.gstatic.com
16 KB
2 mgid.com
a.mgid.com — Cisco Umbrella Rank: 18545
6 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 146
113 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 71
104 KB
2 googleapis.com
storage.googleapis.com — Cisco Umbrella Rank: 498
fonts.googleapis.com — Cisco Umbrella Rank: 46
2 KB
1 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 37
349 B
1 sc-static.net
sc-static.net — Cisco Umbrella Rank: 1193
7 KB
1 hobbydimension.com
hobbydimension.com
795 B
1 jadebarns.com
jadebarns.com
426 B
1 goalonly.com
goalonly.com — Cisco Umbrella Rank: 636998
276 B
59 14
Domain Requested by
33 xinisterceiling.com jadebarns.com
xinisterceiling.com
5 tr.snapchat.com sc-static.net
4 event.trk-tempore.com trk-tempore.com
3 www.facebook.com xinisterceiling.com
2 fonts.gstatic.com fonts.googleapis.com
2 a.mgid.com xinisterceiling.com
2 connect.facebook.net xinisterceiling.com
connect.facebook.net
2 www.googletagmanager.com xinisterceiling.com
www.googletagmanager.com
1 www.google-analytics.com www.googletagmanager.com
1 sc-static.net xinisterceiling.com
1 trk-tempore.com xinisterceiling.com
1 fonts.googleapis.com xinisterceiling.com
1 hobbydimension.com 1 redirects
1 jadebarns.com storage.googleapis.com
1 goalonly.com 1 redirects
1 storage.googleapis.com
59 16

This site contains no links.

Subject Issuer Validity Valid
*.storage.googleapis.com
GTS CA 1C3		 2022-04-25 -
2022-07-18		 3 months crt.sh
jadebarns.com
R3		 2022-05-14 -
2022-08-12		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-04-20 -
2023-04-19		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-04-25 -
2022-07-18		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-04-25 -
2022-07-18		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-02-23 -
2022-05-24		 3 months crt.sh
sc-static.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-01-27 -
2023-01-27		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2022-04-25 -
2022-07-18		 3 months crt.sh
tr.snapchat.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-01-13 -
2023-01-13		 a year crt.sh

This page contains 4 frames:

Primary Page: https://xinisterceiling.com/ffb5a73254b343079aecfa8e26e91d34
Frame ID: 0062F2252FAF4B4B77FAA1A2BFB17452
Requests: 54 HTTP requests in this frame

Frame: https://tr.snapchat.com/cm/i?pid=cc25c7df-1e44-4f51-8ff1-8c175d6334c1
Frame ID: 3B50B5AA88EC9E13F78DA8D7BCDAC0A3
Requests: 1 HTTP requests in this frame

Frame: https://tr.snapchat.com/p
Frame ID: 60CE14B5D4D4166ECC3B9646DC670552
Requests: 1 HTTP requests in this frame

Frame: https://tr.snapchat.com/p
Frame ID: 59F812CD51041223F2C01573BC7425DB
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

[1] Ricompensa in attesa - Unieuro - Vogliamo la tua opinione!

Page URL History Show full URLs

  1. https://storage.googleapis.com/cezayin/maurisio.html Page URL
  2. http://goalonly.com/UY5c4Mr0Yv.aspx?d88BcQccj7z3cxwwwcdcRBcJc4md4dV5Fcbbb4W HTTP 302
    https://jadebarns.com/0/0/0/cd26f75cc038f583bdc38a957d3757e3/2_269082_2577813/2319_920424_3539665_... Page URL
  3. https://hobbydimension.com/?s1=350634&s2=718864239&s3=3433&s4=0&s10=868 HTTP 302
    https://xinisterceiling.com/ffb5a73254b343079aecfa8e26e91d34 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

59
Requests

100 %
HTTPS

67 %
IPv6

14
Domains

16
Subdomains

13
IPs

3
Countries

847 kB
Transfer

1731 kB
Size

13
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://storage.googleapis.com/cezayin/maurisio.html Page URL
  2. http://goalonly.com/UY5c4Mr0Yv.aspx?d88BcQccj7z3cxwwwcdcRBcJc4md4dV5Fcbbb4W HTTP 302
    https://jadebarns.com/0/0/0/cd26f75cc038f583bdc38a957d3757e3/2_269082_2577813/2319_920424_3539665_37/596402447$ Page URL
  3. https://hobbydimension.com/?s1=350634&s2=718864239&s3=3433&s4=0&s10=868 HTTP 302
    https://xinisterceiling.com/ffb5a73254b343079aecfa8e26e91d34 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1
  • http://goalonly.com/UY5c4Mr0Yv.aspx?d88BcQccj7z3cxwwwcdcRBcJc4md4dV5Fcbbb4W HTTP 302
  • https://jadebarns.com/0/0/0/cd26f75cc038f583bdc38a957d3757e3/2_269082_2577813/2319_920424_3539665_37/596402447$

59 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
maurisio.html
storage.googleapis.com/cezayin/ 		100 B
679 B 		Document
General
Check archive.org
Download Go to
Full URL
https://storage.googleapis.com/cezayin/maurisio.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
it-IT,it;q=0.9

Response headers

accept-ranges
bytes
age
1502
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=3600
content-length
100
content-type
text/html
date
Tue, 17 May 2022 13:06:53 GMT
etag
"6aba058644ebdd586694408cbf033b1e"
expires
Tue, 17 May 2022 14:06:53 GMT
last-modified
Mon, 07 Dec 2020 22:08:38 GMT
server
UploadServer
x-goog-generation
1607378918126519
x-goog-hash
crc32c=WWXVwQ== md5=aroFhkTr3VhmlECMvwM7Hg==
x-goog-metageneration
2
x-goog-storage-class
STANDARD
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
100
x-guploader-uploadid
ADPycdtImB4J0JnTle1X-Ukn07BrBuM35QAITTHKILQGPhxiv3o-BprYdZwWDKRtrJAb4WiV32lueHKBXBJU4Bk830nbLQ
596402447$
jadebarns.com/0/0/0/cd26f75cc038f583bdc38a957d3757e3/2_269082_2577813/2319_920424_3539665_37/
Redirect Chain
  • http://goalonly.com/UY5c4Mr0Yv.aspx?d88BcQccj7z3cxwwwcdcRBcJc4md4dV5Fcbbb4W
  • https://jadebarns.com/0/0/0/cd26f75cc038f583bdc38a957d3757e3/2_269082_2577813/2319_920424_3539665_37/596402447$
134 B
426 B 		Document
General
Check archive.org
Download Go to
Full URL
https://jadebarns.com/0/0/0/cd26f75cc038f583bdc38a957d3757e3/2_269082_2577813/2319_920424_3539665_37/596402447$
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/cezayin/maurisio.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.95.56.5 , United States, ASN36352 (AS-COLOCROSSING, US),
Reverse DNS
23-95-56-5-host.colocrossing.com
Software
Apache /
Resource Hash

Request headers

Referer
https://storage.googleapis.com/cezayin/maurisio.html#UY5c4Mr0Yv.aspx?d88BcQccj7z3cxwwwcdcRBcJc4md4dV5Fcbbb4W
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
it-IT,it;q=0.9

Response headers

content-length
134
content-type
text/html; charset=UTF-8
date
Tue, 17 May 2022 13:31:57 GMT
server
Apache

Redirect headers

Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
Date
Tue, 17 May 2022 13:31:56 GMT
Location
https://jadebarns.com/0/0/0/cd26f75cc038f583bdc38a957d3757e3/2_269082_2577813/2319_920424_3539665_37/596402447$
Server
Apache
Primary Request ffb5a73254b343079aecfa8e26e91d34
xinisterceiling.com/
Redirect Chain
  • https://hobbydimension.com/?s1=350634&s2=718864239&s3=3433&s4=0&s10=868
  • https://xinisterceiling.com/ffb5a73254b343079aecfa8e26e91d34
61 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://xinisterceiling.com/ffb5a73254b343079aecfa8e26e91d34
Requested by
Host: jadebarns.com
URL: https://jadebarns.com/0/0/0/cd26f75cc038f583bdc38a957d3757e3/2_269082_2577813/2319_920424_3539665_37/596402447$
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cc1905bb08b8d3a9aed0a6357e9bd7660471de2ef08547eafddbf692ae8d9a82
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://jadebarns.com/0/0/0/cd26f75cc038f583bdc38a957d3757e3/2_269082_2577813/2319_920424_3539665_37/596402447$
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
it-IT,it;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
70ccb76ace835fd0-MRS
content-encoding
br
content-type
text/html; charset=UTF-8
date
Tue, 17 May 2022 13:31:59 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
Thu, 19 Nov 1981 08:52:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VL1%2B6PtJLD%2BYjVC%2FGGYrM2HrqAQOuHFEm0yCqw4SuvHPEJFufGtJidDZWRktpOzsAyz7wsCvukTrw9r7a4p3Z7SvlSMhHRU00EHBjsRgQV5ZLj%2FezyhvG7hc1tPhhA9qSzjs133ogZZxhq4S9nXn14yG"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding,User-Agent,User-Agent
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-turbo-charged-by
LiteSpeed
x-xss-protection
1; mode=block

