cms.tim.it Open in urlscan Pro
156.54.0.72 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://cms.tim.it/content/login-webmail-2steps/login.html?username=asd+password=gew
Submission: On June 16 via api (June 16th 2023, 3:12:54 pm UTC) from US — Scanned from US

Summary HTTP 45 Redirects Links 17 Behaviour Indicators

Summary

This website contacted 15 IPs in 3 countries across 10 domains to perform 45 HTTP transactions. The main IP is 156.54.0.72, located in Italy and belongs to ASN-IDC T.NO.OM.I.NC, IT. The main domain is cms.tim.it.
TLS certificate: Issued by TI Trust Technologies OV CA on October 21st 2022. Valid for: a year.

This is the only time cms.tim.it was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Microsoft (Consumer)

Domain & IP information

	IP Address	AS Autonomous System
1	156.54.0.72 156.54.0.72	20746 (ASN-IDC T...) (ASN-IDC T.NO.OM.I.NC)
13	2606:4700::68... 2606:4700::6812:a972	13335 (CLOUDFLAR...) (CLOUDFLARENET)
12	81.74.225.10 81.74.225.10	3269 (ASN-IBSNAZ) (ASN-IBSNAZ)
3	2600:141b:e80... 2600:141b:e800:1380::1e80	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2607:f8b0:400... 2607:f8b0:4006:81c::2004	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:4006:824::2002	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6812:1d26	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2600:9000:210... 2600:9000:210b:ac00:2:42d9:3100:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2607:f8b0:400... 2607:f8b0:4006:820::2003	15169 (GOOGLE) (GOOGLE)
2	52.40.26.17 52.40.26.17	16509 (AMAZON-02) (AMAZON-02)
1	44.227.240.43 44.227.240.43	16509 (AMAZON-02) (AMAZON-02)
1 1	52.55.14.216 52.55.14.216	14618 (AMAZON-AES) (AMAZON-AES)
1	63.140.36.148 63.140.36.148	16509 (AMAZON-02) (AMAZON-02)
2	52.210.109.2 52.210.109.2	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:251... 2600:9000:2510:7400:1d:667e:2a40:93a1	16509 (AMAZON-02) (AMAZON-02)
45	15

1 156.54.0.72 (Italy)

ASN20746 (ASN-IDC T.NO.OM.I.NC, IT)

cms.tim.it	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2606:4700::6812:a972 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 81.74.225.10 (Italy)

ASN3269 (ASN-IBSNAZ, IT)
PTR: host-81-74-225-10.business.telecomitalia.it

risorse.tim.it	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:141b:e800:1380::1e80 (Piscataway, United States)

ASN20940 (AKAMAI-ASN1, NL)

assets.adobedtm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:81c::2004 (Flushing, United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:824::2002 (Flushing, United States)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:1d26 (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:210b:ac00:2:42d9:3100:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn-gl.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:820::2003 (Flushing, United States)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.40.26.17 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-40-26-17.us-west-2.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.227.240.43 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-227-240-43.us-west-2.compute.amazonaws.com

telecomitalia.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.55.14.216 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-55-14-216.compute-1.amazonaws.com

cm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.140.36.148 (United States)

ASN16509 (AMAZON-02, US)
PTR: ip-63-140-36-148.data.adobedc.net

ssl-metrics.tim.it	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.210.109.2 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-210-109-2.eu-west-1.compute.amazonaws.com

secure-it.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2510:7400:1d:667e:2a40:93a1 (United States)

ASN16509 (AMAZON-02, US)

ohvbg03qrgallkqfs7wjftnracusi1686928368.nuid.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	tim.it cms.tim.it risorse.tim.it — Cisco Umbrella Rank: 780942 ssl-metrics.tim.it — Cisco Umbrella Rank: 695429	499 KB
13	cookielaw.org cdn.cookielaw.org — Cisco Umbrella Rank: 413	272 KB
6	imrworldwide.com cdn-gl.imrworldwide.com — Cisco Umbrella Rank: 3339 secure-it.imrworldwide.com — Cisco Umbrella Rank: 43055 ohvbg03qrgallkqfs7wjftnracusi1686928368.nuid.imrworldwide.com	68 KB
3	demdex.net dpm.demdex.net — Cisco Umbrella Rank: 218 telecomitalia.demdex.net	5 KB
3	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 219	153 KB
3	adobedtm.com assets.adobedtm.com — Cisco Umbrella Rank: 398	48 KB
1	everesttech.net 1 redirects cm.everesttech.net — Cisco Umbrella Rank: 1106	517 B
1	gstatic.com www.gstatic.com	167 KB
1	onetrust.com geolocation.onetrust.com — Cisco Umbrella Rank: 684	307 B
1	google.com www.google.com — Cisco Umbrella Rank: 3	876 B
45	10

	Domain	Requested by
13	cdn.cookielaw.org	cms.tim.it cdn.cookielaw.org
12	risorse.tim.it	cms.tim.it risorse.tim.it
3	cdn-gl.imrworldwide.com	cms.tim.it cdn-gl.imrworldwide.com
3	securepubads.g.doubleclick.net	cms.tim.it securepubads.g.doubleclick.net
3	assets.adobedtm.com	cms.tim.it assets.adobedtm.com
2	secure-it.imrworldwide.com	cms.tim.it
2	dpm.demdex.net	assets.adobedtm.com cms.tim.it
1	ohvbg03qrgallkqfs7wjftnracusi1686928368.nuid.imrworldwide.com	cms.tim.it
1	ssl-metrics.tim.it	cms.tim.it
1	cm.everesttech.net	1 redirects
1	telecomitalia.demdex.net	assets.adobedtm.com
1	www.gstatic.com	www.google.com
1	geolocation.onetrust.com	cdn.cookielaw.org
1	www.google.com	cms.tim.it
1	cms.tim.it
45	15

This site contains links to these domains. Also see Links.

Domain
www.tim.it
gestione.servizi.tim.it
mail.tim.it
survey2.medallia.eu
tcf.cookiepedia.co.uk
www.onetrust.com

Subject Issuer	Validity	Valid
www.tim.it TI Trust Technologies OV CA	`2022-10-21` - `2023-10-22`	a year	crt.sh
cookielaw.org Cloudflare Inc ECC CA-3	`2023-04-01` - `2024-03-31`	a year	crt.sh
risorse.tim.it TI Trust Technologies OV CA	`2022-09-23` - `2023-10-24`	a year	crt.sh
assets.adobedtm.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-19` - `2023-08-19`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-05-22` - `2023-08-14`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-05-22` - `2023-08-14`	3 months	crt.sh
onetrust.com Cloudflare Inc ECC CA-3	`2022-12-13` - `2023-12-13`	a year	crt.sh
*.imrworldwide.com DigiCert TLS RSA SHA256 2020 CA1	`2023-01-03` - `2024-02-03`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-05-22` - `2023-08-14`	3 months	crt.sh
*.demdex.com DigiCert TLS RSA SHA256 2020 CA1	`2022-09-26` - `2023-10-27`	a year	crt.sh
ssl-metrics.tim.it DigiCert TLS RSA SHA256 2020 CA1	`2022-10-21` - `2023-11-21`	a year	crt.sh
*.nuid.imrworldwide.com Amazon RSA 2048 M01	`2023-04-12` - `2024-05-10`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://cms.tim.it/content/login-webmail-2steps/login.html?username=asd+password=gew
Frame ID: EBFF86C73999E04091231DB36E5AFD21
Requests: 43 HTTP requests in this frame

Frame: https://cdn-gl.imrworldwide.com/novms/html/ls.html
Frame ID: 3FCC88896366980F41B1920858F9E1A2
Requests: 3 HTTP requests in this frame

Frame: https://telecomitalia.demdex.net/dest5.html?d_nsid=0
Frame ID: B597434A8CC75ADF7987B95311CFA4ED
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Loginatom/icon/big/smsatom/icon/big/UltraBroadband_Broadbandatom/icon/big/UltraBroadbandHatom/icon/big/dati2xatom/icon/big/voci-minuti2xBack ButtonFilter Button

Detected technologies

Adobe Experience Manager (CMS) Expand

Overall confidence: 100%
Detected patterns

/etc\.clientlibs/

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cdn\.cookielaw\.org
otSDKStub\.js

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

45
Requests

98 %
HTTPS

53 %
IPv6

10
Domains

15
Subdomains

15
IPs

3
Countries

1213 kB
Transfer

4191 kB
Size

8
Cookies

17 Outgoing links

These are links going to different origins than the main page.

URL: https://www.tim.it/

Search URL Search Domain Scan URL

URL: https://gestione.servizi.tim.it/resetpwd/entratarecuser.do
Title: Recupera username

Search URL Search Domain Scan URL

URL: https://www.tim.it/assistenza/assistenza-tecnica/mail/faq
Title: Problemi di Accesso?

Search URL Search Domain Scan URL

URL: https://gestione.servizi.tim.it/resetpwd/entratadispatch.do?entryPoint=portale
Title: Recupera password

Search URL Search Domain Scan URL

URL: https://mail.tim.it/registrati.html
Title: Creane una!

