auth.tim.it Open in urlscan Pro
156.54.82.108 Public Scan

URL:
https://auth.tim.it/
Submission: On September 06 via manual (September 6th 2021, 3:28:32 pm UTC) from IT

Summary HTTP 100 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 24 IPs in 5 countries across 12 domains to perform 100 HTTP transactions. The main IP is 156.54.82.108, located in Istrana, Italy and belongs to ASN-IBSNAZ, IT. The main domain is auth.tim.it.
TLS certificate: Issued by TI Trust Technologies OV CA on September 1st 2021. Valid for: a year.

This is the only time auth.tim.it was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	156.54.82.108 156.54.82.108	3269 (ASN-IBSNAZ) (ASN-IBSNAZ)
23	156.54.82.85 156.54.82.85	20746 (ASN-IDC T...) (ASN-IDC T.NO.OM.I.NC)
3	156.54.82.86 156.54.82.86	20746 (ASN-IDC T...) (ASN-IDC T.NO.OM.I.NC)
2 4	37.157.2.235 37.157.2.235	198622 (ADFORM) (ADFORM)
2	37.157.2.248 37.157.2.248	198622 (ADFORM) (ADFORM)
1	2a00:1450:400... 2a00:1450:4001:80f::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c04::9c	15169 (GOOGLE) (GOOGLE)
4 13	2a00:1450:400... 2a00:1450:4001:831::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
3	99.86.4.113 99.86.4.113	16509 (AMAZON-02) (AMAZON-02)
1 4	37.157.4.41 37.157.4.41	198622 (ADFORM) (ADFORM)
7	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
8	2a00:1450:400... 2a00:1450:4001:829::2008	15169 (GOOGLE) (GOOGLE)
4	2a03:2880:f01... 2a03:2880:f01c:216:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1 2	142.250.186.38 142.250.186.38	15169 (GOOGLE) (GOOGLE)
1	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
6	2a03:2880:f11... 2a03:2880:f11c:8083:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1 6	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
12	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
3 6	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
100	24

1 156.54.82.108 (Istrana, Italy)

ASN3269 (ASN-IBSNAZ, IT)

auth.tim.it	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 156.54.82.85 (Istrana, Italy)

ASN20746 (ASN-IDC T.NO.OM.I.NC, IT)

static.tim.it	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 156.54.82.86 (Istrana, Italy)

ASN20746 (ASN-IDC T.NO.OM.I.NC, IT)

img.tim.it	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.157.2.235 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

track.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.2.248 (Denmark)

ASN198622 (ADFORM, DK)

s2.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c04::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:831::2004 (Frankfurt am Main, Germany) 4 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 99.86.4.113 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-113.fra6.r.cloudfront.net

cdn.fanplayr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.157.4.41 (Denmark) 1 redirects

ASN198622 (ADFORM, DK)

dmp.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:829::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f01c:216:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.38 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f6.1e100.net

9365760.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a03:2880:f11c:8083:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany) 3 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
27	tim.it auth.tim.it static.tim.it img.tim.it	244 KB
15	doubleclick.net 5 redirects stats.g.doubleclick.net 9365760.fls.doubleclick.net googleads.g.doubleclick.net	12 KB
14	google.de www.google.de adservice.google.de	1 KB
14	google.com 4 redirects www.google.com adservice.google.com	1 KB
10	adform.net 3 redirects track.adform.net s2.adform.net dmp.adform.net	40 KB
9	googletagmanager.com www.googletagmanager.com	344 KB
7	bing.com bat.bing.com	10 KB
6	facebook.com www.facebook.com	799 B
4	facebook.net connect.facebook.net	288 KB
3	fanplayr.com cdn.fanplayr.com	71 KB
2	google-analytics.com www.google-analytics.com	19 KB
1	googleadservices.com www.googleadservices.com	14 KB
100	12

	Domain	Requested by
23	static.tim.it	auth.tim.it
13	www.google.de	auth.tim.it track.adform.net
13	www.google.com	4 redirects auth.tim.it track.adform.net
12	googleads.g.doubleclick.net	4 redirects www.googleadservices.com
9	www.googletagmanager.com	auth.tim.it track.adform.net www.googletagmanager.com
7	bat.bing.com	auth.tim.it bat.bing.com track.adform.net
6	www.facebook.com	track.adform.net
4	connect.facebook.net	auth.tim.it connect.facebook.net
4	dmp.adform.net	1 redirects track.adform.net dmp.adform.net
4	track.adform.net	2 redirects auth.tim.it track.adform.net
3	cdn.fanplayr.com	track.adform.net cdn.fanplayr.com
3	img.tim.it	auth.tim.it
2	9365760.fls.doubleclick.net	1 redirects auth.tim.it
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	s2.adform.net	auth.tim.it track.adform.net
1	adservice.google.de	adservice.google.com
1	adservice.google.com	9365760.fls.doubleclick.net
1	www.googleadservices.com	www.googletagmanager.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	auth.tim.it
100	20

This site contains links to these domains. Also see Links.

Domain
www.tim.it

Subject Issuer	Validity	Valid
auth.tim.it TI Trust Technologies OV CA	`2021-09-01` - `2022-09-20`	a year	crt.sh
static.tim.it TI Trust Technologies OV CA	`2020-06-23` - `2022-06-25`	2 years	crt.sh
img.tim.it TI Trust Technologies OV CA	`2020-07-20` - `2022-07-22`	2 years	crt.sh
track.adform.net DigiCert SHA2 Secure Server CA	`2019-09-16` - `2021-09-20`	2 years	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
*.fanplayr.com Amazon	`2021-01-23` - `2022-02-20`	a year	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2021-07-06` - `2022-01-06`	6 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-07-20` - `2021-10-18`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh

This page contains 5 frames:

Primary Page: https://auth.tim.it/
Frame ID: 21D57D78079C495027FA6A96E76BA748
Requests: 38 HTTP requests in this frame

Frame: https://track.adform.net/serving/container/?pm=307530&lid=20317932&ctype=0&media=0&PageName=TIM%7cnull%7cnull%7cHome_Page&rnd=1577127971&cpref=&loc=https%3a%2f%2fauth.tim.it%2f
Frame ID: 7C9E6B06776A8B25AE790B64AE8F224E
Requests: 59 HTTP requests in this frame

Frame: https://9365760.fls.doubleclick.net/activityi;dc_pre=CLi4j-HU6vICFWXAUQodHJULWg;src=9365760;type=invmedia;cat=tim_f00;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=8648802347778.024
Frame ID: 6E2A37B4ADA43B5378CDB4311579F65F
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CLi4j-HU6vICFWXAUQodHJULWg;src=9365760;type=invmedia;cat=tim_f00;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=8648802347778.024;~oref=https://track.adform.net/
Frame ID: 0673EA77F16E8741ED20ECFB46B42600
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.de/ddm/fls/i/dc_pre=CLi4j-HU6vICFWXAUQodHJULWg;src=9365760;type=invmedia;cat=tim_f00;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=8648802347778.024;~oref=https://track.adform.net/
Frame ID: 60420E1E7569B0FBCE441A48D5B55AAF
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Pagina non trovata

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

script /(?:\/([\d.]+))?(?:\/js)?\/bootstrap(?:\.min)?\.js/i

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

FlexSlider (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /jquery\.flexslider(?:\.min)?\.js$/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

html /googletagmanager\.com\/ns\.html[^>]+><\/iframe>/i
html //i

Modernizr (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /([\d.]+)?\/modernizr(?:.([\d.]+))?.*\.js/i

Slick (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /(?:\/([\d.]+))?\/slick(?:\.min)?\.js/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery[.-]([\d.]*\d)[^/]*\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
script /jquery\.flexslider(?:\.min)?\.js$/i
script /(?:\/([\d.]+))?\/slick(?:\.min)?\.js/i

Page Statistics

100
Requests

100 %
HTTPS

63 %
IPv6

12
Domains

20
Subdomains

24
IPs

5
Countries

1043 kB
Transfer

3220 kB
Size

6
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://www.tim.it/
Title:

Search URL Search Domain Scan URL

URL: https://www.tim.it/assistenza/supporto-alla-registrazione
Title: Hai bisogno di aiuto?

Search URL Search Domain Scan URL

URL: https://www.tim.it/assistenza/i-consumatori/info-consumatori-mobile/web-privacy-policy
Title: Privacy

Search URL Search Domain Scan URL

URL: https://www.tim.it/note-legali
Title: Note legali

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 26

https://track.adform.net/serving/scripts/trackpoint/async/ HTTP 301
https://s2.adform.net/banners/scripts/st/trackpoint-async.js

Request Chain 33

https://track.adform.net/Serving/TrackPoint/?pm=307530&ADFPageName=TIM%7Cnull%7Cnull%7CHome_Page&ADFdivider=%7C&ord=545676428566&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&itm=eyJzdjMiOiIiLCJzdjQiOiIiLCJzdjUiOiIiLCJzdjYiOiIiLCJzdjciOiIiLCJzdjgiOiIiLCJzdjkiOiIiLCJzdjEwIjoiIiwic3YxMSI6IiIsInN2MTIiOiIiLCJzdjEzIjoiIiwic3YxNCI6IiIsInN2MTUiOiIiLCJzdjE2IjoiIiwic3YxNyI6IiIsInN2MTgiOiIiLCJzdjE5IjoiIiwic3YyMCI6IiIsInN2MjEiOiIiLCJzdjIyIjoiIiwic3YyMyI6IiIsInN2MjQiOiIiLCJzdjI1IjoiIiwic3YyNiI6IiIsInN2MjciOiIiLCJzdjI4IjoiIiwic3YyOSI6IiJ9&loc=https%3A%2F%2Fauth.tim.it%2F HTTP 302
https://track.adform.net/Serving/TrackPoint/?CC=1&pm=307530&ADFPageName=TIM%7Cnull%7Cnull%7CHome_Page&ADFdivider=%7C&ord=545676428566&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&itm=eyJzdjMiOiIiLCJzdjQiOiIiLCJzdjUiOiIiLCJzdjYiOiIiLCJzdjciOiIiLCJzdjgiOiIiLCJzdjkiOiIiLCJzdjEwIjoiIiwic3YxMSI6IiIsInN2MTIiOiIiLCJzdjEzIjoiIiwic3YxNCI6IiIsInN2MTUiOiIiLCJzdjE2IjoiIiwic3YxNyI6IiIsInN2MTgiOiIiLCJzdjE5IjoiIiwic3YyMCI6IiIsInN2MjEiOiIiLCJzdjIyIjoiIiwic3YyMyI6IiIsInN2MjQiOiIiLCJzdjI1IjoiIiwic3YyNiI6IiIsInN2MjciOiIiLCJzdjI4IjoiIiwic3YyOSI6IiJ9&loc=https%3A%2F%2Fauth.tim.it%2F

Request Chain 36

https://dmp.adform.net/audiencetag/adformat.js HTTP 301
https://s2.adform.net/banners/scripts/audiencetag/adformat.js

Request Chain 41

https://9365760.fls.doubleclick.net/activityi;src=9365760;type=invmedia;cat=tim_f00;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=8648802347778.024 HTTP 302
https://9365760.fls.doubleclick.net/activityi;dc_pre=CLi4j-HU6vICFWXAUQodHJULWg;src=9365760;type=invmedia;cat=tim_f00;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=8648802347778.024

Request Chain 65

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1067695292/?random=1630942093780&cv=9&fst=1630942093780&num=1&fmt=3&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa910&sendb=1&ig=1&data=event%3Dgtag.config&frm=2&url=https%3A%2F%2Ftrack.adform.net%2Fserving%2Fcontainer%2F%3Fpm%3D307530%26lid%3D20317932%26ctype%3D0%26media%3D0%26PageName%3DTIM%257cnull%257cnull%257cHome_Page%26rnd%3D1577127971%26cpref%3D%26loc%3Dhttps%253a%252f%252fauth.tim.it%252f&ref=https%3A%2F%2Fauth.tim.it%2F&hn=www.googleadservices.com&async=1 HTTP 302
https://www.google.com/pagead/1p-user-list/1067695292/?random=1630942093780&cv=9&fst=1630940400000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa910&sendb=1&data=event%3Dgtag.config&frm=2&url=https%3A%2F%2Ftrack.adform.net%2Fserving%2Fcontainer%2F%3Fpm%3D307530%26lid%3D20317932%26ctype%3D0%26media%3D0%26PageName%3DTIM%257cnull%257cnull%257cHome_Page%26rnd%3D1577127971%26cpref%3D%26loc%3Dhttps%253a%252f%252fauth.tim.it%252f&ref=https%3A%2F%2Fauth.tim.it%2F&async=1&is_vtc=1&random=3214688733&resp=GooglemKTybQhCsO HTTP 302
https://www.google.de/pagead/1p-user-list/1067695292/?random=1630942093780&cv=9&fst=1630940400000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa910&sendb=1&data=event%3Dgtag.config&frm=2&url=https%3A%2F%2Ftrack.adform.net%2Fserving%2Fcontainer%2F%3Fpm%3D307530%26lid%3D20317932%26ctype%3D0%26media%3D0%26PageName%3DTIM%257cnull%257cnull%257cHome_Page%26rnd%3D1577127971%26cpref%3D%26loc%3Dhttps%253a%252f%252fauth.tim.it%252f&ref=https%3A%2F%2Fauth.tim.it%2F&async=1&is_vtc=1&random=3214688733&resp=GooglemKTybQhCsO&ipr=y

Request Chain 69

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1069000273/?random=1630942093783&cv=9&fst=1630942093783&num=1&fmt=3&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa910&sendb=1&ig=1&data=event%3Dgtag.config&frm=2&url=https%3A%2F%2Ftrack.adform.net%2Fserving%2Fcontainer%2F%3Fpm%3D307530%26lid%3D20317932%26ctype%3D0%26media%3D0%26PageName%3DTIM%257cnull%257cnull%257cHome_Page%26rnd%3D1577127971%26cpref%3D%26loc%3Dhttps%253a%252f%252fauth.tim.it%252f&ref=https%3A%2F%2Fauth.tim.it%2F&hn=www.googleadservices.com&async=1 HTTP 302
https://www.google.com/pagead/1p-user-list/1069000273/?random=1630942093783&cv=9&fst=1630940400000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa910&sendb=1&data=event%3Dgtag.config&frm=2&url=https%3A%2F%2Ftrack.adform.net%2Fserving%2Fcontainer%2F%3Fpm%3D307530%26lid%3D20317932%26ctype%3D0%26media%3D0%26PageName%3DTIM%257cnull%257cnull%257cHome_Page%26rnd%3D1577127971%26cpref%3D%26loc%3Dhttps%253a%252f%252fauth.tim.it%252f&ref=https%3A%2F%2Fauth.tim.it%2F&async=1&is_vtc=1&random=424575585&resp=GooglemKTybQhCsO HTTP 302
https://www.google.de/pagead/1p-user-list/1069000273/?random=1630942093783&cv=9&fst=1630940400000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa910&sendb=1&data=event%3Dgtag.config&frm=2&url=https%3A%2F%2Ftrack.adform.net%2Fserving%2Fcontainer%2F%3Fpm%3D307530%26lid%3D20317932%26ctype%3D0%26media%3D0%26PageName%3DTIM%257cnull%257cnull%257cHome_Page%26rnd%3D1577127971%26cpref%3D%26loc%3Dhttps%253a%252f%252fauth.tim.it%252f&ref=https%3A%2F%2Fauth.tim.it%2F&async=1&is_vtc=1&random=424575585&resp=GooglemKTybQhCsO&ipr=y

