urlscan.io logo urlscan.io
SecurityTrails logo

timtelectelstr.wpenginepowered.com Open in urlscan Pro
141.193.213.11  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://timtelectelstr.wpenginepowered.com/wp-admin/Tim/tim/main/log.php
Effective URL: https://timtelectelstr.wpenginepowered.com/wp-admin/Tim/tim/wait.html
Submission: On January 08 via api from IT — Scanned from IT
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 5 countries across 8 domains to perform 27 HTTP transactions. The main IP is 141.193.213.11, located in United States and belongs to CLOUDFLARESPECTRUM Cloudflare, Inc., US. The main domain is timtelectelstr.wpenginepowered.com.
TLS certificate: Issued by E1 on November 28th 2023. Valid for: 3 months.
This is the only time timtelectelstr.wpenginepowered.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Telecom Italia (Telecommunication)

Domain & IP information

IP Address AS Autonomous System
1 12 141.193.213.11 209242 (CLOUDFLAR...)
1 104.16.89.20 13335 (CLOUDFLAR...)
5 23.35.236.237 16625 (AKAMAI-AS)
4 81.74.228.24 3269 (ASN-IBSNAZ)
3 52.50.241.158 16509 (AMAZON-02)
2 146.75.121.230 54113 (FASTLY)
1 1 18.200.140.12 16509 (AMAZON-02)
1 35.241.45.82 396982 (GOOGLE-CL...)
27 8
12    141.193.213.11 (United States)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)
timtelectelstr.wpenginepowered.com
1    104.16.89.20 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
5    23.35.236.237 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-237.deploy.static.akamaitechnologies.com
assets.adobedtm.com
4    81.74.228.24 (Italy)

ASN3269 (ASN-IBSNAZ, IT)
PTR: host-81-74-228-24.business.telecomitalia.it
risorse.tim.it
3    52.50.241.158 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-50-241-158.eu-west-1.compute.amazonaws.com
dpm.demdex.net
telecomitalia.demdex.net
2    146.75.121.230 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
resources.digital-cloud.medallia.eu
1    18.200.140.12 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-200-140-12.eu-west-1.compute.amazonaws.com
cm.everesttech.net
1    35.241.45.82 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 82.45.241.35.bc.googleusercontent.com
udc-neb.kampyle.com
Apex Domain
Subdomains		 Transfer
12 wpenginepowered.com
timtelectelstr.wpenginepowered.com
184 KB
5 adobedtm.com
assets.adobedtm.com — Cisco Umbrella Rank: 572
100 KB
4 tim.it
risorse.tim.it — Cisco Umbrella Rank: 883802
6 KB
3 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 313
telecomitalia.demdex.net
5 KB
2 medallia.eu
resources.digital-cloud.medallia.eu — Cisco Umbrella Rank: 23369
93 KB
1 kampyle.com
udc-neb.kampyle.com — Cisco Umbrella Rank: 3587
318 B
1 everesttech.net
cm.everesttech.net — Cisco Umbrella Rank: 1969
517 B
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 438
32 KB
27 8
Domain Requested by
12 timtelectelstr.wpenginepowered.com 1 redirects timtelectelstr.wpenginepowered.com
5 assets.adobedtm.com timtelectelstr.wpenginepowered.com
assets.adobedtm.com
4 risorse.tim.it timtelectelstr.wpenginepowered.com
2 resources.digital-cloud.medallia.eu assets.adobedtm.com
resources.digital-cloud.medallia.eu
2 dpm.demdex.net assets.adobedtm.com
timtelectelstr.wpenginepowered.com
1 udc-neb.kampyle.com
1 cm.everesttech.net 1 redirects
1 telecomitalia.demdex.net assets.adobedtm.com
1 cdn.jsdelivr.net timtelectelstr.wpenginepowered.com
27 9

This site contains no links.

Subject Issuer Validity Valid
wpenginepowered.com
E1		 2023-11-28 -
2024-02-26		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-05-02 -
2024-05-01		 a year crt.sh
assets.adobedtm.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-07-11 -
2024-08-10		 a year crt.sh
risorse.tim.it
TI Trust Technologies OV CA		 2023-09-27 -
2024-10-27		 a year crt.sh
*.demdex.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-26 -
2024-10-26		 a year crt.sh
*.digital-cloud.medallia.eu
SSL.com RSA SSL subCA		 2022-12-11 -
2024-01-11		 a year crt.sh
*.kampyle.com
SSL.com RSA SSL subCA		 2023-03-29 -
2024-02-28		 a year crt.sh

This page contains 2 frames:

Primary Page: https://timtelectelstr.wpenginepowered.com/wp-admin/Tim/tim/wait.html
Frame ID: BBF4B6812AD179FCD5C691000315927F
Requests: 27 HTTP requests in this frame

Frame: https://telecomitalia.demdex.net/dest5.html?d_nsid=0
Frame ID: CAD43F7F21F986B4430F8DBB6F1B5C9B
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://timtelectelstr.wpenginepowered.com/wp-admin/Tim/tim/main/log.php HTTP 302
    https://timtelectelstr.wpenginepowered.com/wp-admin/Tim/tim/wait.html Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /etc\.clientlibs/
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
  • //cdn\.jsdelivr\.net/

