urlscan.io logo urlscan.io
SecurityTrails logo

italiarimborso.it Open in urlscan Pro
142.132.135.253  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://t.noticias.selezioneperte.com/c/?t=9893789-881-108-%21x-ce05z
Effective URL: https://italiarimborso.it/landing-agenzia.php
Submission Tags: falconsandbox
Submission: On June 16 via api from US — Scanned from FR
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 15 IPs in 5 countries across 15 domains to perform 41 HTTP transactions. The main IP is 142.132.135.253, located in Germany and belongs to HETZNER-AS, DE. The main domain is italiarimborso.it.
TLS certificate: Issued by R3 on April 17th 2022. Valid for: 3 months.
This is the only time italiarimborso.it was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    185.151.189.219 (France)

ASN34993 (ODISO-AS, FR)
PTR: mindproxyvip.odiso.net
t.noticias.selezioneperte.com
1    52.210.2.133 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-210-2-133.eu-west-1.compute.amazonaws.com
info.rioyetarre.com
1    18.202.12.61 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-202-12-61.eu-west-1.compute.amazonaws.com
datawork.go2cloud.org
13    142.132.135.253 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.253.135.132.142.clients.your-server.de
italiarimborso.it
1    2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2a02:26f0:ef::5f65:4da2 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
consent.cookiebot.com
6    143.204.89.48 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-89-48.fra50.r.cloudfront.net
widget.trustpilot.com
2    2a03:2880:f02d:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
3    2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2a02:26f0:ef:29a::f09 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
consentcdn.cookiebot.com
1    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
2    2a00:1450:400c:c1b::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.fr
2    2a03:2880:f11c:8083:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    2a00:1450:4001:830::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
Apex Domain
Subdomains		 Transfer
13 italiarimborso.it
italiarimborso.it
160 KB
6 trustpilot.com
widget.trustpilot.com — Cisco Umbrella Rank: 5760
27 KB
4 cookiebot.com
consent.cookiebot.com — Cisco Umbrella Rank: 4737
consentcdn.cookiebot.com — Cisco Umbrella Rank: 5416
84 KB
3 gstatic.com
fonts.gstatic.com
48 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 91
388 B
2 google.fr
www.google.fr — Cisco Umbrella Rank: 12418
564 B
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 60
20 KB
2 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 125
373 B
2 google.com
region1.analytics.google.com — Cisco Umbrella Rank: 15715
www.google.com — Cisco Umbrella Rank: 9
849 B
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 158
110 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 96
111 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 67
1 KB
1 go2cloud.org
datawork.go2cloud.org
2 KB
1 rioyetarre.com
info.rioyetarre.com
666 B
1 selezioneperte.com
t.noticias.selezioneperte.com
481 B
41 15
Domain Requested by
13 italiarimborso.it client
italiarimborso.it
6 widget.trustpilot.com italiarimborso.it
widget.trustpilot.com
3 fonts.gstatic.com fonts.googleapis.com
2 www.facebook.com italiarimborso.it
2 www.google.fr italiarimborso.it
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 stats.g.doubleclick.net www.googletagmanager.com
www.google-analytics.com
2 consentcdn.cookiebot.com consent.cookiebot.com
2 connect.facebook.net italiarimborso.it
connect.facebook.net
2 consent.cookiebot.com italiarimborso.it
consent.cookiebot.com
2 www.googletagmanager.com italiarimborso.it
www.googletagmanager.com
1 www.google.com
1 region1.analytics.google.com www.googletagmanager.com
1 fonts.googleapis.com italiarimborso.it
1 datawork.go2cloud.org 1 redirects
1 info.rioyetarre.com 1 redirects
1 t.noticias.selezioneperte.com 1 redirects
41 17

This site contains links to these domains. Also see Links.

Domain
www.cookiebot.com
policies.google.com
www.facebook.com
Subject Issuer Validity Valid
italiarimborso.it
R3		 2022-04-17 -
2022-07-16		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-05-25 -
2022-08-17		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-05-30 -
2022-08-22		 3 months crt.sh
consent.cookiebot.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-06-04 -
2023-06-06		 a year crt.sh
*.trustpilot.com
Amazon		 2022-03-04 -
2023-04-02		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-03-25 -
2022-06-23		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-05-25 -
2022-08-17		 3 months crt.sh
*.cookiebot.com
DigiCert SHA2 Secure Server CA		 2021-07-05 -
2022-07-13		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-05-30 -
2022-08-22		 3 months crt.sh
*.google.fr
GTS CA 1C3		 2022-05-25 -
2022-08-17		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-05-30 -
2022-08-22		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://italiarimborso.it/landing-agenzia.php
Frame ID: 20A0689B2E7898DF9DEAF614CCEA4B21
Requests: 37 HTTP requests in this frame

Frame: https://widget.trustpilot.com/trustboxes/5419b6a8b0d04a076446a9ad/index.html?templateId=5419b6a8b0d04a076446a9ad&businessunitId=5b17f92b811b4200015866ce
Frame ID: 05D35A0C47D91054D34852A53B10CDB9
Requests: 5 HTTP requests in this frame

Frame: https://consentcdn.cookiebot.com/sdk/bc-v4.min.html
Frame ID: B54BCFDED90AD662BDDB98FCB1C3AF48
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

ItaliaRimborso: Rimborsi per volo cancellato o in ritardoPowered by CookiebotItalia Rimborso

Page URL History Show full URLs

  1. https://t.noticias.selezioneperte.com/c/?t=9893789-881-108-%21x-ce05z HTTP 302
    http://info.rioyetarre.com/aff_c?offer_id=1916&aff_id=1353&source=5565&aff_sub5=53862&file_id=13031&url... HTTP 302
    https://datawork.go2cloud.org/aff_c?offer_id=1916&aff_id=1353&source=5565&aff_sub5=53862&file_id=13031&url... HTTP 302
    https://italiarimborso.it/landing-agenzia.php Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)
Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • consent\.cookiebot\.com
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery-ui[.-]([\d.]*\d)[^/]*\.js
  • jquery-ui.*\.js

