api.webmail.tim.it Open in urlscan Pro
15.161.156.80  Malicious Activity! Public Scan

Submitted URL: https://mail.tim.it/
Effective URL: https://api.webmail.tim.it/auth/oauth/v2/authorize/login?action=display&sessionData=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.ey...
Submission: On October 28 via api from IT — Scanned from IT

Summary

This website contacted 17 IPs in 4 countries across 11 domains to perform 47 HTTP transactions. The main IP is 15.161.156.80, located in Milan, Italy and belongs to AMAZON-02, US. The main domain is api.webmail.tim.it. The Cisco Umbrella rank of the primary domain is 920473.
TLS certificate: Issued by TI Trust Technologies OV CA on October 26th 2023. Valid for: a year.
This is the only time api.webmail.tim.it was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Microsoft (Consumer)

Domain & IP information

IP Address AS Autonomous System
1 156.54.0.101 20746 (ASN-IDC T...)
1 2 15.161.156.80 16509 (AMAZON-02)
13 2606:4700::68... 13335 (CLOUDFLAR...)
14 81.74.228.17 3269 (ASN-IBSNAZ)
3 2a02:26f0:350... 20940 (AKAMAI-ASN1)
1 216.58.206.68 15169 (GOOGLE)
3 142.250.184.226 15169 (GOOGLE)
2 2600:9000:236... 16509 (AMAZON-02)
1 2606:4700:440... 13335 (CLOUDFLAR...)
1 172.217.16.195 15169 (GOOGLE)
2 52.208.241.210 16509 (AMAZON-02)
1 2600:9000:224... 16509 (AMAZON-02)
1 34.242.148.88 16509 (AMAZON-02)
1 1 52.212.56.148 16509 (AMAZON-02)
1 63.140.62.17 15224 (OMNITURE)
1 142.250.184.194 15169 (GOOGLE)
1 52.212.137.238 16509 (AMAZON-02)
47 17
Apex Domain
Subdomains
Transfer
18 tim.it
mail.tim.it
api.webmail.tim.it — Cisco Umbrella Rank: 920473
risorse.tim.it — Cisco Umbrella Rank: 483540
ssl-metrics.tim.it — Cisco Umbrella Rank: 657283
588 KB
13 cookielaw.org
cdn.cookielaw.org — Cisco Umbrella Rank: 326
317 KB
4 imrworldwide.com
cdn-gl.imrworldwide.com — Cisco Umbrella Rank: 3652
secure-it.imrworldwide.com — Cisco Umbrella Rank: 61672
63 KB
3 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 243
telecomitalia.demdex.net
2 KB
3 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 215
182 KB
3 adobedtm.com
assets.adobedtm.com — Cisco Umbrella Rank: 430
48 KB
1 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 116
1 everesttech.net
cm.everesttech.net — Cisco Umbrella Rank: 1371
490 B
1 gstatic.com
www.gstatic.com
216 KB
1 onetrust.com
geolocation.onetrust.com — Cisco Umbrella Rank: 498
309 B
1 google.com
www.google.com — Cisco Umbrella Rank: 3
970 B
47 11
Domain Requested by
14 risorse.tim.it api.webmail.tim.it
risorse.tim.it
13 cdn.cookielaw.org api.webmail.tim.it
cdn.cookielaw.org
3 cdn-gl.imrworldwide.com api.webmail.tim.it
cdn-gl.imrworldwide.com
3 securepubads.g.doubleclick.net api.webmail.tim.it
securepubads.g.doubleclick.net
3 assets.adobedtm.com api.webmail.tim.it
assets.adobedtm.com
2 dpm.demdex.net assets.adobedtm.com
api.webmail.tim.it
2 api.webmail.tim.it 1 redirects mail.tim.it
1 secure-it.imrworldwide.com
1 pagead2.googlesyndication.com securepubads.g.doubleclick.net
1 ssl-metrics.tim.it api.webmail.tim.it
1 cm.everesttech.net 1 redirects
1 telecomitalia.demdex.net assets.adobedtm.com
1 www.gstatic.com www.google.com
1 geolocation.onetrust.com cdn.cookielaw.org
1 www.google.com api.webmail.tim.it
1 mail.tim.it
47 16

This site contains links to these domains. Also see Links.

Domain
www.tim.it
servizi.webmail.tim.it
www.onetrust.com
Subject Issuer Validity Valid
mail.tim.it
TI Trust Technologies OV CA
2024-01-03 -
2025-02-02
a year crt.sh
api.webmail.tim.it
TI Trust Technologies OV CA
2023-10-26 -
2024-11-25
a year crt.sh
cookielaw.org
WE1
2024-10-11 -
2025-01-09
3 months crt.sh
risorse.tim.it
TI Trust Technologies OV CA
2024-10-01 -
2025-10-01
a year crt.sh
assets.adobedtm.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2024-07-09 -
2025-08-09
a year crt.sh
*.google.com
WR2
2024-10-07 -
2024-12-30
3 months crt.sh
*.g.doubleclick.net
WR2
2024-10-07 -
2024-12-30
3 months crt.sh
*.imrworldwide.com
GlobalSign RSA OV SSL CA 2018
2024-05-16 -
2025-02-02
9 months crt.sh
geolocation.onetrust.com
WE1
2024-10-11 -
2025-01-09
3 months crt.sh
*.gstatic.com
WR2
2024-10-07 -
2024-12-30
3 months crt.sh
*.demdex.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2024-09-25 -
2025-10-26
a year crt.sh
ssl-metrics.tim.it
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2024-10-24 -
2025-11-24
a year crt.sh

This page contains 3 frames:

Primary Page: https://api.webmail.tim.it/auth/oauth/v2/authorize/login?action=display&sessionData=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJyZXF1ZXN0X3BhcmFtZXRlcnMiOnsiY2xpZW50X2lkIjoiNWI4MTZjNGUtMzI1NC00Mjk5LTk2YmUtMzhkZjk5OThiYTEzIn0sImlhdCI6MTczMDEwNzIzMywianRpIjoiMjBjMmNmY2MtZWJkZi00ZTlkLWFjNzMtODViOTE4ZTcyNzBlIn0.EDo9Pv7re-p7J72y_fBBNZfKcEJqcgfW4cNLBxf0XyA&redirect_uri=https://api.webmail.tim.it/auth/consent/custom/redirecturi&scope=openid%20mail_alice&state=null&response_type=code&client_id=5b816c4e-3254-4299-96be-38df9998ba13
Frame ID: DBF808A1F4BD4948C0996CA6386ECD79
Requests: 47 HTTP requests in this frame

Frame: https://cdn-gl.imrworldwide.com/novms/html/ls.html
Frame ID: 0A16EE5EEC97CAC06CC6D6BE0129256A
Requests: 1 HTTP requests in this frame

Frame: https://telecomitalia.demdex.net/dest5.html?d_nsid=0
Frame ID: B3DDBE02DFF5AB1DDB94375A7E8FEE84
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Login

Page URL History Show full URLs

  1. https://mail.tim.it/ Page URL
  2. https://api.webmail.tim.it/auth/oauth/v2/authorize?response_type=code&client_id=5b816c4e-3254-4299-96be... HTTP 302
    https://api.webmail.tim.it/auth/oauth/v2/authorize/login?action=display&sessionData=eyJ0eXAiOiJKV1QiLCJ... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /etc\.clientlibs/

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Overall confidence: 100%
Detected patterns
  • cdn\.cookielaw\.org
  • otSDKStub\.js

Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

47
Requests

98 %
HTTPS

29 %
IPv6

11
Domains

16
Subdomains

17
IPs

4
Countries

1416 kB
Transfer

4727 kB
Size

11
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://mail.tim.it/ Page URL
  2. https://api.webmail.tim.it/auth/oauth/v2/authorize?response_type=code&client_id=5b816c4e-3254-4299-96be-38df9998ba13&redirect_uri=https%3A%2F%2Fapi.webmail.tim.it%2Fauth%2Fconsent%2Fcustom%2Fredirecturi&scope=openid%20mail_alice&prompt=login&nonce=n-0S6_WzA2Mj HTTP 302
    https://api.webmail.tim.it/auth/oauth/v2/authorize/login?action=display&sessionData=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJyZXF1ZXN0X3BhcmFtZXRlcnMiOnsiY2xpZW50X2lkIjoiNWI4MTZjNGUtMzI1NC00Mjk5LTk2YmUtMzhkZjk5OThiYTEzIn0sImlhdCI6MTczMDEwNzIzMywianRpIjoiMjBjMmNmY2MtZWJkZi00ZTlkLWFjNzMtODViOTE4ZTcyNzBlIn0.EDo9Pv7re-p7J72y_fBBNZfKcEJqcgfW4cNLBxf0XyA&redirect_uri=https://api.webmail.tim.it/auth/consent/custom/redirecturi&scope=openid%20mail_alice&state=null&response_type=code&client_id=5b816c4e-3254-4299-96be-38df9998ba13 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 36
  • https://cm.everesttech.net/cm/dd?d_uuid=41094895504828844613811205913427869277 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=Zx9XYwAAAE9BNwNn

47 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
/
mail.tim.it/
540 B
1 KB
Document
General
Full URL
https://mail.tim.it/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
156.54.0.101 , Italy, ASN20746 (ASN-IDC T.NO.OM.I.NC, IT),
Reverse DNS
Software
Apache /
Resource Hash
f856a6ce72d97dcf0079e45e7cbe5be495c60ea6b349056875eefcf09b0b39e8
Security Headers
Name Value
Content-Security-Policy object-src 'none'; frame-ancestors *.tim.it;
Strict-Transport-Security max-age=31536000; preload
X-Frame-Options SAMEORIGIN SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-credentials
true
access-control-allow-headers
authorization, clientversion, Cache-Control, pragma, expires, accept, BusinessID, InteractionDate-Date, InteractionDate-Time, TransactionID, MessageId, SourceSystem, Channel, SessionID, devicetype, content-type, x-requested-with, funnel
content-encoding
gzip
content-length
395
content-secure-policy
default-src 'self'; script-src 'self' *.tim.it *.ticdn.it *.adform.net *.adobedtm.com server-lead.makeyoudigit.com; img-src 'self' *.tim.it *.ticdn.it; style-src 'self' *.tim.it *.ticdn.it';
content-security-policy
object-src 'none'; frame-ancestors *.tim.it;
content-type
text/html
date
Mon, 28 Oct 2024 09:20:33 GMT
etag
"21c-5e79a2935cc5f-gzip"
last-modified
Thu, 01 Sep 2022 09:23:05 GMT
server
Apache
strict-transport-security
max-age=31536000; preload
vary
Origin
x-frame-options
SAMEORIGIN SAMEORIGIN
x-tim-n
4
x-xss-protection
1; mode=block
Primary Request login
api.webmail.tim.it/auth/oauth/v2/authorize/
Redirect Chain
  • https://api.webmail.tim.it/auth/oauth/v2/authorize?response_type=code&client_id=5b816c4e-3254-4299-96be-38df9998ba13&redirect_uri=https%3A%2F%2Fapi.webmail.tim.it%2Fauth%2Fconsent%2Fcustom%2Fredire...
  • https://api.webmail.tim.it/auth/oauth/v2/authorize/login?action=display&sessionData=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJyZXF1ZXN0X3BhcmFtZXRlcnMiOnsiY2xpZW50X2lkIjoiNWI4MTZjNGUtMzI1NC00Mjk5LTk2...
132 KB
136 KB
Document
General
Full URL
https://api.webmail.tim.it/auth/oauth/v2/authorize/login?action=display&sessionData=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJyZXF1ZXN0X3BhcmFtZXRlcnMiOnsiY2xpZW50X2lkIjoiNWI4MTZjNGUtMzI1NC00Mjk5LTk2YmUtMzhkZjk5OThiYTEzIn0sImlhdCI6MTczMDEwNzIzMywianRpIjoiMjBjMmNmY2MtZWJkZi00ZTlkLWFjNzMtODViOTE4ZTcyNzBlIn0.EDo9Pv7re-p7J72y_fBBNZfKcEJqcgfW4cNLBxf0XyA&redirect_uri=https://api.webmail.tim.it/auth/consent/custom/redirecturi&scope=openid%20mail_alice&state=null&response_type=code&client_id=5b816c4e-3254-4299-96be-38df9998ba13
Requested by
Host: mail.tim.it
URL: https://mail.tim.it/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
15.161.156.80 Milan, Italy, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-15-161-156-80.eu-south-1.compute.amazonaws.com
Software
envoy /
Resource Hash
5a9536f0ef835e730ebecc90664112b6e803496b41a5b79c58f4f9d9bf4a4a04
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.googlesyndication.com; script-src 'self' https://cdn.cookielaw.org go.datafront.co/* js.datafront.co/df*.js *.amazon-adsystem.com https://js.datafront.co/df.16533.js https://dvagh3p3rk8xj.cloudfront.net/ https://cdn-gl.imrworldwide.com https://gum.criteo.com https://api.recod3suite.com https://static.recod3suite.com https://secure-ds.serving-sys.com https://bs.serving-sys.com https://static.criteo.net https://www.googletagmanager.com https://www.gstatic.com https://www.google.com https://*.googlesyndication.com https://securepubads.g.doubleclick.net https://adservice.google.com https://adservice.google.it https://mytim.tim.it https://cdnbu.tim.ticdn.it https://cdn.tim.it https://risorse.tim.it https://www.googletagservices.com https://cdn.tim.ticdn.it *.googleapis.com https://eshop.tim.it https://cms.tim.it https://code.jquery.com https://cdnjs.cloudflare.com https://stackpath.bootstrapcdn.com https://assets.adobedtm.com https://dpm.demdex.net https://telecomitalia.demdex.net *.adnxs.com *.cloudfront.net https://static.recod3suite.com https://api.recod3suite.com *.adsafeprotected.com 'unsafe-inline' 'unsafe-eval'; img-src * data:; media-src * data:; style-src 'self' https://mytim.tim.it https://cdnbu.tim.ticdn.it https://cdn.tim.it https://risorse.tim.it https://cdn.tim.ticdn.it https://eshop.tim.it https://cms.tim.it https://code.jquery.com https://cdnjs.cloudflare.com https://api.recod3suite.com https://static.recod3suite.com https://www.googletagservices.com https://securepubads.g.doubleclick.net https://adservice.google.com https://adservice.google.it https://stackpath.bootstrapcdn.com https://*.googlesyndication.com https://ssl-metrics.tim.it https://metrics.tim.it https://dpm.demdex.net https://telecomitalia.demdex.net *.adnxs.com *.cloudfront.net *.adsafeprotected.com https://cdn.cookielaw.org 'unsafe-inline'; font-src * data:; connect-src * data:; frame-src * data:; frame-ancestors 'self' https://clienti.timbusiness.it https://assistenzatecnica.tim.it https://z2.le.liveperson.net https://mytim.tim.it https://www.tim.it https://api.tim.it https://tim.it https://cdn.cookielaw.org *.adsafeprotected.com;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://mail.tim.it/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
access-control-allow-methods
GET,POST,HEAD,OPTIONS
access-control-allow-origin
https://api.webmail.tim.it
access-control-max-age
1800
cache-control
no-store, must-revalidate, max-age=0
content-length
135167
content-security-policy
default-src 'self' https://*.googlesyndication.com; script-src 'self' https://cdn.cookielaw.org go.datafront.co/* js.datafront.co/df*.js *.amazon-adsystem.com https://js.datafront.co/df.16533.js https://dvagh3p3rk8xj.cloudfront.net/ https://cdn-gl.imrworldwide.com https://gum.criteo.com https://api.recod3suite.com https://static.recod3suite.com https://secure-ds.serving-sys.com https://bs.serving-sys.com https://static.criteo.net https://www.googletagmanager.com https://www.gstatic.com https://www.google.com https://*.googlesyndication.com https://securepubads.g.doubleclick.net https://adservice.google.com https://adservice.google.it https://mytim.tim.it https://cdnbu.tim.ticdn.it https://cdn.tim.it https://risorse.tim.it https://www.googletagservices.com https://cdn.tim.ticdn.it *.googleapis.com https://eshop.tim.it https://cms.tim.it https://code.jquery.com https://cdnjs.cloudflare.com https://stackpath.bootstrapcdn.com https://assets.adobedtm.com https://dpm.demdex.net https://telecomitalia.demdex.net *.adnxs.com *.cloudfront.net https://static.recod3suite.com https://api.recod3suite.com *.adsafeprotected.com 'unsafe-inline' 'unsafe-eval'; img-src * data:; media-src * data:; style-src 'self' https://mytim.tim.it https://cdnbu.tim.ticdn.it https://cdn.tim.it https://risorse.tim.it https://cdn.tim.ticdn.it https://eshop.tim.it https://cms.tim.it https://code.jquery.com https://cdnjs.cloudflare.com https://api.recod3suite.com https://static.recod3suite.com https://www.googletagservices.com https://securepubads.g.doubleclick.net https://adservice.google.com https://adservice.google.it https://stackpath.bootstrapcdn.com https://*.googlesyndication.com https://ssl-metrics.tim.it https://metrics.tim.it https://dpm.demdex.net https://telecomitalia.demdex.net *.adnxs.com *.cloudfront.net *.adsafeprotected.com https://cdn.cookielaw.org 'unsafe-inline'; font-src * data:; connect-src * data:; frame-src * data:; frame-ancestors 'self' https://clienti.timbusiness.it https://assistenzatecnica.tim.it https://z2.le.liveperson.net https://mytim.tim.it https://www.tim.it https://api.tim.it https://tim.it https://cdn.cookielaw.org *.adsafeprotected.com;
content-type
text/html;charset=utf-8
date
Mon, 28 Oct 2024 09:20:34 GMT
referrer-policy
no-referrer
server
envoy
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-envoy-upstream-service-time
705
x-frame-options
SAMEORIGIN
x-request-id
5390a36c-0e7e-4b1e-bc0a-e6575d2a8af7
x-robots-tag
none
x-xss-protection
1; mode=block

