iren.prezzogiusto.com Open in urlscan Pro
143.204.98.92 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://api.loradelleofferte.com/3_1/click/?data=c2VuZG91dElkfHx8fDUyLy8vL25ld3NsZXR0ZXJJZHx8fHw5Ly8vL3JlY2lwaWVudElkfHx8fDI5NDY3...
Effective URL:
https://iren.prezzogiusto.com/p/iren_piu_regali_novembre_dem_cb?&transaction_id=102e5781b5214a16d590de60a4e1df
Submission: On November 05 via manual (November 5th 2021, 4:34:53 pm UTC) from FR — Scanned from FR

Summary HTTP 54 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 26 IPs in 5 countries across 21 domains to perform 54 HTTP transactions. The main IP is 143.204.98.92, located in United States and belongs to AMAZON-02, US. The main domain is iren.prezzogiusto.com.
TLS certificate: Issued by Amazon on April 24th 2021. Valid for: a year.

This is the only time iren.prezzogiusto.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	52.27.185.165 52.27.185.165	16509 (AMAZON-02) (AMAZON-02)
1 1	54.69.185.132 54.69.185.132	16509 (AMAZON-02) (AMAZON-02)
1 1	35.246.127.93 35.246.127.93	15169 (GOOGLE) (GOOGLE)
1 1	52.210.2.133 52.210.2.133	16509 (AMAZON-02) (AMAZON-02)
2	143.204.98.92 143.204.98.92	16509 (AMAZON-02) (AMAZON-02)
6	2600:9000:215... 2600:9000:2156:b600:b:a4bf:e000:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:82b::2008	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:802::200e	15169 (GOOGLE) (GOOGLE)
1	142.250.185.162 142.250.185.162	15169 (GOOGLE) (GOOGLE)
1	143.204.98.82 143.204.98.82	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:811::2014	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f02... 2a03:2880:f02d:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2620:1ec:27::... 2620:1ec:27::cafe:2080	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a00:1450:400... 2a00:1450:4001:82f::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c08::9c	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
4	2606:4700:20:... 2606:4700:20::ac43:4889	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a00:1450:400... 2a00:1450:4001:802::2004	15169 (GOOGLE) (GOOGLE)
2	2a02:26f0:710... 2a02:26f0:7100::687e:24d1	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	143.204.98.104 143.204.98.104	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:803::2003	15169 (GOOGLE) (GOOGLE)
3	40.76.174.66 40.76.174.66	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 2	52.142.114.2 52.142.114.2	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	143.204.98.102 143.204.98.102	16509 (AMAZON-02) (AMAZON-02)
1	2a02:26f0:710... 2a02:26f0:7100:1ba::f09	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
1	54.78.108.238 54.78.108.238	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f12... 2a03:2880:f12d:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
54	26

1 52.27.185.165 (Boardman, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-27-185-165.us-west-2.compute.amazonaws.com

api.loradelleofferte.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.69.185.132 (Boardman, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-69-185-132.us-west-2.compute.amazonaws.com

tk.keyxel.tuktukdigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.246.127.93 (London, United Kingdom) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 93.127.246.35.bc.googleusercontent.com

tracking.goodiewebgroup.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.210.2.133 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-210-2-133.eu-west-1.compute.amazonaws.com

goodieweb.go2cloud.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 143.204.98.92 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-92.fra50.r.cloudfront.net

iren.prezzogiusto.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2600:9000:2156:b600:b:a4bf:e000:93a1 (United States)

ASN16509 (AMAZON-02, US)

smart-contact-cdn.livelanding.it	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:802::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.82 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-82.fra50.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::2014 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

thirdplace-pixel.appspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f02d:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:27::cafe:2080 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c08::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:20::ac43:4889 (United States)

ASN13335 (CLOUDFLARENET, US)

ancient-athens-hiib8yznxwbz.vapor-farm-b1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:802::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:7100::687e:24d1 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

consent.cookiebot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.104 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-104.fra50.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 40.76.174.66 (Washington, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

d.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.142.114.2 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.102 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-102.fra50.r.cloudfront.net

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:7100:1ba::f09 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

consentcdn.cookiebot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.78.108.238 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-78-108-238.eu-west-1.compute.amazonaws.com

in.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f12d:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
6	gstatic.com www.gstatic.com fonts.gstatic.com	332 KB
6	google.com analytics.google.com www.google.com	23 KB
6	clarity.ms 1 redirects www.clarity.ms d.clarity.ms c.clarity.ms	24 KB
6	livelanding.it smart-contact-cdn.livelanding.it	429 KB
4	vapor-farm-b1.com ancient-athens-hiib8yznxwbz.vapor-farm-b1.com	3 KB
4	hotjar.com static.hotjar.com script.hotjar.com vars.hotjar.com in.hotjar.com	63 KB
3	cookiebot.com consent.cookiebot.com consentcdn.cookiebot.com	30 KB
3	google.fr www.google.fr	762 B
3	doubleclick.net stats.g.doubleclick.net googleads.g.doubleclick.net	2 KB
3	google-analytics.com www.google-analytics.com	20 KB
2	facebook.com www.facebook.com	573 B
2	facebook.net connect.facebook.net	114 KB
2	appspot.com thirdplace-pixel.appspot.com	7 KB
2	googletagmanager.com www.googletagmanager.com	111 KB
2	prezzogiusto.com iren.prezzogiusto.com	14 KB
1	bing.com 1 redirects c.bing.com	552 B
1	googleadservices.com www.googleadservices.com	15 KB
1	go2cloud.org 1 redirects goodieweb.go2cloud.org	2 KB
1	goodiewebgroup.com 1 redirects tracking.goodiewebgroup.com	316 B
1	tuktukdigital.com 1 redirects tk.keyxel.tuktukdigital.com	587 B
1	loradelleofferte.com 1 redirects api.loradelleofferte.com	540 B
54	21

	Domain	Requested by
6	smart-contact-cdn.livelanding.it	iren.prezzogiusto.com smart-contact-cdn.livelanding.it
5	www.google.com	smart-contact-cdn.livelanding.it iren.prezzogiusto.com www.gstatic.com www.google.com
4	www.gstatic.com	www.google.com www.gstatic.com
4	ancient-athens-hiib8yznxwbz.vapor-farm-b1.com	smart-contact-cdn.livelanding.it
3	d.clarity.ms	www.clarity.ms d.clarity.ms
3	www.google.fr	iren.prezzogiusto.com
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com iren.prezzogiusto.com
2	fonts.gstatic.com	www.google.com
2	www.facebook.com	iren.prezzogiusto.com
2	c.clarity.ms	1 redirects iren.prezzogiusto.com
2	consent.cookiebot.com	www.googletagmanager.com consent.cookiebot.com
2	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
2	connect.facebook.net	iren.prezzogiusto.com connect.facebook.net
2	thirdplace-pixel.appspot.com	www.googletagmanager.com iren.prezzogiusto.com
2	www.googletagmanager.com	iren.prezzogiusto.com www.googletagmanager.com
2	iren.prezzogiusto.com	smart-contact-cdn.livelanding.it
1	in.hotjar.com	script.hotjar.com
1	googleads.g.doubleclick.net	www.googleadservices.com
1	consentcdn.cookiebot.com	consent.cookiebot.com
1	vars.hotjar.com	static.hotjar.com
1	c.bing.com	1 redirects
1	script.hotjar.com	static.hotjar.com
1	analytics.google.com	www.googletagmanager.com
1	www.clarity.ms	iren.prezzogiusto.com
1	static.hotjar.com	www.googletagmanager.com
1	www.googleadservices.com	www.googletagmanager.com
1	goodieweb.go2cloud.org	1 redirects
1	tracking.goodiewebgroup.com	1 redirects
1	tk.keyxel.tuktukdigital.com	1 redirects
1	api.loradelleofferte.com	1 redirects
54	30

This site contains links to these domains. Also see Links.

Domain
www.prezzogiusto.com

Subject Issuer	Validity	Valid
prezzogiusto.com Amazon	`2021-04-24` - `2022-05-23`	a year	crt.sh
smart-contact-cdn.livelanding.it Amazon	`2021-08-13` - `2022-09-11`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
*.hotjar.com Amazon	`2020-12-25` - `2022-01-23`	a year	crt.sh
*.appspot.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-08-15` - `2021-11-13`	3 months	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2021-06-01` - `2022-06-01`	a year	crt.sh
*.google.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
*.google.fr GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-11` - `2022-06-10`	a year	crt.sh
www.google.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
consent.cookiebot.com DigiCert ECC Extended Validation Server CA	`2020-06-11` - `2022-06-11`	2 years	crt.sh
*.gstatic.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
a.clarity.ms Microsoft RSA TLS CA 01	`2021-07-27` - `2022-07-27`	a year	crt.sh
*.cookiebot.com DigiCert SHA2 Secure Server CA	`2021-07-05` - `2022-07-13`	a year	crt.sh

This page contains 4 frames:

Primary Page: https://iren.prezzogiusto.com/p/iren_piu_regali_novembre_dem_cb?&transaction_id=102e5781b5214a16d590de60a4e1df
Frame ID: BA7BE775F5BF66673E07279EFC989B33
Requests: 45 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-d09a446edefba0dcce5d5143e1840e9a.html
Frame ID: 9A22774520F0528638700A41440DE23C
Requests: 1 HTTP requests in this frame

