urlscan.io logo urlscan.io
SecurityTrails logo

applecare-findmy.com Open in urlscan Pro
81.88.48.71  Public Scan

Go To Rescan Add Verdict Report
URL: http://applecare-findmy.com/
Submission Tags: @phishunt_io
Submission: On February 05 via api from DE — Scanned from IT
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 13 IPs in 5 countries across 12 domains to perform 39 HTTP transactions. The main IP is 81.88.48.71, located in Italy and belongs to REGISTER-AS, IT. The main domain is applecare-findmy.com.
This is the only time applecare-findmy.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 81.88.48.71 39729 (REGISTER-AS)
1 1 81.88.48.73 39729 (REGISTER-AS)
18 81.88.58.195 39729 (REGISTER-AS)
2 81.88.57.79 39729 (REGISTER-AS)
4 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
2 2001:4de0:ac1... 20446 (HIGHWINDS3)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 4 104.16.107.139 13335 (CLOUDFLAR...)
2 104.18.70.113 13335 (CLOUDFLAR...)
1 2a02:26f0:fe0... 20940 (AKAMAI-ASN1)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a02:26f0:fe0... 20940 (AKAMAI-ASN1)
39 13
1    81.88.48.71 (Italy)

ASN39729 (REGISTER-AS, IT)
applecare-findmy.com
1    81.88.48.73 (Italy)

ASN39729 (REGISTER-AS, IT)
courtesy.nominalia.com
18    81.88.58.195 (Italy)

ASN39729 (REGISTER-AS, IT)
www.nominalia.com
trk.nominalia.com
2    81.88.57.79 (Italy)

ASN39729 (REGISTER-AS, IT)
cmp.teamblue.services
4    2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)
maxcdn.bootstrapcdn.com
1    2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2001:4de0:ac18::1:a:2a (Netherlands)

ASN20446 (HIGHWINDS3, US)
code.jquery.com
1    2a00:1450:4001:813::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
4    104.16.107.139 (None, )

ASN13335 (CLOUDFLARENET, US)
v2.zopim.com
2    104.18.70.113 (None, )

ASN13335 (CLOUDFLARENET, US)
static.zdassets.com
ekr.zdassets.com
1    2a02:26f0:fe00::686e:f042 (Amsterdam, Netherlands)

ASN20940 (AKAMAI-ASN1, NL)
consent.cookiebot.com
1    2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2a02:26f0:fe00:3a5::f09 (Amsterdam, Netherlands)

ASN20940 (AKAMAI-ASN1, NL)
consentcdn.cookiebot.com
Apex Domain
Subdomains		 Transfer
19 nominalia.com
courtesy.nominalia.com
www.nominalia.com — Cisco Umbrella Rank: 691130
trk.nominalia.com
338 KB
4 zopim.com
v2.zopim.com — Cisco Umbrella Rank: 10035
246 KB
4 bootstrapcdn.com
maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 680
100 KB
3 cookiebot.com
consent.cookiebot.com — Cisco Umbrella Rank: 5154
consentcdn.cookiebot.com — Cisco Umbrella Rank: 5916
30 KB
2 zdassets.com
static.zdassets.com — Cisco Umbrella Rank: 2185
ekr.zdassets.com — Cisco Umbrella Rank: 2460
7 KB
2 gstatic.com
fonts.gstatic.com
26 KB
2 jquery.com
code.jquery.com — Cisco Umbrella Rank: 584
37 KB
2 teamblue.services
cmp.teamblue.services — Cisco Umbrella Rank: 434481
35 KB
1 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 42
20 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 78
37 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 47
1 KB
1 applecare-findmy.com
applecare-findmy.com
1 KB
39 12
Domain Requested by
13 www.nominalia.com applecare-findmy.com
www.nominalia.com
5 trk.nominalia.com www.nominalia.com
trk.nominalia.com
4 v2.zopim.com 2 redirects v2.zopim.com
4 maxcdn.bootstrapcdn.com www.nominalia.com
maxcdn.bootstrapcdn.com
2 consentcdn.cookiebot.com consent.cookiebot.com
2 fonts.gstatic.com fonts.googleapis.com
2 code.jquery.com www.nominalia.com
2 cmp.teamblue.services www.nominalia.com
cmp.teamblue.services
1 ekr.zdassets.com v2.zopim.com
1 www.google-analytics.com www.googletagmanager.com
1 consent.cookiebot.com cmp.teamblue.services
1 static.zdassets.com www.nominalia.com
1 www.googletagmanager.com www.nominalia.com
1 fonts.googleapis.com www.nominalia.com
1 courtesy.nominalia.com 1 redirects
1 applecare-findmy.com
39 16

This site contains no links.

Subject Issuer Validity Valid
*.nominalia.com
Sectigo RSA Organization Validation Secure Server CA		 2021-04-12 -
2022-05-09		 a year crt.sh
*.teamblue.services
Sectigo RSA Domain Validation Secure Server CA		 2021-12-22 -
2023-01-22		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-01-29 -
2023-01-29		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-01-10 -
2022-04-04		 3 months crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2021-07-14 -
2022-08-14		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-01-10 -
2022-04-04		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-01-10 -
2022-04-04		 3 months crt.sh
consent.cookiebot.com
DigiCert ECC Extended Validation Server CA		 2020-06-11 -
2022-06-11		 2 years crt.sh
ssl1036557.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2021-07-08 -
2022-07-07		 a year crt.sh
*.cookiebot.com
DigiCert SHA2 Secure Server CA		 2021-07-05 -
2022-07-13		 a year crt.sh
*.zopim.com
Sectigo RSA Domain Validation Secure Server CA		 2021-05-25 -
2022-05-31		 a year crt.sh

This page contains 4 frames:

Primary Page: http://applecare-findmy.com/
Frame ID: 09100E8338A380F1AA54C68443C36B67
Requests: 1 HTTP requests in this frame

Frame: https://www.nominalia.com/pp-dr/?a=b&host=YXBwbGVjYXJlLWZpbmRteS5jb20=
Frame ID: A85591B038B0D5D41FE7FA6E0A0E570D
Requests: 36 HTTP requests in this frame

Frame: https://consentcdn.cookiebot.com/sdk/bc-v3.min.html
Frame ID: 1440B675F0CF40F5BC04B6CEBCDB6849
Requests: 1 HTTP requests in this frame

Frame: https://v2.zopim.com/lib/20200610.071112/__$$__stringtable_lang_es.js
Frame ID: A47BCDF31F742F10515D25E767A06DFC
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • v2\.zopim\.com
Overall confidence: 100%
Detected patterns
  • consent\.cookiebot\.com
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

39
Requests

92 %
HTTPS

57 %
IPv6

12
Domains

16
Subdomains

13
IPs

5
Countries

879 kB
Transfer

2435 kB
Size

5
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://courtesy.nominalia.com/index.html HTTP 302
  • https://www.nominalia.com/pp-dr/?a=b&host=YXBwbGVjYXJlLWZpbmRteS5jb20=
Request Chain 26
  • https://v2.zopim.com/?1rg2JG4TGasCRfOtGVMaUXTSE4gqExc7 HTTP 302
  • https://static.zdassets.com/ekr/asset_composer.js
Request Chain 34
  • https://v2.zopim.com/w?1rg2JG4TGasCRfOtGVMaUXTSE4gqExc7 HTTP 302
  • https://v2.zopim.com/bin/v/widget_v2.329.js

39 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
applecare-findmy.com/ 		924 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://applecare-findmy.com/
Protocol
HTTP/1.1
Server
81.88.48.71 , Italy, ASN39729 (REGISTER-AS, IT),
Reverse DNS
Software
Apache /
Resource Hash
8d8090d8f0b89ea87675ab6f410c956bad82dba87861546114a3331bb35682db