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache, no-store, must-revalidate, max-age=0
cf-cache-status
DYNAMIC
cf-ray
70ccb7668c997375-MRS
content-type
text/html; charset=UTF-8
date
Tue, 17 May 2022 13:31:58 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
Thu, 19 Nov 1981 08:52:00 GMT
location
https://xinisterceiling.com/ffb5a73254b343079aecfa8e26e91d34
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bW8WB%2FNudeuFiFTwNZPUCG9iHA%2BOfmpN3lnRMnM0mdIPt1H9SEW0WgBigb4dxPJv5BYLWl8a2fxgkjmMuIXDS9%2ByM%2Fc0ragfMN7TaPYG0jfHvDh32KzUzvC4L3OrWwFby82dv68G6WNKLNz32pejOYY%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
User-Agent,User-Agent
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-turbo-charged-by
LiteSpeed
x-xss-protection
1; mode=block
bootstrap.min.css
xinisterceiling.com/assets/vendors/bootstrap-4.5.3/css/ 		157 KB
25 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://xinisterceiling.com/assets/vendors/bootstrap-4.5.3/css/bootstrap.min.css
Requested by
Host: xinisterceiling.com
URL: https://xinisterceiling.com/ffb5a73254b343079aecfa8e26e91d34
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f77c0d1739b618edc4a01ca3f6b2990b01a3009030af49ee8cf68e83052df194
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://xinisterceiling.com/ffb5a73254b343079aecfa8e26e91d34
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 13:31:59 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
343379
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Fri, 20 Aug 2021 13:04:53 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jZKie9ZU2bHWLmPGkeNOFmR7tlTfSPAOt%2Fpr8M5c6k0zuMXXhnjgw7Ywo51sb%2BUIn1tz%2FzjdKdRvPosPBP0hbX%2BeAMIpWElpjreUDnHGLIfPVM66DSw4DLWq7kdFJpPedqhKy4D%2F4jkuN%2Fo4Ak1HRZVo"}],"group":"cf-nel","max_age":604800}
content-type
text/css
vary
Accept-Encoding,User-Agent,User-Agent
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
70ccb76fc8565fd0-MRS
expires
Fri, 20 May 2022 14:09:00 GMT
all.css
xinisterceiling.com/assets/vendors/fontawesome/css/ 		72 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://xinisterceiling.com/assets/vendors/fontawesome/css/all.css
Requested by
Host: xinisterceiling.com
URL: https://xinisterceiling.com/ffb5a73254b343079aecfa8e26e91d34
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
462beb0c8ecb2abb15685c31875f268d166313581df110401c2483fab24a46df
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://xinisterceiling.com/ffb5a73254b343079aecfa8e26e91d34
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 13:31:59 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
378694
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Mon, 19 Jul 2021 19:01:59 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QGm5HJm0zBHcn3rs1wehi%2FfXcT6M6pl3Xan111UXtx4FAfhceBxKJ566sddLAYwfLA4mbgnYP4wgQhFAphzB73s0Ddt54I6LkhgwWrszN5Wmm7KDlB3VjvRGMLePSTF1LxuR%2B8FJtJc11Z4s4UcODgmb"}],"group":"cf-nel","max_age":604800}
content-type
text/css
vary
Accept-Encoding,User-Agent,User-Agent
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
70ccb76fc8595fd0-MRS
expires
Fri, 20 May 2022 04:20:25 GMT
common.css
xinisterceiling.com/assets/css/aprilia/ 		32 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://xinisterceiling.com/assets/css/aprilia/common.css?v=969bc5d699b8a398debf515580b0f532
Requested by
Host: xinisterceiling.com
URL: https://xinisterceiling.com/ffb5a73254b343079aecfa8e26e91d34
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
61b42d041445178ceadcd39ddb288847c067ec6a4893ef68b1b8522bae6d08a8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://xinisterceiling.com/ffb5a73254b343079aecfa8e26e91d34
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 13:31:59 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Wed, 20 Apr 2022 19:48:18 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c3ePYfNyzPEQcBG6WcGt3fJWQWE74An%2BfI9NAo7Dnzo8xQDTo0ueqW8rkIog6cJY4IoRmYSVbJQwP4Mzbi5gzq%2FzwjBkdH9x93N%2FrePhscdaE%2Faj5WKOdK07jEXw2bulsiUWe1OG0W9hq0SD0mJOdMME"}],"group":"cf-nel","max_age":604800}
content-type
text/css
vary
Accept-Encoding,User-Agent,User-Agent
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
70ccb76fc85a5fd0-MRS
expires
Tue, 24 May 2022 13:31:59 GMT
msg.js
xinisterceiling.com/inc/ 		941 B
752 B 		Script
General
Check archive.org
Download Go to
Full URL
https://xinisterceiling.com/inc/msg.js
Requested by
Host: xinisterceiling.com
URL: https://xinisterceiling.com/ffb5a73254b343079aecfa8e26e91d34
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cfb6708f8e8d5277007f904e261d1e4c7dc1c9240b04bbaccf4ddf472b3cc95a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://xinisterceiling.com/ffb5a73254b343079aecfa8e26e91d34
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 13:31:59 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
343379
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 10 Feb 2022 13:35:10 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iQ%2Fam%2FBy%2F%2FO2eyG4MjD1%2FM6CAA9GESSNMcePR53qREkNypFdPZ3%2FFWdQ23XHwRC%2FHECTBlcy53oOlNCoeA4h8fL73FpOi7FGXUbSIkK3o6vipi7pCY7TJbKyGasglrXlMhvDiKcI6e51ZO9nEyWHXZ%2Bm"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
vary
Accept-Encoding,User-Agent,User-Agent
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
70ccb76fd85d5fd0-MRS
expires
Fri, 20 May 2022 14:09:00 GMT
fbcode1.js
xinisterceiling.com/inc/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://xinisterceiling.com/inc/fbcode1.js
Requested by
Host: xinisterceiling.com
URL: https://xinisterceiling.com/ffb5a73254b343079aecfa8e26e91d34
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
43fccd349655df7497727c1c95d4fd97033f8aaf649067cbafb2b6d2751cf340
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://xinisterceiling.com/ffb5a73254b343079aecfa8e26e91d34
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 13:31:59 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
378694
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Wed, 07 Oct 2020 23:35:40 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2jQXfYYEn7DCWlpagg9wF%2FLlw30b0hc%2BkIlXBxhfawGtJ1wZGVyLM1D77usFJ5o3b3V0L94uL6fkZn1xRffANkKLXjf1IHIbnI%2FVNfyPm5a%2BsknOH%2BsAKArz9FxBYEeP9CToapmL4jFYjtQQgu5BfbgA"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
vary
Accept-Encoding,User-Agent
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
70ccb76fd8605fd0-MRS
expires
Fri, 20 May 2022 04:20:25 GMT
01c836fc3f9f57e8cb32bcd5d6b40e7b.png
xinisterceiling.com/fim/868-IT/ 		66 KB
67 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://xinisterceiling.com/fim/868-IT/01c836fc3f9f57e8cb32bcd5d6b40e7b.png
Requested by
Host: xinisterceiling.com
URL: https://xinisterceiling.com/ffb5a73254b343079aecfa8e26e91d34
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
73e44e6b6361709ef681bf24e7ae89526629221302c2384363c4dec41d5f56d2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://xinisterceiling.com/ffb5a73254b343079aecfa8e26e91d34
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 13:31:59 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4622
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
68093
x-xss-protection
1; mode=block
last-modified
Tue, 17 May 2022 12:14:55 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent,User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DDgDsSNPQwbg3XtlLJ1YaA%2BGHnR34Uo7W9IRikH9Mo%2Ftx4E%2F%2B2hfqb5w98ayjdGTachqsYPEvDhPN9n9hXdO%2Fq4CiEJWOqupc36k0dJFPepFC1Qq%2FXqYxfKgiJqtLiqllmXBptRcinmI6igXMvFkGmEf"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
70ccb7732ef059a7-MXP
expires
Tue, 24 May 2022 12:14:57 GMT
1ce6187772ad996ce53385a98fa0ff3b.png
xinisterceiling.com/fim/868-IT/ 		121 KB
121 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://xinisterceiling.com/fim/868-IT/1ce6187772ad996ce53385a98fa0ff3b.png
Requested by
Host: xinisterceiling.com
URL: https://xinisterceiling.com/ffb5a73254b343079aecfa8e26e91d34
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ea04fc99345e79b025cc6a1eb2d3ffa4baf7aaee185e49c126fc7459453226fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://xinisterceiling.com/ffb5a73254b343079aecfa8e26e91d34
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 13:31:59 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4622
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
123523
x-xss-protection
1; mode=block
last-modified
Tue, 17 May 2022 12:14:55 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent,User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oqkqJZMjzQdxTaclUYaqNyIUyzXJbdYYqYvjZayr%2FJ53ubxkfwNvI6zcp%2BCsAb2FpdpzXlYappfIxYrcmCDSTB0tkwfCW2jjHj3UYPyM6Ph86Zay4MXVUxs%2BY9xh75uwFCifz3i0L5FE28I4%2BzdH3lWh"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
70ccb7732f0059a7-MXP
expires
Tue, 24 May 2022 12:14:57 GMT
a6ca0c02a1999e0e448bd942557dac4c.svg
xinisterceiling.com/fim/868-IT/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://xinisterceiling.com/fim/868-IT/a6ca0c02a1999e0e448bd942557dac4c.svg
Requested by
Host: xinisterceiling.com
URL: https://xinisterceiling.com/ffb5a73254b343079aecfa8e26e91d34
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7080e089dab3a0ae988d8605e0228194997e26bbb43079ac5772315032c966a2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://xinisterceiling.com/ffb5a73254b343079aecfa8e26e91d34
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 13:31:59 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4622
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Tue, 17 May 2022 12:14:55 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vJiqgrVVHt5T6iLP%2Fcp5QnsFpHj3Cl%2B%2FQKTy0GjOlyYYRuc7tRZ3fisRISYzXgXZT3Ms8QaJ3B6vunyy%2BaZgCi3JPG4JKWcqPKbWCkx0eRxmnSWICQ3lDc2%2F86Y8yGmnW7eBNWL64nAcquQkKMqHQl73"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
vary
Accept-Encoding,User-Agent,User-Agent
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
70ccb7732f0559a7-MXP
expires
Tue, 24 May 2022 12:14:57 GMT
46d11b281d24d90a439b265e0ca3dc35.png
xinisterceiling.com/fim/868-IT/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://xinisterceiling.com/fim/868-IT/46d11b281d24d90a439b265e0ca3dc35.png
Requested by
Host: xinisterceiling.com
URL: https://xinisterceiling.com/ffb5a73254b343079aecfa8e26e91d34
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6da5cf6e99c9e5b4eac83104070645628b698579cb3b457dbb0097befc548dc2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://xinisterceiling.com/ffb5a73254b343079aecfa8e26e91d34
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 13:31:59 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4622
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
13039
x-xss-protection
1; mode=block
last-modified
Tue, 17 May 2022 12:14:55 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent,User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IT1zj%2Fd2Ks2s74pZM%2FKfEBtnek7T%2BwyQaz3ilsWNIm3B1fYCHA5MX%2FshaMLhAOWVEL3WvmYB6r5XLGIkb3rDUdpoGZ30ql4YrUSXf4AeR3JDRe11mOhBd3co%2B73bYiXD0rfrufpLsZ7%2B5h82Y8xb78mw"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
70ccb7732f0859a7-MXP
expires
Tue, 24 May 2022 12:14:57 GMT
f20209b111e9619d2fc9c0f87d5557e4.png
xinisterceiling.com/fim/868-IT/ 		619 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://xinisterceiling.com/fim/868-IT/f20209b111e9619d2fc9c0f87d5557e4.png
Requested by
Host: xinisterceiling.com
URL: https://xinisterceiling.com/ffb5a73254b343079aecfa8e26e91d34
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2e47f6803f61ca30955c2dcf1d7b2d7361891cdb2a3ad96d667f71a5079a2931
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://xinisterceiling.com/ffb5a73254b343079aecfa8e26e91d34
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 13:31:59 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4622
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
619
x-xss-protection
1; mode=block
last-modified
Tue, 17 May 2022 12:14:55 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent,User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j6z%2BQSiKg6a1fyV6KPHtDQLgNL7n%2FDxm4JVrGwE%2B%2FtrH9mK8u7nBidnw8As6S2hTCLbfcldzEQiawMgjWy9bWjt1rPWkJm3S%2BwxESBEKMVt6JZPZE5JREd5bMoKpJnmLU99RfVzc77qCFxsJe5VTTPMt"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
70ccb7732f0959a7-MXP
expires
Tue, 24 May 2022 12:14:57 GMT
169ccbf4272d55c16a6d5911e17f7d64.png
xinisterceiling.com/fim/868-IT/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://xinisterceiling.com/fim/868-IT/169ccbf4272d55c16a6d5911e17f7d64.png
Requested by
Host: xinisterceiling.com
URL: https://xinisterceiling.com/ffb5a73254b343079aecfa8e26e91d34
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5f98f95589e14b4ab6405c1a9dd70832ba177c05cf8aa0bb048cd4f28bd1aba1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://xinisterceiling.com/ffb5a73254b343079aecfa8e26e91d34
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 13:31:59 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4623
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4862
x-xss-protection
1; mode=block
last-modified