Frame: https://consentcdn.cookiebot.com/sdk/bc-v3.min.html
Frame ID: BC2DDDA49334287A3C11852CC82F766F
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Le30LoZAAAAAOaHzuTMKScIoZTg5Jg8qa-vVyuN&co=aHR0cHM6Ly9pcmVuLnByZXp6b2dpdXN0by5jb206NDQz&hl=fr&v=UrRmT3mBwY326qQxUfVlHu1P&size=invisible&cb=46bpx4f2q721
Frame ID: F11E899C8F924EBC4760D57E5A0C384F
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Iren Più Regali

Page URL History Show full URLs

http://api.loradelleofferte.com/3_1/click/?data=c2VuZG91dElkfHx8fDUyLy8vL25ld3NsZXR0ZXJJZHx8fHw5Ly8vL3JlY2lw... HTTP 302
https://tk.keyxel.tuktukdigital.com/?programId=129997&activityId=3303&affiliateId=100003&creativityId=13489&p0=&... HTTP 302
https://tracking.goodiewebgroup.com/aff_c?offer_id=496&aff_id=1033&url_id=725&file_id=1439&aff_sub=xxx HTTP 302
https://goodieweb.go2cloud.org/aff_c?offer_id=496&aff_id=1033&url_id=725&file_id=1439&aff_sub=xxx HTTP 302
https://iren.prezzogiusto.com/p/iren_piu_regali_novembre_dem_cb?&transaction_id=102e5781b5214a16d590de60a4... Page URL

Page Statistics

54
Requests

98 %
HTTPS

60 %
IPv6

21
Domains

30
Subdomains

26
IPs

5
Countries

1187 kB
Transfer

2788 kB
Size

27
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://www.prezzogiusto.com/termini-e-condizioni
Title: Termini e Condizioni del Sito

Search URL Search Domain Scan URL

URL: https://www.prezzogiusto.com/privacy/
Title: Informativa sul trattamento dei dati personali

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://api.loradelleofferte.com/3_1/click/?data=c2VuZG91dElkfHx8fDUyLy8vL25ld3NsZXR0ZXJJZHx8fHw5Ly8vL3JlY2lwaWVudElkfHx8fDI5NDY3MDg3NC8vLy91fHx8fDY5NmM0MTkxNTk2NWNlNDJmYjliYzgyZjcwNzI3MzQxLy8vL2NsaWNrSWR8fHx8MS8vLy9ydXJsfHx8fGh0dHBzOi8vdGsua2V5eGVsLnR1a3R1a2RpZ2l0YWwuY29tLz9wcm9ncmFtSWQ9MTI5OTk3JmFjdGl2aXR5SWQ9MzMwMyZhZmZpbGlhdGVJZD0xMDAwMDMmY3JlYXRpdml0eUlkPTEzNDg5JnAwPSZwMT0mcDI9JnAzPSZwND0mcDY9MTAyODYmdHJUeXBlPUkmdXJsPWh0dHBzJTNhJTJmJTJmdHJhY2tpbmcuZ29vZGlld2ViZ3JvdXAuY29tJTJmYWZmX2MlM2ZvZmZlcl9pZCUzZDQ5NiUyNmFmZl9pZCUzZDEwMzMlMjZ1cmxfaWQlM2Q3MjUlMjZmaWxlX2lkJTNkMTQzOSUyNmFmZl9zdWIlM2R4eHg= HTTP 302
https://tk.keyxel.tuktukdigital.com/?programId=129997&activityId=3303&affiliateId=100003&creativityId=13489&p0=&p1=&p2=&p3=&p4=&p6=10286&trType=I&url=https%3a%2f%2ftracking.goodiewebgroup.com%2faff_c%3foffer_id%3d496%26aff_id%3d1033%26url_id%3d725%26file_id%3d1439%26aff_sub%3dxxx HTTP 302
https://tracking.goodiewebgroup.com/aff_c?offer_id=496&aff_id=1033&url_id=725&file_id=1439&aff_sub=xxx HTTP 302
https://goodieweb.go2cloud.org/aff_c?offer_id=496&aff_id=1033&url_id=725&file_id=1439&aff_sub=xxx HTTP 302
https://iren.prezzogiusto.com/p/iren_piu_regali_novembre_dem_cb?&transaction_id=102e5781b5214a16d590de60a4e1df Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 30

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?CtsSyncId=9BE3B138BB5D442B8AACF2E57B41ED1E&RedC=c.clarity.ms&MXFR=33226B6A4FC96E952E617B8C4BC96038 HTTP 302
https://c.clarity.ms/c.gif?CtsSyncId=9BE3B138BB5D442B8AACF2E57B41ED1E&MUID=0D80464978206148122856AF7907600B

54 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request iren_piu_regali_novembre_dem_cb Show response
iren.prezzogiusto.com/p/
Redirect Chain

http://api.loradelleofferte.com/3_1/click/?data=c2VuZG91dElkfHx8fDUyLy8vL25ld3NsZXR0ZXJJZHx8fHw5Ly8vL3JlY2lwaWVudElkfHx8fDI5NDY3MDg3NC8vLy91fHx8fDY5NmM0MTkxNTk2NWNlNDJmYjliYzgyZjcwNzI3MzQxLy8vL2Nsa...
https://tk.keyxel.tuktukdigital.com/?programId=129997&activityId=3303&affiliateId=100003&creativityId=13489&p0=&p1=&p2=&p3=&p4=&p6=10286&trType=I&url=https%3a%2f%2ftracking.goodiewebgroup.com%2faff...
https://tracking.goodiewebgroup.com/aff_c?offer_id=496&aff_id=1033&url_id=725&file_id=1439&aff_sub=xxx
https://goodieweb.go2cloud.org/aff_c?offer_id=496&aff_id=1033&url_id=725&file_id=1439&aff_sub=xxx
https://iren.prezzogiusto.com/p/iren_piu_regali_novembre_dem_cb?&transaction_id=102e5781b5214a16d590de60a4e1df

12 KB
13 KB

123ms
42ms

Document
text/html

143.204.98.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://iren.prezzogiusto.com/p/iren_piu_regali_novembre_dem_cb?&transaction_id=102e5781b5214a16d590de60a4e1df
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-92.fra50.r.cloudfront.net
Software: Apache /
Resource Hash: 1f88dccecf39fd07c7b9763497c16fc7df414aa5a5b11af3b1e5b757a75d670d

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: fr-FR,fr;q=0.9

Response headers

content-type: text/html; charset=UTF-8
cache-control: no-cache
date: Fri, 05 Nov 2021 15:41:48 GMT
server: Apache
x-cache: Hit from cloudfront
via: 1.1 b44e2902bb3501d47514e51618f1bda5.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: eCshOIlFdVRxJ1lCKB4rQ4HReAcOkVTGUJbsVDRNiX6zWYExhgUJRw==
age: 3180

Redirect headers

Server: nginx
Date: Fri, 05 Nov 2021 16:34:48 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 298
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
Expires: Sat, 26 Jul 1997 05:00:00 GMT
Location: https://iren.prezzogiusto.com/p/iren_piu_regali_novembre_dem_cb?&transaction_id=102e5781b5214a16d590de60a4e1df
P3p: CP="NOI CUR OUR NOR INT"
Pragma: no-cache
Tracking_id: 102e5781b5214a16d590de60a4e1df
X-Robots-Tag: noindex, nofollow
Access-Control-Allow-Origin: *
X-Request-Id: 7bec548631f9bb1bda15b1d2b3d311c9
Access-Control-Allow-Headers: Tune-SDK-Version

GET
H2 200 chunk-vendors-59d61960529c896f5585.js Show response
smart-contact-cdn.livelanding.it/2110_offerta_iren_piu-regali/ 272 KB
82 KB 175ms
48ms Script
application/javascript 2600:9000:2156:b600:b:a4bf:e000:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://smart-contact-cdn.livelanding.it/2110_offerta_iren_piu-regali/chunk-vendors-59d61960529c896f5585.js
Requested by: Host: iren.prezzogiusto.com
URL: https://iren.prezzogiusto.com/p/iren_piu_regali_novembre_dem_cb?&transaction_id=102e5781b5214a16d590de60a4e1df
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:b600:b:a4bf:e000:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f85f95656a799c5702b32bb1e1f5536435a0fcce47c01b3b04c414e770740186

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://iren.prezzogiusto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 00:35:40 GMT
content-encoding: gzip
last-modified: Wed, 27 Oct 2021 09:15:11 GMT
server: AmazonS3
age: 57549
etag: W/"fd54aef606f4295be2d3c066a53657bd"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 055d899361491602a9ef1eb0cdc5e337.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: cL3NPkLer5A8mwFyGpxax0DYrF1YgDDy7pz8puWl_ylz2fi02NIqog==

GET
H2 200 app-90809e9b63fde03e5e59.js Show response
smart-contact-cdn.livelanding.it/2110_offerta_iren_piu-regali/ 17 KB
9 KB 160ms
35ms Script
application/javascript 2600:9000:2156:b600:b:a4bf:e000:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://smart-contact-cdn.livelanding.it/2110_offerta_iren_piu-regali/app-90809e9b63fde03e5e59.js
Requested by: Host: iren.prezzogiusto.com
URL: https://iren.prezzogiusto.com/p/iren_piu_regali_novembre_dem_cb?&transaction_id=102e5781b5214a16d590de60a4e1df
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:b600:b:a4bf:e000:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 80a2f83d05cac38c0ba0693efa68417528521e3dc5cab20f6b9b9abc8527ae11