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
it-IT,it;q=0.9

Response headers

Date
Sat, 05 Feb 2022 20:35:15 GMT
Server
Apache
Last-Modified
Wed, 02 Feb 2022 04:11:32 GMT
Accept-Ranges
bytes
Content-Length
924
Connection
close
Content-Type
text/html
Content-Language
es
/
www.nominalia.com/pp-dr/ Frame A855
Redirect Chain
  • http://courtesy.nominalia.com/index.html
  • https://www.nominalia.com/pp-dr/?a=b&host=YXBwbGVjYXJlLWZpbmRteS5jb20=
20 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.nominalia.com/pp-dr/?a=b&host=YXBwbGVjYXJlLWZpbmRteS5jb20=
Requested by
Host: applecare-findmy.com
URL: http://applecare-findmy.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
81.88.58.195 , Italy, ASN39729 (REGISTER-AS, IT),
Reverse DNS
Software
nginx /
Resource Hash
b304265812abcb8b9bbb0b84c50a26132f58c7b51fb94d6c5c94d7fa928a9305
Security Headers
Name Value
Strict-Transport-Security max-age=15768000;

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
it-IT,it;q=0.9
Referer
http://applecare-findmy.com/

Response headers

Server
nginx
Content-Type
text/html; charset=UTF-8
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Last-Modified
Fri, 23 Jun 2017 13:31:54 GMT
Link
<https://www.nominalia.com/wp-json/>; rel="https://api.w.org/" <https://www.nominalia.com/wp-json/wp/v2/pages/3930>; rel="alternate"; type="application/json" <https://www.nominalia.com/?p=3930>; rel=shortlink
Pragma
public
Strict-Transport-Security
max-age=15768000;
Content-Encoding
gzip
Content-Length
7451
Accept-Ranges
bytes
Date
Sat, 05 Feb 2022 20:35:16 GMT

Redirect headers

Date
Sat, 05 Feb 2022 20:35:15 GMT
Server
Apache
Cache-Control
no-cache, must-revalidate
Expires
Sat, 26 Jul 1997 05:00:00 GMT
Location
https://www.nominalia.com/pp-dr/?a=b&host=YXBwbGVjYXJlLWZpbmRteS5jb20=
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
24
Connection
close
Content-Type
text/html
cmp_standalone.min.js
cmp.teamblue.services/js/ Frame A855 		27 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cmp.teamblue.services/js/cmp_standalone.min.js
Requested by
Host: www.nominalia.com
URL: https://www.nominalia.com/pp-dr/?a=b&host=YXBwbGVjYXJlLWZpbmRteS5jb20=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
81.88.57.79 , Italy, ASN39729 (REGISTER-AS, IT),
Reverse DNS
Software
/
Resource Hash
6fcb139b9ac1336ad6ca3d57a855caf0b76672cf2f827f681ec7b5d683da42b2

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.nominalia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 05 Feb 2022 20:35:16 GMT
Content-Encoding
gzip
Last-Modified
Wed, 19 Jan 2022 11:42:04 GMT
ETag
W/"61e7f90c-6ace"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
no-cache, no-store, must-revalidate, proxy-revalidate
Transfer-Encoding
chunked
Expires
Fri, 04 Feb 2022 20:35:16 GMT
bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/ Frame A855 		118 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/bootstrap.min.css
Requested by
Host: www.nominalia.com
URL: https://www.nominalia.com/pp-dr/?a=b&host=YXBwbGVjYXJlLWZpbmRteS5jb20=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eece6e0c65b7007ab0eb1b4998d36dafe381449525824349128efc3f86f4c91c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.nominalia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 05 Feb 2022 20:35:16 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
601, 617, 617
age
24942502
cdn-cachedat
2021-04-23 05:19:26
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
timing-allow-origin
*
access-control-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:03:59 GMT
server
cloudflare
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css; charset=utf-8
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
ea263b1a0de5df76db4de25cdfdf1cf6
cf-ray
6d8eec9cfa885a13-MXP
cdn-requestcountrycode
EG
cdn-requestpullsuccess
True
/
www.nominalia.com/wp-content/plugins/bwp-minify/min/ Frame A855 		182 KB
30 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.nominalia.com/wp-content/plugins/bwp-minify/min/?f=wp-includes/css/dist/block-library/style.min.css,wp-content/themes/dada/style.css,wp-content/themes/dada-nominalia-child/style.css,wp-content/themes/dada/asset/css/dadaiconfont.css,wp-content/plugins/ht-knowledge-base/css/hkb-style.css
Requested by
Host: www.nominalia.com
URL: https://www.nominalia.com/pp-dr/?a=b&host=YXBwbGVjYXJlLWZpbmRteS5jb20=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
81.88.58.195 , Italy, ASN39729 (REGISTER-AS, IT),
Reverse DNS
Software
nginx /
Resource Hash
160deaa600133ca2ea8711ffd391521e4ca5340cc33f2f3ab9a730e2389aef41
Security Headers
Name Value
Strict-Transport-Security max-age=15768000;
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.nominalia.com/pp-dr/?a=b&host=YXBwbGVjYXJlLWZpbmRteS5jb20=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
public
Strict-Transport-Security
max-age=15768000;
Content-Encoding
gzip
Vary
Accept-Encoding
Last-Modified
Mon, 13 Dec 2021 15:20:44 GMT
Server
nginx
Date
Sat, 05 Feb 2022 20:35:16 GMT
X-Frame-Options
SAMEORIGIN
Content-Type
text/css; charset=utf-8
Cache-Control
max-age=3600, public
Accept-Ranges
bytes
Content-Length
30084
Expires
Sat, 05 Feb 2022 10:58:16 GMT
/
www.nominalia.com/wp-content/plugins/bwp-minify/min/ Frame A855 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.nominalia.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/wpml-cms-nav/res/css/cms-navigation-base.css,wp-content/plugins/wpml-cms-nav/res/css/cms-navigation.css
Requested by
Host: www.nominalia.com
URL: https://www.nominalia.com/pp-dr/?a=b&host=YXBwbGVjYXJlLWZpbmRteS5jb20=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
81.88.58.195 , Italy, ASN39729 (REGISTER-AS, IT),
Reverse DNS
Software
nginx /
Resource Hash
4cc741e84623bf9124d0e71b5cf44b6e97b06639c3acbd561a05c45758a04c2d
Security Headers
Name Value
Strict-Transport-Security max-age=15768000;
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.nominalia.com/pp-dr/?a=b&host=YXBwbGVjYXJlLWZpbmRteS5jb20=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
public
Strict-Transport-Security
max-age=15768000;
Content-Encoding
gzip
Vary
Accept-Encoding
Last-Modified
Mon, 13 Dec 2021 15:20:43 GMT
Server
nginx
Date
Sat, 05 Feb 2022 20:35:16 GMT
X-Frame-Options
SAMEORIGIN
Content-Type
text/css; charset=utf-8
Cache-Control
max-age=3600, public
Accept-Ranges
bytes
Content-Length
960
Expires
Sat, 05 Feb 2022 10:58:16 GMT
css
fonts.googleapis.com/ Frame A855 		11 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Source+Sans+Pro:300,400,600,300italic,400italic
Requested by
Host: www.nominalia.com
URL: https://www.nominalia.com/pp-dr/?a=b&host=YXBwbGVjYXJlLWZpbmRteS5jb20=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
0990ff52738911fe753dda4662d163dcd81942c1d871cf6072a86edf3c350f95
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.nominalia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 05 Feb 2022 20:35:16 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Sat, 05 Feb 2022 20:35:16 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 05 Feb 2022 20:35:16 GMT
font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.4.0/css/ Frame A855 		26 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.4.0/css/font-awesome.min.css
Requested by
Host: www.nominalia.com
URL: https://www.nominalia.com/pp-dr/?a=b&host=YXBwbGVjYXJlLWZpbmRteS5jb20=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
936ffccdc35bc55221e669d0e76034af76ba8c080c1b1149144dbbd3b5311829
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.nominalia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 05 Feb 2022 20:35:16 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
632, 617, 617
age
24942692
cdn-cachedat
2021-04-23 05:20:52
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
timing-allow-origin
*
access-control-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:04:54 GMT
server
cloudflare
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css; charset=utf-8
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
726f4de9063d90cfccc8333857a99b0b
cf-ray
6d8eec9cfa8e5a13-MXP
cdn-requestcountrycode
EG
cdn-requestpullsuccess
True
jquery-1.12.3.min.js
code.jquery.com/ Frame A855 		95 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-1.12.3.min.js?ver=1.12.3
Requested by
Host: www.nominalia.com
URL: https://www.nominalia.com/pp-dr/?a=b&host=YXBwbGVjYXJlLWZpbmRteS5jb20=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:2a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
69a3831c082fc105b56c53865cc797fa90b83d920fb2f9f6875b00ad83a18174