Page Statistics

41
Requests

100 %
HTTPS

71 %
IPv6

15
Domains

17
Subdomains

15
IPs

5
Countries

564 kB
Transfer

1736 kB
Size

12
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://t.noticias.selezioneperte.com/c/?t=9893789-881-108-%21x-ce05z HTTP 302
    http://info.rioyetarre.com/aff_c?offer_id=1916&aff_id=1353&source=5565&aff_sub5=53862&file_id=13031&url_id=12976 HTTP 302
    https://datawork.go2cloud.org/aff_c?offer_id=1916&aff_id=1353&source=5565&aff_sub5=53862&file_id=13031&url_id=12976 HTTP 302
    https://italiarimborso.it/landing-agenzia.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

41 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request landing-agenzia.php
italiarimborso.it/
Redirect Chain
  • https://t.noticias.selezioneperte.com/c/?t=9893789-881-108-%21x-ce05z
  • http://info.rioyetarre.com/aff_c?offer_id=1916&aff_id=1353&source=5565&aff_sub5=53862&file_id=13031&url_id=12976
  • https://datawork.go2cloud.org/aff_c?offer_id=1916&aff_id=1353&source=5565&aff_sub5=53862&file_id=13031&url_id=12976
  • https://italiarimborso.it/landing-agenzia.php
262 KB
71 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://italiarimborso.it/landing-agenzia.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
142.132.135.253 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.253.135.132.142.clients.your-server.de
Software
nginx / PHP/7.3.33 PleskLin
Resource Hash
b5cd6f333505bdfcaa2eee480b4c8d95574d729fe4eb5fde368af16cb4f2e03b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

cache-control
no-store, no-cache, must-revalidate
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Thu, 16 Jun 2022 06:50:59 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
pragma
no-cache
server
nginx
vary
Accept-Encoding,User-Agent
x-powered-by
PHP/7.3.33 PleskLin

Redirect headers

Access-Control-Allow-Headers
Tune-SDK-Version
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
229
Content-Type
text/html; charset=iso-8859-1
Date
Thu, 16 Jun 2022 06:50:59 GMT
Expires
Sat, 26 Jul 1997 05:00:00 GMT
Location
https://italiarimborso.it/landing-agenzia.php
P3p
CP="NOI CUR OUR NOR INT"
Pragma
no-cache
Server
nginx
Tracking_id
102b6f0cfc8cfbc9faffb3f94471a3
X-Request-Id
20cc06ae46df53f58c8f02db7c7b8f41
X-Robots-Tag
noindex, nofollow
above-the-fold.css
italiarimborso.it/css/ 		24 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://italiarimborso.it/css/above-the-fold.css?v=1.5
Requested by
Host: client
URL: about:client
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
142.132.135.253 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.253.135.132.142.clients.your-server.de
Software
nginx /
Resource Hash
e4031d3db3b0170ab2bb04046c7ca1e6479c26f0cda29f44bc4f06b180cba247

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://italiarimborso.it/landing-agenzia.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma
public
date
Thu, 16 Jun 2022 06:51:00 GMT
content-encoding
br
last-modified
Wed, 01 Jun 2022 09:09:35 GMT
server
nginx
etag
W/"62972ccf-5ecb"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=2592000, public
expires
Sat, 16 Jul 2022 06:51:00 GMT
css
fonts.googleapis.com/ 		12 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto+Condensed:300,400,400i,700,700i&display=swap
Requested by
Host: italiarimborso.it
URL: https://italiarimborso.it/landing-agenzia.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
20683922d06ac9046313897d06ccbe8ec219b813430e196e6615a6393b0d46cf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://italiarimborso.it/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 16 Jun 2022 06:39:42 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 16 Jun 2022 06:51:00 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 16 Jun 2022 06:51:00 GMT
js
www.googletagmanager.com/gtag/ 		103 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-141426170-1
Requested by
Host: italiarimborso.it
URL: https://italiarimborso.it/landing-agenzia.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d24c36732df53a805bca37d3131c05ae9fbaad47d3744e485ed365151e92c691
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://italiarimborso.it/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Thu, 16 Jun 2022 06:51:00 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40837
x-xss-protection
0
expires
Thu, 16 Jun 2022 06:51:00 GMT
fontello.css
italiarimborso.it/images/fontello/css/ 		9 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://italiarimborso.it/images/fontello/css/fontello.css
Requested by
Host: italiarimborso.it
URL: https://italiarimborso.it/landing-agenzia.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
142.132.135.253 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.253.135.132.142.clients.your-server.de
Software
nginx /
Resource Hash
9fe83acf28f37fdd832cdeb7c0b59f9aef7dc1e821199abd691fa25a66e3c149

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://italiarimborso.it/landing-agenzia.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma
public
date
Thu, 16 Jun 2022 06:51:00 GMT
content-encoding
br
last-modified
Wed, 08 Apr 2020 17:19:54 GMT
server
nginx
etag
W/"5e8e07ba-22b7"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=2592000, public
expires
Sat, 16 Jul 2022 06:51:00 GMT
bootstrap.min.js
italiarimborso.it/bootstrap/js/ 		79 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://italiarimborso.it/bootstrap/js/bootstrap.min.js
Requested by
Host: italiarimborso.it
URL: https://italiarimborso.it/landing-agenzia.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
142.132.135.253 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.253.135.132.142.clients.your-server.de
Software
nginx /
Resource Hash
56aaa9f86376956072fd293180c65e15c7ba436cd744c2d05814d32dabdeba15

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://italiarimborso.it/landing-agenzia.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma
public
date
Thu, 16 Jun 2022 06:51:00 GMT
content-encoding
br
last-modified
Wed, 05 Jun 2019 07:45:19 GMT
server
nginx
etag
W/"5cf7730f-13ce0"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000, public
expires
Sat, 16 Jul 2022 06:51:00 GMT
jquery.modernizr.js
italiarimborso.it/js/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://italiarimborso.it/js/jquery.modernizr.js
Requested by
Host: italiarimborso.it
URL: https://italiarimborso.it/landing-agenzia.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
142.132.135.253 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.253.135.132.142.clients.your-server.de
Software
nginx /
Resource Hash
9d9da5173e651f06b4ec1d87ae5bc138ab2765ca7a6fb970e3eef42aa6b95118