Search URL Search Domain Scan URL

URL: https://survey2.medallia.eu/?adGMzq-57hkCS3ZOuDg7zF
Title: Aiutaci a migliorare!

Search URL Search Domain Scan URL

URL: https://www.tim.it/web-privacy-policy
Title: Privacy & Cookie

Search URL Search Domain Scan URL

URL: https://www.tim.it/note-legali
Title: Note Legali

Search URL Search Domain Scan URL

URL: https://www.tim.it/website-info
Title: Website Info

Search URL Search Domain Scan URL

URL: https://www.tim.it/assistenza/i-consumatori/info-consumatori-fisso/contatti
Title: Contatti

Search URL Search Domain Scan URL

URL: https://www.tim.it/assistenza/per-i-consumatori
Title: Per i Consumatori

Search URL Search Domain Scan URL

URL: https://www.tim.it/assistenza/supporto-tecnico-e-configurazione/fibra-e-adsl/navigazione-sicura/tutela-dei-minori
Title: Tutela Minori

Search URL Search Domain Scan URL

URL: https://www.tim.it/dichiarazione-di-accessibilita
Title: Dichiarazione di accessibilità

Search URL Search Domain Scan URL

URL: https://www.tim.it/web-privacy-policy?hidebanner=true
Title: clicca qui

Search URL Search Domain Scan URL

URL: https://www.tim.it/cookie-list
Title: Ulteriori informazioni

Search URL Search Domain Scan URL

URL: https://tcf.cookiepedia.co.uk/?lang=it
Title: | Visualizza testo legale completo Apre in una nuova scheda

Search URL Search Domain Scan URL

URL: https://www.onetrust.com/products/cookie-consent/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 41

https://cm.everesttech.net/cm/dd?d_uuid=86836728301342103842441646207494349223 HTTP 302
https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZIx78AAAAMYsdQNP

45 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request login.html Show response
cms.tim.it/content/login-webmail-2steps/ 131 KB
51 KB 1030ms
211ms Document
text/html 156.54.0.72
ASN-IDC T.NO.OM.I.NC

General

Check archive.org

Show headers Download Go to

Full URL

https://cms.tim.it/content/login-webmail-2steps/login.html?username=asd+password=gew

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

156.54.0.72 , Italy, ASN20746 (ASN-IDC T.NO.OM.I.NC, IT),

Reverse DNS

Software

Apache /

Resource Hash

737fe3f2c3ee0772bba99e2d7554c97ba0c2335172c207496c4cf2fea6b5ea3a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: authorization, clientversion, Cache-Control, pragma, expires, accept, BusinessID, InteractionDate-Date, InteractionDate-Time, TransactionID, MessageId, SourceSystem, Channel, SessionID, devicetype, content-type, x-requested-with, X-Frame-Options
content-encoding: gzip
content-type: text/html;charset=utf-8
date: Fri, 16 Jun 2023 15:12:45 GMT
server: Apache
strict-transport-security: max-age=31536000; preload
vary: Origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-tim-n: 2

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ 21 KB
7 KB 132ms
56ms Script
application/javascript 2606:4700::6812:a972
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Requested by

Host: cms.tim.it
URL: https://cms.tim.it/content/login-webmail-2steps/login.html?username=asd+password=gew

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:a972 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0be44b8963766e88bfb1034f5cf93deb8710ec30e7a54537ff463951c5976234

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cms.tim.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 16 Jun 2023 15:12:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: 0mEq0pw2uQHv5iDD8WI5Bw==
age: 61059
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 6759
x-ms-lease-status: unlocked
last-modified: Thu, 15 Jun 2023 19:30:16 GMT
server: cloudflare
etag: 0x8DB6DD6F2F4383B
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: b0de61d4-001e-00de-3bc2-9f884f000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7d83fe2d6ca42bab-ORD

GET
H2 200 login-webmail.min.css
risorse.tim.it/etc.clientlibs/login-webmail-2steps/clientlibs/ 859 B
981 B 1047ms
318ms Stylesheet
text/css 81.74.225.10
ASN-IBSNAZ

General

Check archive.org

Show headers Download Go to

Full URL

https://risorse.tim.it/etc.clientlibs/login-webmail-2steps/clientlibs/login-webmail.min.css

Requested by

Host: cms.tim.it
URL: https://cms.tim.it/content/login-webmail-2steps/login.html?username=asd+password=gew

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

81.74.225.10 , Italy, ASN3269 (ASN-IBSNAZ, IT),

Reverse DNS

host-81-74-225-10.business.telecomitalia.it

Software

Apache /

Resource Hash

1e0e7eb07413a758a8f30549cdc3be52f24ebf123b95c3c690309e4750dfee1e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cms.tim.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 14:47:29 GMT
strict-transport-security: max-age=31536000; preload
content-encoding: gzip
via: http/1.1 ts-mi2-3.cdn.interbusiness.it (), http/1.1 se-rm4-7.cdn.interbusiness.it ()
age: 1517
content-length: 433
last-modified: Thu, 08 Jun 2023 23:40:06 GMT
server: Apache
etag: "35b-5fda6c5a941a0-gzip"
vary: Origin
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/css
x-frame-options: SAMEORIGIN
cache-control: max-age=1800
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: funnel, authorization, clientversion, Cache-Control, pragma, expires, accept, BusinessID, InteractionDate-Date, InteractionDate-Time, TransactionID, MessageId, SourceSystem, Channel, SessionID, devicetype, content-type, x-requested-with
expires: Fri, 16 Jun 2023 15:17:29 GMT

GET
H2 200 launch-47d59cfadcb3.min.js Show response
assets.adobedtm.com/1eecba5bc341/a61c8f568034/ 105 KB
34 KB 394ms
45ms Script
application/x-javascript 2600:141b:e800:1380::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/1eecba5bc341/a61c8f568034/launch-47d59cfadcb3.min.js
Requested by: Host: cms.tim.it
URL: https://cms.tim.it/content/login-webmail-2steps/login.html?username=asd+password=gew
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:e800:1380::1e80 Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: b0c6fb87a881dbc18c152a84d1d53cf36d0cdf4f377bfaf6776bd4021dfe486c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cms.tim.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

unused62: 8096267
date: Fri, 16 Jun 2023 15:12:47 GMT
content-encoding: gzip
last-modified: Wed, 06 Oct 2021 14:51:50 GMT
server: AkamaiNetStorage
etag: "a6d3bb07e1edce8f55dbe89a07f03465:1633531910.317204"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://cms.tim.it
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 34797
expires: Fri, 16 Jun 2023 16:12:47 GMT

GET
H2 200 main.min.css
risorse.tim.it/etc.clientlibs/login-webmail-2steps/clientlibs/clientlib-base/resources/css/ 244 KB
31 KB 1048ms
319ms Stylesheet
text/css 81.74.225.10
ASN-IBSNAZ

General

Check archive.org

Show headers Download Go to

Full URL

https://risorse.tim.it/etc.clientlibs/login-webmail-2steps/clientlibs/clientlib-base/resources/css/main.min.css

Requested by

Host: cms.tim.it
URL: https://cms.tim.it/content/login-webmail-2steps/login.html?username=asd+password=gew

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

81.74.225.10 , Italy, ASN3269 (ASN-IBSNAZ, IT),

Reverse DNS

host-81-74-225-10.business.telecomitalia.it

Software

Apache /

Resource Hash

ad79fb9f60f0b92f9ff249de37ab2046538d81d6e39283cd8c182468b051f149

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cms.tim.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 15:06:35 GMT
strict-transport-security: max-age=31536000; preload
content-encoding: gzip
via: http/1.1 ts-mi2-3.cdn.interbusiness.it (), http/1.1 se-rm4-7.cdn.interbusiness.it ()
age: 371
content-length: 31567
last-modified: Fri, 09 Jun 2023 03:08:19 GMT
server: Apache
etag: "3d14f-5fda9ae4dd406-gzip"
vary: Origin
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/css
x-frame-options: SAMEORIGIN
cache-control: max-age=1800
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: funnel, authorization, clientversion, Cache-Control, pragma, expires, accept, BusinessID, InteractionDate-Date, InteractionDate-Time, TransactionID, MessageId, SourceSystem, Channel, SessionID, devicetype, content-type, x-requested-with
expires: Fri, 16 Jun 2023 15:36:35 GMT

GET
H2 200 clientlib-all-login.min.css
risorse.tim.it/etc.clientlibs/login-webmail-2steps/clientlibs/ 6 KB
1 KB 1194ms
466ms Stylesheet
text/css 81.74.225.10
ASN-IBSNAZ

General

Check archive.org

Show headers Download Go to

Full URL

https://risorse.tim.it/etc.clientlibs/login-webmail-2steps/clientlibs/clientlib-all-login.min.css

Requested by

Host: cms.tim.it
URL: https://cms.tim.it/content/login-webmail-2steps/login.html?username=asd+password=gew