Redirect headers

Strict-Transport-Security
max-age=31536000
access-control-allow-credentials
true
access-control-allow-headers
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS
access-control-allow-origin
access-control-max-age
1800
content-length
0
date
Mon, 28 Oct 2024 09:20:33 GMT
location
https://api.webmail.tim.it/auth/oauth/v2/authorize/login?action=display&sessionData=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJyZXF1ZXN0X3BhcmFtZXRlcnMiOnsiY2xpZW50X2lkIjoiNWI4MTZjNGUtMzI1NC00Mjk5LTk2YmUtMzhkZjk5OThiYTEzIn0sImlhdCI6MTczMDEwNzIzMywianRpIjoiMjBjMmNmY2MtZWJkZi00ZTlkLWFjNzMtODViOTE4ZTcyNzBlIn0.EDo9Pv7re-p7J72y_fBBNZfKcEJqcgfW4cNLBxf0XyA&redirect_uri=https://api.webmail.tim.it/auth/consent/custom/redirecturi&scope=openid mail_alice&state=null&response_type=code&client_id=5b816c4e-3254-4299-96be-38df9998ba13
server
envoy
x-envoy-upstream-service-time
7
x-request-id
7460b093-e429-49ed-8273-2228dcdfd570
otSDKStub.js
cdn.cookielaw.org/scripttemplates/
22 KB
8 KB
Script
General
Full URL
https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Requested by
Host: api.webmail.tim.it
URL: https://api.webmail.tim.it/auth/oauth/v2/authorize/login?action=display&sessionData=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJyZXF1ZXN0X3BhcmFtZXRlcnMiOnsiY2xpZW50X2lkIjoiNWI4MTZjNGUtMzI1NC00Mjk5LTk2YmUtMzhkZjk5OThiYTEzIn0sImlhdCI6MTczMDEwNzIzMywianRpIjoiMjBjMmNmY2MtZWJkZi00ZTlkLWFjNzMtODViOTE4ZTcyNzBlIn0.EDo9Pv7re-p7J72y_fBBNZfKcEJqcgfW4cNLBxf0XyA&redirect_uri=https://api.webmail.tim.it/auth/consent/custom/redirecturi&scope=openid%20mail_alice&state=null&response_type=code&client_id=5b816c4e-3254-4299-96be-38df9998ba13
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7358c5616f671017f307d161644d253f0f81083b0be68f3a3fefefa33b59de5d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

content-md5
qVqAwzZMp5y69q24H0KNhg==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding
gzip
x-ms-version
2009-09-19
etag
0x8DCF460CD3E9F69
x-ms-lease-status
unlocked
age
58028
cf-cache-status
HIT
x-content-type-options
nosniff
expires
Mon, 28 Oct 2024 17:13:26 GMT
date
Mon, 28 Oct 2024 09:20:34 GMT
content-type
application/javascript
last-modified
Thu, 24 Oct 2024 19:19:37 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
x-ms-request-id
7d9c5507-d01e-004a-68fa-26a3ed000000
cf-ray
8d99d9c87be34be8-MXP
accept-ranges
bytes
access-control-allow-origin
*
content-length
7212
x-ms-blob-type
BlockBlob
server
cloudflare
login-webmail.min.css
risorse.tim.it/etc.clientlibs/login-webmail-2steps/clientlibs/1.0.18/
859 B
981 B
Stylesheet
General
Full URL
https://risorse.tim.it/etc.clientlibs/login-webmail-2steps/clientlibs/1.0.18/login-webmail.min.css
Requested by
Host: api.webmail.tim.it
URL: https://api.webmail.tim.it/auth/oauth/v2/authorize/login?action=display&sessionData=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJyZXF1ZXN0X3BhcmFtZXRlcnMiOnsiY2xpZW50X2lkIjoiNWI4MTZjNGUtMzI1NC00Mjk5LTk2YmUtMzhkZjk5OThiYTEzIn0sImlhdCI6MTczMDEwNzIzMywianRpIjoiMjBjMmNmY2MtZWJkZi00ZTlkLWFjNzMtODViOTE4ZTcyNzBlIn0.EDo9Pv7re-p7J72y_fBBNZfKcEJqcgfW4cNLBxf0XyA&redirect_uri=https://api.webmail.tim.it/auth/consent/custom/redirecturi&scope=openid%20mail_alice&state=null&response_type=code&client_id=5b816c4e-3254-4299-96be-38df9998ba13
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
81.74.228.17 , Italy, ASN3269 (ASN-IBSNAZ, IT),
Reverse DNS
se-mi2-10.cdn.interbusiness.it
Software
Apache /
Resource Hash
1e0e7eb07413a758a8f30549cdc3be52f24ebf123b95c3c690309e4750dfee1e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
gzip
etag
"35b-61e43ad363957-gzip"
age
787
access-control-allow-methods
POST, GET, OPTIONS
expires
Mon, 28 Oct 2024 09:37:27 GMT
date
Mon, 28 Oct 2024 09:07:27 GMT
last-modified
Sun, 28 Jul 2024 00:17:57 GMT
vary
Origin
content-type
text/css
access-control-allow-headers
funnel, authorization, clientversion, Cache-Control, pragma, expires, accept, BusinessID, InteractionDate-Date, InteractionDate-Time, TransactionID, MessageId, SourceSystem, Channel, SessionID, devicetype, content-type, x-requested-with
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; preload
cache-control
max-age=1800
access-control-allow-credentials
true
via
http/1.1 ts-mi1-1.cdn.interbusiness.it (), http/1.1 se-mi2-10.cdn.interbusiness.it ()
accept-ranges
bytes
content-length
433
server
Apache
launch-47d59cfadcb3.min.js
assets.adobedtm.com/1eecba5bc341/a61c8f568034/
105 KB
34 KB
Script
General
Full URL
https://assets.adobedtm.com/1eecba5bc341/a61c8f568034/launch-47d59cfadcb3.min.js
Requested by
Host: api.webmail.tim.it
URL: https://api.webmail.tim.it/auth/oauth/v2/authorize/login?action=display&sessionData=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJyZXF1ZXN0X3BhcmFtZXRlcnMiOnsiY2xpZW50X2lkIjoiNWI4MTZjNGUtMzI1NC00Mjk5LTk2YmUtMzhkZjk5OThiYTEzIn0sImlhdCI6MTczMDEwNzIzMywianRpIjoiMjBjMmNmY2MtZWJkZi00ZTlkLWFjNzMtODViOTE4ZTcyNzBlIn0.EDo9Pv7re-p7J72y_fBBNZfKcEJqcgfW4cNLBxf0XyA&redirect_uri=https://api.webmail.tim.it/auth/consent/custom/redirecturi&scope=openid%20mail_alice&state=null&response_type=code&client_id=5b816c4e-3254-4299-96be-38df9998ba13
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:58f::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
b0c6fb87a881dbc18c152a84d1d53cf36d0cdf4f377bfaf6776bd4021dfe486c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