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://italiarimborso.it/landing-agenzia.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma
public
date
Thu, 16 Jun 2022 06:51:00 GMT
content-encoding
br
last-modified
Wed, 16 Feb 2022 10:22:59 GMT
server
nginx
etag
W/"620cd083-15a8"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000, public
expires
Sat, 16 Jul 2022 06:51:00 GMT
validator.min.js
italiarimborso.it/plugin/bootstrap-validator/js/ 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://italiarimborso.it/plugin/bootstrap-validator/js/validator.min.js
Requested by
Host: italiarimborso.it
URL: https://italiarimborso.it/landing-agenzia.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
142.132.135.253 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.253.135.132.142.clients.your-server.de
Software
nginx /
Resource Hash
ff03b9d99f0e230679998dead1d9fdc8c46951888446a413cdabc3cb1d4a062b

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://italiarimborso.it/landing-agenzia.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma
public
date
Thu, 16 Jun 2022 06:51:00 GMT
content-encoding
br
last-modified
Wed, 05 Jun 2019 07:45:32 GMT
server
nginx
etag
W/"5cf7731c-1d44"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000, public
expires
Sat, 16 Jul 2022 06:51:00 GMT
jquery-ui-1.10.4.custom.min.js
italiarimborso.it/js/ 		39 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://italiarimborso.it/js/jquery-ui-1.10.4.custom.min.js
Requested by
Host: italiarimborso.it
URL: https://italiarimborso.it/landing-agenzia.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
142.132.135.253 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.253.135.132.142.clients.your-server.de
Software
nginx /
Resource Hash
90043ede8fda1af828555354c76ef35bca8495ecf87d0548253a6f866af5a499

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://italiarimborso.it/landing-agenzia.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma
public
date
Thu, 16 Jun 2022 06:51:00 GMT
content-encoding
br
last-modified
Wed, 16 Feb 2022 10:22:59 GMT
server
nginx
etag
W/"620cd083-9c52"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000, public
expires
Sat, 16 Jul 2022 06:51:00 GMT
jquery-ui-autocomplite.min.js
italiarimborso.it/js/ 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://italiarimborso.it/js/jquery-ui-autocomplite.min.js
Requested by
Host: italiarimborso.it
URL: https://italiarimborso.it/landing-agenzia.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
142.132.135.253 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.253.135.132.142.clients.your-server.de
Software
nginx /
Resource Hash
76ede3588d259cea5a2938aa67c099a0f05b5a6b3c9908983c8d962e4f175b49

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://italiarimborso.it/landing-agenzia.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma
public
date
Thu, 16 Jun 2022 06:51:00 GMT
content-encoding
br
last-modified
Wed, 16 Feb 2022 10:22:59 GMT
server
nginx
etag
W/"620cd083-7d47"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000, public
expires
Sat, 16 Jul 2022 06:51:00 GMT
jquery.slimscroll.min.js
italiarimborso.it/plugin/slimScroll/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://italiarimborso.it/plugin/slimScroll/jquery.slimscroll.min.js
Requested by
Host: italiarimborso.it
URL: https://italiarimborso.it/landing-agenzia.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
142.132.135.253 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.253.135.132.142.clients.your-server.de
Software
nginx /
Resource Hash
a84ffabdd498cd0bbd960a2c2b1845a65113bd6bea00096602e47ec8f87fd122

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://italiarimborso.it/landing-agenzia.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma
public
date
Thu, 16 Jun 2022 06:51:00 GMT
content-encoding
br
last-modified
Wed, 05 Jun 2019 07:45:32 GMT
server
nginx
etag
W/"5cf7731c-1274"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000, public
expires
Sat, 16 Jul 2022 06:51:00 GMT
uc.js
consent.cookiebot.com/ 		96 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://consent.cookiebot.com/uc.js
Requested by
Host: italiarimborso.it
URL: https://italiarimborso.it/landing-agenzia.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ef::5f65:4da2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
502a3766309b1092890b0e535e784678bfd584a598bf84e20fd530424c79ecbd

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://italiarimborso.it/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Thu, 16 Jun 2022 06:51:00 GMT
content-encoding
gzip
last-modified
Fri, 03 Jun 2022 11:13:40 GMT
etag
"08a62fa3a77d81:0"
vary
Accept-Encoding
content-type
application/javascript
access-control-expose-headers
Request-Context
cache-control
public, max-age=534
request-context
appId=cid-v1:89f47f4b-bed0-4db8-956b-d6e6dfac3fef
accept-ranges
bytes
content-length
29796
expires
Thu, 16 Jun 2022 06:59:54 GMT
tp.widget.bootstrap.min.js
widget.trustpilot.com/bootstrap/v5/ 		19 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.trustpilot.com/bootstrap/v5/tp.widget.bootstrap.min.js
Requested by
Host: italiarimborso.it
URL: https://italiarimborso.it/landing-agenzia.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.89.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-89-48.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f3496bc7c277d917d35553c46ed1597a86065494cac582e42a3a1d55aedef7fb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://italiarimborso.it/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
age
13037
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
date
Thu, 16 Jun 2022 03:13:43 GMT
content-length
6124
x-xss-protection
1; mode=block
last-modified
Mon, 30 May 2022 14:38:02 GMT
server
AmazonS3
etag
"5add60196e5f96a414fb4b9586764e5d"
content-type
application/x-javascript
via
1.1 bab8148a65b29113f79cf2725076287c.cloudfront.net (CloudFront)
cache-control
max-age=86400
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
x-amz-cf-id
XA1aXHAZODcur6HO8lRnDGl-2OK17v6QXT70HUGsWWx9qwTyfWjyhA==
fbevents.js
connect.facebook.net/en_US/ 		100 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: italiarimborso.it
URL: https://italiarimborso.it/landing-agenzia.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
3d79854e01d0c79408c548889dcfddd23e4ef10f11c698c831b570573ee13b97
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://italiarimborso.it/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
26344
x-xss-protection
0
pragma
public
x-fb-debug
y4MVakpTw4UTUW/T4/Bb/xllMwXw3mxPt7IgzCOn01U7vzDJhhdQRePXUk6DWuQDamuQk3nAvzxyAuB+oYXPTg==
x-fb-trip-id
917726464
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Thu, 16 Jun 2022 06:51:00 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
expires
Sat, 01 Jan 2000 00:00:00 GMT
truncated
/ 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ce0a0ef12f75bc86f2b23feac80d16d058fcc5f08de270febc9d16de130aafc6