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

81.74.225.10 , Italy, ASN3269 (ASN-IBSNAZ, IT),

Reverse DNS

host-81-74-225-10.business.telecomitalia.it

Software

Apache /

Resource Hash

16ded92a17f35054f28df52abca8e0f544a853f3701e6e8af05202cbba8505d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cms.tim.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 15:06:39 GMT
strict-transport-security: max-age=31536000; preload
content-encoding: gzip
via: http/1.1 ts-mi2-3.cdn.interbusiness.it (), http/1.1 se-rm4-7.cdn.interbusiness.it ()
age: 367
content-length: 1227
last-modified: Thu, 08 Jun 2023 22:57:36 GMT
server: Apache
etag: "164e-5fda62da9bdb7-gzip"
vary: Origin
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/css
x-frame-options: SAMEORIGIN
cache-control: max-age=1800
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: funnel, authorization, clientversion, Cache-Control, pragma, expires, accept, BusinessID, InteractionDate-Date, InteractionDate-Time, TransactionID, MessageId, SourceSystem, Channel, SessionID, devicetype, content-type, x-requested-with
expires: Fri, 16 Jun 2023 15:36:39 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 850 B
876 B 414ms
66ms Script
text/javascript 2607:f8b0:4006:81c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js

Requested by

Host: cms.tim.it
URL: https://cms.tim.it/content/login-webmail-2steps/login.html?username=asd+password=gew

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2004 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

41be1cf66d5f2a5e356d650205c8a6031fa238bcdef0a4d1e167712ab643fd51

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cms.tim.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 15:12:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 556
x-xss-protection: 1; mode=block
expires: Fri, 16 Jun 2023 15:12:47 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 80 KB
27 KB 414ms
86ms Script
text/javascript 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cms.tim.it
URL: https://cms.tim.it/content/login-webmail-2steps/login.html?username=asd+password=gew

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d70898110d564a9e912a483cfc9d2f594f3a33548efbd7d9af712267676e8f5e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cms.tim.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 15:12:47 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26687
x-xss-protection: 0
server: cafe
etag: 879 / 19524 / 31075378 / config-hash: 10714554489475813448
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 16 Jun 2023 15:12:47 GMT

GET
H2 200 19592410-edaf-48e3-8faa-9053afe70fee.json Show response
cdn.cookielaw.org/consent/19592410-edaf-48e3-8faa-9053afe70fee/ 3 KB
2 KB 195ms
140ms XHR
application/x-javascript 2606:4700::6812:a972
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/19592410-edaf-48e3-8faa-9053afe70fee/19592410-edaf-48e3-8faa-9053afe70fee.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:a972 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ca6ab68c746d548b8cb2c1e02a4795a5eaaed4dfd237d436a9d838ffa2441933

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cms.tim.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 16 Jun 2023 15:12:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: KsPcJ3u8WKERABSdnDiFzA==
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 1449
x-ms-lease-status: unlocked
last-modified: Tue, 06 Jun 2023 07:50:36 GMT
server: cloudflare
etag: 0x8DB6662B6B850CF
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 4294d7d5-801e-0161-71ee-9bda6c000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7d83fe2e2e28638a-ORD
expires: Sat, 17 Jun 2023 15:12:45 GMT

GET
H2 200 logo.svg
risorse.tim.it/content/dam/login-webmail-2steps/ 4 KB
2 KB 553ms
550ms Image
image/svg+xml 81.74.225.10
ASN-IBSNAZ

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://risorse.tim.it/content/dam/login-webmail-2steps/logo.svg

Requested by

Host: cms.tim.it
URL: https://cms.tim.it/content/login-webmail-2steps/login.html?username=asd+password=gew

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

81.74.225.10 , Italy, ASN3269 (ASN-IBSNAZ, IT),

Reverse DNS

host-81-74-225-10.business.telecomitalia.it

Software

Apache /

Resource Hash

bb462a24eef290bb508dfd155c8d94e5220b203109f6574184723f9ea252f9e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cms.tim.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 20 May 2023 19:14:16 GMT
strict-transport-security: max-age=31536000; preload
content-encoding: gzip
via: http/1.1 ts-mi2-3.cdn.interbusiness.it (), http/1.1 se-rm4-7.cdn.interbusiness.it ()
age: 2318310
content-length: 1633
last-modified: Wed, 08 Jun 2022 13:27:36 GMT
server: Apache
etag: "11f0-5e0efab1fd986-gzip"
vary: Origin
access-control-allow-methods: POST, GET, OPTIONS
content-type: image/svg+xml
cache-control: max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: funnel, authorization, clientversion, Cache-Control, pragma, expires, accept, BusinessID, InteractionDate-Date, InteractionDate-Time, TransactionID, MessageId, SourceSystem, Channel, SessionID, devicetype, content-type, x-requested-with
expires: Sun, 19 May 2024 19:14:16 GMT

GET
H2 200 clientlib-all-login.min.js Show response
risorse.tim.it/etc.clientlibs/login-webmail-2steps/clientlibs/ 1 MB
282 KB 184ms
184ms Script
application/javascript 81.74.225.10
ASN-IBSNAZ

General

Check archive.org

Show headers Download Go to

Full URL

https://risorse.tim.it/etc.clientlibs/login-webmail-2steps/clientlibs/clientlib-all-login.min.js

Requested by

Host: cms.tim.it
URL: https://cms.tim.it/content/login-webmail-2steps/login.html?username=asd+password=gew

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

81.74.225.10 , Italy, ASN3269 (ASN-IBSNAZ, IT),

Reverse DNS

host-81-74-225-10.business.telecomitalia.it

Software

Apache /

Resource Hash

b62855e46f5962191adfebef801f66ee465d502e9acf0bd1378b393721b073f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cms.tim.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 15:10:15 GMT
strict-transport-security: max-age=31536000; preload
content-encoding: gzip
via: http/1.1 ts-mi2-3.cdn.interbusiness.it (), http/1.1 se-rm4-7.cdn.interbusiness.it ()
age: 151
content-length: 288742
last-modified: Thu, 08 Jun 2023 22:07:58 GMT
server: Apache
etag: "102356-5fda57c36965d-gzip"
vary: Origin
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/javascript
x-frame-options: SAMEORIGIN
cache-control: max-age=1800
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: funnel, authorization, clientversion, Cache-Control, pragma, expires, accept, BusinessID, InteractionDate-Date, InteractionDate-Time, TransactionID, MessageId, SourceSystem, Channel, SessionID, devicetype, content-type, x-requested-with
expires: Fri, 16 Jun 2023 15:40:15 GMT

GET
H2 200 login.min.js Show response
risorse.tim.it/etc.clientlibs/login-webmail-2steps/clientlibs/ 12 KB
3 KB 550ms
550ms Script
application/javascript 81.74.225.10
ASN-IBSNAZ

General

Check archive.org

Show headers Download Go to

Full URL

https://risorse.tim.it/etc.clientlibs/login-webmail-2steps/clientlibs/login.min.js

Requested by

Host: cms.tim.it
URL: https://cms.tim.it/content/login-webmail-2steps/login.html?username=asd+password=gew

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

81.74.225.10 , Italy, ASN3269 (ASN-IBSNAZ, IT),

Reverse DNS

host-81-74-225-10.business.telecomitalia.it

Software

Apache /

Resource Hash

40cbc7b9b62fdff8829b686fce564ab05d5fa144d343e88e575310c2619aa0a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cms.tim.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 15:10:00 GMT
strict-transport-security: max-age=31536000; preload
content-encoding: gzip
via: http/1.1 ts-mi2-1.cdn.interbusiness.it (), http/1.1 se-rm4-7.cdn.interbusiness.it ()
age: 166
content-length: 3163
last-modified: Thu, 08 Jun 2023 20:12:02 GMT
server: Apache
etag: "3064-5fda3dd8fb3bc-gzip"
vary: Origin
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/javascript
x-frame-options: SAMEORIGIN
cache-control: max-age=1800
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: funnel, authorization, clientversion, Cache-Control, pragma, expires, accept, BusinessID, InteractionDate-Date, InteractionDate-Time, TransactionID, MessageId, SourceSystem, Channel, SessionID, devicetype, content-type, x-requested-with
expires: Fri, 16 Jun 2023 15:39:58 GMT

GET
H2 200 login-webmail.min.js Show response
risorse.tim.it/etc.clientlibs/login-webmail-2steps/clientlibs/ 356 B
453 B 539ms
534ms Script
application/javascript 81.74.225.10
ASN-IBSNAZ

General

Check archive.org

Show headers Download Go to

Full URL

https://risorse.tim.it/etc.clientlibs/login-webmail-2steps/clientlibs/login-webmail.min.js

Requested by

Host: cms.tim.it
URL: https://cms.tim.it/content/login-webmail-2steps/login.html?username=asd+password=gew

