it-aggiornare.online Open in urlscan Pro
2a01:238:20a:202:1157:: Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://it-aggiornare.online/
Effective URL:
http://it-aggiornare.online/emark.php?secret_key=lh9i1mrkscpun20yvb587x4zjfowag
Submission: On March 15 via automatic, source twitter_illegalFawn (March 15th 2021, 2:31:38 pm UTC)

Summary HTTP 68 Redirects Links 10 Behaviour Indicators

Summary

This website contacted 25 IPs in 4 countries across 15 domains to perform 68 HTTP transactions. The main IP is 2a01:238:20a:202:1157::, located in Germany and belongs to STRATO STRATO AG, DE. The main domain is it-aggiornare.online.

This is the only time it-aggiornare.online was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Libero (Online)

Domain & IP information

	IP Address	AS Autonomous System
1 2	2a01:238:20a:... 2a01:238:20a:202:1157::	6724 (STRATO ST...) (STRATO STRATO AG)
12	13.226.159.37 13.226.159.37	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:801::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
1	51.89.9.254 51.89.9.254	16276 (OVH) (OVH)
1	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
3	2600:9000:218... 2600:9000:2182:9200:2:42d9:3100:93a1	16509 (AMAZON-02) (AMAZON-02)
1 4	52.214.158.139 52.214.158.139	16509 (AMAZON-02) (AMAZON-02)
1	185.54.150.20 185.54.150.20	60164 (WEBTREKK-AS) (WEBTREKK-AS)
1 2	104.108.64.33 104.108.64.33	16625 (AKAMAI-AS) (AKAMAI-AS)
6	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
1	2600:9000:218... 2600:9000:2182:8a00:1d:667e:2a40:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2001	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
1 4	52.19.211.247 52.19.211.247	16509 (AMAZON-02) (AMAZON-02)
1 2	216.58.212.166 216.58.212.166	15169 (GOOGLE) (GOOGLE)
1 2	34.253.109.165 34.253.109.165	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
5	54.154.69.174 54.154.69.174	16509 (AMAZON-02) (AMAZON-02)
12	34.206.100.214 34.206.100.214	14618 (AMAZON-AES) (AMAZON-AES)
1	52.210.253.186 52.210.253.186	16509 (AMAZON-02) (AMAZON-02)
68	25

2 2a01:238:20a:202:1157:: (Germany) 1 redirects

ASN6724 (STRATO STRATO AG, DE)

it-aggiornare.online	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 13.226.159.37 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-159-37.dus51.r.cloudfront.net

i.plug.it	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.89.9.254 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip254.ip-51-89-9.eu

onetag.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:2182:9200:2:42d9:3100:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn-gl.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.214.158.139 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-214-158-139.eu-west-1.compute.amazonaws.com

secure-it.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.54.150.20 (Germany)

ASN60164 (WEBTREKK-AS, DE)

italiaonline01.wt-eu02.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.108.64.33 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-108-64-33.deploy.static.akamaitechnologies.com

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2182:8a00:1d:667e:2a40:93a1 (United States)

ASN16509 (AMAZON-02, US)

nr1cqpzioaq2ik1500b9ymfrdcoqv1615818680.nuid.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

b3b86867db61b5090f26e8265180658c.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.19.211.247 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

pixel.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.58.212.166 (Mountain View, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.253.109.165 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 54.154.69.174 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 34.206.100.214 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

dt.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.210.253.186 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

ad.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
21	adsafeprotected.com 1 redirects pixel.adsafeprotected.com static.adsafeprotected.com dt.adsafeprotected.com	188 KB
12	plug.it i.plug.it	33 KB
9	googlesyndication.com b3b86867db61b5090f26e8265180658c.safeframe.googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com	313 KB
8	imrworldwide.com 1 redirects cdn-gl.imrworldwide.com secure-it.imrworldwide.com nr1cqpzioaq2ik1500b9ymfrdcoqv1615818680.nuid.imrworldwide.com	64 KB
6	doubleclick.net 1 redirects securepubads.g.doubleclick.net ad.doubleclick.net	107 KB
3	crwdcntrl.net 1 redirects bcp.crwdcntrl.net ad.crwdcntrl.net	1 KB
3	googletagservices.com www.googletagservices.com	81 KB
2	scorecardresearch.com 1 redirects sb.scorecardresearch.com	1 KB
2	gstatic.com fonts.gstatic.com	31 KB
2	googleapis.com ajax.googleapis.com fonts.googleapis.com	31 KB
2	it-aggiornare.online 1 redirects it-aggiornare.online	22 KB
1	google.com adservice.google.com	553 B
1	google.de adservice.google.de	799 B
1	wt-eu02.net italiaonline01.wt-eu02.net	833 B
1	consensu.org onetag.mgr.consensu.org
68	15

	Domain	Requested by
12	dt.adsafeprotected.com
12	i.plug.it	it-aggiornare.online i.plug.it
5	static.adsafeprotected.com	pixel.adsafeprotected.com it-aggiornare.online
4	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
4	pixel.adsafeprotected.com	1 redirects it-aggiornare.online
4	tpc.googlesyndication.com	securepubads.g.doubleclick.net it-aggiornare.online tpc.googlesyndication.com
4	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net it-aggiornare.online
4	secure-it.imrworldwide.com	1 redirects it-aggiornare.online
3	cdn-gl.imrworldwide.com	it-aggiornare.online cdn-gl.imrworldwide.com
3	www.googletagservices.com	i.plug.it securepubads.g.doubleclick.net
2	bcp.crwdcntrl.net	1 redirects it-aggiornare.online
2	ad.doubleclick.net	1 redirects it-aggiornare.online
2	sb.scorecardresearch.com	1 redirects it-aggiornare.online
2	fonts.gstatic.com	fonts.googleapis.com
2	it-aggiornare.online	1 redirects
1	ad.crwdcntrl.net	i.plug.it
1	b3b86867db61b5090f26e8265180658c.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	nr1cqpzioaq2ik1500b9ymfrdcoqv1615818680.nuid.imrworldwide.com	it-aggiornare.online
1	italiaonline01.wt-eu02.net	it-aggiornare.online
1	onetag.mgr.consensu.org	i.plug.it
1	fonts.googleapis.com	i.plug.it
1	ajax.googleapis.com	it-aggiornare.online
68	24

This site contains links to these domains. Also see Links.

Domain
adclick.g.doubleclick.net
www.libero.it
aiuto.libero.it
registrazione.libero.it
siviaggia.it
www.italiaonline.it
info.libero.it
privacy.italiaonline.it
easy.libero.it

Subject Issuer	Validity	Valid
*.plug.it Sectigo RSA Domain Validation Secure Server CA	`2020-12-15` - `2022-01-15`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
onetag-sys.com R3	`2021-02-10` - `2021-05-11`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
*.imrworldwide.com DigiCert TLS RSA SHA256 2020 CA1	`2021-01-28` - `2022-02-01`	a year	crt.sh
*.wt-eu02.net Sectigo RSA Domain Validation Secure Server CA	`2020-12-28` - `2022-01-28`	a year	crt.sh
sb.scorecardresearch.com DigiCert Secure Site ECC CA-1	`2020-07-17` - `2021-06-02`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
*.nuid.imrworldwide.com Amazon	`2020-06-26` - `2021-07-26`	a year	crt.sh
*.google.de GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
*.google.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
fw.adsafeprotected.com Amazon	`2020-09-09` - `2021-10-09`	a year	crt.sh
*.doubleclick.net GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
*.crwdcntrl.net Go Daddy Secure Certificate Authority - G2	`2019-06-13` - `2021-06-28`	2 years	crt.sh
static.adsafeprotected.com Amazon	`2021-01-06` - `2022-02-04`	a year	crt.sh
dt.adsafeprotected.com Amazon	`2020-05-20` - `2021-06-20`	a year	crt.sh

This page contains 8 frames:

Primary Page: http://it-aggiornare.online/emark.php?secret_key=lh9i1mrkscpun20yvb587x4zjfowag
Frame ID: 58FA1C1E8EBB1C412778781E4E7A5ED5
Requests: 53 HTTP requests in this frame