Request Chain 71

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/573415252/?random=1630942093784&cv=9&fst=1630942093784&num=1&fmt=3&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa910&sendb=1&ig=1&data=event%3Dgtag.config&frm=2&url=https%3A%2F%2Ftrack.adform.net%2Fserving%2Fcontainer%2F%3Fpm%3D307530%26lid%3D20317932%26ctype%3D0%26media%3D0%26PageName%3DTIM%257cnull%257cnull%257cHome_Page%26rnd%3D1577127971%26cpref%3D%26loc%3Dhttps%253a%252f%252fauth.tim.it%252f&ref=https%3A%2F%2Fauth.tim.it%2F&hn=www.googleadservices.com&async=1 HTTP 302
https://www.google.com/pagead/1p-user-list/573415252/?random=1630942093784&cv=9&fst=1630940400000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa910&sendb=1&data=event%3Dgtag.config&frm=2&url=https%3A%2F%2Ftrack.adform.net%2Fserving%2Fcontainer%2F%3Fpm%3D307530%26lid%3D20317932%26ctype%3D0%26media%3D0%26PageName%3DTIM%257cnull%257cnull%257cHome_Page%26rnd%3D1577127971%26cpref%3D%26loc%3Dhttps%253a%252f%252fauth.tim.it%252f&ref=https%3A%2F%2Fauth.tim.it%2F&async=1&is_vtc=1&random=4050408243&resp=GooglemKTybQhCsO HTTP 302
https://www.google.de/pagead/1p-user-list/573415252/?random=1630942093784&cv=9&fst=1630940400000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa910&sendb=1&data=event%3Dgtag.config&frm=2&url=https%3A%2F%2Ftrack.adform.net%2Fserving%2Fcontainer%2F%3Fpm%3D307530%26lid%3D20317932%26ctype%3D0%26media%3D0%26PageName%3DTIM%257cnull%257cnull%257cHome_Page%26rnd%3D1577127971%26cpref%3D%26loc%3Dhttps%253a%252f%252fauth.tim.it%252f&ref=https%3A%2F%2Fauth.tim.it%2F&async=1&is_vtc=1&random=4050408243&resp=GooglemKTybQhCsO&ipr=y

Request Chain 74

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/609393971/?random=1630942093786&cv=9&fst=1630942093786&num=1&fmt=3&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa910&sendb=1&ig=1&data=event%3Dgtag.config&frm=2&url=https%3A%2F%2Ftrack.adform.net%2Fserving%2Fcontainer%2F%3Fpm%3D307530%26lid%3D20317932%26ctype%3D0%26media%3D0%26PageName%3DTIM%257cnull%257cnull%257cHome_Page%26rnd%3D1577127971%26cpref%3D%26loc%3Dhttps%253a%252f%252fauth.tim.it%252f&ref=https%3A%2F%2Fauth.tim.it%2F&hn=www.googleadservices.com&async=1 HTTP 302
https://www.google.com/pagead/1p-user-list/609393971/?random=1630942093786&cv=9&fst=1630940400000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa910&sendb=1&data=event%3Dgtag.config&frm=2&url=https%3A%2F%2Ftrack.adform.net%2Fserving%2Fcontainer%2F%3Fpm%3D307530%26lid%3D20317932%26ctype%3D0%26media%3D0%26PageName%3DTIM%257cnull%257cnull%257cHome_Page%26rnd%3D1577127971%26cpref%3D%26loc%3Dhttps%253a%252f%252fauth.tim.it%252f&ref=https%3A%2F%2Fauth.tim.it%2F&async=1&is_vtc=1&random=1684691000&resp=GooglemKTybQhCsO HTTP 302
https://www.google.de/pagead/1p-user-list/609393971/?random=1630942093786&cv=9&fst=1630940400000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa910&sendb=1&data=event%3Dgtag.config&frm=2&url=https%3A%2F%2Ftrack.adform.net%2Fserving%2Fcontainer%2F%3Fpm%3D307530%26lid%3D20317932%26ctype%3D0%26media%3D0%26PageName%3DTIM%257cnull%257cnull%257cHome_Page%26rnd%3D1577127971%26cpref%3D%26loc%3Dhttps%253a%252f%252fauth.tim.it%252f&ref=https%3A%2F%2Fauth.tim.it%2F&async=1&is_vtc=1&random=1684691000&resp=GooglemKTybQhCsO&ipr=y

100 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 404
Not Found Primary Request / Show response
auth.tim.it/ 8 KB
3 KB 288ms
104ms Document
text/html 156.54.82.108
ASN-IBSNAZ

General

Check archive.org

Show headers Download Go to

Full URL: https://auth.tim.it/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 156.54.82.108 Istrana, Italy, ASN3269 (ASN-IBSNAZ, IT),
Reverse DNS
Software: Apache /
Resource Hash: 4ff29c0b8042249e7fe40fc16a0f6553c7ecfad08be485af40e3f3cf0a8da609

Request headers

Host: auth.tim.it
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Mon, 06 Sep 2021 15:28:12 GMT
Server: Apache
Content-Language: en-US
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Keep-Alive: timeout=15, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK style_unico_tim.css
static.tim.it/dca/desktop/css/ 110 KB
21 KB 293ms
73ms Stylesheet
text/css 156.54.82.85
ASN-IDC T.NO.OM.I.NC

General

Check archive.org

Show headers Download Go to

Full URL: https://static.tim.it/dca/desktop/css/style_unico_tim.css
Requested by: Host: auth.tim.it
URL: https://auth.tim.it/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 156.54.82.85 Istrana, Italy, ASN20746 (ASN-IDC T.NO.OM.I.NC, IT),
Reverse DNS
Software: Apache /
Resource Hash: 5bb5823c1348fa21b9e07ff234459e7f061ce1df10982befefb66f59c1332175

Request headers

Referer: https://auth.tim.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Mon, 06 Sep 2021 15:28:13 GMT
Content-Encoding: gzip
Last-Modified: Wed, 02 Oct 2019 07:10:28 GMT
Server: Apache
Age: 3448
ETag: "4c37d-1b9bc-593e829e32100"
Vary: Accept-Encoding,Origin,User-Agent
Content-Type: text/css
Access-Control-Allow-Origin: *
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=100
Content-Length: 21277

GET
H/1.1 200
OK style.css
static.tim.it/dca/desktop/css/ 279 KB
58 KB 294ms
74ms Stylesheet
text/css 156.54.82.85
ASN-IDC T.NO.OM.I.NC

General

Check archive.org

Show headers Download Go to

Full URL: https://static.tim.it/dca/desktop/css/style.css
Requested by: Host: auth.tim.it
URL: https://auth.tim.it/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 156.54.82.85 Istrana, Italy, ASN20746 (ASN-IDC T.NO.OM.I.NC, IT),
Reverse DNS
Software: Apache /
Resource Hash: 3cebf6d751181170e900a5e149b50b175d84d6e03096f705529e3c655e981c61

Request headers

Referer: https://auth.tim.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Mon, 06 Sep 2021 15:28:13 GMT
Content-Encoding: gzip
Last-Modified: Wed, 02 Oct 2019 07:10:28 GMT
Server: Apache
Age: 3448
ETag: "4c37b-45c90-593e829e32100"
Vary: Accept-Encoding,Origin,User-Agent
Content-Type: text/css
Access-Control-Allow-Origin: *
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=100
Content-Length: 58848

GET
H/1.1 200
OK bootstrap-select.min.1.11.2.css
static.tim.it/dca/desktop/css/ 6 KB
2 KB 265ms
44ms Stylesheet
text/css 156.54.82.85
ASN-IDC T.NO.OM.I.NC

General

Check archive.org

Show headers Download Go to

Full URL: https://static.tim.it/dca/desktop/css/bootstrap-select.min.1.11.2.css
Requested by: Host: auth.tim.it
URL: https://auth.tim.it/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 156.54.82.85 Istrana, Italy, ASN20746 (ASN-IDC T.NO.OM.I.NC, IT),
Reverse DNS
Software: Apache /
Resource Hash: ea958d3b656269a77eaab8fc090e14f6262bca548f4602cecda1c6b426dad5fe

Request headers

Referer: https://auth.tim.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Mon, 06 Sep 2021 15:28:13 GMT
Content-Encoding: gzip
Last-Modified: Wed, 02 Oct 2019 07:10:28 GMT
Server: Apache
Age: 3448
ETag: "4c377-1925-593e829e32100"
Vary: Accept-Encoding,Origin,User-Agent
Content-Type: text/css
Access-Control-Allow-Origin: *
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=100
Content-Length: 1569

GET
H/1.1 200
OK flexslider.css
static.tim.it/dca/desktop/css/ 7 KB
2 KB 269ms
47ms Stylesheet
text/css 156.54.82.85
ASN-IDC T.NO.OM.I.NC

General

Check archive.org

Show headers Download Go to

Full URL: https://static.tim.it/dca/desktop/css/flexslider.css
Requested by: Host: auth.tim.it
URL: https://auth.tim.it/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 156.54.82.85 Istrana, Italy, ASN20746 (ASN-IDC T.NO.OM.I.NC, IT),
Reverse DNS
Software: Apache /
Resource Hash: aa1cf3f3785370fe8d6c982e4616c9e9283badc2fdc858e76bfe003f34bab1c3

Request headers

Referer: https://auth.tim.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Mon, 06 Sep 2021 15:28:13 GMT
Content-Encoding: gzip
Last-Modified: Wed, 02 Oct 2019 07:10:28 GMT
Server: Apache
Age: 3448
ETag: "4c379-1a16-593e829e32100"
Vary: Accept-Encoding,Origin,User-Agent
Content-Type: text/css
Access-Control-Allow-Origin: *
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=100
Content-Length: 1983

GET
H/1.1 200
OK ezmark.css
static.tim.it/dca/desktop/css/ 1 KB
845 B 268ms
46ms Stylesheet
text/css 156.54.82.85
ASN-IDC T.NO.OM.I.NC

General

Check archive.org

Show headers Download Go to

Full URL: https://static.tim.it/dca/desktop/css/ezmark.css
Requested by: Host: auth.tim.it
URL: https://auth.tim.it/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 156.54.82.85 Istrana, Italy, ASN20746 (ASN-IDC T.NO.OM.I.NC, IT),
Reverse DNS
Software: Apache /
Resource Hash: 28aeb79e7f1eb983406dd8cfccff83e0c034d0a69b706de7771abe0d31b0010c

Request headers

Referer: https://auth.tim.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Mon, 06 Sep 2021 15:28:13 GMT
Content-Encoding: gzip
Last-Modified: Wed, 02 Oct 2019 07:10:28 GMT
Server: Apache
Age: 3448
ETag: "4c378-4de-593e829e32100"
Vary: Accept-Encoding,Origin,User-Agent
Content-Type: text/css
Access-Control-Allow-Origin: *
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=99
Content-Length: 460

GET
H/1.1 200
OK slick.css
static.tim.it/dca/desktop/css/ 5 KB
2 KB 269ms
47ms Stylesheet
text/css 156.54.82.85
ASN-IDC T.NO.OM.I.NC

General

Check archive.org

Show headers Download Go to

Full URL: https://static.tim.it/dca/desktop/css/slick.css
Requested by: Host: auth.tim.it
URL: https://auth.tim.it/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 156.54.82.85 Istrana, Italy, ASN20746 (ASN-IDC T.NO.OM.I.NC, IT),
Reverse DNS
Software: Apache /
Resource Hash: 092ecca166cfa42b8c5c6e37691ed3d794fa8f2ac128123fb6859898efe8e345

Request headers

Referer: https://auth.tim.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Mon, 06 Sep 2021 15:28:13 GMT
Content-Encoding: gzip
Last-Modified: Wed, 02 Oct 2019 07:10:28 GMT
Server: Apache
Age: 3448
ETag: "4c37a-154b-593e829e32100"
Vary: Accept-Encoding,Origin,User-Agent
Content-Type: text/css
Access-Control-Allow-Origin: *
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=100
Content-Length: 1554

GET
H/1.1 200
OK acn_main.css
static.tim.it/dca/desktop/css/ 35 KB
8 KB 334ms
69ms Stylesheet
text/css 156.54.82.85
ASN-IDC T.NO.OM.I.NC

General

Check archive.org

Show headers Download Go to

Full URL: https://static.tim.it/dca/desktop/css/acn_main.css
Requested by: Host: auth.tim.it
URL: https://auth.tim.it/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 156.54.82.85 Istrana, Italy, ASN20746 (ASN-IDC T.NO.OM.I.NC, IT),
Reverse DNS
Software: Apache /
Resource Hash: 49bb937326698475fc9d06bd873f66fa068ebb6be6cfb799e90b8b997b098014

Request headers

Referer: https://auth.tim.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Mon, 06 Sep 2021 15:28:13 GMT
Content-Encoding: gzip
Last-Modified: Wed, 02 Oct 2019 07:10:28 GMT
Server: Apache
Age: 3448
ETag: "4c376-8a97-593e829e32100"
Vary: Accept-Encoding,Origin,User-Agent
Content-Type: text/css
Access-Control-Allow-Origin: *
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=99
Content-Length: 7320

GET
H/1.1 200
OK desktop.css
static.tim.it/dca/desktop/custom/css/ 6 KB
2 KB 316ms
47ms Stylesheet
text/css 156.54.82.85
ASN-IDC T.NO.OM.I.NC

General

Check archive.org

Show headers Download Go to

Full URL: https://static.tim.it/dca/desktop/custom/css/desktop.css
Requested by: Host: auth.tim.it
URL: https://auth.tim.it/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 156.54.82.85 Istrana, Italy, ASN20746 (ASN-IDC T.NO.OM.I.NC, IT),
Reverse DNS
Software: Apache /
Resource Hash: f891b02ba68343652b13f5d0b10fbb305b6ac25dfd41b992f8d7ad4db46592ac

Request headers

Referer: https://auth.tim.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Mon, 06 Sep 2021 15:28:13 GMT
Content-Encoding: gzip
Last-Modified: Wed, 02 Oct 2019 07:10:28 GMT
Server: Apache
Age: 3448
ETag: "4c37f-1673-593e829e32100"
Vary: Accept-Encoding,Origin,User-Agent
Content-Type: text/css
Access-Control-Allow-Origin: *
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=98
Content-Length: 1751

GET
H/1.1 200
OK jquery-1.11.1.js Show response
static.tim.it/dca/desktop/js/ 94 KB
38 KB 344ms
75ms Script
application/javascript 156.54.82.85
ASN-IDC T.NO.OM.I.NC

General

Check archive.org

Show headers Download Go to

Full URL: https://static.tim.it/dca/desktop/js/jquery-1.11.1.js
Requested by: Host: auth.tim.it
URL: https://auth.tim.it/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 156.54.82.85 Istrana, Italy, ASN20746 (ASN-IDC T.NO.OM.I.NC, IT),
Reverse DNS
Software: Apache /
Resource Hash: 24262baafef17092927c3dafe764aaa52a2a371b83ed2249cca7e414df99fac1