Page Statistics

27
Requests

96 %
HTTPS

0 %
IPv6

8
Domains

9
Subdomains

8
IPs

5
Countries

420 kB
Transfer

1944 kB
Size

10
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://timtelectelstr.wpenginepowered.com/wp-admin/Tim/tim/main/log.php HTTP 302
    https://timtelectelstr.wpenginepowered.com/wp-admin/Tim/tim/wait.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 22
  • https://cm.everesttech.net/cm/dd?d_uuid=89489785528622324393843759316790278608 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZZvbFwAAAIOF8QN-

27 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request wait.html
timtelectelstr.wpenginepowered.com/wp-admin/Tim/tim/
Redirect Chain
  • https://timtelectelstr.wpenginepowered.com/wp-admin/Tim/tim/main/log.php
  • https://timtelectelstr.wpenginepowered.com/wp-admin/Tim/tim/wait.html
130 KB
41 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://timtelectelstr.wpenginepowered.com/wp-admin/Tim/tim/wait.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / WP Engine
Resource Hash
a61d0ad1ff9821e7a20321ceee3cca12c2c89903fc758012750236099c7924ab

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
it-IT,it;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
max-age=0, must-revalidate, private
cf-cache-status
DYNAMIC
cf-ray
842410eb6926a319-FCO
content-encoding
br
content-type
text/html
date
Mon, 08 Jan 2024 11:23:02 GMT
etag
W/"206ef-5f7ae5ad79000"
last-modified
Sat, 25 Mar 2023 00:11:44 GMT
server
cloudflare
vary
Accept-Encoding Accept-Encoding Accept-Encoding Accept-Encoding
x-cache
MISS
x-cacheable
NO:Passed
x-pass-why
wp-admin
x-powered-by
WP Engine

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
max-age=0, must-revalidate, private
cf-cache-status
DYNAMIC
cf-ray
842410e52e6aa319-FCO
content-length
1
content-type
text/html; charset=UTF-8
date
Mon, 08 Jan 2024 11:23:02 GMT
location
../wait.html
server
cloudflare
x-cache
MISS
x-cacheable
NO:Passed
x-pass-why
wp-admin
x-powered-by
WP Engine
bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@5.3.0-alpha1/dist/css/ 		216 KB
32 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/bootstrap@5.3.0-alpha1/dist/css/bootstrap.min.css
Requested by
Host: timtelectelstr.wpenginepowered.com
URL: https://timtelectelstr.wpenginepowered.com/wp-admin/Tim/tim/wait.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
932ea15108928991bcf0c0a46415fc652de5ffc0158c35205357b90c65eeb386
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://timtelectelstr.wpenginepowered.com/
Origin
https://timtelectelstr.wpenginepowered.com
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 08 Jan 2024 11:23:02 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
3485558
x-jsd-version
5.3.0-alpha1
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-etou8220074-FRA, cache-mxp6930-MXP
x-jsd-version-type
version
server
cloudflare
etag
W/"35e6c-cZlWqlLbTIr9xcDPs8verWJYuKY"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0bMFBFbOrkBFpyVm1jijKyZPIbBbxAhVZ%2FUU8f0Ugi1yiu5w5lBU4Wv%2FT3z2%2Bh4L7SeCawq1UdLVzvnlLdWGUvD0SNH7ikKbMaVRoZXKa1SLWrCVMWYUR54qs%2FgkChCwIjo%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
842410ec6ce0ba99-MXP
launch-1e1113ae278e.min.js
assets.adobedtm.com/1eecba5bc341/a1ad791924b5/ 		305 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/1eecba5bc341/a1ad791924b5/launch-1e1113ae278e.min.js
Requested by
Host: timtelectelstr.wpenginepowered.com
URL: https://timtelectelstr.wpenginepowered.com/wp-admin/Tim/tim/wait.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.236.237 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-237.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
c444273fb2940010237a663557253874d7a4cf20e73e4c66f1012e9a61ce6275

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://timtelectelstr.wpenginepowered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 08 Jan 2024 11:23:02 GMT
content-encoding
gzip
last-modified
Mon, 04 Dec 2023 14:47:16 GMT
server
AkamaiNetStorage
etag
"1750713981951a7d0caa05c04dcdc6a6:1701701236.572977"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://timtelectelstr.wpenginepowered.com
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
86605
expires
Mon, 08 Jan 2024 12:23:02 GMT
style.css
timtelectelstr.wpenginepowered.com/wp-admin/Tim/tim/css/ 		508 KB
65 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://timtelectelstr.wpenginepowered.com/wp-admin/Tim/tim/css/style.css
Requested by
Host: timtelectelstr.wpenginepowered.com
URL: https://timtelectelstr.wpenginepowered.com/wp-admin/Tim/tim/wait.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
ecaa1db11a567e93b32edf81b1b8df62ce1ba679c33bfd4520c25b3615620f97

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://timtelectelstr.wpenginepowered.com/wp-admin/Tim/tim/wait.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 08 Jan 2024 11:23:02 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 10 Mar 2023 00:58:18 GMT
server
cloudflare
age
176965
etag
W/"640a80aa-7eed3"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
842410ebe860a325-FCO
alt-svc
h3=":443"; ma=86400
ss.css
timtelectelstr.wpenginepowered.com/wp-admin/Tim/tim/css/ 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://timtelectelstr.wpenginepowered.com/wp-admin/Tim/tim/css/ss.css
Requested by
Host: timtelectelstr.wpenginepowered.com
URL: https://timtelectelstr.wpenginepowered.com/wp-admin/Tim/tim/wait.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
cd657a94e4f36d8e4bb5f4744d83773a2870425f3b7982cfa66314bc2d1a792e