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://iren.prezzogiusto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 00:35:40 GMT
content-encoding: gzip
last-modified: Wed, 27 Oct 2021 09:15:10 GMT
server: AmazonS3
age: 57549
etag: W/"7ebd4c12b720fcae3003f8c091febeb5"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 055d899361491602a9ef1eb0cdc5e337.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: WUJg3iXBmmuIkkL8S0ycV7khZzXcnB1HMgDJDwnWG3MgVqY1_Oqp0A==

GET
H2 200 app-f6ccf81ff29beba0cd27.css
smart-contact-cdn.livelanding.it/2110_offerta_iren_piu-regali/ 134 KB
18 KB 253ms
128ms Stylesheet
text/css 2600:9000:2156:b600:b:a4bf:e000:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://smart-contact-cdn.livelanding.it/2110_offerta_iren_piu-regali/app-f6ccf81ff29beba0cd27.css
Requested by: Host: iren.prezzogiusto.com
URL: https://iren.prezzogiusto.com/p/iren_piu_regali_novembre_dem_cb?&transaction_id=102e5781b5214a16d590de60a4e1df
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:b600:b:a4bf:e000:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f9380d60b2a4d8497ea494a6d5fe926914618c21398da3345e2e0a2e0e504177

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://iren.prezzogiusto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 16:34:49 GMT
content-encoding: br
last-modified: Wed, 27 Oct 2021 09:15:10 GMT
server: AmazonS3
x-amz-cf-pop: FRA50-C1
etag: W/"108509411e5cafcabba6a4836b6b7e2b"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/css
via: 1.1 055d899361491602a9ef1eb0cdc5e337.cloudfront.net (CloudFront)
x-amz-cf-id: XRCoAAGNIIitQ03vExGXpTxl0gRvWG54l1rx1j1WHsEb4SSxkJ-qTw==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 176 KB
62 KB 114ms
46ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-K2N6XCR

Requested by

Host: iren.prezzogiusto.com
URL: https://iren.prezzogiusto.com/p/iren_piu_regali_novembre_dem_cb?&transaction_id=102e5781b5214a16d590de60a4e1df

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

67fd2315ad1732ebf7bf13652a2d0e2588fbe2da70d07c219998eceee0493218

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://iren.prezzogiusto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 16:34:48 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 62791
x-xss-protection: 0
last-modified: Fri, 05 Nov 2021 15:52:15 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 05 Nov 2021 16:34:48 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 127 KB
49 KB 40ms
40ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-VE02F5XDVN&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K2N6XCR

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

846a74d2b2a7abcb706ebc7498904aa1e59c5b679f317d2d41d86d9e2702c65b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://iren.prezzogiusto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 16:34:48 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 50344
x-xss-protection: 0
expires: Fri, 05 Nov 2021 16:34:48 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
20 KB 98ms
29ms Script
text/javascript 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K2N6XCR

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://iren.prezzogiusto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 26 Oct 2021 23:24:02 GMT
server: Golfe2
age: 2022
date: Fri, 05 Nov 2021 16:01:06 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19747
expires: Fri, 05 Nov 2021 18:01:06 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 37 KB
15 KB 358ms
44ms Script
text/javascript 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K2N6XCR

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

55aa0299a6b880ddee3b6e438a6e155730fca9eaf992e5e4ac105ca1de5f3312

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://iren.prezzogiusto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 16:34:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14369
x-xss-protection: 0
server: cafe
etag: 15288909967828865177
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 05 Nov 2021 16:34:48 GMT

GET
H2 200 hotjar-1403114.js Show response
static.hotjar.com/c/ 4 KB
2 KB 101ms
35ms Script
application/javascript 143.204.98.82
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-1403114.js?sv=7

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K2N6XCR

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.82 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-82.fra50.r.cloudfront.net

Software

Resource Hash

a8fd01f3c27c746affc8d671ccd760b63dc6bb52efea16dff2e2ad12b5e9a0b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://iren.prezzogiusto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 16:33:53 GMT
content-encoding: br
x-content-type-options: nosniff
cache-control: max-age=60
age: 55
etag: W/1c7185dbc398758dade53b8a71eb2e29
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
x-amz-cf-pop: FRA50-C1
content-length: 1924
via: 1.1 5d8c59c4e33ff30f6610982ac8ad0232.cloudfront.net (CloudFront)
x-amz-cf-id: n5vpZo8BmeeC0eb1J_U245sLoaxn8QRQHOf4A3pJl3Z_VjtWbjbo1w==

GET
H2 200 js Show response
thirdplace-pixel.appspot.com/ 16 KB
6 KB 134ms
51ms Script
text/plain 2a00:1450:4001:811::2014
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://thirdplace-pixel.appspot.com/js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K2N6XCR
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:811::2014 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 7836fdb80c5f18ef606c22b8ca935370944a4ce41a49e148dd33ff8e04fa0ab3

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://iren.prezzogiusto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 16:34:48 GMT
content-encoding: gzip
server: Google Frontend
vary: Accept-Encoding
content-type: text/plain
x-cloud-trace-context: ebdc24dcd453a7c62412d3665bf7f125
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6228

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 98 KB
26 KB 87ms
28ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: iren.prezzogiusto.com
URL: https://iren.prezzogiusto.com/p/iren_piu_regali_novembre_dem_cb?&transaction_id=102e5781b5214a16d590de60a4e1df

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://iren.prezzogiusto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 25965
x-xss-protection: 0
pragma: public
x-fb-debug: fRd6xRtwuyyrgqop23qtdkEMXMWTF0Oeqeeqe/Ht+yKCVOtmT4Me74KujgYYUi9BaXYNLOE2KpcJ8eH8KKpQzw==
x-fb-trip-id: 2050670934
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Fri, 05 Nov 2021 16:34:48 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 8kgqzquqpu Show response
www.clarity.ms/tag/ 955 B
1 KB 217ms
107ms Script
application/x-javascript 2620:1ec:27::cafe:2080
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/8kgqzquqpu?ref=gtm2
Requested by: Host: iren.prezzogiusto.com
URL: https://iren.prezzogiusto.com/p/iren_piu_regali_novembre_dem_cb?&transaction_id=102e5781b5214a16d590de60a4e1df
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:27::cafe:2080 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: d334e38dcbee7967a7a3e18877852e2cf9fa1455bc858e04acfa8dc7d34091d9

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://iren.prezzogiusto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 16:34:48 GMT
x-powered-by: ASP.NET
x-azure-ref: 0KF2FYQAAAAAAqN8ERfedQaOF+RmbrjoJTFRTRURHRTEyMTQANmNmYmVlZTAtNTAyNy00ODRiLTg5NjctNGEyOWFmNzdmMWUx
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
expires: -1
cache-control: no-cache, no-store
request-context: appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111

POST
H2 204 collect
analytics.google.com/g/ 0
351 B 104ms
35ms Ping
text/plain 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-VE02F5XDVN&gtm=2oeb31&_p=1826842293&sr=1600x1200&_gaz=1&ul=en-us&cid=374073744.1636130089&_s=1&dl=https%3A%2F%2Firen.prezzogiusto.com%2Fp%2Firen_piu_regali_novembre_dem_cb%3F%26transaction_id%3D102e5781b5214a16d590de60a4e1df&dt=Iren%20Pi%C3%B9%20Regali&sid=1636130088&sct=1&seg=0&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-VE02F5XDVN&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://iren.prezzogiusto.com/
Accept-Language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 05 Nov 2021 16:34:48 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://iren.prezzogiusto.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
351 B 72ms
23ms Ping
text/plain 2a00:1450:400c:c08::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-VE02F5XDVN&cid=374073744.1636130089&gtm=2oeb31&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-VE02F5XDVN&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c08::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://iren.prezzogiusto.com/
Accept-Language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 05 Nov 2021 16:34:48 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://iren.prezzogiusto.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.fr/ads/ 42 B
501 B 118ms
51ms Image
image/gif 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.fr/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-VE02F5XDVN&cid=374073744.1636130089&gtm=2oeb31&aip=1&z=901050014

Requested by

Host: iren.prezzogiusto.com
URL: https://iren.prezzogiusto.com/p/iren_piu_regali_novembre_dem_cb?&transaction_id=102e5781b5214a16d590de60a4e1df

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://iren.prezzogiusto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Nov 2021 16:34:48 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 204 products
ancient-athens-hiib8yznxwbz.vapor-farm-b1.com/api/ Frame 0
0 354ms
243ms Preflight
text/html 2606:4700:20::ac43:4889
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ancient-athens-hiib8yznxwbz.vapor-farm-b1.com/api/products
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4889 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type,filter,sort
Origin: https://iren.prezzogiusto.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Fri, 05 Nov 2021 16:34:48 GMT
content-type: text/html; charset=UTF-8
x-amzn-requestid: 86a81e7e-6a8d-4818-bca1-e52d6650bf83
access-control-allow-origin: *
access-control-allow-headers: content-type,filter,sort
x-robots-tag: noindex, nofollow
x-amz-apigw-id: IVt-aEo1liAFtIQ=
vary: Access-Control-Request-Method, Access-Control-Request-Headers
cache-control: no-cache, private
access-control-allow-methods: GET
x-amzn-trace-id: Root=1-61855d28-23e9f99f27bae64633a96243;Sampled=0
x-amzn-remapped-date: Fri, 05 Nov 2021 16:34:48 GMT
access-control-max-age: 0
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=inZdCjj1CW7vsVUTcd64imTPBs8m5qFyhs5xGtDthAlkx3pG%2BKnpEb7JSY%2FE8RPkqhxgRl5wAKE7%2FBFlCU2iIPaPsuVyI8CKx2OKhXFT3SszW9m2qdnrHnBWjTRCykUneX%2BUgUF03GR3lVyPVflw4aOXx8e82CTVwGLGFKUPR%2F7kcJWtsXJIr52RUg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6a977dde8dd85a01-MXP