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

81.74.225.10 , Italy, ASN3269 (ASN-IBSNAZ, IT),

Reverse DNS

host-81-74-225-10.business.telecomitalia.it

Software

Apache /

Resource Hash

2b06adc1b820c9cf11a9f673e7c4b47d985248d71c851ef84669bd320627e4b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cms.tim.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 15:10:16 GMT
strict-transport-security: max-age=31536000; preload
content-encoding: gzip
via: http/1.1 ts-mi2-2.cdn.interbusiness.it (), http/1.1 se-rm4-7.cdn.interbusiness.it ()
age: 150
content-length: 250
last-modified: Fri, 09 Jun 2023 03:14:27 GMT
server: Apache
etag: "164-5fda9c447bb93-gzip"
vary: Origin
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/javascript
x-frame-options: SAMEORIGIN
cache-control: max-age=1800
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: funnel, authorization, clientversion, Cache-Control, pragma, expires, accept, BusinessID, InteractionDate-Date, InteractionDate-Time, TransactionID, MessageId, SourceSystem, Channel, SessionID, devicetype, content-type, x-requested-with
expires: Fri, 16 Jun 2023 15:40:16 GMT

GET
H2 200 login-webmail-cookie.min.js Show response
risorse.tim.it/etc.clientlibs/login-webmail-2steps/clientlibs/ 2 KB
851 B 539ms
535ms Script
application/javascript 81.74.225.10
ASN-IBSNAZ

General

Check archive.org

Show headers Download Go to

Full URL

https://risorse.tim.it/etc.clientlibs/login-webmail-2steps/clientlibs/login-webmail-cookie.min.js

Requested by

Host: cms.tim.it
URL: https://cms.tim.it/content/login-webmail-2steps/login.html?username=asd+password=gew

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

81.74.225.10 , Italy, ASN3269 (ASN-IBSNAZ, IT),

Reverse DNS

host-81-74-225-10.business.telecomitalia.it

Software

Apache /

Resource Hash

5775c6d56222c16e7d527709fda4096d57c3e6e9653cd7b924c2f95143e0434f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cms.tim.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 15:10:32 GMT
strict-transport-security: max-age=31536000; preload
content-encoding: gzip
via: http/1.1 ts-mi2-3.cdn.interbusiness.it (), http/1.1 se-rm4-7.cdn.interbusiness.it ()
age: 134
content-length: 708
last-modified: Thu, 08 Jun 2023 21:54:23 GMT
server: Apache
etag: "678-5fda54b9ac5c6-gzip"
vary: Origin
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/javascript
x-frame-options: SAMEORIGIN
cache-control: max-age=1800
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: funnel, authorization, clientversion, Cache-Control, pragma, expires, accept, BusinessID, InteractionDate-Date, InteractionDate-Time, TransactionID, MessageId, SourceSystem, Channel, SessionID, devicetype, content-type, x-requested-with
expires: Fri, 16 Jun 2023 15:40:32 GMT

GET
H2 200 login-webmail-banner-app.min.js Show response
risorse.tim.it/etc.clientlibs/login-webmail-2steps/clientlibs/ 2 KB
1 KB 552ms
547ms Script
application/javascript 81.74.225.10
ASN-IBSNAZ

General

Check archive.org

Show headers Download Go to

Full URL

https://risorse.tim.it/etc.clientlibs/login-webmail-2steps/clientlibs/login-webmail-banner-app.min.js

Requested by

Host: cms.tim.it
URL: https://cms.tim.it/content/login-webmail-2steps/login.html?username=asd+password=gew

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

81.74.225.10 , Italy, ASN3269 (ASN-IBSNAZ, IT),

Reverse DNS

host-81-74-225-10.business.telecomitalia.it

Software

Apache /

Resource Hash

e528f93ee73db376c8670b133cd3bb7b49ef8c922fd93551d085ba765e21009b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cms.tim.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 14:54:26 GMT
strict-transport-security: max-age=31536000; preload
content-encoding: gzip
via: http/1.1 se-mi1-18.cdn.interbusiness.it (), http/1.1 se-rm4-7.cdn.interbusiness.it ()
age: 1100
content-length: 831
last-modified: Fri, 09 Jun 2023 06:58:19 GMT
server: Apache
etag: "725-5fdace4d69cc6-gzip"
vary: Origin
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/javascript
x-frame-options: SAMEORIGIN
cache-control: max-age=1800
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: funnel, authorization, clientversion, Cache-Control, pragma, expires, accept, BusinessID, InteractionDate-Date, InteractionDate-Time, TransactionID, MessageId, SourceSystem, Channel, SessionID, devicetype, content-type, x-requested-with
expires: Fri, 16 Jun 2023 15:24:26 GMT

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 69 B
307 B 113ms
46ms XHR
application/json 2606:4700::6812:1d26
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1d26 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

18d1b370b94460a4cc0b6b03ac81cda1aba4db285000f52bc8e0f4b16d77c813

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept: application/json
Referer: https://cms.tim.it/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 15:12:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
cf-ray: 7d83fe2f7ca161aa-ORD
access-control-allow-headers: Content-Type

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/202305.1.0/ 403 KB
97 KB 39ms
35ms Script
application/javascript 2606:4700::6812:a972
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202305.1.0/otBannerSdk.js

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:a972 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ed3a69e3267f056582ed012f7252319adb227fed203a4781eb820ea732aa4594

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cms.tim.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 16 Jun 2023 15:12:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: fuN6EZWNAh2xn3yE+0HSRQ==
age: 65955
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 99428
x-ms-lease-status: unlocked
last-modified: Fri, 02 Jun 2023 06:37:27 GMT
server: cloudflare
etag: 0x8DB6333D52F98D1
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 29652833-001e-0074-2466-955ea0000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7d83fe34bd492bab-ORD

GET
H2 200 P62AC5734-70D2-439D-8494-F369D681BEB1.js Show response
cdn-gl.imrworldwide.com/conf/ 28 KB
7 KB 393ms
46ms Script
application/javascript 2600:9000:210b:ac00:2:42d9:3100:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-gl.imrworldwide.com/conf/P62AC5734-70D2-439D-8494-F369D681BEB1.js
Requested by: Host: cms.tim.it
URL: https://cms.tim.it/content/login-webmail-2steps/login.html?username=asd+password=gew
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:210b:ac00:2:42d9:3100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4cabc5a651af6098542bae19ac1ba58a6f3adac59527ac4581151b6ba9bb912d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cms.tim.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id: lw_rZ5oME3huUa4Ng3dWYLKmynvUspLY
content-encoding: gzip
via: 1.1 37cc5671352ec3ac8f0d6d7b7c988e80.cloudfront.net (CloudFront)
date: Fri, 16 Jun 2023 14:23:55 GMT
last-modified: Fri, 16 Jun 2023 13:16:58 GMT
server: AmazonS3
x-amz-cf-pop: EWR53-C3
age: 2933
x-amz-server-side-encryption: AES256
etag: W/"b2ed27b958030279299da9464fbcc488"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400,s-maxage=86400
x-amz-cf-id: LziYXiEXAox3u7sSBv7oQOMP-XgR2XY7zArdPkbEXg-JY3MfH6PjKw==

GET
DATA 200
OK truncated
/ 11 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9c98f3c5f9421f8b30307d17a4c6c77aa583dbace4d69fd737d43acf336d52dc

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 513 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 34f9db946e89f031a80dfca7b16b2b686469c9886441261ae70a44da1dfa2d58

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 TIMSans-Medium.woff2
risorse.tim.it/etc.clientlibs/login-webmail-2steps/clientlibs/clientlib-base/resources/font/tim-sans/TIMSans-Medium/ 41 KB
42 KB 744ms
371ms Font
font/woff2 81.74.225.10
ASN-IBSNAZ

General

Check archive.org

Show headers Download Go to

Full URL

https://risorse.tim.it/etc.clientlibs/login-webmail-2steps/clientlibs/clientlib-base/resources/font/tim-sans/TIMSans-Medium/TIMSans-Medium.woff2

Requested by

Host: risorse.tim.it
URL: https://risorse.tim.it/etc.clientlibs/login-webmail-2steps/clientlibs/clientlib-base/resources/css/main.min.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

81.74.225.10 , Italy, ASN3269 (ASN-IBSNAZ, IT),

Reverse DNS

host-81-74-225-10.business.telecomitalia.it

Software

Apache /

Resource Hash

5891e62800c4390940b4fb8c7bce51a76a10100cce30c7332e79348a1d13d2cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

Referer: https://risorse.tim.it/etc.clientlibs/login-webmail-2steps/clientlibs/clientlib-base/resources/css/main.min.css
Origin: https://cms.tim.it
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 08:43:30 GMT
strict-transport-security: max-age=31536000; preload
content-encoding: gzip
via: http/1.1 ts-mi1-1.cdn.interbusiness.it (), http/1.1 se-rm4-7.cdn.interbusiness.it ()
age: 109757
content-length: 42352
last-modified: Fri, 09 Jun 2023 06:24:45 GMT
server: Apache
etag: "a554-5fdac6cd3d222-gzip"
vary: Origin
access-control-allow-methods: POST, GET, OPTIONS
content-type: font/woff2
access-control-allow-origin: https://cms.tim.it
cache-control: max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: funnel, authorization, clientversion, Cache-Control, pragma, expires, accept, BusinessID, InteractionDate-Date, InteractionDate-Time, TransactionID, MessageId, SourceSystem, Channel, SessionID, devicetype, content-type, x-requested-with
expires: Fri, 14 Jun 2024 08:43:30 GMT