Tue, 17 May 2022 12:14:55 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent,User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0Pmr8xBf5WWRZu3Z3Jvi0%2BMd1s9ueaPzM5wwgJ5wK4fKi4nusDIJbdp8hwBonS2cHM644aanWKOwjqYjNVY9YPLYeOVsrwsY8YEsqe6HSvsrsInP9UgQcHmGZKaOvzWVzQ1z%2F5Gk6muYMysaSXGRaFdj"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
70ccb7732f0b59a7-MXP
expires
Tue, 24 May 2022 12:14:56 GMT
6bfb969925a687d6d8d973a052477e65.png
xinisterceiling.com/fim/868-IT/ 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://xinisterceiling.com/fim/868-IT/6bfb969925a687d6d8d973a052477e65.png
Requested by
Host: xinisterceiling.com
URL: https://xinisterceiling.com/ffb5a73254b343079aecfa8e26e91d34
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
85e69233cd6795c61fe1383eae608d874ca8a2c87ba21027ebf7eaf238891351
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://xinisterceiling.com/ffb5a73254b343079aecfa8e26e91d34
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 13:31:59 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4622
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
16327
x-xss-protection
1; mode=block
last-modified
Tue, 17 May 2022 12:14:55 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent,User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7redr3FqlZIKeFbq4kSoeMRB7mDEsvCaJUEqM8kY7L3xF3cj%2BLfrLjmIGrympk34bcjZhNFk8vQATGz4jTboo%2FcCMKZD%2FOpGYUGWuq7a0x2LHrek93iezOGx%2BqaJyokukDSZtwgkQKSSFMmvvpIewEDe"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
70ccb7732f0e59a7-MXP
expires
Tue, 24 May 2022 12:14:57 GMT
588e75a8e5303ae1cae65e5479ffed4e.jpg
xinisterceiling.com/fim/868-IT/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://xinisterceiling.com/fim/868-IT/588e75a8e5303ae1cae65e5479ffed4e.jpg
Requested by
Host: xinisterceiling.com
URL: https://xinisterceiling.com/ffb5a73254b343079aecfa8e26e91d34
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2b0c81aa2f2e5fda1c499501edad4927ade4d57d5d31887c076e5769e9ea2866
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://xinisterceiling.com/ffb5a73254b343079aecfa8e26e91d34
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 13:31:59 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4622
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1086
x-xss-protection
1; mode=block
last-modified
Tue, 17 May 2022 12:14:55 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent,User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RaJ%2F6WmkH%2BgefNsAkpXEuAVkKOYeaEhSMd6fm2nU256Nu9OLD1u9tR2RcRX4YdgKdqYtdZdIeyV4WUiWAGEmbpSiN%2F6Ly3KjJPPO5h5pi97yFSM1eW77l9X%2B563bM7FDLeSyHNIGZ4LcSlgGSTbDLq%2F7"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
70ccb7732f0f59a7-MXP
expires
Tue, 24 May 2022 12:14:57 GMT
d55615e2146b95561292ab685ed921b6.png
xinisterceiling.com/fim/868-IT/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://xinisterceiling.com/fim/868-IT/d55615e2146b95561292ab685ed921b6.png
Requested by
Host: xinisterceiling.com
URL: https://xinisterceiling.com/ffb5a73254b343079aecfa8e26e91d34
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0d79ca3b13098126f0c0fc76aed54a8acf6e645e62eb5f0ff90571141dfe24b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://xinisterceiling.com/ffb5a73254b343079aecfa8e26e91d34
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 13:31:59 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4622
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
8047
x-xss-protection
1; mode=block
last-modified
Tue, 17 May 2022 12:14:55 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent,User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KmO1be46i4N6KbcSu6vZabkslxr4I%2BN%2FMa4STpWJLwQljJg0RIL78mutqtYpngiKDiAd92l7pqMO5GV0pg%2BVjwOhr6OfhbzCIC4xhJ7RaxI6rViKYSEqDXFA%2FdncBTUF%2BmhCH2pyU0Nsi%2BSWY5ynNwS9"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
70ccb7732f1059a7-MXP
expires
Tue, 24 May 2022 12:14:57 GMT
f039f4674402ac0676fcbd673cb68f43.jpg
xinisterceiling.com/fim/868-IT/ 		32 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://xinisterceiling.com/fim/868-IT/f039f4674402ac0676fcbd673cb68f43.jpg
Requested by
Host: xinisterceiling.com
URL: https://xinisterceiling.com/ffb5a73254b343079aecfa8e26e91d34
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1ce63c80e7a42b46fc1a6b4778a62e352a58cfe0477b63ce870c025a86972de7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://xinisterceiling.com/ffb5a73254b343079aecfa8e26e91d34
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 13:31:59 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4622
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
32812
x-xss-protection
1; mode=block
last-modified
Tue, 17 May 2022 12:14:55 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent,User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eZxR3YfjVPc%2FzRs9sLqRWCl3N54t%2FiXeo6fvl9CONl0wQaZ1wt5D3KxZ5f4k9lnupQH3M5T6v%2F1GEPzwqrRnUikgwF7FmuDW277gUgcEihqYGUVS1cERfbRWPytr6R%2FJQCYmpq819qtEEjXo0V8L8Vw9"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
70ccb7732f1159a7-MXP
expires
Tue, 24 May 2022 12:14:57 GMT
88cc0825e1bb1b6a7705ebf52cc7bacf.png
xinisterceiling.com/fim/868-IT/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://xinisterceiling.com/fim/868-IT/88cc0825e1bb1b6a7705ebf52cc7bacf.png
Requested by
Host: xinisterceiling.com
URL: https://xinisterceiling.com/ffb5a73254b343079aecfa8e26e91d34
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7a15c7fd6cff51cb3a08a1b705e578578f16f316835547063e9298a27257936b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://xinisterceiling.com/ffb5a73254b343079aecfa8e26e91d34
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 13:31:59 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4622
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1399
x-xss-protection
1; mode=block
last-modified
Tue, 17 May 2022 12:14:56 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent,User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aqUOUger%2BrWNZE4Ll1HJW%2BxG0Yc%2Ff9JfdUlhoopH9SP8NpqfT%2F%2Ft6%2BL%2BkJtg6%2F2fKYYwZw%2Fm7HvOzCp5jjyUduhIaW4um9TT7mh3ZO42bjUkONqPuRqipMeEaeX%2FbI1trtSe1ahvL0zUQbd%2B1fidFv7L"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
70ccb7732f1359a7-MXP
expires
Tue, 24 May 2022 12:14:57 GMT
fc69fa551309b3f6912c431f0e78e288.jpg
xinisterceiling.com/fim/868-IT/ 		55 KB
56 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://xinisterceiling.com/fim/868-IT/fc69fa551309b3f6912c431f0e78e288.jpg
Requested by
Host: xinisterceiling.com
URL: https://xinisterceiling.com/ffb5a73254b343079aecfa8e26e91d34
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5fa43c387ed8adef07c090ddf7d2c5438b6c3fd7a3f220660a5b97c84e247d8e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://xinisterceiling.com/ffb5a73254b343079aecfa8e26e91d34
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 13:31:59 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4622
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
56602
x-xss-protection
1; mode=block
last-modified
Tue, 17 May 2022 12:14:55 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent,User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4y8Q6i9HHY9qwPeRxd9DSsuL164b3aKxqtAcx9bE5Cx647zgJ6%2F9NDvEmQObkyD8FMYK9DFZOR1oJ8Y1vQgPA%2BoaP%2FLc5ju2wNa3hbB2WHNC5rneoBNUyORn9rxm1WJZcLN6rzYRATT7r5%2F5S3WCiz%2BS"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
70ccb7732f1559a7-MXP
expires
Tue, 24 May 2022 12:14:57 GMT
f6d953bb274f93e66e228a451d3f230f.png
xinisterceiling.com/fim/868-IT/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://xinisterceiling.com/fim/868-IT/f6d953bb274f93e66e228a451d3f230f.png
Requested by
Host: xinisterceiling.com
URL: https://xinisterceiling.com/ffb5a73254b343079aecfa8e26e91d34
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3c6c0ed2601deeefd179e1922d9f017701169372b21079f842fc67e44022a126
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://xinisterceiling.com/ffb5a73254b343079aecfa8e26e91d34
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 13:31:59 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4623
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1188
x-xss-protection
1; mode=block
last-modified
Tue, 17 May 2022 12:14:56 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent,User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ry%2BwTRuLb%2FJ7wiTvxex2Kjt2ItjUlw6UikmqXPJ8q37CDikrszkM2iwZUnhl%2FydGxCuxUWwvoWLrQ9S%2B%2BpLFBv1FMya2lxrMV1u1pIDXmQsHa3M89tCsz7KwN0OEK6qv9acbwn34EokMjpo2AmtRYmaq"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
70ccb7732f1759a7-MXP
expires
Tue, 24 May 2022 12:14:56 GMT
1006c69834b102ef216db9444610ffcf.png
xinisterceiling.com/fim/868-IT/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://xinisterceiling.com/fim/868-IT/1006c69834b102ef216db9444610ffcf.png
Requested by
Host: xinisterceiling.com
URL: https://xinisterceiling.com/ffb5a73254b343079aecfa8e26e91d34
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
acdbb507399cf91d06d28c73e8500279d2b6eb8023cdd86b938ecac324c2fd28
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://xinisterceiling.com/ffb5a73254b343079aecfa8e26e91d34
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 13:31:59 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4622
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1361
x-xss-protection
1; mode=block
last-modified
Tue, 17 May 2022 12:14:55 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent,User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q03IKWz9gjXxndrlFCh%2BOeVELaFhz0tTXNse%2F2FpCefwAbZFgWvpXUundq9%2BqNGNj3rd7i%2BMhp3Z9tR5MRdMaSPvKMB2IgwSdrwfDxdFPmT8bQnsO8mfnt8EVFmFSHMgrC%2BjnKphIj%2FePbjweXJjUd5v"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
70ccb7732f1859a7-MXP
expires
Tue, 24 May 2022 12:14:57 GMT
956e92094bfcaadb55532e55f72562a9.jpg
xinisterceiling.com/fim/868-IT/ 		29 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://xinisterceiling.com/fim/868-IT/956e92094bfcaadb55532e55f72562a9.jpg
Requested by
Host: xinisterceiling.com
URL: https://xinisterceiling.com/ffb5a73254b343079aecfa8e26e91d34
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
64536a06077e07e99200b5a606d65548e59c66bee81f7d6def8f68974472b3ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://xinisterceiling.com/ffb5a73254b343079aecfa8e26e91d34
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 13:31:59 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4622
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
29855
x-xss-protection
1; mode=block
last-modified
Tue, 17 May 2022 12:14:56 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent,User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4VlSv9wwjDLTO6h1EVk1b0DAukW7PaLRxImoA1iMrD1%2FY8GJ5xDSHGzmyqDesDVoNwvsR8Gy4D3Fpme3xSPe0GxJk7pT9FWOdFOgw3j2v3HR%2But7lzXlYDPxz1C5hkUmZkwbMzCvWEG8yG6GiD9CQE8R"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
70ccb7732f1a59a7-MXP
expires
Tue, 24 May 2022 12:14:57 GMT
a97da7d48348e7a2fb65e6f7d7905581.png
xinisterceiling.com/fim/868-IT/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://xinisterceiling.com/fim/868-IT/a97da7d48348e7a2fb65e6f7d7905581.png
Requested by
Host: xinisterceiling.com
URL: https://xinisterceiling.com/ffb5a73254b343079aecfa8e26e91d34
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0ad0615765bf17bdb85ae307eb8f9eee2e1fb0b600117bdd991a1efe9c834078
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://xinisterceiling.com/ffb5a73254b343079aecfa8e26e91d34
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 13:31:59 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4622
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1385
x-xss-protection
1; mode=block
last-modified
Tue, 17 May 2022 12:14:55 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent,User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LKENZcga6BgCp8sqa3AtiuYdzwvcP2%2BadjkDCs6XXHA0bFGvVWDciuld0JntBKNasB413Ya8DA64nTWdv3EGkY6ZruTwDR6%2F1sRbVPxFG0Jddcg4z9PpYk7xMVDeLHtYqj38H2A%2F02zAusn9CSykiT4V"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
70ccb7732f1b59a7-MXP
expires
Tue, 24 May 2022 12:14:57 GMT
97fb8c46f5ba85b0a1526dfab8ca2948.png
xinisterceiling.com/fim/868-IT/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://xinisterceiling.com/fim/868-IT/97fb8c46f5ba85b0a1526dfab8ca2948.png
Requested by
Host: xinisterceiling.com
URL: https://xinisterceiling.com/ffb5a73254b343079aecfa8e26e91d34
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
18b60afc8548639623f2395f3f828b2ea05d029d0218b9632ee85909ef8071f4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://xinisterceiling.com/ffb5a73254b343079aecfa8e26e91d34
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 13:31:59 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4622
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1543
x-xss-protection
1; mode=block
last-modified