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Content-Type
image/svg+xml
fontello.woff2
italiarimborso.it/images/fontello/font/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://italiarimborso.it/images/fontello/font/fontello.woff2?37073734
Requested by
Host: italiarimborso.it
URL: https://italiarimborso.it/images/fontello/css/fontello.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
142.132.135.253 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.253.135.132.142.clients.your-server.de
Software
nginx /
Resource Hash
1a26e30952522881321c284996db72a7df63b4add938a5c32b52fc5ef415a054

Request headers

Referer
https://italiarimborso.it/images/fontello/css/fontello.css
Origin
https://italiarimborso.it
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Thu, 16 Jun 2022 06:51:00 GMT
last-modified
Thu, 12 Mar 2020 10:38:15 GMT
server
nginx
etag
"5e6a1117-480c"
content-type
font/woff2
access-control-allow-origin
*
accept-ranges
bytes
content-length
18444
jquery-ui-1.10.4.custom.min.css
italiarimborso.it/css/ 		18 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://italiarimborso.it/css/jquery-ui-1.10.4.custom.min.css
Requested by
Host: italiarimborso.it
URL: https://italiarimborso.it/landing-agenzia.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
142.132.135.253 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.253.135.132.142.clients.your-server.de
Software
nginx /
Resource Hash
e6526159807c6e0e0ed7a3409751789b444fee373c63878b19f25d94bb7a2057

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://italiarimborso.it/landing-agenzia.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma
public
date
Thu, 16 Jun 2022 06:51:00 GMT
content-encoding
br
last-modified
Wed, 16 Feb 2022 10:22:59 GMT
server
nginx
etag
W/"620cd083-473e"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=2592000, public
expires
Sat, 16 Jul 2022 06:51:00 GMT
style-custom.css
italiarimborso.it/css/ 		17 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://italiarimborso.it/css/style-custom.css?v=1.1
Requested by
Host: italiarimborso.it
URL: https://italiarimborso.it/landing-agenzia.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
142.132.135.253 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.253.135.132.142.clients.your-server.de
Software
nginx /
Resource Hash
9d8addd031a7425dbbde91aea7175999260666b7440e845f4f0b0d68c22987ab

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://italiarimborso.it/landing-agenzia.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma
public
date
Thu, 16 Jun 2022 06:51:00 GMT
content-encoding
br
last-modified
Fri, 18 Mar 2022 13:41:43 GMT
server
nginx
etag
W/"62348c17-4299"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=2592000, public
expires
Sat, 16 Jul 2022 06:51:00 GMT
ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2
fonts.gstatic.com/s/robotocondensed/v25/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/robotocondensed/v25/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed:300,400,400i,700,700i&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e79c1c1a140e6afb861074c70392db54cc65a06050de2a69162ab94eb95b0516
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://italiarimborso.it
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 14 Jun 2022 22:15:46 GMT
x-content-type-options
nosniff
age
117314
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15660
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 18:42:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 14 Jun 2023 22:15:46 GMT
ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
fonts.gstatic.com/s/robotocondensed/v25/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/robotocondensed/v25/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed:300,400,400i,700,700i&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6b4fac99c39b9ee2693d87a2508d0c7d4b4859072966616bd1f6e18c5b2f9d36
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://italiarimborso.it
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 14 Jun 2022 08:45:21 GMT
x-content-type-options
nosniff
age
165939
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15700
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 18:51:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 14 Jun 2023 08:45:21 GMT
ieVj2ZhZI2eCN5jzbjEETS9weq8-19eLDwM9.woff2
fonts.gstatic.com/s/robotocondensed/v25/ 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/robotocondensed/v25/ieVj2ZhZI2eCN5jzbjEETS9weq8-19eLDwM9.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed:300,400,400i,700,700i&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3ab6d5bddb52a980ebe7658cca937e1ce087c1478cbeb13715876e463b2dd7f3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://italiarimborso.it
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 14 Jun 2022 08:45:49 GMT
x-content-type-options
nosniff
age
165911
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17376
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 18:55:05 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 14 Jun 2023 08:45:49 GMT
index.html
widget.trustpilot.com/trustboxes/5419b6a8b0d04a076446a9ad/ Frame 05D3 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://widget.trustpilot.com/trustboxes/5419b6a8b0d04a076446a9ad/index.html?templateId=5419b6a8b0d04a076446a9ad&businessunitId=5b17f92b811b4200015866ce
Requested by
Host: widget.trustpilot.com
URL: https://widget.trustpilot.com/bootstrap/v5/tp.widget.bootstrap.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.89.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-89-48.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8b17b12a46bcc8cfb1b0873fddf84dd8360ec0424ea090d0d7df5ba11f0e358a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://italiarimborso.it/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