cache-control
max-age=3600
timing-allow-origin
*
content-encoding
gzip
etag
"a6d3bb07e1edce8f55dbe89a07f03465:1633531910.317204"
expires
Mon, 28 Oct 2024 10:20:34 GMT
accept-ranges
bytes
content-length
34797
date
Mon, 28 Oct 2024 09:20:34 GMT
content-type
application/x-javascript
last-modified
Wed, 06 Oct 2021 14:51:50 GMT
server
AkamaiNetStorage
vary
Accept-Encoding
main.min.css
risorse.tim.it/etc.clientlibs/login-webmail-2steps/clientlibs/1.0.18/clientlib-base/resources/css/
244 KB
31 KB
Stylesheet
General
Full URL
https://risorse.tim.it/etc.clientlibs/login-webmail-2steps/clientlibs/1.0.18/clientlib-base/resources/css/main.min.css
Requested by
Host: api.webmail.tim.it
URL: https://api.webmail.tim.it/auth/oauth/v2/authorize/login?action=display&sessionData=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJyZXF1ZXN0X3BhcmFtZXRlcnMiOnsiY2xpZW50X2lkIjoiNWI4MTZjNGUtMzI1NC00Mjk5LTk2YmUtMzhkZjk5OThiYTEzIn0sImlhdCI6MTczMDEwNzIzMywianRpIjoiMjBjMmNmY2MtZWJkZi00ZTlkLWFjNzMtODViOTE4ZTcyNzBlIn0.EDo9Pv7re-p7J72y_fBBNZfKcEJqcgfW4cNLBxf0XyA&redirect_uri=https://api.webmail.tim.it/auth/consent/custom/redirecturi&scope=openid%20mail_alice&state=null&response_type=code&client_id=5b816c4e-3254-4299-96be-38df9998ba13
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
81.74.228.17 , Italy, ASN3269 (ASN-IBSNAZ, IT),
Reverse DNS
se-mi2-10.cdn.interbusiness.it
Software
Apache /
Resource Hash
ad79fb9f60f0b92f9ff249de37ab2046538d81d6e39283cd8c182468b051f149
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
gzip
etag
"3d14f-61e43ab4fc471-gzip"
age
1231
access-control-allow-methods
POST, GET, OPTIONS
expires
Mon, 28 Oct 2024 09:30:03 GMT
date
Mon, 28 Oct 2024 09:00:03 GMT
last-modified
Sun, 28 Jul 2024 00:17:26 GMT
vary
Origin
content-type
text/css
access-control-allow-headers
funnel, authorization, clientversion, Cache-Control, pragma, expires, accept, BusinessID, InteractionDate-Date, InteractionDate-Time, TransactionID, MessageId, SourceSystem, Channel, SessionID, devicetype, content-type, x-requested-with
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; preload
cache-control
max-age=1800
access-control-allow-credentials
true
via
http/1.1 se-mi1-18.cdn.interbusiness.it (), http/1.1 se-mi2-10.cdn.interbusiness.it ()
accept-ranges
bytes
content-length
31567
server
Apache
login_tim.css
risorse.tim.it/etc.clientlibs/login-webmail-2steps/clientlibs/1.0.18/clientlib-base/resources/css/
6 KB
1 KB
Stylesheet
General
Full URL
https://risorse.tim.it/etc.clientlibs/login-webmail-2steps/clientlibs/1.0.18/clientlib-base/resources/css/login_tim.css
Requested by
Host: api.webmail.tim.it
URL: https://api.webmail.tim.it/auth/oauth/v2/authorize/login?action=display&sessionData=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJyZXF1ZXN0X3BhcmFtZXRlcnMiOnsiY2xpZW50X2lkIjoiNWI4MTZjNGUtMzI1NC00Mjk5LTk2YmUtMzhkZjk5OThiYTEzIn0sImlhdCI6MTczMDEwNzIzMywianRpIjoiMjBjMmNmY2MtZWJkZi00ZTlkLWFjNzMtODViOTE4ZTcyNzBlIn0.EDo9Pv7re-p7J72y_fBBNZfKcEJqcgfW4cNLBxf0XyA&redirect_uri=https://api.webmail.tim.it/auth/consent/custom/redirecturi&scope=openid%20mail_alice&state=null&response_type=code&client_id=5b816c4e-3254-4299-96be-38df9998ba13
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
81.74.228.17 , Italy, ASN3269 (ASN-IBSNAZ, IT),
Reverse DNS
se-mi2-10.cdn.interbusiness.it
Software
Apache /
Resource Hash
d0f0e941c916d4071dd41a5ba6bc1ff71b42c0dc993d492b137977fe8fc78b52
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
gzip
etag
"1630-61e44ee3ff1d5-gzip"
age
1356
access-control-allow-methods
POST, GET, OPTIONS
expires
Mon, 28 Oct 2024 09:27:57 GMT
date
Mon, 28 Oct 2024 08:57:58 GMT
last-modified
Sun, 28 Jul 2024 01:47:44 GMT
vary
Origin
content-type
text/css
access-control-allow-headers
funnel, authorization, clientversion, Cache-Control, pragma, expires, accept, BusinessID, InteractionDate-Date, InteractionDate-Time, TransactionID, MessageId, SourceSystem, Channel, SessionID, devicetype, content-type, x-requested-with
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; preload
cache-control
max-age=1800
access-control-allow-credentials
true
via
http/1.1 ts-mi2-3.cdn.interbusiness.it (), http/1.1 se-mi2-10.cdn.interbusiness.it ()
accept-ranges
bytes
content-length
879
server
Apache
clientlib-all-login.min.css
risorse.tim.it/etc.clientlibs/login-webmail-2steps/clientlibs/1.0.18/
6 KB
1 KB
Stylesheet
General
Full URL
https://risorse.tim.it/etc.clientlibs/login-webmail-2steps/clientlibs/1.0.18/clientlib-all-login.min.css
Requested by
Host: api.webmail.tim.it
URL: https://api.webmail.tim.it/auth/oauth/v2/authorize/login?action=display&sessionData=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJyZXF1ZXN0X3BhcmFtZXRlcnMiOnsiY2xpZW50X2lkIjoiNWI4MTZjNGUtMzI1NC00Mjk5LTk2YmUtMzhkZjk5OThiYTEzIn0sImlhdCI6MTczMDEwNzIzMywianRpIjoiMjBjMmNmY2MtZWJkZi00ZTlkLWFjNzMtODViOTE4ZTcyNzBlIn0.EDo9Pv7re-p7J72y_fBBNZfKcEJqcgfW4cNLBxf0XyA&redirect_uri=https://api.webmail.tim.it/auth/consent/custom/redirecturi&scope=openid%20mail_alice&state=null&response_type=code&client_id=5b816c4e-3254-4299-96be-38df9998ba13
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
81.74.228.17 , Italy, ASN3269 (ASN-IBSNAZ, IT),
Reverse DNS
se-mi2-10.cdn.interbusiness.it
Software
Apache /
Resource Hash
16ded92a17f35054f28df52abca8e0f544a853f3701e6e8af05202cbba8505d8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
gzip
etag
"164e-61e4ac98cde06-gzip"
age
1186
access-control-allow-methods
POST, GET, OPTIONS
expires
Mon, 28 Oct 2024 09:30:48 GMT
date
Mon, 28 Oct 2024 09:00:48 GMT
last-modified
Sun, 28 Jul 2024 08:46:58 GMT
vary
Origin
content-type
text/css
access-control-allow-headers
funnel, authorization, clientversion, Cache-Control, pragma, expires, accept, BusinessID, InteractionDate-Date, InteractionDate-Time, TransactionID, MessageId, SourceSystem, Channel, SessionID, devicetype, content-type, x-requested-with
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; preload
cache-control
max-age=1800
access-control-allow-credentials
true
via
http/1.1 ts-mi1-2.cdn.interbusiness.it (), http/1.1 se-mi2-10.cdn.interbusiness.it ()
accept-ranges
bytes
content-length
1227
server
Apache
api.js
www.google.com/recaptcha/
1 KB
970 B
Script
General
Full URL
https://www.google.com/recaptcha/api.js
Requested by
Host: api.webmail.tim.it
URL: https://api.webmail.tim.it/auth/oauth/v2/authorize/login?action=display&sessionData=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJyZXF1ZXN0X3BhcmFtZXRlcnMiOnsiY2xpZW50X2lkIjoiNWI4MTZjNGUtMzI1NC00Mjk5LTk2YmUtMzhkZjk5OThiYTEzIn0sImlhdCI6MTczMDEwNzIzMywianRpIjoiMjBjMmNmY2MtZWJkZi00ZTlkLWFjNzMtODViOTE4ZTcyNzBlIn0.EDo9Pv7re-p7J72y_fBBNZfKcEJqcgfW4cNLBxf0XyA&redirect_uri=https://api.webmail.tim.it/auth/consent/custom/redirecturi&scope=openid%20mail_alice&state=null&response_type=code&client_id=5b816c4e-3254-4299-96be-38df9998ba13
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.68 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
tzfraa-aa-in-f4.1e100.net
Software
ESF /
Resource Hash
05da570f8f5adc68101216baa6ecfbffa7a3d75d026228460e0df7876c69234e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