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://timtelectelstr.wpenginepowered.com/wp-admin/Tim/tim/wait.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 08 Jan 2024 11:23:02 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 10 Mar 2023 00:59:14 GMT
server
cloudflare
age
176965
etag
W/"640a80e2-1616"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
842410ebe861a325-FCO
alt-svc
h3=":443"; ma=86400
truncated
/ 		11 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9c98f3c5f9421f8b30307d17a4c6c77aa583dbace4d69fd737d43acf336d52dc

Request headers

accept-language
it-IT,it;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/png
us.svg
timtelectelstr.wpenginepowered.com/wp-admin/Tim/tim/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://timtelectelstr.wpenginepowered.com/wp-admin/Tim/tim/us.svg
Requested by
Host: timtelectelstr.wpenginepowered.com
URL: https://timtelectelstr.wpenginepowered.com/wp-admin/Tim/tim/wait.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
bb462a24eef290bb508dfd155c8d94e5220b203109f6574184723f9ea252f9e9

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://timtelectelstr.wpenginepowered.com/wp-admin/Tim/tim/wait.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 08 Jan 2024 11:23:02 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 10 Mar 2023 01:02:18 GMT
server
cloudflare
age
176965
etag
W/"640a819a-11f0"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
842410ec28e0a325-FCO
alt-svc
h3=":443"; ma=86400
caring-login-banner-app.min.css
risorse.tim.it/etc.clientlibs/caring-login/clientlibs/1.0.69/ 		0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://risorse.tim.it/etc.clientlibs/caring-login/clientlibs/1.0.69/caring-login-banner-app.min.css
Requested by
Host: timtelectelstr.wpenginepowered.com
URL: https://timtelectelstr.wpenginepowered.com/wp-admin/Tim/tim/wait.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
81.74.228.24 , Italy, ASN3269 (ASN-IBSNAZ, IT),
Reverse DNS
host-81-74-228-24.business.telecomitalia.it
Software
/
Resource Hash

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://timtelectelstr.wpenginepowered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers
mat.png
timtelectelstr.wpenginepowered.com/wp-admin/Tim/tim/ 		69 KB
70 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://timtelectelstr.wpenginepowered.com/wp-admin/Tim/tim/mat.png
Requested by
Host: timtelectelstr.wpenginepowered.com
URL: https://timtelectelstr.wpenginepowered.com/wp-admin/Tim/tim/wait.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
a9c1e611d55d402295919a93ac9d846d1212e3a4e4e0ae90dd056c7bbb373e97

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://timtelectelstr.wpenginepowered.com/wp-admin/Tim/tim/wait.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 08 Jan 2024 11:23:02 GMT
cf-cache-status
HIT
age
176965
cf-polished
origFmt=png, origSize=73776
content-disposition
inline; filename="mat.webp"
alt-svc
h3=":443"; ma=86400
content-length
70848
cf-bgj
imgq:100,h2pri
last-modified
Fri, 10 Mar 2023 01:08:20 GMT
server
cloudflare
etag
"640a8304-12030"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
842410ec28e5a325-FCO
qr-code-mytim.png
risorse.tim.it/content/dam/caring-login/ 		13 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://risorse.tim.it/content/dam/caring-login/qr-code-mytim.png
Requested by
Host: timtelectelstr.wpenginepowered.com
URL: https://timtelectelstr.wpenginepowered.com/wp-admin/Tim/tim/wait.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
81.74.228.24 , Italy, ASN3269 (ASN-IBSNAZ, IT),
Reverse DNS
host-81-74-228-24.business.telecomitalia.it
Software
Apache /
Resource Hash
f673c7be1f8c23f184eb30093e4e17f454e3576db7257ecb3198c550181c7efc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload
X-Frame-Options SAMEORIGIN

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://timtelectelstr.wpenginepowered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 08 Jan 2024 11:18:52 GMT
strict-transport-security
max-age=31536000; preload
content-encoding
gzip
via
http/1.1 se-mi1-18.cdn.interbusiness.it (), http/1.1 se-mi2-16.cdn.interbusiness.it ()
age
250
content-length
6088
last-modified
Sun, 07 Jun 2020 23:51:02 GMT
server
Apache
etag
"32a0-5a7872aaf0e5b-gzip"
x-frame-options
SAMEORIGIN
access-control-allow-methods
POST, GET, OPTIONS
content-type
image/png
vary
Origin
cache-control
max-age=1800
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
funnel, authorization, clientversion, Cache-Control, pragma, expires, accept, BusinessID, InteractionDate-Date, InteractionDate-Time, TransactionID, MessageId, SourceSystem, Channel, SessionID, devicetype, content-type, x-requested-with
expires
Mon, 08 Jan 2024 11:48:52 GMT
app.png
timtelectelstr.wpenginepowered.com/wp-admin/Tim/tim/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://timtelectelstr.wpenginepowered.com/wp-admin/Tim/tim/app.png
Requested by
Host: timtelectelstr.wpenginepowered.com
URL: https://timtelectelstr.wpenginepowered.com/wp-admin/Tim/tim/wait.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
39d7b64b7c2278b7b371e30bee6b4b11e6ca724eff287a1fe2b9f9e9ee587f94