Request headers

Referer: https://auth.tim.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Mon, 06 Sep 2021 15:28:13 GMT
Content-Encoding: gzip
Last-Modified: Wed, 02 Oct 2019 07:10:29 GMT
Server: Apache
Age: 3448
ETag: "4c3ac-17629-593e829f26340"
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=97
Content-Length: 38272

GET
H/1.1 200
OK bootstrap.js Show response
static.tim.it/dca/desktop/js/ 63 KB
18 KB 347ms
78ms Script
application/javascript 156.54.82.85
ASN-IDC T.NO.OM.I.NC

General

Check archive.org

Show headers Download Go to

Full URL: https://static.tim.it/dca/desktop/js/bootstrap.js
Requested by: Host: auth.tim.it
URL: https://auth.tim.it/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 156.54.82.85 Istrana, Italy, ASN20746 (ASN-IDC T.NO.OM.I.NC, IT),
Reverse DNS
Software: Apache /
Resource Hash: 21e9f99cfbd5a6b21f27d4c11e5ae2743fe371ae76e86d635445b08e4a0c5e12

Request headers

Referer: https://auth.tim.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Mon, 06 Sep 2021 15:28:13 GMT
Content-Encoding: gzip
Last-Modified: Wed, 02 Oct 2019 07:10:29 GMT
Server: Apache
Age: 3448
ETag: "4c3aa-fd8b-593e829f26340"
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=96
Content-Length: 17713

GET
H/1.1 200
OK bootstrap-select.min.js Show response
static.tim.it/dca/desktop/js/ 33 KB
11 KB 363ms
49ms Script
application/javascript 156.54.82.85
ASN-IDC T.NO.OM.I.NC

General

Check archive.org

Show headers Download Go to

Full URL: https://static.tim.it/dca/desktop/js/bootstrap-select.min.js
Requested by: Host: auth.tim.it
URL: https://auth.tim.it/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 156.54.82.85 Istrana, Italy, ASN20746 (ASN-IDC T.NO.OM.I.NC, IT),
Reverse DNS
Software: Apache /
Resource Hash: 230d37ec3e5ff4cb697ede52e000d612b275397b3333250d6287b99b72cfc4ac

Request headers

Referer: https://auth.tim.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Mon, 06 Sep 2021 15:28:13 GMT
Content-Encoding: gzip
Last-Modified: Wed, 02 Oct 2019 07:10:29 GMT
Server: Apache
Age: 3448
ETag: "4c3a9-8571-593e829f26340"
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=95
Content-Length: 10999

GET
H/1.1 200
OK device.js Show response
static.tim.it/dca/desktop/js/ 5 KB
1 KB 361ms
46ms Script
application/javascript 156.54.82.85
ASN-IDC T.NO.OM.I.NC

General

Check archive.org

Show headers Download Go to

Full URL: https://static.tim.it/dca/desktop/js/device.js
Requested by: Host: auth.tim.it
URL: https://auth.tim.it/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 156.54.82.85 Istrana, Italy, ASN20746 (ASN-IDC T.NO.OM.I.NC, IT),
Reverse DNS
Software: Apache /
Resource Hash: 80c1fdc1ae09782c729ad366dbf16e4f37f679163ca4eb8a874759ebe72e766c

Request headers

Referer: https://auth.tim.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Mon, 06 Sep 2021 15:28:13 GMT
Content-Encoding: gzip
Last-Modified: Wed, 02 Oct 2019 07:10:29 GMT
Server: Apache
Age: 3448
ETag: "4c3ab-1229-593e829f26340"
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=94
Content-Length: 999

GET
H/1.1 200
OK portale_Unico.js Show response
static.tim.it/dca/desktop/js/ 37 KB
9 KB 380ms
47ms Script
application/javascript 156.54.82.85
ASN-IDC T.NO.OM.I.NC

General

Check archive.org

Show headers Download Go to

Full URL: https://static.tim.it/dca/desktop/js/portale_Unico.js
Requested by: Host: auth.tim.it
URL: https://auth.tim.it/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 156.54.82.85 Istrana, Italy, ASN20746 (ASN-IDC T.NO.OM.I.NC, IT),
Reverse DNS
Software: Apache /
Resource Hash: 7c9b0871e6b69eb3aa903fa0bb660a73a44a4f0218e79f04d5c4fec3e714aaff

Request headers

Referer: https://auth.tim.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Mon, 06 Sep 2021 15:28:13 GMT
Content-Encoding: gzip
Last-Modified: Wed, 02 Oct 2019 07:10:29 GMT
Server: Apache
Age: 3448
ETag: "4c3b1-941a-593e829f26340"
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=93
Content-Length: 8503

GET
H/1.1 200
OK jquery.ezmark.min.js Show response
static.tim.it/dca/desktop/js/ 1 KB
976 B 391ms
44ms Script
application/javascript 156.54.82.85
ASN-IDC T.NO.OM.I.NC

General

Check archive.org

Show headers Download Go to

Full URL: https://static.tim.it/dca/desktop/js/jquery.ezmark.min.js
Requested by: Host: auth.tim.it
URL: https://auth.tim.it/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 156.54.82.85 Istrana, Italy, ASN20746 (ASN-IDC T.NO.OM.I.NC, IT),
Reverse DNS
Software: Apache /
Resource Hash: 337244ecb9e3d3fa4a83af2195d9cb23a9c09adfe7b6f753f6112dc372a86ff4

Request headers

Referer: https://auth.tim.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Mon, 06 Sep 2021 15:28:13 GMT
Content-Encoding: gzip
Last-Modified: Wed, 02 Oct 2019 07:10:29 GMT
Server: Apache
Age: 3448
ETag: "4c3ad-5f9-593e829f26340"
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=99
Content-Length: 616

GET
H/1.1 200
OK jquery.flexslider.js Show response
static.tim.it/dca/desktop/js/ 52 KB
13 KB 48ms
48ms Script
application/javascript 156.54.82.85
ASN-IDC T.NO.OM.I.NC

General

Check archive.org

Show headers Download Go to

Full URL: https://static.tim.it/dca/desktop/js/jquery.flexslider.js
Requested by: Host: auth.tim.it
URL: https://auth.tim.it/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 156.54.82.85 Istrana, Italy, ASN20746 (ASN-IDC T.NO.OM.I.NC, IT),
Reverse DNS
Software: Apache /
Resource Hash: e1ee10334c1daa59dc8c7bdd8b63a40aa0cbb51cfce9abef951af274c8e97751

Request headers

Referer: https://auth.tim.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Mon, 06 Sep 2021 15:28:13 GMT
Content-Encoding: gzip
Last-Modified: Wed, 02 Oct 2019 07:10:29 GMT
Server: Apache
Age: 3448
ETag: "4c3ae-d0ad-593e829f26340"
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=99
Content-Length: 13306

GET
H/1.1 200
OK modernizr.js Show response
static.tim.it/dca/desktop/js/ 10 KB
5 KB 398ms
49ms Script
application/javascript 156.54.82.85
ASN-IDC T.NO.OM.I.NC

General

Check archive.org

Show headers Download Go to

Full URL: https://static.tim.it/dca/desktop/js/modernizr.js
Requested by: Host: auth.tim.it
URL: https://auth.tim.it/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 156.54.82.85 Istrana, Italy, ASN20746 (ASN-IDC T.NO.OM.I.NC, IT),
Reverse DNS
Software: Apache /
Resource Hash: 675ca3697d9188b08e1abf3a3654c6a39a179c65821594bc4dddc5bdf1171808

Request headers

Referer: https://auth.tim.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Mon, 06 Sep 2021 15:28:13 GMT
Content-Encoding: gzip
Last-Modified: Wed, 02 Oct 2019 07:10:29 GMT
Server: Apache
Age: 3448
ETag: "4c3b0-2697-593e829f26340"
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=92
Content-Length: 4565

GET
H/1.1 200
OK slick.js Show response
static.tim.it/dca/desktop/js/ 52 KB
11 KB 52ms
52ms Script
application/javascript 156.54.82.85
ASN-IDC T.NO.OM.I.NC

General

Check archive.org

Show headers Download Go to

Full URL: https://static.tim.it/dca/desktop/js/slick.js
Requested by: Host: auth.tim.it
URL: https://auth.tim.it/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 156.54.82.85 Istrana, Italy, ASN20746 (ASN-IDC T.NO.OM.I.NC, IT),
Reverse DNS
Software: Apache /
Resource Hash: d388303df8b2acf1d45e38977d8b58792143398e4196e1d85069dfed2c1581d5

Request headers

Referer: https://auth.tim.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Mon, 06 Sep 2021 15:28:13 GMT
Content-Encoding: gzip
Last-Modified: Wed, 02 Oct 2019 07:10:29 GMT
Server: Apache
Age: 3448
ETag: "4c3b2-d18a-593e829f26340"
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=98
Content-Length: 10789

GET
H/1.1 200
OK slide-to-captcha.modified.js Show response
static.tim.it/dca/desktop/js/ 4 KB
1 KB 407ms
46ms Script
application/javascript 156.54.82.85
ASN-IDC T.NO.OM.I.NC

General

Check archive.org

Show headers Download Go to

Full URL: https://static.tim.it/dca/desktop/js/slide-to-captcha.modified.js
Requested by: Host: auth.tim.it
URL: https://auth.tim.it/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 156.54.82.85 Istrana, Italy, ASN20746 (ASN-IDC T.NO.OM.I.NC, IT),
Reverse DNS
Software: Apache /
Resource Hash: 3c998929ae4ab34e365e4cc225c5dd542d1dcf54dda3c89c14232c1e1443c3f4

Request headers

Referer: https://auth.tim.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Mon, 06 Sep 2021 15:28:13 GMT
Content-Encoding: gzip
Last-Modified: Wed, 02 Oct 2019 07:10:29 GMT
Server: Apache
Age: 3448
ETag: "4c3b3-fb4-593e829f26340"
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=99
Content-Length: 1094

GET
H/1.1 200
OK main.js Show response
static.tim.it/dca/desktop/js/ 4 KB
2 KB 407ms
44ms Script
application/javascript 156.54.82.85
ASN-IDC T.NO.OM.I.NC

General

Check archive.org

Show headers Download Go to

Full URL: https://static.tim.it/dca/desktop/js/main.js
Requested by: Host: auth.tim.it
URL: https://auth.tim.it/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 156.54.82.85 Istrana, Italy, ASN20746 (ASN-IDC T.NO.OM.I.NC, IT),
Reverse DNS
Software: Apache /
Resource Hash: 29c05d4fdc81a55e2a208a25bf5e776476c872f5abb3d07f1b50e48f5367669a

Request headers

Referer: https://auth.tim.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Mon, 06 Sep 2021 15:28:13 GMT
Content-Encoding: gzip
Last-Modified: Wed, 02 Oct 2019 07:10:29 GMT
Server: Apache
Age: 3448
ETag: "4c3af-ee4-593e829f26340"
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=91
Content-Length: 1181

GET
H/1.1 200
OK jquery.validate.min.js Show response
static.tim.it/dca/desktop/custom/lib/ 21 KB
8 KB 428ms
51ms Script
application/javascript 156.54.82.85
ASN-IDC T.NO.OM.I.NC

General

Check archive.org

Show headers Download Go to

Full URL: https://static.tim.it/dca/desktop/custom/lib/jquery.validate.min.js
Requested by: Host: auth.tim.it
URL: https://auth.tim.it/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 156.54.82.85 Istrana, Italy, ASN20746 (ASN-IDC T.NO.OM.I.NC, IT),
Reverse DNS
Software: Apache /
Resource Hash: 2e3e3b2660cbfaac5febf7a50b31d0494159989626a84102b2c3792cffe27d13

Request headers

Referer: https://auth.tim.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Mon, 06 Sep 2021 15:28:13 GMT
Content-Encoding: gzip
Last-Modified: Wed, 02 Oct 2019 07:10:28 GMT
Server: Apache
Age: 3448
ETag: "4c388-5262-593e829e32100"
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=98
Content-Length: 7470

GET
H/1.1 200
OK jquery.validate.additional-methods.min.js Show response
static.tim.it/dca/desktop/custom/lib/ 17 KB
6 KB 426ms
46ms Script
application/javascript 156.54.82.85
ASN-IDC T.NO.OM.I.NC

General

Check archive.org

Show headers Download Go to

Full URL: https://static.tim.it/dca/desktop/custom/lib/jquery.validate.additional-methods.min.js
Requested by: Host: auth.tim.it
URL: https://auth.tim.it/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 156.54.82.85 Istrana, Italy, ASN20746 (ASN-IDC T.NO.OM.I.NC, IT),
Reverse DNS
Software: Apache /
Resource Hash: 2b9a658314baccfef5f3b1d279571f0c1dbe62e6f71735828dd7606e426ba798

Request headers

Referer: https://auth.tim.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Mon, 06 Sep 2021 15:28:13 GMT
Content-Encoding: gzip
Last-Modified: Wed, 02 Oct 2019 07:10:28 GMT
Server: Apache
Age: 3448
ETag: "4c387-433a-593e829e32100"
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=90
Content-Length: 5376

GET
H/1.1 200
OK jquery.form.min.js Show response
static.tim.it/dca/desktop/custom/lib/ 15 KB
6 KB 436ms
45ms Script
application/javascript 156.54.82.85
ASN-IDC T.NO.OM.I.NC

General

Check archive.org

Show headers Download Go to

Full URL: https://static.tim.it/dca/desktop/custom/lib/jquery.form.min.js
Requested by: Host: auth.tim.it
URL: https://auth.tim.it/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 156.54.82.85 Istrana, Italy, ASN20746 (ASN-IDC T.NO.OM.I.NC, IT),
Reverse DNS
Software: Apache /
Resource Hash: c90f0e501d2948fbc2b61bffd654fa4ab64741fd48923782419eeb14d3816fb8

Request headers

Referer: https://auth.tim.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Mon, 06 Sep 2021 15:28:13 GMT
Content-Encoding: gzip
Last-Modified: Wed, 02 Oct 2019 07:10:28 GMT
Server: Apache
Age: 3448
ETag: "4c386-3b90-593e829e32100"
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=98
Content-Length: 6192

GET
H/1.1 200
OK desktop.js Show response
static.tim.it/dca/desktop/custom/js/ 24 KB
5 KB 448ms
50ms Script
application/javascript 156.54.82.85
ASN-IDC T.NO.OM.I.NC

General

Check archive.org

Show headers Download Go to

Full URL: https://static.tim.it/dca/desktop/custom/js/desktop.js
Requested by: Host: auth.tim.it
URL: https://auth.tim.it/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 156.54.82.85 Istrana, Italy, ASN20746 (ASN-IDC T.NO.OM.I.NC, IT),
Reverse DNS
Software: Apache /
Resource Hash: 9e782d76ddb15dd322e6c2b1096a4cd0d288b5456fd2e840a06b4c54a5615715

Request headers

Referer: https://auth.tim.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Mon, 06 Sep 2021 15:28:13 GMT
Content-Encoding: gzip
Last-Modified: Wed, 02 Oct 2019 07:10:28 GMT
Server: Apache
Age: 3448
ETag: "4c383-5e79-593e829e32100"
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=97
Content-Length: 5112