GET
H2 200 TIMSans-Light.woff2
risorse.tim.it/etc.clientlibs/login-webmail-2steps/clientlibs/clientlib-base/resources/font/tim-sans/TIMSans-Light/ 39 KB
40 KB 956ms
584ms Font
font/woff2 81.74.225.10
ASN-IBSNAZ

General

Check archive.org

Show headers Download Go to

Full URL

https://risorse.tim.it/etc.clientlibs/login-webmail-2steps/clientlibs/clientlib-base/resources/font/tim-sans/TIMSans-Light/TIMSans-Light.woff2

Requested by

Host: risorse.tim.it
URL: https://risorse.tim.it/etc.clientlibs/login-webmail-2steps/clientlibs/clientlib-base/resources/css/main.min.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

81.74.225.10 , Italy, ASN3269 (ASN-IBSNAZ, IT),

Reverse DNS

host-81-74-225-10.business.telecomitalia.it

Software

Apache /

Resource Hash

0b7618b9ce533397a396d899972fb445f579cbef35c70873744c6afd2e2a3729

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://risorse.tim.it/etc.clientlibs/login-webmail-2steps/clientlibs/clientlib-base/resources/css/main.min.css
Origin: https://cms.tim.it
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 13:10:07 GMT
strict-transport-security: max-age=31536000; preload
content-encoding: gzip
via: http/1.1 ts-mi2-2.cdn.interbusiness.it (), http/1.1 se-rm4-7.cdn.interbusiness.it ()
age: 7360
content-length: 40434
last-modified: Sat, 10 Jun 2023 19:53:57 GMT
server: Apache
etag: "9ddc-5fdcbd8976f74-gzip"
vary: Origin
access-control-allow-methods: POST, GET, OPTIONS
content-type: font/woff2
access-control-allow-origin: https://cms.tim.it
cache-control: max-age=31536000
access-control-allow-credentials: true
x-frame-options: SAMEORIGIN
accept-ranges: bytes
access-control-allow-headers: funnel, authorization, clientversion, Cache-Control, pragma, expires, accept, BusinessID, InteractionDate-Date, InteractionDate-Time, TransactionID, MessageId, SourceSystem, Channel, SessionID, devicetype, content-type, x-requested-with
expires: Sat, 15 Jun 2024 13:10:07 GMT

GET
H2 200 it.json Show response
cdn.cookielaw.org/consent/19592410-edaf-48e3-8faa-9053afe70fee/314ef6ab-5ebd-4ed9-8bda-c25e066659f5/ 291 KB
48 KB 156ms
155ms Fetch
application/x-javascript 2606:4700::6812:a972
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/19592410-edaf-48e3-8faa-9053afe70fee/314ef6ab-5ebd-4ed9-8bda-c25e066659f5/it.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202305.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:a972 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d1a88d022a07484ced7b2a0f8970d38d5876d41a9995bf1edfdb41dd076ce0c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cms.tim.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 16 Jun 2023 15:12:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: rmgohj3H25ikM2z/jRp7Ag==
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 49018
x-ms-lease-status: unlocked
last-modified: Tue, 06 Jun 2023 07:50:42 GMT
server: cloudflare
etag: 0x8DB6662BAB2240A
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 8a7ee4f8-a01e-0132-521c-a0c663000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7d83fe35a83e638a-ORD
expires: Sat, 17 Jun 2023 15:12:47 GMT

GET
H2 200 iab2Data.json Show response
cdn.cookielaw.org/vendorlist/ 379 KB
54 KB 200ms
199ms Fetch
application/x-javascript 2606:4700::6812:a972
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/vendorlist/iab2Data.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202305.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:a972 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bbb3b871d9fbaf690748584e9e21fdbed32b1d7a3250c41a9b3e6d044f25492d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cms.tim.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 16 Jun 2023 15:12:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: FR3srT7Xf2FFcJWQu8cvVA==
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 55237
x-ms-lease-status: unlocked
last-modified: Fri, 16 Jun 2023 06:40:33 GMT
server: cloudflare
etag: 0x8DB6E349609586B
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 6125393b-101e-0120-461e-a0f27f000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7d83fe35a843638a-ORD

GET
H2 200 googleData.json Show response
cdn.cookielaw.org/vendorlist/ 59 KB
17 KB 151ms
150ms Fetch
application/x-javascript 2606:4700::6812:a972
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/vendorlist/googleData.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202305.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:a972 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b980f9cb212d8c5ddaf769642ff595637cfa7bdd37c12349d37d421bd29004e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cms.tim.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 16 Jun 2023 15:12:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: wUlJKwbZtNvxpb+LLCf0kw==
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 17000
x-ms-lease-status: unlocked
last-modified: Fri, 16 Jun 2023 06:40:34 GMT
server: cloudflare
etag: 0x8DB6E34967F89C2
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: f50d4747-101e-00c1-361e-a0535f000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7d83fe35a848638a-ORD

GET
H2 200 otTCF.js Show response
cdn.cookielaw.org/scripttemplates/202305.1.0/ 67 KB
15 KB 46ms
46ms Script
application/javascript 2606:4700::6812:a972
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202305.1.0/otTCF.js

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202305.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:a972 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

28ed651acc8b89aa0ff6d9d19d3026c41bf80b05a4a5bfbd9805e68add5e6cdf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cms.tim.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 16 Jun 2023 15:12:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: cqYQfqFiH1Q2HF0tpsLohw==
age: 70163
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 14914
x-ms-lease-status: unlocked
last-modified: Fri, 02 Jun 2023 06:37:26 GMT
server: cloudflare
etag: 0x8DB6333D457A7D2
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: a3fb477a-901e-013a-4868-95dd10000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7d83fe35ae6b2bab-ORD

GET
H2 200 otCenterRounded.json Show response
cdn.cookielaw.org/scripttemplates/202305.1.0/assets/ 9 KB
3 KB 157ms
153ms Fetch
application/json 2606:4700::6812:a972
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202305.1.0/assets/otCenterRounded.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202305.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:a972 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d4e0b51db940e096731fbe30fb3b9367be7f56e67005d654ad088512e1811ecd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cms.tim.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 16 Jun 2023 15:12:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: Pti/u+fQP9FCIyxYOp1+Iw==
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 2640
x-ms-lease-status: unlocked
last-modified: Fri, 02 Jun 2023 06:37:20 GMT
server: cloudflare
etag: 0x8DB6333D11A5B08
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: ba410f11-f01e-0103-04d5-9c9db4000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7d83fe39dd03638a-ORD

GET
H2 200 otPcTab.json Show response
cdn.cookielaw.org/scripttemplates/202305.1.0/assets/v2/ 62 KB
13 KB 161ms
157ms Fetch
application/json 2606:4700::6812:a972
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202305.1.0/assets/v2/otPcTab.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202305.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:a972 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

32a8c8c75e0574d43215424909195c56e950e04c0839abec5e7cf5b0c0ac4282

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cms.tim.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 16 Jun 2023 15:12:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: icB0rlbk2rDhRv/9fRK6uA==
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 13388
x-ms-lease-status: unlocked
last-modified: Fri, 02 Jun 2023 06:37:22 GMT
server: cloudflare
etag: 0x8DB6333D2290B75
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: f6d39c94-c01e-0166-76d5-9c2ce9000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7d83fe39dd07638a-ORD

GET
H2 200 otCommonStyles.css Show response
cdn.cookielaw.org/scripttemplates/202305.1.0/assets/ 21 KB
4 KB 159ms
155ms Fetch
text/css 2606:4700::6812:a972
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202305.1.0/assets/otCommonStyles.css

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202305.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:a972 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d0c233d327541d2961f1cde9e53a6166279655f4d4041c1bc458ac1701827719

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cms.tim.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 16 Jun 2023 15:12:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: oWkBTLgDDXvrUsd93y/Zxg==
x-ms-lease-status: unlocked
last-modified: Fri, 02 Jun 2023 06:37:31 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: aeb39245-201e-0027-731c-a042af000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 7d83fe39dd09638a-ORD

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/SglpK98hSCn2CroR0bKRSJl5/ 416 KB
167 KB 161ms
45ms Script
text/javascript 2607:f8b0:4006:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/SglpK98hSCn2CroR0bKRSJl5/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2003 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

752d16411f4866d01a2fc6c8f984da8104367e264a8865a63714e2f8181f5a73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cms.tim.it/
Origin: https://cms.tim.it
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 19:33:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 70730
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170572
x-xss-protection: 0
last-modified: Sun, 11 Jun 2023 18:00:29 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 14 Jun 2024 19:33:58 GMT