OPTIONS
H2 204 products
ancient-athens-hiib8yznxwbz.vapor-farm-b1.com/api/ Frame 0
0 471ms
360ms Preflight
text/html 2606:4700:20::ac43:4889
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ancient-athens-hiib8yznxwbz.vapor-farm-b1.com/api/products
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4889 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type,filter,sort
Origin: https://iren.prezzogiusto.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Fri, 05 Nov 2021 16:34:49 GMT
content-type: text/html; charset=UTF-8
x-amzn-requestid: ded9aa17-e80a-4e10-8e7b-00434f63342a
access-control-allow-origin: *
access-control-allow-headers: content-type,filter,sort
x-robots-tag: noindex, nofollow
x-amz-apigw-id: IVt-bF3cFiAFS0Q=
vary: Access-Control-Request-Method, Access-Control-Request-Headers
cache-control: no-cache, private
access-control-allow-methods: GET
x-amzn-trace-id: Root=1-61855d28-2ede4db56f6fffcc54c3d429;Sampled=0
x-amzn-remapped-date: Fri, 05 Nov 2021 16:34:49 GMT
access-control-max-age: 0
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vKZ2MuFVdiERNe3UIYrRqjP4QuvZf%2BUAimw8LlROGaKSwi%2FiJ2VMHzqPtf52%2Br5cjvKrayJRUgdqIFul6l45n8a5tza33CjcfEG0i%2FQ2tPNHe1Zkoul%2F73ADX0INoAQokDKBrMJRi92mrHMIwJqaZdbZpMgx5WhpAr%2F4bFIsGNuJrn7s0PpJGY9vqQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6a977dde8dde5a01-MXP

GET
H2 200 enterprise.js Show response
www.google.com/recaptcha/ 942 B
1001 B 105ms
38ms Script
text/javascript 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise.js?render=explicit

Requested by

Host: smart-contact-cdn.livelanding.it
URL: https://smart-contact-cdn.livelanding.it/2110_offerta_iren_piu-regali/chunk-vendors-59d61960529c896f5585.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

07585ddcb6859f81618a8fc0e6a2db7403f80022afec873f4663e4f1849995db

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://iren.prezzogiusto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 16:34:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 588
x-xss-protection: 1; mode=block
expires: Fri, 05 Nov 2021 16:34:48 GMT

GET
H2 404 / Show response
iren.prezzogiusto.com/ 3 KB
1 KB 118ms
118ms Fetch
text/html 143.204.98.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://iren.prezzogiusto.com/
Requested by: Host: smart-contact-cdn.livelanding.it
URL: https://smart-contact-cdn.livelanding.it/2110_offerta_iren_piu-regali/chunk-vendors-59d61960529c896f5585.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-92.fra50.r.cloudfront.net
Software: Apache /
Resource Hash: 4e74dabd4fe9234a18586eaee17d355f0e0a341754d1700ea266014b5b9ad9f5

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://iren.prezzogiusto.com/p/iren_piu_regali_novembre_dem_cb?&transaction_id=102e5781b5214a16d590de60a4e1df
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 16:34:48 GMT
via: 1.1 b44e2902bb3501d47514e51618f1bda5.cloudfront.net (CloudFront)
server: Apache
x-amz-cf-pop: FRA50-C1
vary: Accept-Encoding
x-cache: Error from cloudfront
content-type: text/html; charset=UTF-8
cache-control: no-cache, private
content-encoding: gzip
x-amz-cf-id: -Nh23Q2v_hj_51yG4CXlKPUNOKNzGamKZrmwXZztmJkwPfQoqlWwBQ==

GET
H2 200 products Show response
ancient-athens-hiib8yznxwbz.vapor-farm-b1.com/api/ 3 KB
2 KB 171ms
171ms Fetch
application/json 2606:4700:20::ac43:4889
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ancient-athens-hiib8yznxwbz.vapor-farm-b1.com/api/products
Requested by: Host: smart-contact-cdn.livelanding.it
URL: https://smart-contact-cdn.livelanding.it/2110_offerta_iren_piu-regali/chunk-vendors-59d61960529c896f5585.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4889 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 617859932c9a2e78bbaaa9b13af2c14567c0781e7f057627aa354e1fcb24dc82

Request headers

Accept: application/json
Referer: https://iren.prezzogiusto.com/
Accept-Language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
sort: []
filter: [{"column":"id","operator":"=","value":74}]
Content-Type: application/json

Response headers

date: Fri, 05 Nov 2021 16:34:49 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amzn-requestid: 4c6367ed-a837-4f66-a992-6270320fdbb3
x-amz-apigw-id: IVt-bEcMliAFqew=
x-robots-tag: noindex, nofollow
server: cloudflare
x-amzn-trace-id: Root=1-61855d28-737b75006677871128c4686e;Sampled=0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-ratelimit-remaining: 59
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=puBU5Q02M5krmXryDTU6kdIIzl0qLTSoXiurdDCDGuuGvrnF%2Frd6xvoTT1hroER6uqYYliS8QoNfVU2mAu93oLphYiNJKMxFecWewL3Apk0dLmY%2F7osQ0C76Fc1bCTs7oSSFM%2BbYWXdtxP4h406CZEOw5zN2oSWO1dN8Avgs%2BfQdY4M4JSxuAJjlhQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, no-store, private
x-ratelimit-limit: 60
cf-ray: 6a977de019925a01-MXP
x-amzn-remapped-date: Fri, 05 Nov 2021 16:34:49 GMT

GET
H2 200 products Show response
ancient-athens-hiib8yznxwbz.vapor-farm-b1.com/api/ 3 KB
2 KB 209ms
206ms Fetch
application/json 2606:4700:20::ac43:4889
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ancient-athens-hiib8yznxwbz.vapor-farm-b1.com/api/products
Requested by: Host: smart-contact-cdn.livelanding.it
URL: https://smart-contact-cdn.livelanding.it/2110_offerta_iren_piu-regali/chunk-vendors-59d61960529c896f5585.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4889 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 727e58c59b66fc049d12de6286d3ff4084af33e170d20316a2ff45413453a04f

Request headers

Accept: application/json
Referer: https://iren.prezzogiusto.com/
Accept-Language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
sort: []
filter: [{"column":"id","operator":"=","value":75}]
Content-Type: application/json

Response headers

date: Fri, 05 Nov 2021 16:34:49 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amzn-requestid: c49dce78-f545-4a4d-ad3a-66c11ef45235
x-amz-apigw-id: IVt-dEliFiAFr7A=
x-robots-tag: noindex, nofollow
server: cloudflare
x-amzn-trace-id: Root=1-61855d29-565190b44595408519cfbaab;Sampled=0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-ratelimit-remaining: 58
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Forc3tfzjQFfwQEeQKlugBRpJMESf%2F7Lxft0Fhwo%2FGcNRYQDchNlRD31TykurHw2wo2Y2ob1VGJQIkavN50Kb3irteTJVGSFQB%2FuOFDv%2BmvfMFbUc%2BAQ4kFl1yYN1pSpjPpKsvwCum9T3sCg66US2DjkYqqQdKexsl6UKO5EKvXIqZXYRVev%2BZ3owg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, no-store, private
x-ratelimit-limit: 60
cf-ray: 6a977de0db615a01-MXP
x-amzn-remapped-date: Fri, 05 Nov 2021 16:34:49 GMT

GET
H2 200 logo-prezzogiusto.svg
smart-contact-cdn.livelanding.it/images/ 25 KB
10 KB 31ms
31ms Image
image/svg+xml 2600:9000:2156:b600:b:a4bf:e000:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://smart-contact-cdn.livelanding.it/images/logo-prezzogiusto.svg
Requested by: Host: iren.prezzogiusto.com
URL: https://iren.prezzogiusto.com/p/iren_piu_regali_novembre_dem_cb?&transaction_id=102e5781b5214a16d590de60a4e1df
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:b600:b:a4bf:e000:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 140ffb1a69de3fbf3b742b2d6652756c8dc92254f7a3d38278f3394b4fe32f01

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://iren.prezzogiusto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 14:47:04 GMT
content-encoding: br
last-modified: Mon, 23 Aug 2021 08:32:21 GMT
server: AmazonS3
age: 6465
etag: W/"81947ddc62aa94b926a9b3cfb70d585c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 055d899361491602a9ef1eb0cdc5e337.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: IXFZ2PopWNc-fjAr5iN5dTuLb0tVVxJoV1LT4lbuRLsCIEGrPQSwYw==

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bda2e7678f208e254226e305a633ce6c4777a4d3f71103d23157c88a0ed5a321

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 55f44ad4fe5be679f35468b612fd1aa9e4347785cff5002137d87009667de3cc

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 uc.js Show response
consent.cookiebot.com/ 90 KB
28 KB 151ms
35ms Script
application/javascript 2a02:26f0:7100::687e:24d1
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://consent.cookiebot.com/uc.js?cbid=1a3a4d3e-d8e4-43fb-9cbb-0605ac4147fa
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K2N6XCR
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100::687e:24d1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: c0404de34dcf6c1a11bee30014d03a955005654582dd1b1799a924bad7b56428