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.nominalia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 05 Feb 2022 20:35:16 GMT
content-encoding
gzip
last-modified
Fri, 20 Aug 2021 17:47:53 GMT
server
nginx
etag
W/"611feac9-17b9c"
vary
Accept-Encoding
x-hw
1644093316.dop210.ml1.t,1644093316.cds208.ml1.hn,1644093316.cds027.ml1.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
33773
/
www.nominalia.com/wp-content/plugins/bwp-minify/min/ Frame A855 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.nominalia.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/sitepress-multilingual-cms/templates/language-switchers/legacy-dropdown/script.min.js,wp-content/themes/dada/asset/js/dada-marketing-automation.js,wp-content/themes/dada/asset/js/dada-tracking-standalone.js
Requested by
Host: www.nominalia.com
URL: https://www.nominalia.com/pp-dr/?a=b&host=YXBwbGVjYXJlLWZpbmRteS5jb20=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
81.88.58.195 , Italy, ASN39729 (REGISTER-AS, IT),
Reverse DNS
Software
nginx /
Resource Hash
7d39ed9ccccda035a76c539cd67d1590c9b5e4921dbe1bfc77db0f980209a43b
Security Headers
Name Value
Strict-Transport-Security max-age=15768000;
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.nominalia.com/pp-dr/?a=b&host=YXBwbGVjYXJlLWZpbmRteS5jb20=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
public
Strict-Transport-Security
max-age=15768000;
Content-Encoding
gzip
Vary
Accept-Encoding
Last-Modified
Mon, 13 Dec 2021 15:20:43 GMT
Server
nginx
Date
Sat, 05 Feb 2022 20:35:16 GMT
X-Frame-Options
SAMEORIGIN
Content-Type
application/x-javascript; charset=utf-8
Cache-Control
max-age=3600, public
Accept-Ranges
bytes
Content-Length
664
Expires
Sat, 05 Feb 2022 10:58:16 GMT
jquery-migrate-1.4.0.min.js
code.jquery.com/ Frame A855 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-migrate-1.4.0.min.js?ver=1.4.0
Requested by
Host: www.nominalia.com
URL: https://www.nominalia.com/pp-dr/?a=b&host=YXBwbGVjYXJlLWZpbmRteS5jb20=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:2a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
9f176243815d4e6dbc79434d408273e49a1d4cc085e7f977da0e4bc1f530654a

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.nominalia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 05 Feb 2022 20:35:16 GMT
content-encoding
gzip
last-modified
Fri, 20 Aug 2021 17:47:53 GMT
server
nginx
etag
W/"611feac9-25a0"
vary
Accept-Encoding
x-hw
1644093316.dop210.ml1.t,1644093316.cds208.ml1.hn,1644093316.cds015.ml1.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
3885
bootstrap.min.js
maxcdn.bootstrapcdn.com/bootstrap/3.3.6/js/ Frame A855 		36 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/3.3.6/js/bootstrap.min.js?ver=3.3.6
Requested by
Host: www.nominalia.com
URL: https://www.nominalia.com/pp-dr/?a=b&host=YXBwbGVjYXJlLWZpbmRteS5jb20=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2979f9a6e32fc42c3e7406339ee9fe76b31d1b52059776a02b4a7fa6a4fd280a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.nominalia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 05 Feb 2022 20:35:16 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
722, 617, 617, 617
age
14786125
cdn-cachedat
2021-07-24 16:51:28
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
timing-allow-origin
*
access-control-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:03:59 GMT
server
cloudflare
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
9fd1416ecc326578e1389e33b018dc3b
cf-ray
6d8eec9cfa945a13-MXP
cdn-requestcountrycode
EG
cdn-status
200
cdn-requestpullsuccess
True
logo.png
www.nominalia.com/_img/header/ Frame A855 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.nominalia.com/_img/header/logo.png
Requested by
Host: www.nominalia.com
URL: https://www.nominalia.com/pp-dr/?a=b&host=YXBwbGVjYXJlLWZpbmRteS5jb20=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
81.88.58.195 , Italy, ASN39729 (REGISTER-AS, IT),
Reverse DNS
Software
Apache /
Resource Hash
57c16fc8118933085c652a906280846205b7eb5d799c6cda06feed63f629f18b
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://*.nominalia.com/
Strict-Transport-Security max-age=15768000;
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.nominalia.com/pp-dr/?a=b&host=YXBwbGVjYXJlLWZpbmRteS5jb20=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Strict-Transport-Security
max-age=15768000;
Vary
X-Forwarded-Proto
Last-Modified
Tue, 09 Mar 2021 09:49:32 GMT
Server
Apache
ETag
"63105d3a-6ab-5bd17779d4604"
X-Frame-Options
SAMEORIGIN
Access-Control-Allow-Methods
GET,PUT,POST,DELETE
Content-Type
image/png
Access-Control-Allow-Credentials
true
Content-Security-Policy
frame-ancestors 'self' https://*.nominalia.com/
Accept-Ranges
bytes, bytes
Content-Length
1707
Date
Sat, 05 Feb 2022 20:35:16 GMT
parking_Icon_01.png
www.nominalia.com/wp-content/uploads/2016/10/ Frame A855 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.nominalia.com/wp-content/uploads/2016/10/parking_Icon_01.png
Requested by
Host: www.nominalia.com
URL: https://www.nominalia.com/pp-dr/?a=b&host=YXBwbGVjYXJlLWZpbmRteS5jb20=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
81.88.58.195 , Italy, ASN39729 (REGISTER-AS, IT),
Reverse DNS
Software
nginx /
Resource Hash
bab98a0bc951ea3e14b11907d25b7c8b52afac5d3b7fc818e22733c52837d601
Security Headers
Name Value
Strict-Transport-Security max-age=15768000;
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.nominalia.com/pp-dr/?a=b&host=YXBwbGVjYXJlLWZpbmRteS5jb20=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
public
Strict-Transport-Security
max-age=15768000;
Last-Modified
Tue, 11 Oct 2016 07:37:10 GMT
Server
nginx
ETag
"57fc96a6-52d"
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Cache-Control
max-age=31536000, max-age=31536000, public
Date
Sat, 05 Feb 2022 20:35:17 GMT
Accept-Ranges
bytes
Content-Length
1325
Expires
Sun, 05 Feb 2023 09:58:17 GMT
parking_Icon_02.png
www.nominalia.com/wp-content/uploads/2016/10/ Frame A855 		959 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.nominalia.com/wp-content/uploads/2016/10/parking_Icon_02.png
Requested by
Host: www.nominalia.com
URL: https://www.nominalia.com/pp-dr/?a=b&host=YXBwbGVjYXJlLWZpbmRteS5jb20=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
81.88.58.195 , Italy, ASN39729 (REGISTER-AS, IT),
Reverse DNS
Software
nginx /
Resource Hash
2ee67eba3d4ba8702727f8b286a883b2763635f3d16cbd5341416075953f37b7
Security Headers
Name Value
Strict-Transport-Security max-age=15768000;
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.nominalia.com/pp-dr/?a=b&host=YXBwbGVjYXJlLWZpbmRteS5jb20=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
public
Strict-Transport-Security
max-age=15768000;
Last-Modified
Tue, 11 Oct 2016 07:37:10 GMT
Server
nginx
ETag
"57fc96a6-3bf"
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Cache-Control
max-age=31536000, max-age=31536000, public
Date
Sat, 05 Feb 2022 20:35:17 GMT
Accept-Ranges
bytes
Content-Length
959
Expires
Sun, 05 Feb 2023 09:58:17 GMT
/
www.nominalia.com/wp-content/plugins/bwp-minify/min/ Frame A855 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.nominalia.com/wp-content/plugins/bwp-minify/min/?f=wp-content/themes/dada/asset/js/lib/jquery.mobile.touch.js,wp-includes/js/wp-embed.min.js,wp-content/themes/dada/asset/js/dada-www.js,wp-content/themes/dada/asset/js/dada-request-collector.js,wp-content/themes/dada/asset/js/dada-language.js
Requested by
Host: www.nominalia.com
URL: https://www.nominalia.com/pp-dr/?a=b&host=YXBwbGVjYXJlLWZpbmRteS5jb20=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
81.88.58.195 , Italy, ASN39729 (REGISTER-AS, IT),
Reverse DNS
Software
nginx /
Resource Hash
21232688464cf7449144cf8af2d010eacfad1e2c44f823433f16daad4c3c8cf0
Security Headers
Name Value
Strict-Transport-Security max-age=15768000;
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.nominalia.com/pp-dr/?a=b&host=YXBwbGVjYXJlLWZpbmRteS5jb20=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
public
Strict-Transport-Security
max-age=15768000;
Content-Encoding
gzip
Vary
Accept-Encoding
Last-Modified
Mon, 13 Dec 2021 15:20:44 GMT
Server
nginx
Date
Sat, 05 Feb 2022 20:35:16 GMT
X-Frame-Options
SAMEORIGIN
Content-Type
application/x-javascript; charset=utf-8
Cache-Control
max-age=3600, public
Accept-Ranges
bytes
Content-Length
6357
Expires
Sat, 05 Feb 2022 10:58:17 GMT
jquery.cookie.js
www.nominalia.com/_js/cookiecuttr/ Frame A855 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.nominalia.com/_js/cookiecuttr/jquery.cookie.js
Requested by
Host: www.nominalia.com
URL: https://www.nominalia.com/pp-dr/?a=b&host=YXBwbGVjYXJlLWZpbmRteS5jb20=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
81.88.58.195 , Italy, ASN39729 (REGISTER-AS, IT),
Reverse DNS
Software
Apache /
Resource Hash
5dcc1f650548dab92380f10aee2a8c4c878ece063b5d4201c1205b3a343f9a8b
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://*.nominalia.com/
Strict-Transport-Security max-age=15768000;
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.nominalia.com/pp-dr/?a=b&host=YXBwbGVjYXJlLWZpbmRteS5jb20=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Strict-Transport-Security
max-age=15768000;
Content-Encoding
gzip
Vary
X-Forwarded-Proto,Accept-Encoding
Last-Modified
Wed, 10 Nov 2021 11:07:51 GMT
Server
Apache
ETag
"694697d6-c38-5d06d3ca4cfc0"
X-Frame-Options
SAMEORIGIN
Access-Control-Allow-Methods
GET,PUT,POST,DELETE
Content-Type
application/javascript
Access-Control-Allow-Credentials
true
Content-Security-Policy
frame-ancestors 'self' https://*.nominalia.com/
Accept-Ranges
bytes, bytes
Content-Length
1374
Date
Sat, 05 Feb 2022 20:35:16 GMT
cmp_all.min.js
cmp.teamblue.services/js/ Frame A855 		68 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cmp.teamblue.services/js/cmp_all.min.js?v=1.0.28
Requested by
Host: cmp.teamblue.services
URL: https://cmp.teamblue.services/js/cmp_standalone.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
81.88.57.79 , Italy, ASN39729 (REGISTER-AS, IT),
Reverse DNS
Software
/
Resource Hash
78d863b1cc219e65f19b31201fa493f11cbc09950d480e09aa2316d883de8758