GET
H2 200 nlsSDK600.bundle.min.js Show response
cdn-gl.imrworldwide.com/novms/js/2/ 199 KB
56 KB 54ms
52ms Script
application/javascript 2600:9000:210b:ac00:2:42d9:3100:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-gl.imrworldwide.com/novms/js/2/nlsSDK600.bundle.min.js
Requested by: Host: cdn-gl.imrworldwide.com
URL: https://cdn-gl.imrworldwide.com/conf/P62AC5734-70D2-439D-8494-F369D681BEB1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:210b:ac00:2:42d9:3100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 767a456e2a3d977102a5a4224d43f77ca39d3e196d21ba98e3849eb5061d1e5c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cms.tim.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id: qAuMC_cBXhFjiyzLuhpEoecYbuPbFf_p
content-encoding: gzip
via: 1.1 37cc5671352ec3ac8f0d6d7b7c988e80.cloudfront.net (CloudFront)
date: Fri, 16 Jun 2023 14:59:06 GMT
x-amz-cf-pop: EWR53-C3
age: 822
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-storage-class: INTELLIGENT_TIERING
last-modified: Mon, 12 Jun 2023 14:05:40 GMT
server: AmazonS3
etag: W/"f43d226b4110956140ab2e00da92026d"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400
x-amz-cf-id: bC2eqmtf0gitA9_eq-la-PS5Dm8Vh0mGZcGcD76oFUZn91y7u6-1sQ==

GET
H/1.1 200
OK id Show response
dpm.demdex.net/ 372 B
1 KB 422ms
101ms XHR
application/json 52.40.26.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=1AD1154452F152C00A490D4C%40AdobeOrg&d_nsid=0&ts=1686928368010

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/1eecba5bc341/a61c8f568034/launch-47d59cfadcb3.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.40.26.17 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-40-26-17.us-west-2.compute.amazonaws.com

Software

Resource Hash

9ca5a7ec2e7927d89ec1d5cc9c0fda723ec258ac500f43e769b28afee65fdc44

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://cms.tim.it/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

DCS: dcs-prod-usw2-1-v045-05c37f0cb.edge-usw2.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-TID: +RaGE+m/Rcs=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://cms.tim.it
Content-Type: application/json;charset=utf-8
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 315
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 AppMeasurement.min.js Show response
assets.adobedtm.com/extensions/EP6326e4d6b32f4a71ad5204459cc57d66/ 33 KB
12 KB 60ms
57ms Script
application/x-javascript 2600:141b:e800:1380::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/extensions/EP6326e4d6b32f4a71ad5204459cc57d66/AppMeasurement.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/1eecba5bc341/a61c8f568034/launch-47d59cfadcb3.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:e800:1380::1e80 Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 02e1c4508320ee6bc6b884c4de9a0d73e541b6735fa139cbd957a27f42c72140

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cms.tim.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

unused62: 8096267
date: Fri, 16 Jun 2023 15:12:48 GMT
content-encoding: gzip
last-modified: Thu, 16 Sep 2021 19:44:20 GMT
server: AkamaiNetStorage
etag: "b135e36e0ffbaaaebca4ed5a17a3a5c5:1631821460.47263"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://cms.tim.it
cache-control: no-cache
accept-ranges: bytes
timing-allow-origin: *
content-length: 12201
expires: Fri, 16 Jun 2023 16:12:48 GMT

GET
H2 200 AppMeasurement_Module_ActivityMap.min.js Show response
assets.adobedtm.com/extensions/EP6326e4d6b32f4a71ad5204459cc57d66/ 3 KB
2 KB 60ms
58ms Script
application/x-javascript 2600:141b:e800:1380::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/extensions/EP6326e4d6b32f4a71ad5204459cc57d66/AppMeasurement_Module_ActivityMap.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/1eecba5bc341/a61c8f568034/launch-47d59cfadcb3.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:e800:1380::1e80 Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: a176b44662d7eb55562527b7df840e6eb620d9f326989674a16f0765dc94f360

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cms.tim.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

unused62: 8096267
date: Fri, 16 Jun 2023 15:12:48 GMT
content-encoding: gzip
last-modified: Thu, 16 Sep 2021 19:44:20 GMT
server: AkamaiNetStorage
etag: "92ba45f9116eed843514845165336fae:1631821460.690196"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://cms.tim.it
cache-control: no-cache
accept-ranges: bytes
timing-allow-origin: *
content-length: 1594
expires: Fri, 16 Jun 2023 16:12:48 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306140101/ 408 KB
126 KB 46ms
43ms Script
text/javascript 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306140101/pubads_impl.js?cb=31075378

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5b70d8eb19ca32d244e29e759e816c343be893232978532c9d5943f838e60e0b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cms.tim.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 15:36:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 84957
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 129045
x-xss-protection: 0
server: cafe
etag: 16806126990728334555
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Fri, 14 Jun 2024 15:36:51 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 59 B
75 B 159ms
60ms XHR
application/json 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=cms.tim.it

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6cc1d5b204da74e8595da5ac330bcce5a2c7fe693a884a1da2a38f0ab034a573

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cms.tim.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 15:12:48 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51
x-xss-protection: 0
expires: Fri, 16 Jun 2023 15:12:48 GMT

GET
H2 200 TIMSans-Heavy.woff2
risorse.tim.it/etc.clientlibs/login-webmail-2steps/clientlibs/clientlib-base/resources/font/tim-sans/TIMSans-Heavy/ 43 KB
43 KB 174ms
173ms Font
font/woff2 81.74.225.10
ASN-IBSNAZ

General

Check archive.org

Show headers Download Go to

Full URL

https://risorse.tim.it/etc.clientlibs/login-webmail-2steps/clientlibs/clientlib-base/resources/font/tim-sans/TIMSans-Heavy/TIMSans-Heavy.woff2

Requested by

Host: risorse.tim.it
URL: https://risorse.tim.it/etc.clientlibs/login-webmail-2steps/clientlibs/clientlib-base/resources/css/main.min.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

81.74.225.10 , Italy, ASN3269 (ASN-IBSNAZ, IT),

Reverse DNS

host-81-74-225-10.business.telecomitalia.it

Software

Apache /

Resource Hash

213b653ca243de1ff187ccc7f2237353e7d0ab9566631b3238dbbcdbfe5f3acd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://risorse.tim.it/etc.clientlibs/login-webmail-2steps/clientlibs/clientlib-base/resources/css/main.min.css
Origin: https://cms.tim.it
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 09:04:23 GMT
strict-transport-security: max-age=31536000; preload
content-encoding: gzip
via: http/1.1 ts-mi1-2.cdn.interbusiness.it (), http/1.1 se-rm4-7.cdn.interbusiness.it ()
age: 22105
content-length: 43644
last-modified: Thu, 08 Jun 2023 20:31:16 GMT
server: Apache
etag: "aa60-5fda4225577d9-gzip"
vary: Origin
access-control-allow-methods: POST, GET, OPTIONS
content-type: font/woff2
access-control-allow-origin: https://cms.tim.it
cache-control: max-age=31536000
access-control-allow-credentials: true
x-frame-options: SAMEORIGIN
accept-ranges: bytes
access-control-allow-headers: funnel, authorization, clientversion, Cache-Control, pragma, expires, accept, BusinessID, InteractionDate-Date, InteractionDate-Time, TransactionID, MessageId, SourceSystem, Channel, SessionID, devicetype, content-type, x-requested-with
expires: Sat, 15 Jun 2024 09:04:23 GMT

GET
H2 200 ot_guard_logo.svg Show response
cdn.cookielaw.org/logos/static/ 497 B
573 B 136ms
135ms Fetch
image/svg+xml 2606:4700::6812:a972
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/logos/static/ot_guard_logo.svg

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202305.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:a972 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cms.tim.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 16 Jun 2023 15:12:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: tXyZydHjxQshFMbbBT1/8A==
x-ms-lease-status: unlocked
last-modified: Thu, 15 Jun 2023 19:30:18 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 2d4a82f9-101e-0049-441c-a0eb86000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 7d83fe3e9a38638a-ORD

GET
H2 200 logo_tim_2016.png
cdn.cookielaw.org/logos/340d4148-79e3-4ee0-bcc8-a0ecbed12342/aeabe8c0-2828-42e9-a85c-3b14fb025133/4fe6e4ab-9aaf-4091-8c3a-07550f3d85a4/ 9 KB
9 KB 42ms
41ms Image
image/png 2606:4700::6812:a972
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/340d4148-79e3-4ee0-bcc8-a0ecbed12342/aeabe8c0-2828-42e9-a85c-3b14fb025133/4fe6e4ab-9aaf-4091-8c3a-07550f3d85a4/logo_tim_2016.png

Requested by

Host: cms.tim.it
URL: https://cms.tim.it/content/login-webmail-2steps/login.html?username=asd+password=gew

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:a972 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5affd375074296b38633c3dfc253db6371485dace47abd31d7a76464afb7afde

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cms.tim.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 16 Jun 2023 15:12:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: 9cEAp5Jl8OAx536EAKu4hA==
age: 17176
content-length: 8888
x-ms-lease-status: unlocked
last-modified: Tue, 01 Mar 2022 15:33:03 GMT
server: cloudflare
etag: 0x8D9FB98C6DCC0D6
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: eea27970-f01e-0165-37e1-5a2fee000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7d83fe3ec81c2bab-ORD

GET
H2 200 powered_by_logo.svg
cdn.cookielaw.org/logos/static/ 5 KB
2 KB 36ms
35ms Image
image/svg+xml 2606:4700::6812:a972
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/static/powered_by_logo.svg

Requested by

Host: cms.tim.it
URL: https://cms.tim.it/content/login-webmail-2steps/login.html?username=asd+password=gew