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://iren.prezzogiusto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 16:34:48 GMT
content-encoding: gzip
last-modified: Wed, 03 Nov 2021 11:09:46 GMT
server: Microsoft-IIS/10.0
etag: "122bc14fa3d0d71:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-expose-headers: Request-Context
cache-control: public, max-age=954
request-context: appId=cid-v1:89f47f4b-bed0-4db8-956b-d6e6dfac3fef
accept-ranges: bytes
content-length: 27960
expires: Fri, 05 Nov 2021 16:50:42 GMT

GET
H2 200 149061192455198 Show response
connect.facebook.net/signals/config/ 305 KB
87 KB 380ms
379ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/149061192455198?v=2.9.48&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d6f4fd5021bdee43e267c89d23c88c0629755fa26356f9566b80ac01bee0e0fb

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://iren.prezzogiusto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: pBOURx9VpwVkXaND8KwOnh9R9nzI50wq3BjHaAnnYGOnqAxtqjjhnH6k6Dqk5l1ubtmG+yLehgNVN6xltcJwuw==
x-fb-trip-id: 2050670934
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Fri, 05 Nov 2021 16:34:49 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 modules.d4630e91cffbd6b56a37.js Show response
script.hotjar.com/ 222 KB
59 KB 99ms
36ms Script
application/javascript 143.204.98.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.d4630e91cffbd6b56a37.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1403114.js?sv=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.104 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-104.fra50.r.cloudfront.net

Software

Resource Hash

dd8bce41d0be6d4e5449bef910b493bcf872a4189a361451102996bfe0082f3a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://iren.prezzogiusto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 28 Oct 2021 10:41:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 712423
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 59861
access-control-allow-origin: *
last-modified: Thu, 28 Oct 2021 10:40:59 GMT
etag: "fe2e85deda154f5a6e0e0112bec8a18c"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 5d8c59c4e33ff30f6610982ac8ad0232.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: Ji72LadJ5rWYaHuTLLPIpiMcO0H4nUZ2R7PyliN4w1deRgiSdyAreA==

GET
H2 200 pixel.png
thirdplace-pixel.appspot.com/ 632 B
632 B 230ms
227ms Image
image/png 2a00:1450:4001:811::2014
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thirdplace-pixel.appspot.com/pixel.png?a0=prezzogiusto&first_party_guid=b334ff94-fde2-4e5e-ff9e-cf6da5c75a42.1636130089&b1=pageView&a1=iren.prezzogiusto.com&a5=&a6=https%3A%2F%2Firen.prezzogiusto.com%2Fp%2Firen_piu_regali_novembre_dem_cb%3F%26transaction_id%3D102e5781b5214a16d590de60a4e1df&a7=%2Fp%2Firen_piu_regali_novembre_dem_cb&a8=Iren%20Pi%C3%B9%20Regali&a11=1600x1200&a13=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F95.0.4638.54%20Safari%2F537.36&a14=en-US&a15=Linux%20x86_64&a16=null&a17=0&a18=Type%3A%204g%2C%20Downlink%3A%2010&a19=GA1.1.374073744.1636130089&a20=4&a22=8&a23=null&a24=&a25=Google%20Inc.&a27=&p4=%7B%7D&p5=%7B%7D
Requested by: Host: iren.prezzogiusto.com
URL: https://iren.prezzogiusto.com/p/iren_piu_regali_novembre_dem_cb?&transaction_id=102e5781b5214a16d590de60a4e1df
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:811::2014 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://iren.prezzogiusto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 16:34:48 GMT
server: Google Frontend
content-type: image/png
x-cloud-trace-context: 5463d0fc1f63238bc25886cabc0ddbff
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 632
expires: Fri, 05 Nov 2021 16:34:48 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
211 B 36ms
35ms XHR
text/plain 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j93&aip=1&a=1826842293&t=pageview&_s=1&dl=https%3A%2F%2Firen.prezzogiusto.com%2Fp%2Firen_piu_regali_novembre_dem_cb%3F%26transaction_id%3D102e5781b5214a16d590de60a4e1df&ul=en-us&de=UTF-8&dt=Iren%20Pi%C3%B9%20Regali&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAAC~&jid=2117408328&gjid=1104893585&cid=374073744.1636130089&tid=UA-86284970-1&_gid=1940855354.1636130089&_r=1&gtm=2wgb31K2N6XCR&cd1=https%3A%2F%2Firen.prezzogiusto.com%2Fp%2Firen_piu_regali_novembre_dem_cb%3F%26transaction_id%3D102e5781b5214a16d590de60a4e1df&cd2=&z=1205356742

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://iren.prezzogiusto.com/
Accept-Language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 05 Nov 2021 16:34:48 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://iren.prezzogiusto.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 recaptcha__fr.js Show response
www.gstatic.com/recaptcha/releases/UrRmT3mBwY326qQxUfVlHu1P/ 349 KB
137 KB 104ms
37ms Script
text/javascript 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/UrRmT3mBwY326qQxUfVlHu1P/recaptcha__fr.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise.js?render=explicit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e9d70eabcdc877f39a3795e93a0b59e90ff0a282df8a0567ccf4aa87b5a1d798

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://iren.prezzogiusto.com/
Origin: https://iren.prezzogiusto.com
Accept-Language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 22:45:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 323361
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 139169
x-xss-protection: 0
last-modified: Mon, 25 Oct 2021 04:03:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="recaptcha"
expires: Tue, 01 Nov 2022 22:45:27 GMT

GET
H2 200 clarity.js Show response
d.clarity.ms/s/0.6.27/ 51 KB
22 KB 441ms
215ms Script
application/javascript 40.76.174.66
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://d.clarity.ms/s/0.6.27/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/8kgqzquqpu?ref=gtm2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 40.76.174.66 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: adce8a2747c7a78bcb930f1391a58be7d8b5c38ea7992e2a9d8b7e45dfe999c7

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://iren.prezzogiusto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 16:34:49 GMT
content-encoding: br
etag: "1d7cf937625c1a0"
last-modified: Tue, 02 Nov 2021 02:43:48 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=86400
accept-ranges: bytes
request-context: appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?CtsSyncId=9BE3B138BB5D442B8AACF2E57B41ED1E&RedC=c.clarity.ms&MXFR=33226B6A4FC96E952E617B8C4BC96038
https://c.clarity.ms/c.gif?CtsSyncId=9BE3B138BB5D442B8AACF2E57B41ED1E&MUID=0D80464978206148122856AF7907600B

42 B
367 B

35ms
34ms

Image
image/gif

52.142.114.2
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?CtsSyncId=9BE3B138BB5D442B8AACF2E57B41ED1E&MUID=0D80464978206148122856AF7907600B
Requested by: Host: iren.prezzogiusto.com
URL: https://iren.prezzogiusto.com/p/iren_piu_regali_novembre_dem_cb?&transaction_id=102e5781b5214a16d590de60a4e1df
Protocol: H2
Server: 52.142.114.2 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://iren.prezzogiusto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Nov 2021 16:34:48 GMT
last-modified: Thu, 14 Oct 2021 22:27:41 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "af5a8b34ac1d71:0"
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-type: image/gif
content-length: 42

Redirect headers

pragma: no-cache
date: Fri, 05 Nov 2021 16:34:48 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: A702349979464B2D93264F64C0C89685 Ref B: LON04EDGE0710 Ref C: 2021-11-05T16:34:48Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?CtsSyncId=9BE3B138BB5D442B8AACF2E57B41ED1E&MUID=0D80464978206148122856AF7907600B
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H2 200 box-d09a446edefba0dcce5d5143e1840e9a.html Show response
vars.hotjar.com/ Frame 9A22 2 KB
1 KB 91ms
30ms Document
text/html 143.204.98.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vars.hotjar.com/box-d09a446edefba0dcce5d5143e1840e9a.html
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1403114.js?sv=7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-102.fra50.r.cloudfront.net
Software: /
Resource Hash: 69ae95b7f73e2899d0c398ed4fb9faba242bbec4d0a58b182e4dd0e7808f01ac

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: fr-FR,fr;q=0.9
Referer: https://iren.prezzogiusto.com/

Response headers

content-type: text/html
content-length: 1044
date: Wed, 20 Oct 2021 07:15:05 GMT
accept-ranges: bytes
cache-control: max-age=31536000
content-encoding: br
etag: "63e08f928469ab67d9dac30c065ed182"
last-modified: Wed, 20 Oct 2021 07:15:01 GMT
x-amz-server-side-encryption: AES256
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 b912dc97777020eb19579888add26978.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: k7qrZogletrxm_deW0K293DHJkgTGegpznGc5JIMhCOxDcll90LCmA==
age: 1415983

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
151 B 25ms
24ms XHR
text/plain 2a00:1450:400c:c08::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-86284970-1&cid=374073744.1636130089&jid=2117408328&gjid=1104893585&_gid=1940855354.1636130089&_u=YADAAEAAAAAAAC~&z=150211182

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c08::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

533036bd37d4d87bd4e3cad3010f2a29d00f24ffc34bb5b22598951c44d91452

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://iren.prezzogiusto.com/
Accept-Language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 05 Nov 2021 16:34:48 GMT
content-type: text/plain
access-control-allow-origin: https://iren.prezzogiusto.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
296 B 54ms
53ms Image
image/gif 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-86284970-1&cid=374073744.1636130089&jid=2117408328&_u=YADAAEAAAAAAAC~&z=422343072