Frame: http://i.plug.it/iplug/js/lib/iol/analytics/ads/adv/_ads.js?_t=1615818680465
Frame ID: 4B16B9586DD03E2B164E5725567A32E9
Requests: 1 HTTP requests in this frame

Frame: http://cdn-gl.imrworldwide.com/novms/html/ls.html
Frame ID: 163FEA5ABF9B1E620FA1FD3115F32478
Requests: 3 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvP7erniwE68FyHzlWk0CwolOcA9Qvnrh6M2lmL76AxSa3dyDYPYAoATVvJFsOKnp3JERSOLsFLreVL3FW_YuMjSixyzzpHlU7Z7jC9_HLH4-5w-mlLybfTO_7HdlV7sXMVVDpEoP4wyVqDzlCP9AdNh9eNcM8gbNqfxmID3fWdqe-JQDz6EPpXki46jtSY0ThZur9fWtfKH0XEKF_JTP6P8tfHxYav4efuJ-2GFdIpUpM5-qhKkuQ1wWKl0QyemsXKwHIQOdzztGR4Vaj7nSAWoYfR3EQhxYC5-pbyptrDIB878gyRb0P3_AKPYrNvYSo-sMvmehX3Nv3oQBOJ19KeBPzJ&sai=AMfl-YTiEkD_DsKX1K5yq1yjDWtJfQX5eG94y8LuPO_ZYFvIL-mT8XNnjKR6hljyjc8jMiZXRRLgHAHlWhjAbDVy5za5bmU9aDlNgxjyJ2-qCkesKMfspuKMsBVUZ3NOtrnc&sig=Cg0ArKJSzEjjPIFFqxOsEAE&urlfix=1&adurl=
Frame ID: E6C2B9732A8FFAB0E465EE06E87A8C29
Requests: 6 HTTP requests in this frame

Frame: http://pixel.adsafeprotected.com/jload?anId=926174&campId=1540x1024&pubId=19942847&chanId=21721897975&placementId=5637328012&pubCreative=138339485436&pubOrder=2828105473&cb=222202221&impId=&ias_adpath=%23adv_click
Frame ID: 3714F09C1B307ABC29B9D517BADDF3B7
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Frame ID: 11C7625455028D5F1A025C349DC84E30
Requests: 2 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.1.js
Frame ID: 7CE5E56844A46B329ACAF6420B97D650
Requests: 1 HTTP requests in this frame

Frame: http://static.adsafeprotected.com/sca.17.5.1.js
Frame ID: 8BAC564D80E0D0F50E1A9A6862A98DB1
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://it-aggiornare.online/ HTTP 302
http://it-aggiornare.online/emark.php?secret_key=lh9i1mrkscpun20yvb587x4zjfowag Page URL

Detected technologies

UNIX (Operating Systems) Expand

Overall confidence: 100%
Detected patterns

headers server /Unix/i

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Page Statistics

68
Requests

75 %
HTTPS

50 %
IPv6

15
Domains

24
Subdomains

25
IPs

4
Countries

873 kB
Transfer

1965 kB
Size

1
Cookies

10 Outgoing links

These are links going to different origins than the main page.

URL: https://adclick.g.doubleclick.net/pcs/click?xai=AKAOjsu4XpgcGFs6lvu70lDUzWBoXaSSmXE1SAtEFFsE8BXnSlLh2gED-WGr5WU_4ZohOqaC3RjH5o4jwXE766HpBibF1kpmQQLpjcB6pqj9dmoxyZ-cnbeA_EGqkR8gyPsvqTDBoE6F4zfB3Gac89qfgfbmkZ9iDA2kjSLNaFRCCxEKDBzAMMU7JEoVcG0UhpfU8RCKU1oPHAuw2ZKirNPZb_jChYgJ6-jQCrIVojeosy-TBIjS64u6ypmYYmdFz6C15pwmERJidvSvOb1NPdy-Ixhxmss5lizcHmEfhoJPz795qZr2jXdoM4ZoP0rIt4ZOqQ&sai=AMfl-YSIEmcqncEt02Os5ugqDNc-gfw4NoWPvVazaQ9NwmlBNSwGVX1rDW-asIUVppKSi70JXssDmmITkBcPJOdjZf1dqJP_s4vPz_w4ofI0ALW-06XzrN0zNnznxOd2QHVU&sig=Cg0ArKJSzOZQVpubU6xuEAE&urlfix=1&adurl=https://ad.doubleclick.net/ddm/trackclk/N7861.4024273ITALIAONLINE_IT_IPG/B25387695.295541511%3Bdc_trk_aid%3D488829525%3Bdc_trk_cid%3D145855082%3Bdc_lat%3D%3Bdc_rdid%3D%3Btag_for_child_directed_treatment%3D%3Btfua%3D%3Bgdpr%3D%3Bgdpr_consent%3D

Search URL Search Domain Scan URL

URL: http://www.libero.it/

Search URL Search Domain Scan URL

URL: https://aiuto.libero.it/
Title: AIUTO

Search URL Search Domain Scan URL

URL: https://registrazione.libero.it/join.phtml?service_id=webmail&redirect_uri=https%3A%2F%2Fmail1.libero.it%2Fappsuite%2Fapi%2Flogin%3Faction%3DliberoLogin&ref=lg
Title: CREA ACCOUNT

Search URL Search Domain Scan URL

URL: https://siviaggia.it/

Search URL Search Domain Scan URL

URL: https://www.italiaonline.it/chi-siamo/
Title: Chi siamo

Search URL Search Domain Scan URL

URL: https://info.libero.it/note-legali/
Title: Note legali

Search URL Search Domain Scan URL

URL: https://privacy.italiaonline.it/privacy_libero.html
Title: Privacy

Search URL Search Domain Scan URL

URL: https://privacy.italiaonline.it/common/cookie/privacy_detail.php?ref=libero
Title: Cookie Policy

Search URL Search Domain Scan URL

URL: http://easy.libero.it/
Title: Libero Easy

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://it-aggiornare.online/ HTTP 302
http://it-aggiornare.online/emark.php?secret_key=lh9i1mrkscpun20yvb587x4zjfowag Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 17

http://secure-it.imrworldwide.com/cgi-bin/m?ci=libero-it&cg=0&si=http://login.libero.it/&seq=1615818680438 HTTP 301
https://secure-it.imrworldwide.com/cgi-bin/m?ci=libero-it&cg=0&si=http://login.libero.it/&seq=1615818680438

Request Chain 19

https://sb.scorecardresearch.com/b?c1=2&c2=33012141&ns__t=1615818680460&ns_c=UTF-8&c7=http%3A%2F%2Fit-aggiornare.online%2Femark.php%3Fsecret_key%3Dlh9i1mrkscpun20yvb587x4zjfowag&c8=Libero%20Mail%20-%20login HTTP 302
https://sb.scorecardresearch.com/b2?c1=2&c2=33012141&ns__t=1615818680460&ns_c=UTF-8&c7=http%3A%2F%2Fit-aggiornare.online%2Femark.php%3Fsecret_key%3Dlh9i1mrkscpun20yvb587x4zjfowag&c8=Libero%20Mail%20-%20login&cs_ak_ss=1

Request Chain 35

https://ad.doubleclick.net/ddm/trackimp/N7861.4024273ITALIAONLINE_IT_IPG/B25387695.295541511;dc_trk_aid=488829525;dc_trk_cid=145855082;ord=1196876838;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent= HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N7861.4024273ITALIAONLINE_IT_IPG/B25387695.295541511;dc_pre=CMH8_9PBsu8CFUDEuwgdbCAP7Q;dc_trk_aid=488829525;dc_trk_cid=145855082;ord=1196876838;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=

Request Chain 36

https://bcp.crwdcntrl.net/5/c=6199/b=22177866 HTTP 302
https://bcp.crwdcntrl.net/5/ct=y/c=6199/b=22177866