accept-ranges
bytes
age
15774
cache-control
max-age=86400
content-encoding
gzip
content-length
1796
content-type
text/html
date
Thu, 16 Jun 2022 02:28:07 GMT
etag
"cd69f4d5ed17d150e89a02d3bc8839ce"
last-modified
Tue, 14 Jun 2022 14:06:14 GMT
server
AmazonS3
strict-transport-security
max-age=31536000
via
1.1 bab8148a65b29113f79cf2725076287c.cloudfront.net (CloudFront)
x-amz-cf-id
zsw0Ws9ZmxiW9INDp4lXGuBuGoXTv29wjBJjmGNshrsJgl72KKrDFw==
x-amz-cf-pop
FRA50-C1
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-content-type-options
nosniff
x-xss-protection
1; mode=block
1316985831797503
connect.facebook.net/signals/config/ 		290 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1316985831797503?v=2.9.62&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
114eccecb71cb058dc9ffc03b2a49ae1442c96c7eddebf6c837351fdc7563c11
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://italiarimborso.it/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection
0
pragma
public
x-fb-debug
pb3cY4Za5LHJruVxllrUnEFsFfCc0TV/3V1S6BedvTSWprqy1OlS/XsD7u1sHHXJiMb8CZjaN27S70Vd7HGCjQ==
x-fb-trip-id
917726464
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Thu, 16 Jun 2022 06:51:00 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
x-content-cdn-origin-ts
1655362260409
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		198 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-S1SJ03XZ70&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-141426170-1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
185d04bafe2b541f67b2b05a74858b2babae45aa0e2960ba700d82122021d605
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://italiarimborso.it/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Thu, 16 Jun 2022 06:51:00 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
72054
x-xss-protection
0
expires
Thu, 16 Jun 2022 06:51:00 GMT
bc-v4.min.html
consentcdn.cookiebot.com/sdk/ Frame B54B 		627 B
692 B 		Document
General
Check archive.org
Download Go to
Full URL
https://consentcdn.cookiebot.com/sdk/bc-v4.min.html
Requested by
Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ef:29a::f09 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
738e5435f2d18427d291a0d6289eee0ebbc87b596d6003919f255760ac293104

Request headers

Referer
https://italiarimborso.it/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=26145485
content-encoding
gzip
content-length
392
content-type
text/html
date
Thu, 16 Jun 2022 06:51:00 GMT
etag
"3d08665fa4c7bcf9fa2dcbbc7efe1d0f:1649057029.895163"
expires
Fri, 14 Apr 2023 21:29:05 GMT
last-modified
Mon, 04 Apr 2022 07:23:49 GMT
server
AkamaiNetStorage
server-timing
cdn-cache; desc=HIT edge; dur=1
vary
Accept-Encoding
x-akamai-transformed
9 - 0 pmb=mRUM,1
configuration.js
consentcdn.cookiebot.com/consentconfig/96292dcd-77df-4ba6-8a87-1a6f9fcc423a/italiarimborso.it/ 		1 KB
702 B 		Script
General
Check archive.org
Download Go to
Full URL
https://consentcdn.cookiebot.com/consentconfig/96292dcd-77df-4ba6-8a87-1a6f9fcc423a/italiarimborso.it/configuration.js
Requested by
Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ef:29a::f09 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
44c33ad6451cbed4970f1dcd6828cde89924465b6f177bcca2f02ea95ac34325

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://italiarimborso.it/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Thu, 16 Jun 2022 06:51:00 GMT
content-encoding
gzip
last-modified
Thu, 02 Jun 2022 21:51:19 GMT
server
AkamaiNetStorage
etag
"d4444ffb5e38f7ee5eaaf5d5f52d20f9:1654206679.403083"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=78528
server-timing
cdn-cache; desc=HIT, edge; dur=5
accept-ranges
bytes
content-length
424
expires
Fri, 17 Jun 2022 04:39:48 GMT
cc.js
consent.cookiebot.com/96292dcd-77df-4ba6-8a87-1a6f9fcc423a/ 		236 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://consent.cookiebot.com/96292dcd-77df-4ba6-8a87-1a6f9fcc423a/cc.js?renew=false&referer=italiarimborso.it&dnt=false&init=false
Requested by
Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ef::5f65:4da2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
7b4cc5151d1306ee23a35d6d321939469611f4ed5d48e7ff68610454b494f74c

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://italiarimborso.it/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Thu, 16 Jun 2022 06:51:00 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-expose-headers
Request-Context
cache-control
private, max-age=1
content-length
53754
request-context
appId=cid-v1:89f47f4b-bed0-4db8-956b-d6e6dfac3fef
posta.png
italiarimborso.it/images/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://italiarimborso.it/images/posta.png
Requested by
Host: italiarimborso.it
URL: https://italiarimborso.it/landing-agenzia.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
142.132.135.253 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.253.135.132.142.clients.your-server.de
Software
nginx /
Resource Hash
755e553101489c7e837bba4c1932e8108e5bf61d24ed6143c971ec9ba0faf7d7