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.nominalia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Sat, 05 Feb 2022 20:35:16 GMT
Content-Encoding
gzip
Last-Modified
Sun, 16 Jan 2022 13:57:51 GMT
ETag
W/"61e4245f-10ff7"
Vary
Accept-Encoding
Access-Control-Allow-Methods
DELETE, GET, HEAD, POST, PUT, OPTIONS
Content-Type
application/javascript
Transfer-Encoding
chunked
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept, X-CSRF-TOKEN
wp-emoji-release.min.js
www.nominalia.com/wp-includes/js/ Frame A855 		14 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.nominalia.com/wp-includes/js/wp-emoji-release.min.js?ver=5.7.1
Requested by
Host: www.nominalia.com
URL: https://www.nominalia.com/pp-dr/?a=b&host=YXBwbGVjYXJlLWZpbmRteS5jb20=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
81.88.58.195 , Italy, ASN39729 (REGISTER-AS, IT),
Reverse DNS
Software
nginx /
Resource Hash
0c5f584d1ea2c3313dc8c55824c2a572d3cf2eae87c5ca62a58e598aec9ddb5c
Security Headers
Name Value
Strict-Transport-Security max-age=15768000;
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.nominalia.com/pp-dr/?a=b&host=YXBwbGVjYXJlLWZpbmRteS5jb20=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
public
Strict-Transport-Security
max-age=15768000;
Last-Modified
Mon, 13 Dec 2021 15:20:44 GMT
Server
nginx
ETag
"61b764cc-3795"
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Cache-Control
max-age=31536000, max-age=31536000, public
Date
Sat, 05 Feb 2022 20:35:17 GMT
Accept-Ranges
bytes
Content-Length
14229
Expires
Sun, 05 Feb 2023 09:58:17 GMT
base_buttons.css
www.nominalia.com/_css/ Frame A855 		21 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.nominalia.com/_css/base_buttons.css
Requested by
Host: www.nominalia.com
URL: https://www.nominalia.com/wp-content/plugins/bwp-minify/min/?f=wp-includes/css/dist/block-library/style.min.css,wp-content/themes/dada/style.css,wp-content/themes/dada-nominalia-child/style.css,wp-content/themes/dada/asset/css/dadaiconfont.css,wp-content/plugins/ht-knowledge-base/css/hkb-style.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
81.88.58.195 , Italy, ASN39729 (REGISTER-AS, IT),
Reverse DNS
Software
Apache /
Resource Hash
493e9cd4bcb38a33457c9f036d24cd28d700c719da0d0b6a21d1131dbfdaa194
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://*.nominalia.com/
Strict-Transport-Security max-age=15768000;
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.nominalia.com/wp-content/plugins/bwp-minify/min/?f=wp-includes/css/dist/block-library/style.min.css,wp-content/themes/dada/style.css,wp-content/themes/dada-nominalia-child/style.css,wp-content/themes/dada/asset/css/dadaiconfont.css,wp-content/plugins/ht-knowledge-base/css/hkb-style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Strict-Transport-Security
max-age=15768000;
Content-Encoding
gzip
Vary
X-Forwarded-Proto,Accept-Encoding
Last-Modified
Wed, 10 Nov 2021 11:08:01 GMT
Server
Apache
ETag
"6f5ccf17-55d9-5d06d3d3d6640"
X-Frame-Options
SAMEORIGIN
Access-Control-Allow-Methods
GET,PUT,POST,DELETE
Content-Type
text/css
Access-Control-Allow-Credentials
true
Content-Security-Policy
frame-ancestors 'self' https://*.nominalia.com/
Accept-Ranges
bytes, bytes
Content-Length
3730
Date
Sat, 05 Feb 2022 20:35:16 GMT
skeletor.js
trk.nominalia.com/js/ Frame A855 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://trk.nominalia.com/js/skeletor.js
Requested by
Host: www.nominalia.com
URL: https://www.nominalia.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/sitepress-multilingual-cms/templates/language-switchers/legacy-dropdown/script.min.js,wp-content/themes/dada/asset/js/dada-marketing-automation.js,wp-content/themes/dada/asset/js/dada-tracking-standalone.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
81.88.58.195 , Italy, ASN39729 (REGISTER-AS, IT),
Reverse DNS
Software
/
Resource Hash
bb3b4b6ffe3ee6e9988bb1a0205b2eb45ded17b613b6c0d1f94ca4ca3af6b1bb

