urlscan.io logo urlscan.io
SecurityTrails logo

www.unlockedfire.co Open in urlscan Pro
173.249.147.120  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.unlockedfire.co/logn./libero-connect/it/index.php
Effective URL: https://www.unlockedfire.co/logn./libero-connect/it/index.php
Submission: On July 06 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 15 IPs in 5 countries across 10 domains to perform 42 HTTP transactions. The main IP is 173.249.147.120, located in United States and belongs to VPSDATACENTER, US. The main domain is www.unlockedfire.co.
TLS certificate: Issued by R11 on June 15th 2024. Valid for: 3 months.
This is the only time www.unlockedfire.co was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Libero (Online)

Domain & IP information

10    173.249.147.120 (United States)

ASN40819 (VPSDATACENTER, US)
www.unlockedfire.co
1    213.209.30.161 (Assago, Italy)

ASN8660 (MATRIX-AS, IT)
www.iolam.it
2    2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
fonts.googleapis.com
1    104.17.24.14 (None, )

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
2    2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
3    142.250.184.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net
securepubads.g.doubleclick.net
1    18.185.191.58 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-185-191-58.eu-central-1.compute.amazonaws.com
italiaonline.profiles.tagger.opecloud.com
7    142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net
pagead2.googlesyndication.com
1    2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
85f8822776bcbe9c80063ab30fe9eeff.safeframe.googlesyndication.com
1    18.245.31.25 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-31-25.fra56.r.cloudfront.net
i3.plug.it
3    2a00:1450:4001:812::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
2    54.171.155.9 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-171-155-9.eu-west-1.compute.amazonaws.com
pixel.adsafeprotected.com
2    2600:9000:223f:b600:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.adsafeprotected.com
4    2600:1f18:1aca:4282:30ea:cde:e42f:989a (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
dt.adsafeprotected.com
Apex Domain
Subdomains		 Transfer
11 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 137
85f8822776bcbe9c80063ab30fe9eeff.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 177
400 KB
10 unlockedfire.co
www.unlockedfire.co
283 KB
8 adsafeprotected.com
pixel.adsafeprotected.com — Cisco Umbrella Rank: 748
static.adsafeprotected.com — Cisco Umbrella Rank: 758
dt.adsafeprotected.com — Cisco Umbrella Rank: 667
107 KB
3 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 235
176 KB
2 gstatic.com
fonts.gstatic.com
32 KB
2 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 469
fonts.googleapis.com — Cisco Umbrella Rank: 83
32 KB
1 plug.it
i3.plug.it — Cisco Umbrella Rank: 667733
918 B
1 opecloud.com
italiaonline.profiles.tagger.opecloud.com — Cisco Umbrella Rank: 299799 Failed
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 268
7 KB
1 iolam.it
www.iolam.it — Cisco Umbrella Rank: 303473
169 KB
42 10
Domain Requested by
10 www.unlockedfire.co 1 redirects www.unlockedfire.co
7 pagead2.googlesyndication.com securepubads.g.doubleclick.net
www.unlockedfire.co
pagead2.googlesyndication.com
4 dt.adsafeprotected.com www.unlockedfire.co
3 tpc.googlesyndication.com www.unlockedfire.co
securepubads.g.doubleclick.net
tpc.googlesyndication.com
3 securepubads.g.doubleclick.net www.unlockedfire.co
securepubads.g.doubleclick.net
2 static.adsafeprotected.com pixel.adsafeprotected.com
www.unlockedfire.co
2 pixel.adsafeprotected.com www.unlockedfire.co
2 fonts.gstatic.com fonts.googleapis.com
1 i3.plug.it www.unlockedfire.co
1 85f8822776bcbe9c80063ab30fe9eeff.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 italiaonline.profiles.tagger.opecloud.com www.unlockedfire.co
1 fonts.googleapis.com www.unlockedfire.co
1 cdnjs.cloudflare.com www.unlockedfire.co
1 ajax.googleapis.com www.unlockedfire.co
1 www.iolam.it www.unlockedfire.co
42 15

This site contains links to these domains. Also see Links.

Domain
pagead2.googlesyndication.com
Subject Issuer Validity Valid
unlockedfire.co
R11		 2024-06-15 -
2024-09-13		 3 months crt.sh
iolam.it
Sectigo RSA Organization Validation Secure Server CA		 2024-01-23 -
2025-01-22		 a year crt.sh
upload.video.google.com
WR2		 2024-06-13 -
2024-09-05		 3 months crt.sh
cdnjs.cloudflare.com
E1		 2024-06-02 -
2024-08-31		 3 months crt.sh
*.gstatic.com
WR2		 2024-06-13 -
2024-09-05		 3 months crt.sh
*.g.doubleclick.net
WR2		 2024-06-13 -
2024-09-05		 3 months crt.sh
*.profiles.tagger.opecloud.com
Amazon RSA 2048 M02		 2023-11-27 -
2024-12-25		 a year crt.sh
*.plug.it
Sectigo RSA Organization Validation Secure Server CA		 2023-12-15 -
2024-12-14		 a year crt.sh
tpc.googlesyndication.com
WR2		 2024-06-13 -
2024-09-05		 3 months crt.sh
fw.adsafeprotected.com
Amazon RSA 2048 M02		 2024-02-28 -
2025-03-29		 a year crt.sh
static.adsafeprotected.com
Amazon RSA 2048 M02		 2024-04-25 -
2025-05-24		 a year crt.sh
dt.adsafeprotected.com
Amazon RSA 2048 M03		 2024-04-25 -
2025-05-23		 a year crt.sh

This page contains 6 frames:

Primary Page: https://www.unlockedfire.co/logn./libero-connect/it/index.php
Frame ID: E88BF363E93C3998A6B400F64C867886
Requests: 31 HTTP requests in this frame