GET
H/1.1 200
OK logo_tim.png
img.tim.it/dca/desktop/img/ 2 KB
2 KB 320ms
50ms Image
image/png 156.54.82.86
ASN-IDC T.NO.OM.I.NC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.tim.it/dca/desktop/img/logo_tim.png
Requested by: Host: auth.tim.it
URL: https://auth.tim.it/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 156.54.82.86 Istrana, Italy, ASN20746 (ASN-IDC T.NO.OM.I.NC, IT),
Reverse DNS
Software: Apache /
Resource Hash: 8c200ad84e0edfd81017d88adca70c5eb7d7a46437611feaecba02768ad8201d

Request headers

Referer: https://auth.tim.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Mon, 06 Sep 2021 15:28:13 GMT
Last-Modified: Wed, 02 Oct 2019 07:10:29 GMT
Server: Apache
Age: 3447
ETag: "4e5e0-67b-593e829f26340"
Vary: Accept-Encoding,User-Agent
Content-Type: image/png
Access-Control-Allow-Origin: *
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=100
Content-Length: 1659

GET
H/1.1 200
OK icon_helpbtnbubble.png
img.tim.it/dca/desktop/img/acn_img/ 1 KB
1 KB 319ms
49ms Image
image/png 156.54.82.86
ASN-IDC T.NO.OM.I.NC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.tim.it/dca/desktop/img/acn_img/icon_helpbtnbubble.png
Requested by: Host: auth.tim.it
URL: https://auth.tim.it/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 156.54.82.86 Istrana, Italy, ASN20746 (ASN-IDC T.NO.OM.I.NC, IT),
Reverse DNS
Software: Apache /
Resource Hash: 95421fd1f74a703dbd41979c005a5fcb470e01c45f7cd6b37550d780ba146a8f

Request headers

Referer: https://auth.tim.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Mon, 06 Sep 2021 15:28:13 GMT
Last-Modified: Wed, 02 Oct 2019 07:10:28 GMT
Server: Apache
Age: 3447
ETag: "4c35a-407-593e829e32100"
Vary: Accept-Encoding,User-Agent
Content-Type: image/png
Access-Control-Allow-Origin: *
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=100
Content-Length: 1031

GET
H/1.1 200
OK 404.png
img.tim.it/dca/desktop/img/img_404/ 8 KB
8 KB 347ms
77ms Image
image/png 156.54.82.86
ASN-IDC T.NO.OM.I.NC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.tim.it/dca/desktop/img/img_404/404.png
Requested by: Host: auth.tim.it
URL: https://auth.tim.it/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 156.54.82.86 Istrana, Italy, ASN20746 (ASN-IDC T.NO.OM.I.NC, IT),
Reverse DNS
Software: Apache /
Resource Hash: c124990771d202a3b3b632cebf42f3d02df20ea34461095418e2622b22722d40

Request headers

Referer: https://auth.tim.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Mon, 06 Sep 2021 15:28:13 GMT
Last-Modified: Wed, 02 Oct 2019 07:10:28 GMT
Server: Apache
Age: 137
ETag: "47c84-1fdb-593e829e32100"
Vary: Accept-Encoding,User-Agent
Content-Type: image/png
Access-Control-Allow-Origin: *
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=99
Content-Length: 8155

GET
H2

200

trackpoint-async.js Show response
s2.adform.net/banners/scripts/st/
Redirect Chain

https://track.adform.net/serving/scripts/trackpoint/async/
https://s2.adform.net/banners/scripts/st/trackpoint-async.js

80 KB
28 KB

136ms
43ms

Script
application/x-javascript

37.157.2.248
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s2.adform.net/banners/scripts/st/trackpoint-async.js
Requested by: Host: auth.tim.it
URL: https://auth.tim.it/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.2.248 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 5addb050e7fe474684bcb62d5bc8717ab681735dce2d2539631a08d570cf81a5

Request headers

Referer: https://auth.tim.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 06 Sep 2021 15:28:13 GMT
content-encoding: gzip
last-modified: Mon, 17 May 2021 07:34:37 GMT
server: nginx
etag: W/"60a21c8d-13e2b"
x-cache-status: HIT
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
content-type: application/x-javascript

Redirect headers

location: https://s2.adform.net/banners/scripts/st/trackpoint-async.js
date: Mon, 06 Sep 2021 15:28:13 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/html

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 94 KB
37 KB 19ms
19ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PZM6TM

Requested by

Host: auth.tim.it
URL: https://auth.tim.it/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6a3694aded538b394ca4609ea4acc282eca0464974658bf8ed1b1b586d78bb6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://auth.tim.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 06 Sep 2021 15:28:12 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38029
x-xss-protection: 0
last-modified: Mon, 06 Sep 2021 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 06 Sep 2021 15:28:12 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PZM6TM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://auth.tim.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 11 Aug 2021 00:32:57 GMT
server: Golfe2
age: 2476
date: Mon, 06 Sep 2021 14:46:57 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19747
expires: Mon, 06 Sep 2021 16:46:57 GMT

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 14ms
13ms XHR
text/plain 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j93&a=921078357&t=pageview&_s=1&dl=https%3A%2F%2Fauth.tim.it%2F&ul=en-us&de=UTF-8&dt=Pagina%20non%20trovata&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAAABAAAAAC~&jid=1513910677&gjid=1664871455&cid=846833565.1630942093&tid=UA-62626411-1&_gid=778936116.1630942093&_r=1&gtm=2wg910PZM6TM&z=1510569802

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://auth.tim.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 06 Sep 2021 15:28:13 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://auth.tim.it
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
85 B 15ms
15ms XHR
text/plain 2a00:1450:400c:c04::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-62626411-1&cid=846833565.1630942093&jid=1513910677&gjid=1664871455&_gid=778936116.1630942093&_u=YEBAAAAAAAAAAC~&z=1324713199

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c04::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://auth.tim.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 06 Sep 2021 15:28:13 GMT
content-type: text/plain
access-control-allow-origin: https://auth.tim.it
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 31ms
30ms Image
image/gif 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-62626411-1&cid=846833565.1630942093&jid=1513910677&_u=YEBAAAAAAAAAAC~&z=1486105578

Requested by

Host: auth.tim.it
URL: https://auth.tim.it/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://auth.tim.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Sep 2021 15:28:13 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 36ms
36ms Image
image/gif 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-62626411-1&cid=846833565.1630942093&jid=1513910677&_u=YEBAAAAAAAAAAC~&z=1486105578

Requested by

Host: auth.tim.it
URL: https://auth.tim.it/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://auth.tim.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Sep 2021 15:28:13 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/ Show response
track.adform.net/Serving/TrackPoint/
Redirect Chain

https://track.adform.net/Serving/TrackPoint/?pm=307530&ADFPageName=TIM%7Cnull%7Cnull%7CHome_Page&ADFdivider=%7C&ord=545676428566&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&itm=eyJzdjMiOiIiLCJz...
https://track.adform.net/Serving/TrackPoint/?CC=1&pm=307530&ADFPageName=TIM%7Cnull%7Cnull%7CHome_Page&ADFdivider=%7C&ord=545676428566&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&itm=eyJzdjMiOiI...

6 KB
3 KB

46ms
45ms

Script
text/javascript

37.157.2.235
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/Serving/TrackPoint/?CC=1&pm=307530&ADFPageName=TIM%7Cnull%7Cnull%7CHome_Page&ADFdivider=%7C&ord=545676428566&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&itm=eyJzdjMiOiIiLCJzdjQiOiIiLCJzdjUiOiIiLCJzdjYiOiIiLCJzdjciOiIiLCJzdjgiOiIiLCJzdjkiOiIiLCJzdjEwIjoiIiwic3YxMSI6IiIsInN2MTIiOiIiLCJzdjEzIjoiIiwic3YxNCI6IiIsInN2MTUiOiIiLCJzdjE2IjoiIiwic3YxNyI6IiIsInN2MTgiOiIiLCJzdjE5IjoiIiwic3YyMCI6IiIsInN2MjEiOiIiLCJzdjIyIjoiIiwic3YyMyI6IiIsInN2MjQiOiIiLCJzdjI1IjoiIiwic3YyNiI6IiIsInN2MjciOiIiLCJzdjI4IjoiIiwic3YyOSI6IiJ9&loc=https%3A%2F%2Fauth.tim.it%2F

Requested by

Host: auth.tim.it
URL: https://auth.tim.it/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.235 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8800b01f0d31e1de7acbaafb85474ed3290d51db01694fcbe1a940fe0bdd6209

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://auth.tim.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Sep 2021 15:28:13 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 2235
expires: -1

Redirect headers

pragma: no-cache
date: Mon, 06 Sep 2021 15:28:13 GMT
server: nginx
location: https://track.adform.net/Serving/TrackPoint/?CC=1&pm=307530&ADFPageName=TIM%7Cnull%7Cnull%7CHome_Page&ADFdivider=%7C&ord=545676428566&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&itm=eyJzdjMiOiIiLCJzdjQiOiIiLCJzdjUiOiIiLCJzdjYiOiIiLCJzdjciOiIiLCJzdjgiOiIiLCJzdjkiOiIiLCJzdjEwIjoiIiwic3YxMSI6IiIsInN2MTIiOiIiLCJzdjEzIjoiIiwic3YxNCI6IiIsInN2MTUiOiIiLCJzdjE2IjoiIiwic3YxNyI6IiIsInN2MTgiOiIiLCJzdjE5IjoiIiwic3YyMCI6IiIsInN2MjEiOiIiLCJzdjIyIjoiIiwic3YyMyI6IiIsInN2MjQiOiIiLCJzdjI1IjoiIiwic3YyNiI6IiIsInN2MjciOiIiLCJzdjI4IjoiIiwic3YyOSI6IiJ9&loc=https%3A%2F%2Fauth.tim.it%2F
strict-transport-security: max-age=31536000; includeSubDomains
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
content-type: text/html; charset=utf-8
expires: -1

GET
H2 200 / Show response
track.adform.net/serving/container/ Frame 7C9E 14 KB
5 KB 45ms
45ms Document
text/html 37.157.2.235
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/serving/container/?pm=307530&lid=20317932&ctype=0&media=0&PageName=TIM%7cnull%7cnull%7cHome_Page&rnd=1577127971&cpref=&loc=https%3a%2f%2fauth.tim.it%2f

Requested by

Host: track.adform.net
URL: https://track.adform.net/serving/scripts/trackpoint/async/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.235 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

7715c525b5079498a8861308e0d34ac1c13b7f0ac8d8e2ea9822544360aa6dac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

:method: GET
:authority: track.adform.net
:scheme: https
:path: /serving/container/?pm=307530&lid=20317932&ctype=0&media=0&PageName=TIM%7cnull%7cnull%7cHome_Page&rnd=1577127971&cpref=&loc=https%3a%2f%2fauth.tim.it%2f
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://auth.tim.it/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: C=1; uid=3910048084950714018
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://auth.tim.it/

Response headers

server: nginx
date: Mon, 06 Sep 2021 15:28:13 GMT
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
content-encoding: gzip
expires: -1
vary: Accept-Encoding
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2 200 adaptor.js Show response
cdn.fanplayr.com/customers/tim/adaptor/ 10 KB
4 KB 94ms
28ms Script
application/javascript 99.86.4.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.fanplayr.com/customers/tim/adaptor/adaptor.js
Requested by: Host: track.adform.net
URL: https://track.adform.net/Serving/TrackPoint/?pm=307530&ADFPageName=TIM%7Cnull%7Cnull%7CHome_Page&ADFdivider=%7C&ord=545676428566&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&itm=eyJzdjMiOiIiLCJzdjQiOiIiLCJzdjUiOiIiLCJzdjYiOiIiLCJzdjciOiIiLCJzdjgiOiIiLCJzdjkiOiIiLCJzdjEwIjoiIiwic3YxMSI6IiIsInN2MTIiOiIiLCJzdjEzIjoiIiwic3YxNCI6IiIsInN2MTUiOiIiLCJzdjE2IjoiIiwic3YxNyI6IiIsInN2MTgiOiIiLCJzdjE5IjoiIiwic3YyMCI6IiIsInN2MjEiOiIiLCJzdjIyIjoiIiwic3YyMyI6IiIsInN2MjQiOiIiLCJzdjI1IjoiIiwic3YyNiI6IiIsInN2MjciOiIiLCJzdjI4IjoiIiwic3YyOSI6IiJ9&loc=https%3A%2F%2Fauth.tim.it%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-113.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ef99bd0a5f89a3b56c20b84c4dc25308a7f72ab7fd2d65a977cf9481a4f89f43

Request headers

Referer: https://auth.tim.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id: P.AC4qw0rkF6vrloHiNDIBTvoczAA1C1
content-encoding: gzip
last-modified: Mon, 01 Feb 2021 22:48:17 GMT
server: AmazonS3
age: 350
etag: "fa0c0cfcbac6c4e10a01b1668637c559"
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 7ed7afde326861e358c3c83359e99895.cloudfront.net (CloudFront)
cache-control: max-age=3600, must-revalidate
date: Mon, 06 Sep 2021 15:22:24 GMT
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
content-length: 4052
x-amz-cf-id: 3qEpKjOJHy0DOjRb0Zyc0jQq-nSL1-bBZzADq2q1FsZq2S5HJdAE4w==

GET
H2

200

adformat.js Show response
s2.adform.net/banners/scripts/audiencetag/ Frame 7C9E
Redirect Chain

https://dmp.adform.net/audiencetag/adformat.js
https://s2.adform.net/banners/scripts/audiencetag/adformat.js

4 KB
2 KB

43ms
43ms

Script
application/x-javascript

37.157.2.248
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s2.adform.net/banners/scripts/audiencetag/adformat.js
Requested by: Host: track.adform.net
URL: https://track.adform.net/serving/container/?pm=307530&lid=20317932&ctype=0&media=0&PageName=TIM%7cnull%7cnull%7cHome_Page&rnd=1577127971&cpref=&loc=https%3a%2f%2fauth.tim.it%2f
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.2.248 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 554adcd95948f697337ae206814fa15f42e7bb63de8dbbc1c14096830a22814b

Request headers

Referer: https://track.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 06 Sep 2021 15:28:13 GMT
content-encoding: gzip
last-modified: Mon, 18 Jan 2021 10:39:33 GMT
server: nginx
etag: W/"60056565-11e8"
x-cache-status: HIT
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
content-type: application/x-javascript

Redirect headers

location: https://s2.adform.net/banners/scripts/audiencetag/adformat.js
date: Mon, 06 Sep 2021 15:28:13 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/html

GET
H2 200 bat.js Show response
bat.bing.com/ Frame 7C9E 30 KB
9 KB 48ms
30ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/bat.js
Requested by: Host: auth.tim.it
URL: https://auth.tim.it/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 5c1282fb121104f5a505ecbfd7194e64c98db6b830684450dcfc478021d05257

Request headers

Referer: https://track.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 06 Sep 2021 15:28:12 GMT
content-encoding: gzip
last-modified: Wed, 28 Jul 2021 18:27:37 GMT
x-msedge-ref: Ref A: 939BBE61D2EC40C49807F72D45BF0CE9 Ref B: FRAEDGE1411 Ref C: 2021-09-06T15:28:13Z
etag: "80f2963dde83d71:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 9024