Tue, 17 May 2022 12:14:56 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent,User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wZLwrMRgOWUeMVxdE3GeeNWrGrxvbFC%2BeT1fB7VlzJBy66z5e8B9NQGiGxlYlQVIaThxStfJEnVINpznVeb5hWFJBGwYzqA6I5pJTBW1r2brnU%2FFbw74OZOxWyyYXjkge1Jn3US6Ih3vy%2F%2BUiZYeSaoc"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
70ccb7732f1e59a7-MXP
expires
Tue, 24 May 2022 12:14:57 GMT
dfc81a014d56e6a34a1c0b9d72e1f17c.png
xinisterceiling.com/fim/868-IT/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://xinisterceiling.com/fim/868-IT/dfc81a014d56e6a34a1c0b9d72e1f17c.png
Requested by
Host: xinisterceiling.com
URL: https://xinisterceiling.com/ffb5a73254b343079aecfa8e26e91d34
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
596505ae2d99cbcc964752ea4c998a6b51c5c829c6b8befd5ec5e90571ac6c0a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://xinisterceiling.com/ffb5a73254b343079aecfa8e26e91d34
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 13:31:59 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4622
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1526
x-xss-protection
1; mode=block
last-modified
Tue, 17 May 2022 12:14:56 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent,User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UNQlpcVuQknnQ39HpEDOSCp2zu4TqQmnffsZ2iWBBr%2BlBSKWVmH6hXKxroSSR6Ddn6Y0%2BOtmfqdCV6DReel1J681RtwEb%2FJtb6KCAlpSvZDsaM0pItQ3V62VAcZWjp2kPr1yEK%2BsJDMCCp4jdVHI1Cod"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
70ccb7732f2159a7-MXP
expires
Tue, 24 May 2022 12:14:57 GMT
7a552168a89cd5dd80cd2bab06d99c07.png
xinisterceiling.com/fim/868-IT/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://xinisterceiling.com/fim/868-IT/7a552168a89cd5dd80cd2bab06d99c07.png
Requested by
Host: xinisterceiling.com
URL: https://xinisterceiling.com/ffb5a73254b343079aecfa8e26e91d34
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4604e524a2131ee561e13c9fe760267a0bbc64ca91027ab92fd355ff4dc1514d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://xinisterceiling.com/ffb5a73254b343079aecfa8e26e91d34
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 13:31:59 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4623
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1120
x-xss-protection
1; mode=block
last-modified
Tue, 17 May 2022 12:14:55 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent,User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mBEYEoIJPVnNM4sUESrd0eH5mQ2bkzwT4Die0GBQ%2B%2B8RSCIxQmX0IAu2PaX7ruxUtXz1PGUOcmJwQOw8gDrMO45CNlHldG1B9yKjJtfdPO8A7hTW4phUFQgNdySO3xHGR6NbZ8bCzjPCJNL85TSIhLGK"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
70ccb7732f2259a7-MXP
expires
Tue, 24 May 2022 12:14:56 GMT
03998e3096fcbe6c36a6b2b6f209c2e0.png
xinisterceiling.com/fim/868-IT/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://xinisterceiling.com/fim/868-IT/03998e3096fcbe6c36a6b2b6f209c2e0.png
Requested by
Host: xinisterceiling.com
URL: https://xinisterceiling.com/ffb5a73254b343079aecfa8e26e91d34
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bc4ba5ab1f79419e5c8a06db6d5ed27f78b026617608d8513bdf476bf78e1120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://xinisterceiling.com/ffb5a73254b343079aecfa8e26e91d34
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 13:31:59 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4622
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
5389
x-xss-protection
1; mode=block
last-modified
Tue, 17 May 2022 12:14:56 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent,User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KZYWQNd1sVlxuLNuoeuSqNFU6Pq07kAIHO71g2Kf70cCTp9bvZsTOlIckr0eH6IKP%2FwxgqIdF%2FVojYlDyzhIkC6xkNNI3X7x5m%2F7D02dBXo%2BM4k0Mh%2BchOVvmYc94A82vdsW8VqiyilfEDaJRquW5ZUC"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
70ccb7732f2459a7-MXP
expires
Tue, 24 May 2022 12:14:57 GMT
email-decode.min.js
xinisterceiling.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://xinisterceiling.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: xinisterceiling.com
URL: https://xinisterceiling.com/ffb5a73254b343079aecfa8e26e91d34
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://xinisterceiling.com/ffb5a73254b343079aecfa8e26e91d34
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 13:31:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 12 May 2022 17:41:42 GMT
server
cloudflare
etag
W/"627d46d6-4d7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
DENY
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6H5hzrmoc0wzDaIM7y6wMrfn9Myc2GGYUHRtinlkx9UV01jbV8qsQ8mb%2FtZHp1mjdbeewWphwE82fIb5FTEeCxQ%2FGVhazVzT9NdjRCnP4q4yjhk2auc%2BhZVBDNxd7uOpaXo%2BL%2Bp3WfIderXvS1ZCB0GF"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=172800, public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
70ccb7702db759a7-MXP
vary
Accept-Encoding
expires
Thu, 19 May 2022 13:31:59 GMT
jquery-3.4.1.min.js
xinisterceiling.com/assets/vendors/ 		86 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://xinisterceiling.com/assets/vendors/jquery-3.4.1.min.js
Requested by
Host: xinisterceiling.com
URL: https://xinisterceiling.com/ffb5a73254b343079aecfa8e26e91d34
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4c24dfd28784ad2befb3dafaac6bf1ed4e7cd58cce713d9a0b228d426e812baf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://xinisterceiling.com/ffb5a73254b343079aecfa8e26e91d34
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 13:31:59 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
340481
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Fri, 20 Aug 2021 13:04:53 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GgGW6uVgVygirm%2F1gYQ2fnzqEBV5duDMR3o11pnHeOW45p2i46MCHk0uQl9S3gOOs5T0kEwYGt8nlX3fUNmzEWwNDINulJOYT6RV2dDjDGgWRrXh7%2F%2BRMypbxsff%2BZCEZaC01%2ByRPbOUx3UOT01ruQEm"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
vary
Accept-Encoding,User-Agent,User-Agent
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
70ccb7706e9a59a7-MXP
expires
Fri, 20 May 2022 14:57:17 GMT
bootstrap.min.js
xinisterceiling.com/assets/vendors/bootstrap-4.5.3/js/ 		62 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://xinisterceiling.com/assets/vendors/bootstrap-4.5.3/js/bootstrap.min.js
Requested by
Host: xinisterceiling.com
URL: https://xinisterceiling.com/ffb5a73254b343079aecfa8e26e91d34
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d8968086f7509df34c3278563dab87399da4f9dcdfb419818e3a309eedc70b88
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://xinisterceiling.com/ffb5a73254b343079aecfa8e26e91d34
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 13:31:59 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
340276
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Fri, 20 Aug 2021 13:04:53 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mL%2FsAGUmSi77ihSQWyXD%2F7Pl4Rr7K8y7KWp9OgfkbgLZ2zqvRgQVrmB2H67vUyJwkuMF5lmqNeNz%2F8D2YyGrqBUCL9jIAuDnEInI64o%2BnGkievYib0JO%2BTYe5xmR%2FQX99S%2BTlmg9p69He8xM5K%2FEuvNG"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
vary
Accept-Encoding,User-Agent,User-Agent
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
70ccb770f88059a7-MXP
expires
Fri, 20 May 2022 15:00:43 GMT
functions.js
xinisterceiling.com/assets/js/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://xinisterceiling.com/assets/js/functions.js?v=969bc5d699b8a398debf515580b0f532
Requested by
Host: xinisterceiling.com
URL: https://xinisterceiling.com/ffb5a73254b343079aecfa8e26e91d34
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4287b02969d0fe7f047dfa7663cf5fe3635ad92adf1995598297917fe55b18a0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://xinisterceiling.com/ffb5a73254b343079aecfa8e26e91d34
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 13:31:59 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 25 Mar 2021 02:06:15 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yG90E7up4BJj1NbGx4whsGPIjb53IS%2FQYEUAn%2BZ2skFVMHB2Xe37dAl8Xjr1ddlHUmXHvBQbPb4h4HQ1qNr7PAsEFeBpXcsE61bslzpqDLij%2B2HHZdXIig39zEe4goBmtNSyGFrGum0fZlf9Q8jG49VI"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
vary
Accept-Encoding,User-Agent,User-Agent
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
70ccb771699059a7-MXP
expires
Tue, 24 May 2022 13:31:59 GMT
common.js
xinisterceiling.com/assets/js/aprilia/ 		57 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://xinisterceiling.com/assets/js/aprilia/common.js?v=969bc5d699b8a398debf515580b0f532
Requested by
Host: xinisterceiling.com
URL: https://xinisterceiling.com/ffb5a73254b343079aecfa8e26e91d34
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6bf47a24c5dac584db904c52d08f266326252e4bd193aff24f263c7ed5f0774e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://xinisterceiling.com/ffb5a73254b343079aecfa8e26e91d34
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 13:32:00 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Mon, 25 Apr 2022 18:00:41 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=spGqtAFD%2BGd63lLc1dMi049gfDK%2Bxp%2FGi2lSzjy3%2BGMM31%2Fq7jykJsrm8FT%2Fjd6tDWugoonBoZV%2Bnmr7RAh8b3xu6wDhjG7zJh0vOEVKuKISIEwmyQfo7m%2BKyqVDw%2FzYganSpTu4GfdNreIQupml1lzP"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
vary
Accept-Encoding,User-Agent,User-Agent
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
70ccb7723c2f59a7-MXP
expires
Tue, 24 May 2022 13:32:00 GMT
gtm.js
www.googletagmanager.com/ 		91 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NK3N874
Requested by
Host: xinisterceiling.com
URL: https://xinisterceiling.com/ffb5a73254b343079aecfa8e26e91d34
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
02688d8ada84c500ef44c3f75f2c4846d3208d80ebb52fc8fffa9a74d8204ab8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://xinisterceiling.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 13:31:59 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35881
x-xss-protection
0
last-modified
Tue, 17 May 2022 12:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 17 May 2022 13:31:59 GMT
css2
fonts.googleapis.com/ 		2 KB
986 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Poppins:wght@400;700&display=swap
Requested by
Host: xinisterceiling.com
URL: https://xinisterceiling.com/assets/css/aprilia/common.css?v=969bc5d699b8a398debf515580b0f532
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ecd93802562255dff45c0aa90f8e57693ce3fc103c8e3033a5c1dbe2d1574769
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://xinisterceiling.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 17 May 2022 13:31:27 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Tue, 17 May 2022 13:31:59 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 17 May 2022 13:31:59 GMT
v9e118mez8
trk-tempore.com/scripts/push/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://trk-tempore.com/scripts/push/v9e118mez8
Requested by
Host: xinisterceiling.com
URL: https://xinisterceiling.com/inc/msg.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa4b74cc94b96ff49ac4462f2a335fcaf85777e2a8857b805d08da763d8647ff
Security Headers
Name Value
Content-Security-Policy default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src https://* data:; font-src 'self' data:
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://xinisterceiling.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 13:32:00 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
x-frame-options
DENY
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TyGkqAtnTgxJolXYDPUFPc830HhktRlA2C4fQ%2FHDbAKQszvKWa063N8O94G4JxGXHWoRzTHaNFjFwxuVsTKX7NUXJ4TSD5HPYkb6OaOHg7wfAPBSFgfEhDQofPrVcBMlh6IhhxRmQ286O8zcs%2BI%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript;charset=UTF-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
feature-policy
geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'none'; fullscreen 'self'; payment 'none'
content-security-policy
default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src https://* data:; font-src 'self' data:
cf-ray
70ccb7739fc55a37-MXP
expires
0
fbevents.js
connect.facebook.net/en_US/ 		99 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: xinisterceiling.com
URL: https://xinisterceiling.com/inc/fbcode1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
acbe6770b0fc8b621a9d4f7068b241fb403fe999ea33270931ee59ec4cfdf3f1
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://xinisterceiling.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
26310
x-xss-protection
0
pragma
public
x-fb-debug
sq0JwwmUvQfupmWDZsuC+8KJctLvhkoyhICgfT2gkLxCB7+Xig/QkHlr2Oqf+VvlErm/YIsPHEvdCSxhZwV54A==
x-fb-trip-id
917726464
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Tue, 17 May 2022 13:31:59 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
scevent.min.js
sc-static.net/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sc-static.net/scevent.min.js
Requested by
Host: xinisterceiling.com
URL: https://xinisterceiling.com/inc/fbcode1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.81.245 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-81-245.fra2.r.cloudfront.net
Software
CloudFront /
Resource Hash
73d373ed5f48efd137d015e250ac11d368fd987b41d6dba88e81578b43e219a2