Frame: https://85f8822776bcbe9c80063ab30fe9eeff.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 6D3798B78397565076E79CB0289D614B
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjsszMW5Se-h8Vqr2jDvztluAW9sfifNOs8z2hxxraer1tXLZOkIuVtmB4VIRpsW2RVHowgEYlY903h87sreQTren8OYUBliiRdFUCjQU0ZKyfGNPIQJq8yiivhW-NX6taTGyt4aCpLs9HSRds4Cef-WMcGHVu0B-gJmjD71Ai4BwyQzoQ5fP2KS3Xbp9ypvHXNds1NVOaSCi-a4k1p896RDDoI1f3wycpOe3QWh5IugZpnqIFUAYOyYDwiYIax2lFsBu6zLgg4pwAnTcVp4ASjnfb7DqObGYvCinKScdZzv6gLZVLMCDidtDATWr0TFydIr1ibYJnpy-NnUbojOuAffx9TKjLMXJ3A1VK6W4x7jW-rYGrefnbaYA69q47jyuO8qPP4k&sig=Cg0ArKJSzHj8FtOxM5HAEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Frame ID: AE36F452E8C6A0EA5E431F5B74312FCD
Requests: 6 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=926174&campId=1540x1024&pubId=38840327&chanId=131213447&placementId=6243488770&pubCreative=138425481084&pubOrder=3137833863&cb=1522827703&impId=&ias_adpath=%23adv_click
Frame ID: FFF98F3E59FE97EC47445565A9C905ED
Requests: 2 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.4.js
Frame ID: A89071B58A776504A8D28411AF6986F0
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 59D877FFDF1E9DB98732B953B2884920
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Libero Mail - login

Page URL History Show full URLs

  1. http://www.unlockedfire.co/logn./libero-connect/it/index.php HTTP 307
    https://www.unlockedfire.co/logn./libero-connect/it/index.php Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • /prebid\.js
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

42
Requests

90 %
HTTPS

43 %
IPv6

10
Domains

15
Subdomains

15
IPs

5
Countries

1206 kB
Transfer

2506 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.unlockedfire.co/logn./libero-connect/it/index.php HTTP 307
    https://www.unlockedfire.co/logn./libero-connect/it/index.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 9
  • https://www.unlockedfire.co/logn./libero-connect/it/;);%20background-repeat:%20no-repeat;%20background-color:%20rgb(104,%20231,%20255);%20background-position:%20center%20top; HTTP 301
  • https://www.unlockedfire.co/logn./libero-connect/it/;);%20background-repeat:%20no-repeat;%20background-color:%20rgb(104,%20231,%20255);%20background-position:%20center%20top

42 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request index.php
www.unlockedfire.co/logn./libero-connect/it/
Redirect Chain
  • http://www.unlockedfire.co/logn./libero-connect/it/index.php
  • https://www.unlockedfire.co/logn./libero-connect/it/index.php
6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.unlockedfire.co/logn./libero-connect/it/index.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
173.249.147.120 , United States, ASN40819 (VPSDATACENTER, US),
Reverse DNS
Software
Apache /
Resource Hash
1e7271f832628acc449ce087d6d75f51739b98094a637c4169940287705ba497

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Cache-Control
no-store, no-cache, must-revalidate
Connection
Keep-Alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Sat, 06 Jul 2024 01:08:29 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive
timeout=5, max=100
Pragma
no-cache
Server
Apache
Transfer-Encoding
chunked
Vary
Accept-Encoding

Redirect headers

Location
https://www.unlockedfire.co/logn./libero-connect/it/index.php
Non-Authoritative-Reason
HttpsUpgrades
style.css
www.unlockedfire.co/logn./libero-connect/it/files/ 		26 KB
26 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.unlockedfire.co/logn./libero-connect/it/files/style.css
Requested by
Host: www.unlockedfire.co
URL: https://www.unlockedfire.co/logn./libero-connect/it/index.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
173.249.147.120 , United States, ASN40819 (VPSDATACENTER, US),
Reverse DNS
Software
Apache /
Resource Hash
148c0dcd3eff6305eaffe3600d31334604cc02591259020e54d8835be0e20dfe

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.unlockedfire.co/logn./libero-connect/it/index.php
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sat, 06 Jul 2024 01:08:30 GMT
Last-Modified
Thu, 25 Aug 2022 14:13:24 GMT
Server
Apache
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
26719
jquery.min.js
www.unlockedfire.co/logn./libero-connect/it/files/ 		87 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.unlockedfire.co/logn./libero-connect/it/files/jquery.min.js
Requested by
Host: www.unlockedfire.co
URL: https://www.unlockedfire.co/logn./libero-connect/it/index.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
173.249.147.120 , United States, ASN40819 (VPSDATACENTER, US),
Reverse DNS
Software
Apache /
Resource Hash
c4dccdd9ae25b64078e0c73f273de94f8894d5c99e4741645ece29aeefc9c5a4

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.unlockedfire.co/logn./libero-connect/it/index.php
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sat, 06 Jul 2024 01:08:31 GMT
Last-Modified
Thu, 25 Aug 2022 12:41:28 GMT
Server
Apache
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
89493
placeholders.min.js
www.unlockedfire.co/logn./libero-connect/it/files/ 		4 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.unlockedfire.co/logn./libero-connect/it/files/placeholders.min.js
Requested by
Host: www.unlockedfire.co
URL: https://www.unlockedfire.co/logn./libero-connect/it/index.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
173.249.147.120 , United States, ASN40819 (VPSDATACENTER, US),
Reverse DNS
Software
Apache /
Resource Hash
bb631cb41d70ab6f8a07ab80b053676bca8589e7e1d835827f30e1bffbed91c5

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.unlockedfire.co/logn./libero-connect/it/index.php
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sat, 06 Jul 2024 01:08:31 GMT
Last-Modified
Thu, 25 Aug 2022 12:41:28 GMT
Server
Apache
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
3907
iam2.0.js
www.unlockedfire.co/logn./libero-connect/it/files/ 		139 KB
139 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.unlockedfire.co/logn./libero-connect/it/files/iam2.0.js
Requested by
Host: www.unlockedfire.co
URL: https://www.unlockedfire.co/logn./libero-connect/it/index.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
173.249.147.120 , United States, ASN40819 (VPSDATACENTER, US),
Reverse DNS
Software
Apache /
Resource Hash
6371356d9cb87a361f550a77f374e58eb68a25ab048440a04e11fba1cc575876