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://timtelectelstr.wpenginepowered.com/wp-admin/Tim/tim/wait.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 08 Jan 2024 11:23:02 GMT
cf-cache-status
HIT
age
67460
cf-polished
origFmt=png, origSize=4454
content-disposition
inline; filename="app.webp"
alt-svc
h3=":443"; ma=86400
content-length
1434
cf-bgj
imgq:100,h2pri
last-modified
Fri, 10 Mar 2023 01:11:46 GMT
server
cloudflare
etag
"640a83d2-1166"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
842410ec28e8a325-FCO
play.png
timtelectelstr.wpenginepowered.com/wp-admin/Tim/tim/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://timtelectelstr.wpenginepowered.com/wp-admin/Tim/tim/play.png
Requested by
Host: timtelectelstr.wpenginepowered.com
URL: https://timtelectelstr.wpenginepowered.com/wp-admin/Tim/tim/wait.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
11d333cfdf13707d9d65c4df471b3f9f0c1ef2081c2f3aa6a2869ee371a0f1d0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://timtelectelstr.wpenginepowered.com/wp-admin/Tim/tim/wait.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 08 Jan 2024 11:23:02 GMT
cf-cache-status
HIT
age
176965
cf-polished
origFmt=png, origSize=6414
content-disposition
inline; filename="play.webp"
alt-svc
h3=":443"; ma=86400
content-length
2610
cf-bgj
imgq:100,h2pri
last-modified
Fri, 10 Mar 2023 01:10:56 GMT
server
cloudflare
etag
"640a83a0-190e"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
842410ec28eda325-FCO
caring-login-cookie.min.css
risorse.tim.it/etc.clientlibs/caring-login/clientlibs/1.0.69/ 		0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://risorse.tim.it/etc.clientlibs/caring-login/clientlibs/1.0.69/caring-login-cookie.min.css
Requested by
Host: timtelectelstr.wpenginepowered.com
URL: https://timtelectelstr.wpenginepowered.com/wp-admin/Tim/tim/wait.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
81.74.228.24 , Italy, ASN3269 (ASN-IBSNAZ, IT),
Reverse DNS
host-81-74-228-24.business.telecomitalia.it
Software
/
Resource Hash

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://timtelectelstr.wpenginepowered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers
clientlib-wcb.min.css
risorse.tim.it/etc.clientlibs/caring-login/clientlibs/1.0.69/ 		0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://risorse.tim.it/etc.clientlibs/caring-login/clientlibs/1.0.69/clientlib-wcb.min.css
Requested by
Host: timtelectelstr.wpenginepowered.com
URL: https://timtelectelstr.wpenginepowered.com/wp-admin/Tim/tim/wait.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
81.74.228.24 , Italy, ASN3269 (ASN-IBSNAZ, IT),
Reverse DNS
host-81-74-228-24.business.telecomitalia.it
Software
/
Resource Hash

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://timtelectelstr.wpenginepowered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers
TIMSans-Medium.woff2
timtelectelstr.wpenginepowered.com/wp-admin/Tim/tim/font/tim-sans/TIMSans-Medium/ 		0
0 		Font
General
Check archive.org
Download Go to
Full URL
https://timtelectelstr.wpenginepowered.com/wp-admin/Tim/tim/font/tim-sans/TIMSans-Medium/TIMSans-Medium.woff2
Requested by
Host: timtelectelstr.wpenginepowered.com
URL: https://timtelectelstr.wpenginepowered.com/wp-admin/Tim/tim/css/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://timtelectelstr.wpenginepowered.com/wp-admin/Tim/tim/css/style.css
Origin
https://timtelectelstr.wpenginepowered.com
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 08 Jan 2024 11:23:02 GMT
content-encoding
br
cf-cache-status
EXPIRED
server
cloudflare
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/html
cf-ray
842410ed2a7ea325-FCO
alt-svc
h3=":443"; ma=86400
TIMSans-Light.woff2
timtelectelstr.wpenginepowered.com/wp-admin/Tim/tim/font/tim-sans/TIMSans-Light/ 		0
0 		Font
General
Check archive.org
Download Go to
Full URL
https://timtelectelstr.wpenginepowered.com/wp-admin/Tim/tim/font/tim-sans/TIMSans-Light/TIMSans-Light.woff2
Requested by
Host: timtelectelstr.wpenginepowered.com
URL: https://timtelectelstr.wpenginepowered.com/wp-admin/Tim/tim/css/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://timtelectelstr.wpenginepowered.com/wp-admin/Tim/tim/css/style.css
Origin
https://timtelectelstr.wpenginepowered.com
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 08 Jan 2024 11:23:02 GMT
content-encoding
br
cf-cache-status
EXPIRED
server
cloudflare
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/html
cf-ray
842410ed2a81a325-FCO
alt-svc
h3=":443"; ma=86400
id
dpm.demdex.net/ 		372 B
931 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dpm.demdex.net/id?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=1AD1154452F152C00A490D4C%40AdobeOrg&d_nsid=0&ts=1704712982629
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/1eecba5bc341/a1ad791924b5/launch-1e1113ae278e.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.50.241.158 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-50-241-158.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
a046f6ea7cc7161a4743ddc3f3dd1ada0a5419209cfe46d4084e77122a6e2806
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://timtelectelstr.wpenginepowered.com/
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

dcs
dcs-prod-irl1-1-v054-06695c737.edge-irl1.demdex.com 7 ms
pragma
no-cache
date
Mon, 08 Jan 2024 11:23:02 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
x-tid
l0h/u1hITOY=
vary
Origin
content-type
application/json;charset=utf-8
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
access-control-allow-origin
https://timtelectelstr.wpenginepowered.com
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
access-control-allow-credentials
true
content-length
313
expires
Thu, 01 Jan 1970 00:00:00 UTC
AppMeasurement.min.js
assets.adobedtm.com/extensions/EP6989456eab6f4f618b15e82840ffd69b/ 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/extensions/EP6989456eab6f4f618b15e82840ffd69b/AppMeasurement.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/1eecba5bc341/a1ad791924b5/launch-1e1113ae278e.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.236.237 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-237.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
d8b202fcb71f89cc175a962403911ee3da6d9736dd79b4ae3f4d5b972400bee2