Request Chain 49

https://pixel.adsafeprotected.com/rfw/st/594309/52702208/skeleton.js?adsafe_url=http%3A%2F%2Fit-aggiornare.online%2Femark.php%3Fsecret_key%3Dlh9i1mrkscpun20yvb587x4zjfowag&adsafe_type=abdq&adsafe_url=http%3A%2F%2Fit-aggiornare.online%2F&adsafe_type=f&adsafe_jsinfo=,id:4614e4c0-3ea3-b1d8-2f57-7889b829a6ad,c:6WCQ5U,sl:inView,em:false,fr:true,mn:app09ie,pt:1-5-15,wc:0.0.1600.1200,ac:-10.-10.1600.1200,am:a,cc:-10.-10.1600.1200,piv:99,obst:0,th:0,reas:,br:u,abv:na,an:n,oam:0,nbld:0,fm:srJMw5f+1*.594309-52702208%7C11%7C12%7C131%7C14,idMap:1*,pl:,rmeas:1,rend:1,renddet:IMG.qs,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:1,cnod:1,intblk:1,gm:0,tt:rjss,thd:1,et:185,oid:1c844edf-859b-11eb-9e7d-0ae761671616,v:19.8.171,sp:1,st:0,fwm:1,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://static.adsafeprotected.com/skeleton.js

68 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request emark.php Show response
it-aggiornare.online/
Redirect Chain

http://it-aggiornare.online/
http://it-aggiornare.online/emark.php?secret_key=lh9i1mrkscpun20yvb587x4zjfowag

22 KB
22 KB

37ms
37ms

Document
text/html

2a01:238:20a:202:1157::
STRATO STRATO AG

General

Check archive.org

Show headers Download Go to

Full URL: http://it-aggiornare.online/emark.php?secret_key=lh9i1mrkscpun20yvb587x4zjfowag
Protocol: HTTP/1.1
Server: 2a01:238:20a:202:1157:: , Germany, ASN6724 (STRATO STRATO AG, DE),
Reverse DNS
Software: Apache/2.4.46 (Unix) / PHP/7.4.15
Resource Hash: f1f2e0e5d7b5b02f89ba769649c49b9589dcac727fa66f47a1517a469ec0e046

Request headers

Host: it-aggiornare.online
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Cookie: PHPSESSID=p4kv0fbtua91uvgv76mdcsjbne
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 15 Mar 2021 14:31:20 GMT
Server: Apache/2.4.46 (Unix)
X-Powered-By: PHP/7.4.15
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Vary: User-Agent
Content-Type: text/html
Keep-Alive: timeout=3, max=99
Connection: Keep-Alive
Transfer-Encoding: chunked

Redirect headers

Date: Mon, 15 Mar 2021 14:31:20 GMT
Server: Apache/2.4.46 (Unix)
X-Powered-By: PHP/7.4.15
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Vary: User-Agent
Location: emark.php?secret_key=lh9i1mrkscpun20yvb587x4zjfowag
Content-Type: text/html
Set-Cookie: PHPSESSID=p4kv0fbtua91uvgv76mdcsjbne; path=/
Keep-Alive: timeout=3, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked

GET
H2 200 style.css
i.plug.it/mail/login/2020/libero/css/ 25 KB
5 KB 122ms
47ms Stylesheet
text/css 13.226.159.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://i.plug.it/mail/login/2020/libero/css/style.css
Requested by: Host: it-aggiornare.online
URL: http://it-aggiornare.online/emark.php?secret_key=lh9i1mrkscpun20yvb587x4zjfowag
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.159.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-159-37.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: 0ba07e08d2ad0d4194d88c94c8392ae676dfef46671495ce15daf7b5cbc6d0fd

Request headers

Referer: http://it-aggiornare.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 14:31:02 GMT
via: 1.1 cfe78f21e6a560afb18f3b92eb4e9605.cloudfront.net (CloudFront)
server: nginx
age: 18
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
cache-control: public, max-age=86400
x-amz-cf-pop: DUS51-C1
content-encoding: br
x-amz-cf-id: cksQ3yw_acfy7_GGPf2OO1e1TnirdNa3PoGcWU4YKYOFbC9SdrYkXw==

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.4.1/ 86 KB
30 KB 9ms
6ms Script
text/javascript 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js

Requested by

Host: it-aggiornare.online
URL: http://it-aggiornare.online/emark.php?secret_key=lh9i1mrkscpun20yvb587x4zjfowag

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://it-aggiornare.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 08:01:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 23385
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30774
x-xss-protection: 0
last-modified: Mon, 13 May 2019 14:37:17 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 15 Mar 2022 08:01:35 GMT

GET
H2 200 placeholders.min.js Show response
i.plug.it/mail/login/2018/js/ 4 KB
2 KB 109ms
34ms Script
application/javascript 13.226.159.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://i.plug.it/mail/login/2018/js/placeholders.min.js
Requested by: Host: it-aggiornare.online
URL: http://it-aggiornare.online/emark.php?secret_key=lh9i1mrkscpun20yvb587x4zjfowag
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.159.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-159-37.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: bb631cb41d70ab6f8a07ab80b053676bca8589e7e1d835827f30e1bffbed91c5

Request headers

Referer: http://it-aggiornare.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 03:20:34 GMT
via: 1.1 cfe78f21e6a560afb18f3b92eb4e9605.cloudfront.net (CloudFront)
server: nginx
age: 40246
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=86400
x-amz-cf-pop: DUS51-C1
content-encoding: br
x-amz-cf-id: cmJve_PwlZ2uFi-GS9rnVFF_UTBk5Ucn1iGgtG4xn9Yzq3X3Yv1PLg==

GET
H2 200 policy_cookieCMP.js Show response
i.plug.it/common/tech_includes/lib/ 6 KB
2 KB 110ms
35ms Script
application/javascript 13.226.159.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://i.plug.it/common/tech_includes/lib/policy_cookieCMP.js
Requested by: Host: it-aggiornare.online
URL: http://it-aggiornare.online/emark.php?secret_key=lh9i1mrkscpun20yvb587x4zjfowag
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.159.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-159-37.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: 55137ab76eea957ac63037bfaf5fb94a5257f7624774b46ca8006cb941e81728

Request headers

Referer: http://it-aggiornare.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 05:02:52 GMT
via: 1.1 cfe78f21e6a560afb18f3b92eb4e9605.cloudfront.net (CloudFront)
server: nginx
age: 34108
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: private, must-revalidate, max-age=86400
x-amz-cf-pop: DUS51-C1
content-encoding: br
x-amz-cf-id: 1Wh6i3_HQlCfQOYdStirsQwnXy8uDHl3Xg2g6Sd-KvC-Vy9Qi258uA==

GET
H2 200 cmp.min.js Show response
i.plug.it/common/tech_includes/lib/ 1 KB
887 B 109ms
35ms Script
application/javascript 13.226.159.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://i.plug.it/common/tech_includes/lib/cmp.min.js
Requested by: Host: it-aggiornare.online
URL: http://it-aggiornare.online/emark.php?secret_key=lh9i1mrkscpun20yvb587x4zjfowag
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.159.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-159-37.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: 00be4a75e748a196d522a7353e1555308e1122ad1eda6218ce6092de72c5e340

Request headers

Referer: http://it-aggiornare.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 03:47:43 GMT
via: 1.1 cfe78f21e6a560afb18f3b92eb4e9605.cloudfront.net (CloudFront)
server: nginx
age: 38617
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: private, must-revalidate, max-age=86400
x-amz-cf-pop: DUS51-C1
content-encoding: br
x-amz-cf-id: UR7bCntnrf-sUC28BByjn_qWu8LDh48e4ESRdhfWotxZCVzh0X93Tw==

GET
H2 200 adv_library3_https.js Show response
i.plug.it/banners/js/ 22 KB
5 KB 113ms
39ms Script
application/javascript 13.226.159.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://i.plug.it/banners/js/adv_library3_https.js
Requested by: Host: it-aggiornare.online
URL: http://it-aggiornare.online/emark.php?secret_key=lh9i1mrkscpun20yvb587x4zjfowag
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.159.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-159-37.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: 3b5bc6d26c769e37f841843c2a43bf668edb5144fe3e0800c846eb2990690773