GET
H3-29 200 js Show response
www.googletagmanager.com/gtag/ Frame 7C9E 96 KB
38 KB 26ms
22ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-683809306

Requested by

Host: track.adform.net
URL: https://track.adform.net/serving/container/?pm=307530&lid=20317932&ctype=0&media=0&PageName=TIM%7cnull%7cnull%7cHome_Page&rnd=1577127971&cpref=&loc=https%3a%2f%2fauth.tim.it%2f

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

792ed213111c5573486d6326f62eff4c9a5e3f95480d9aa77c106f7a3ff8a258

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://track.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 06 Sep 2021 15:28:13 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39238
x-xss-protection: 0
last-modified: Mon, 06 Sep 2021 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 06 Sep 2021 15:28:13 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ Frame 7C9E 99 KB
26 KB 20ms
7ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: auth.tim.it
URL: https://auth.tim.it/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

335b59e615135313a66319e641cdad6ac3489a600e04d4181c859699bed4babe

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://track.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 25999
x-xss-protection: 0
pragma: public
x-fb-debug: spb0LoPWd5sHH7U2/oy9AQALDzbpJC+bCcyPRgbPLLrJHu8icFTfDPZSJ738/yi4mcN6OrLA5Z4/UiCYYrCN+w==
x-fb-trip-id: 686109401
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Mon, 06 Sep 2021 15:28:13 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3-29 200 js Show response
www.googletagmanager.com/gtag/ Frame 7C9E 96 KB
38 KB 27ms
23ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-1069000273

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7d27afa14162667394b78e5f71cb63dcadb2e270ca4ebfe712ffb32f198d6735

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://track.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 06 Sep 2021 15:28:13 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39224
x-xss-protection: 0
last-modified: Mon, 06 Sep 2021 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 06 Sep 2021 15:28:13 GMT

GET
H3-29

200

activityi;dc_pre=CLi4j-HU6vICFWXAUQodHJULWg;src=9365760;type=invmedia;cat=tim_f00;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D... Show response
9365760.fls.doubleclick.net/ Frame 6E2A
Redirect Chain

https://9365760.fls.doubleclick.net/activityi;src=9365760;type=invmedia;cat=tim_f00;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%...
https://9365760.fls.doubleclick.net/activityi;dc_pre=CLi4j-HU6vICFWXAUQodHJULWg;src=9365760;type=invmedia;cat=tim_f00;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;...

556 B
452 B

76ms
40ms

Document
text/html

142.250.186.38
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://9365760.fls.doubleclick.net/activityi;dc_pre=CLi4j-HU6vICFWXAUQodHJULWg;src=9365760;type=invmedia;cat=tim_f00;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=8648802347778.024?

Requested by

Host: auth.tim.it
URL: https://auth.tim.it/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.38 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f6.1e100.net

Software

cafe /

Resource Hash

7dec8120de423e317b73c85b793aff3afa0d8644905b881a672a82f83b0bad45

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 9365760.fls.doubleclick.net
:scheme: https
:path: /activityi;dc_pre=CLi4j-HU6vICFWXAUQodHJULWg;src=9365760;type=invmedia;cat=tim_f00;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=8648802347778.024?
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://track.adform.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://track.adform.net/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 06 Sep 2021 15:28:13 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 427
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Mon, 06-Sep-2021 15:43:13 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 06 Sep 2021 15:28:13 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://9365760.fls.doubleclick.net/activityi;dc_pre=CLi4j-HU6vICFWXAUQodHJULWg;src=9365760;type=invmedia;cat=tim_f00;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=8648802347778.024?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 js Show response
www.googletagmanager.com/gtag/ Frame 7C9E 96 KB
38 KB 33ms
31ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-1067695292

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

713e64cc5a6f50daf36eeb0a3c33ed16f099b5006763d6c0cd81c44bbe8da977

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://track.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 06 Sep 2021 15:28:13 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39227
x-xss-protection: 0
last-modified: Mon, 06 Sep 2021 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 06 Sep 2021 15:28:13 GMT

GET
H2 200 /
dmp.adform.net/dmp/profile/ Frame 7C9E 35 B
230 B 135ms
43ms Image
image/gif 37.157.4.41
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmp.adform.net/dmp/profile/?pid=10295&sg=all-cookies

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.41 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://track.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
date: Mon, 06 Sep 2021 15:28:13 GMT
content-type: image/gif

GET
H2 200 /
dmp.adform.net/dmp/profile/ Frame 7C9E 35 B
230 B 135ms
44ms Image
image/gif 37.157.4.41
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmp.adform.net/dmp/profile/?pid=10295&sg=Internet%20su%20misura%20per%20te%20mese

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.41 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://track.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
date: Mon, 06 Sep 2021 15:28:13 GMT
content-type: image/gif

GET
H3-29 200 2667115890275168 Show response
connect.facebook.net/signals/config/ Frame 7C9E 306 KB
87 KB 10ms
7ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/2667115890275168?v=2.9.45&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5cfa0bc6107f1eb40f5e1c01854fcbb52fd2f34cf99dc23d735233a7afd4c1f3

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://track.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 89312
x-xss-protection: 0
pragma: public
x-fb-debug: QXKEjMnBM9AxOlltHAsuIRyVUvImHosu0diYNkjbHtDTCcwij5Qttc77wnoBFQ4T2zh+OGCU0YykFqtV7st8Jw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-frame-options: DENY
date: Mon, 06 Sep 2021 15:28:13 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3-29 200 js Show response
www.googletagmanager.com/gtag/ Frame 7C9E 96 KB
38 KB 17ms
16ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-683809306&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-1069000273

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d70a29c37c812c35c8b939f538600cdf62f7c33b5c717c7ba02f98ccbc3c028e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://track.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 06 Sep 2021 15:28:13 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39235
x-xss-protection: 0
last-modified: Mon, 06 Sep 2021 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 06 Sep 2021 15:28:13 GMT

GET
H3-29 200 js Show response
www.googletagmanager.com/gtag/ Frame 7C9E 96 KB
38 KB 19ms
17ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-1067695292&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-1069000273

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

af10cfd09b1c61e542c4735ee04e81f86ce651aa63a07e74a5e6fe2d566a8d71

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://track.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 06 Sep 2021 15:28:13 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39242
x-xss-protection: 0
last-modified: Mon, 06 Sep 2021 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 06 Sep 2021 15:28:13 GMT

GET
H3-29 200 js Show response
www.googletagmanager.com/gtag/ Frame 7C9E 96 KB
38 KB 18ms
16ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-609393971&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-1069000273

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2a3b0b832f3706e51008fb7ba4e2002c5cfa9f3850172d4c8751b7ce62668672

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://track.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 06 Sep 2021 15:28:13 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39236
x-xss-protection: 0
last-modified: Mon, 06 Sep 2021 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 06 Sep 2021 15:28:13 GMT

GET
H3-29 200 js Show response
www.googletagmanager.com/gtag/ Frame 7C9E 96 KB
38 KB 24ms
22ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-573415252&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-1069000273

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ed617ebcc9153cd8d8f403132f9323b56920115393b5c6b82dcca706e893c9d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://track.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 06 Sep 2021 15:28:13 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39234
x-xss-protection: 0
last-modified: Mon, 06 Sep 2021 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 06 Sep 2021 15:28:13 GMT

GET
H3-29 200 js Show response
www.googletagmanager.com/gtag/ Frame 7C9E 96 KB
38 KB 19ms
17ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-575976087&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-1069000273

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f9db8d42f6461c1fbaae0e8e37a2f70d48ba2ccd6d30c9695ea54307d934d4bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://track.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 06 Sep 2021 15:28:13 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39234
x-xss-protection: 0
last-modified: Mon, 06 Sep 2021 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 06 Sep 2021 15:28:13 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ Frame 7C9E 36 KB
14 KB 101ms
39ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-683809306

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

a53b289843b15d58a9574645ea05db23c5dd6663fc5e39f5c61528ae13de22f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://track.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 06 Sep 2021 15:28:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14079
x-xss-protection: 0
server: cafe
etag: 18326714422570925345
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 06 Sep 2021 15:28:13 GMT

GET
H3-29 200 2417934355129228 Show response
connect.facebook.net/signals/config/ Frame 7C9E 306 KB
87 KB 7ms
7ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/2417934355129228?v=2.9.45&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

a3e60599002ceeb2f9a7d647f6f5a0c70b4e03eb0c21dde675e9327a5feab5a8

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://track.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 89341
x-xss-protection: 0
pragma: public
x-fb-debug: 6MvKEU5hUH/oUNKunDW+U0rSRR85M1EZGipXuweVF+aaFPvHlMbr+4fWoN2NDO/E2H1tHbhoPrqptjCIc6O3pA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Mon, 06 Sep 2021 15:28:13 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ Frame 7C9E 44 B
297 B 20ms
7ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2667115890275168&ev=PageView&dl=https%3A%2F%2Ftrack.adform.net%2Fserving%2Fcontainer%2F%3Fpm%3D307530%26lid%3D20317932%26ctype%3D0%26media%3D0%26PageName%3DTIM%257cnull%257cnull%257cHome_Page%26rnd%3D1577127971%26cpref%3D%26loc%3Dhttps%253a%252f%252fauth.tim.it%252f&rl=https%3A%2F%2Fauth.tim.it%2F&if=true&ts=1630942093645&sw=1600&sh=1200&v=2.9.45&r=stable&ec=0&o=30&it=1630942093579&coo=false&exp=p0&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://track.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 06 Sep 2021 15:28:13 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Mon, 06 Sep 2021 15:28:13 GMT

GET
H2 204 25139965.js Show response
bat.bing.com/p/action/ Frame 7C9E 0
131 B 30ms
30ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/p/action/25139965.js
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://track.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 06 Sep 2021 15:28:13 GMT
cache-control: private,max-age=86400
x-msedge-ref: Ref A: 3B1425D793454433A2484370173E6294 Ref B: FRAEDGE1411 Ref C: 2021-09-06T15:28:13Z
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ Frame 7C9E 0
149 B 30ms
29ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.com/action/0?ti=25139965&Ver=2&mid=a1fec2a6-ae31-415c-b707-001142fe2ea7&pi=0&lg=en-US&sw=1600&sh=1200&sc=24&p=https%3A%2F%2Fauth.tim.it%2F&r=&lt=57&evt=pageLoad&ifm=1&msclkid=N&sv=1&rn=955855
Requested by: Host: track.adform.net
URL: https://track.adform.net/serving/container/?pm=307530&lid=20317932&ctype=0&media=0&PageName=TIM%7cnull%7cnull%7cHome_Page&rnd=1577127971&cpref=&loc=https%3a%2f%2fauth.tim.it%2f
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://track.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Mon, 06 Sep 2021 15:28:13 GMT
cache-control: no-cache, must-revalidate
x-msedge-ref: Ref A: D723D886C15646AC8B4F351049FEB6B4 Ref B: FRAEDGE1411 Ref C: 2021-09-06T15:28:13Z
x-cache: CONFIG_NOCACHE
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 25137502.js Show response
bat.bing.com/p/action/ Frame 7C9E 0
92 B 31ms
30ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/p/action/25137502.js
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://track.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 06 Sep 2021 15:28:13 GMT
cache-control: private,max-age=86400
x-msedge-ref: Ref A: 36BE9635B047470B9E0823400CD3B1B7 Ref B: FRAEDGE1411 Ref C: 2021-09-06T15:28:13Z
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ Frame 7C9E 0
94 B 30ms
29ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.com/action/0?ti=25137502&Ver=2&mid=e258d819-1860-40de-b728-9399b83bf805&pi=0&lg=en-US&sw=1600&sh=1200&sc=24&p=https%3A%2F%2Fauth.tim.it%2F&r=&lt=57&evt=pageLoad&ifm=1&msclkid=N&sv=1&rn=923792
Requested by: Host: track.adform.net
URL: https://track.adform.net/serving/container/?pm=307530&lid=20317932&ctype=0&media=0&PageName=TIM%7cnull%7cnull%7cHome_Page&rnd=1577127971&cpref=&loc=https%3a%2f%2fauth.tim.it%2f
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://track.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Mon, 06 Sep 2021 15:28:13 GMT
cache-control: no-cache, must-revalidate
x-msedge-ref: Ref A: 6563353C05A94FC8A189E476CB428288 Ref B: FRAEDGE1411 Ref C: 2021-09-06T15:28:13Z
x-cache: CONFIG_NOCACHE
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 17216668.js Show response
bat.bing.com/p/action/ Frame 7C9E 0
92 B 31ms
31ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/p/action/17216668.js
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://track.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 06 Sep 2021 15:28:13 GMT
cache-control: private,max-age=86400
x-msedge-ref: Ref A: 84CD726490BB466A96BEE7399AFE30D6 Ref B: FRAEDGE1411 Ref C: 2021-09-06T15:28:13Z
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ Frame 7C9E 0
94 B 29ms
29ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.com/action/0?ti=17216668&Ver=2&mid=4a8f2e6a-24a2-426e-b9d0-f996890092c9&pi=0&lg=en-US&sw=1600&sh=1200&sc=24&p=https%3A%2F%2Fauth.tim.it%2F&r=&lt=57&evt=pageLoad&ifm=1&msclkid=N&sv=1&rn=49673
Requested by: Host: track.adform.net
URL: https://track.adform.net/serving/container/?pm=307530&lid=20317932&ctype=0&media=0&PageName=TIM%7cnull%7cnull%7cHome_Page&rnd=1577127971&cpref=&loc=https%3a%2f%2fauth.tim.it%2f
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://track.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Mon, 06 Sep 2021 15:28:13 GMT
cache-control: no-cache, must-revalidate
x-msedge-ref: Ref A: 124DCE5375C24089B5CA32B53C907577 Ref B: FRAEDGE1411 Ref C: 2021-09-06T15:28:13Z
x-cache: CONFIG_NOCACHE
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 loader.js Show response
cdn.fanplayr.com/client/production/ 2 KB
2 KB 136ms
136ms Script
application/javascript 99.86.4.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.fanplayr.com/client/production/loader.js
Requested by: Host: cdn.fanplayr.com
URL: https://cdn.fanplayr.com/customers/tim/adaptor/adaptor.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-113.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c0616407f09660f651a340f2f5810a476577722f8c1aee8c991c078a7a042506

Request headers

Referer: https://auth.tim.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 06 Sep 2021 15:28:14 GMT
content-encoding: gzip
last-modified: Mon, 30 Aug 2021 06:47:48 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
etag: "c04b37cef3ca125e4a5bd73a530de72d"
x-cache: Miss from cloudfront
x-amz-version-id: 36OydkJlrBN1HJXGaycNGPi86pQc_VqV
via: 1.1 7ed7afde326861e358c3c83359e99895.cloudfront.net (CloudFront)
cache-control: private, max-age=900
accept-ranges: bytes
content-type: application/javascript
content-length: 1410
x-amz-cf-id: HGUfn46DYAk1ucfxZ6IC3MkRXau-jMlgqjYHmX1G8851SUGk8Lw4xA==

GET
H3-29 200 399345334676582 Show response
connect.facebook.net/signals/config/ Frame 7C9E 306 KB
87 KB 7ms
7ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/399345334676582?v=2.9.45&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