Requested by

Host: iren.prezzogiusto.com
URL: https://iren.prezzogiusto.com/p/iren_piu_regali_novembre_dem_cb?&transaction_id=102e5781b5214a16d590de60a4e1df

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://iren.prezzogiusto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Nov 2021 16:34:48 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.fr/ads/ 42 B
107 B 54ms
53ms Image
image/gif 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.fr/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-86284970-1&cid=374073744.1636130089&jid=2117408328&_u=YADAAEAAAAAAAC~&z=422343072

Requested by

Host: iren.prezzogiusto.com
URL: https://iren.prezzogiusto.com/p/iren_piu_regali_novembre_dem_cb?&transaction_id=102e5781b5214a16d590de60a4e1df

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://iren.prezzogiusto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Nov 2021 16:34:48 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 bc-v3.min.html Show response
consentcdn.cookiebot.com/sdk/ Frame BC2D 2 KB
1 KB 101ms
41ms Document
text/html 2a02:26f0:7100:1ba::f09
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://consentcdn.cookiebot.com/sdk/bc-v3.min.html
Requested by: Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js?cbid=1a3a4d3e-d8e4-43fb-9cbb-0605ac4147fa
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100:1ba::f09 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 0297ba54fff0a052c5761457790e80dc093b93b152edee473485af46c022ad75

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: fr-FR,fr;q=0.9
Referer: https://iren.prezzogiusto.com/

Response headers

accept-ranges: bytes
content-type: text/html
etag: "b10de1f5f615a79259ac9e34f470ce1d:1615283706.572935"
last-modified: Tue, 09 Mar 2021 09:55:06 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=31421273
expires: Fri, 04 Nov 2022 08:42:41 GMT
date: Fri, 05 Nov 2021 16:34:48 GMT
content-length: 895
server-timing: cdn-cache; desc=HIT edge; dur=1

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/867828814/ 2 KB
2 KB 110ms
41ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/867828814/?random=1636130088896&cv=9&fst=1636130088896&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgb31&sendb=1&ig=1&frm=0&url=https%3A%2F%2Firen.prezzogiusto.com%2Fp%2Firen_piu_regali_novembre_dem_cb%3F%26transaction_id%3D102e5781b5214a16d590de60a4e1df&tiba=Iren%20Pi%C3%B9%20Regali&hn=www.googleadservices.com&us_privacy=1YNY&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1a61a4ea3348c2463a3a12bb9e5e9f3bc14fbca5237345db45468c5091773897

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://iren.prezzogiusto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Nov 2021 16:34:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1071
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 anchor Show response
www.google.com/recaptcha/enterprise/ Frame F11E 40 KB
21 KB 53ms
53ms Document
text/html 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Le30LoZAAAAAOaHzuTMKScIoZTg5Jg8qa-vVyuN&co=aHR0cHM6Ly9pcmVuLnByZXp6b2dpdXN0by5jb206NDQz&hl=fr&v=UrRmT3mBwY326qQxUfVlHu1P&size=invisible&cb=46bpx4f2q721

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/UrRmT3mBwY326qQxUfVlHu1P/recaptcha__fr.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

c22daa7881d3bfab28cb5a9c9d5083043954467babf4c28596cd4304e4bee034

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-PhU2mut1bOj8GMrczMV79g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: fr-FR,fr;q=0.9
Referer: https://iren.prezzogiusto.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 05 Nov 2021 16:34:48 GMT
content-security-policy: script-src 'report-sample' 'nonce-PhU2mut1bOj8GMrczMV79g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 21184
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 200 visit-data Show response
in.hotjar.com/api/v2/client/sites/1403114/ 146 B
323 B 129ms
44ms XHR
application/json 54.78.108.238
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://in.hotjar.com/api/v2/client/sites/1403114/visit-data?sv=7
Requested by: Host: script.hotjar.com
URL: https://script.hotjar.com/modules.d4630e91cffbd6b56a37.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.78.108.238 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-78-108-238.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 1f93261e6db2c54e59dd3384dbb44d59a47c0118c3526bec3a3e5f52925e5243

Request headers

Referer: https://iren.prezzogiusto.com/
Accept-Language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

date: Fri, 05 Nov 2021 16:34:49 GMT
content-encoding: br
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store
access-control-allow-credentials: true

GET
H2 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/UrRmT3mBwY326qQxUfVlHu1P/ Frame F11E 52 KB
26 KB 95ms
29ms Stylesheet
text/css 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/UrRmT3mBwY326qQxUfVlHu1P/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Le30LoZAAAAAOaHzuTMKScIoZTg5Jg8qa-vVyuN&co=aHR0cHM6Ly9pcmVuLnByZXp6b2dpdXN0by5jb206NDQz&hl=fr&v=UrRmT3mBwY326qQxUfVlHu1P&size=invisible&cb=46bpx4f2q721

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

295426f89c923624640e8f1bb52e3438a7b43fb7efa84c1dc6bbbd41971c0f10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 16:19:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 949
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25743
x-xss-protection: 0
last-modified: Mon, 25 Oct 2021 04:03:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="recaptcha"
expires: Sat, 05 Nov 2022 16:19:00 GMT

GET
H2 200 recaptcha__fr.js Show response
www.gstatic.com/recaptcha/releases/UrRmT3mBwY326qQxUfVlHu1P/ Frame F11E 349 KB
136 KB 117ms
51ms Script
text/javascript 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/UrRmT3mBwY326qQxUfVlHu1P/recaptcha__fr.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e9d70eabcdc877f39a3795e93a0b59e90ff0a282df8a0567ccf4aa87b5a1d798

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 22:45:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 323362
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 139169
x-xss-protection: 0
last-modified: Mon, 25 Oct 2021 04:03:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="recaptcha"
expires: Tue, 01 Nov 2022 22:45:27 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/867828814/ 42 B
138 B 43ms
43ms Image
image/gif 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/867828814/?random=1636130088896&cv=9&fst=1636128000000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgb31&sendb=1&frm=0&url=https%3A%2F%2Firen.prezzogiusto.com%2Fp%2Firen_piu_regali_novembre_dem_cb%3F%26transaction_id%3D102e5781b5214a16d590de60a4e1df&tiba=Iren%20Pi%C3%B9%20Regali&async=1&fmt=3&is_vtc=1&random=1971357892&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: iren.prezzogiusto.com
URL: https://iren.prezzogiusto.com/p/iren_piu_regali_novembre_dem_cb?&transaction_id=102e5781b5214a16d590de60a4e1df

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://iren.prezzogiusto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Nov 2021 16:34:49 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.fr/pagead/1p-user-list/867828814/ 42 B
154 B 44ms
44ms Image
image/gif 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.fr/pagead/1p-user-list/867828814/?random=1636130088896&cv=9&fst=1636128000000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgb31&sendb=1&frm=0&url=https%3A%2F%2Firen.prezzogiusto.com%2Fp%2Firen_piu_regali_novembre_dem_cb%3F%26transaction_id%3D102e5781b5214a16d590de60a4e1df&tiba=Iren%20Pi%C3%B9%20Regali&async=1&fmt=3&is_vtc=1&random=1971357892&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: iren.prezzogiusto.com
URL: https://iren.prezzogiusto.com/p/iren_piu_regali_novembre_dem_cb?&transaction_id=102e5781b5214a16d590de60a4e1df

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://iren.prezzogiusto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Nov 2021 16:34:49 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
426 B 95ms
28ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=149061192455198&ev=PageView&dl=https%3A%2F%2Firen.prezzogiusto.com%2Fp%2Firen_piu_regali_novembre_dem_cb%3F%26transaction_id%3D102e5781b5214a16d590de60a4e1df&rl=&if=false&ts=1636130089121&sw=1600&sh=1200&v=2.9.48&r=stable&ec=0&o=30&fbp=fb.1.1636130089120.898592314&it=1636130088683&coo=false&rqm=GET

Requested by

Host: iren.prezzogiusto.com
URL: https://iren.prezzogiusto.com/p/iren_piu_regali_novembre_dem_cb?&transaction_id=102e5781b5214a16d590de60a4e1df

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://iren.prezzogiusto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 16:34:49 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Fri, 05 Nov 2021 16:34:49 GMT

GET
H2 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame F11E 2 KB
2 KB 29ms
28ms Image
image/png 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/UrRmT3mBwY326qQxUfVlHu1P/styles__ltr.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/UrRmT3mBwY326qQxUfVlHu1P/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 31 Oct 2021 11:16:19 GMT
x-content-type-options: nosniff
age: 451110
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="recaptcha"
expires: Sun, 07 Nov 2021 11:16:19 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame F11E 15 KB
16 KB 99ms
30ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
Accept-Language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 04 Nov 2021 06:41:55 GMT
x-content-type-options: nosniff
age: 121974
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Fri, 04 Nov 2022 06:41:55 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame F11E 15 KB
15 KB 116ms
47ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
Accept-Language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 04 Nov 2021 20:32:05 GMT
x-content-type-options: nosniff
age: 72164
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Fri, 04 Nov 2022 20:32:05 GMT

GET
H2 200 webworker.js
www.google.com/recaptcha/enterprise/ Frame F11E 102 B
204 B 37ms
37ms Other
text/javascript 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise/webworker.js?hl=fr&v=UrRmT3mBwY326qQxUfVlHu1P