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.unlockedfire.co/logn./libero-connect/it/index.php
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sat, 06 Jul 2024 01:08:31 GMT
Last-Modified
Thu, 25 Aug 2022 12:41:28 GMT
Server
Apache
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
141862
prebid.js
www.iolam.it/js/ 		526 KB
169 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.iolam.it/js/prebid.js
Requested by
Host: www.unlockedfire.co
URL: https://www.unlockedfire.co/logn./libero-connect/it/index.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.209.30.161 Assago, Italy, ASN8660 (MATRIX-AS, IT),
Reverse DNS
Software
Apache /
Resource Hash
a942db0887cfca0186ab17377e7c73164877cce08d600036ed051069d612c49c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000;

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.unlockedfire.co/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 01:08:31 GMT
strict-transport-security
max-age=63072000;
content-encoding
gzip
server
Apache
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=86400
accept-ranges
bytes
x-robots-tag
noindex
expires
Sun, 07 Jul 2024 01:08:31 GMT
AdvContent20x20.png
www.unlockedfire.co/logn./libero-connect/it/files/ 		537 B
779 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.unlockedfire.co/logn./libero-connect/it/files/AdvContent20x20.png
Requested by
Host: www.unlockedfire.co
URL: https://www.unlockedfire.co/logn./libero-connect/it/index.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
173.249.147.120 , United States, ASN40819 (VPSDATACENTER, US),
Reverse DNS
Software
Apache /
Resource Hash
68cfa5d1e626ad1796c8c8db8276c8196f7235100b9ae6f7380a4f8920bd994c

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.unlockedfire.co/logn./libero-connect/it/index.php
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sat, 06 Jul 2024 01:08:31 GMT
Last-Modified
Mon, 14 Mar 2022 14:18:42 GMT
Server
Apache
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
537
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.6.0/ 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js
Requested by
Host: www.unlockedfire.co
URL: https://www.unlockedfire.co/logn./libero-connect/it/index.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.unlockedfire.co/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Jul 2024 14:13:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
125681
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31017
x-xss-protection
0
last-modified
Wed, 10 Mar 2021 14:28:09 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 04 Jul 2025 14:13:49 GMT
jquery.validate.min.js
cdnjs.cloudflare.com/ajax/libs/jquery-validate/1.19.5/ 		24 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery-validate/1.19.5/jquery.validate.min.js
Requested by
Host: www.unlockedfire.co
URL: https://www.unlockedfire.co/logn./libero-connect/it/index.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
270524b0d27afd1d3b6622d1a176c678daed94564c143297e217a63e21ce9820
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.unlockedfire.co/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 01:08:31 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1325655
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
7032
last-modified
Fri, 01 Jul 2022 15:30:23 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"62bf130f-1b78"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iseQb%2F%2BzUzNmCJ8WgHy%2FRfiEumPPi7bOhGsG27pwPFNz30CFPyb%2FQ1V3332vXuwAdoK1GMZeOTZUJFYPvru6rVuxsOAaT21JxPxMHDyAIQaoVewYHJDOes2meT%2FQXhjSsjYgHw%2BA"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
89ebb43eb8743674-FRA
expires
Thu, 26 Jun 2025 01:08:31 GMT
css2
fonts.googleapis.com/ 		7 KB
998 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@300;400;500&display=swap
Requested by
Host: www.unlockedfire.co
URL: https://www.unlockedfire.co/logn./libero-connect/it/files/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
694adc42b1e12c4edc69f43c2aaafea20e28d55d4ee73c3505cd1bf8b90e3452
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.unlockedfire.co/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Sat, 06 Jul 2024 01:08:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 05 Jul 2024 23:17:26 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 06 Jul 2024 01:08:31 GMT
;);%20background-repeat:%20no-repeat;%20background-color:%20rgb(104,%20231,%20255);%20background-position:%20center%20top
www.unlockedfire.co/logn./libero-connect/it/
Redirect Chain
  • https://www.unlockedfire.co/logn./libero-connect/it/;);%20background-repeat:%20no-repeat;%20background-color:%20rgb(104,%20231,%20255);%20background-position:%20center%20top;
  • https://www.unlockedfire.co/logn./libero-connect/it/;);%20background-repeat:%20no-repeat;%20background-color:%20rgb(104,%20231,%20255);%20background-position:%20center%20top
16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.unlockedfire.co/logn./libero-connect/it/;);%20background-repeat:%20no-repeat;%20background-color:%20rgb(104,%20231,%20255);%20background-position:%20center%20top
Requested by
Host: www.unlockedfire.co
URL: https://www.unlockedfire.co/logn./libero-connect/it/index.php
Protocol
HTTP/1.1
Server
173.249.147.120 , United States, ASN40819 (VPSDATACENTER, US),
Reverse DNS
Software
Apache /
Resource Hash
74c35afe0e7db8481f4e9ebe7f4b47ce542f01891e77ebcae44310f926665695

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.unlockedfire.co/logn./libero-connect/it/index.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Sat, 06 Jul 2024 01:08:33 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
Cache-Control
no-cache, must-revalidate, max-age=0
Connection
Keep-Alive
Link
<https://www.unlockedfire.co/wp-json/>; rel="https://api.w.org/"
Keep-Alive
timeout=5, max=98
Expires
Wed, 11 Jan 1984 05:00:00 GMT

Redirect headers

Date
Sat, 06 Jul 2024 01:08:31 GMT
Content-Encoding
gzip
Server
Apache
X-Redirect-By
WordPress
Vary
Accept-Encoding
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
Location
https://www.unlockedfire.co/logn./libero-connect/it/;);%20background-repeat:%20no-repeat;%20background-color:%20rgb(104,%20231,%20255);%20background-position:%20center%20top
Cache-Control
max-age=3600
Connection
Keep-Alive
Keep-Alive
timeout=5, max=99
Expires
Sat, 06 Jul 2024 02:08:33 GMT
logo.svg
www.unlockedfire.co/logn./libero-connect/it/files/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.unlockedfire.co/logn./libero-connect/it/files/logo.svg
Requested by
Host: www.unlockedfire.co
URL: https://www.unlockedfire.co/logn./libero-connect/it/files/style.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
173.249.147.120 , United States, ASN40819 (VPSDATACENTER, US),
Reverse DNS
Software
Apache /
Resource Hash
54ea3b729d9ff4a499d3bf59b0497606ceb27b7100c60d74d28467224f3983f9