cache-control
private, max-age=300
content-encoding
gzip
cross-origin-resource-policy
cross-origin
report-to
{"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
x-content-type-options
nosniff
expires
Mon, 28 Oct 2024 09:20:34 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only
same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
date
Mon, 28 Oct 2024 09:20:34 GMT
x-xss-protection
0
content-type
text/javascript; charset=utf-8
server
ESF
x-frame-options
SAMEORIGIN
gpt.js
securepubads.g.doubleclick.net/tag/js/
104 KB
33 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: api.webmail.tim.it
URL: https://api.webmail.tim.it/auth/oauth/v2/authorize/login?action=display&sessionData=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJyZXF1ZXN0X3BhcmFtZXRlcnMiOnsiY2xpZW50X2lkIjoiNWI4MTZjNGUtMzI1NC00Mjk5LTk2YmUtMzhkZjk5OThiYTEzIn0sImlhdCI6MTczMDEwNzIzMywianRpIjoiMjBjMmNmY2MtZWJkZi00ZTlkLWFjNzMtODViOTE4ZTcyNzBlIn0.EDo9Pv7re-p7J72y_fBBNZfKcEJqcgfW4cNLBxf0XyA&redirect_uri=https://api.webmail.tim.it/auth/consent/custom/redirecturi&scope=openid%20mail_alice&state=null&response_type=code&client_id=5b816c4e-3254-4299-96be-38df9998ba13
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
61b433ae35e42a632275954c1a005cb61f6b982edba80b86c6146095ead1d5ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
br
etag
725 / 20024 / m202410210101 / config-hash: 12245789999961490910
x-content-type-options
nosniff
expires
Mon, 28 Oct 2024 09:20:34 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Mon, 28 Oct 2024 09:20:34 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
33301
x-xss-protection
0
server
cafe
logo.svg
risorse.tim.it/content/dam/login-webmail-2steps/
4 KB
2 KB
Image
General
Full URL
https://risorse.tim.it/content/dam/login-webmail-2steps/logo.svg
Requested by
Host: api.webmail.tim.it
URL: https://api.webmail.tim.it/auth/oauth/v2/authorize/login?action=display&sessionData=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJyZXF1ZXN0X3BhcmFtZXRlcnMiOnsiY2xpZW50X2lkIjoiNWI4MTZjNGUtMzI1NC00Mjk5LTk2YmUtMzhkZjk5OThiYTEzIn0sImlhdCI6MTczMDEwNzIzMywianRpIjoiMjBjMmNmY2MtZWJkZi00ZTlkLWFjNzMtODViOTE4ZTcyNzBlIn0.EDo9Pv7re-p7J72y_fBBNZfKcEJqcgfW4cNLBxf0XyA&redirect_uri=https://api.webmail.tim.it/auth/consent/custom/redirecturi&scope=openid%20mail_alice&state=null&response_type=code&client_id=5b816c4e-3254-4299-96be-38df9998ba13
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
81.74.228.17 , Italy, ASN3269 (ASN-IBSNAZ, IT),
Reverse DNS
se-mi2-10.cdn.interbusiness.it
Software
Apache /
Resource Hash
bb462a24eef290bb508dfd155c8d94e5220b203109f6574184723f9ea252f9e9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
gzip
etag
"11f0-61f7eb7d249c7-gzip"
age
1175277
access-control-allow-methods
POST, GET, OPTIONS
expires
Tue, 14 Oct 2025 18:52:37 GMT
date
Mon, 14 Oct 2024 18:52:37 GMT
last-modified
Mon, 12 Aug 2024 16:09:30 GMT
vary
Origin
content-type
image/svg+xml
access-control-allow-headers
funnel, authorization, clientversion, Cache-Control, pragma, expires, accept, BusinessID, InteractionDate-Date, InteractionDate-Time, TransactionID, MessageId, SourceSystem, Channel, SessionID, devicetype, content-type, x-requested-with
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; preload
cache-control
max-age=31536000
access-control-allow-credentials
true
via
http/1.1 ts-mi2-3.cdn.interbusiness.it (), http/1.1 se-mi2-10.cdn.interbusiness.it ()
accept-ranges
bytes
content-length
1633
server
Apache
clientlib-all-login.min.js
risorse.tim.it/etc.clientlibs/login-webmail-2steps/clientlibs/1.0.18/
1 MB
282 KB
Script
General
Full URL
https://risorse.tim.it/etc.clientlibs/login-webmail-2steps/clientlibs/1.0.18/clientlib-all-login.min.js
Requested by
Host: api.webmail.tim.it
URL: https://api.webmail.tim.it/auth/oauth/v2/authorize/login?action=display&sessionData=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJyZXF1ZXN0X3BhcmFtZXRlcnMiOnsiY2xpZW50X2lkIjoiNWI4MTZjNGUtMzI1NC00Mjk5LTk2YmUtMzhkZjk5OThiYTEzIn0sImlhdCI6MTczMDEwNzIzMywianRpIjoiMjBjMmNmY2MtZWJkZi00ZTlkLWFjNzMtODViOTE4ZTcyNzBlIn0.EDo9Pv7re-p7J72y_fBBNZfKcEJqcgfW4cNLBxf0XyA&redirect_uri=https://api.webmail.tim.it/auth/consent/custom/redirecturi&scope=openid%20mail_alice&state=null&response_type=code&client_id=5b816c4e-3254-4299-96be-38df9998ba13
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
81.74.228.17 , Italy, ASN3269 (ASN-IBSNAZ, IT),
Reverse DNS
se-mi2-10.cdn.interbusiness.it
Software
Apache /
Resource Hash
b62855e46f5962191adfebef801f66ee465d502e9acf0bd1378b393721b073f3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
gzip
etag
"102356-61e41fc3874e1-gzip"
age
1173
access-control-allow-methods
POST, GET, OPTIONS
expires
Mon, 28 Oct 2024 09:31:01 GMT
date
Mon, 28 Oct 2024 09:01:01 GMT
last-modified
Sat, 27 Jul 2024 22:16:53 GMT
vary
Origin
content-type
application/javascript
access-control-allow-headers
funnel, authorization, clientversion, Cache-Control, pragma, expires, accept, BusinessID, InteractionDate-Date, InteractionDate-Time, TransactionID, MessageId, SourceSystem, Channel, SessionID, devicetype, content-type, x-requested-with
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; preload
cache-control
max-age=1800
access-control-allow-credentials
true
via
http/1.1 ts-mi1-2.cdn.interbusiness.it (), http/1.1 se-mi2-10.cdn.interbusiness.it ()
accept-ranges
bytes
content-length
288742
server
Apache
login.min.js
risorse.tim.it/etc.clientlibs/login-webmail-2steps/clientlibs/1.0.18/
12 KB
3 KB
Script
General
Full URL
https://risorse.tim.it/etc.clientlibs/login-webmail-2steps/clientlibs/1.0.18/login.min.js
Requested by
Host: api.webmail.tim.it
URL: https://api.webmail.tim.it/auth/oauth/v2/authorize/login?action=display&sessionData=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJyZXF1ZXN0X3BhcmFtZXRlcnMiOnsiY2xpZW50X2lkIjoiNWI4MTZjNGUtMzI1NC00Mjk5LTk2YmUtMzhkZjk5OThiYTEzIn0sImlhdCI6MTczMDEwNzIzMywianRpIjoiMjBjMmNmY2MtZWJkZi00ZTlkLWFjNzMtODViOTE4ZTcyNzBlIn0.EDo9Pv7re-p7J72y_fBBNZfKcEJqcgfW4cNLBxf0XyA&redirect_uri=https://api.webmail.tim.it/auth/consent/custom/redirecturi&scope=openid%20mail_alice&state=null&response_type=code&client_id=5b816c4e-3254-4299-96be-38df9998ba13
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
81.74.228.17 , Italy, ASN3269 (ASN-IBSNAZ, IT),
Reverse DNS
se-mi2-10.cdn.interbusiness.it
Software
Apache /
Resource Hash
0d3d3f091da595de1ac4455a615a757b2f874ecf02bf6599b551519e9500a5a0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
gzip
etag
"31fb-61e4482058233-gzip"
age
1174
access-control-allow-methods
POST, GET, OPTIONS
expires
Mon, 28 Oct 2024 09:31:00 GMT
date
Mon, 28 Oct 2024 09:01:00 GMT
last-modified
Sun, 28 Jul 2024 01:17:28 GMT
vary
Origin
content-type
application/javascript
access-control-allow-headers
funnel, authorization, clientversion, Cache-Control, pragma, expires, accept, BusinessID, InteractionDate-Date, InteractionDate-Time, TransactionID, MessageId, SourceSystem, Channel, SessionID, devicetype, content-type, x-requested-with
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; preload
cache-control
max-age=1800
access-control-allow-credentials
true
via
http/1.1 ts-mi1-2.cdn.interbusiness.it (), http/1.1 se-mi2-10.cdn.interbusiness.it ()
accept-ranges
bytes
content-length
3184
server
Apache
login-webmail.min.js
risorse.tim.it/etc.clientlibs/login-webmail-2steps/clientlibs/1.0.18/
356 B
392 B
Script
General
Full URL
https://risorse.tim.it/etc.clientlibs/login-webmail-2steps/clientlibs/1.0.18/login-webmail.min.js
Requested by
Host: api.webmail.tim.it
URL: https://api.webmail.tim.it/auth/oauth/v2/authorize/login?action=display&sessionData=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJyZXF1ZXN0X3BhcmFtZXRlcnMiOnsiY2xpZW50X2lkIjoiNWI4MTZjNGUtMzI1NC00Mjk5LTk2YmUtMzhkZjk5OThiYTEzIn0sImlhdCI6MTczMDEwNzIzMywianRpIjoiMjBjMmNmY2MtZWJkZi00ZTlkLWFjNzMtODViOTE4ZTcyNzBlIn0.EDo9Pv7re-p7J72y_fBBNZfKcEJqcgfW4cNLBxf0XyA&redirect_uri=https://api.webmail.tim.it/auth/consent/custom/redirecturi&scope=openid%20mail_alice&state=null&response_type=code&client_id=5b816c4e-3254-4299-96be-38df9998ba13
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
81.74.228.17 , Italy, ASN3269 (ASN-IBSNAZ, IT),
Reverse DNS
se-mi2-10.cdn.interbusiness.it
Software
Apache /
Resource Hash
2b06adc1b820c9cf11a9f673e7c4b47d985248d71c851ef84669bd320627e4b8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
gzip
etag
"164-61e4481f5ce5e-gzip"
age
375
access-control-allow-methods
POST, GET, OPTIONS
expires
Mon, 28 Oct 2024 09:44:19 GMT
date
Mon, 28 Oct 2024 09:14:19 GMT
last-modified
Sun, 28 Jul 2024 01:17:27 GMT
vary
Origin
content-type
application/javascript
access-control-allow-headers
funnel, authorization, clientversion, Cache-Control, pragma, expires, accept, BusinessID, InteractionDate-Date, InteractionDate-Time, TransactionID, MessageId, SourceSystem, Channel, SessionID, devicetype, content-type, x-requested-with
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; preload
cache-control
max-age=1800
access-control-allow-credentials
true
via
http/1.1 ts-mi2-3.cdn.interbusiness.it (), http/1.1 se-mi2-10.cdn.interbusiness.it ()
accept-ranges
bytes
content-length
250
server
Apache
login-webmail-cookie.min.js
risorse.tim.it/etc.clientlibs/login-webmail-2steps/clientlibs/1.0.18/
2 KB
853 B
Script
General
Full URL
https://risorse.tim.it/etc.clientlibs/login-webmail-2steps/clientlibs/1.0.18/login-webmail-cookie.min.js
Requested by
Host: api.webmail.tim.it
URL: https://api.webmail.tim.it/auth/oauth/v2/authorize/login?action=display&sessionData=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJyZXF1ZXN0X3BhcmFtZXRlcnMiOnsiY2xpZW50X2lkIjoiNWI4MTZjNGUtMzI1NC00Mjk5LTk2YmUtMzhkZjk5OThiYTEzIn0sImlhdCI6MTczMDEwNzIzMywianRpIjoiMjBjMmNmY2MtZWJkZi00ZTlkLWFjNzMtODViOTE4ZTcyNzBlIn0.EDo9Pv7re-p7J72y_fBBNZfKcEJqcgfW4cNLBxf0XyA&redirect_uri=https://api.webmail.tim.it/auth/consent/custom/redirecturi&scope=openid%20mail_alice&state=null&response_type=code&client_id=5b816c4e-3254-4299-96be-38df9998ba13
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
81.74.228.17 , Italy, ASN3269 (ASN-IBSNAZ, IT),
Reverse DNS
se-mi2-10.cdn.interbusiness.it
Software
Apache /
Resource Hash
5775c6d56222c16e7d527709fda4096d57c3e6e9653cd7b924c2f95143e0434f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
gzip
etag
"678-61e47de323dad-gzip"
age
1166
access-control-allow-methods
POST, GET, OPTIONS
expires
Mon, 28 Oct 2024 09:31:08 GMT
date
Mon, 28 Oct 2024 09:01:08 GMT
last-modified
Sun, 28 Jul 2024 05:17:59 GMT
vary
Origin
content-type
application/javascript
access-control-allow-headers
funnel, authorization, clientversion, Cache-Control, pragma, expires, accept, BusinessID, InteractionDate-Date, InteractionDate-Time, TransactionID, MessageId, SourceSystem, Channel, SessionID, devicetype, content-type, x-requested-with
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; preload
cache-control
max-age=1800
access-control-allow-credentials
true
via
http/1.1 se-mi1-18.cdn.interbusiness.it (), http/1.1 se-mi2-10.cdn.interbusiness.it ()
accept-ranges
bytes
content-length
708
server
Apache
login-webmail-banner-app.min.js
risorse.tim.it/etc.clientlibs/login-webmail-2steps/clientlibs/1.0.18/
2 KB
1 KB
Script
General
Full URL
https://risorse.tim.it/etc.clientlibs/login-webmail-2steps/clientlibs/1.0.18/login-webmail-banner-app.min.js
Requested by
Host: api.webmail.tim.it
URL: https://api.webmail.tim.it/auth/oauth/v2/authorize/login?action=display&sessionData=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJyZXF1ZXN0X3BhcmFtZXRlcnMiOnsiY2xpZW50X2lkIjoiNWI4MTZjNGUtMzI1NC00Mjk5LTk2YmUtMzhkZjk5OThiYTEzIn0sImlhdCI6MTczMDEwNzIzMywianRpIjoiMjBjMmNmY2MtZWJkZi00ZTlkLWFjNzMtODViOTE4ZTcyNzBlIn0.EDo9Pv7re-p7J72y_fBBNZfKcEJqcgfW4cNLBxf0XyA&redirect_uri=https://api.webmail.tim.it/auth/consent/custom/redirecturi&scope=openid%20mail_alice&state=null&response_type=code&client_id=5b816c4e-3254-4299-96be-38df9998ba13
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
81.74.228.17 , Italy, ASN3269 (ASN-IBSNAZ, IT),
Reverse DNS
se-mi2-10.cdn.interbusiness.it
Software
Apache /
Resource Hash
e528f93ee73db376c8670b133cd3bb7b49ef8c922fd93551d085ba765e21009b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
gzip
etag
"725-61e4485a2906a-gzip"
age
1202
access-control-allow-methods
POST, GET, OPTIONS
expires
Mon, 28 Oct 2024 09:30:32 GMT
date
Mon, 28 Oct 2024 09:00:32 GMT
last-modified
Sun, 28 Jul 2024 01:18:28 GMT
vary
Origin
content-type
application/javascript
access-control-allow-headers
funnel, authorization, clientversion, Cache-Control, pragma, expires, accept, BusinessID, InteractionDate-Date, InteractionDate-Time, TransactionID, MessageId, SourceSystem, Channel, SessionID, devicetype, content-type, x-requested-with
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; preload
cache-control
max-age=1800
access-control-allow-credentials
true
via
http/1.1 ts-mi2-2.cdn.interbusiness.it (), http/1.1 se-mi2-10.cdn.interbusiness.it ()
accept-ranges
bytes
content-length
831
server
Apache
19592410-edaf-48e3-8faa-9053afe70fee.json
cdn.cookielaw.org/consent/19592410-edaf-48e3-8faa-9053afe70fee/
4 KB
2 KB
XHR
General
Full URL
https://cdn.cookielaw.org/consent/19592410-edaf-48e3-8faa-9053afe70fee/19592410-edaf-48e3-8faa-9053afe70fee.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
89db8542e0121c240cfea01aff22218b5e1bb5587f8a8ad7da50d0e6cc162bb5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

content-md5
CgIcsF4pWh5oYEwsk2vTrg==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding
gzip
cf-cache-status
HIT
etag
0x8DCF41A6D0BA262
age
47796
x-ms-lease-status
unlocked
x-content-type-options
nosniff
x-ms-version
2009-09-19
expires
Tue, 29 Oct 2024 09:20:34 GMT
date
Mon, 28 Oct 2024 09:20:34 GMT
content-type
application/json
last-modified
Thu, 24 Oct 2024 10:55:51 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin, cross-origin
x-ms-request-id
74b05342-501e-0072-484c-26e2b4000000
cf-ray
8d99d9c91f484c66-MXP
accept-ranges
bytes
access-control-allow-origin
*
content-length
1574
x-ms-blob-type
BlockBlob
server
cloudflare
P62AC5734-70D2-439D-8494-F369D681BEB1.js
cdn-gl.imrworldwide.com/conf/
28 KB
7 KB
Script
General
Full URL
https://cdn-gl.imrworldwide.com/conf/P62AC5734-70D2-439D-8494-F369D681BEB1.js
Requested by
Host: api.webmail.tim.it
URL: https://api.webmail.tim.it/auth/oauth/v2/authorize/login?action=display&sessionData=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJyZXF1ZXN0X3BhcmFtZXRlcnMiOnsiY2xpZW50X2lkIjoiNWI4MTZjNGUtMzI1NC00Mjk5LTk2YmUtMzhkZjk5OThiYTEzIn0sImlhdCI6MTczMDEwNzIzMywianRpIjoiMjBjMmNmY2MtZWJkZi00ZTlkLWFjNzMtODViOTE4ZTcyNzBlIn0.EDo9Pv7re-p7J72y_fBBNZfKcEJqcgfW4cNLBxf0XyA&redirect_uri=https://api.webmail.tim.it/auth/consent/custom/redirecturi&scope=openid%20mail_alice&state=null&response_type=code&client_id=5b816c4e-3254-4299-96be-38df9998ba13
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:236e:b800:2:42d9:3100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4f6b95b89ecd29659aca10dada61d40e5436f4544f4984756299d78b61f8a968

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

vary
Accept-Encoding
cache-control
max-age=86400,s-maxage=86400
content-encoding
gzip
x-amz-version-id
YEOCfI2neKZ_j5P_4oRjUTx9dSnhqcxH
etag
W/"f3fb73adf21648e7766aedd6165dbcb7"
age
1371
via
1.1 cb0a9b0d01a1b0cc9278d9875ce23c92.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
J8MtQZusNRzePZtmWrSmYKpfvkMNdK_6q8mp0sQRie0oRv6Iy45G3g==
date
Mon, 28 Oct 2024 08:57:44 GMT
content-type
application/javascript
last-modified
Mon, 28 Oct 2024 05:17:09 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1
x-amz-server-side-encryption
AES256
truncated
/
11 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9c98f3c5f9421f8b30307d17a4c6c77aa583dbace4d69fd737d43acf336d52dc

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
truncated
/
513 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
34f9db946e89f031a80dfca7b16b2b686469c9886441261ae70a44da1dfa2d58

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml
TIMSans-Medium.woff2
risorse.tim.it/etc.clientlibs/login-webmail-2steps/clientlibs/1.0.18/clientlib-base/resources/font/tim-sans/TIMSans-Medium/
41 KB
42 KB
Font
General
Full URL
https://risorse.tim.it/etc.clientlibs/login-webmail-2steps/clientlibs/1.0.18/clientlib-base/resources/font/tim-sans/TIMSans-Medium/TIMSans-Medium.woff2
Requested by
Host: risorse.tim.it
URL: https://risorse.tim.it/etc.clientlibs/login-webmail-2steps/clientlibs/1.0.18/clientlib-base/resources/css/main.min.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
81.74.228.17 , Italy, ASN3269 (ASN-IBSNAZ, IT),
Reverse DNS
se-mi2-10.cdn.interbusiness.it
Software
Apache /
Resource Hash
5891e62800c4390940b4fb8c7bce51a76a10100cce30c7332e79348a1d13d2cb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://api.webmail.tim.it
Referer
https://risorse.tim.it/etc.clientlibs/login-webmail-2steps/clientlibs/1.0.18/clientlib-base/resources/css/main.min.css