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.nominalia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 05 Feb 2022 20:35:17 GMT
Content-Encoding
gzip
Last-Modified
Mon, 17 Jan 2022 13:03:07 GMT
ETag
W/"61e5690b-91b5"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
no-cache, no-store, must-revalidate, proxy-revalidate
Transfer-Encoding
chunked
Expires
Fri, 04 Feb 2022 20:35:17 GMT
gtm.js
www.googletagmanager.com/ Frame A855 		95 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WH9LDRH
Requested by
Host: www.nominalia.com
URL: https://www.nominalia.com/pp-dr/?a=b&host=YXBwbGVjYXJlLWZpbmRteS5jb20=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f31396c0865f08042c37dff49ffd6040f814fe62280ed5f23f12015874efe0c3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.nominalia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 05 Feb 2022 20:35:17 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37745
x-xss-protection
0
last-modified
Sat, 05 Feb 2022 18:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 05 Feb 2022 20:35:17 GMT
CrossBanner_website_001.jpg
www.nominalia.com/wp-content/uploads/2016/10/ Frame A855 		172 KB
173 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.nominalia.com/wp-content/uploads/2016/10/CrossBanner_website_001.jpg
Requested by
Host: www.nominalia.com
URL: https://www.nominalia.com/pp-dr/?a=b&host=YXBwbGVjYXJlLWZpbmRteS5jb20=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
81.88.58.195 , Italy, ASN39729 (REGISTER-AS, IT),
Reverse DNS
Software
nginx /
Resource Hash
288c6793b3bc4a1a0cbdbac39575240b4658b272a098551593e62add15a406b1
Security Headers
Name Value
Strict-Transport-Security max-age=15768000;
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.nominalia.com/pp-dr/?a=b&host=YXBwbGVjYXJlLWZpbmRteS5jb20=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
public
Strict-Transport-Security
max-age=15768000;
Last-Modified
Tue, 11 Oct 2016 07:37:31 GMT
Server
nginx
ETag
"57fc96bb-2b097"
X-Frame-Options
SAMEORIGIN
Content-Type
image/jpeg
Cache-Control
max-age=31536000, max-age=31536000, public
Date
Sat, 05 Feb 2022 20:35:17 GMT
Accept-Ranges
bytes
Content-Length
176279
Expires
Sun, 05 Feb 2023 09:58:17 GMT
fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.4.0/fonts/ Frame A855 		63 KB
64 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.4.0/fonts/fontawesome-webfont.woff2?v=4.4.0
Requested by
Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.4.0/css/font-awesome.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3c4a1bb7ce3234407184f0d80cc4dec075e4ad616b44dcc5778e1cfb1bc24019
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://maxcdn.bootstrapcdn.com/font-awesome/4.4.0/css/font-awesome.min.css
Origin
https://www.nominalia.com
Accept-Language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 05 Feb 2022 20:35:17 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
756
age
364024
cdn-proxyver
1.02
cdn-cachedat
12/27/2021 09:53:28
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
64464
timing-allow-origin
*
access-control-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:04:54 GMT
server
cloudflare
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
font/woff2
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
e96e55c42b521f563fd5d9e1330d21f0
accept-ranges
bytes
cf-ray
6d8eec9f8a3af933-MXP
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
6xKydSBYKcSV-LCoeQqfX1RYOo3ik4zwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v18/ Frame A855 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v18/6xKydSBYKcSV-LCoeQqfX1RYOo3ik4zwlxdu.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:300,400,600,300italic,400italic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0d14a3a656216743eb1e133b5af93d6eaa98c6260b411a01894323e62166f80f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.nominalia.com
Accept-Language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 01 Feb 2022 03:54:20 GMT
x-content-type-options
nosniff
age
405657
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12936
x-xss-protection
0
last-modified
Wed, 10 Nov 2021 18:10:32 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 01 Feb 2023 03:54:20 GMT
dadaiconfont.woff
www.nominalia.com/wp-content/themes/dada/asset/fonts/ Frame A855 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.nominalia.com/wp-content/themes/dada/asset/fonts/dadaiconfont.woff
Requested by
Host: www.nominalia.com
URL: https://www.nominalia.com/wp-content/plugins/bwp-minify/min/?f=wp-includes/css/dist/block-library/style.min.css,wp-content/themes/dada/style.css,wp-content/themes/dada-nominalia-child/style.css,wp-content/themes/dada/asset/css/dadaiconfont.css,wp-content/plugins/ht-knowledge-base/css/hkb-style.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
81.88.58.195 , Italy, ASN39729 (REGISTER-AS, IT),
Reverse DNS
Software
nginx /
Resource Hash
3c7538979141f84163dac40ce27d4c79e6610b6c65586f98a72071f2ccb5691b
Security Headers
Name Value
Strict-Transport-Security max-age=15768000;
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.nominalia.com/wp-content/plugins/bwp-minify/min/?f=wp-includes/css/dist/block-library/style.min.css,wp-content/themes/dada/style.css,wp-content/themes/dada-nominalia-child/style.css,wp-content/themes/dada/asset/css/dadaiconfont.css,wp-content/plugins/ht-knowledge-base/css/hkb-style.css
Origin
https://www.nominalia.com
Accept-Language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
public
Strict-Transport-Security
max-age=15768000;
Last-Modified
Mon, 13 Dec 2021 15:20:42 GMT
Server
nginx
ETag
"61b764ca-4378"
X-Frame-Options
SAMEORIGIN
Content-Type
application/font-woff
Cache-Control
max-age=31536000, max-age=31536000, public
Date
Sat, 05 Feb 2022 20:35:16 GMT
Accept-Ranges
bytes
Content-Length
17272
Expires
Sun, 05 Feb 2023 09:58:18 GMT
6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v18/ Frame A855 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v18/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:300,400,600,300italic,400italic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
428f1eb7935944229430ac0fdce0033f05d9b8c1c020b87c681dd7a78ab4dd19
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.nominalia.com
Accept-Language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 11:22:37 GMT
x-content-type-options
nosniff
age
292360
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13080
x-xss-protection
0
last-modified
Wed, 10 Nov 2021 18:10:26 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 02 Feb 2023 11:22:37 GMT
asset_composer.js
static.zdassets.com/ekr/ Frame A855
Redirect Chain
  • https://v2.zopim.com/?1rg2JG4TGasCRfOtGVMaUXTSE4gqExc7
  • https://static.zdassets.com/ekr/asset_composer.js
20 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/ekr/asset_composer.js
Requested by
Host: www.nominalia.com
URL: https://www.nominalia.com/pp-dr/?a=b&host=YXBwbGVjYXJlLWZpbmRteS5jb20=
Protocol
H2
Server
104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4eb3d539dd1a33f6b36a83cebe63c9bae149933824859089389bd8b24865768c
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.nominalia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 05 Feb 2022 20:35:17 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
12
x-amz-server-side-encryption
AES256
x-amz-replication-status
PENDING
x-amz-request-id
3TKK1XFR6N3EYJVQ
x-amz-id-2
9I7Ysaa2QE33ht3Qu/WdhPsgf7MKakWxOELtH5ADdpV0rD86xW0VObzvntszt2dIJxmi9/Z9kvE=
last-modified
Sun, 09 Jan 2022 23:14:58 GMT
server
cloudflare
etag
W/"301f9083ec60c9321ec7789c905c3232"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nhuAjQU4IPk4%2BiQ5W3H8hh9GHYJfOgrONCwmWu%2B%2Bu0jSh%2BwepO8A1pXED%2BvBFhbvtHYuEiLx7UCFZ8oD6B75PAM40iktKfFlv0EGB75rGByInBm7YtkHb4BTjNC7I6h%2FqHemU9M%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=3600, s-maxage=60
x-amz-version-id
eRtmMukaHVeYLz0mhHSA_gXrdkW_VnZh
cf-ray
6d8eeca30e235a31-MXP