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.unlockedfire.co/logn./libero-connect/it/files/style.css
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sat, 06 Jul 2024 01:08:31 GMT
Last-Modified
Mon, 14 Mar 2022 14:18:42 GMT
Server
Apache
Content-Type
image/svg+xml
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
4827
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@300;400;500&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fonts.googleapis.com/
Origin
https://www.unlockedfire.co
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Jul 2024 17:31:01 GMT
x-content-type-options
nosniff
age
113851
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 04 Jul 2025 17:31:01 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@300;400;500&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fonts.googleapis.com/
Origin
https://www.unlockedfire.co
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Jul 2024 20:58:55 GMT
x-content-type-options
nosniff
age
101377
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15920
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 04 Jul 2025 20:58:55 GMT
targeting
italiaonline.profiles.tagger.opecloud.com/v1/ 		0
0
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		97 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.unlockedfire.co
URL: https://www.unlockedfire.co/logn./libero-connect/it/files/iam2.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
6b0f39bd5cacf8a725134e0872c7cccc90ffbb52c2bcb55dc21198dc8f8ad205
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.unlockedfire.co/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 01:08:32 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31284
x-xss-protection
0
server
cafe
etag
889 / 19910 / m202407020101 / config-hash: 10288659473878011519
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sat, 06 Jul 2024 01:08:32 GMT
targeting
italiaonline.profiles.tagger.opecloud.com/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://italiaonline.profiles.tagger.opecloud.com/v1/targeting?url=https%3A%2F%2Fwww.unlockedfire.co%2Flogn.%2Flibero-connect%2Fit%2Findex.php&gdpr_applies=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.185.191.58 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-185-191-58.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
referrer-policy
Access-Control-Request-Method
GET
Origin
https://www.unlockedfire.co
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-encoding
gzip
content-type
text/plain; charset=UTF-8
date
Sat, 06 Jul 2024 01:08:32 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407020101/ 		467 KB
145 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407020101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
4416286665bbc024eb7d80114a57625e9f57ea495844950d060293b230599af5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.unlockedfire.co/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Jul 2024 11:21:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
49632
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
148860
x-xss-protection
0
server
cafe
etag
3071004405367439963
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Sat, 05 Jul 2025 11:21:20 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		67 B
73 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.unlockedfire.co
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
978ff636c6d4a02629647b683d367672aa53a50214f29922c6fa725efb48f835
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.unlockedfire.co/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 01:08:32 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49
x-xss-protection
0
expires
Sat, 06 Jul 2024 01:08:32 GMT
trk
www.iolam.it/service/ 		0
0
ads
pagead2.googlesyndication.com/gampad/ 		57 KB
21 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/gampad/ads?pvsid=3538532663972995&correlator=3183176151518419&eid=44809527%2C31084693%2C31078663%2C31078668%2C31078670&output=ldjh&gdfp_req=1&vrg=202407020101&ptt=17&impl=fifs&ltd_cs=1&npa=1&iu_parts=5180%2Clibero%2Cwebmail%2Clogin%2Cundefined&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=1540x1024&ifi=1&sfv=1-0-40&eri=1&sc=1&abxe=1&dt=1720228114190&lmt=1720228114&adxs=576&adys=50&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNi4wLjY0NzguMTI2IixudWxsLDAsbnVsbCwiNjQiLFtbIk5vdC9BKUJyYW5kIiwiOC4wLjAuMCJdLFsiQ2hyb21pdW0iLCIxMjYuMC42NDc4LjEyNiJdLFsiR29vZ2xlIENocm9tZSIsIjEyNi4wLjY0NzguMTI2Il1dLDBd&url=https%3A%2F%2Fwww.unlockedfire.co%2Flogn.%2Flibero-connect%2Fit%2Findex.php&vis=1&psz=980x0&msz=1540x0&fws=0&ohw=0&ga_vid=1404391846.1720228114&ga_sid=1720228114&ga_hid=642062052&ga_fc=false&topics=5&tps=5&htps=5&nt=1&psd=WzE0LG51bGwsbnVsbCwzXQ..&dlt=1720228110846&idt=1303&cust_params=oe%3DUTF-8%26optout%3D1%26adv_infocus%3Dyes%26adv_referrer%3Dother%26adv_sgt%3D3%26is_native%3Dno%26xdid_user_ui%3Dfalse%26adv_sso1%3D0%26adv_sso2%3D0%26adv_sso3%3D0%26gdpr%3D0&adks=68688629&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407020101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
e5a24b768618b1f8c83e95e85c72046f925f6973900d47e7c7cb79f6191ba613
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.unlockedfire.co/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 01:08:34 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21418
x-xss-protection
0
google-lineitem-id
6243488770
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138425481084
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.unlockedfire.co
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
85f8822776bcbe9c80063ab30fe9eeff.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 6D37 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://85f8822776bcbe9c80063ab30fe9eeff.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407020101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.unlockedfire.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 06 Jul 2024 01:08:34 GMT
expires
Sat, 06 Jul 2024 01:08:34 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
view
pagead2.googlesyndication.com/pcs/ Frame AE36 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjsszMW5Se-h8Vqr2jDvztluAW9sfifNOs8z2hxxraer1tXLZOkIuVtmB4VIRpsW2RVHowgEYlY903h87sreQTren8OYUBliiRdFUCjQU0ZKyfGNPIQJq8yiivhW-NX6taTGyt4aCpLs9HSRds4Cef-WMcGHVu0B-gJmjD71Ai4BwyQzoQ5fP2KS3Xbp9ypvHXNds1NVOaSCi-a4k1p896RDDoI1f3wycpOe3QWh5IugZpnqIFUAYOyYDwiYIax2lFsBu6zLgg4pwAnTcVp4ASjnfb7DqObGYvCinKScdZzv6gLZVLMCDidtDATWr0TFydIr1ibYJnpy-NnUbojOuAffx9TKjLMXJ3A1VK6W4x7jW-rYGrefnbaYA69q47jyuO8qPP4k&sig=Cg0ArKJSzHj8FtOxM5HAEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: www.unlockedfire.co
URL: https://www.unlockedfire.co/logn./libero-connect/it/index.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.unlockedfire.co/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 01:08:34 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
abg_lite_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20240702/r20110914/ Frame AE36 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240702/r20110914/abg_lite_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407020101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
679e233357e93a4f4d15bc2e62d33e0048a978a5ddd57a78ad1203d614b0773a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.unlockedfire.co/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Jul 2024 07:05:42 GMT
content-encoding
br
x-content-type-options
nosniff
age
64972
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9191
x-xss-protection
0
server
cafe
etag
8778699909409299010
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 19 Jul 2024 07:05:42 GMT
ufs_web_display.js
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame AE36 		205 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407020101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
066bf781659af09bb40a24a7d87dd2310c2324c9619e347c6d6d05c00ffeb182
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.unlockedfire.co/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 01:05:42 GMT
content-encoding
br
x-content-type-options
nosniff
age
172
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
64446
x-xss-protection
0
server
cafe
etag
vary
Accept-Encoding
content-type
text/javascript; charset=ISO-8859-1
cache-control
public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sat, 06 Jul 2024 02:05:42 GMT
AdvContent20x20.png
i3.plug.it/banners/img/ 		537 B
918 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i3.plug.it/banners/img/AdvContent20x20.png
Requested by
Host: www.unlockedfire.co
URL: https://www.unlockedfire.co/logn./libero-connect/it/index.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.31.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-31-25.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
68cfa5d1e626ad1796c8c8db8276c8196f7235100b9ae6f7380a4f8920bd994c