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://italiarimborso.it/landing-agenzia.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma
public
date
Thu, 16 Jun 2022 06:51:00 GMT
last-modified
Thu, 26 May 2022 12:26:06 GMT
server
nginx
etag
"628f71de-21ef"
content-type
image/png
cache-control
max-age=2592000, public
accept-ranges
bytes
content-length
8687
expires
Sat, 16 Jul 2022 06:51:00 GMT
main.js
widget.trustpilot.com/trustboxes/5419b6a8b0d04a076446a9ad/ Frame 05D3 		54 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.trustpilot.com/trustboxes/5419b6a8b0d04a076446a9ad/main.js
Requested by
Host: widget.trustpilot.com
URL: https://widget.trustpilot.com/trustboxes/5419b6a8b0d04a076446a9ad/index.html?templateId=5419b6a8b0d04a076446a9ad&businessunitId=5b17f92b811b4200015866ce
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.89.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-89-48.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5d0b102c2b8afa351d868f6e6c5c818720c331e1f400dda3f5c40c1ec20cd206
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://widget.trustpilot.com/trustboxes/5419b6a8b0d04a076446a9ad/index.html?templateId=5419b6a8b0d04a076446a9ad&businessunitId=5b17f92b811b4200015866ce
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
age
60227
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
date
Wed, 15 Jun 2022 14:07:14 GMT
content-length
16946
x-xss-protection
1; mode=block
last-modified
Tue, 14 Jun 2022 14:06:17 GMT
server
AmazonS3
etag
"831d2f542e8862cc9de1c20503a86fa6"
content-type
application/x-javascript
via
1.1 bab8148a65b29113f79cf2725076287c.cloudfront.net (CloudFront)
cache-control
max-age=86400
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
x-amz-cf-id
X_jLAs-iU_biR_7sTYZ2grSoikvRZ9KVFY24PT2AE2f9_1ijhWS7iw==
5419b6a8b0d04a076446a9ad
widget.trustpilot.com/trustbox-data/ Frame 05D3 		1 KB
1007 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://widget.trustpilot.com/trustbox-data/5419b6a8b0d04a076446a9ad?businessUnitId=5b17f92b811b4200015866ce&locale=it-IT
Requested by
Host: widget.trustpilot.com
URL: https://widget.trustpilot.com/trustboxes/5419b6a8b0d04a076446a9ad/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.89.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-89-48.fra50.r.cloudfront.net
Software
/
Resource Hash
d16a5de13f7162b1c4bf3b414b260ed7a04b7feeb461be9ce79e8d1f413d3e01
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://widget.trustpilot.com/trustboxes/5419b6a8b0d04a076446a9ad/index.html?templateId=5419b6a8b0d04a076446a9ad&businessunitId=5b17f92b811b4200015866ce
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
age
158
x-cache
Hit from cloudfront
date
Thu, 16 Jun 2022 06:48:22 GMT
content-length
550
x-xss-protection
1; mode=block
x-skip-cache-cookie
0
etag
"aa9d13cd9592857e89977a2d9e998623"
vary
Accept-Encoding
x-fallback-status
BYPASS
content-type
application/json; charset=utf-8
via
1.1 bab8148a65b29113f79cf2725076287c.cloudfront.net (CloudFront)
cache-control
public,max-age=1800
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
kwle77v2tgdgb_nuPQh_3nWLnbyPvPlxK7N42WQow94JrXMcOmZB9w==
TrustboxImpression
widget.trustpilot.com/stats/ Frame 05D3 		0
309 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://widget.trustpilot.com/stats/TrustboxImpression?locale=it-IT&styleHeight=24px&styleWidth=100%25&theme=dark&url=https%3A%2F%2Fitaliarimborso.it%2Flanding-agenzia.php&referrer=&userAgent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F102.0.5005.115%20Safari%2F537.36&language=en-US&platform=Win32&nosettings=1&businessUnitId=5b17f92b811b4200015866ce&widgetId=5419b6a8b0d04a076446a9ad
Requested by
Host: widget.trustpilot.com
URL: https://widget.trustpilot.com/trustboxes/5419b6a8b0d04a076446a9ad/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.89.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-89-48.fra50.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://widget.trustpilot.com/trustboxes/5419b6a8b0d04a076446a9ad/index.html?templateId=5419b6a8b0d04a076446a9ad&businessunitId=5b17f92b811b4200015866ce
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Thu, 16 Jun 2022 06:50:59 GMT
via
1.1 bab8148a65b29113f79cf2725076287c.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
FRA50-C1
strict-transport-security
max-age=31536000
x-cache
Miss from cloudfront
cache-control
no-store,no-cache
x-amz-cf-id
NYblqj9q8HINlfX7kqH-zSQbuJPPaGxa91yxLqtp_ICcw6NdR107sA==
x-xss-protection
1; mode=block
TrustboxView
widget.trustpilot.com/stats/ Frame 05D3 		0
309 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://widget.trustpilot.com/stats/TrustboxView?locale=it-IT&styleHeight=24px&styleWidth=100%25&theme=dark&url=https%3A%2F%2Fitaliarimborso.it%2Flanding-agenzia.php&referrer=&userAgent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F102.0.5005.115%20Safari%2F537.36&language=en-US&platform=Win32&nosettings=1&businessUnitId=5b17f92b811b4200015866ce&widgetId=5419b6a8b0d04a076446a9ad
Requested by
Host: widget.trustpilot.com
URL: https://widget.trustpilot.com/trustboxes/5419b6a8b0d04a076446a9ad/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.89.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-89-48.fra50.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://widget.trustpilot.com/trustboxes/5419b6a8b0d04a076446a9ad/index.html?templateId=5419b6a8b0d04a076446a9ad&businessunitId=5b17f92b811b4200015866ce
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Thu, 16 Jun 2022 06:50:59 GMT
via
1.1 bab8148a65b29113f79cf2725076287c.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
FRA50-C1
strict-transport-security
max-age=31536000
x-cache
Miss from cloudfront
cache-control
no-store,no-cache
x-amz-cf-id
7liKICOetNIwyQJVSit4ADn2wp8LvzTrmywwVT1o43DenvKOCDiorg==
x-xss-protection
1; mode=block
collect
region1.analytics.google.com/g/ 		0
348 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-S1SJ03XZ70&gtm=2oe6f0&_p=1223638907&_z=ccd.v9B&_gaz=1&cid=887368196.1655362260&ul=en-us&sr=1600x1200&_s=1&sid=1655362260&sct=1&seg=0&dl=https%3A%2F%2Fitaliarimborso.it%2Flanding-agenzia.php&dt=ItaliaRimborso%3A%20Rimborsi%20per%20volo%20cancellato%20o%20in%20ritardo&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-S1SJ03XZ70&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://italiarimborso.it/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Jun 2022 06:51:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://italiarimborso.it
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
348 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-S1SJ03XZ70&cid=887368196.1655362260&gtm=2oe6f0&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-S1SJ03XZ70&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c1b::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://italiarimborso.it/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Jun 2022 06:51:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://italiarimborso.it
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-141426170-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://italiarimborso.it/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
113
date
Thu, 16 Jun 2022 06:49:07 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Thu, 16 Jun 2022 08:49:07 GMT
ga-audiences
www.google.fr/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.fr/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-S1SJ03XZ70&cid=887368196.1655362260&gtm=2oe6f0&aip=1&z=204551136
Requested by
Host: italiarimborso.it
URL: https://italiarimborso.it/landing-agenzia.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://italiarimborso.it/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Jun 2022 06:51:00 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ 		293 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8181a739bd0ed0fd64624c4aa15b7847bc9d4fd0660bff56c8c9192c4ef75979