Response headers

content-encoding
gzip
etag
"a554-61e5ed02b42b5-gzip"
age
1814064
access-control-allow-methods
POST, GET, OPTIONS
expires
Tue, 07 Oct 2025 09:26:10 GMT
date
Mon, 07 Oct 2024 09:26:10 GMT
last-modified
Mon, 29 Jul 2024 08:40:28 GMT
vary
Origin
content-type
font/woff2
access-control-allow-headers
funnel, authorization, clientversion, Cache-Control, pragma, expires, accept, BusinessID, InteractionDate-Date, InteractionDate-Time, TransactionID, MessageId, SourceSystem, Channel, SessionID, devicetype, content-type, x-requested-with
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; preload
cache-control
max-age=31536000
access-control-allow-credentials
true
via
http/1.1 ts-mi2-3.cdn.interbusiness.it (), http/1.1 se-mi2-10.cdn.interbusiness.it ()
accept-ranges
bytes
access-control-allow-origin
https://api.webmail.tim.it
content-length
42352
server
Apache
TIMSans-Light.woff2
risorse.tim.it/etc.clientlibs/login-webmail-2steps/clientlibs/1.0.18/clientlib-base/resources/font/tim-sans/TIMSans-Light/
39 KB
40 KB
Font
General
Full URL
https://risorse.tim.it/etc.clientlibs/login-webmail-2steps/clientlibs/1.0.18/clientlib-base/resources/font/tim-sans/TIMSans-Light/TIMSans-Light.woff2
Requested by
Host: risorse.tim.it
URL: https://risorse.tim.it/etc.clientlibs/login-webmail-2steps/clientlibs/1.0.18/clientlib-base/resources/css/main.min.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
81.74.228.17 , Italy, ASN3269 (ASN-IBSNAZ, IT),
Reverse DNS
se-mi2-10.cdn.interbusiness.it
Software
Apache /
Resource Hash
0b7618b9ce533397a396d899972fb445f579cbef35c70873744c6afd2e2a3729
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://api.webmail.tim.it
Referer
https://risorse.tim.it/etc.clientlibs/login-webmail-2steps/clientlibs/1.0.18/clientlib-base/resources/css/main.min.css

Response headers

content-encoding
gzip
etag
"9ddc-61e5ec6a5198c-gzip"
age
1859366
access-control-allow-methods
POST, GET, OPTIONS
expires
Mon, 06 Oct 2025 20:51:08 GMT
date
Sun, 06 Oct 2024 20:51:08 GMT
last-modified
Mon, 29 Jul 2024 08:37:48 GMT
vary
Origin
content-type
font/woff2
access-control-allow-headers
funnel, authorization, clientversion, Cache-Control, pragma, expires, accept, BusinessID, InteractionDate-Date, InteractionDate-Time, TransactionID, MessageId, SourceSystem, Channel, SessionID, devicetype, content-type, x-requested-with
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; preload
cache-control
max-age=31536000
access-control-allow-credentials
true
via
http/1.1 se-mi1-18.cdn.interbusiness.it (), http/1.1 se-mi2-10.cdn.interbusiness.it ()
accept-ranges
bytes
access-control-allow-origin
https://api.webmail.tim.it
content-length
40434
server
Apache
location
geolocation.onetrust.com/cookieconsentpub/v1/geo/
69 B
309 B
XHR
General
Full URL
https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9b77 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6964d03a8ab5896300c3dd5cb3fc6fa302ef3d1b5453d2021282038af12e5679
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
accept
application/json
Referer

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
access-control-allow-methods
GET, OPTIONS
cf-ray
8d99d9c9cfb8ba83-MXP
access-control-allow-origin
*
date
Mon, 28 Oct 2024 09:20:34 GMT
content-type
application/json
vary
Accept-Encoding
server
cloudflare
access-control-allow-headers
Content-Type
recaptcha__it.js
www.gstatic.com/recaptcha/releases/-ZG7BC9TxCVEbzIO2m429usb/
547 KB
216 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/-ZG7BC9TxCVEbzIO2m429usb/recaptcha__it.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f3.1e100.net
Software
sffe /
Resource Hash
568eb1fee3e1102246fda6d33edbe5c8a37f631f36afb7f06a4a9781e72011a3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://api.webmail.tim.it
Referer

Response headers

content-encoding
gzip
age
438549
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
x-content-type-options
nosniff
expires
Thu, 23 Oct 2025 07:31:25 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 23 Oct 2024 07:31:25 GMT
last-modified
Tue, 22 Oct 2024 00:01:33 GMT
content-type
text/javascript
vary
Accept-Encoding
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
accept-ranges
bytes
access-control-allow-origin
*
content-length
221440
x-xss-protection
0
server
sffe
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202410210101/
481 KB
149 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202410210101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
dad10a832ba51b5db08691887a58b582022dd25c7849e0dd70f1ff8484d74a2c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
br
etag
14283833466912019972
age
5707
x-content-type-options
nosniff
expires
Tue, 28 Oct 2025 07:45:27 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Mon, 28 Oct 2024 07:45:27 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
152738
x-xss-protection
0
server
cafe
ppub_config
securepubads.g.doubleclick.net/pagead/
1 KB
519 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=api.webmail.tim.it
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
f6d74622c5cbbafe14497f6fc739621ab47e487b8b4d2a444904267001cc2694
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
content-encoding
br
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Mon, 28 Oct 2024 09:20:34 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
494
date
Mon, 28 Oct 2024 09:20:34 GMT
x-xss-protection
0
content-type
application/json; charset=UTF-8
content-disposition
attachment; filename="f.txt"
server
cafe
otBannerSdk.js
cdn.cookielaw.org/scripttemplates/202409.2.0/
461 KB
112 KB
Script
General
Full URL
https://cdn.cookielaw.org/scripttemplates/202409.2.0/otBannerSdk.js
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0725443e63be5f66e8338f66ab8bb13a1d110fad586260de0cef284356546292
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

content-md5
uGd5VTJp/PFmoOURmUW/IQ==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-lease-status
unlocked
cf-bgj
minify
cf-cache-status
HIT
x-ms-version
2009-09-19
age
51
content-encoding
gzip
x-content-type-options
nosniff
expires
Tue, 29 Oct 2024 09:20:34 GMT
cf-polished
origSize=472065
date
Mon, 28 Oct 2024 09:20:34 GMT
content-type
application/javascript
last-modified
Thu, 24 Oct 2024 11:38:30 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
x-ms-request-id
eb2c65f4-201e-0076-1d3f-261736000000
cf-ray
8d99d9ca5e9a4be8-MXP
access-control-allow-origin
*
x-ms-blob-type
BlockBlob
server
cloudflare
nlsSDK600.bundle.min.js
cdn-gl.imrworldwide.com/novms/js/2/
199 KB
56 KB
Script
General
Full URL
https://cdn-gl.imrworldwide.com/novms/js/2/nlsSDK600.bundle.min.js
Requested by
Host: cdn-gl.imrworldwide.com
URL: https://cdn-gl.imrworldwide.com/conf/P62AC5734-70D2-439D-8494-F369D681BEB1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:236e:b800:2:42d9:3100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d98cc6e770bf9c71b8758a040222960e918adb20cc1f71f2296ae4f70256d510

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
gzip
x-amz-version-id
Aabpvbg3ktgBmwIqp1b4kZ3V88L5QhMx
etag
W/"2be1fe7a43ef5ba626afab2ceddfc177"
age
2499
x-amz-storage-class
INTELLIGENT_TIERING
x-cache
Hit from cloudfront
x-amz-cf-id
EFRliBOR3KedKNGKOoYNhrelVmnTx09uJFBGEGB6exCyQDx7BHFYnA==
date
Mon, 28 Oct 2024 08:38:56 GMT
content-type
application/javascript
vary
Accept-Encoding
last-modified
Wed, 06 Sep 2023 13:04:53 GMT
cache-control
max-age=86400
via
1.1 cb0a9b0d01a1b0cc9278d9875ce23c92.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P1
server
AmazonS3
x-amz-server-side-encryption
AES256
id
dpm.demdex.net/
372 B
922 B
XHR
General
Full URL
https://dpm.demdex.net/id?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=1AD1154452F152C00A490D4C%40AdobeOrg&d_nsid=0&ts=1730107234944
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/1eecba5bc341/a61c8f568034/launch-47d59cfadcb3.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.208.241.210 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-208-241-210.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
67b05eb94694c961bf4bca12f222c52a925f5e1ac6b67080955fbec728c734e2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded
Referer

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
dcs
dcs-prod-irl1-1-v067-0e8f5c947.edge-irl1.demdex.com 2 ms
content-encoding
gzip
pragma
no-cache
access-control-allow-credentials
true
x-tid
C3YHcblHRhE=
expires
Thu, 01 Jan 1970 00:00:00 UTC
access-control-allow-origin
https://api.webmail.tim.it
content-length
315
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
date
Mon, 28 Oct 2024 09:20:35 GMT
content-type
application/json;charset=utf-8
vary
Origin
AppMeasurement.min.js
assets.adobedtm.com/extensions/EP6326e4d6b32f4a71ad5204459cc57d66/
33 KB
12 KB
Script
General
Full URL
https://assets.adobedtm.com/extensions/EP6326e4d6b32f4a71ad5204459cc57d66/AppMeasurement.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/1eecba5bc341/a61c8f568034/launch-47d59cfadcb3.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:58f::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
02e1c4508320ee6bc6b884c4de9a0d73e541b6735fa139cbd957a27f42c72140

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

cache-control
no-cache
timing-allow-origin
*
content-encoding
gzip
etag
"b135e36e0ffbaaaebca4ed5a17a3a5c5:1631821460.47263"
expires
Mon, 28 Oct 2024 10:20:34 GMT
accept-ranges
bytes
content-length
12201
date
Mon, 28 Oct 2024 09:20:34 GMT
content-type
application/x-javascript
last-modified
Thu, 16 Sep 2021 19:44:20 GMT
server
AkamaiNetStorage
vary
Accept-Encoding
AppMeasurement_Module_ActivityMap.min.js
assets.adobedtm.com/extensions/EP6326e4d6b32f4a71ad5204459cc57d66/
3 KB
2 KB
Script
General
Full URL
https://assets.adobedtm.com/extensions/EP6326e4d6b32f4a71ad5204459cc57d66/AppMeasurement_Module_ActivityMap.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/1eecba5bc341/a61c8f568034/launch-47d59cfadcb3.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:58f::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
a176b44662d7eb55562527b7df840e6eb620d9f326989674a16f0765dc94f360

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

cache-control
no-cache
timing-allow-origin
*
content-encoding
gzip
etag
"92ba45f9116eed843514845165336fae:1631821460.690196"
expires
Mon, 28 Oct 2024 10:20:34 GMT
accept-ranges
bytes
content-length
1594
date
Mon, 28 Oct 2024 09:20:34 GMT
content-type
application/x-javascript
last-modified
Thu, 16 Sep 2021 19:44:20 GMT
server
AkamaiNetStorage
vary
Accept-Encoding
ls.html
cdn-gl.imrworldwide.com/novms/html/ Frame 0A16
0
0
Document
General
Full URL
https://cdn-gl.imrworldwide.com/novms/html/ls.html
Requested by
Host: cdn-gl.imrworldwide.com
URL: https://cdn-gl.imrworldwide.com/novms/js/2/nlsSDK600.bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:9200:2:42d9:3100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

age
1238
cache-control
max-age=86400
content-encoding
gzip
content-type
text/html
date
Mon, 28 Oct 2024 08:59:57 GMT
etag
W/"7fa83dfc7b78314b137e2eb13834daa7"
last-modified
Wed, 06 Sep 2023 13:04:52 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 3141f89cca62ae5784a211a8d1176d1c.cloudfront.net (CloudFront)
x-amz-cf-id
-nmQ2ooi4TCQvxR5dbKwyjYwmwYgZ6vHUtLsRtHaTepfPaFomMt7dA==
x-amz-cf-pop
FRA60-P1
x-amz-server-side-encryption
AES256
x-amz-version-id
CTbRZ.5UlARhD4XceMUpZU1V6DSHtB37
x-cache
Hit from cloudfront
it.json
cdn.cookielaw.org/consent/19592410-edaf-48e3-8faa-9053afe70fee/0191b74e-b195-705c-9a38-e41e627191f7/
325 KB
55 KB
Fetch
General
Full URL
https://cdn.cookielaw.org/consent/19592410-edaf-48e3-8faa-9053afe70fee/0191b74e-b195-705c-9a38-e41e627191f7/it.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202409.2.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
df23d47e26ebf69c3d1c3964a0657c64b6380322d3a0618174ba02e95af6f4ca
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

content-md5
/LiMWWcU9CFv8OD7/LLS6A==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding
gzip
cf-cache-status
HIT
etag
0x8DCF41A6FA9C150
age
48876
x-ms-lease-status
unlocked
x-content-type-options
nosniff
x-ms-version
2009-09-19
expires
Tue, 29 Oct 2024 09:20:35 GMT
date
Mon, 28 Oct 2024 09:20:35 GMT
content-type
application/json
last-modified
Thu, 24 Oct 2024 10:55:55 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin, cross-origin
x-ms-request-id
f46a281a-a01e-0045-424c-264e1b000000
cf-ray
8d99d9cb29924c66-MXP
accept-ranges
bytes
access-control-allow-origin
*
content-length
55777
x-ms-blob-type
BlockBlob
server
cloudflare
iab2V2Data.json
cdn.cookielaw.org/vendorlist/
592 KB
76 KB
Fetch
General
Full URL
https://cdn.cookielaw.org/vendorlist/iab2V2Data.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202409.2.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc87dc269096ffef2346612a8d7c97a92320ab6245f74fc7db945d946ed2d995
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