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.unlockedfire.co/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Jul 2024 07:39:40 GMT
via
1.1 d8ec42efeb409ac816e90eb0236c1f4a.cloudfront.net (CloudFront)
last-modified
Tue, 09 Jun 2020 08:23:45 GMT
server
nginx
x-amz-cf-pop
FRA56-P8
age
63103
etag
"5edf4711-219"
vary
Origin
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=1200, public
accept-ranges
bytes
content-length
537
x-amz-cf-id
9PM3JZOi4H_bPYJUEWZA65lqwkPK0zw0Wyu0AN9DErJc6n_q6HO5AA==
expires
Fri, 05 Jul 2024 07:56:51 GMT
16015580638844959971
tpc.googlesyndication.com/simgad/ 		287 KB
288 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/16015580638844959971?
Requested by
Host: www.unlockedfire.co
URL: https://www.unlockedfire.co/logn./libero-connect/it/index.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5989832b4f4a2fd480c77bfd2dcf7e32bde76ec694d27c6867a2915521599974
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.unlockedfire.co/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
Fri, 04 Jul 2025 13:42:59 GMT
date
Thu, 04 Jul 2024 13:42:59 GMT
x-content-type-options
nosniff
age
127535
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
294175
x-xss-protection
0
last-modified
Fri, 10 Mar 2023 13:00:44 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons
true
gen_204
pagead2.googlesyndication.com/pagead/ Frame AE36 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWgD
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.unlockedfire.co/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 06 Jul 2024 01:08:34 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
jload
pixel.adsafeprotected.com/ Frame FFF9 		62 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/jload?anId=926174&campId=1540x1024&pubId=38840327&chanId=131213447&placementId=6243488770&pubCreative=138425481084&pubOrder=3137833863&cb=1522827703&impId=&ias_adpath=%23adv_click
Requested by
Host: www.unlockedfire.co
URL: https://www.unlockedfire.co/logn./libero-connect/it/index.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.171.155.9 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-171-155-9.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
f9cbb56cf8b4b0ea6d616db454c7f1c938f03159aaa5d0ed8c3489d06dde96c4

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.unlockedfire.co/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 06 Jul 2024 01:08:34 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
pixel.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
truncated
/ Frame AE36 		210 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7fd22b6a857e0e30553623c8e0fd9127f5ae3ec2e9ed8b7f90b82364dcfc0f1c

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
view
pagead2.googlesyndication.com/pcs/ Frame AE36 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjstBD4pU_Kf_Fk5uP9Lcln42QI0ENWRkUS1Ay81e6Z4cxjnV_bKZouWbeBo5mjOfPs25gdSgOVdEfxEes5JHgwCqroMzvDy-J8G5xxLzZMyaxuPCXVe2lKAWyJq4vGjFO3JdSUfTIME6tXSLad0u5RU3SCt477aoaa54DgbTwBnTA4Yxtysal93JgW3qtXv0CYkAz21D_7rUvSLFQawRT4C93K0cOa0-Yxy42PsXCzGc28UPMHVISH-FPzr4JihUt8EWKzvw37aCoX4PINep0oGnsMsHwtV_Dqhu7vGSaftKh9bdLXs2Es5c221XcPvl7AlVc__t0DNzt2h0QpygnSEAjFKy7V8kAPkW-JGeC1bnzhdCQO2KlTAfhEsy63F3rhAkEs0FMg&sig=Cg0ArKJSzK994qX3toUSEAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNi4wLjY0NzguMTI2IixudWxsLDAsbnVsbCwiNjQiLFtbIk5vdC9BKUJyYW5kIiwiOC4wLjAuMCJdLFsiQ2hyb21pdW0iLCIxMjYuMC42NDc4LjEyNiJdLFsiR29vZ2xlIENocm9tZSIsIjEyNi4wLjY0NzguMTI2Il1dLDBd&adurl=
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.unlockedfire.co/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 01:08:34 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
main.19.8.517.js
static.adsafeprotected.com/ Frame FFF9 		222 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/main.19.8.517.js
Requested by
Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=926174&campId=1540x1024&pubId=38840327&chanId=131213447&placementId=6243488770&pubCreative=138425481084&pubOrder=3137833863&cb=1522827703&impId=&ias_adpath=%23adv_click
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:b600:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8b9a8654184012c96aa64ae9fa8fdc5d66ee038ea1d8bf211790f6e8a5b725aa