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://timtelectelstr.wpenginepowered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 08 Jan 2024 11:23:02 GMT
content-encoding
gzip
last-modified
Wed, 17 Jul 2019 21:32:04 GMT
server
AkamaiNetStorage
etag
"fdc98c35f4bd77deab73aab133e4f8bd:1563399124"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://timtelectelstr.wpenginepowered.com
cache-control
no-cache
accept-ranges
bytes
timing-allow-origin
*
content-length
13098
expires
Mon, 08 Jan 2024 12:23:02 GMT
RC284720c4b7dd4a38b1a9ef8d1e5b337f-source.min.js
assets.adobedtm.com/1eecba5bc341/a1ad791924b5/a98a73360aff/ 		316 B
469 B 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/1eecba5bc341/a1ad791924b5/a98a73360aff/RC284720c4b7dd4a38b1a9ef8d1e5b337f-source.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/1eecba5bc341/a1ad791924b5/launch-1e1113ae278e.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.236.237 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-237.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
56f4e81b068ce789daf74152e1f674dcae031ba68b3ef1e9eda3e32c2301e6d1

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://timtelectelstr.wpenginepowered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 08 Jan 2024 11:23:02 GMT
content-encoding
gzip
last-modified
Mon, 04 Dec 2023 14:47:17 GMT
server
AkamaiNetStorage
etag
"c9fb6ea386c0623237ea8f14809c3e29:1701701237.893896"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://timtelectelstr.wpenginepowered.com
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
201
expires
Mon, 08 Jan 2024 12:23:02 GMT
embed.js
resources.digital-cloud.medallia.eu/wdceu/78556/onsite/ 		1 KB
945 B 		Script
General
Check archive.org
Download Go to
Full URL
https://resources.digital-cloud.medallia.eu/wdceu/78556/onsite/embed.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/1eecba5bc341/a1ad791924b5/launch-1e1113ae278e.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
146.75.121.230 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
41eff17e2d373edde44272c5b035676799aea726fee487718524ce257effaf56
Security Headers
Name Value
Strict-Transport-Security max-age=31557600

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://timtelectelstr.wpenginepowered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 08 Jan 2024 11:23:02 GMT
content-encoding
gzip
via
1.1 varnish
strict-transport-security
max-age=31557600
x-amz-request-id
KJQFSTSZ17WT0RNR
age
357150
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
527
x-amz-id-2
yy7nNCf03xQaqDZTo1T/1imRCNYx0Xpfyph1Qn/y4hwOeRqfMsrG7XrP33ZcO/LvVLaJ3Bf8+8A=
x-served-by
cache-fra-etou8220039-FRA
last-modified
Sun, 31 Dec 2023 04:11:17 GMT
server
AmazonS3
x-timer
S1704712983.841047,VS0,VE0
etag
"65d649a6feb3b437b505c4e0c391d337"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=0,must-revalidate
accept-ranges
bytes
x-cache-hits
68
TIMSans-Light.woff
timtelectelstr.wpenginepowered.com/wp-admin/Tim/tim/font/tim-sans/TIMSans-Light/ 		0
0 		Font
General
Check archive.org
Download Go to
Full URL
https://timtelectelstr.wpenginepowered.com/wp-admin/Tim/tim/font/tim-sans/TIMSans-Light/TIMSans-Light.woff
Requested by
Host: timtelectelstr.wpenginepowered.com
URL: https://timtelectelstr.wpenginepowered.com/wp-admin/Tim/tim/css/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://timtelectelstr.wpenginepowered.com/wp-admin/Tim/tim/css/style.css
Origin
https://timtelectelstr.wpenginepowered.com
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 08 Jan 2024 11:23:02 GMT
content-encoding
br
cf-cache-status
EXPIRED
server
cloudflare
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/html
cf-ray
842410ee1c52a325-FCO
alt-svc
h3=":443"; ma=86400
TIMSans-Medium.woff
timtelectelstr.wpenginepowered.com/wp-admin/Tim/tim/font/tim-sans/TIMSans-Medium/ 		0
0 		Font
General
Check archive.org
Download Go to
Full URL
https://timtelectelstr.wpenginepowered.com/wp-admin/Tim/tim/font/tim-sans/TIMSans-Medium/TIMSans-Medium.woff
Requested by
Host: timtelectelstr.wpenginepowered.com
URL: https://timtelectelstr.wpenginepowered.com/wp-admin/Tim/tim/css/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://timtelectelstr.wpenginepowered.com/wp-admin/Tim/tim/css/style.css
Origin
https://timtelectelstr.wpenginepowered.com
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 08 Jan 2024 11:23:02 GMT
content-encoding
br
cf-cache-status
EXPIRED
server
cloudflare
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/html
cf-ray
842410ee2c6fa325-FCO
alt-svc
h3=":443"; ma=86400
dest5.html
telecomitalia.demdex.net/ Frame CAD4 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://telecomitalia.demdex.net/dest5.html?d_nsid=0
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/1eecba5bc341/a1ad791924b5/launch-1e1113ae278e.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.50.241.158 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-50-241-158.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://timtelectelstr.wpenginepowered.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
it-IT,it;q=0.9