content-md5
fKkBN1h42ammxO+sZU/pBA==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding
gzip
x-ms-version
2009-09-19
etag
0x8DCF6964431B2F6
x-ms-lease-status
unlocked
cf-cache-status
HIT
age
32126
x-content-type-options
nosniff
expires
Tue, 29 Oct 2024 09:20:35 GMT
date
Mon, 28 Oct 2024 09:20:35 GMT
content-type
application/json
last-modified
Sun, 27 Oct 2024 14:47:22 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
x-ms-request-id
70e0aaad-f01e-00f7-7d87-28b561000000
cf-ray
8d99d9cb29964c66-MXP
accept-ranges
bytes
access-control-allow-origin
*
content-length
78057
x-ms-blob-type
BlockBlob
server
cloudflare
googleData.json
cdn.cookielaw.org/vendorlist/
56 KB
16 KB
Fetch
General
Full URL
https://cdn.cookielaw.org/vendorlist/googleData.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202409.2.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1e7e992efafb3363819993094ea4608472272405b2bcbe9d534b877c4b42c261
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

content-md5
cfDxRLaNttZBKpud7/WP2A==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding
gzip
x-ms-version
2009-09-19
etag
0x8DCF696446470E2
x-ms-lease-status
unlocked
cf-cache-status
HIT
age
54867
x-content-type-options
nosniff
expires
Tue, 29 Oct 2024 09:20:35 GMT
date
Mon, 28 Oct 2024 09:20:35 GMT
content-type
application/json
last-modified
Sun, 27 Oct 2024 14:47:23 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
x-ms-request-id
bec0f819-d01e-0068-1a8b-28cddb000000
cf-ray
8d99d9cb299b4c66-MXP
accept-ranges
bytes
access-control-allow-origin
*
content-length
16155
x-ms-blob-type
BlockBlob
server
cloudflare
otTCF.js
cdn.cookielaw.org/scripttemplates/202409.2.0/
64 KB
18 KB
Script
General
Full URL
https://cdn.cookielaw.org/scripttemplates/202409.2.0/otTCF.js
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202409.2.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a77ed58556547050d62efb8363841c0ef48dd9ef8b092935d5e6b1b00a9c4c15
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

content-md5
XhQYXMuIrzHqVmlnxuPZaw==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding
gzip
x-ms-version
2009-09-19
etag
0x8DCF42061CDB273
x-ms-lease-status
unlocked
cf-cache-status
HIT
age
46295
x-content-type-options
nosniff
date
Mon, 28 Oct 2024 09:20:35 GMT
content-type
application/javascript
last-modified
Thu, 24 Oct 2024 11:38:29 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
x-ms-request-id
6ea6c6a0-101e-00fd-765d-26ace8000000
cf-ray
8d99d9cb2f8e4be8-MXP
accept-ranges
bytes
access-control-allow-origin
*
content-length
18016
x-ms-blob-type
BlockBlob
server
cloudflare
dest5.html
telecomitalia.demdex.net/ Frame B3DD
0
0
Document
General
Full URL
https://telecomitalia.demdex.net/dest5.html?d_nsid=0
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/1eecba5bc341/a61c8f568034/launch-47d59cfadcb3.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.242.148.88 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-242-148-88.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Mon, 28 Oct 2024 09:20:35 GMT
dcs
dcs-prod-irl1-1-v067-03ed2ce5b.edge-irl1.demdex.com 0 ms
expires
Thu, 01 Jan 1970 00:00:00 UTC
last-modified
Wed, 16 Oct 2024 08:53:56 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains
vary
accept-encoding
x-tid
DM5JBTfKRzA=
ibs:dpid=411&dpuuid=Zx9XYwAAAE9BNwNn
dpm.demdex.net/
Redirect Chain
  • https://cm.everesttech.net/cm/dd?d_uuid=41094895504828844613811205913427869277
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=Zx9XYwAAAE9BNwNn
42 B
717 B
Image
General
Full URL
https://dpm.demdex.net/ibs:dpid=411&dpuuid=Zx9XYwAAAE9BNwNn
Requested by
Host: api.webmail.tim.it
URL: https://api.webmail.tim.it/auth/oauth/v2/authorize/login?action=display&sessionData=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJyZXF1ZXN0X3BhcmFtZXRlcnMiOnsiY2xpZW50X2lkIjoiNWI4MTZjNGUtMzI1NC00Mjk5LTk2YmUtMzhkZjk5OThiYTEzIn0sImlhdCI6MTczMDEwNzIzMywianRpIjoiMjBjMmNmY2MtZWJkZi00ZTlkLWFjNzMtODViOTE4ZTcyNzBlIn0.EDo9Pv7re-p7J72y_fBBNZfKcEJqcgfW4cNLBxf0XyA&redirect_uri=https://api.webmail.tim.it/auth/consent/custom/redirecturi&scope=openid%20mail_alice&state=null&response_type=code&client_id=5b816c4e-3254-4299-96be-38df9998ba13
Protocol
H2
Server
52.208.241.210 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-208-241-210.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
dcs
dcs-prod-irl1-1-v067-0ff473ade.edge-irl1.demdex.com 2 ms
content-encoding
gzip
pragma
no-cache
x-content-type-options
nosniff
x-tid
LISNbKC9Rn8=
expires
Thu, 01 Jan 1970 00:00:00 UTC
content-length
59
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
date
Mon, 28 Oct 2024 09:20:35 GMT
content-type
image/gif

Redirect headers

Cache-Control
no-cache
Location
https://dpm.demdex.net/ibs:dpid=411&dpuuid=Zx9XYwAAAE9BNwNn
P3P
CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Content-Length
0
Date
Mon, 28 Oct 2024 09:20:35 GMT
Connection
keep-alive
Server
AMO-cookiemap/1.1
s52596268589743
ssl-metrics.tim.it/b/ss/tivirmailservprod/1/JS-2.22.2-LBWB/
43 B
372 B
Image
General
Full URL
https://ssl-metrics.tim.it/b/ss/tivirmailservprod/1/JS-2.22.2-LBWB/s52596268589743?AQB=1&ndh=1&pf=1&t=28%2F9%2F2024%2010%3A20%3A35%201%20-60&mid=37813360928280806564150568745685459744&aamlh=6&ce=UTF-8&pageName=VIR%3ACanale%20Mail%20e%20Servizi%3ATim%20Mail%3AHomePage%20Tim%20Mail&g=https%3A%2F%2Fapi.webmail.tim.it%2Fauth%2Foauth%2Fv2%2Fauthorize%2Flogin%3Faction%3Ddisplay%26sessionData%3DeyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJyZXF1ZXN0X3BhcmFtZXRlcnMiOnsiY2xpZW50X2lkIjoiNWI4MTZjNGUtMzI1NC00Mjk5LTk2YmUtMzhkZjk5OThiYTEzIn0sImlhdCI6MTczMDEwNzIzMywianRpIjoiMj&r=https%3A%2F%2Fmail.tim.it%2F&cc=EUR&ch=Canale%20Mail%20e%20Servizi&events=event1&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&h1=Canale%20Mail%20e%20Servizi%2CTim%20Mail%2CHomePage%20Tim%20Mail&c9=MAIL%20E%20SERVIZI&v9=MAIL%20E%20SERVIZI&c10=mail.alice.it&v10=mail.alice.it&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&-g=BjMmNmY2MtZWJkZi00ZTlkLWFjNzMtODViOTE4ZTcyNzBlIn0.EDo9Pv7re-p7J72y_fBBNZfKcEJqcgfW4cNLBxf0XyA%26redirect_uri%3Dhttps%3A%2F%2Fapi.webmail.tim.it%2Fauth%2Fconsent%2Fcustom%2Fredirecturi%26scope%3Dopenid%2520mail_alice%26state%3Dnull%26response_type%3Dcode%26client_id%3D5b816c4e-3254-4299-96be-38df9998ba13&mcorgid=1AD1154452F152C00A490D4C%40AdobeOrg&AQE=1
Requested by
Host: api.webmail.tim.it
URL: https://api.webmail.tim.it/auth/oauth/v2/authorize/login?action=display&sessionData=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJyZXF1ZXN0X3BhcmFtZXRlcnMiOnsiY2xpZW50X2lkIjoiNWI4MTZjNGUtMzI1NC00Mjk5LTk2YmUtMzhkZjk5OThiYTEzIn0sImlhdCI6MTczMDEwNzIzMywianRpIjoiMjBjMmNmY2MtZWJkZi00ZTlkLWFjNzMtODViOTE4ZTcyNzBlIn0.EDo9Pv7re-p7J72y_fBBNZfKcEJqcgfW4cNLBxf0XyA&redirect_uri=https://api.webmail.tim.it/auth/consent/custom/redirecturi&scope=openid%20mail_alice&state=null&response_type=code&client_id=5b816c4e-3254-4299-96be-38df9998ba13
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
63.140.62.17 , United States, ASN15224 (OMNITURE, US),
Reverse DNS
ip-63-140-62-17.data.adobedc.net
Software
jag /
Resource Hash
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
cache-control
no-cache, no-store, max-age=0, no-transform, private
pragma
no-cache
etag
3715376996490805248-4618617701580878129
x-content-type-options
nosniff
expires
Sun, 27 Oct 2024 09:20:35 GMT
access-control-allow-origin
*
p3p
CP="This is not a P3P policy"
content-length
43
date
Mon, 28 Oct 2024 09:20:35 GMT
x-xss-protection
1; mode=block
last-modified
Tue, 29 Oct 2024 09:20:35 GMT
vary
*
server
jag
content-type
image/gif;charset=utf-8
otCenterRounded.json
cdn.cookielaw.org/scripttemplates/202409.2.0/assets/
9 KB
3 KB
Fetch
General
Full URL
https://cdn.cookielaw.org/scripttemplates/202409.2.0/assets/otCenterRounded.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202409.2.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
64aff3262c56fa48ad38b8d9d4d674a6ee3759d1ce4cb52c66865e3fc2c16d2f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

content-md5
dx5Cp6CpSdf8iUD/zPNWlg==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding
gzip
x-ms-version
2009-09-19
etag
0x8DCF4205F61D9E8
x-ms-lease-status
unlocked
cf-cache-status
HIT
age
79716
x-content-type-options
nosniff
date
Mon, 28 Oct 2024 09:20:35 GMT
content-type
application/json
last-modified
Thu, 24 Oct 2024 11:38:25 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
x-ms-request-id
856bd0ba-c01e-0033-60ce-26caa7000000
cf-ray
8d99d9cd1c2d4c66-MXP
accept-ranges
bytes
access-control-allow-origin
*
content-length
2597
x-ms-blob-type
BlockBlob
server
cloudflare
otPcTab.json
cdn.cookielaw.org/scripttemplates/202409.2.0/assets/v2/
64 KB
14 KB
Fetch
General
Full URL
https://cdn.cookielaw.org/scripttemplates/202409.2.0/assets/v2/otPcTab.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202409.2.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4016f0eb8333275dd19d417256d10f1baeb5185536d43503f5e0f54e3253e71d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

content-md5
J9cjcrf32jBnxJwfqNot4g==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding
gzip
x-ms-version
2009-09-19
etag
0x8DCF4206080AE9F
x-ms-lease-status
unlocked
cf-cache-status
HIT
age
54907
x-content-type-options
nosniff
date
Mon, 28 Oct 2024 09:20:35 GMT
content-type
application/json
last-modified
Thu, 24 Oct 2024 11:38:27 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
x-ms-request-id
2e9fae2b-401e-0029-46ce-26e5c8000000
cf-ray
8d99d9cd1c2f4c66-MXP
accept-ranges
bytes
access-control-allow-origin
*
content-length
13789
x-ms-blob-type
BlockBlob
server
cloudflare
otCommonStyles.css
cdn.cookielaw.org/scripttemplates/202409.2.0/assets/
24 KB
4 KB
Fetch
General
Full URL
https://cdn.cookielaw.org/scripttemplates/202409.2.0/assets/otCommonStyles.css
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202409.2.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e2afa04c9a3e080712c94d68b9c1d33587fddcbaeaba9dfcaf1d53d19f6a280a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

content-md5
A9jekd5UoO8SyzJ6LiStug==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
x-ms-lease-status
unlocked
cf-cache-status
HIT
age
79716
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 28 Oct 2024 09:20:35 GMT
content-type
text/css
last-modified
Thu, 24 Oct 2024 11:38:35 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
x-ms-request-id
4032ca2a-601e-003e-0bce-2625ab000000
cf-ray
8d99d9cd1c394c66-MXP
access-control-allow-origin
*
x-ms-blob-type
BlockBlob
server
cloudflare
TIMSans-Heavy.woff2
risorse.tim.it/etc.clientlibs/login-webmail-2steps/clientlibs/1.0.18/clientlib-base/resources/font/tim-sans/TIMSans-Heavy/
43 KB
43 KB
Font
General
Full URL
https://risorse.tim.it/etc.clientlibs/login-webmail-2steps/clientlibs/1.0.18/clientlib-base/resources/font/tim-sans/TIMSans-Heavy/TIMSans-Heavy.woff2
Requested by
Host: risorse.tim.it
URL: https://risorse.tim.it/etc.clientlibs/login-webmail-2steps/clientlibs/1.0.18/clientlib-base/resources/css/main.min.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
81.74.228.17 , Italy, ASN3269 (ASN-IBSNAZ, IT),
Reverse DNS
se-mi2-10.cdn.interbusiness.it
Software
Apache /
Resource Hash
213b653ca243de1ff187ccc7f2237353e7d0ab9566631b3238dbbcdbfe5f3acd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://api.webmail.tim.it
Referer
https://risorse.tim.it/etc.clientlibs/login-webmail-2steps/clientlibs/1.0.18/clientlib-base/resources/css/main.min.css