Request headers

Referer: http://it-aggiornare.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 14:27:52 GMT
content-encoding: br
server: nginx
age: 208
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 cfe78f21e6a560afb18f3b92eb4e9605.cloudfront.net (CloudFront)
cache-control: max-age=1200, public
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: mBrTKTQbWgqWrAgQibUnzB_UPOn5CyLV0kI3xdBLcYm8vIt6m-YgOQ==
expires: Mon, 15 Mar 2021 14:47:52 GMT

GET
H2 200 adv_lib_login_2step_v2.js Show response
i.plug.it/banners/js/ 8 KB
3 KB 121ms
47ms Script
application/javascript 13.226.159.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://i.plug.it/banners/js/adv_lib_login_2step_v2.js
Requested by: Host: it-aggiornare.online
URL: http://it-aggiornare.online/emark.php?secret_key=lh9i1mrkscpun20yvb587x4zjfowag
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.159.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-159-37.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: ce1fc118ce58922807cd6223f6412463c48eb744bda33883bc900deb51d4cf93

Request headers

Referer: http://it-aggiornare.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 14:30:35 GMT
content-encoding: br
server: nginx
age: 45
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 cfe78f21e6a560afb18f3b92eb4e9605.cloudfront.net (CloudFront)
cache-control: max-age=1200, public
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: G_WRLbGJqa96BTRpemePMzkNqr5HJ123e4264gU_NCe0RwYAmLckMw==
expires: Mon, 15 Mar 2021 14:50:35 GMT

GET
H2 200 logo-siviaggia.png
i.plug.it//mail/login/2018/libero/img/ 1 KB
1 KB 32ms
31ms Image
image/png 13.226.159.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.plug.it//mail/login/2018/libero/img/logo-siviaggia.png
Requested by: Host: it-aggiornare.online
URL: http://it-aggiornare.online/emark.php?secret_key=lh9i1mrkscpun20yvb587x4zjfowag
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.159.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-159-37.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: 8239d985179b5598a3b76db41bbd8842530e4e37e82665dc6449ed97b20c6227

Request headers

Referer: http://it-aggiornare.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 05:09:08 GMT
via: 1.1 cfe78f21e6a560afb18f3b92eb4e9605.cloudfront.net (CloudFront)
last-modified: Wed, 28 Nov 2018 07:13:19 GMT
server: nginx
age: 34856
etag: "5bfe400f-482"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public, max-age=86400
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
content-length: 1154
x-amz-cf-id: RPFwPGdz2bZqFLY33tFa2Yte8xvlJzo4qpQfhrlhVAVMvc1ChjCZEw==

GET
H2 200 tracking_login-libero-it.min.js Show response
i.plug.it/iplug/js/lib/iol/analytics/data/login-libero-it/ 4 KB
1 KB 31ms
31ms Script
application/javascript 13.226.159.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://i.plug.it/iplug/js/lib/iol/analytics/data/login-libero-it/tracking_login-libero-it.min.js
Requested by: Host: it-aggiornare.online
URL: http://it-aggiornare.online/emark.php?secret_key=lh9i1mrkscpun20yvb587x4zjfowag
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.159.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-159-37.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: c474bd7069e315e89fc96778d70b8f1de3518413e2abee1b294871fdad6887d4

Request headers

Referer: http://it-aggiornare.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 13:36:42 GMT
via: 1.1 cfe78f21e6a560afb18f3b92eb4e9605.cloudfront.net (CloudFront)
server: nginx
age: 3278
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=1200
x-amz-cf-pop: DUS51-C1
content-encoding: br
x-amz-cf-id: I-xxMyUNX3HjSaV4H20rnnfFUP2hL7JcyedMKFBu0yMdhOjeCwNFXw==

GET
H2 200 IOL.Analytics.Tracking.min.js Show response
i.plug.it/iplug/js/lib/iol/analytics/engine/ 32 KB
10 KB 33ms
33ms Script
application/javascript 13.226.159.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://i.plug.it/iplug/js/lib/iol/analytics/engine/IOL.Analytics.Tracking.min.js
Requested by: Host: it-aggiornare.online
URL: http://it-aggiornare.online/emark.php?secret_key=lh9i1mrkscpun20yvb587x4zjfowag
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.159.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-159-37.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: 09e63fb20d7667032db4289f4d2961a7ab6f7a1db54429ec15de44d2cb36ee38

Request headers

Referer: http://it-aggiornare.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 14:21:58 GMT
via: 1.1 cfe78f21e6a560afb18f3b92eb4e9605.cloudfront.net (CloudFront)
server: nginx
age: 562
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=1200
x-amz-cf-pop: DUS51-C1
content-encoding: br
x-amz-cf-id: 9Yse5y2n1cbKCK6Veh7cmlmiOspZiVKoPSFzOw_QfY5vWcj69UfB-Q==

GET
H2 200 css2
fonts.googleapis.com/ 6 KB
781 B 14ms
14ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@300;400;500&display=swap

Requested by

Host: i.plug.it
URL: https://i.plug.it/mail/login/2020/libero/css/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

748365fe534f00319188a55aea6bb4a10b9497c92b3053aa5d2ae93b63579993

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://i.plug.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 15 Mar 2021 12:57:43 GMT
server: ESF
date: Mon, 15 Mar 2021 14:31:20 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 15 Mar 2021 14:31:20 GMT

GET
H2 410 cmp.js
onetag.mgr.consensu.org/ 0
0 98ms
32ms Script
text/plain 51.89.9.254
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag.mgr.consensu.org/cmp.js

Requested by

Host: i.plug.it
URL: https://i.plug.it/common/tech_includes/lib/cmp.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip254.ip-51-89-9.eu

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: http://it-aggiornare.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
content-length: 0

GET
H/1.1 200
OK gpt.js Show response
www.googletagservices.com/tag/js/ 58 KB
20 KB 22ms
16ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: i.plug.it
URL: https://i.plug.it/banners/js/adv_lib_login_2step_v2.js

Protocol

HTTP/1.1

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dc321f6f1ccd09a5946f7d33247cfbde5fce3989175adf883fd198ff91a8161e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://it-aggiornare.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 15 Mar 2021 14:31:20 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: sffe
ETag: "812 / 917 of 1000 / last-modified: 1615806790"
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: private, max-age=900, stale-while-revalidate=3600
Timing-Allow-Origin: *
Content-Length: 19751
X-XSS-Protection: 0
Expires: Mon, 15 Mar 2021 14:31:20 GMT

GET
H2 200 logo.svg
i.plug.it/mail/login/2020/libero/img/ 5 KB
1 KB 31ms
31ms Image
image/svg+xml 13.226.159.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.plug.it/mail/login/2020/libero/img/logo.svg
Requested by: Host: i.plug.it
URL: https://i.plug.it/mail/login/2020/libero/css/style.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.159.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-159-37.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: 54ea3b729d9ff4a499d3bf59b0497606ceb27b7100c60d74d28467224f3983f9

Request headers

Referer: https://i.plug.it/mail/login/2020/libero/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 04:45:32 GMT
content-encoding: gzip
last-modified: Tue, 26 Jan 2021 09:23:21 GMT
server: nginx
age: 37270
etag: W/"600fdf89-12db"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 cfe78f21e6a560afb18f3b92eb4e9605.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: ke9bBBcwJCEjgf080SUIwzn0xBLmpqJIKvQK30TQekKAxCIN-uvY1w==

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v20/ 15 KB
15 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@300;400;500&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

48c3fa6f86c54f1d9bb519220713d4b0a1f8cd1a589a3c03b9fa82e98ecb13e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: http://it-aggiornare.online
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 08 Mar 2021 18:51:47 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:36 GMT
server: sffe
age: 589173
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15736
x-xss-protection: 0
expires: Tue, 08 Mar 2022 18:51:47 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v20/ 16 KB
16 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@300;400;500&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

24369e1b2461af9dcefecaf9cc93d64cf22a4c5bac32506100b9e21014507bcf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: http://it-aggiornare.online
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 08 Mar 2021 18:27:39 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:37 GMT
server: sffe
age: 590621
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15872
x-xss-protection: 0
expires: Tue, 08 Mar 2022 18:27:39 GMT