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://xinisterceiling.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 13:32:00 GMT
content-encoding
gzip
server
CloudFront
x-amz-cf-pop
FRA2-C2
x-cache
LambdaGeneratedResponse from cloudfront
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
cache-control
private, s-maxage=0, max-age=600
access-control-allow-headers
Content-Type
content-length
7166
via
1.1 eb1a8c1b1275e33a016e623478052110.cloudfront.net (CloudFront)
x-amz-cf-id
gvECKua5hLCyN0Ky1yfTXDo3pKophGLQCthPEgwbnXt7laVbFyiBmg==
mgsensor.js
a.mgid.com/ 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.mgid.com/mgsensor.js?d=1652794319845
Requested by
Host: xinisterceiling.com
URL: https://xinisterceiling.com/inc/fbcode1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.134.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8098c6938d10947bf06e59e59b684daf1ef70c1e520bd7e6d4d85e28ee94f00

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://xinisterceiling.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 13:32:00 GMT
content-encoding
br
cf-cache-status
DYNAMIC
x-mg-request-uuid
38cb68a1-6c6e-491c-8a5b-25fc5d49613a
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cf-ray
70ccb7739dab59bf-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
server
cloudflare
fa-solid-900.woff2
xinisterceiling.com/assets/vendors/fontawesome/webfonts/ 		78 KB
79 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://xinisterceiling.com/assets/vendors/fontawesome/webfonts/fa-solid-900.woff2
Requested by
Host: xinisterceiling.com
URL: https://xinisterceiling.com/assets/vendors/fontawesome/css/all.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6c916669cf923b4f1b2db5c5107c83b6ca205e7ad0dcd840b251e63f0c8d28a2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://xinisterceiling.com/assets/vendors/fontawesome/css/all.css
Origin
https://xinisterceiling.com
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 13:31:59 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
340276
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
80252
x-xss-protection
1; mode=block
last-modified
Mon, 19 Jul 2021 19:01:59 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent,User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Zq3kx4sPMglkNLjvv6C585xui8rNqYQqGtZww9PXjTSxzNwvyMGS2haoHsGQ0JBwWrzW2L5VDbaJFb3UbHEh59UvgSQwni9n371%2Bq1TSmgPZpb5Bp3DjgGFkqPWgCNcHL5Exy7MRue%2F3%2BzVdy5ktvNJh"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
70ccb7732f2659a7-MXP
expires
Fri, 20 May 2022 15:00:43 GMT
pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v20/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:wght@400;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://xinisterceiling.com
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 11 May 2022 19:24:53 GMT
x-content-type-options
nosniff
age
497226
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7884
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 17:03:52 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 11 May 2023 19:24:53 GMT
pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:wght@400;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://xinisterceiling.com
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 11 May 2022 19:25:44 GMT
x-content-type-options
nosniff
age
497175
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7816
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:11:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 11 May 2023 19:25:44 GMT
fa-regular-400.woff2
xinisterceiling.com/assets/vendors/fontawesome/webfonts/ 		13 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://xinisterceiling.com/assets/vendors/fontawesome/webfonts/fa-regular-400.woff2
Requested by
Host: xinisterceiling.com
URL: https://xinisterceiling.com/assets/vendors/fontawesome/css/all.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b3b8c21edfe6c5e402fdc607366fd8d15949a65914f58134733dc68922bc8d61
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://xinisterceiling.com/assets/vendors/fontawesome/css/all.css
Origin
https://xinisterceiling.com
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 13:31:59 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
336606
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
13588
x-xss-protection
1; mode=block
last-modified
Mon, 19 Jul 2021 19:01:59 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent,User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XdsWK0cSQ3Q4S4ePTnu52zsZhpqQGmhcECFR3lWzW5%2BEi30OAFLBLcZ2VcuQUOvwoEGRX9EIYRXnJ1rRLmq1EmGTwt7fLn2CUYgHlxVzr7VHTmMEK%2FaZzj5ZLhcKtz2kbx89r6YBXwFJyailiRmsfeNL"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
70ccb7737fbf59a7-MXP
expires
Fri, 20 May 2022 16:01:53 GMT
399694290689525
connect.facebook.net/signals/config/ 		305 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/399694290689525?v=2.9.60&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
21e64d024aa24a971eaa07a66b05c6c6634cb6f777fe584168136923cffb45df
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://xinisterceiling.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
88882
x-xss-protection
0
pragma
public
x-fb-debug
o/QvSw2CN1/00GMCWVl78m0Oy+POxw08XAC0hXnfGt3CZ8XMm73BAfkxk3JrQQC0ygEj+YAIFaI0Zds/RbPQLQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Tue, 17 May 2022 13:32:00 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		190 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-JMJ044GLKX&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NK3N874
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f5cec1997755ea41c73b2074b14e482a2ac6c0bf728464d304a397e0883814c7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://xinisterceiling.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 13:32:00 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
70028
x-xss-protection
0
expires
Tue, 17 May 2022 13:32:00 GMT
1x1.gif
a.mgid.com/ 		43 B
273 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.mgid.com/1x1.gif?id=507061&type=c&tg=&r=https%3A%2F%2Fxinisterceiling.com%2Fffb5a73254b343079aecfa8e26e91d34&utmc=0&utmt=0&nv=1&utms=&utmcp=&utmm=&clid=&cmgid=0&cmtid=0&cmtuid=0&d=1652794320068
Requested by
Host: xinisterceiling.com
URL: https://xinisterceiling.com/ffb5a73254b343079aecfa8e26e91d34
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.134.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://xinisterceiling.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 13:32:00 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif
cf-ray
70ccb774c8150f76-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
/
www.facebook.com/tr/ 		44 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=399694290689525&ev=PageView&dl=https%3A%2F%2Fxinisterceiling.com%2Fffb5a73254b343079aecfa8e26e91d34&rl=https%3A%2F%2Fjadebarns.com%2F&if=false&ts=1652794320141&sw=1600&sh=1200&v=2.9.60&r=stable&ec=0&o=30&fbp=fb.1.1652794320140.1754298127&it=1652794319979&coo=false&exp=p1&rqm=GET
Requested by
Host: xinisterceiling.com
URL: https://xinisterceiling.com/ffb5a73254b343079aecfa8e26e91d34
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://xinisterceiling.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 13:32:00 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
44
expires
Tue, 17 May 2022 13:32:00 GMT
/
www.facebook.com/tr/ 		44 B
212 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=399694290689525&ev=ViewContent&dl=https%3A%2F%2Fxinisterceiling.com%2Fffb5a73254b343079aecfa8e26e91d34&rl=https%3A%2F%2Fjadebarns.com%2F&if=false&ts=1652794320143&sw=1600&sh=1200&v=2.9.60&r=stable&ec=1&o=30&fbp=fb.1.1652794320140.1754298127&it=1652794319979&coo=false&exp=p1&rqm=GET
Requested by
Host: xinisterceiling.com
URL: https://xinisterceiling.com/ffb5a73254b343079aecfa8e26e91d34
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://xinisterceiling.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 13:32:00 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
44
expires
Tue, 17 May 2022 13:32:00 GMT
collect
www.google-analytics.com/g/ 		0
349 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-JMJ044GLKX&gtm=2oe5g0&_p=1884758650&_z=ccd.tfB&cid=1764542319.1652794320&ul=en-us&sr=1600x1200&_s=1&sid=1652794320&sct=1&seg=0&dl=https%3A%2F%2Fxinisterceiling.com%2Fffb5a73254b343079aecfa8e26e91d34&dr=https%3A%2F%2Fjadebarns.com%2F&dt=%5B1%5D%20Ricompensa%20in%20attesa%20-%20Unieuro%20-%20Vogliamo%20la%20tua%20opinione!&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-JMJ044GLKX&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://xinisterceiling.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 May 2022 13:32:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://xinisterceiling.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
init
tr.snapchat.com/ 		126 B
393 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tr.snapchat.com/init?pids=cc25c7df-1e44-4f51-8ff1-8c175d6334c1
Requested by
Host: sc-static.net
URL: https://sc-static.net/scevent.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.226.184 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
184.226.186.35.bc.googleusercontent.com
Software
nginx/1.19.6 /
Resource Hash
d4d2c5c9d0208261f7c2b111958538a938334cef0081ecc6660fc28a9cae2c33
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://xinisterceiling.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 13:32:00 GMT
via
1.1 google
server
nginx/1.19.6
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/json
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
126
is_enabled
tr.snapchat.com/collector/ 		64 B
127 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tr.snapchat.com/collector/is_enabled?pids=cc25c7df-1e44-4f51-8ff1-8c175d6334c1&tld=com
Requested by
Host: sc-static.net
URL: https://sc-static.net/scevent.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.226.184 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
184.226.186.35.bc.googleusercontent.com
Software
nginx/1.19.6 /
Resource Hash
274540bc475c92ab4c0a2d7179573a441c1a15ba0d9363a2e0bd2a207bd7d376
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://xinisterceiling.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 13:32:00 GMT
via
1.1 google
server
nginx/1.19.6
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/json
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
64
i
tr.snapchat.com/cm/ Frame 3B50 		0
241 B 		Document
General
Check archive.org
Download Go to
Full URL
https://tr.snapchat.com/cm/i?pid=cc25c7df-1e44-4f51-8ff1-8c175d6334c1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.226.184 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
184.226.186.35.bc.googleusercontent.com
Software
nginx/1.19.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://xinisterceiling.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
it-IT,it;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
content-type
text/html
date
Tue, 17 May 2022 13:32:00 GMT
server
nginx/1.19.6
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 google
p
tr.snapchat.com/ Frame 60CE 		0
186 B 		Document
General
Check archive.org
Download Go to
Full URL
https://tr.snapchat.com/p
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.226.184 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
184.226.186.35.bc.googleusercontent.com
Software
nginx/1.19.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://xinisterceiling.com
Referer
https://xinisterceiling.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
it-IT,it;q=0.9