Response headers

content-encoding
gzip
etag
"aa60-61eb649b6bf65-gzip"
age
267898
access-control-allow-methods
POST, GET, OPTIONS
expires
Sat, 25 Oct 2025 06:55:37 GMT
date
Fri, 25 Oct 2024 06:55:37 GMT
last-modified
Fri, 02 Aug 2024 17:02:09 GMT
vary
Origin
content-type
font/woff2
access-control-allow-headers
funnel, authorization, clientversion, Cache-Control, pragma, expires, accept, BusinessID, InteractionDate-Date, InteractionDate-Time, TransactionID, MessageId, SourceSystem, Channel, SessionID, devicetype, content-type, x-requested-with
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; preload
cache-control
max-age=31536000
access-control-allow-credentials
true
via
http/1.1 ts-mi1-1.cdn.interbusiness.it (), http/1.1 se-mi2-10.cdn.interbusiness.it ()
accept-ranges
bytes
access-control-allow-origin
https://api.webmail.tim.it
content-length
43644
server
Apache
ot_guard_logo.svg
cdn.cookielaw.org/logos/static/
497 B
565 B
Fetch
General
Full URL
https://cdn.cookielaw.org/logos/static/ot_guard_logo.svg
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202409.2.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

content-md5
tXyZydHjxQshFMbbBT1/8A==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
x-ms-lease-status
unlocked
cf-cache-status
HIT
age
50679
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 28 Oct 2024 09:20:35 GMT
content-type
image/svg+xml
last-modified
Thu, 24 Oct 2024 19:19:43 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
x-ms-request-id
62832700-a01e-0067-1bf5-26202d000000
cf-ray
8d99d9cd9ce04c66-MXP
access-control-allow-origin
*
x-ms-blob-type
BlockBlob
server
cloudflare
logo-TIM.png
cdn.cookielaw.org/logos/340d4148-79e3-4ee0-bcc8-a0ecbed12342/c00272cd-aa5e-48d9-8309-c78e47b20e8a/843cd7b2-a059-4ffd-8e70-2912afaa2a13/
6 KB
6 KB
Image
General
Full URL
https://cdn.cookielaw.org/logos/340d4148-79e3-4ee0-bcc8-a0ecbed12342/c00272cd-aa5e-48d9-8309-c78e47b20e8a/843cd7b2-a059-4ffd-8e70-2912afaa2a13/logo-TIM.png
Requested by
Host: api.webmail.tim.it
URL: https://api.webmail.tim.it/auth/oauth/v2/authorize/login?action=display&sessionData=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJyZXF1ZXN0X3BhcmFtZXRlcnMiOnsiY2xpZW50X2lkIjoiNWI4MTZjNGUtMzI1NC00Mjk5LTk2YmUtMzhkZjk5OThiYTEzIn0sImlhdCI6MTczMDEwNzIzMywianRpIjoiMjBjMmNmY2MtZWJkZi00ZTlkLWFjNzMtODViOTE4ZTcyNzBlIn0.EDo9Pv7re-p7J72y_fBBNZfKcEJqcgfW4cNLBxf0XyA&redirect_uri=https://api.webmail.tim.it/auth/consent/custom/redirecturi&scope=openid%20mail_alice&state=null&response_type=code&client_id=5b816c4e-3254-4299-96be-38df9998ba13
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6b347542c40e703bd68883dab7a4a2d29ce3716602a4d276ac4c710707ff2479
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

content-md5
p0YPYLooCaBZGCKT8H9FPg==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
x-ms-lease-status
unlocked
etag
0x8DBEB8D3E175A87
age
50059
cf-cache-status
HIT
x-content-type-options
nosniff
date
Mon, 28 Oct 2024 09:20:35 GMT
content-type
image/png
last-modified
Wed, 22 Nov 2023 19:00:06 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
x-ms-request-id
c2cb59e4-a01e-0067-19b4-1e202d000000
cf-ray
8d99d9cdaafd4be8-MXP
accept-ranges
bytes
access-control-allow-origin
*
content-length
6099
x-ms-blob-type
BlockBlob
server
cloudflare
powered_by_logo.svg
cdn.cookielaw.org/logos/static/
5 KB
2 KB
Image
General
Full URL
https://cdn.cookielaw.org/logos/static/powered_by_logo.svg
Requested by
Host: api.webmail.tim.it
URL: https://api.webmail.tim.it/auth/oauth/v2/authorize/login?action=display&sessionData=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJyZXF1ZXN0X3BhcmFtZXRlcnMiOnsiY2xpZW50X2lkIjoiNWI4MTZjNGUtMzI1NC00Mjk5LTk2YmUtMzhkZjk5OThiYTEzIn0sImlhdCI6MTczMDEwNzIzMywianRpIjoiMjBjMmNmY2MtZWJkZi00ZTlkLWFjNzMtODViOTE4ZTcyNzBlIn0.EDo9Pv7re-p7J72y_fBBNZfKcEJqcgfW4cNLBxf0XyA&redirect_uri=https://api.webmail.tim.it/auth/consent/custom/redirecturi&scope=openid%20mail_alice&state=null&response_type=code&client_id=5b816c4e-3254-4299-96be-38df9998ba13
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

content-md5
Y+c301RBZNK39PvKQWrIBw==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
x-ms-lease-status
unlocked
cf-cache-status
HIT
age
54600
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 28 Oct 2024 09:20:35 GMT
content-type
image/svg+xml
last-modified
Thu, 24 Oct 2024 19:19:44 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
x-ms-request-id
ba60cad7-901e-0064-7102-27232a000000
cf-ray
8d99d9cdaaff4be8-MXP
access-control-allow-origin
*
x-ms-blob-type
BlockBlob
server
cloudflare
favicon.ico
risorse.tim.it/etc.clientlibs/login-webmail-2steps/clientlibs/1.0.18/clientlib-base/resources/img/
15 KB
1 KB
Other
General
Full URL
https://risorse.tim.it/etc.clientlibs/login-webmail-2steps/clientlibs/1.0.18/clientlib-base/resources/img/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
81.74.228.17 , Italy, ASN3269 (ASN-IBSNAZ, IT),
Reverse DNS
se-mi2-10.cdn.interbusiness.it
Software
Apache /
Resource Hash
90ebf40b3c70c3e990753e80c01d6f3d04d8f6e12f6e5f260148ad9a462e0f87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
gzip
etag
"3aee-61e485ca91a65-gzip"
age
194
access-control-allow-methods
POST, GET, OPTIONS
expires
Mon, 28 Oct 2024 09:47:21 GMT
date
Mon, 28 Oct 2024 09:17:21 GMT
last-modified
Sun, 28 Jul 2024 05:53:21 GMT
vary
Origin
content-type
image/x-icon
access-control-allow-headers
funnel, authorization, clientversion, Cache-Control, pragma, expires, accept, BusinessID, InteractionDate-Date, InteractionDate-Time, TransactionID, MessageId, SourceSystem, Channel, SessionID, devicetype, content-type, x-requested-with
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; preload
cache-control
max-age=1800
access-control-allow-credentials
true
via
https/1.1 se-mi1-18.cdn.interbusiness.it (), http/1.1 se-mi2-10.cdn.interbusiness.it ()
accept-ranges
bytes
content-length
963
server
Apache
ping
pagead2.googlesyndication.com/pagead/
0
0
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202410210101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
/
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer

Response headers

gn
secure-it.imrworldwide.com/cgi-bin/
44 B
425 B
Image
General
Full URL
https://secure-it.imrworldwide.com/cgi-bin/gn?prd=dcr&ci=it-801693&ch=it-801693_c02_TelecomItaliaMail_BRW_S&asn=TelecomItaliaMail_BRW&fp_id=&fp_cr_tm=&fp_acc_tm=&fp_emm_tm=&ve_id=&sessionId=sattao7nyq5hzxa5xulr51xlgr3441730107235&prv=1&c6=vc,c02&ca=NA&c13=asid,P62AC5734-70D2-439D-8494-F369D681BEB1&c32=segA,NA&c33=segB,NA&c34=segC,NA&c15=apn,&sup=1&segment2=&segment1=&forward=0&plugv=&playerv=&ad=0&cr=V&c9=devid,&enc=true&c1=nuid,sivfi0hrsvmq8ic2ucbwygah4snbm1730107235&at=view&rt=text&c16=sdkv,bj.6.0.0&c27=cln,0&crs=&lat=&lon=&c29=plid,17301072350342872&c30=bldv,6.0.0.673&st=dcr&c7=osgrp,&c8=devgrp,&c10=plt,&c40=adbid,&c14=osver,NA&c26=dmap,1&dd=&hrd=&wkd=&c35=adrsid,&c36=cref1,&c37=cref2,&c11=agg,1&c12=apv,&c51=adl,0&c52=noad,0&pc=NA&c53=fef,n&c54=oad,&c55=cref3,&c57=adldf,2&ai=TelecomItaliaMailBRWLoginHome&c3=st,c&c64=starttm,1730107236&adid=TelecomItaliaMailBRWLoginHome&c58=isLive,false&c59=sesid,&c61=createtm,1730107237&c63=pipMode,&uoo=&c68=bndlid,&nodeTM=&logTM=&c73=phtype,&c74=dvcnm,&c76=adbsnid,&c44=progen,&davty=0&si=https%3A%2F%2Fapi.webmail.tim.it%2Fauth%2Foauth%2Fv2%2Fauthorize%2Flogin%3Faction%3Ddisplay%26sessionData%3DeyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJyZXF1ZXN0X3BhcmFtZXRlcnMiOnsiY2xpZW50X2lkIjoiNWI4MTZjNGUtMzI1NC00Mjk5LTk2YmUtMzhkZjk5OThiYTEzIn0sImlhdCI6MTczMDEwNzIzMywianRpIjoiMjBjMmNmY2MtZWJkZi00ZTlkLWFjNzMtODViOTE4ZTcyNzBlIn0.EDo9Pv7re-p7J72y_fBBNZfKcEJqcgfW4cNLBxf0XyA%26redirect_uri%3Dhttps%3A%2F%2Fapi.webmail.tim.it%2Fauth%2Fconsent%2Fcustom%2Fredirecturi%26scope%3Dopenid%2520mail_alice%26state%3Dnull%26response_type%3Dcode%26client_id%3D5b816c4e-3254-4299-96be-38df9998ba13&c66=mediaurl,&sdd=&c62=sendTime,1730107237&rnd=31453
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.212.137.238 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-212-137-238.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

cache-control
no-cache
pragma
no-cache
accept-ch
Sec-Ch-Ua-Model, Sec-Ch-Ua-Platform, Sec-Ch-Ua-Platform-Version
cross-origin-resource-policy
cross-origin
access-control-allow-methods
POST, OPTIONS
expires
Thu, 01 Dec 1994 16:00:00 GMT
access-control-allow-origin
*
content-length
44
p3p
P3P policyref="http://secure-it.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
date
Mon, 28 Oct 2024 09:20:37 GMT
content-type
image/gif
server
nginx

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Microsoft (Consumer)

124 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 function| createElementFromHTML function| OptanonWrapper object| nSdkInstance object| nielsenMetadata object| NOLBUNDLE object| digitalData object| adSlot1 object| adSlot2 object| googletag object| OtTrustedType object| a function| b object| init object| cbeUtil object| CbeApi function| extra function| sendFormData function| getQueryStringVariable function| getInfoFromError function| mostraSelectLineaRiordinata function| mostraWalletRiordinato function| isWcmmodeDisabled function| currentUrlWithParam function| urlWithoutParam function| currentUrlWithoutParam function| getUuid function| getUrlOfRouteOrOfHomepage function| getParameterByName function| getSelectOption function| openModal function| setDummyCookie function| getCookie function| checkNested function| chosenMdp function| onlyUnique function| firstCharOfStringToUpperCase function| createTingleModal function| goToLocation object| omnitureTrack function| $ function| jQuery object| Handlebars function| _ function| Swiper object| lottie object| bodymovin object| TabHandler object| tingle object| sessionStorageUtil object| lazySizes function| checkIsEmpty function| isMobile function| initializationFormLogin function| checkPasswordBlur function| checkPassword function| checkEmailBlur function| checkEmail function| displayAdvSlot2 function| refreshSecondSlot function| clearAllSlots function| destroyAdvSlot1 function| refreshFirstSlot function| checkForm function| checkRecaptcha function| onRecaptchaSuccess function| onRecaptchaExpired function| extendCliccableAdvArea string| nameCookie function| dco_set_cookie function| dco_read_cookie function| dco_delete_cookie function| salvaCookieBanner function| openInfoEstesa function| saveAllTrue string| strDomain string| bannerCookie function| setBannerCookie function| readBannerCookie function| deleteBannerCookie function| closeBanner object| store object| links string| expireBannerCookie function| isAndroid object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| ggeac object| google_tag_data object| google_js_reporting_queue function| __tcfapi object| otStubData object| _satellite boolean| __satelliteLoaded object| adobe function| Visitor object| s_c_il number| s_c_in function| AppMeasurement_Module_ActivityMap function| AppMeasurement function| s_gi function| s_pgicq function| _typeof object| ns object| paramsPassed object| stateObject object| errorState string| BUILDVERSION object| stateEvents object| google_reactive_ads_global_state object| recaptcha object| otIabModule object| s_i_tivirmailservprod object| Optanon object| OneTrust function| gtag object| dataLayer string| OnetrustActiveGroups string| OptanonActiveGroups