GET
H/1.1 200
OK PB842EDC3-BDDA-4494-9CDE-8B0150370A55.js Show response
cdn-gl.imrworldwide.com/conf/ 28 KB
7 KB 18ms
9ms Script
application/javascript 2600:9000:2182:9200:2:42d9:3100:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://cdn-gl.imrworldwide.com/conf/PB842EDC3-BDDA-4494-9CDE-8B0150370A55.js
Requested by: Host: it-aggiornare.online
URL: http://it-aggiornare.online/emark.php?secret_key=lh9i1mrkscpun20yvb587x4zjfowag
Protocol: HTTP/1.1
Server: 2600:9000:2182:9200:2:42d9:3100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3644b05a80a39d358a32738da463cafff406fd9f0309901692bf9ade61839ab8

Request headers

Referer: http://it-aggiornare.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 15 Mar 2021 14:14:44 GMT
Content-Encoding: gzip
Age: 997
x-amz-server-side-encryption: AES256
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Mon, 15 Mar 2021 13:17:33 GMT
Server: AmazonS3
ETag: W/"ec1f1a0841a662f7645c33f40c0a173e"
Vary: Accept-Encoding
x-amz-version-id: u61LEI0mgTsEBctmjA1P65fAuBiyXX6r
Via: 1.1 e8640ab30463560abfb6a2665bafb393.cloudfront.net (CloudFront)
Cache-Control: max-age=86400,s-maxage=86400
X-Amz-Cf-Pop: DUS51-C1
Content-Type: application/javascript
X-Amz-Cf-Id: 9vTCycXESJsmdKckyM23Hx01fdyzsqq1OHW32V9bsapOFTDQcZ9sZw==

GET
H2

200

m
secure-it.imrworldwide.com/cgi-bin/
Redirect Chain

http://secure-it.imrworldwide.com/cgi-bin/m?ci=libero-it&cg=0&si=http://login.libero.it/&seq=1615818680438
https://secure-it.imrworldwide.com/cgi-bin/m?ci=libero-it&cg=0&si=http://login.libero.it/&seq=1615818680438

44 B
529 B

118ms
37ms

Image
image/gif

52.214.158.139
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-it.imrworldwide.com/cgi-bin/m?ci=libero-it&cg=0&si=http://login.libero.it/&seq=1615818680438
Requested by: Host: it-aggiornare.online
URL: http://it-aggiornare.online/emark.php?secret_key=lh9i1mrkscpun20yvb587x4zjfowag
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.214.158.139 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-214-158-139.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

Referer: http://it-aggiornare.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Mar 2021 14:31:20 GMT
server: nginx
access-control-allow-methods: POST, OPTIONS
p3p: P3P policyref="http://secure-it.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
access-control-allow-origin: *
cache-control: no-cache
content-type: image/gif
content-length: 44
expires: Thu, 01 Dec 1994 16:00:00 GMT

Redirect headers

Location: https://secure-it.imrworldwide.com:443/cgi-bin/m?ci=libero-it&cg=0&si=http://login.libero.it/&seq=1615818680438
Date: Mon, 15 Mar 2021 14:31:20 GMT
Server: awselb/2.0
Connection: keep-alive
Content-Length: 134
Content-Type: text/html

GET
H/1.1 200
OK wt
italiaonline01.wt-eu02.net/215973748390194/ 43 B
833 B 153ms
38ms Image
image/gif 185.54.150.20
WEBTREKK-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://italiaonline01.wt-eu02.net/215973748390194/wt?p=433,libero.web.messaging.smart.login.step1,1,1600x1200,24,1,1615818680459,0,1600x1200,0&pu=http%3A%2F%2Fit-aggiornare.online%2Femark.php%3Fsecret_key%3Dlh9i1mrkscpun20yvb587x4zjfowag&la=en&tz=1&cg1=libero&cg2=web&cg3=messaging&cg4=smart&cg5=login&cg6=step1&cg7=libero.web.messaging.smart.login.step1&cp1=no-referrer&cp2=no-referrer&cp4=no-refresh&cp7=utf-8&cp9=1.2.00&cp10=20200526101135&cp11=Libero%20Mail%20-%20login&cp12=web&cp24=webmail&cp25=http%3A&cp26=it-aggiornare.online&cp103=http%3A%2F%2Fit-aggiornare.online%2Femark.php%3Fsecret_key%3Dlh9i1mrkscpun20yvb587x4zjfowag
Requested by: Host: it-aggiornare.online
URL: http://it-aggiornare.online/emark.php?secret_key=lh9i1mrkscpun20yvb587x4zjfowag
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.54.150.20 , Germany, ASN60164 (WEBTREKK-AS, DE),
Reverse DNS
Software: c9f0f895 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: http://it-aggiornare.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 15 Mar 2021 14:31:19 GMT
Last-Modified: Mon, 15 Mar 2021 14:31:20 GMT
Server: c9f0f895
X-Robots-Tag: noindex, nofollow, noarchive
P3P: policyref="https://q3.webtrekk.net/w3c/p3p.xml", CP="NOI DSP IND COM NAV INT"
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, private, post-check=0, pre-check=0
Content-Type: image/gif;charset=UTF-8
Content-Length: 43
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1

204
No Content

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=2&c2=33012141&ns__t=1615818680460&ns_c=UTF-8&c7=http%3A%2F%2Fit-aggiornare.online%2Femark.php%3Fsecret_key%3Dlh9i1mrkscpun20yvb587x4zjfowag&c8=Libero%20Mail%20...
https://sb.scorecardresearch.com/b2?c1=2&c2=33012141&ns__t=1615818680460&ns_c=UTF-8&c7=http%3A%2F%2Fit-aggiornare.online%2Femark.php%3Fsecret_key%3Dlh9i1mrkscpun20yvb587x4zjfowag&c8=Libero%20Mail%2...

0
399 B

35ms
35ms

Image
text/plain

104.108.64.33
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=2&c2=33012141&ns__t=1615818680460&ns_c=UTF-8&c7=http%3A%2F%2Fit-aggiornare.online%2Femark.php%3Fsecret_key%3Dlh9i1mrkscpun20yvb587x4zjfowag&c8=Libero%20Mail%20-%20login&cs_ak_ss=1
Requested by: Host: it-aggiornare.online
URL: http://it-aggiornare.online/emark.php?secret_key=lh9i1mrkscpun20yvb587x4zjfowag
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.108.64.33 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-64-33.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://it-aggiornare.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 15 Mar 2021 14:31:20 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://sb.scorecardresearch.com/b2?c1=2&c2=33012141&ns__t=1615818680460&ns_c=UTF-8&c7=http%3A%2F%2Fit-aggiornare.online%2Femark.php%3Fsecret_key%3Dlh9i1mrkscpun20yvb587x4zjfowag&c8=Libero%20Mail%20-%20login&cs_ak_ss=1
Pragma: no-cache
Date: Mon, 15 Mar 2021 14:31:20 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK _ads.js Show response
i.plug.it/iplug/js/lib/iol/analytics/ads/adv/ Frame 4B16 25 B
498 B 98ms
79ms Script
application/javascript 13.226.159.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://i.plug.it/iplug/js/lib/iol/analytics/ads/adv/_ads.js?_t=1615818680465
Requested by: Host: i.plug.it
URL: https://i.plug.it/iplug/js/lib/iol/analytics/engine/IOL.Analytics.Tracking.min.js
Protocol: HTTP/1.1
Server: 13.226.159.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-159-37.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: 0718476f9aeec1cbd746c569d6768a28c021163de52ceb5c7d89005484f16b8e

Request headers

Referer: http://it-aggiornare.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 15 Mar 2021 14:31:20 GMT
Content-Encoding: gzip
Server: nginx
X-Amz-Cf-Pop: DUS51-C1
Vary: Accept-Encoding
X-Cache: Miss from cloudfront
Content-Type: application/javascript
Via: 1.1 bb45d9db269295920003af6514d7e7eb.cloudfront.net (CloudFront)
Cache-Control: public, max-age=1200
Transfer-Encoding: chunked
Connection: keep-alive
X-Amz-Cf-Id: m6UFnO-6BtjMPN2yptpHs9ijV-zJXdaj94qlrHCEiOyPJ9phZUO9jA==