40d5e1e4b4efd7e9068a75b6dda79bf0799b3d24e52996a0b5fd28e963151989

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://track.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 89342
x-xss-protection: 0
pragma: public
x-fb-debug: gPSjSjJ1clLLQ4+MZxYeq2zwyI8OXUvjt45cnX3+8Ju9XoXz8kifD1IrFUAMZ8vYv4VQgYB9mcY2XxlqACzKyw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Mon, 06 Sep 2021 15:28:13 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3-29 200 /
www.facebook.com/tr/ Frame 7C9E 44 B
91 B 10ms
8ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2417934355129228&ev=PageView&dl=https%3A%2F%2Ftrack.adform.net%2Fserving%2Fcontainer%2F%3Fpm%3D307530%26lid%3D20317932%26ctype%3D0%26media%3D0%26PageName%3DTIM%257cnull%257cnull%257cHome_Page%26rnd%3D1577127971%26cpref%3D%26loc%3Dhttps%253a%252f%252fauth.tim.it%252f&rl=https%3A%2F%2Fauth.tim.it%2F&if=true&ts=1630942093775&sw=1600&sh=1200&v=2.9.45&r=stable&ec=0&o=30&it=1630942093579&coo=false&exp=p0&rqm=GET

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://track.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 06 Sep 2021 15:28:13 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i
expires: Mon, 06 Sep 2021 15:28:13 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1067695292/ Frame 7C9E 3 KB
1 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1067695292/?random=1630942093778&cv=9&fst=1630942093778&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa910&sendb=1&ig=1&data=event%3Dgtag.config&frm=2&url=https%3A%2F%2Ftrack.adform.net%2Fserving%2Fcontainer%2F%3Fpm%3D307530%26lid%3D20317932%26ctype%3D0%26media%3D0%26PageName%3DTIM%257cnull%257cnull%257cHome_Page%26rnd%3D1577127971%26cpref%3D%26loc%3Dhttps%253a%252f%252fauth.tim.it%252f&ref=https%3A%2F%2Fauth.tim.it%2F&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

76be42e03f7ca91e8459282c15c32a7be4c01539465770a388ac513557ca3e3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://track.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Sep 2021 15:28:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1129
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1067695292/ Frame 7C9E 3 KB
1 KB 29ms
29ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1067695292/?random=1630942093780&cv=9&fst=1630942093780&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa910&sendb=1&ig=1&data=event%3Dgtag.config&frm=2&url=https%3A%2F%2Ftrack.adform.net%2Fserving%2Fcontainer%2F%3Fpm%3D307530%26lid%3D20317932%26ctype%3D0%26media%3D0%26PageName%3DTIM%257cnull%257cnull%257cHome_Page%26rnd%3D1577127971%26cpref%3D%26loc%3Dhttps%253a%252f%252fauth.tim.it%252f&ref=https%3A%2F%2Fauth.tim.it%2F&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

809f9e101c94eb438b1a6db441c81b167b6e4fee38f7e9d4a60f4feb23bf9821

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://track.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Sep 2021 15:28:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1128
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29

200

/
www.google.de/pagead/1p-user-list/1067695292/ Frame 7C9E
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1067695292/?random=1630942093780&cv=9&fst=1630942093780&num=1&fmt=3&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1...
https://www.google.com/pagead/1p-user-list/1067695292/?random=1630942093780&cv=9&fst=1630940400000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_jav...
https://www.google.de/pagead/1p-user-list/1067695292/?random=1630942093780&cv=9&fst=1630940400000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java...

42 B
64 B

26ms
17ms

Image
image/gif

2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1067695292/?random=1630942093780&cv=9&fst=1630940400000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa910&sendb=1&data=event%3Dgtag.config&frm=2&url=https%3A%2F%2Ftrack.adform.net%2Fserving%2Fcontainer%2F%3Fpm%3D307530%26lid%3D20317932%26ctype%3D0%26media%3D0%26PageName%3DTIM%257cnull%257cnull%257cHome_Page%26rnd%3D1577127971%26cpref%3D%26loc%3Dhttps%253a%252f%252fauth.tim.it%252f&ref=https%3A%2F%2Fauth.tim.it%2F&async=1&is_vtc=1&random=3214688733&resp=GooglemKTybQhCsO&ipr=y

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://track.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Sep 2021 15:28:13 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 06 Sep 2021 15:28:13 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/gif
location: https://www.google.de/pagead/1p-user-list/1067695292/?random=1630942093780&cv=9&fst=1630940400000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa910&sendb=1&data=event%3Dgtag.config&frm=2&url=https%3A%2F%2Ftrack.adform.net%2Fserving%2Fcontainer%2F%3Fpm%3D307530%26lid%3D20317932%26ctype%3D0%26media%3D0%26PageName%3DTIM%257cnull%257cnull%257cHome_Page%26rnd%3D1577127971%26cpref%3D%26loc%3Dhttps%253a%252f%252fauth.tim.it%252f&ref=https%3A%2F%2Fauth.tim.it%2F&async=1&is_vtc=1&random=3214688733&resp=GooglemKTybQhCsO&ipr=y
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/575976087/ Frame 7C9E 3 KB
1 KB 28ms
28ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/575976087/?random=1630942093781&cv=9&fst=1630942093781&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa910&sendb=1&ig=1&data=event%3Dgtag.config&frm=2&url=https%3A%2F%2Ftrack.adform.net%2Fserving%2Fcontainer%2F%3Fpm%3D307530%26lid%3D20317932%26ctype%3D0%26media%3D0%26PageName%3DTIM%257cnull%257cnull%257cHome_Page%26rnd%3D1577127971%26cpref%3D%26loc%3Dhttps%253a%252f%252fauth.tim.it%252f&ref=https%3A%2F%2Fauth.tim.it%2F&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1efa8e038018f9f8b6564f57cb03d8fbf1c211276ccf7e533a5d07bb90375677

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://track.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Sep 2021 15:28:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1127
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/575976087/ Frame 7C9E 3 KB
1 KB 29ms
20ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/575976087/?random=1630942093782&cv=9&fst=1630942093782&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa910&sendb=1&ig=1&data=event%3Dgtag.config&frm=2&url=https%3A%2F%2Ftrack.adform.net%2Fserving%2Fcontainer%2F%3Fpm%3D307530%26lid%3D20317932%26ctype%3D0%26media%3D0%26PageName%3DTIM%257cnull%257cnull%257cHome_Page%26rnd%3D1577127971%26cpref%3D%26loc%3Dhttps%253a%252f%252fauth.tim.it%252f&ref=https%3A%2F%2Fauth.tim.it%2F&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d65ede7c06bea7dea332846c2a02015988f885dc199197088f4c028e85209614

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://track.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Sep 2021 15:28:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1128
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1069000273/ Frame 7C9E 3 KB
1 KB 42ms
34ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1069000273/?random=1630942093783&cv=9&fst=1630942093783&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa910&sendb=1&ig=1&data=event%3Dgtag.config&frm=2&url=https%3A%2F%2Ftrack.adform.net%2Fserving%2Fcontainer%2F%3Fpm%3D307530%26lid%3D20317932%26ctype%3D0%26media%3D0%26PageName%3DTIM%257cnull%257cnull%257cHome_Page%26rnd%3D1577127971%26cpref%3D%26loc%3Dhttps%253a%252f%252fauth.tim.it%252f&ref=https%3A%2F%2Fauth.tim.it%2F&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

32fab13c0382c458672f6a0adee666a73945adb1effccfc5994a9dbcb3d2d2d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://track.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Sep 2021 15:28:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1128
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29

200

/
www.google.de/pagead/1p-user-list/1069000273/ Frame 7C9E
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1069000273/?random=1630942093783&cv=9&fst=1630942093783&num=1&fmt=3&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1...
https://www.google.com/pagead/1p-user-list/1069000273/?random=1630942093783&cv=9&fst=1630940400000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_jav...
https://www.google.de/pagead/1p-user-list/1069000273/?random=1630942093783&cv=9&fst=1630940400000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java...

42 B
64 B

23ms
22ms

Image
image/gif

2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1069000273/?random=1630942093783&cv=9&fst=1630940400000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa910&sendb=1&data=event%3Dgtag.config&frm=2&url=https%3A%2F%2Ftrack.adform.net%2Fserving%2Fcontainer%2F%3Fpm%3D307530%26lid%3D20317932%26ctype%3D0%26media%3D0%26PageName%3DTIM%257cnull%257cnull%257cHome_Page%26rnd%3D1577127971%26cpref%3D%26loc%3Dhttps%253a%252f%252fauth.tim.it%252f&ref=https%3A%2F%2Fauth.tim.it%2F&async=1&is_vtc=1&random=424575585&resp=GooglemKTybQhCsO&ipr=y

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://track.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Sep 2021 15:28:13 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 06 Sep 2021 15:28:13 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/gif
location: https://www.google.de/pagead/1p-user-list/1069000273/?random=1630942093783&cv=9&fst=1630940400000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa910&sendb=1&data=event%3Dgtag.config&frm=2&url=https%3A%2F%2Ftrack.adform.net%2Fserving%2Fcontainer%2F%3Fpm%3D307530%26lid%3D20317932%26ctype%3D0%26media%3D0%26PageName%3DTIM%257cnull%257cnull%257cHome_Page%26rnd%3D1577127971%26cpref%3D%26loc%3Dhttps%253a%252f%252fauth.tim.it%252f&ref=https%3A%2F%2Fauth.tim.it%2F&async=1&is_vtc=1&random=424575585&resp=GooglemKTybQhCsO&ipr=y
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/573415252/ Frame 7C9E 3 KB
1 KB 34ms
32ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/573415252/?random=1630942093784&cv=9&fst=1630942093784&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa910&sendb=1&ig=1&data=event%3Dgtag.config&frm=2&url=https%3A%2F%2Ftrack.adform.net%2Fserving%2Fcontainer%2F%3Fpm%3D307530%26lid%3D20317932%26ctype%3D0%26media%3D0%26PageName%3DTIM%257cnull%257cnull%257cHome_Page%26rnd%3D1577127971%26cpref%3D%26loc%3Dhttps%253a%252f%252fauth.tim.it%252f&ref=https%3A%2F%2Fauth.tim.it%2F&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d8ee7429bf243c4e07ec7e023e0d4630cbae1a3cdb1f0d4f3b48f35413f948fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://track.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Sep 2021 15:28:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1128
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29

200

/
www.google.de/pagead/1p-user-list/573415252/ Frame 7C9E
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/573415252/?random=1630942093784&cv=9&fst=1630942093784&num=1&fmt=3&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=12...
https://www.google.com/pagead/1p-user-list/573415252/?random=1630942093784&cv=9&fst=1630940400000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java...
https://www.google.de/pagead/1p-user-list/573415252/?random=1630942093784&cv=9&fst=1630940400000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=...

42 B
64 B

17ms
17ms

Image
image/gif

2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/573415252/?random=1630942093784&cv=9&fst=1630940400000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa910&sendb=1&data=event%3Dgtag.config&frm=2&url=https%3A%2F%2Ftrack.adform.net%2Fserving%2Fcontainer%2F%3Fpm%3D307530%26lid%3D20317932%26ctype%3D0%26media%3D0%26PageName%3DTIM%257cnull%257cnull%257cHome_Page%26rnd%3D1577127971%26cpref%3D%26loc%3Dhttps%253a%252f%252fauth.tim.it%252f&ref=https%3A%2F%2Fauth.tim.it%2F&async=1&is_vtc=1&random=4050408243&resp=GooglemKTybQhCsO&ipr=y

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://track.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Sep 2021 15:28:13 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 06 Sep 2021 15:28:13 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/gif
location: https://www.google.de/pagead/1p-user-list/573415252/?random=1630942093784&cv=9&fst=1630940400000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa910&sendb=1&data=event%3Dgtag.config&frm=2&url=https%3A%2F%2Ftrack.adform.net%2Fserving%2Fcontainer%2F%3Fpm%3D307530%26lid%3D20317932%26ctype%3D0%26media%3D0%26PageName%3DTIM%257cnull%257cnull%257cHome_Page%26rnd%3D1577127971%26cpref%3D%26loc%3Dhttps%253a%252f%252fauth.tim.it%252f&ref=https%3A%2F%2Fauth.tim.it%2F&async=1&is_vtc=1&random=4050408243&resp=GooglemKTybQhCsO&ipr=y
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/683809306/ Frame 7C9E 3 KB
1 KB 33ms
31ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/683809306/?random=1630942093785&cv=9&fst=1630942093785&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa910&sendb=1&ig=1&data=event%3Dgtag.config&frm=2&url=https%3A%2F%2Ftrack.adform.net%2Fserving%2Fcontainer%2F%3Fpm%3D307530%26lid%3D20317932%26ctype%3D0%26media%3D0%26PageName%3DTIM%257cnull%257cnull%257cHome_Page%26rnd%3D1577127971%26cpref%3D%26loc%3Dhttps%253a%252f%252fauth.tim.it%252f&ref=https%3A%2F%2Fauth.tim.it%2F&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ce6b1891638679728798b8cc8b1b8fc84ba268aae031a12240ddd346fd6bfa36

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://track.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Sep 2021 15:28:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1127
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/609393971/ Frame 7C9E 3 KB
1 KB 33ms
31ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/609393971/?random=1630942093786&cv=9&fst=1630942093786&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa910&sendb=1&ig=1&data=event%3Dgtag.config&frm=2&url=https%3A%2F%2Ftrack.adform.net%2Fserving%2Fcontainer%2F%3Fpm%3D307530%26lid%3D20317932%26ctype%3D0%26media%3D0%26PageName%3DTIM%257cnull%257cnull%257cHome_Page%26rnd%3D1577127971%26cpref%3D%26loc%3Dhttps%253a%252f%252fauth.tim.it%252f&ref=https%3A%2F%2Fauth.tim.it%2F&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e74df059eac21722d5ed7e6338d0db6aefdede065c857d093566e82220b9313c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://track.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Sep 2021 15:28:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1126
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29

200

/
www.google.de/pagead/1p-user-list/609393971/ Frame 7C9E
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/609393971/?random=1630942093786&cv=9&fst=1630942093786&num=1&fmt=3&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=12...
https://www.google.com/pagead/1p-user-list/609393971/?random=1630942093786&cv=9&fst=1630940400000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java...
https://www.google.de/pagead/1p-user-list/609393971/?random=1630942093786&cv=9&fst=1630940400000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=...