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.unlockedfire.co/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Jul 2024 15:17:30 GMT
x-amz-version-id
6IT.4.PWKYk2Ua02AQD2yLdBhqMcFrg2
content-encoding
gzip
via
1.1 55107fc1be09ed1afcf3154ed9bd93cc.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
age
208265
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 25 Jun 2024 19:53:23 GMT
server
AmazonS3
etag
W/"702a4bc2fdc30b9653ccef756efdbde7"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
ksT-wHSm9ICiKEWX6iDy0vTsGohbZZc9u7bP_eNEvFSXurhK_7NF_g==
sca.17.6.4.js
static.adsafeprotected.com/ Frame A890 		91 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.6.4.js
Requested by
Host: www.unlockedfire.co
URL: https://www.unlockedfire.co/logn./libero-connect/it/index.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:b600:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ac42cf20760d5b0f71be7a0391c76020002aa1dcfc75bae782360bf2761db29f

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.unlockedfire.co/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Jul 2024 15:17:30 GMT
x-amz-version-id
bOtNsqPibVajaDyuqqyqCrhSRcjcC6sa
content-encoding
gzip
via
1.1 55107fc1be09ed1afcf3154ed9bd93cc.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
age
208265
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Mon, 13 May 2024 16:44:02 GMT
server
AmazonS3
etag
W/"8fa66f8b94450bd040e7b5a7550c52de"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
bQaeRVoSnQLU3PYINlSJUR3xTOWO3E-UE5XPLRwIlnRAVp1PdURYtQ==
mon
pixel.adsafeprotected.com/ 		43 B
197 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.adsafeprotected.com/mon?anId=926174&campId=1540x1024&pubId=38840327&chanId=131213447&placementId=6243488770&pubCreative=138425481084&pubOrder=3137833863&cb=1522827703&impId=&ias_adpath=%23adv_click&adsafe_url=https%3A%2F%2Fwww.unlockedfire.co%2Flogn.%2Flibero-connect%2Fit%2Findex.php&adsafe_type=abcedq&adsafe_url=https%3A%2F%2Fwww.unlockedfire.co%2F&adsafe_type=f&adsafe_jsinfo=,id:91b20efe-af60-e55c-49e1-1c0e269d163c,c:hDWEIe,sl:outOfView,em:true,fr:true,thd:1,mn:jsserver-primary-57559867c6-4mblb,rg:ie,pt:1-5-15,wc:760.760.1600.1200,ac:760.760.1600.1200,am:sp,cc:760.760.1600.1200,piv:19,obst:0,th:0,reas:l,mu:10000,br:c,bru:c,an:n,oam:0,scm:publ1.grpm1.uJaQN1.brLes1,mtim:81,mot:0,app:0,maw:0,tdt:s,fm:uhHLRmO+11%7C12%7C13*.926174%7C131,idMap:13*,pl:CV8L.CV8L.CV8L.CV8L.CV8L,rmeas:1,rend:1,renddet:DIV.qs.sn,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,et:101,oid:448c0617-3b34-11ef-9521-fe2470e4977d,v:19.8.517,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Requested by
Host: www.unlockedfire.co
URL: https://www.unlockedfire.co/logn./libero-connect/it/index.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.171.155.9 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-171-155-9.eu-west-1.compute.amazonaws.com
Software
Apache-Coyote/1.1 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.unlockedfire.co/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-type
image/gif
pragma
no-cache
date
Sat, 06 Jul 2024 01:08:34 GMT
cache-control
no-cache
server
Apache-Coyote/1.1
content-length
43
p3p
CP="COM NAV INT STA NID OUR IND NOI"
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=926174&asId=91b20efe-af60-e55c-49e1-1c0e269d163c&tv=%7Bc:hDWEIg,pingTime:-8,time:102,type:l,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:102,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:100,wc:760.760.1600.1200,ac:760.760.1600.1200,am:sp,cc:760.760.1600.1200,piv:19,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B17~1%5D,as:%5B17~1600.1200%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:uhHLRmO+11%7C12%7C13*.926174%7C131,idMap:13*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:102%7D&br=c
Requested by
Host: www.unlockedfire.co
URL: https://www.unlockedfire.co/logn./libero-connect/it/index.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4282:30ea:cde:e42f:989a Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.unlockedfire.co/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 06 Jul 2024 01:08:35 GMT
server
nginx
x-server-name
dt51.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=926174&asId=91b20efe-af60-e55c-49e1-1c0e269d163c&tv=%7Bc:hDWEIE,pingTime:-2,time:126,type:a,im:%7BpBlk:119,sf:0,pom:1,prf:%7BbeA:167,beZ:168,mfA:249,cmA:250,inA:250,inZ:255,prA:256,prZ:260,si:268,poA:270,bl:286,poZ:286,cmZ:286,mfZ:286,loA:289,loZ:292,ltA:293,ltZ:293,mdA:169,mdZ:220%7D%7D,sca:%7Blts:2024-07-06%2003.08.34,dfp:%7Bdf:4,sz:100.100,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:19,vs:o,r:l,w:1600,h:1200,t:100%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:126,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:100,wc:760.760.1600.1200,ac:760.760.1600.1200,am:sp,cc:760.760.1600.1200,piv:19,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B40~1%5D,as:%5B40~1600.1200%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:uhHLRmO+11%7C12%7C13*.926174%7C131,idMap:13*,pd:CV8L.internal-pdf-viewer,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:102,slid:%5Bgoogle_ads_iframe_/5180/libero/webmail/login/undefined_0,google_ads_iframe_/5180/libero/webmail/login/undefined_0__container__,adsplash,wrapper-iol%5D,sinceFw:23,readyFired:true%7D&br=c
Requested by
Host: www.unlockedfire.co
URL: https://www.unlockedfire.co/logn./libero-connect/it/index.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4282:30ea:cde:e42f:989a Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.unlockedfire.co/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 06 Jul 2024 01:08:35 GMT
server
nginx
x-server-name
dt34.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=926174&asId=91b20efe-af60-e55c-49e1-1c0e269d163c&tv=%7Bc:hDWEJv,time:179,type:e,im:%7BpWait:4%7D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:179,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:100,wc:760.760.1600.1200,ac:760.760.1600.1200,am:sp,cc:760.760.1600.1200,piv:19,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B93~1%5D,as:%5B93~1600.1200%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:uhHLRmO+11%7C12%7C13*.926174%7C131,idMap:13*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:102,sis:165%7D&br=c
Requested by
Host: www.unlockedfire.co
URL: https://www.unlockedfire.co/logn./libero-connect/it/index.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4282:30ea:cde:e42f:989a Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.unlockedfire.co/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 06 Jul 2024 01:08:35 GMT
server
nginx
x-server-name
dt36.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=926174&asId=91b20efe-af60-e55c-49e1-1c0e269d163c&tv=%7Bc:hDWENm,pingTime:-10,time:418,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi40djEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi40dk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwtMTIwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTI2LjAuMC4wIFNhZmFyaS81MzcuMzZ8fDF8fDF8fEdvb2dsZSBJbmMufHxu,ch:n,fsc:17.6.4v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200222002220222202,asp:1720228115092%7C%7Cdf61f7196bcb659a117cb1619736e6da%7C%7Cf1f6b29a6cc1f79a0fea05b885aa33d0%7C%7Ca8dde2cf83b089d6641f41cc82615111%7C%7Ccc15d0d2ba4e51757be2b64d856c4df4%7C%7Cf262d6508e138a7f064365bcf9797958%7C%7Cfbddedc69972d3a7d166b2b119f6179d%7C%7C99ab816ee5f587360b3c20d69e4a23ea%7C%7C1715618633%7D
Requested by
Host: www.unlockedfire.co
URL: https://www.unlockedfire.co/logn./libero-connect/it/index.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4282:30ea:cde:e42f:989a Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.unlockedfire.co/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 06 Jul 2024 01:08:35 GMT
server
nginx
x-server-name
dt78.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
sodar
pagead2.googlesyndication.com/getconfig/ 		17 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202407020101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407020101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
4ec8929f80cf8819e1dc430265f62fc423b276b56b984a3c4e0354bd2fec6cc1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.unlockedfire.co/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 01:08:35 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12757
x-xss-protection
0
libero_favicon.ico
www.unlockedfire.co/logn./libero-connect/it/files/ 		1 KB
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.unlockedfire.co/logn./libero-connect/it/files/libero_favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
173.249.147.120 , United States, ASN40819 (VPSDATACENTER, US),
Reverse DNS
Software
Apache /
Resource Hash
fba1ebd847c9826cd1bb0482cb11ba739012cd4b4003af92ab28b8b559a8e8de