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:a972 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cms.tim.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 16 Jun 2023 15:12:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: Y+c301RBZNK39PvKQWrIBw==
age: 67612
x-ms-lease-status: unlocked
last-modified: Wed, 14 Jun 2023 02:42:23 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: fa90ecf6-201e-0145-78ea-9e4322000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 7d83fe3ec81e2bab-ORD

GET
H2 200 ls.html Show response
cdn-gl.imrworldwide.com/novms/html/ Frame 3FCC 12 KB
4 KB 44ms
44ms Document
text/html 2600:9000:210b:ac00:2:42d9:3100:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-gl.imrworldwide.com/novms/html/ls.html
Requested by: Host: cdn-gl.imrworldwide.com
URL: https://cdn-gl.imrworldwide.com/novms/js/2/nlsSDK600.bundle.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:210b:ac00:2:42d9:3100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c1ca15aa8598ac972f25c8812a1c189cd22f8926ec7b890bc8ea6a70a7779fd1

Request headers

Referer: https://cms.tim.it/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 351
cache-control: max-age=86400
content-encoding: gzip
content-type: text/html
date: Fri, 16 Jun 2023 15:06:58 GMT
etag: W/"7fa83dfc7b78314b137e2eb13834daa7"
last-modified: Mon, 12 Jun 2023 14:05:39 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 37cc5671352ec3ac8f0d6d7b7c988e80.cloudfront.net (CloudFront)
x-amz-cf-id: MH76RzaQp2HeaWyRvWXA51xGcZGToxgb1anrBxTEEXq0SZ_pf6Dcjg==
x-amz-cf-pop: EWR53-C3
x-amz-server-side-encryption: AES256
x-amz-version-id: UYGZ3Pa9bEh3fzu3nt5h25aUF1xMbqst
x-cache: Hit from cloudfront

GET
H/1.1 200
OK dest5.html Show response
telecomitalia.demdex.net/ Frame B597 7 KB
3 KB 422ms
106ms Document
text/html 44.227.240.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://telecomitalia.demdex.net/dest5.html?d_nsid=0

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/1eecba5bc341/a61c8f568034/launch-47d59cfadcb3.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.227.240.43 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-227-240-43.us-west-2.compute.amazonaws.com

Software

Resource Hash

7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://cms.tim.it/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Accept-Ranges: bytes
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: text/html;charset=UTF-8
DCS: dcs-prod-usw2-2-v045-00bea09d7.edge-usw2.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: Ggy9KfuqSqE=
content-encoding: gzip
date: Fri, 16 Jun 2023 15:12:48 GMT
last-modified: Wed, 14 Jun 2023 11:08:07 GMT
transfer-encoding: chunked
vary: accept-encoding

GET
H/1.1

200
OK

ibs:dpid=411&dpuuid=ZIx78AAAAMYsdQNP
dpm.demdex.net/
Redirect Chain

https://cm.everesttech.net/cm/dd?d_uuid=86836728301342103842441646207494349223
https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZIx78AAAAMYsdQNP

42 B
942 B

100ms
100ms

Image
image/gif

52.40.26.17
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZIx78AAAAMYsdQNP

Requested by

Host: cms.tim.it
URL: https://cms.tim.it/content/login-webmail-2steps/login.html?username=asd+password=gew

Protocol

HTTP/1.1

Server

52.40.26.17 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-40-26-17.us-west-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cms.tim.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

DCS: dcs-prod-usw2-2-v045-012bbf750.edge-usw2.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: gIqr5SM9Rw0=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZIx78AAAAMYsdQNP
Date: Fri, 16 Jun 2023 15:12:48 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

GET
H2 200 s73379564744214
ssl-metrics.tim.it/b/ss/tivirmailservprod/1/JS-2.22.2-LBWB/ 43 B
372 B 375ms
102ms Image
image/gif 63.140.36.148
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl-metrics.tim.it/b/ss/tivirmailservprod/1/JS-2.22.2-LBWB/s73379564744214?AQB=1&ndh=1&pf=1&t=16%2F5%2F2023%2015%3A12%3A48%205%200&mid=85026000534322263493215481723873049818&aamlh=9&ce=UTF-8&pageName=VIR%3ACanale%20Mail%20e%20Servizi%3ATim%20Mail%3AHomePage%20Tim%20Mail&g=https%3A%2F%2Fcms.tim.it%2Fcontent%2Flogin-webmail-2steps%2Flogin.html%3Fusername%3Dasd%2Bpassword%3Dgew&cc=EUR&ch=Canale%20Mail%20e%20Servizi&events=event1&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&h1=Canale%20Mail%20e%20Servizi%2CTim%20Mail%2CHomePage%20Tim%20Mail&c9=MAIL%20E%20SERVIZI&v9=MAIL%20E%20SERVIZI&c10=mail.alice.it&v10=mail.alice.it&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=1AD1154452F152C00A490D4C%40AdobeOrg&AQE=1

Requested by

Host: cms.tim.it
URL: https://cms.tim.it/content/login-webmail-2steps/login.html?username=asd+password=gew

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.140.36.148 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-63-140-36-148.data.adobedc.net

Software

jag /

Resource Hash

a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cms.tim.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Jun 2023 15:12:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
last-modified: Sat, 17 Jun 2023 15:12:49 GMT
server: jag
etag: 3622651089777754112-4619667425577810243
vary: *
p3p: CP="This is not a P3P policy"
access-control-allow-origin: *
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0, no-transform, private
content-length: 43
x-xss-protection: 1; mode=block
expires: Thu, 15 Jun 2023 15:12:49 GMT

GET
H2 200 gn
secure-it.imrworldwide.com/cgi-bin/ Frame 3FCC 44 B
720 B 689ms
147ms Image
image/gif 52.210.109.2
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-it.imrworldwide.com/cgi-bin/gn?prd=session&c9=devid,&c13=asid,P62AC5734-70D2-439D-8494-F369D681BEB1&sessionId=ohvbg03qrgallkqfs7wjftnracusi1686928368&c16=sdkv,bj.6.0.0&uoo=&fp_id=&fp_cr_tm=&fp_acc_tm=&fp_emm_tm=&ve_id=&c30=bldv,6.0.0.663&uid2=&uid2_token=&hem_sha256=&hem_sha1=&hem_md5=&hem_unknown=&sdd=&retry=0
Requested by: Host: cms.tim.it
URL: https://cms.tim.it/content/login-webmail-2steps/login.html?username=asd+password=gew
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.210.109.2 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-109-2.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cdn-gl.imrworldwide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Jun 2023 15:12:49 GMT
server: nginx
accept-ch: Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-methods: POST, OPTIONS
p3p: P3P policyref="http://secure-it.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
cross-origin-resource-policy: cross-origin
content-length: 44
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2 200 /
ohvbg03qrgallkqfs7wjftnracusi1686928368.nuid.imrworldwide.com/ Frame 3FCC 35 B
352 B 278ms
44ms Image
image/gif 2600:9000:2510:7400:1d:667e:2a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ohvbg03qrgallkqfs7wjftnracusi1686928368.nuid.imrworldwide.com/
Requested by: Host: cms.tim.it
URL: https://cms.tim.it/content/login-webmail-2steps/login.html?username=asd+password=gew
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2510:7400:1d:667e:2a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cdn-gl.imrworldwide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 13:27:22 GMT
via: 1.1 5a7c529ef93438ca768c3432355a6e72.cloudfront.net (CloudFront)
last-modified: Tue, 11 Sep 2018 17:05:20 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P5
age: 6327
etag: "c2196de8ba412c60c22ab491af7b1409"
x-cache: Hit from cloudfront
content-type: image/gif
accept-ranges: bytes
content-length: 35
x-amz-cf-id: hqmLnZR_ONdBTFZ1qzQPQBnZIUHwztyOKU6k8_ZUWhIJk_0V8Oq50A==