Redirect headers

date
Sat, 05 Feb 2022 20:35:17 GMT
cf-cache-status
HIT
server
cloudflare
age
5209
etag
"5ee9874c-0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/octet-stream
location
https://static.zdassets.com/ekr/asset_composer.js
cache-control
max-age=14400, max-age=14400, public, must-revalidate, proxy-revalidate
cf-ray
6d8eeca0f9c583a2-MXP
content-length
0
expires
Sat, 05 Feb 2022 23:08:28 GMT
uc.js
consent.cookiebot.com/ Frame A855 		91 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://consent.cookiebot.com/uc.js?v=1.0.28
Requested by
Host: cmp.teamblue.services
URL: https://cmp.teamblue.services/js/cmp_all.min.js?v=1.0.28
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:fe00::686e:f042 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
b83a36d1346d8489971da24ece2daa729160ce4714547bc1db95b0783daef219

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.nominalia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 05 Feb 2022 20:35:17 GMT
content-encoding
gzip
last-modified
Mon, 31 Jan 2022 11:41:02 GMT
etag
"34b3d96c9716d81:0"
vary
Accept-Encoding
content-type
application/javascript
access-control-expose-headers
Request-Context
cache-control
public, max-age=158
request-context
appId=cid-v1:89f47f4b-bed0-4db8-956b-d6e6dfac3fef
accept-ranges
bytes
content-length
28434
expires
Sat, 05 Feb 2022 20:37:55 GMT
analytics.js
www.google-analytics.com/ Frame A855 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WH9LDRH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.nominalia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
3623
date
Sat, 05 Feb 2022 19:34:54 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Sat, 05 Feb 2022 21:34:54 GMT
he-man_all.min.js
trk.nominalia.com/js/ Frame A855 		162 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://trk.nominalia.com/js/he-man_all.min.js?v=2.1.1&ma=ma_enabled
Requested by
Host: trk.nominalia.com
URL: https://trk.nominalia.com/js/skeletor.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
81.88.58.195 , Italy, ASN39729 (REGISTER-AS, IT),
Reverse DNS
Software
/
Resource Hash
4a9d4e148a61775c520a3c35529e1b08637fb1e590b0974c2b8ea97935b4c7eb

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.nominalia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Sat, 05 Feb 2022 20:35:17 GMT
Content-Encoding
gzip
Last-Modified
Mon, 17 Jan 2022 13:03:07 GMT
ETag
W/"61e5690b-2887f"
Vary
Accept-Encoding
Access-Control-Allow-Methods
DELETE, GET, HEAD, POST, PUT, OPTIONS
Content-Type
application/javascript
Transfer-Encoding
chunked
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept, X-CSRF-TOKEN, X-XSRF-TOKEN
he-man_server
trk.nominalia.com/server/ Frame A855 		0
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trk.nominalia.com/server/he-man_server?tkq=dHJrQ19lU0YlM0R3d3cubm9taW5hbGlhLmNvbSUyNTJGcHAtZHIlMjUyRiUyNnRya0NfZVNVQiUzRHd3dy5ub21pbmFsaWEuY29tJTI2Y0RPTSUzRC5ub21pbmFsaWEuY29tJTI2dHJrQ19lSFIlM0RodHRwJTI1M0ElMjUyRiUyNTJGYXBwbGVjYXJlLWZpbmRteS5jb20lMjUyRiUyNnRya0NfZVVBJTNETW96aWxsYSUyNTJGNS4wJTI1MjAlMjhXaW5kb3dzJTI1MjBOVCUyNTIwMTAuMCUyNTNCJTI1MjBXaW42NCUyNTNCJTI1MjB4NjQlMjklMjUyMEFwcGxlV2ViS2l0JTI1MkY1MzcuMzYlMjUyMCUyOEtIVE1MJTI1MkMlMjUyMGxpa2UlMjUyMEdlY2tvJTI5JTI1MjBDaHJvbWUlMjUyRjk3LjAuNDY5Mi43MSUyNTIwU2FmYXJpJTI1MkY1MzcuMzYlMjZ0cmtDX2xhbiUzRGVuJTI2dHJrQ19lUVMlM0RhJTI1M0RiJTI1MjZob3N0JTI1M0RZWEJ3YkdWallYSmxMV1pwYm1SdGVTNWpiMjAlMjUzRCUyNnRya0NfZnJhZ21lbnQlM0QlMjZlUEFHVkFSUyUzRGJXRWxNMFF4SlRJMmRISnJRMTlzYjJkblpXUWxNMFF3SlRJMmRISnJRMTlvWVhOb0pUTkVNVFkwTkRBNU16TXhPVEUwT0Y5emQzVjRNV3QzWkRaaGJsODVhbk4yZEhZbE1qWjBjbXREWDNCeWNTVXpSREFsTWpaMGNtdERYMlZSVXlVelJHRWxNalV6UkdJbE1qVXlObWh2YzNRbE1qVXpSRmxZUW5kaVIxWnFXVmhLYkV4WFduQmliVkowWlZNMWFtSXlNQ1V5TlRORSUyNnRya19pbnRlcm5hbCUzRGZhbHNlJTI2c2V0TWFpbkNvb2tpZXMlM0R0cnVl
Requested by
Host: www.nominalia.com
URL: https://www.nominalia.com/pp-dr/?a=b&host=YXBwbGVjYXJlLWZpbmRteS5jb20=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
81.88.58.195 , Italy, ASN39729 (REGISTER-AS, IT),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.nominalia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Sat, 05 Feb 2022 20:35:17 GMT
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept, X-CSRF-TOKEN, X-XSRF-TOKEN
Transfer-Encoding
chunked
Access-Control-Allow-Methods
DELETE, GET, HEAD, POST, PUT, OPTIONS
Content-Type
text/html; charset=UTF-8
he-man_messages
trk.nominalia.com/messages/ Frame A855 		0
345 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trk.nominalia.com/messages/he-man_messages?tke=JTdCJTIyaGFzaCUyMiUzQSUyMjE2NDQwOTMzMTkxNDhfc3d1eDFrd2Q2YW5fOWpzdnR2JTIyJTJDJTIyZG9tYWluJTIyJTNBJTIybm9taW5hbGlhLmNvbSUyMiUyQyUyMmZpZWxkJTIyJTNBJTIybWF0aCUyMiUyQyUyMm1vZGUlMjIlM0ElMjJzZXQlMjIlMkMlMjJtZXNzYWdlJTIyJTNBJTdCJTIydHJhY2tlcl92ZXJzaW9uJTIyJTNBJTIyMi4xLjElMjIlMkMlMjJxcyUyMiUzQSU3QiUyMmElMjIlM0ElMjJiJTIyJTJDJTIyaG9zdCUyMiUzQSUyMllYQndiR1ZqWVhKbExXWnBibVJ0ZVM1amIyMCUyMiU3RCUyQyUyMnBhZ2UlMjIlM0ElMjJ3d3cubm9taW5hbGlhLmNvbS9wcC1kci8lMjIlMkMlMjJ1c2VyX2FnZW50JTIyJTNBJTIyTW96aWxsYS81LjAlMjAlMjhXaW5kb3dzJTIwTlQlMjAxMC4wJTNCJTIwV2luNjQlM0IlMjB4NjQlMjklMjBBcHBsZVdlYktpdC81MzcuMzYlMjAlMjhLSFRNTCUyQyUyMGxpa2UlMjBHZWNrbyUyOSUyMENocm9tZS85Ny4wLjQ2OTIuNzElMjBTYWZhcmkvNTM3LjM2JTIyJTJDJTIydHJrX2ludGVybmFsJTIyJTNBZmFsc2UlMkMlMjJyZXNvbHV0aW9uJTIyJTNBJTdCJTIyaGVpZ2h0JTIyJTNBMTIwMCUyQyUyMndpZHRoJTIyJTNBMTYwMCU3RCUyQyUyMmZwJTIyJTNBJTIyMmU5MzAwOTU0YWJhYWUzNjQ2MzE3YzA4NmYzMzM0ZjklMjIlN0QlN0Q=
Requested by
Host: www.nominalia.com
URL: https://www.nominalia.com/pp-dr/?a=b&host=YXBwbGVjYXJlLWZpbmRteS5jb20=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
81.88.58.195 , Italy, ASN39729 (REGISTER-AS, IT),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.nominalia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Sat, 05 Feb 2022 20:35:17 GMT
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept, X-CSRF-TOKEN, X-XSRF-TOKEN
Transfer-Encoding
chunked
Access-Control-Allow-Methods
DELETE, GET, HEAD, POST, PUT, OPTIONS
Content-Type
text/html; charset=UTF-8
1rg2JG4TGasCRfOtGVMaUXTSE4gqExc7
ekr.zdassets.com/compose/zopim_chat/ Frame A855 		194 B
905 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ekr.zdassets.com/compose/zopim_chat/1rg2JG4TGasCRfOtGVMaUXTSE4gqExc7
Requested by
Host: v2.zopim.com
URL: https://v2.zopim.com/?1rg2JG4TGasCRfOtGVMaUXTSE4gqExc7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5dd70f6c8fbdeee7c877dffee19cc2cf5a29f95f70fc449bd3948ccde64ed1f4
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.nominalia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 05 Feb 2022 20:35:18 GMT
content-encoding
br
vary
Origin, Accept-Encoding
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
status
200 OK
access-control-allow-methods
GET, POST, OPTIONS
strict-transport-security
max-age=0
x-request-id
eed014af-d67f-417b-ba89-8e9d07898571
x-runtime
0.003703
server
cloudflare
etag
W/"5dd70f6c8fbdeee7c877dffee19cc2cf"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
7200
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eLH%2F%2BeO3aLrzQNly9im5%2B1SKL3%2FqS99q25BhZ9uLZ789g8t9XsZSGaODcxuRhe4Jv1TavHnxv6rGgFFBAxy0xi6QEzwDn5FXN8PFmpNCVttvBMZ%2Fw0box4hbjuC6twumbz0%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=600, public, s-maxage=60, stale-while-revalidate=600, stale-if-error=3600
cf-ray
6d8eeca5982c0f72-MXP
bc-v3.min.html
consentcdn.cookiebot.com/sdk/ Frame 1440 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://consentcdn.cookiebot.com/sdk/bc-v3.min.html
Requested by
Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js?v=1.0.28
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:fe00:3a5::f09 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
0297ba54fff0a052c5761457790e80dc093b93b152edee473485af46c022ad75