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

fa932bd14d6e7aa7f299969c704fc0b35cb3dae0fb08eda06095907ea5d1d916

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Le30LoZAAAAAOaHzuTMKScIoZTg5Jg8qa-vVyuN&co=aHR0cHM6Ly9pcmVuLnByZXp6b2dpdXN0by5jb206NDQz&hl=fr&v=UrRmT3mBwY326qQxUfVlHu1P&size=invisible&cb=46bpx4f2q721
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 16:34:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 112
x-xss-protection: 1; mode=block
expires: Fri, 05 Nov 2021 16:34:49 GMT

GET
H2 200 iren_logo_aut_2021.png
smart-contact-cdn.livelanding.it/images/ 30 KB
30 KB 33ms
33ms Image
image/png 2600:9000:2156:b600:b:a4bf:e000:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://smart-contact-cdn.livelanding.it/images/iren_logo_aut_2021.png
Requested by: Host: iren.prezzogiusto.com
URL: https://iren.prezzogiusto.com/p/iren_piu_regali_novembre_dem_cb?&transaction_id=102e5781b5214a16d590de60a4e1df
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:b600:b:a4bf:e000:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1691a3de13c766b2a18bd637b2a1f23b4378883e1a382d456fc3380008cda704

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://iren.prezzogiusto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 04 Nov 2021 18:13:57 GMT
via: 1.1 055d899361491602a9ef1eb0cdc5e337.cloudfront.net (CloudFront)
last-modified: Tue, 03 Aug 2021 15:12:02 GMT
server: AmazonS3
age: 80453
etag: "ba0b2ee679bf03e36e7ce7824fa06de7"
x-cache: Hit from cloudfront
content-type: image/png
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 30662
x-amz-cf-id: nCeOcPjyNsLzmeWIbZVlWu15pS22mTfoPU5oP9y7IsrNMpw7xViqFA==

GET
H2 200 bg-desk.webp
smart-contact-cdn.livelanding.it/2110_offerta_iren_piu-regali/ 279 KB
280 KB 134ms
134ms Image
image/webp 2600:9000:2156:b600:b:a4bf:e000:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://smart-contact-cdn.livelanding.it/2110_offerta_iren_piu-regali/bg-desk.webp
Requested by: Host: smart-contact-cdn.livelanding.it
URL: https://smart-contact-cdn.livelanding.it/2110_offerta_iren_piu-regali/app-f6ccf81ff29beba0cd27.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:b600:b:a4bf:e000:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d17d289c44865fba9e8ecd9f41b2c587d65c2fcf699d275e209d32570d3e34bf

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://smart-contact-cdn.livelanding.it/2110_offerta_iren_piu-regali/app-f6ccf81ff29beba0cd27.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 16:34:50 GMT
via: 1.1 055d899361491602a9ef1eb0cdc5e337.cloudfront.net (CloudFront)
last-modified: Wed, 27 Oct 2021 09:15:10 GMT
server: AmazonS3
x-amz-cf-pop: FRA50-C1
etag: "372d7ed457d1b1fb38a451893d7ed6c0"
x-cache: Miss from cloudfront
content-type: image/webp
accept-ranges: bytes
content-length: 286150
x-amz-cf-id: paShilnElBZclPwJt-Axl7oCkoKmU71V43sjYeN78AZEpuouiczCvw==

POST
H2 204 collect Show response
d.clarity.ms/ 0
74 B 125ms
125ms XHR
text/plain 40.76.174.66
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://d.clarity.ms/collect
Requested by: Host: d.clarity.ms
URL: https://d.clarity.ms/s/0.6.27/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 40.76.174.66 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://iren.prezzogiusto.com/
Accept-Language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

access-control-allow-origin: https://iren.prezzogiusto.com
date: Fri, 05 Nov 2021 16:34:49 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111

GET
H2 200 cc.js Show response
consent.cookiebot.com/1a3a4d3e-d8e4-43fb-9cbb-0605ac4147fa/ 377 B
806 B 205ms
204ms Script
application/x-javascript 2a02:26f0:7100::687e:24d1
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://consent.cookiebot.com/1a3a4d3e-d8e4-43fb-9cbb-0605ac4147fa/cc.js?renew=false&referer=iren.prezzogiusto.com&dnt=false&forceshow=false
Requested by: Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js?cbid=1a3a4d3e-d8e4-43fb-9cbb-0605ac4147fa
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100::687e:24d1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: fce8580575281c8586d4238a39ab9ca22f0b8c8896573e6bb9bcc1099d2b4caf

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://iren.prezzogiusto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 16:34:49 GMT
content-encoding: gzip
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
vary: Accept-Encoding
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Request-Context
cache-control: private, max-age=60
access-control-allow-headers: cache-control, expires, Access-Control-Allow-Headers, Origin, Pragma, Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers
content-length: 365
request-context: appId=cid-v1:89f47f4b-bed0-4db8-956b-d6e6dfac3fef

GET
H2 200 collect
www.google-analytics.com/ 35 B
132 B 28ms
28ms Image
image/gif 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j93&aip=1&a=1826842293&t=event&ni=1&_s=2&dl=https%3A%2F%2Firen.prezzogiusto.com%2Fp%2Firen_piu_regali_novembre_dem_cb%3F%26transaction_id%3D102e5781b5214a16d590de60a4e1df&ul=en-us&de=UTF-8&dt=Iren%20Pi%C3%B9%20Regali&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Clarity&ea=mhyd4j&_u=aDDAAEABAAAAAC~&jid=&gjid=&cid=374073744.1636130089&tid=UA-86284970-1&_gid=1940855354.1636130089&gtm=2wgb31K2N6XCR&cd1=https%3A%2F%2Firen.prezzogiusto.com%2Fp%2Firen_piu_regali_novembre_dem_cb%3F%26transaction_id%3D102e5781b5214a16d590de60a4e1df&cd2=&cd3=https%3A%2F%2Fclarity.microsoft.com%2Fga%2F8kgqzquqpu%2F10dya1f%2Fmhyd4j&z=724862973

Requested by

Host: iren.prezzogiusto.com
URL: https://iren.prezzogiusto.com/p/iren_piu_regali_novembre_dem_cb?&transaction_id=102e5781b5214a16d590de60a4e1df

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://iren.prezzogiusto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Nov 2021 06:05:18 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 37771
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect Show response
d.clarity.ms/ 0
48 B 99ms
99ms XHR
text/plain 40.76.174.66
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://d.clarity.ms/collect
Requested by: Host: d.clarity.ms
URL: https://d.clarity.ms/s/0.6.27/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 40.76.174.66 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://iren.prezzogiusto.com/
Accept-Language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

access-control-allow-origin: https://iren.prezzogiusto.com
date: Fri, 05 Nov 2021 16:34:50 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111

GET
H2 200 /
www.facebook.com/tr/ 44 B
147 B 29ms
28ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=149061192455198&ev=Microdata&dl=https%3A%2F%2Firen.prezzogiusto.com%2Fp%2Firen_piu_regali_novembre_dem_cb%3F%26transaction_id%3D102e5781b5214a16d590de60a4e1df&rl=&if=false&ts=1636130090625&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Iren%20Pi%C3%B9%20Regali%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.48&r=stable&ec=1&o=30&fbp=fb.1.1636130089120.898592314&it=1636130088683&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://iren.prezzogiusto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 16:34:50 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Fri, 05 Nov 2021 16:34:50 GMT