GET
H2 200 gn
secure-it.imrworldwide.com/cgi-bin/ 44 B
596 B 146ms
145ms Image
image/gif 52.210.109.2
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-it.imrworldwide.com/cgi-bin/gn?prd=dcr&ci=it-801693&ch=it-801693_c02_TelecomItaliaMail_BRW_S&asn=TelecomItaliaMail_BRW&fp_id=&fp_cr_tm=&fp_acc_tm=&fp_emm_tm=&ve_id=&sessionId=ohvbg03qrgallkqfs7wjftnracusi1686928368&prv=1&c6=vc,c02&ca=NA&c13=asid,P62AC5734-70D2-439D-8494-F369D681BEB1&c32=segA,NA&c33=segB,NA&c34=segC,NA&c15=apn,&sup=1&segment2=&segment1=&forward=0&plugv=&playerv=&ad=0&cr=V&c9=devid,&enc=true&c1=nuid,kicod1qzqsa2xgqkma3xgb9gg10ts1686928368&at=view&rt=text&c16=sdkv,bj.6.0.0&c27=cln,0&crs=&lat=&lon=&c29=plid,16869283684687970&c30=bldv,6.0.0.663&st=dcr&c7=osgrp,&c8=devgrp,&c10=plt,&c40=adbid,&c14=osver,NA&c26=dmap,1&dd=&hrd=&wkd=&c35=adrsid,&c36=cref1,&c37=cref2,&c11=agg,1&c12=apv,&c51=adl,0&c52=noad,0&pc=NA&c53=fef,n&c54=oad,&c55=cref3,&c57=adldf,2&ai=TelecomItaliaMailBRWLoginHome&c3=st,c&c64=starttm,1686928369&adid=TelecomItaliaMailBRWLoginHome&c58=isLive,false&c59=sesid,&c61=createtm,1686928369&c63=pipMode,&uoo=&c68=bndlid,&nodeTM=&logTM=&c73=phtype,&c74=dvcnm,&c76=adbsnid,&c44=progen,&davty=0&si=https%3A%2F%2Fcms.tim.it%2Fcontent%2Flogin-webmail-2steps%2Flogin.html%3Fusername%3Dasd%2Bpassword%3Dgew&c66=mediaurl,&sdd=&c62=sendTime,1686928369&rnd=276337
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.210.109.2 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-109-2.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cms.tim.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Jun 2023 15:12:50 GMT
server: nginx
accept-ch: Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-methods: POST, OPTIONS
p3p: P3P policyref="http://secure-it.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
cross-origin-resource-policy: cross-origin
content-length: 44
expires: Thu, 01 Dec 1994 16:00:00 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Microsoft (Consumer)

133 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.tim.it/	1970-01-20 16:54:40	Name: OptanonConsent Value: isGpcEnabled=0&datestamp=Fri+Jun+16+2023+15%3A12%3A48+GMT%2B0000+(GMT)&version=202305.1.0&browserGpcFlag=0&isIABGlobal=false&hosts=&consentId=df40991f-5c89-41fa-bc25-35b6d4f84800&interactionCount=0&landingPath=https%3A%2F%2Fcms.tim.it%2Fcontent%2Flogin-webmail-2steps%2Flogin.html%3Fusername%3Dasd+password%3Dgew&groups=BG602%3A1%2CC0001%3A1%2CC0007%3A0%2CC0002%3A0%2CBG603%3A0%2CC0004%3A0%2CC0003%3A0%2CC0005%3A0
.demdex.net/	1970-01-20 16:54:40	Name: demdex Value: 86836728301342103842441646207494349223
.tim.it/	1969-12-31 23:59:59	Name: AMCVS_1AD1154452F152C00A490D4C%40AdobeOrg Value: 1
.tim.it/	1969-12-31 23:59:59	Name: s_cc Value: true
.everesttech.net/	1970-01-20 21:21:04	Name: everest_g_v2 Value: g_surferid~ZIx78AAAAMYsdQNP
.dpm.demdex.net/	1970-01-20 16:54:40	Name: dpm Value: 86836728301342103842441646207494349223
.tim.it/	1970-01-20 22:11:28	Name: AMCV_1AD1154452F152C00A490D4C%40AdobeOrg Value: -1124106680%7CMCIDTS%7C19525%7CMCMID%7C85026000534322263493215481723873049818%7CMCAAMLH-1687533168%7C9%7CMCAAMB-1687533168%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1686935568s%7CNONE%7CMCSYNCSOP%7C411-19532%7CvVersion%7C5.2.0
.imrworldwide.com/	1970-01-20 21:57:04	Name: IMRID Value: 41aa01a1-0c58-11ee-9dad-99c4d3391b45

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assets.adobedtm.com
cdn-gl.imrworldwide.com
cdn.cookielaw.org
cm.everesttech.net
cms.tim.it
dpm.demdex.net
geolocation.onetrust.com
ohvbg03qrgallkqfs7wjftnracusi1686928368.nuid.imrworldwide.com
risorse.tim.it
secure-it.imrworldwide.com
securepubads.g.doubleclick.net
ssl-metrics.tim.it
telecomitalia.demdex.net
www.google.com
www.gstatic.com
156.54.0.72
2600:141b:e800:1380::1e80
2600:9000:210b:ac00:2:42d9:3100:93a1
2600:9000:2510:7400:1d:667e:2a40:93a1
2606:4700::6812:1d26
2606:4700::6812:a972
2607:f8b0:4006:81c::2004
2607:f8b0:4006:820::2003
2607:f8b0:4006:824::2002
44.227.240.43
52.210.109.2
52.40.26.17
52.55.14.216
63.140.36.148
81.74.225.10
02e1c4508320ee6bc6b884c4de9a0d73e541b6735fa139cbd957a27f42c72140
0b7618b9ce533397a396d899972fb445f579cbef35c70873744c6afd2e2a3729
0be44b8963766e88bfb1034f5cf93deb8710ec30e7a54537ff463951c5976234
16ded92a17f35054f28df52abca8e0f544a853f3701e6e8af05202cbba8505d8
18d1b370b94460a4cc0b6b03ac81cda1aba4db285000f52bc8e0f4b16d77c813
1e0e7eb07413a758a8f30549cdc3be52f24ebf123b95c3c690309e4750dfee1e
213b653ca243de1ff187ccc7f2237353e7d0ab9566631b3238dbbcdbfe5f3acd
28ed651acc8b89aa0ff6d9d19d3026c41bf80b05a4a5bfbd9805e68add5e6cdf
2b06adc1b820c9cf11a9f673e7c4b47d985248d71c851ef84669bd320627e4b8
32a8c8c75e0574d43215424909195c56e950e04c0839abec5e7cf5b0c0ac4282
34f9db946e89f031a80dfca7b16b2b686469c9886441261ae70a44da1dfa2d58
40cbc7b9b62fdff8829b686fce564ab05d5fa144d343e88e575310c2619aa0a8
41be1cf66d5f2a5e356d650205c8a6031fa238bcdef0a4d1e167712ab643fd51
4cabc5a651af6098542bae19ac1ba58a6f3adac59527ac4581151b6ba9bb912d
5775c6d56222c16e7d527709fda4096d57c3e6e9653cd7b924c2f95143e0434f
5891e62800c4390940b4fb8c7bce51a76a10100cce30c7332e79348a1d13d2cb
5affd375074296b38633c3dfc253db6371485dace47abd31d7a76464afb7afde
5b70d8eb19ca32d244e29e759e816c343be893232978532c9d5943f838e60e0b
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6cc1d5b204da74e8595da5ac330bcce5a2c7fe693a884a1da2a38f0ab034a573
737fe3f2c3ee0772bba99e2d7554c97ba0c2335172c207496c4cf2fea6b5ea3a
752d16411f4866d01a2fc6c8f984da8104367e264a8865a63714e2f8181f5a73
767a456e2a3d977102a5a4224d43f77ca39d3e196d21ba98e3849eb5061d1e5c
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
9c98f3c5f9421f8b30307d17a4c6c77aa583dbace4d69fd737d43acf336d52dc
9ca5a7ec2e7927d89ec1d5cc9c0fda723ec258ac500f43e769b28afee65fdc44
a176b44662d7eb55562527b7df840e6eb620d9f326989674a16f0765dc94f360
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
ad79fb9f60f0b92f9ff249de37ab2046538d81d6e39283cd8c182468b051f149
b0c6fb87a881dbc18c152a84d1d53cf36d0cdf4f377bfaf6776bd4021dfe486c
b62855e46f5962191adfebef801f66ee465d502e9acf0bd1378b393721b073f3
b980f9cb212d8c5ddaf769642ff595637cfa7bdd37c12349d37d421bd29004e0
bb462a24eef290bb508dfd155c8d94e5220b203109f6574184723f9ea252f9e9
bbb3b871d9fbaf690748584e9e21fdbed32b1d7a3250c41a9b3e6d044f25492d
c1ca15aa8598ac972f25c8812a1c189cd22f8926ec7b890bc8ea6a70a7779fd1
ca6ab68c746d548b8cb2c1e02a4795a5eaaed4dfd237d436a9d838ffa2441933
d0c233d327541d2961f1cde9e53a6166279655f4d4041c1bc458ac1701827719
d1a88d022a07484ced7b2a0f8970d38d5876d41a9995bf1edfdb41dd076ce0c8
d4e0b51db940e096731fbe30fb3b9367be7f56e67005d654ad088512e1811ecd
d70898110d564a9e912a483cfc9d2f594f3a33548efbd7d9af712267676e8f5e
e528f93ee73db376c8670b133cd3bb7b49ef8c922fd93551d085ba765e21009b
ed3a69e3267f056582ed012f7252319adb227fed203a4781eb820ea732aa4594
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

cms.tim.it Open in urlscan Pro 156.54.0.72 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

45 Requests

98 %HTTPS

53 %IPv6

10 Domains

15 Subdomains

15 IPs

3 Countries

1213 kBTransfer

4191 kBSize

8 Cookies

17 Outgoing links

Redirected requests

45 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

cms.tim.it Open in urlscan Pro
156.54.0.72 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

45
Requests

98 %
HTTPS

53 %
IPv6

10
Domains

15
Subdomains

15
IPs

3
Countries

1213 kB
Transfer

4191 kB
Size

8
Cookies

45 HTTP transactions
2 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!