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Content-Type
image/png
/
www.facebook.com/tr/ 		44 B
297 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1316985831797503&ev=PageView&dl=https%3A%2F%2Fitaliarimborso.it%2Flanding-agenzia.php&rl=&if=false&ts=1655362260480&sw=1600&sh=1200&v=2.9.62&r=stable&ec=0&o=30&fbp=fb.1.1655362260479.1039617432&it=1655362260205&coo=false&exp=p1&rqm=GET
Requested by
Host: italiarimborso.it
URL: https://italiarimborso.it/landing-agenzia.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://italiarimborso.it/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Thu, 16 Jun 2022 06:51:00 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
44
expires
Thu, 16 Jun 2022 06:51:00 GMT
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&aip=1&a=1223638907&t=pageview&_s=1&dl=https%3A%2F%2Fitaliarimborso.it%2Flanding-agenzia.php&ul=en-us&de=UTF-8&dt=ItaliaRimborso%3A%20Rimborsi%20per%20volo%20cancellato%20o%20in%20ritardo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAAC~&jid=367405902&gjid=1994811095&cid=887368196.1655362260&tid=UA-141426170-1&_gid=51708723.1655362261&_r=1&gtm=2ou6f0&z=252751635
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://italiarimborso.it/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 16 Jun 2022 06:51:00 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://italiarimborso.it
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
25 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-141426170-1&cid=887368196.1655362260&jid=367405902&gjid=1994811095&_gid=51708723.1655362261&_u=YADAAUAAAAAAAC~&z=1485237622
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c1b::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
533036bd37d4d87bd4e3cad3010f2a29d00f24ffc34bb5b22598951c44d91452
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://italiarimborso.it/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Thu, 16 Jun 2022 06:51:00 GMT
content-type
text/plain
access-control-allow-origin
https://italiarimborso.it
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-141426170-1&cid=887368196.1655362260&jid=367405902&_u=YADAAUAAAAAAAC~&z=284009853
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://italiarimborso.it/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Jun 2022 06:51:00 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.fr/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.fr/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-141426170-1&cid=887368196.1655362260&jid=367405902&_u=YADAAUAAAAAAAC~&z=284009853
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://italiarimborso.it/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Jun 2022 06:51:00 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
91 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1316985831797503&ev=Microdata&dl=https%3A%2F%2Fitaliarimborso.it%2Flanding-agenzia.php&rl=&if=false&ts=1655362260983&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22ItaliaRimborso%3A%20Rimborsi%20per%20volo%20cancellato%20o%20in%20ritardo%22%2C%22meta%3Adescription%22%3A%22Richiedi%20il%20risarcimento%20per%20la%20cancellazione%20o%20il%20ritardo%20di%20un%20volo.%20Assistenza%20GRATUITA%2C%20in%20maniera%20semplice%2C%20chiara%20e%20veloce.%20Chiama%20il%20%2B39%2006%2056548248%22%2C%22meta%3Akeywords%22%3A%22%22%7D&cd[OpenGraph]=%7B%22og%3Aurl%22%3A%22https%3A%2F%2Fitaliarimborso.it%2Flanding-agenzia.php%22%2C%22og%3Asite_name%22%3A%22ItaliaRimborso.it%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fitaliarimborso.it%2Fimages%2FItalia-Rimborso.png%22%2C%22og%3Atype%22%3A%22article%22%2C%22og%3Aimage%3Awidth%22%3A%221200%22%2C%22og%3Aimage%3Aheight%22%3A%22630%22%2C%22og%3Atitle%22%3A%22ItaliaRimborso%3A%20Rimborsi%20per%20volo%20cancellato%20o%20in%20ritardo%22%2C%22og%3Adescription%22%3A%22Richiedi%20il%20risarcimento%20per%20la%20cancellazione%20o%20il%20ritardo%20di%20un%20volo.%20Assistenza%20GRATUITA%2C%20in%20maniera%20semplice%2C%20chiara%20e%20veloce.%20Chiama%20il%20%2B39%2006%2056548248%22%7D&cd[Schema.org]=%5B%7B%22dimensions%22%3A%7B%22h%22%3A1200%2C%22w%22%3A1600%7D%2C%22properties%22%3A%7B%7D%2C%22subscopes%22%3A%5B%5D%2C%22type%22%3A%22http%3A%2F%2Fschema.org%2FOrganization%22%7D%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.62&r=stable&ec=1&o=30&fbp=fb.1.1655362260479.1039617432&it=1655362260205&coo=false&es=automatic&tm=3&exp=p1&rqm=GET
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://italiarimborso.it/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Thu, 16 Jun 2022 06:51:01 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority
u=3,i
expires
Thu, 16 Jun 2022 06:51:01 GMT

Verdicts & Comments Add Verdict or Comment

57 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails object| navigation function| $ function| jQuery function| gtag object| dataLayer function| fbq function| _fbq function| loadDeferredStyles function| raf function| btn_chiamata function| btn_menu function| cerca_menu function| btn_booking function| booking_fixed function| booking_fixed_resize function| async_load function| myNavFunc function| submit_form function| submit_form_2 function| findPos function| seleziona_compagnia object| Trustpilot object| google_tag_manager object| jQuery1111027298208139142366 object| html5 object| Modernizr object| CookieControl function| __uspapi function| addUspapiLocatorFrame function| __handleUspapiMessage function| propagateIABStub object| Cookiebot object| CookieConsent object| min_exclude object| max_exclude object| CookiebotDialog object| CookieConsentDialog function| onYouTubeIframeAPIReady object| google_tag_data object| gaGlobal string| GoogleAnalyticsObject function| ga number| CB_jQueryHoldReadyStarted object| CookieDialogInitScrollPosition object| gaplugins object| gaData number| CB_OnTagsExecuted_Processed function| addEventListenerBase