Response headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-transform
content-length
0
content-type
text/html
date
Tue, 17 May 2022 13:32:00 GMT
server
nginx/1.19.6
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 google
p
tr.snapchat.com/ Frame 59F8 		0
205 B 		Document
General
Check archive.org
Download Go to
Full URL
https://tr.snapchat.com/p
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.226.184 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
184.226.186.35.bc.googleusercontent.com
Software
nginx/1.19.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://xinisterceiling.com
Referer
https://xinisterceiling.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
it-IT,it;q=0.9

Response headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-transform
content-length
0
content-type
text/html
date
Tue, 17 May 2022 13:32:00 GMT
server
nginx/1.19.6
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 google
v9e118mez8
event.trk-tempore.com/register/event_log/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://event.trk-tempore.com/register/event_log/v9e118mez8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://xinisterceiling.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
https://xinisterceiling.com
access-control-expose-headers
Authorization, Link, X-Total-Count
access-control-max-age
1800
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
70ccb778bdd55fd6-MRS
content-length
0
date
Tue, 17 May 2022 13:32:00 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aCuNUU9iDwRq%2FDMwGrbA8vPGQCWFo9bNdIahwYlvdV1qJhlWi2CXG12arPY5ItdJhDEN2uHGshC2wKgOaNTNlt04OwzcjTjdD%2Fh%2BqChfE3iPpdN0aJocLREqCFAhoZRC2tYlkes6Ft2FNOtOASk9CGo8rDs%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
v9e118mez8
event.trk-tempore.com/register/event_log/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://event.trk-tempore.com/register/event_log/v9e118mez8
Requested by
Host: trk-tempore.com
URL: https://trk-tempore.com/scripts/push/v9e118mez8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src https://* data:; font-src 'self' data:
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://xinisterceiling.com/
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-type
application/json