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.unlockedfire.co/logn./libero-connect/it/index.php
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sat, 06 Jul 2024 01:08:35 GMT
Last-Modified
Mon, 14 Mar 2022 20:09:04 GMT
Server
Apache
Content-Type
image/x-icon
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
1150
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407020101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.unlockedfire.co/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 01:08:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 06 Jul 2024 01:08:35 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 59D8 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.unlockedfire.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
age
11636
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 05 Jul 2024 21:54:39 GMT
expires
Sat, 05 Jul 2025 21:54:39 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/pagead/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
italiaonline.profiles.tagger.opecloud.com
URL
https://italiaonline.profiles.tagger.opecloud.com/v1/targeting?url=https%3A%2F%2Fwww.unlockedfire.co%2Flogn.%2Flibero-connect%2Fit%2Findex.php&gdpr_applies=0
Domain
www.iolam.it
URL
https://www.iolam.it/service/trk
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202407020101&jk=3538532663972995&bg=!bW6lbiHNAAZ5zPvEWcw7ADQBe5WfOBPWKO3A4I5Y1KEWpHe-ON9Ev_dSxgV26XSCHDSsZO0v7faXxs3DJ19QxP2jV2cQAgAAAOVSAAAABGgBB34ANeRLIDBbaLhfrAqcqTmnVQW3HdpwY6v7sHEXSCT9IyYaZUOJTLlDyW4QBgmVQlD59RfBtjznCgBqcsqFKOf4R97tW5UDkOrST4kQQ0dQpLsOuxFU85YTCcGQTjanbw7qsmV2W6Hqe8SXRq9pAL_lHCxW-SrGj8g_50-gRYSGvo7Yvt3XfOX7RhXPSo5weHyRcSHLsD93_bzpQ1jqA70Fy-aBs5kCn84hjPp4Vx1ckeUjWsqU6C-fE6609_ULoOEkpdDSBAEtu69oB54AG9jRAnl9xen98_e-lBQ3FeWtwu_nlr5xycCBKr08Ta9msuIhl9XWECHDUjJQmTBAWolX9Vhk0yjMO_OweUnJ7VJKUi8kzajA8tdoUNm5Lb3YMIqjMK9eDktkV5V3Q00rCjm2YPLiCasq3KPRq0m7EOamgjOyrQNRhqQ6M1eolZkbCrYsUd3agaz1x3qWM-k7yjsaOQfUpZes8Xla4IF2Nh6qhKKfVpfI_e3SqUBj4LfI_oVbC3DsHygMmMaJkMbeC9KAs1BB2SKUdU34aUCSc6ThUF_VQg_mtOpDJVxGO7uCFliQhpamWtfXjJx36NNv-CpdLTbC_Nl4w0SS858NLBXzk48I1cACv7GpB19hjuahdcG9anhGjXiafSMa4aDMZ4tKw1PuSTPBiaTO_xYATdgGisAPB3QNgy3uNoRi_DKXJrxNsA3jFBrx8oQvN3hlOaq41GRwBcbIGQ17thGznYjusPADl47Bap4WVndppWdY4wbgbMSJJ75kyNw8cHyTsY3RZeXhwUKod58VQ3AwtRFFdcnwPU2saZqfig8eItQaLDpIiQnGeW4-iwN8GryE5f8cZvnT16f9Di22vqv6r4zKF8nQKI0x4PvY7ewLjFtEx0JtJb6dsBHYhYStUUipGYV5KDfaEIwdaCzbMMX1T2bp0qlNbdZt8pMLlG1a73K-kqmfys45tUgydgd9AkKKRPEn0m5EerJ0162v9Ec2SUwBBxlaCHROYSe3dr80jxeNgfhfVKoObQnHjbEFUhbx1cYNwqq9pLYDfy5y7WmxEsGgmD8jTSoiDaUlktf_bKcTqDsHn606vfusUmR4slYfVUtVTtXUJsfA