12 Cookies

Domain/Path Name / Value
t.noticias.selezioneperte.com/ Name: ASP.NET_SessionId
Value: a3jeme4bg21zac3iqmccshr1
t.noticias.selezioneperte.com/ Name: SERVERID
Value: mindtrack3.odiso.net
datawork.go2cloud.org/ Name: aff_ran_url_1916
Value: 12976
datawork.go2cloud.org/ Name: enc_aff_session_1916
Value: ENC0348a7ce42e4f7eb2277d97aedbc3981cecc165d70374d32b16dcc42a7bc91f35724bfbde120cbbc255df863c7601ef1602d7b51c14c4be29e647ac537cd93da7dea624789d7823d1b990dfab17c810c8accd8e96cbc72a27c13e3e0ca7f25f5cda7bed89fc6d06e484a88782e17454a751c36e9df8eb067b1dec6e4ea9c15f4660ab42b0b
datawork.go2cloud.org/ Name: ho_mob
Value: eyJtb2JpbGVfZGV2aWNlX29zIjoiRGVza3RvcCIsIm1vYmlsZV9vc192ZXJzaW9uIjoiMCIsIm1vYmlsZV9kZXZpY2VfbW9kZWwiOiJDaHJvbWUiLCJtb2JpbGVfZGV2aWNlX2JyYW5kIjoiR29vZ2xlIiwibW9iaWxlX2Jyb3dzZXIiOiJDaHJvbWUgRGVza3RvcCIsIm1vYmlsZV9icm93c2VyX3ZlcnNpb24iOiIxMDIiLCJtb2JpbGVfY2FycmllciI6Ij8iLCJ1c2VyX2FnZW50IjoiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IFg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgTGlrZSBHZWNrbykgQ2hyb21lLzEwMi4wLjUwMDUuMTE1IFNhZmFyaS81MzcuMzYiLCJhY2NlcHRfbGFuZ3VhZ2UiOiJmci1GUixmcjtxPTAuOSIsImNvbm5lY3Rpb25fc3BlZWQiOiJicm9hZGJhbmQifQ==
italiarimborso.it/ Name: PHPSESSID
Value: m5dc10865amtd5p6v6239ftsp7
.italiarimborso.it/ Name: _ga_S1SJ03XZ70
Value: GS1.1.1655362260.1.0.1655362260.60
italiarimborso.it/ Name: CookieConsent
Value: -2
.italiarimborso.it/ Name: _fbp
Value: fb.1.1655362260479.1039617432
.italiarimborso.it/ Name: _ga
Value: GA1.2.887368196.1655362260
.italiarimborso.it/ Name: _gid
Value: GA1.2.51708723.1655362261
.italiarimborso.it/ Name: _gat_gtag_UA_141426170_1
Value: 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

connect.facebook.net
consent.cookiebot.com
consentcdn.cookiebot.com
datawork.go2cloud.org
fonts.googleapis.com
fonts.gstatic.com
info.rioyetarre.com
italiarimborso.it
region1.analytics.google.com
stats.g.doubleclick.net
t.noticias.selezioneperte.com
widget.trustpilot.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.fr
www.googletagmanager.com
142.132.135.253
143.204.89.48
18.202.12.61
185.151.189.219
2001:4860:4802:32::36
2a00:1450:4001:811::200a
2a00:1450:4001:813::2003
2a00:1450:4001:827::2008
2a00:1450:4001:828::2003
2a00:1450:4001:82f::200e
2a00:1450:4001:830::2004
2a00:1450:400c:c1b::9b
2a02:26f0:ef:29a::f09
2a02:26f0:ef::5f65:4da2
2a03:2880:f02d:100:face:b00c:0:3
2a03:2880:f11c:8083:face:b00c:0:25de
52.210.2.133
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
114eccecb71cb058dc9ffc03b2a49ae1442c96c7eddebf6c837351fdc7563c11
185d04bafe2b541f67b2b05a74858b2babae45aa0e2960ba700d82122021d605
1a26e30952522881321c284996db72a7df63b4add938a5c32b52fc5ef415a054
20683922d06ac9046313897d06ccbe8ec219b813430e196e6615a6393b0d46cf
3ab6d5bddb52a980ebe7658cca937e1ce087c1478cbeb13715876e463b2dd7f3
3d79854e01d0c79408c548889dcfddd23e4ef10f11c698c831b570573ee13b97
44c33ad6451cbed4970f1dcd6828cde89924465b6f177bcca2f02ea95ac34325
502a3766309b1092890b0e535e784678bfd584a598bf84e20fd530424c79ecbd
533036bd37d4d87bd4e3cad3010f2a29d00f24ffc34bb5b22598951c44d91452
56aaa9f86376956072fd293180c65e15c7ba436cd744c2d05814d32dabdeba15
5d0b102c2b8afa351d868f6e6c5c818720c331e1f400dda3f5c40c1ec20cd206
6b4fac99c39b9ee2693d87a2508d0c7d4b4859072966616bd1f6e18c5b2f9d36
738e5435f2d18427d291a0d6289eee0ebbc87b596d6003919f255760ac293104
755e553101489c7e837bba4c1932e8108e5bf61d24ed6143c971ec9ba0faf7d7
76ede3588d259cea5a2938aa67c099a0f05b5a6b3c9908983c8d962e4f175b49
7b4cc5151d1306ee23a35d6d321939469611f4ed5d48e7ff68610454b494f74c
8181a739bd0ed0fd64624c4aa15b7847bc9d4fd0660bff56c8c9192c4ef75979
8b17b12a46bcc8cfb1b0873fddf84dd8360ec0424ea090d0d7df5ba11f0e358a
90043ede8fda1af828555354c76ef35bca8495ecf87d0548253a6f866af5a499
9d8addd031a7425dbbde91aea7175999260666b7440e845f4f0b0d68c22987ab
9d9da5173e651f06b4ec1d87ae5bc138ab2765ca7a6fb970e3eef42aa6b95118
9fe83acf28f37fdd832cdeb7c0b59f9aef7dc1e821199abd691fa25a66e3c149
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a84ffabdd498cd0bbd960a2c2b1845a65113bd6bea00096602e47ec8f87fd122
b5cd6f333505bdfcaa2eee480b4c8d95574d729fe4eb5fde368af16cb4f2e03b
ce0a0ef12f75bc86f2b23feac80d16d058fcc5f08de270febc9d16de130aafc6
d16a5de13f7162b1c4bf3b414b260ed7a04b7feeb461be9ce79e8d1f413d3e01
d24c36732df53a805bca37d3131c05ae9fbaad47d3744e485ed365151e92c691
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4031d3db3b0170ab2bb04046c7ca1e6479c26f0cda29f44bc4f06b180cba247
e6526159807c6e0e0ed7a3409751789b444fee373c63878b19f25d94bb7a2057
e79c1c1a140e6afb861074c70392db54cc65a06050de2a69162ab94eb95b0516
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3496bc7c277d917d35553c46ed1597a86065494cac582e42a3a1d55aedef7fb
ff03b9d99f0e230679998dead1d9fdc8c46951888446a413cdabc3cb1d4a062b