GET
H2 200 pubads_impl_2021030901.js Show response
securepubads.g.doubleclick.net/gpt/ 283 KB
100 KB 110ms
37ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030901.js

Requested by

Host: www.googletagservices.com
URL: http://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

sffe /

Resource Hash

51f6db1b46a265c22e6383ef24c9e7451e34feec809286a6ab221f4b61890c8d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://it-aggiornare.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 14:31:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 09 Mar 2021 09:39:28 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 102089
x-xss-protection: 0
expires: Mon, 15 Mar 2021 14:31:20 GMT

GET
H/1.1 200
OK nlsSDK600.bundle.min.js Show response
cdn-gl.imrworldwide.com/novms/js/2/ 176 KB
51 KB 9ms
8ms Script
application/javascript 2600:9000:2182:9200:2:42d9:3100:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://cdn-gl.imrworldwide.com/novms/js/2/nlsSDK600.bundle.min.js
Requested by: Host: cdn-gl.imrworldwide.com
URL: http://cdn-gl.imrworldwide.com/conf/PB842EDC3-BDDA-4494-9CDE-8B0150370A55.js
Protocol: HTTP/1.1
Server: 2600:9000:2182:9200:2:42d9:3100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 984af48e7efc952d96c92943d3dc213bfc599182fac15dfb9409eaa655b38f34

Request headers

Referer: http://it-aggiornare.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 15 Mar 2021 14:07:29 GMT
Content-Encoding: gzip
Age: 1432
x-amz-server-side-encryption: AES256
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Mon, 15 Mar 2021 14:07:26 GMT
Server: AmazonS3
ETag: W/"5040f47ea411a7f5e3c03138f192bc36"
Vary: Accept-Encoding
x-amz-version-id: doo8zakPyk_h6a65dWBtLeBk97YNaGf5
Via: 1.1 e8640ab30463560abfb6a2665bafb393.cloudfront.net (CloudFront)
Cache-Control: max-age=86400
X-Amz-Cf-Pop: DUS51-C1
Content-Type: application/javascript
X-Amz-Cf-Id: nczs8YnS8NJRUxcQqNyZHzAaFXXO7SAqVCkZNzR5fYcbjlBDETs8vg==

GET
H/1.1 200
OK ls.html Show response
cdn-gl.imrworldwide.com/novms/html/ Frame 163F 12 KB
4 KB 9ms
8ms Document
text/html 2600:9000:2182:9200:2:42d9:3100:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://cdn-gl.imrworldwide.com/novms/html/ls.html
Requested by: Host: cdn-gl.imrworldwide.com
URL: http://cdn-gl.imrworldwide.com/novms/js/2/nlsSDK600.bundle.min.js
Protocol: HTTP/1.1
Server: 2600:9000:2182:9200:2:42d9:3100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c1ca15aa8598ac972f25c8812a1c189cd22f8926ec7b890bc8ea6a70a7779fd1

Request headers

Host: cdn-gl.imrworldwide.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://it-aggiornare.online/
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://it-aggiornare.online/

Response headers

Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 08 Mar 2021 15:08:46 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: mAa0kziix2lgfk.2MJcuMfOYULZgj19D
Server: AmazonS3
Content-Encoding: gzip
Date: Mon, 15 Mar 2021 13:49:24 GMT
Cache-Control: max-age=86400
ETag: W/"7fa83dfc7b78314b137e2eb13834daa7"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 e8640ab30463560abfb6a2665bafb393.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: DUS51-C1
X-Amz-Cf-Id: SomzWnnEbRj55Z7bxTQ0b2rOKr6WKPiCIyc3EamnpTACHioCTQXXqQ==
Age: 2517

GET
H2 200 gn
secure-it.imrworldwide.com/cgi-bin/ Frame 163F 44 B
529 B 119ms
39ms Image
image/gif 52.214.158.139
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-it.imrworldwide.com/cgi-bin/gn?prd=session&c9=devid,&c13=asid,PB842EDC3-BDDA-4494-9CDE-8B0150370A55&sessionId=nr1cqpzioaq2ik1500b9ymfrdcoqv1615818680&c16=sdkv,bj.6.0.0&uoo=&fp_id=&fp_cr_tm=&fp_acc_tm=&fp_emm_tm=&ve_id=&c30=bldv,6.0.0.587&retry=0
Requested by: Host: it-aggiornare.online
URL: http://it-aggiornare.online/emark.php?secret_key=lh9i1mrkscpun20yvb587x4zjfowag
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.214.158.139 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-214-158-139.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

Referer: http://cdn-gl.imrworldwide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Mar 2021 14:31:20 GMT
server: nginx
access-control-allow-methods: POST, OPTIONS
p3p: P3P policyref="http://secure-it.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
access-control-allow-origin: *
cache-control: no-cache
content-type: image/gif
content-length: 44
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2 200 /
nr1cqpzioaq2ik1500b9ymfrdcoqv1615818680.nuid.imrworldwide.com/ Frame 163F 35 B
350 B 59ms
9ms Image
image/gif 2600:9000:2182:8a00:1d:667e:2a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nr1cqpzioaq2ik1500b9ymfrdcoqv1615818680.nuid.imrworldwide.com/
Requested by: Host: it-aggiornare.online
URL: http://it-aggiornare.online/emark.php?secret_key=lh9i1mrkscpun20yvb587x4zjfowag
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:8a00:1d:667e:2a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: http://cdn-gl.imrworldwide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 01:51:07 GMT
via: 1.1 58dd513f0a53b3e6851a071cb857a706.cloudfront.net (CloudFront)
last-modified: Tue, 11 Sep 2018 17:05:20 GMT
server: AmazonS3
age: 45614
etag: "c2196de8ba412c60c22ab491af7b1409"
x-cache: Hit from cloudfront
content-type: image/gif
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
content-length: 35
x-amz-cf-id: 60yA9wLP9OQ7H0HYWdpdDEQ6-dt_Rp4Vdq45lfsyJCW1mKbvFVxxsg==

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
799 B 35ms
14ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=it-aggiornare.online

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://it-aggiornare.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 15 Mar 2021 14:31:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
553 B 36ms
15ms Script
application/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=it-aggiornare.online

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://it-aggiornare.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 15 Mar 2021 14:31:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 11 KB
6 KB 180ms
143ms XHR
text/plain 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=119263131271876&correlator=1212212382816595&output=ldjh&impl=fifs&eid=21068530%2C21069710&vrg=2021030901&ptt=17&sc=0&sfv=1-0-37&ecs=20210315&iu_parts=5180%2Clibero%2Cwebmail%2Clogin%2Cstep1&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=1540x1024%7C300x600&eri=1&cust_params=adv_st_active%3D%26optout%3D0%26adv_sso1%3D0%26adv_sso2%3D0%26adv_sso3%3D0%26adv_np%3Dyes%26laud%3Dnull&cookie_enabled=1&bc=23&abxe=1&lmt=1615818680&dt=1615818680676&dlt=1615818680250&idt=402&frm=20&biw=1600&bih=1200&oid=3&adxs=310&adys=50&adks=1573533839&ucis=1&ifi=1&u_tz=60&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Fit-aggiornare.online%2Femark.php%3Fsecret_key%3Dlh9i1mrkscpun20yvb587x4zjfowag&vis=1&scr_x=0&scr_y=0&psz=980x0&msz=1540x1024&ga_vid=82547565.1615818681&ga_sid=1615818681&ga_hid=1104816262&ga_fc=false&fws=0&ohw=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030901.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