42 B
64 B

19ms
19ms

Image
image/gif

2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/609393971/?random=1630942093786&cv=9&fst=1630940400000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa910&sendb=1&data=event%3Dgtag.config&frm=2&url=https%3A%2F%2Ftrack.adform.net%2Fserving%2Fcontainer%2F%3Fpm%3D307530%26lid%3D20317932%26ctype%3D0%26media%3D0%26PageName%3DTIM%257cnull%257cnull%257cHome_Page%26rnd%3D1577127971%26cpref%3D%26loc%3Dhttps%253a%252f%252fauth.tim.it%252f&ref=https%3A%2F%2Fauth.tim.it%2F&async=1&is_vtc=1&random=1684691000&resp=GooglemKTybQhCsO&ipr=y

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://track.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Sep 2021 15:28:13 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 06 Sep 2021 15:28:13 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/gif
location: https://www.google.de/pagead/1p-user-list/609393971/?random=1630942093786&cv=9&fst=1630940400000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa910&sendb=1&data=event%3Dgtag.config&frm=2&url=https%3A%2F%2Ftrack.adform.net%2Fserving%2Fcontainer%2F%3Fpm%3D307530%26lid%3D20317932%26ctype%3D0%26media%3D0%26PageName%3DTIM%257cnull%257cnull%257cHome_Page%26rnd%3D1577127971%26cpref%3D%26loc%3Dhttps%253a%252f%252fauth.tim.it%252f&ref=https%3A%2F%2Fauth.tim.it%2F&async=1&is_vtc=1&random=1684691000&resp=GooglemKTybQhCsO&ipr=y
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
adservice.google.com/ddm/fls/i/dc_pre=CLi4j-HU6vICFWXAUQodHJULWg;src=9365760;type=invmedia;cat=tim_f00;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%... Frame 0673 555 B
658 B 43ms
42ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/ddm/fls/i/dc_pre=CLi4j-HU6vICFWXAUQodHJULWg;src=9365760;type=invmedia;cat=tim_f00;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=8648802347778.024;~oref=https://track.adform.net/

Requested by

Host: 9365760.fls.doubleclick.net
URL: https://9365760.fls.doubleclick.net/activityi;dc_pre=CLi4j-HU6vICFWXAUQodHJULWg;src=9365760;type=invmedia;cat=tim_f00;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=8648802347778.024?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

22eadda199c85631aa3cf6d1e85391208ec8fea2dfe67fa667823ebc0d921b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: adservice.google.com
:scheme: https
:path: /ddm/fls/i/dc_pre=CLi4j-HU6vICFWXAUQodHJULWg;src=9365760;type=invmedia;cat=tim_f00;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=8648802347778.024;~oref=https://track.adform.net/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://9365760.fls.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://9365760.fls.doubleclick.net/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 06 Sep 2021 15:28:13 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 425
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 cookiesegments Show response
dmp.adform.net/audiencetag/ Frame 7C9E 2 B
238 B 136ms
135ms XHR
application/json 37.157.4.41
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://dmp.adform.net/audiencetag/cookiesegments?token=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJBZGZvcm0uRE1QLkNsYWltczo6RGF0YVByb3ZpZGVycyI6IlsxMDI5NV0iLCJpc3MiOiJkbXAtYXBpLmFkZm9ybS5jb20iLCJhdWQiOiJhdWRpZW5jZV90YWdfY29uc3VtZXJfdjEiLCJleHAiOjE4ODkwMDYwMTksIm5iZiI6MTU3MzY0NTk1OX0.UojK3DHIKL2L7CEDUMggIK5owXQvVGdxM1RdCgbVrr8

Requested by

Host: dmp.adform.net
URL: https://dmp.adform.net/audiencetag/adformat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.41 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json
Referer: https://track.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 06 Sep 2021 15:28:13 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://track.adform.net
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2 200 platform.min.js Show response
cdn.fanplayr.com/client/production/platform/releases/1.115.0/ 186 KB
64 KB 35ms
34ms Script
application/javascript 99.86.4.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.fanplayr.com/client/production/platform/releases/1.115.0/platform.min.js
Requested by: Host: cdn.fanplayr.com
URL: https://cdn.fanplayr.com/client/production/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-113.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ffb5502961e599fbbcf068c58713e133470876463c8d3ab4c2492634c6bdc670

Request headers

Referer: https://auth.tim.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 06:47:48 GMT
content-encoding: gzip
last-modified: Mon, 30 Aug 2021 06:47:21 GMT
server: AmazonS3
age: 636026
etag: "3036f8363e524b05f808962d729dc8ce"
x-cache: Hit from cloudfront
x-amz-version-id: z2qtyqKgJV75Hs5ckLCm4CGfZecL9ihN
via: 1.1 7ed7afde326861e358c3c83359e99895.cloudfront.net (CloudFront)
cache-control: max-age=2592000
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
content-type: application/javascript
content-length: 65533
x-amz-cf-id: y09hN1iKMsW64ZCM2HHCONThwBWk4MMf_fvoUluZTnRUN07MFok0Yg==

GET
H3-29 200 /
www.facebook.com/tr/ Frame 7C9E 44 B
88 B 7ms
6ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=399345334676582&ev=PageView&dl=https%3A%2F%2Ftrack.adform.net%2Fserving%2Fcontainer%2F%3Fpm%3D307530%26lid%3D20317932%26ctype%3D0%26media%3D0%26PageName%3DTIM%257cnull%257cnull%257cHome_Page%26rnd%3D1577127971%26cpref%3D%26loc%3Dhttps%253a%252f%252fauth.tim.it%252f&rl=https%3A%2F%2Fauth.tim.it%2F&if=true&ts=1630942093804&sw=1600&sh=1200&v=2.9.45&r=stable&ec=0&o=30&it=1630942093579&coo=false&exp=p0&rqm=GET

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://track.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 06 Sep 2021 15:28:13 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i
expires: Mon, 06 Sep 2021 15:28:13 GMT

GET
H3-29 200 /
www.google.com/pagead/1p-user-list/1067695292/ Frame 7C9E 42 B
64 B 20ms
19ms Image
image/gif 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1067695292/?random=1630942093778&cv=9&fst=1630940400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa910&sendb=1&data=event%3Dgtag.config&frm=2&url=https%3A%2F%2Ftrack.adform.net%2Fserving%2Fcontainer%2F%3Fpm%3D307530%26lid%3D20317932%26ctype%3D0%26media%3D0%26PageName%3DTIM%257cnull%257cnull%257cHome_Page%26rnd%3D1577127971%26cpref%3D%26loc%3Dhttps%253a%252f%252fauth.tim.it%252f&ref=https%3A%2F%2Fauth.tim.it%2F&async=1&fmt=3&is_vtc=1&random=2857593634&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://track.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Sep 2021 15:28:13 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 /
www.google.de/pagead/1p-user-list/1067695292/ Frame 7C9E 42 B
64 B 35ms
20ms Image
image/gif 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1067695292/?random=1630942093778&cv=9&fst=1630940400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa910&sendb=1&data=event%3Dgtag.config&frm=2&url=https%3A%2F%2Ftrack.adform.net%2Fserving%2Fcontainer%2F%3Fpm%3D307530%26lid%3D20317932%26ctype%3D0%26media%3D0%26PageName%3DTIM%257cnull%257cnull%257cHome_Page%26rnd%3D1577127971%26cpref%3D%26loc%3Dhttps%253a%252f%252fauth.tim.it%252f&ref=https%3A%2F%2Fauth.tim.it%2F&async=1&fmt=3&is_vtc=1&random=2857593634&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://track.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Sep 2021 15:28:13 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 /
www.google.com/pagead/1p-user-list/1067695292/ Frame 7C9E 42 B
64 B 24ms
21ms Image
image/gif 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1067695292/?random=1630942093780&cv=9&fst=1630940400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa910&sendb=1&data=event%3Dgtag.config&frm=2&url=https%3A%2F%2Ftrack.adform.net%2Fserving%2Fcontainer%2F%3Fpm%3D307530%26lid%3D20317932%26ctype%3D0%26media%3D0%26PageName%3DTIM%257cnull%257cnull%257cHome_Page%26rnd%3D1577127971%26cpref%3D%26loc%3Dhttps%253a%252f%252fauth.tim.it%252f&ref=https%3A%2F%2Fauth.tim.it%2F&async=1&fmt=3&is_vtc=1&random=1897347175&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://track.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Sep 2021 15:28:13 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 /
www.google.de/pagead/1p-user-list/1067695292/ Frame 7C9E 42 B
64 B 30ms
19ms Image
image/gif 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1067695292/?random=1630942093780&cv=9&fst=1630940400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa910&sendb=1&data=event%3Dgtag.config&frm=2&url=https%3A%2F%2Ftrack.adform.net%2Fserving%2Fcontainer%2F%3Fpm%3D307530%26lid%3D20317932%26ctype%3D0%26media%3D0%26PageName%3DTIM%257cnull%257cnull%257cHome_Page%26rnd%3D1577127971%26cpref%3D%26loc%3Dhttps%253a%252f%252fauth.tim.it%252f&ref=https%3A%2F%2Fauth.tim.it%2F&async=1&fmt=3&is_vtc=1&random=1897347175&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://track.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Sep 2021 15:28:13 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 /
www.google.com/pagead/1p-user-list/575976087/ Frame 7C9E 42 B
64 B 20ms
19ms Image
image/gif 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/575976087/?random=1630942093781&cv=9&fst=1630940400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa910&sendb=1&data=event%3Dgtag.config&frm=2&url=https%3A%2F%2Ftrack.adform.net%2Fserving%2Fcontainer%2F%3Fpm%3D307530%26lid%3D20317932%26ctype%3D0%26media%3D0%26PageName%3DTIM%257cnull%257cnull%257cHome_Page%26rnd%3D1577127971%26cpref%3D%26loc%3Dhttps%253a%252f%252fauth.tim.it%252f&ref=https%3A%2F%2Fauth.tim.it%2F&async=1&fmt=3&is_vtc=1&random=1164995131&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://track.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Sep 2021 15:28:13 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 /
www.google.de/pagead/1p-user-list/575976087/ Frame 7C9E 42 B
64 B 31ms
21ms Image
image/gif 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/575976087/?random=1630942093781&cv=9&fst=1630940400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa910&sendb=1&data=event%3Dgtag.config&frm=2&url=https%3A%2F%2Ftrack.adform.net%2Fserving%2Fcontainer%2F%3Fpm%3D307530%26lid%3D20317932%26ctype%3D0%26media%3D0%26PageName%3DTIM%257cnull%257cnull%257cHome_Page%26rnd%3D1577127971%26cpref%3D%26loc%3Dhttps%253a%252f%252fauth.tim.it%252f&ref=https%3A%2F%2Fauth.tim.it%2F&async=1&fmt=3&is_vtc=1&random=1164995131&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://track.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Sep 2021 15:28:13 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 /
www.google.com/pagead/1p-user-list/575976087/ Frame 7C9E 42 B
64 B 23ms
22ms Image
image/gif 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/575976087/?random=1630942093782&cv=9&fst=1630940400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa910&sendb=1&data=event%3Dgtag.config&frm=2&url=https%3A%2F%2Ftrack.adform.net%2Fserving%2Fcontainer%2F%3Fpm%3D307530%26lid%3D20317932%26ctype%3D0%26media%3D0%26PageName%3DTIM%257cnull%257cnull%257cHome_Page%26rnd%3D1577127971%26cpref%3D%26loc%3Dhttps%253a%252f%252fauth.tim.it%252f&ref=https%3A%2F%2Fauth.tim.it%2F&async=1&fmt=3&is_vtc=1&random=656724115&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://track.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Sep 2021 15:28:13 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 /
www.google.de/pagead/1p-user-list/575976087/ Frame 7C9E 42 B
64 B 29ms
21ms Image
image/gif 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/575976087/?random=1630942093782&cv=9&fst=1630940400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa910&sendb=1&data=event%3Dgtag.config&frm=2&url=https%3A%2F%2Ftrack.adform.net%2Fserving%2Fcontainer%2F%3Fpm%3D307530%26lid%3D20317932%26ctype%3D0%26media%3D0%26PageName%3DTIM%257cnull%257cnull%257cHome_Page%26rnd%3D1577127971%26cpref%3D%26loc%3Dhttps%253a%252f%252fauth.tim.it%252f&ref=https%3A%2F%2Fauth.tim.it%2F&async=1&fmt=3&is_vtc=1&random=656724115&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://track.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Sep 2021 15:28:13 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 /
www.google.com/pagead/1p-user-list/1069000273/ Frame 7C9E 42 B
64 B 20ms
20ms Image
image/gif 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1069000273/?random=1630942093783&cv=9&fst=1630940400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa910&sendb=1&data=event%3Dgtag.config&frm=2&url=https%3A%2F%2Ftrack.adform.net%2Fserving%2Fcontainer%2F%3Fpm%3D307530%26lid%3D20317932%26ctype%3D0%26media%3D0%26PageName%3DTIM%257cnull%257cnull%257cHome_Page%26rnd%3D1577127971%26cpref%3D%26loc%3Dhttps%253a%252f%252fauth.tim.it%252f&ref=https%3A%2F%2Fauth.tim.it%2F&async=1&fmt=3&is_vtc=1&random=3574217218&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://track.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Sep 2021 15:28:13 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 /
www.google.de/pagead/1p-user-list/1069000273/ Frame 7C9E 42 B
64 B 17ms
17ms Image
image/gif 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1069000273/?random=1630942093783&cv=9&fst=1630940400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa910&sendb=1&data=event%3Dgtag.config&frm=2&url=https%3A%2F%2Ftrack.adform.net%2Fserving%2Fcontainer%2F%3Fpm%3D307530%26lid%3D20317932%26ctype%3D0%26media%3D0%26PageName%3DTIM%257cnull%257cnull%257cHome_Page%26rnd%3D1577127971%26cpref%3D%26loc%3Dhttps%253a%252f%252fauth.tim.it%252f&ref=https%3A%2F%2Fauth.tim.it%2F&async=1&fmt=3&is_vtc=1&random=3574217218&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://track.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Sep 2021 15:28:13 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 /
www.google.com/pagead/1p-user-list/609393971/ Frame 7C9E 42 B
64 B 20ms
20ms Image
image/gif 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/609393971/?random=1630942093786&cv=9&fst=1630940400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa910&sendb=1&data=event%3Dgtag.config&frm=2&url=https%3A%2F%2Ftrack.adform.net%2Fserving%2Fcontainer%2F%3Fpm%3D307530%26lid%3D20317932%26ctype%3D0%26media%3D0%26PageName%3DTIM%257cnull%257cnull%257cHome_Page%26rnd%3D1577127971%26cpref%3D%26loc%3Dhttps%253a%252f%252fauth.tim.it%252f&ref=https%3A%2F%2Fauth.tim.it%2F&async=1&fmt=3&is_vtc=1&random=660128452&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://track.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Sep 2021 15:28:13 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 /
www.google.de/pagead/1p-user-list/609393971/ Frame 7C9E 42 B
64 B 19ms
18ms Image
image/gif 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/609393971/?random=1630942093786&cv=9&fst=1630940400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa910&sendb=1&data=event%3Dgtag.config&frm=2&url=https%3A%2F%2Ftrack.adform.net%2Fserving%2Fcontainer%2F%3Fpm%3D307530%26lid%3D20317932%26ctype%3D0%26media%3D0%26PageName%3DTIM%257cnull%257cnull%257cHome_Page%26rnd%3D1577127971%26cpref%3D%26loc%3Dhttps%253a%252f%252fauth.tim.it%252f&ref=https%3A%2F%2Fauth.tim.it%2F&async=1&fmt=3&is_vtc=1&random=660128452&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://track.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Sep 2021 15:28:13 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 /
www.google.com/pagead/1p-user-list/683809306/ Frame 7C9E 42 B
64 B 20ms
20ms Image
image/gif 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/683809306/?random=1630942093785&cv=9&fst=1630940400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa910&sendb=1&data=event%3Dgtag.config&frm=2&url=https%3A%2F%2Ftrack.adform.net%2Fserving%2Fcontainer%2F%3Fpm%3D307530%26lid%3D20317932%26ctype%3D0%26media%3D0%26PageName%3DTIM%257cnull%257cnull%257cHome_Page%26rnd%3D1577127971%26cpref%3D%26loc%3Dhttps%253a%252f%252fauth.tim.it%252f&ref=https%3A%2F%2Fauth.tim.it%2F&async=1&fmt=3&is_vtc=1&random=3339744549&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://track.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Sep 2021 15:28:13 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 /
www.google.de/pagead/1p-user-list/683809306/ Frame 7C9E 42 B
64 B 17ms
17ms Image
image/gif 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/683809306/?random=1630942093785&cv=9&fst=1630940400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa910&sendb=1&data=event%3Dgtag.config&frm=2&url=https%3A%2F%2Ftrack.adform.net%2Fserving%2Fcontainer%2F%3Fpm%3D307530%26lid%3D20317932%26ctype%3D0%26media%3D0%26PageName%3DTIM%257cnull%257cnull%257cHome_Page%26rnd%3D1577127971%26cpref%3D%26loc%3Dhttps%253a%252f%252fauth.tim.it%252f&ref=https%3A%2F%2Fauth.tim.it%2F&async=1&fmt=3&is_vtc=1&random=3339744549&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://track.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Sep 2021 15:28:13 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 /
www.google.com/pagead/1p-user-list/573415252/ Frame 7C9E 42 B
64 B 20ms
19ms Image
image/gif 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/573415252/?random=1630942093784&cv=9&fst=1630940400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa910&sendb=1&data=event%3Dgtag.config&frm=2&url=https%3A%2F%2Ftrack.adform.net%2Fserving%2Fcontainer%2F%3Fpm%3D307530%26lid%3D20317932%26ctype%3D0%26media%3D0%26PageName%3DTIM%257cnull%257cnull%257cHome_Page%26rnd%3D1577127971%26cpref%3D%26loc%3Dhttps%253a%252f%252fauth.tim.it%252f&ref=https%3A%2F%2Fauth.tim.it%2F&async=1&fmt=3&is_vtc=1&random=3161225331&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://track.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Sep 2021 15:28:13 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 /
www.google.de/pagead/1p-user-list/573415252/ Frame 7C9E 42 B
64 B 19ms
18ms Image
image/gif 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/573415252/?random=1630942093784&cv=9&fst=1630940400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa910&sendb=1&data=event%3Dgtag.config&frm=2&url=https%3A%2F%2Ftrack.adform.net%2Fserving%2Fcontainer%2F%3Fpm%3D307530%26lid%3D20317932%26ctype%3D0%26media%3D0%26PageName%3DTIM%257cnull%257cnull%257cHome_Page%26rnd%3D1577127971%26cpref%3D%26loc%3Dhttps%253a%252f%252fauth.tim.it%252f&ref=https%3A%2F%2Fauth.tim.it%2F&async=1&fmt=3&is_vtc=1&random=3161225331&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://track.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Sep 2021 15:28:13 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
adservice.google.de/ddm/fls/i/dc_pre=CLi4j-HU6vICFWXAUQodHJULWg;src=9365760;type=invmedia;cat=tim_f00;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7... Frame 6042 194 B
391 B 44ms
44ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/ddm/fls/i/dc_pre=CLi4j-HU6vICFWXAUQodHJULWg;src=9365760;type=invmedia;cat=tim_f00;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=8648802347778.024;~oref=https://track.adform.net/