Verdicts & Comments Add Verdict or Comment

81 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

27 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
tk.keyxel.tuktukdigital.com/	1970-01-20 07:14:26	Name: __tktk Value: tktk_uuid=23485b31-7f2a-4254-8535-9262827def7d
tk.keyxel.tuktukdigital.com/	1970-01-19 23:10:58	Name: td_129997 Value: programId=129997&affiliateId=100003&creativityId=13489&activityId=3303&param0=&param1=&param2=&param3=&param4=&param5=&param6=10286&frt=&_ltc=637717268875454379&expireOn=637742592000000000
goodieweb.go2cloud.org/	1970-01-19 22:30:16	Name: aff_ran_url_496 Value: 725
goodieweb.go2cloud.org/	1970-01-19 23:12:02	Name: enc_aff_session_496 Value: ENC0318529db5d23841e9043ead1ab5b0ef33ac7f3025e3230dade96d37a4677a125a766eb0e44efe52ec7c71e505fdea7a804d9018a5efce340c96841166aacb16dcbea7b5cb1a50e900fbc31bb9aa8407d11853701b9be01c96bc58ec6634ffa5b00185f50dcd49a348bd01c0f5e620acdc9c9b67db363e2d7567eb5fe69b088f4f0c89d67f
goodieweb.go2cloud.org/	1970-01-20 23:54:26	Name: ho_mob Value: eyJtb2JpbGVfZGV2aWNlX29zIjoiRGVza3RvcCIsIm1vYmlsZV9vc192ZXJzaW9uIjoiMCIsIm1vYmlsZV9kZXZpY2VfbW9kZWwiOiJDaHJvbWUiLCJtb2JpbGVfZGV2aWNlX2JyYW5kIjoiR29vZ2xlIiwibW9iaWxlX2Jyb3dzZXIiOiJDaHJvbWUgRGVza3RvcCIsIm1vYmlsZV9icm93c2VyX3ZlcnNpb24iOiI5NS4wIiwibW9iaWxlX2NhcnJpZXIiOiI/IiwidXNlcl9hZ2VudCI6Ik1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyBYNjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIExpa2UgR2Vja28pIENocm9tZS85NS4wLjQ2MzguNTQgU2FmYXJpLzUzNy4zNiIsImFjY2VwdF9sYW5ndWFnZSI6ImZyLUZSLGZyO3E9MC45IiwiY29ubmVjdGlvbl9zcGVlZCI6ImJyb2FkYmFuZCJ9
.prezzogiusto.com/	1970-01-20 00:38:26	Name: _gcl_au Value: 1.1.2071650770.1636130088
.prezzogiusto.com/	1970-01-20 16:00:02	Name: _ga_VE02F5XDVN Value: GS1.1.1636130088.1.0.1636130088.60
.iren.prezzogiusto.com/	1970-01-23 14:04:50	Name: 3rdPlace_1st Value: b334ff94-fde2-4e5e-ff9e-cf6da5c75a42.1636130089
www.clarity.ms/	1970-01-20 07:14:26	Name: CLID Value: 6d879756cf80408ea3e8db35b0cdc8cd.20211105.20221105
.prezzogiusto.com/	1970-01-20 16:00:02	Name: _ga Value: GA1.2.374073744.1636130089
.prezzogiusto.com/	1970-01-19 22:30:16	Name: _gid Value: GA1.2.1940855354.1636130089
.prezzogiusto.com/	1970-01-19 22:28:50	Name: _gat_UA-86284970-1 Value: 1
.prezzogiusto.com/	1970-01-20 07:14:26	Name: _hjid Value: 2f3388ec-3a2d-4835-9dbd-a9cd7edbde10
.prezzogiusto.com/	1970-01-19 22:28:51	Name: _hjFirstSeen Value: 1
thirdplace-pixel.appspot.com/	1970-01-27 05:48:02	Name: 3rdPlace Value: b334ff94-fde2-4e5e-ff9e-cf6da5c75a42.1636130089
iren.prezzogiusto.com/	1970-01-19 22:28:50	Name: _hjIncludedInPageviewSample Value: 1
.prezzogiusto.com/	1970-01-19 22:28:51	Name: _hjAbsoluteSessionInProgress Value: 0
iren.prezzogiusto.com/	1970-01-19 22:28:50	Name: _hjIncludedInSessionSample Value: 0
.c.bing.com/	1970-01-20 07:50:26	Name: SRM_B Value: 0D80464978206148122856AF7907600B
.doubleclick.net/	1970-01-19 22:28:50	Name: test_cookie Value: CheckForPermission
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-20 07:50:26	Name: MUID Value: 0D80464978206148122856AF7907600B
.c.clarity.ms/	1970-01-19 22:28:50	Name: ANONCHK Value: 0
.prezzogiusto.com/	1970-01-20 00:38:26	Name: _fbp Value: fb.1.1636130089120.898592314
.facebook.com/	1970-01-20 00:38:26	Name: fr Value: 0Cy3aFWmLqpF7qC10..BhhV0p...1.0.BhhV0p.
.prezzogiusto.com/	1970-01-20 07:14:26	Name: _clck Value: 10dya1f\|1\|ew6\|0
.prezzogiusto.com/	1970-01-19 22:30:16	Name: _clsk Value: mhyd4j\|1636130089545\|1\|1\|d.clarity.ms/collect

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://iren.prezzogiusto.com/ Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.google.com
ancient-athens-hiib8yznxwbz.vapor-farm-b1.com
api.loradelleofferte.com
c.bing.com
c.clarity.ms
connect.facebook.net
consent.cookiebot.com
consentcdn.cookiebot.com
d.clarity.ms
fonts.gstatic.com
goodieweb.go2cloud.org
googleads.g.doubleclick.net
in.hotjar.com
iren.prezzogiusto.com
script.hotjar.com
smart-contact-cdn.livelanding.it
static.hotjar.com
stats.g.doubleclick.net
thirdplace-pixel.appspot.com
tk.keyxel.tuktukdigital.com
tracking.goodiewebgroup.com
vars.hotjar.com
www.clarity.ms
www.facebook.com
www.google-analytics.com
www.google.com
www.google.fr
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
142.250.185.162
143.204.98.102
143.204.98.104
143.204.98.82
143.204.98.92
2600:9000:2156:b600:b:a4bf:e000:93a1
2606:4700:20::ac43:4889
2620:1ec:27::cafe:2080
2620:1ec:c11::200
2a00:1450:4001:802::2004
2a00:1450:4001:802::200e
2a00:1450:4001:803::2003
2a00:1450:4001:809::2002
2a00:1450:4001:80e::2003
2a00:1450:4001:811::2014
2a00:1450:4001:82b::2008
2a00:1450:4001:82f::200e
2a00:1450:4001:830::2003
2a00:1450:400c:c08::9c
2a02:26f0:7100:1ba::f09
2a02:26f0:7100::687e:24d1
2a03:2880:f02d:100:face:b00c:0:3
2a03:2880:f12d:181:face:b00c:0:25de
35.246.127.93
40.76.174.66
52.142.114.2
52.210.2.133
52.27.185.165
54.69.185.132
54.78.108.238
0297ba54fff0a052c5761457790e80dc093b93b152edee473485af46c022ad75
07585ddcb6859f81618a8fc0e6a2db7403f80022afec873f4663e4f1849995db
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
140ffb1a69de3fbf3b742b2d6652756c8dc92254f7a3d38278f3394b4fe32f01
1691a3de13c766b2a18bd637b2a1f23b4378883e1a382d456fc3380008cda704
1a61a4ea3348c2463a3a12bb9e5e9f3bc14fbca5237345db45468c5091773897
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1f88dccecf39fd07c7b9763497c16fc7df414aa5a5b11af3b1e5b757a75d670d
1f93261e6db2c54e59dd3384dbb44d59a47c0118c3526bec3a3e5f52925e5243
295426f89c923624640e8f1bb52e3438a7b43fb7efa84c1dc6bbbd41971c0f10
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
4e74dabd4fe9234a18586eaee17d355f0e0a341754d1700ea266014b5b9ad9f5
533036bd37d4d87bd4e3cad3010f2a29d00f24ffc34bb5b22598951c44d91452
55aa0299a6b880ddee3b6e438a6e155730fca9eaf992e5e4ac105ca1de5f3312
55f44ad4fe5be679f35468b612fd1aa9e4347785cff5002137d87009667de3cc
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
617859932c9a2e78bbaaa9b13af2c14567c0781e7f057627aa354e1fcb24dc82
67fd2315ad1732ebf7bf13652a2d0e2588fbe2da70d07c219998eceee0493218
69ae95b7f73e2899d0c398ed4fb9faba242bbec4d0a58b182e4dd0e7808f01ac
727e58c59b66fc049d12de6286d3ff4084af33e170d20316a2ff45413453a04f
7836fdb80c5f18ef606c22b8ca935370944a4ce41a49e148dd33ff8e04fa0ab3
80a2f83d05cac38c0ba0693efa68417528521e3dc5cab20f6b9b9abc8527ae11
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
846a74d2b2a7abcb706ebc7498904aa1e59c5b679f317d2d41d86d9e2702c65b
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
a8fd01f3c27c746affc8d671ccd760b63dc6bb52efea16dff2e2ad12b5e9a0b9
adce8a2747c7a78bcb930f1391a58be7d8b5c38ea7992e2a9d8b7e45dfe999c7
b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6
bda2e7678f208e254226e305a633ce6c4777a4d3f71103d23157c88a0ed5a321
c0404de34dcf6c1a11bee30014d03a955005654582dd1b1799a924bad7b56428
c22daa7881d3bfab28cb5a9c9d5083043954467babf4c28596cd4304e4bee034
d17d289c44865fba9e8ecd9f41b2c587d65c2fcf699d275e209d32570d3e34bf
d334e38dcbee7967a7a3e18877852e2cf9fa1455bc858e04acfa8dc7d34091d9
d6f4fd5021bdee43e267c89d23c88c0629755fa26356f9566b80ac01bee0e0fb
dd8bce41d0be6d4e5449bef910b493bcf872a4189a361451102996bfe0082f3a
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9d70eabcdc877f39a3795e93a0b59e90ff0a282df8a0567ccf4aa87b5a1d798
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f85f95656a799c5702b32bb1e1f5536435a0fcce47c01b3b04c414e770740186
f9380d60b2a4d8497ea494a6d5fe926914618c21398da3345e2e0a2e0e504177
fa932bd14d6e7aa7f299969c704fc0b35cb3dae0fb08eda06095907ea5d1d916
fce8580575281c8586d4238a39ab9ca22f0b8c8896573e6bb9bcc1099d2b4caf
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

iren.prezzogiusto.com Open in urlscan Pro 143.204.98.92 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

54 Requests

98 %HTTPS

60 %IPv6

21 Domains

30 Subdomains

26 IPs

5 Countries

1187 kBTransfer

2788 kBSize

27 Cookies

2 Outgoing links

Page URL History

Redirected requests

54 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

iren.prezzogiusto.com Open in urlscan Pro
143.204.98.92 Public Scan

Screenshot
Live screenshot

Full Image

54
Requests

98 %
HTTPS

60 %
IPv6

21
Domains

30
Subdomains

26
IPs

5
Countries

1187 kB
Transfer

2788 kB
Size

27
Cookies

54 HTTP transactions
2 data transactions