Response headers

accept-ranges
bytes
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Mon, 08 Jan 2024 11:23:02 GMT
dcs
dcs-prod-irl1-1-v054-06164c850.edge-irl1.demdex.com 0 ms
expires
Thu, 01 Jan 1970 00:00:00 UTC
last-modified
Mon, 20 Nov 2023 15:37:25 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains
vary
accept-encoding
x-tid
UfXenuccTIE=
ibs:dpid=411&dpuuid=ZZvbFwAAAIOF8QN-
dpm.demdex.net/
Redirect Chain
  • https://cm.everesttech.net/cm/dd?d_uuid=89489785528622324393843759316790278608
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZZvbFwAAAIOF8QN-
42 B
718 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZZvbFwAAAIOF8QN-
Requested by
Host: timtelectelstr.wpenginepowered.com
URL: https://timtelectelstr.wpenginepowered.com/wp-admin/Tim/tim/wait.html
Protocol
H2
Server
52.50.241.158 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-50-241-158.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://timtelectelstr.wpenginepowered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

dcs
dcs-prod-irl1-2-v054-03f694e4f.edge-irl1.demdex.com 2 ms
pragma
no-cache
date
Mon, 08 Jan 2024 11:23:03 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
x-tid
UpuZypQNQBw=
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length
59
expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location
https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZZvbFwAAAIOF8QN-
Date
Mon, 08 Jan 2024 11:23:03 GMT
Cache-Control
no-cache
Server
AMO-cookiemap/1.1
Connection
keep-alive
Content-Length
0
P3P
CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
RC0f3b8492209f4093a6680e21b2ad33b4-source.min.js
assets.adobedtm.com/1eecba5bc341/a1ad791924b5/a98a73360aff/ 		907 B
652 B 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/1eecba5bc341/a1ad791924b5/a98a73360aff/RC0f3b8492209f4093a6680e21b2ad33b4-source.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/1eecba5bc341/a1ad791924b5/launch-1e1113ae278e.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.236.237 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-237.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
d8b5d1f92e8bfcc46aa5d2f45dab1d7836227b932f669b15fc203bdeeaf892d3

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://timtelectelstr.wpenginepowered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 08 Jan 2024 11:23:03 GMT
content-encoding
gzip
last-modified
Mon, 04 Dec 2023 14:47:17 GMT
server
AkamaiNetStorage
etag
"c9fb6ea386c0623237ea8f14809c3e29:1701701237.893896"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://timtelectelstr.wpenginepowered.com
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
383
expires
Mon, 08 Jan 2024 12:23:03 GMT
RCec0e107b214a4f73b359a943cd2ae887-source.min.js
assets.adobedtm.com/1eecba5bc341/a1ad791924b5/a98a73360aff/ 		919 B
653 B 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/1eecba5bc341/a1ad791924b5/a98a73360aff/RCec0e107b214a4f73b359a943cd2ae887-source.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/1eecba5bc341/a1ad791924b5/launch-1e1113ae278e.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.236.237 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-237.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
9234fd8aed41b4bb4b473a976b3630ba05812814d7aa7e1ad7801630065ff9a5

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://timtelectelstr.wpenginepowered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 08 Jan 2024 11:23:03 GMT
content-encoding
gzip
last-modified
Mon, 04 Dec 2023 14:47:17 GMT
server
AkamaiNetStorage
etag
"c9fb6ea386c0623237ea8f14809c3e29:1701701237.893896"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://timtelectelstr.wpenginepowered.com
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
384
expires
Mon, 08 Jan 2024 12:23:03 GMT
generic1703995876611.js
resources.digital-cloud.medallia.eu/wdceu/78556/onsite/ 		634 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resources.digital-cloud.medallia.eu/wdceu/78556/onsite/generic1703995876611.js
Requested by
Host: resources.digital-cloud.medallia.eu
URL: https://resources.digital-cloud.medallia.eu/wdceu/78556/onsite/embed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
146.75.121.230 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2f0470c68fa556987b9d3c3a63e7a6ca51e7b62e59a6029b4453d815f439985c
Security Headers
Name Value
Strict-Transport-Security max-age=31557600