Requested by

Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=CLi4j-HU6vICFWXAUQodHJULWg;src=9365760;type=invmedia;cat=tim_f00;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=8648802347778.024;~oref=https://track.adform.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: adservice.google.de
:scheme: https
:path: /ddm/fls/i/dc_pre=CLi4j-HU6vICFWXAUQodHJULWg;src=9365760;type=invmedia;cat=tim_f00;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=8648802347778.024;~oref=https://track.adform.net/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://adservice.google.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://adservice.google.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 06 Sep 2021 15:28:13 GMT
expires: Mon, 06 Sep 2021 15:28:13 GMT
cache-control: private, max-age=0
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 177
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H2 200 /
www.facebook.com/tr/ Frame 7C9E 44 B
147 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2667115890275168&ev=Microdata&dl=https%3A%2F%2Ftrack.adform.net%2Fserving%2Fcontainer%2F%3Fpm%3D307530%26lid%3D20317932%26ctype%3D0%26media%3D0%26PageName%3DTIM%257cnull%257cnull%257cHome_Page%26rnd%3D1577127971%26cpref%3D%26loc%3Dhttps%253a%252f%252fauth.tim.it%252f&rl=https%3A%2F%2Fauth.tim.it%2F&if=true&ts=1630942095148&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.45&r=stable&ec=1&o=30&it=1630942093579&coo=false&es=automatic&tm=3&exp=p0&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://track.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 06 Sep 2021 15:28:15 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Mon, 06 Sep 2021 15:28:15 GMT

GET
H3-29 200 /
www.facebook.com/tr/ Frame 7C9E 44 B
88 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2417934355129228&ev=Microdata&dl=https%3A%2F%2Ftrack.adform.net%2Fserving%2Fcontainer%2F%3Fpm%3D307530%26lid%3D20317932%26ctype%3D0%26media%3D0%26PageName%3DTIM%257cnull%257cnull%257cHome_Page%26rnd%3D1577127971%26cpref%3D%26loc%3Dhttps%253a%252f%252fauth.tim.it%252f&rl=https%3A%2F%2Fauth.tim.it%2F&if=true&ts=1630942095276&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.45&r=stable&ec=1&o=30&it=1630942093579&coo=false&es=automatic&tm=3&exp=p0&rqm=GET

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://track.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 06 Sep 2021 15:28:15 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i
expires: Mon, 06 Sep 2021 15:28:15 GMT

GET
H3-29 200 /
www.facebook.com/tr/ Frame 7C9E 44 B
88 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=399345334676582&ev=Microdata&dl=https%3A%2F%2Ftrack.adform.net%2Fserving%2Fcontainer%2F%3Fpm%3D307530%26lid%3D20317932%26ctype%3D0%26media%3D0%26PageName%3DTIM%257cnull%257cnull%257cHome_Page%26rnd%3D1577127971%26cpref%3D%26loc%3Dhttps%253a%252f%252fauth.tim.it%252f&rl=https%3A%2F%2Fauth.tim.it%2F&if=true&ts=1630942095305&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.45&r=stable&ec=1&o=30&it=1630942093579&coo=false&es=automatic&tm=3&exp=p0&rqm=GET

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://track.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 06 Sep 2021 15:28:15 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i
expires: Mon, 06 Sep 2021 15:28:15 GMT

Verdicts & Comments Add Verdict or Comment

54 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.doubleclick.net/	1970-01-20 06:23:58	Name: IDE Value: AHWqTUn168wyEIYe1JGhZE5QI3f9Z81WTdpuTN8rx3TgL2Ku6iRT3qgoDEGIU6tL
.adform.net/	1970-01-19 22:28:46	Name: uid Value: 3910048084950714018
.auth.tim.it/	1970-01-19 21:02:22	Name: _gat_UA-62626411-1 Value: 1
.adform.net/	1970-01-19 21:45:34	Name: C Value: 1
.auth.tim.it/	1970-01-19 21:03:48	Name: _gid Value: GA1.3.778936116.1630942093
.auth.tim.it/	1970-01-20 14:33:34	Name: _ga Value: GA1.3.846833565.1630942093

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

9365760.fls.doubleclick.net
adservice.google.com
adservice.google.de
auth.tim.it
bat.bing.com
cdn.fanplayr.com
connect.facebook.net
dmp.adform.net
googleads.g.doubleclick.net
img.tim.it
s2.adform.net
static.tim.it
stats.g.doubleclick.net
track.adform.net
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
142.250.186.38
142.250.186.98
156.54.82.108
156.54.82.85
156.54.82.86
2620:1ec:c11::200
2a00:1450:4001:800::2003
2a00:1450:4001:803::2002
2a00:1450:4001:809::2002
2a00:1450:4001:80f::2008
2a00:1450:4001:80f::200e
2a00:1450:4001:829::2002
2a00:1450:4001:829::2008
2a00:1450:4001:829::200e
2a00:1450:4001:830::2003
2a00:1450:4001:831::2002
2a00:1450:4001:831::2004
2a00:1450:400c:c04::9c
2a03:2880:f01c:216:face:b00c:0:3
2a03:2880:f11c:8083:face:b00c:0:25de
37.157.2.235
37.157.2.248
37.157.4.41
99.86.4.113
05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf
092ecca166cfa42b8c5c6e37691ed3d794fa8f2ac128123fb6859898efe8e345
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1efa8e038018f9f8b6564f57cb03d8fbf1c211276ccf7e533a5d07bb90375677
21e9f99cfbd5a6b21f27d4c11e5ae2743fe371ae76e86d635445b08e4a0c5e12
22eadda199c85631aa3cf6d1e85391208ec8fea2dfe67fa667823ebc0d921b4b
230d37ec3e5ff4cb697ede52e000d612b275397b3333250d6287b99b72cfc4ac
24262baafef17092927c3dafe764aaa52a2a371b83ed2249cca7e414df99fac1
28aeb79e7f1eb983406dd8cfccff83e0c034d0a69b706de7771abe0d31b0010c
29c05d4fdc81a55e2a208a25bf5e776476c872f5abb3d07f1b50e48f5367669a
2a3b0b832f3706e51008fb7ba4e2002c5cfa9f3850172d4c8751b7ce62668672
2b9a658314baccfef5f3b1d279571f0c1dbe62e6f71735828dd7606e426ba798
2e3e3b2660cbfaac5febf7a50b31d0494159989626a84102b2c3792cffe27d13
32fab13c0382c458672f6a0adee666a73945adb1effccfc5994a9dbcb3d2d2d9
335b59e615135313a66319e641cdad6ac3489a600e04d4181c859699bed4babe
337244ecb9e3d3fa4a83af2195d9cb23a9c09adfe7b6f753f6112dc372a86ff4
3c998929ae4ab34e365e4cc225c5dd542d1dcf54dda3c89c14232c1e1443c3f4
3cebf6d751181170e900a5e149b50b175d84d6e03096f705529e3c655e981c61
40d5e1e4b4efd7e9068a75b6dda79bf0799b3d24e52996a0b5fd28e963151989
49bb937326698475fc9d06bd873f66fa068ebb6be6cfb799e90b8b997b098014
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
4ff29c0b8042249e7fe40fc16a0f6553c7ecfad08be485af40e3f3cf0a8da609
554adcd95948f697337ae206814fa15f42e7bb63de8dbbc1c14096830a22814b
5addb050e7fe474684bcb62d5bc8717ab681735dce2d2539631a08d570cf81a5
5bb5823c1348fa21b9e07ff234459e7f061ce1df10982befefb66f59c1332175
5c1282fb121104f5a505ecbfd7194e64c98db6b830684450dcfc478021d05257
5cfa0bc6107f1eb40f5e1c01854fcbb52fd2f34cf99dc23d735233a7afd4c1f3
675ca3697d9188b08e1abf3a3654c6a39a179c65821594bc4dddc5bdf1171808
6a3694aded538b394ca4609ea4acc282eca0464974658bf8ed1b1b586d78bb6e
713e64cc5a6f50daf36eeb0a3c33ed16f099b5006763d6c0cd81c44bbe8da977
76be42e03f7ca91e8459282c15c32a7be4c01539465770a388ac513557ca3e3b
7715c525b5079498a8861308e0d34ac1c13b7f0ac8d8e2ea9822544360aa6dac
792ed213111c5573486d6326f62eff4c9a5e3f95480d9aa77c106f7a3ff8a258
7c9b0871e6b69eb3aa903fa0bb660a73a44a4f0218e79f04d5c4fec3e714aaff
7d27afa14162667394b78e5f71cb63dcadb2e270ca4ebfe712ffb32f198d6735
7dec8120de423e317b73c85b793aff3afa0d8644905b881a672a82f83b0bad45
809f9e101c94eb438b1a6db441c81b167b6e4fee38f7e9d4a60f4feb23bf9821
80c1fdc1ae09782c729ad366dbf16e4f37f679163ca4eb8a874759ebe72e766c
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8800b01f0d31e1de7acbaafb85474ed3290d51db01694fcbe1a940fe0bdd6209
8c200ad84e0edfd81017d88adca70c5eb7d7a46437611feaecba02768ad8201d
95421fd1f74a703dbd41979c005a5fcb470e01c45f7cd6b37550d780ba146a8f
9e782d76ddb15dd322e6c2b1096a4cd0d288b5456fd2e840a06b4c54a5615715
a3e60599002ceeb2f9a7d647f6f5a0c70b4e03eb0c21dde675e9327a5feab5a8
a53b289843b15d58a9574645ea05db23c5dd6663fc5e39f5c61528ae13de22f5
aa1cf3f3785370fe8d6c982e4616c9e9283badc2fdc858e76bfe003f34bab1c3
af10cfd09b1c61e542c4735ee04e81f86ce651aa63a07e74a5e6fe2d566a8d71
c0616407f09660f651a340f2f5810a476577722f8c1aee8c991c078a7a042506
c124990771d202a3b3b632cebf42f3d02df20ea34461095418e2622b22722d40
c90f0e501d2948fbc2b61bffd654fa4ab64741fd48923782419eeb14d3816fb8
ce6b1891638679728798b8cc8b1b8fc84ba268aae031a12240ddd346fd6bfa36
d388303df8b2acf1d45e38977d8b58792143398e4196e1d85069dfed2c1581d5
d65ede7c06bea7dea332846c2a02015988f885dc199197088f4c028e85209614
d70a29c37c812c35c8b939f538600cdf62f7c33b5c717c7ba02f98ccbc3c028e
d8ee7429bf243c4e07ec7e023e0d4630cbae1a3cdb1f0d4f3b48f35413f948fd
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e1ee10334c1daa59dc8c7bdd8b63a40aa0cbb51cfce9abef951af274c8e97751
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e74df059eac21722d5ed7e6338d0db6aefdede065c857d093566e82220b9313c
ea958d3b656269a77eaab8fc090e14f6262bca548f4602cecda1c6b426dad5fe
ed617ebcc9153cd8d8f403132f9323b56920115393b5c6b82dcca706e893c9d8
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef99bd0a5f89a3b56c20b84c4dc25308a7f72ab7fd2d65a977cf9481a4f89f43
f891b02ba68343652b13f5d0b10fbb305b6ac25dfd41b992f8d7ad4db46592ac
f9db8d42f6461c1fbaae0e8e37a2f70d48ba2ccd6d30c9695ea54307d934d4bb
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
ffb5502961e599fbbcf068c58713e133470876463c8d3ab4c2492634c6bdc670

auth.tim.it Open in urlscan Pro 156.54.82.108 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

100 Requests

100 %HTTPS

63 %IPv6

12 Domains

20 Subdomains

24 IPs

5 Countries

1043 kBTransfer

3220 kBSize

6 Cookies

4 Outgoing links

Redirected requests

100 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

auth.tim.it Open in urlscan Pro
156.54.82.108 Public Scan

Screenshot
Live screenshot

Full Image

100
Requests

100 %
HTTPS

63 %
IPv6

12
Domains

20
Subdomains

24
IPs

5
Countries

1043 kB
Transfer

3220 kB
Size

6
Cookies

100 HTTP transactions
0 data transactions