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Libero (Online)

22 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 undefined| event object| fence object| sharedStorage function| $ function| jQuery object| Placeholders object| IOL boolean| iamInitialized object| pubAdsCfg object| grumi object| googletag object| ggeac object| google_tag_data object| google_js_reporting_queue undefined| google_measure_js_timing object| google_reactive_ads_global_state number| google_unique_id object| gaGlobal object| GoogleGcLKhOms

1 Cookies

Domain/Path Name / Value
www.unlockedfire.co/ Name: PHPSESSID
Value: f5f872de7ba0c595bb22683809a335a0

5 Console Messages

Source Level URL
Text
javascript error URL: https://www.unlockedfire.co/logn./libero-connect/it/index.php
Message:
Access to XMLHttpRequest at 'https://italiaonline.profiles.tagger.opecloud.com/v1/targeting?url=https%3A%2F%2Fwww.unlockedfire.co%2Flogn.%2Flibero-connect%2Fit%2Findex.php&gdpr_applies=0' from origin 'https://www.unlockedfire.co' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://italiaonline.profiles.tagger.opecloud.com/v1/targeting?url=https%3A%2F%2Fwww.unlockedfire.co%2Flogn.%2Flibero-connect%2Fit%2Findex.php&gdpr_applies=0
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://www.unlockedfire.co/logn./libero-connect/it/index.php
Message:
Access to XMLHttpRequest at 'https://www.iolam.it/service/trk' from origin 'https://www.unlockedfire.co' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://www.iolam.it/service/trk
Message:
Failed to load resource: net::ERR_FAILED
network error URL: https://www.unlockedfire.co/logn./libero-connect/it/;);%20background-repeat:%20no-repeat;%20background-color:%20rgb(104,%20231,%20255);%20background-position:%20center%20top
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

85f8822776bcbe9c80063ab30fe9eeff.safeframe.googlesyndication.com
ajax.googleapis.com
cdnjs.cloudflare.com
dt.adsafeprotected.com
fonts.googleapis.com
fonts.gstatic.com
i3.plug.it
italiaonline.profiles.tagger.opecloud.com
pagead2.googlesyndication.com
pixel.adsafeprotected.com
securepubads.g.doubleclick.net
static.adsafeprotected.com
tpc.googlesyndication.com
www.iolam.it
www.unlockedfire.co
italiaonline.profiles.tagger.opecloud.com
pagead2.googlesyndication.com
www.iolam.it
104.17.24.14
142.250.184.194
142.250.185.130
173.249.147.120
18.185.191.58
18.245.31.25
213.209.30.161
2600:1f18:1aca:4282:30ea:cde:e42f:989a
2600:9000:223f:b600:8:48e:53c0:93a1
2a00:1450:4001:812::2001
2a00:1450:4001:828::200a
2a00:1450:4001:82a::2001
2a00:1450:4001:830::2003
54.171.155.9
066bf781659af09bb40a24a7d87dd2310c2324c9619e347c6d6d05c00ffeb182
148c0dcd3eff6305eaffe3600d31334604cc02591259020e54d8835be0e20dfe
1e7271f832628acc449ce087d6d75f51739b98094a637c4169940287705ba497
270524b0d27afd1d3b6622d1a176c678daed94564c143297e217a63e21ce9820
4416286665bbc024eb7d80114a57625e9f57ea495844950d060293b230599af5
4ec8929f80cf8819e1dc430265f62fc423b276b56b984a3c4e0354bd2fec6cc1
54ea3b729d9ff4a499d3bf59b0497606ceb27b7100c60d74d28467224f3983f9
5989832b4f4a2fd480c77bfd2dcf7e32bde76ec694d27c6867a2915521599974
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6371356d9cb87a361f550a77f374e58eb68a25ab048440a04e11fba1cc575876
679e233357e93a4f4d15bc2e62d33e0048a978a5ddd57a78ad1203d614b0773a
68cfa5d1e626ad1796c8c8db8276c8196f7235100b9ae6f7380a4f8920bd994c
694adc42b1e12c4edc69f43c2aaafea20e28d55d4ee73c3505cd1bf8b90e3452
6b0f39bd5cacf8a725134e0872c7cccc90ffbb52c2bcb55dc21198dc8f8ad205
74c35afe0e7db8481f4e9ebe7f4b47ce542f01891e77ebcae44310f926665695
7fd22b6a857e0e30553623c8e0fd9127f5ae3ec2e9ed8b7f90b82364dcfc0f1c
8b9a8654184012c96aa64ae9fa8fdc5d66ee038ea1d8bf211790f6e8a5b725aa
978ff636c6d4a02629647b683d367672aa53a50214f29922c6fa725efb48f835
a942db0887cfca0186ab17377e7c73164877cce08d600036ed051069d612c49c
ac42cf20760d5b0f71be7a0391c76020002aa1dcfc75bae782360bf2761db29f
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
bb631cb41d70ab6f8a07ab80b053676bca8589e7e1d835827f30e1bffbed91c5
c4dccdd9ae25b64078e0c73f273de94f8894d5c99e4741645ece29aeefc9c5a4
e5a24b768618b1f8c83e95e85c72046f925f6973900d47e7c7cb79f6191ba613
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f9cbb56cf8b4b0ea6d616db454c7f1c938f03159aaa5d0ed8c3489d06dde96c4
fba1ebd847c9826cd1bb0482cb11ba739012cd4b4003af92ab28b8b559a8e8de
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e