fbcfdd7948d008668a2e6f0fbc0eec91979b0a1b6ef92091973127c0158abd80

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://it-aggiornare.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 14:31:20 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4954
x-xss-protection: 0
google-lineitem-id: 5637328012
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138339485436
content-type: text/plain; charset=UTF-8
access-control-allow-origin: http://it-aggiornare.online
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
b3b86867db61b5090f26e8265180658c.safeframe.googlesyndication.com/safeframe/1-0-37/html/ 0
0 76ms
19ms Other
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://b3b86867db61b5090f26e8265180658c.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030901.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: http://it-aggiornare.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ 0
0 27ms
7ms Other
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030901.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: http://it-aggiornare.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame E6C2 0
0 64ms
64ms Fetch
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvP7erniwE68FyHzlWk0CwolOcA9Qvnrh6M2lmL76AxSa3dyDYPYAoATVvJFsOKnp3JERSOLsFLreVL3FW_YuMjSixyzzpHlU7Z7jC9_HLH4-5w-mlLybfTO_7HdlV7sXMVVDpEoP4wyVqDzlCP9AdNh9eNcM8gbNqfxmID3fWdqe-JQDz6EPpXki46jtSY0ThZur9fWtfKH0XEKF_JTP6P8tfHxYav4efuJ-2GFdIpUpM5-qhKkuQ1wWKl0QyemsXKwHIQOdzztGR4Vaj7nSAWoYfR3EQhxYC5-pbyptrDIB878gyRb0P3_AKPYrNvYSo-sMvmehX3Nv3oQBOJ19KeBPzJ&sai=AMfl-YTiEkD_DsKX1K5yq1yjDWtJfQX5eG94y8LuPO_ZYFvIL-mT8XNnjKR6hljyjc8jMiZXRRLgHAHlWhjAbDVy5za5bmU9aDlNgxjyJ2-qCkesKMfspuKMsBVUZ3NOtrnc&sig=Cg0ArKJSzEjjPIFFqxOsEAE&urlfix=1&adurl=

Requested by

Host: it-aggiornare.online
URL: http://it-aggiornare.online/emark.php?secret_key=lh9i1mrkscpun20yvb587x4zjfowag

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://it-aggiornare.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 15 Mar 2021 14:31:20 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Mon, 15 Mar 2021 14:31:20 GMT

GET
H2 200 skeleton.js Show response
pixel.adsafeprotected.com/rjss/st/594309/52702208/ 46 KB
13 KB 132ms
54ms Script
application/javascript 52.19.211.247
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/rjss/st/594309/52702208/skeleton.js
Requested by: Host: it-aggiornare.online
URL: http://it-aggiornare.online/emark.php?secret_key=lh9i1mrkscpun20yvb587x4zjfowag
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.19.211.247 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 03fbcda1b153bb9b94b9aca47499f9143275e55a99ba7a91a848d49f9e3ca87d

Request headers

Referer: http://it-aggiornare.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Mar 2021 14:31:20 GMT
content-encoding: gzip
x-server-name: app09.ie.303net.net
content-type: application/javascript;charset=utf-8
access-control-allow-origin: pixel.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E6C2 112 KB
34 KB 39ms
39ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

sffe /

Resource Hash

76f8ebf46fa95c31efb8a764b15a3a0849c11346454a026f003cdda43add1749

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://it-aggiornare.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 14:31:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1615551985310811"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34604
x-xss-protection: 0
expires: Mon, 15 Mar 2021 14:31:20 GMT

GET
H2 200 AdvContent20x20.png
i.plug.it/banners/img/ 537 B
915 B 32ms
32ms Image
image/png 13.226.159.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.plug.it/banners/img/AdvContent20x20.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.159.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-159-37.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: 68cfa5d1e626ad1796c8c8db8276c8196f7235100b9ae6f7380a4f8920bd994c

Request headers

Referer: http://it-aggiornare.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 02:48:07 GMT
via: 1.1 cfe78f21e6a560afb18f3b92eb4e9605.cloudfront.net (CloudFront)
last-modified: Tue, 09 Jun 2020 08:23:45 GMT
server: nginx
age: 42898
etag: "5edf4711-219"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=1200, public
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
content-length: 537
x-amz-cf-id: sYgQpZrtKTOQhIsCsBYm6SG8xNZloBs5WRZkFLR_nd_sWpzCQNh98Q==
expires: Mon, 15 Mar 2021 02:56:22 GMT

GET
H3-Q050

200

B25387695.295541511;dc_pre=CMH8_9PBsu8CFUDEuwgdbCAP7Q;dc_trk_aid=488829525;dc_trk_cid=145855082;ord=1196876838;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=
ad.doubleclick.net/ddm/trackimp/N7861.4024273ITALIAONLINE_IT_IPG/ Frame E6C2
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N7861.4024273ITALIAONLINE_IT_IPG/B25387695.295541511;dc_trk_aid=488829525;dc_trk_cid=145855082;ord=1196876838;dc_lat=;dc_rdid=;tag_for_child_directed_treatme...
https://ad.doubleclick.net/ddm/trackimp/N7861.4024273ITALIAONLINE_IT_IPG/B25387695.295541511;dc_pre=CMH8_9PBsu8CFUDEuwgdbCAP7Q;dc_trk_aid=488829525;dc_trk_cid=145855082;ord=1196876838;dc_lat=;dc_rd...

42 B
515 B

102ms
64ms

Image
image/gif

216.58.212.166
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/trackimp/N7861.4024273ITALIAONLINE_IT_IPG/B25387695.295541511;dc_pre=CMH8_9PBsu8CFUDEuwgdbCAP7Q;dc_trk_aid=488829525;dc_trk_cid=145855082;ord=1196876838;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=?

Requested by

Host: it-aggiornare.online
URL: http://it-aggiornare.online/emark.php?secret_key=lh9i1mrkscpun20yvb587x4zjfowag

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.212.166 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f6.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://it-aggiornare.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Mar 2021 14:31:21 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 15 Mar 2021 14:31:20 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
location: https://ad.doubleclick.net/ddm/trackimp/N7861.4024273ITALIAONLINE_IT_IPG/B25387695.295541511;dc_pre=CMH8_9PBsu8CFUDEuwgdbCAP7Q;dc_trk_aid=488829525;dc_trk_cid=145855082;ord=1196876838;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=?
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
follow-only-when-prerender-shown: 1
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

b=22177866
bcp.crwdcntrl.net/5/ct=y/c=6199/ Frame E6C2
Redirect Chain

https://bcp.crwdcntrl.net/5/c=6199/b=22177866
https://bcp.crwdcntrl.net/5/ct=y/c=6199/b=22177866

49 B
803 B

53ms
53ms

Image
image/gif

34.253.109.165
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bcp.crwdcntrl.net/5/ct=y/c=6199/b=22177866
Requested by: Host: it-aggiornare.online
URL: http://it-aggiornare.online/emark.php?secret_key=lh9i1mrkscpun20yvb587x4zjfowag
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.253.109.165 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Referer: http://it-aggiornare.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Mar 2021 14:31:21 GMT
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.13.80
content-type: image/gif
content-length: 49
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 15 Mar 2021 14:31:20 GMT
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://bcp.crwdcntrl.net/5/ct=y/c=6199/b=22177866
cache-control: no-cache
x-server: 10.45.16.252
content-length: 0
expires: 0

GET
H3-Q050 200 211957956348817773
tpc.googlesyndication.com/simgad/ 288 KB
289 KB 37ms
22ms Image
image/jpeg 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/211957956348817773?