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
it-IT,it;q=0.9
Referer
https://www.nominalia.com/

Response headers

accept-ranges
bytes
content-type
text/html
etag
"b10de1f5f615a79259ac9e34f470ce1d:1615283706.572935"
last-modified
Tue, 09 Mar 2021 09:55:06 GMT
server
AkamaiNetStorage
vary
Accept-Encoding
content-encoding
gzip
cache-control
max-age=23458066
expires
Fri, 04 Nov 2022 08:43:04 GMT
date
Sat, 05 Feb 2022 20:35:18 GMT
content-length
895
server-timing
cdn-cache; desc=HIT edge; dur=1
widget_v2.329.js
v2.zopim.com/bin/v/ Frame A855
Redirect Chain
  • https://v2.zopim.com/w?1rg2JG4TGasCRfOtGVMaUXTSE4gqExc7
  • https://v2.zopim.com/bin/v/widget_v2.329.js
1 MB
244 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://v2.zopim.com/bin/v/widget_v2.329.js
Protocol
H2
Server
104.16.107.139 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
530957eee03e71cadda62cfb394bee08f52325b02d1e30b158fdc645ec56cdcb

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.nominalia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 05 Feb 2022 20:35:18 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 10 Jun 2020 07:11:49 GMT
server
cloudflare
age
499459
etag
W/"5ee087b5-102db5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=315360000
cf-ray
6d8eecaa5f7b83a2-MXP
expires
Tue, 03 Feb 2032 20:35:18 GMT

Redirect headers

date
Sat, 05 Feb 2022 20:35:18 GMT
cf-cache-status
DYNAMIC
server
cloudflare
etag
"5ee9874c-0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
application/octet-stream
location
https://v2.zopim.com/bin/v/widget_v2.329.js
cache-control
max-age=14400, max-age=14400, public, must-revalidate, proxy-revalidate
cf-ray
6d8eeca97c4a83a2-MXP
content-length
0
expires
Sun, 06 Feb 2022 00:35:18 GMT
state.js
consentcdn.cookiebot.com/consentconfig/ca680c8b-54be-484d-a0a9-c71a758786c2/ Frame A855 		30 B
325 B 		Script
General
Check archive.org
Download Go to
Full URL
https://consentcdn.cookiebot.com/consentconfig/ca680c8b-54be-484d-a0a9-c71a758786c2/state.js
Requested by
Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js?v=1.0.28
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:fe00:3a5::f09 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
b97bab9bf4fca8d386ef5fc83cd58b492f2132e2d28053ade2f212a8b151b0c4

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.nominalia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 05 Feb 2022 20:35:18 GMT
content-encoding
gzip
last-modified
Tue, 30 Mar 2021 12:25:12 GMT
server
AkamaiNetStorage
etag
"8fabfd3bb9b067b11ad664181b30fa66:1617107112.22277"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=20385
server-timing
cdn-cache; desc=HIT, edge; dur=17
accept-ranges
bytes
content-length
50
expires
Sun, 06 Feb 2022 02:15:03 GMT
he-man_messages
trk.nominalia.com/messages/ Frame A855 		0
345 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trk.nominalia.com/messages/he-man_messages?tke=JTdCJTIyaGFzaCUyMiUzQSUyMjE2NDQwOTMzMTkxNDhfc3d1eDFrd2Q2YW5fOWpzdnR2JTIyJTJDJTIyZG9tYWluJTIyJTNBJTIybm9taW5hbGlhLmNvbSUyMiUyQyUyMmZpZWxkJTIyJTNBJTIycGVyZm9ybWFuY2UlMjIlMkMlMjJtb2RlJTIyJTNBJTIyc2V0JTIyJTJDJTIybWVzc2FnZSUyMiUzQSU3QiUyMnRpbWluZ3MlMjIlM0ElN0IlMjJwYWdlTG9hZFRpbWUlMjIlM0EzMDg2JTJDJTIyY29ubmVjdFRpbWUlMjIlM0E1NDUlMkMlMjJyZW5kZXJUaW1lJTIyJTNBMTc4MCU3RCUyQyUyMnJlc291cmNlcyUyMiUzQSU3QiUyMm51bWJlciUyMiUzQTMzJTJDJTIyc2l6ZSUyMiUzQTM4MjczNSU3RCUyQyUyMnBhZ2UlMjIlM0ElMjJ3d3cubm9taW5hbGlhLmNvbS9wcC1kci8lMjIlMkMlMjJ1c2VyX2FnZW50JTIyJTNBJTIyTW96aWxsYS81LjAlMjAlMjhXaW5kb3dzJTIwTlQlMjAxMC4wJTNCJTIwV2luNjQlM0IlMjB4NjQlMjklMjBBcHBsZVdlYktpdC81MzcuMzYlMjAlMjhLSFRNTCUyQyUyMGxpa2UlMjBHZWNrbyUyOSUyMENocm9tZS85Ny4wLjQ2OTIuNzElMjBTYWZhcmkvNTM3LjM2JTIyJTdEJTdE
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
81.88.58.195 , Italy, ASN39729 (REGISTER-AS, IT),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.nominalia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Sat, 05 Feb 2022 20:35:18 GMT
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept, X-CSRF-TOKEN, X-XSRF-TOKEN
Transfer-Encoding
chunked
Access-Control-Allow-Methods
DELETE, GET, HEAD, POST, PUT, OPTIONS
Content-Type
text/html; charset=UTF-8
__$$__stringtable_lang_es.js
v2.zopim.com/lib/20200610.071112/ Frame A47B 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://v2.zopim.com/lib/20200610.071112/__$$__stringtable_lang_es.js
Requested by
Host: v2.zopim.com
URL: https://v2.zopim.com/w?1rg2JG4TGasCRfOtGVMaUXTSE4gqExc7
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.16.107.139 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4c8641990bce86df0de51c0b429647575043f8c73d0d6ef02d9b38dd7d3929d1