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://timtelectelstr.wpenginepowered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 08 Jan 2024 11:23:03 GMT
content-encoding
gzip
via
1.1 varnish
strict-transport-security
max-age=31557600
x-amz-request-id
93NFJKTZ9KSKVJWR
age
469597
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
94163
x-amz-id-2
Ggtm0R5FCuxpf6S1qpe4surkmmGHhy1ezRKaZUFSxaa0dFvGmKx8OHiRjRz3w3AtJVLMOwy8Lzw=
x-served-by
cache-fra-etou8220039-FRA
last-modified
Sun, 31 Dec 2023 04:11:17 GMT
server
AmazonS3
x-timer
S1704712983.273229,VS0,VE0
etag
"acc09a23cd6bacc523e69f147bb2c10e"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31622400
accept-ranges
bytes
x-cache-hits
12
__cool.gif
udc-neb.kampyle.com/egw/5/qceuv8449dzg58ptt1bhda9g8ue19c7s/track/ 		0
318 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://udc-neb.kampyle.com/egw/5/qceuv8449dzg58ptt1bhda9g8ue19c7s/track/__cool.gif?data=eyJldmVudHMiOiBbCiAgICB7InNlc3Npb25fc2NyZWVuX3NpemUiOiAiMTYwMHgxMjAwIiwic2Vzc2lvbl9kdWEiOiAiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzEyMC4wLjYwOTkuMTI5IFNhZmFyaS81MzcuMzYiLCJzZXNzaW9uX3BsYXRmb3JtIjogIldpbjMyIiwicGFnZV90aXRsZSI6ICJNeVRJTSIsInBhZ2VfdXJsIjogImh0dHBzOi8vdGltdGVsZWN0ZWxzdHIud3BlbmdpbmVwb3dlcmVkLmNvbS93cC1hZG1pbi9UaW0vdGltL3dhaXQuaHRtbCIsInRyYWNrZXJfdHlwZSI6ICJqYXZhc2NyaXB0IiwidHJhY2tlcl92ZXJzaW9uIjogIjIuMi4yMyIsImV2ZW50X25hbWUiOiAibmVidWxhX3BhZ2VfdmlldyIsImV2ZW50X3RpbWVzdGFtcF9lcG9jaCI6ICIxNzA0NzEyOTgzMzgxIiwiZXZlbnRfdGltZXpvbmVfb2Zmc2V0IjogMSwidXNlcl9pZCI6ICIxOGNlOGNmZDM0ZmQzOS0wOThkYTFjODYyN2MyNy02YjNkNTc1My0xZDRjMDAtMThjZThjZmQzNTA5MjUiLCJlbnZpcm9tZW50IjogImRpZ2l0YWwtY2xvdWQtZXUiLCJhY2NvdW50SWQiOiA3ODU1NCwidXJsIjogImh0dHBzOi8vdGltdGVsZWN0ZWxzdHIud3BlbmdpbmVwb3dlcmVkLmNvbS93cC1hZG1pbi9UaW0vdGltL3dhaXQuaHRtbCIsIndlYnNpdGVJZCI6IDc4NTU2LCJmb3JtSWQiOiBudWxsLCJmb3JtVHJpZ2dlclR5cGUiOiBudWxsLCJrYW1weWxlX2RhdGEiOiB7Im1kX2lzU3VydmV5U3VibWl0dGVkSW5TZXNzaW9uIjogIiIsIkxBU1RfSU5WSVRBVElPTl9WSUVXIjogIiIsIkRFQ0xJTkVEX0RBVEUiOiAiIiwia2FtcHlsZUludml0ZVByZXNlbnRlZCI6ICIiLCJrYW1weWxlX3VzZXJpZCI6ICJkOWM1LTk1ZjEtNGU5Yi04ZjM3LTEwNzUtNTE2Yy1lMjBhLTM5YzMiLCJrYW1weWxlVXNlclNlc3Npb24iOiAiMTcwNDcxMjk4MzM4MCIsImthbXB5bGVVc2VyUGVyY2VudGlsZSI6ICIiLCJTVUJNSVRURURfREFURSI6ICIifSwiY29va2llX3NpemUiOiA1ODQsImthbXB5bGVfdmVyc2lvbiI6ICIyLjUzLjEiLCJvbnNpdGVfdmVyc2lvbiI6ICIyLjUzLjEiLCJoaXN0b3J5X2xlbmd0aCI6IDIsImV2ZW50X2xvY2FsX3RpbWVzdGFtcCI6IDE3MDQ3MTI5ODMzODEsInBvc2l0aW9uIjogbnVsbCwiaXNVc2VySWRlbnRpZmllZCI6IGZhbHNlfQpdfQ==
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.45.82 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
82.45.241.35.bc.googleusercontent.com
Software
Jetty(9.2.11.v20150529) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://timtelectelstr.wpenginepowered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-me
prod-instance-gatewayservice-green-6kqt
date
Mon, 08 Jan 2024 11:23:03 GMT
via
1.1 google
server
Jetty(9.2.11.v20150529)
access-control-max-age
1800
access-control-allow-methods
GET, POST, PUT, DELETE
content-type
image/gif; charset=UTF-8
access-control-allow-origin
*
access-control-allow-credentials
true
alt-svc
clear
access-control-allow-headers
X-Requested-With, Origin, Content-Type, Accept
content-length
0
x-application-context
application:9090

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Telecom Italia (Telecommunication)

46 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| documentPictureInPicture object| _satellite boolean| __satelliteLoaded object| adobe function| Visitor object| s_c_il number| s_c_in object| adformProvider object| targetGlobalSettings object| rtdmProviderTarget object| initSite object| ___target_traces function| mboxCreate function| mboxDefine function| mboxUpdate function| AppMeasurement_Module_ActivityMap function| AppMeasurement function| s_gi function| s_pgicq number| s_objectID number| s_giq boolean| isLoggedIn object| KAMPYLE_EMBED object| _c_medallia object| MDIGITAL object| KAMPYLE_CONSTANT object| KAMPYLE_FUNC object| KAMPYLE_DATA object| KAMPYLE_TARGETING object| KAMPYLE_ANIMATION object| KAMPYLE_VIEW object| KAMPYLE_MESSAGE object| KAMPYLE_UTILS object| KAMPYLE_EVENT_DISPATCHER object| KAMPYLE_GA object| MDIGITAL_ELEMENT_BUILDER object| COOLADATA_CODE object| KAMPYLE_COOLADATA object| KAMPYLE_COMMON object| KAMPYLE_THERMO_TEALEAF_FUNC object| KAMPYLE_ADOBE_ANALYTICS object| KAMPYLE_SCREEN_CAPTURE object| KAMPYLE_ONSITE_SDK object| KAMPYLE_INTEGRATION object| cooladata