Response headers

date
Tue, 17 May 2022 13:32:01 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-pushplatformapp-alert
pushPlatformApp.pushSubscription.deleted
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
expires
0
server
cloudflare
x-frame-options
DENY
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LW2U7JYeNenREdnPIe%2Fk1reh42po4%2B2XZktclrWM34e0OaUVf4qT6kQmghxUxkkutb%2FedgY1FdPmY56EbPveEhv2CxpVQfdKCrlcQ%2FM%2FR1IazsEpzdc6mOToeS%2BncoD9A2W4I1qqQoJVD2nLvKaiwChlt3A%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://xinisterceiling.com
access-control-expose-headers
Authorization, Link, X-Total-Count
cache-control
no-cache, no-store, max-age=0, must-revalidate
feature-policy
geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'none'; fullscreen 'self'; payment 'none'
content-security-policy
default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src https://* data:; font-src 'self' data:
access-control-allow-credentials
true
cf-ray
70ccb779db745fc4-MRS
x-pushplatformapp-params
v9e118mez8
event.trk-tempore.com/register/event_log/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://event.trk-tempore.com/register/event_log/v9e118mez8
Requested by
Host: trk-tempore.com
URL: https://trk-tempore.com/scripts/push/v9e118mez8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src https://* data:; font-src 'self' data:
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://xinisterceiling.com/
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-type
application/json

Response headers

date
Tue, 17 May 2022 13:32:01 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-pushplatformapp-alert
pushPlatformApp.pushSubscription.deleted
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
expires
0
server
cloudflare
x-frame-options
DENY
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bbG%2FeoY6RG7t%2FGlWds1tYh1ObyhGEQy889Z0OZuE3OWLib1c5fGNo0LMDu1Ir%2BiyixXvjNlDO65ToYiM4SUziCGAnFoOGtbslwsOjk8hRlcuAfiz%2FCAdFD%2FSXMy5ea7ilthR7yNYIgNQvCeCpEi8rxDRQ9I%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://xinisterceiling.com
access-control-expose-headers
Authorization, Link, X-Total-Count
cache-control
no-cache, no-store, max-age=0, must-revalidate
feature-policy
geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'none'; fullscreen 'self'; payment 'none'
content-security-policy
default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src https://* data:; font-src 'self' data:
access-control-allow-credentials
true
cf-ray
70ccb779db775fc4-MRS
x-pushplatformapp-params
v9e118mez8
event.trk-tempore.com/register/event_log/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://event.trk-tempore.com/register/event_log/v9e118mez8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://xinisterceiling.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
https://xinisterceiling.com
access-control-expose-headers
Authorization, Link, X-Total-Count
access-control-max-age
1800
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
70ccb778bdd65fd6-MRS
content-length
0
date
Tue, 17 May 2022 13:32:00 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lqOlL77g6zzw5eXqz2uGCFZRia6OsL%2B%2FlB2HuSZyMFH73AiDY1NnZORblGHv3NQ9YBxm%2BXEZxOqozY0XlQRHqNcu%2BWoVdgvrIAe9sCFcQmQZCLSkc4hbBbEUL4hiKRiFBp0LZstkaMvPG6fnbfmti9mUppM%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
/
www.facebook.com/tr/ 		44 B
91 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=399694290689525&ev=Microdata&dl=https%3A%2F%2Fxinisterceiling.com%2Fffb5a73254b343079aecfa8e26e91d34&rl=https%3A%2F%2Fjadebarns.com%2F&if=false&ts=1652794321661&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%5B1%5D%20Ricompensa%20in%20attesa%20-%20Unieuro%20-%20Vogliamo%20la%20tua%20opinione!%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.60&r=stable&ec=2&o=30&fbp=fb.1.1652794320140.1754298127&it=1652794319979&coo=false&es=automatic&tm=3&exp=p1&rqm=GET
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://xinisterceiling.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 13:32:01 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority
u=3,i
expires
Tue, 17 May 2022 13:32:01 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Customer Survey Spam (Consumer)