11 Cookies

Domain/Path Name / Value
api.webmail.tim.it/auth/oauth/v2/authorize/ Name: AUTH_SESSION_ID
Value: aeb4bc49-b87c-4f65-aecd-605fab094795.keycloak-keycloakx-9-20905
api.webmail.tim.it/auth/oauth/v2/authorize/ Name: AUTH_SESSION_ID_LEGACY
Value: aeb4bc49-b87c-4f65-aecd-605fab094795.keycloak-keycloakx-9-20905
api.webmail.tim.it/auth/oauth/v2/authorize/ Name: KC_RESTART
Value: eyJhbGciOiJIUzI1NiIsInR5cCIgOiAiSldUIiwia2lkIiA6ICJmMTBmMDczZS0zZGRhLTQ0MDYtOTc0OS1mYjU3Yjk0M2Y0ZWUifQ.eyJjaWQiOiI1YjgxNmM0ZS0zMjU0LTQyOTktOTZiZS0zOGRmOTk5OGJhMTMiLCJwdHkiOiJvcGVuaWQtY29ubmVjdCIsInJ1cmkiOiJodHRwczovL2FwaS53ZWJtYWlsLnRpbS5pdC9hdXRoL2NvbnNlbnQvY3VzdG9tL3JlZGlyZWN0dXJpIiwiYWN0IjoiQVVUSEVOVElDQVRFIiwibm90ZXMiOnsiY2xpZW50X3JlcXVlc3RfcGFyYW1fc2Vzc2lvbkRhdGEiOiJleUowZVhBaU9pSktWMVFpTENKaGJHY2lPaUpJVXpJMU5pSjkuZXlKeVpYRjFaWE4wWDNCaGNtRnRaWFJsY25NaU9uc2lZMnhwWlc1MFgybGtJam9pTldJNE1UWmpOR1V0TXpJMU5DMDBNams1TFRrMlltVXRNemhrWmprNU9UaGlZVEV6SW4wc0ltbGhkQ0k2TVRjek1ERXdOekl6TXl3aWFuUnBJam9pTWpCak1tTm1ZMk10WldKa1ppMDBaVGxrTFdGak56TXRPRFZpT1RFNFpUY3lOekJsSW4wLkVEbzlQdjdyZS1wN0o3MnlfZkJCTlpmS2NFSnFjZ2ZXNGNOTEJ4ZjBYeUEiLCJzY29wZSI6Im9wZW5pZCBtYWlsX2FsaWNlIiwiaXNzIjoiaHR0cHM6Ly9rZXljbG9hay1tYWlsLm1pY3Jvcy5nY2xvdWQudGVsZWNvbWl0YWxpYS5sb2NhbC9hdXRoL3JlYWxtcy9USU0iLCJyZXNwb25zZV90eXBlIjoiY29kZSIsInJlZGlyZWN0X3VyaSI6Imh0dHBzOi8vYXBpLndlYm1haWwudGltLml0L2F1dGgvY29uc2VudC9jdXN0b20vcmVkaXJlY3R1cmkiLCJzdGF0ZSI6Im51bGwiLCJjbGllbnRfcmVxdWVzdF9wYXJhbV9hY3Rpb24iOiJkaXNwbGF5In19.uDgc2TI_0BuzBlxzB3yT2t0xTvgD761VKyzg0LjgO8I
api.webmail.tim.it/ Name: cookiesession1
Value: 678A3E0E17DBD82A23B4655C32122736
.demdex.net/ Name: demdex
Value: 41094895504828844613811205913427869277
.tim.it/ Name: AMCVS_1AD1154452F152C00A490D4C%40AdobeOrg
Value: 1
.tim.it/ Name: s_cc
Value: true
.tim.it/ Name: OptanonConsent
Value: isGpcEnabled=0&datestamp=Mon+Oct+28+2024+10%3A20%3A35+GMT%2B0100+(Ora+standard+dell%E2%80%99Europa+centrale)&version=202409.2.0&browserGpcFlag=0&isIABGlobal=false&hosts=&consentId=7f0d4271-b863-4460-a387-5aa7a6998511&interactionCount=0&isAnonUser=1&landingPath=https%3A%2F%2Fapi.webmail.tim.it%2Fauth%2Foauth%2Fv2%2Fauthorize%2Flogin%3Faction%3Ddisplay%26sessionData%3DeyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJyZXF1ZXN0X3BhcmFtZXRlcnMiOnsiY2xpZW50X2lkIjoiNWI4MTZjNGUtMzI1NC00Mjk5LTk2YmUtMzhkZjk5OThiYTEzIn0sImlhdCI6MTczMDEwNzIzMywianRpIjoiMjBjMmNmY2MtZWJkZi00ZTlkLWFjNzMtODViOTE4ZTcyNzBlIn0.EDo9Pv7re-p7J72y_fBBNZfKcEJqcgfW4cNLBxf0XyA%26redirect_uri%3Dhttps%3A%2F%2Fapi.webmail.tim.it%2Fauth%2Fconsent%2Fcustom%2Fredirecturi%26scope%3Dopenid%2520mail_alice%26state%3Dnull%26response_type%3Dcode%26client_id%3D5b816c4e-3254-4299-96be-38df9998ba13&groups=BG614%3A0%2CC0001%3A1%2CC0007%3A0%2CBG615%3A0%2CC0004%3A0%2CC0005%3A0%2CC0003%3A0%2CV2STACK42%3A0
.dpm.demdex.net/ Name: dpm
Value: 41094895504828844613811205913427869277
.tim.it/ Name: AMCV_1AD1154452F152C00A490D4C%40AdobeOrg
Value: -1124106680%7CMCIDTS%7C20025%7CMCMID%7C37813360928280806564150568745685459744%7CMCAAMLH-1730712035%7C6%7CMCAAMB-1730712035%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1730114435s%7CNONE%7CMCSYNCSOP%7C411-20032%7CvVersion%7C5.2.0
.imrworldwide.com/ Name: IMRID
Value: e37f77f0-950d-11ef-a554-079f04783cc5

2 Console Messages

Source Level URL
Text
recommendation warning URL: https://api.webmail.tim.it/auth/oauth/v2/authorize/login?action=display&sessionData=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJyZXF1ZXN0X3BhcmFtZXRlcnMiOnsiY2xpZW50X2lkIjoiNWI4MTZjNGUtMzI1NC00Mjk5LTk2YmUtMzhkZjk5OThiYTEzIn0sImlhdCI6MTczMDEwNzIzMywianRpIjoiMjBjMmNmY2MtZWJkZi00ZTlkLWFjNzMtODViOTE4ZTcyNzBlIn0.EDo9Pv7re-p7J72y_fBBNZfKcEJqcgfW4cNLBxf0XyA&redirect_uri=https://api.webmail.tim.it/auth/consent/custom/redirecturi&scope=openid%20mail_alice&state=null&response_type=code&client_id=5b816c4e-3254-4299-96be-38df9998ba13
Message:
[DOM] Found 3 elements with non-unique id #: (More info: https://goo.gl/9p2vKq) %o %o %o
recommendation verbose URL: https://api.webmail.tim.it/auth/oauth/v2/authorize/login?action=display&sessionData=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJyZXF1ZXN0X3BhcmFtZXRlcnMiOnsiY2xpZW50X2lkIjoiNWI4MTZjNGUtMzI1NC00Mjk5LTk2YmUtMzhkZjk5OThiYTEzIn0sImlhdCI6MTczMDEwNzIzMywianRpIjoiMjBjMmNmY2MtZWJkZi00ZTlkLWFjNzMtODViOTE4ZTcyNzBlIn0.EDo9Pv7re-p7J72y_fBBNZfKcEJqcgfW4cNLBxf0XyA&redirect_uri=https://api.webmail.tim.it/auth/consent/custom/redirecturi&scope=openid%20mail_alice&state=null&response_type=code&client_id=5b816c4e-3254-4299-96be-38df9998ba13
Message:
[DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy object-src 'none'; frame-ancestors *.tim.it;
Strict-Transport-Security max-age=31536000; preload
X-Frame-Options SAMEORIGIN SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.webmail.tim.it
assets.adobedtm.com
cdn-gl.imrworldwide.com
cdn.cookielaw.org
cm.everesttech.net
dpm.demdex.net
geolocation.onetrust.com
mail.tim.it
pagead2.googlesyndication.com
risorse.tim.it
secure-it.imrworldwide.com
securepubads.g.doubleclick.net
ssl-metrics.tim.it
telecomitalia.demdex.net
www.google.com
www.gstatic.com
142.250.184.194
142.250.184.226
15.161.156.80
156.54.0.101
172.217.16.195
216.58.206.68
2600:9000:2240:9200:2:42d9:3100:93a1
2600:9000:236e:b800:2:42d9:3100:93a1
2606:4700:4400::ac40:9b77
2606:4700::6812:572a
2a02:26f0:3500:58f::1e80
34.242.148.88
52.208.241.210
52.212.137.238
52.212.56.148
63.140.62.17
81.74.228.17
02e1c4508320ee6bc6b884c4de9a0d73e541b6735fa139cbd957a27f42c72140
05da570f8f5adc68101216baa6ecfbffa7a3d75d026228460e0df7876c69234e
0725443e63be5f66e8338f66ab8bb13a1d110fad586260de0cef284356546292
0b7618b9ce533397a396d899972fb445f579cbef35c70873744c6afd2e2a3729
0d3d3f091da595de1ac4455a615a757b2f874ecf02bf6599b551519e9500a5a0
16ded92a17f35054f28df52abca8e0f544a853f3701e6e8af05202cbba8505d8
1e0e7eb07413a758a8f30549cdc3be52f24ebf123b95c3c690309e4750dfee1e
1e7e992efafb3363819993094ea4608472272405b2bcbe9d534b877c4b42c261
213b653ca243de1ff187ccc7f2237353e7d0ab9566631b3238dbbcdbfe5f3acd
2b06adc1b820c9cf11a9f673e7c4b47d985248d71c851ef84669bd320627e4b8
34f9db946e89f031a80dfca7b16b2b686469c9886441261ae70a44da1dfa2d58
4016f0eb8333275dd19d417256d10f1baeb5185536d43503f5e0f54e3253e71d
4f6b95b89ecd29659aca10dada61d40e5436f4544f4984756299d78b61f8a968
568eb1fee3e1102246fda6d33edbe5c8a37f631f36afb7f06a4a9781e72011a3
5775c6d56222c16e7d527709fda4096d57c3e6e9653cd7b924c2f95143e0434f
5891e62800c4390940b4fb8c7bce51a76a10100cce30c7332e79348a1d13d2cb
5a9536f0ef835e730ebecc90664112b6e803496b41a5b79c58f4f9d9bf4a4a04
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
61b433ae35e42a632275954c1a005cb61f6b982edba80b86c6146095ead1d5ef
64aff3262c56fa48ad38b8d9d4d674a6ee3759d1ce4cb52c66865e3fc2c16d2f
67b05eb94694c961bf4bca12f222c52a925f5e1ac6b67080955fbec728c734e2
691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19
6964d03a8ab5896300c3dd5cb3fc6fa302ef3d1b5453d2021282038af12e5679
6b347542c40e703bd68883dab7a4a2d29ce3716602a4d276ac4c710707ff2479
7358c5616f671017f307d161644d253f0f81083b0be68f3a3fefefa33b59de5d
89db8542e0121c240cfea01aff22218b5e1bb5587f8a8ad7da50d0e6cc162bb5
90ebf40b3c70c3e990753e80c01d6f3d04d8f6e12f6e5f260148ad9a462e0f87
9c98f3c5f9421f8b30307d17a4c6c77aa583dbace4d69fd737d43acf336d52dc
a176b44662d7eb55562527b7df840e6eb620d9f326989674a16f0765dc94f360
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a77ed58556547050d62efb8363841c0ef48dd9ef8b092935d5e6b1b00a9c4c15
ad79fb9f60f0b92f9ff249de37ab2046538d81d6e39283cd8c182468b051f149
b0c6fb87a881dbc18c152a84d1d53cf36d0cdf4f377bfaf6776bd4021dfe486c
b62855e46f5962191adfebef801f66ee465d502e9acf0bd1378b393721b073f3
bb462a24eef290bb508dfd155c8d94e5220b203109f6574184723f9ea252f9e9
d0f0e941c916d4071dd41a5ba6bc1ff71b42c0dc993d492b137977fe8fc78b52
d98cc6e770bf9c71b8758a040222960e918adb20cc1f71f2296ae4f70256d510
dad10a832ba51b5db08691887a58b582022dd25c7849e0dd70f1ff8484d74a2c
dc87dc269096ffef2346612a8d7c97a92320ab6245f74fc7db945d946ed2d995
df23d47e26ebf69c3d1c3964a0657c64b6380322d3a0618174ba02e95af6f4ca
e2afa04c9a3e080712c94d68b9c1d33587fddcbaeaba9dfcaf1d53d19f6a280a
e528f93ee73db376c8670b133cd3bb7b49ef8c922fd93551d085ba765e21009b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f6d74622c5cbbafe14497f6fc739621ab47e487b8b4d2a444904267001cc2694
f856a6ce72d97dcf0079e45e7cbe5be495c60ea6b349056875eefcf09b0b39e8