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.nominalia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 05 Feb 2022 20:35:19 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 10 Jun 2020 07:11:47 GMT
server
cloudflare
age
499200
etag
W/"5ee087b3-180e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=315360000
cf-ray
6d8eecada96c83a2-MXP
expires
Tue, 03 Feb 2032 20:35:19 GMT

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1

5 Cookies

Domain/Path Name / Value
.nominalia.com/ Name: _wicasa
Value: JSON_eyJjaWQiOiJiNTBmOGFiOWVjOTFhMmE0NTg5MTU0ZTkwYWZjZmZjMiIsImNrdGltZSI6IjE2NDQwOTMzMTciLCJzY3AiOiIxIiwicGsiOiJSMDEiLCJja2Jvcm4iOiIxNjQ0MDkzMzE3IiwibGFzdHJlZiI6Ind3dy5ub21pbmFsaWEuY29tXC9wcC1kclwvIiwibGFzdGRvbXNyYyI6IiIsImlzY2xpIjoiMCJ9
.nominalia.com/ Name: _ashkii
Value: JSON_eyJzaWQiOiJiNTBmOGFiOWVjOTFhMmE0NTg5MTU0ZTkwYWZjZmZjMiIsImNrdGltZSI6IjE2NDQwOTMzMTciLCJzc3AiOiIxIiwicHAiOiJSMDEifQ%3D%3D
.nominalia.com/ Name: cookid
Value: b50f8ab9ec91a2a4589154e90afcffc2
.nominalia.com/ Name: dbmFP
Value: b50f8ab9ec91a2a4589154e90afcffc2.R01
.nominalia.com/ Name: dbmPK
Value: b50f8ab9ec91a2a4589154e90afcffc2.R01

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

applecare-findmy.com
cmp.teamblue.services
code.jquery.com
consent.cookiebot.com
consentcdn.cookiebot.com
courtesy.nominalia.com
ekr.zdassets.com
fonts.googleapis.com
fonts.gstatic.com
maxcdn.bootstrapcdn.com
static.zdassets.com
trk.nominalia.com
v2.zopim.com
www.google-analytics.com
www.googletagmanager.com
www.nominalia.com
104.16.107.139
104.18.70.113
2001:4de0:ac18::1:a:2a
2606:4700::6812:bcf
2a00:1450:4001:801::2003
2a00:1450:4001:810::200e
2a00:1450:4001:813::2008
2a00:1450:4001:82b::200a
2a02:26f0:fe00:3a5::f09
2a02:26f0:fe00::686e:f042
81.88.48.71
81.88.48.73
81.88.57.79
81.88.58.195
0297ba54fff0a052c5761457790e80dc093b93b152edee473485af46c022ad75
0990ff52738911fe753dda4662d163dcd81942c1d871cf6072a86edf3c350f95
0c5f584d1ea2c3313dc8c55824c2a572d3cf2eae87c5ca62a58e598aec9ddb5c
0d14a3a656216743eb1e133b5af93d6eaa98c6260b411a01894323e62166f80f
160deaa600133ca2ea8711ffd391521e4ca5340cc33f2f3ab9a730e2389aef41
21232688464cf7449144cf8af2d010eacfad1e2c44f823433f16daad4c3c8cf0
288c6793b3bc4a1a0cbdbac39575240b4658b272a098551593e62add15a406b1
2979f9a6e32fc42c3e7406339ee9fe76b31d1b52059776a02b4a7fa6a4fd280a
2ee67eba3d4ba8702727f8b286a883b2763635f3d16cbd5341416075953f37b7
3c4a1bb7ce3234407184f0d80cc4dec075e4ad616b44dcc5778e1cfb1bc24019
3c7538979141f84163dac40ce27d4c79e6610b6c65586f98a72071f2ccb5691b
428f1eb7935944229430ac0fdce0033f05d9b8c1c020b87c681dd7a78ab4dd19
493e9cd4bcb38a33457c9f036d24cd28d700c719da0d0b6a21d1131dbfdaa194
4a9d4e148a61775c520a3c35529e1b08637fb1e590b0974c2b8ea97935b4c7eb
4c8641990bce86df0de51c0b429647575043f8c73d0d6ef02d9b38dd7d3929d1
4cc741e84623bf9124d0e71b5cf44b6e97b06639c3acbd561a05c45758a04c2d
4eb3d539dd1a33f6b36a83cebe63c9bae149933824859089389bd8b24865768c
530957eee03e71cadda62cfb394bee08f52325b02d1e30b158fdc645ec56cdcb
57c16fc8118933085c652a906280846205b7eb5d799c6cda06feed63f629f18b
5dcc1f650548dab92380f10aee2a8c4c878ece063b5d4201c1205b3a343f9a8b
5dd70f6c8fbdeee7c877dffee19cc2cf5a29f95f70fc449bd3948ccde64ed1f4
69a3831c082fc105b56c53865cc797fa90b83d920fb2f9f6875b00ad83a18174
6fcb139b9ac1336ad6ca3d57a855caf0b76672cf2f827f681ec7b5d683da42b2
78d863b1cc219e65f19b31201fa493f11cbc09950d480e09aa2316d883de8758
7d39ed9ccccda035a76c539cd67d1590c9b5e4921dbe1bfc77db0f980209a43b
8d8090d8f0b89ea87675ab6f410c956bad82dba87861546114a3331bb35682db
936ffccdc35bc55221e669d0e76034af76ba8c080c1b1149144dbbd3b5311829
9f176243815d4e6dbc79434d408273e49a1d4cc085e7f977da0e4bc1f530654a
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
b304265812abcb8b9bbb0b84c50a26132f58c7b51fb94d6c5c94d7fa928a9305
b83a36d1346d8489971da24ece2daa729160ce4714547bc1db95b0783daef219
b97bab9bf4fca8d386ef5fc83cd58b492f2132e2d28053ade2f212a8b151b0c4
bab98a0bc951ea3e14b11907d25b7c8b52afac5d3b7fc818e22733c52837d601
bb3b4b6ffe3ee6e9988bb1a0205b2eb45ded17b613b6c0d1f94ca4ca3af6b1bb
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eece6e0c65b7007ab0eb1b4998d36dafe381449525824349128efc3f86f4c91c
f31396c0865f08042c37dff49ffd6040f814fe62280ed5f23f12015874efe0c3