106 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| oncontextlost object| oncontextrestored function| structuredClone function| getScreenDetails object| dataLayer object| MYCALL string| s1 string| s2 string| esource string| pshpub string| pshdomain function| fbq function| _fbq function| snaptr object| r object| MgSensorData function| $ function| jQuery object| bootstrap function| datehax function| startTimer object| google_tag_manager object| snaptrContext boolean| triedToSendCookieToNative object| WebJSBridge object| MgSensor function| MgSensorInvoke function| MgSensorInvoke0 object| _mgq function| _mgqp number| _mgqt number| _mgqi object| _mgr object| _mghl function| urlBase64ToUint8Array function| pullUrlParams function| push_subscribe function| push_subscribe_promise function| setIfNull function| logPushEvent function| push_unsubscribe function| push_init function| setSessionId function| setUtm function| getSessionId function| getUrlVars function| getDomainName function| getStore string| attrChoices string| domain number| count string| pipeline string| zipcode string| state_selected boolean| processing object| states function| birthdayFill function| beforeShowQuestion function| showOfferWall function| createQuestion function| processQuestion function| nextQuestion function| replaceUrlParam function| popunder function| startsurvey number| box_trying boolean| oneclick function| formatPhoneNumber function| switchTypeQuestions function| validatePhone function| validateEmail function| validateZip function| sendZipIp function| validateHeightF function| validateHeightI function| validateWeight function| validateAll function| validateName function| validateLName function| validateBirthday function| days function| daysInMonth function| dashedNumber function| alpha function| validateKeyStrokes function| showStreetState function| leadgenForm function| showDisclaimer function| preventS function| startSurveyU function| createQuestionU function| switchTypeQuestionsU function| nextQuestionU function| validateData function| showStreetStateU number| answered number| prevProgress number| stepsTotal number| progress string| cheerstx string| txt function| cheers function| onYouTubeIframeAPIReady object| google_tag_data object| gaGlobal

13 Cookies

Domain/Path Name / Value
sc-static.net/scevent.min.js Name: X-AB
Value: 0d6e407936704bd380072f5891d28b0e
jadebarns.com/ Name: uid3433
Value: 718864239-20220517093157-6eaa7643bd2305ab93a83b0b293545c5-
hobbydimension.com/ Name: PHPSESSID
Value: ec884a74338281b10e9042ce5e04f6bd
xinisterceiling.com/ Name: PHPSESSID
Value: c7ce264020e21d10162210fedd5008b8
.mgid.com/ Name: __cf_bm
Value: 0RDcu1bSMTrOourOZzHlqCjrR71fI227rQob2SE2wbI-1652794320-0-ATKgnKtkCxvsktcRtcfvqGTw/Nn9FLR1joRb8oV2vXc7F5EsOS6Kyp+fB4IFe0OUR1r5WP3XB0jPDBZUYkzP8Z4=
xinisterceiling.com/ Name: MgidSensorNVis
Value: 1
xinisterceiling.com/ Name: MgidSensorHref
Value: https://xinisterceiling.com/ffb5a73254b343079aecfa8e26e91d34
.xinisterceiling.com/ Name: _fbp
Value: fb.1.1652794320140.1754298127
.facebook.com/ Name: fr
Value: 039uVwandJGNP00Qk..Big6PQ...1.0.Big6PQ.
.xinisterceiling.com/ Name: _ga_JMJ044GLKX
Value: GS1.1.1652794320.1.0.1652794320.0
.xinisterceiling.com/ Name: _ga
Value: GA1.1.1764542319.1652794320
.xinisterceiling.com/ Name: _scid
Value: 6756b5a3-07a5-4340-a776-188f129bac82
.snapchat.com/ Name: sc_at
Value: v2|H4sIAAAAAAAAAAXBgQ0AIAgDsItIAJmMc9D4BcfbalrvgyMXryUaFJZBko9uzatRM7bhWbFcRz9gqFf5MgAAAA==

1 Console Messages

Source Level URL
Text
other error URL: https://xinisterceiling.com/ffb5a73254b343079aecfa8e26e91d34
Message:
Chrome currently does not support the Push API in incognito mode (https://crbug.com/401439). There is deliberately no way to feature-detect this, since incognito mode needs to be undetectable by websites.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.mgid.com
connect.facebook.net
event.trk-tempore.com
fonts.googleapis.com
fonts.gstatic.com
goalonly.com
hobbydimension.com
jadebarns.com
sc-static.net
storage.googleapis.com
tr.snapchat.com
trk-tempore.com
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
xinisterceiling.com
104.19.134.78
13.225.81.245
23.95.56.5
2606:4700:3034::ac43:d374
2a00:1450:4001:808::2010
2a00:1450:4001:811::2008
2a00:1450:4001:828::200e
2a00:1450:4001:829::2003
2a00:1450:4001:829::200a
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
2a06:98c1:3120::a
2a06:98c1:3121::a
35.186.226.184
45.10.23.225
02688d8ada84c500ef44c3f75f2c4846d3208d80ebb52fc8fffa9a74d8204ab8
0ad0615765bf17bdb85ae307eb8f9eee2e1fb0b600117bdd991a1efe9c834078
0d79ca3b13098126f0c0fc76aed54a8acf6e645e62eb5f0ff90571141dfe24b2
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
18b60afc8548639623f2395f3f828b2ea05d029d0218b9632ee85909ef8071f4
1ce63c80e7a42b46fc1a6b4778a62e352a58cfe0477b63ce870c025a86972de7
21e64d024aa24a971eaa07a66b05c6c6634cb6f777fe584168136923cffb45df
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
274540bc475c92ab4c0a2d7179573a441c1a15ba0d9363a2e0bd2a207bd7d376
2b0c81aa2f2e5fda1c499501edad4927ade4d57d5d31887c076e5769e9ea2866
2e47f6803f61ca30955c2dcf1d7b2d7361891cdb2a3ad96d667f71a5079a2931
3c6c0ed2601deeefd179e1922d9f017701169372b21079f842fc67e44022a126
4287b02969d0fe7f047dfa7663cf5fe3635ad92adf1995598297917fe55b18a0
43fccd349655df7497727c1c95d4fd97033f8aaf649067cbafb2b6d2751cf340
4604e524a2131ee561e13c9fe760267a0bbc64ca91027ab92fd355ff4dc1514d
462beb0c8ecb2abb15685c31875f268d166313581df110401c2483fab24a46df
4c24dfd28784ad2befb3dafaac6bf1ed4e7cd58cce713d9a0b228d426e812baf
596505ae2d99cbcc964752ea4c998a6b51c5c829c6b8befd5ec5e90571ac6c0a
5f98f95589e14b4ab6405c1a9dd70832ba177c05cf8aa0bb048cd4f28bd1aba1
5fa43c387ed8adef07c090ddf7d2c5438b6c3fd7a3f220660a5b97c84e247d8e
61b42d041445178ceadcd39ddb288847c067ec6a4893ef68b1b8522bae6d08a8
64536a06077e07e99200b5a606d65548e59c66bee81f7d6def8f68974472b3ec
6bf47a24c5dac584db904c52d08f266326252e4bd193aff24f263c7ed5f0774e
6c916669cf923b4f1b2db5c5107c83b6ca205e7ad0dcd840b251e63f0c8d28a2
6da5cf6e99c9e5b4eac83104070645628b698579cb3b457dbb0097befc548dc2
7080e089dab3a0ae988d8605e0228194997e26bbb43079ac5772315032c966a2
73d373ed5f48efd137d015e250ac11d368fd987b41d6dba88e81578b43e219a2
73e44e6b6361709ef681bf24e7ae89526629221302c2384363c4dec41d5f56d2
7a15c7fd6cff51cb3a08a1b705e578578f16f316835547063e9298a27257936b
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
85e69233cd6795c61fe1383eae608d874ca8a2c87ba21027ebf7eaf238891351
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
aa4b74cc94b96ff49ac4462f2a335fcaf85777e2a8857b805d08da763d8647ff
acbe6770b0fc8b621a9d4f7068b241fb403fe999ea33270931ee59ec4cfdf3f1
acdbb507399cf91d06d28c73e8500279d2b6eb8023cdd86b938ecac324c2fd28
b3b8c21edfe6c5e402fdc607366fd8d15949a65914f58134733dc68922bc8d61
bc4ba5ab1f79419e5c8a06db6d5ed27f78b026617608d8513bdf476bf78e1120
cc1905bb08b8d3a9aed0a6357e9bd7660471de2ef08547eafddbf692ae8d9a82
cfb6708f8e8d5277007f904e261d1e4c7dc1c9240b04bbaccf4ddf472b3cc95a
d4d2c5c9d0208261f7c2b111958538a938334cef0081ecc6660fc28a9cae2c33
d8968086f7509df34c3278563dab87399da4f9dcdfb419818e3a309eedc70b88
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8098c6938d10947bf06e59e59b684daf1ef70c1e520bd7e6d4d85e28ee94f00
ea04fc99345e79b025cc6a1eb2d3ffa4baf7aaee185e49c126fc7459453226fb
ecd93802562255dff45c0aa90f8e57693ce3fc103c8e3033a5c1dbe2d1574769
f5cec1997755ea41c73b2074b14e482a2ac6c0bf728464d304a397e0883814c7
f77c0d1739b618edc4a01ca3f6b2990b01a3009030af49ee8cf68e83052df194