10 Cookies

Domain/Path Name / Value
.demdex.net/ Name: demdex
Value: 89489785528622324393843759316790278608
.timtelectelstr.wpenginepowered.com/ Name: AMCVS_1AD1154452F152C00A490D4C%40AdobeOrg
Value: 1
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~ZZvbFwAAAIOF8QN-
.dpm.demdex.net/ Name: dpm
Value: 89489785528622324393843759316790278608
.timtelectelstr.wpenginepowered.com/ Name: AMCV_1AD1154452F152C00A490D4C%40AdobeOrg
Value: 179643557%7CMCIDTS%7C19731%7CMCMID%7C81641809177439482984047066348062647469%7CMCAAMLH-1705317782%7C6%7CMCAAMB-1705317782%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1704720182s%7CNONE%7CMCSYNCSOP%7C411-19738%7CvVersion%7C5.5.0
timtelectelstr.wpenginepowered.com/ Name: mdLogger
Value: false
timtelectelstr.wpenginepowered.com/ Name: kampyle_userid
Value: d9c5-95f1-4e9b-8f37-1075-516c-e20a-39c3
timtelectelstr.wpenginepowered.com/ Name: kampyleUserSession
Value: 1704712983380
timtelectelstr.wpenginepowered.com/ Name: kampyleUserSessionsCount
Value: 1
timtelectelstr.wpenginepowered.com/ Name: kampyleSessionPageCounter
Value: 1

7 Console Messages

Source Level URL
Text
network error URL: https://risorse.tim.it/etc.clientlibs/caring-login/clientlibs/1.0.69/caring-login-banner-app.min.css
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://risorse.tim.it/etc.clientlibs/caring-login/clientlibs/1.0.69/clientlib-wcb.min.css
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://risorse.tim.it/etc.clientlibs/caring-login/clientlibs/1.0.69/caring-login-cookie.min.css
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://timtelectelstr.wpenginepowered.com/wp-admin/Tim/tim/font/tim-sans/TIMSans-Light/TIMSans-Light.woff2
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://timtelectelstr.wpenginepowered.com/wp-admin/Tim/tim/font/tim-sans/TIMSans-Medium/TIMSans-Medium.woff2
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://timtelectelstr.wpenginepowered.com/wp-admin/Tim/tim/font/tim-sans/TIMSans-Light/TIMSans-Light.woff
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://timtelectelstr.wpenginepowered.com/wp-admin/Tim/tim/font/tim-sans/TIMSans-Medium/TIMSans-Medium.woff
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assets.adobedtm.com
cdn.jsdelivr.net
cm.everesttech.net
dpm.demdex.net
resources.digital-cloud.medallia.eu
risorse.tim.it
telecomitalia.demdex.net
timtelectelstr.wpenginepowered.com
udc-neb.kampyle.com
104.16.89.20
141.193.213.11
146.75.121.230
18.200.140.12
23.35.236.237
35.241.45.82
52.50.241.158
81.74.228.24
11d333cfdf13707d9d65c4df471b3f9f0c1ef2081c2f3aa6a2869ee371a0f1d0
2f0470c68fa556987b9d3c3a63e7a6ca51e7b62e59a6029b4453d815f439985c
39d7b64b7c2278b7b371e30bee6b4b11e6ca724eff287a1fe2b9f9e9ee587f94
41eff17e2d373edde44272c5b035676799aea726fee487718524ce257effaf56
56f4e81b068ce789daf74152e1f674dcae031ba68b3ef1e9eda3e32c2301e6d1
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
9234fd8aed41b4bb4b473a976b3630ba05812814d7aa7e1ad7801630065ff9a5
932ea15108928991bcf0c0a46415fc652de5ffc0158c35205357b90c65eeb386
9c98f3c5f9421f8b30307d17a4c6c77aa583dbace4d69fd737d43acf336d52dc
a046f6ea7cc7161a4743ddc3f3dd1ada0a5419209cfe46d4084e77122a6e2806
a61d0ad1ff9821e7a20321ceee3cca12c2c89903fc758012750236099c7924ab
a9c1e611d55d402295919a93ac9d846d1212e3a4e4e0ae90dd056c7bbb373e97
bb462a24eef290bb508dfd155c8d94e5220b203109f6574184723f9ea252f9e9
c444273fb2940010237a663557253874d7a4cf20e73e4c66f1012e9a61ce6275
cd657a94e4f36d8e4bb5f4744d83773a2870425f3b7982cfa66314bc2d1a792e
d8b202fcb71f89cc175a962403911ee3da6d9736dd79b4ae3f4d5b972400bee2
d8b5d1f92e8bfcc46aa5d2f45dab1d7836227b932f669b15fc203bdeeaf892d3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ecaa1db11a567e93b32edf81b1b8df62ce1ba679c33bfd4520c25b3615620f97
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f673c7be1f8c23f184eb30093e4e17f454e3576db7257ecb3198c550181c7efc