Requested by

Host: it-aggiornare.online
URL: http://it-aggiornare.online/emark.php?secret_key=lh9i1mrkscpun20yvb587x4zjfowag

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

68c4d9331a88b41197ba5625c67eb73b18f2a961eb96f22372b4a1ef5da76ee1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://it-aggiornare.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 10 Mar 2021 13:25:32 GMT
x-content-type-options: nosniff
age: 435948
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295276
x-xss-protection: 0
last-modified: Thu, 11 Feb 2021 09:10:27 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 10 Mar 2022 13:25:32 GMT

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
28 KB 38ms
38ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

sffe /

Resource Hash

ab62fe971dd4b318621de81bfd9315f50f36bd50791512128cea651f3ef136d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://it-aggiornare.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 14:31:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1615552002806803"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28222
x-xss-protection: 0
expires: Mon, 15 Mar 2021 14:31:20 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 8 KB
7 KB 38ms
19ms XHR
application/json 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021030901&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f3e3d5425770004b388a131cbd8193fd93bc5a5eae4523cb549d7f7655db0eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://it-aggiornare.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 15 Mar 2021 14:31:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6545
x-xss-protection: 0

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030901.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://it-aggiornare.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 14:31:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1611170586013198"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6403
x-xss-protection: 0
expires: Mon, 15 Mar 2021 14:31:20 GMT

GET
DATA 200
OK truncated
/ Frame E6C2 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c8c998831c68de988f5ef84f6b4e64c3fd2bc9799cdaf419eca86094f207a150

Request headers

Referer: http://it-aggiornare.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK jload Show response
pixel.adsafeprotected.com/ Frame 3714 47 KB
14 KB 79ms
60ms Script
application/javascript 52.19.211.247
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://pixel.adsafeprotected.com/jload?anId=926174&campId=1540x1024&pubId=19942847&chanId=21721897975&placementId=5637328012&pubCreative=138339485436&pubOrder=2828105473&cb=222202221&impId=&ias_adpath=%23adv_click
Requested by: Host: it-aggiornare.online
URL: http://it-aggiornare.online/emark.php?secret_key=lh9i1mrkscpun20yvb587x4zjfowag
Protocol: HTTP/1.1
Server: 52.19.211.247 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: bb4aef635e086d0038cae945d59214d1da5cec786b04c7cad9621a2f7e2582a1

Request headers

Referer: http://it-aggiornare.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 15 Mar 2021 14:31:21 GMT
Content-Encoding: gzip
X-Server-Name: app14.ie.303net.net
Transfer-Encoding: chunked
Content-Type: application/javascript;charset=utf-8
Access-Control-Allow-Origin: pixel.adsafeprotected.com
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive
Server: nginx
Expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H3-Q050 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/221/ Frame 11C7 12 KB
5 KB 7ms
7ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/221/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://it-aggiornare.online/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://it-aggiornare.online/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 4984
date: Mon, 15 Mar 2021 14:16:21 GMT
expires: Tue, 15 Mar 2022 14:16:21 GMT
last-modified: Tue, 08 Dec 2020 21:41:15 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 900
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 OqSalp92o-4AtfYt583RauVJYevBmhjij2pcg0zPe10.js Show response
pagead2.googlesyndication.com/bg/ Frame 11C7 14 KB
6 KB 34ms
20ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/OqSalp92o-4AtfYt583RauVJYevBmhjij2pcg0zPe10.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3aa49a969f76a3ee00b5f62de7cdd16ae54961ebc19a18e28f6a5c834ccf7b5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 14 Mar 2021 14:30:19 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 08 Mar 2021 17:45:00 GMT
server: sffe
age: 86462
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5732
x-xss-protection: 0
expires: Mon, 14 Mar 2022 14:30:19 GMT

GET
H2 200 main.gr.19.8.171.js Show response
static.adsafeprotected.com/ 179 KB
57 KB 131ms
55ms Script
application/javascript 54.154.69.174
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/main.gr.19.8.171.js
Requested by: Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/rjss/st/594309/52702208/skeleton.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.154.69.174 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 3a24007e6749a9a4c471fe0db993ed48445f6ba22695a15f6379d58fdaee18f4

Request headers

Referer: http://it-aggiornare.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 14:31:21 GMT
content-encoding: gzip
last-modified: Fri, 12 Mar 2021 15:44:44 GMT
server: nginx/1.16.1
etag: W/"4c84c9be53f0d027010c9405f84a1788"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000

GET
H/1.1 200
OK main.gr.19.8.171.js Show response
static.adsafeprotected.com/ Frame 3714 179 KB
57 KB 71ms
52ms Script
application/javascript 54.154.69.174
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://static.adsafeprotected.com/main.gr.19.8.171.js
Requested by: Host: pixel.adsafeprotected.com
URL: http://pixel.adsafeprotected.com/jload?anId=926174&campId=1540x1024&pubId=19942847&chanId=21721897975&placementId=5637328012&pubCreative=138339485436&pubOrder=2828105473&cb=222202221&impId=&ias_adpath=%23adv_click
Protocol: HTTP/1.1
Server: 54.154.69.174 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 3a24007e6749a9a4c471fe0db993ed48445f6ba22695a15f6379d58fdaee18f4

Request headers

Referer: http://it-aggiornare.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 15 Mar 2021 14:31:21 GMT
Content-Encoding: gzip
Last-Modified: Fri, 12 Mar 2021 15:44:44 GMT
Server: nginx/1.16.1
ETag: W/"4c84c9be53f0d027010c9405f84a1788"
X-Cache-Status: HIT
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=315360000
Transfer-Encoding: chunked
Connection: keep-alive

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame E6C2 0
0 117ms
78ms Fetch
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvx86LJ4L9jcV5Gdb0AEQ0UxqAWCaiebC3-p1iAWD0yxH3BA6BLX1iFZwafSsdbNAcuNOQ5IrQQ7jYLZ3vZ177Fz68ZjLoEoDNkbBtRsXaCijKjE5SWe-5noEjuU-CT3D7NvVO-WkliuwZa7CN68X5eCyaaDMdZRaQ3EZOxeAKITt-aR3iva_i3XtghNesmu6eok4K0024XhEKbRhV-rvzZA4Ff1ONKO9Sdwy9uGoSe9lNO_5rzY5rO0wJSq-CuVRvsQQTkP1fvsN5uzR77Z1-hyiwPt8U4z2OT7tz9ya0Anu0VC1SfDMfYoKa1ZTWQss1XpKWD7Zz1&sai=AMfl-YQxA_opDfRcEtrFSPCN-T1GaxHg0sm3R-3cd9kstzdkLm6k4MYWEnA-10WS2lT7J40Qkd9PaYg6k68Xi3y2cJT3LiGjHWFlPcNtAJvqwNUlfBXTF93TWRfOAw_l8UuA&sig=Cg0ArKJSzDXrwoQXZ_QXEAE&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://it-aggiornare.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 15 Mar 2021 14:31:21 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Mon, 15 Mar 2021 14:31:21 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
224 B 40ms
39ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=221&t=2&li=gpt_2021030901&jk=119263131271876&bg=!5Oel56TNAAUO7zDoDjsAKQB2-Dxatu3Y8YuEooRLQm8oW-404_jw2_2HjRV6ToYDz09mjSR017asAgAAAExSAAAACmgBBwoAHoGlODxuu83sqe314KcpKWW2ikYJxW8XzVBJBcWnBJkCFc32OwsUHmbu3LdsUnC7yOVPKzhBEkeMghwDDV76_-tIQ4orNfvVbyZB8kTqQle11ilaCk4hYqTadChfmi-CpfFSc6jXxJRkZD6Cler2D-jNFDJUsJk-WOWVyJy9tpd04LNVo_CB1hWuRUQjIoF0XMzf8RLVAJo6AnqMTzNdPURSRPnG8EwkT1DmAL1BFttBwiPYVgCMg2D-tk0MHnZTsDtWLMJv7b-iyMWj6YtNcnmi136oPrXYoPL0FQvLzReFkuS7idUuOpXqhwO40pIIcBTVJDkZo2l9SOXrvh1R3isbFj3Xi5wR5KlSEYHqBfGRZhfEY2zCK-19B74_bPOPRmDPkNWqe1u27MTT4qBHaTAG37FQK5JhOstZFijEer4bYR8ckXcZ08zG_3glzJ2w5KQa78Z1FNGh56O7NB861Tl8PFN091CfJQEHX2dcEwxspPg536KoETkphNl9fJKEzXmJ43KKQuKs0WXbX4qUyN1ui1oJ9YOFZX7-Q0Ctxu7ZJkZD-Nfsh_qSv4DK50YUc2lTfkH8Rt2YIj4xrvcAWE2ZnjkM8htumoKzq9t9ZwFeFvucmqHlSY9OJqvv6efN7RaGJq71pK1MmALNcU7NB9_ypwGORPzcJHoW_ptGqjwxcV48G4kOvaqR5-eOdQ26QXiQT_HhzXgLtue2P_egrg-cX_tiFfrOwvAlZVvabuZuOHOo7--D

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://it-aggiornare.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Mar 2021 14:31:21 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

skeleton.js Show response
static.adsafeprotected.com/
Redirect Chain

https://pixel.adsafeprotected.com/rfw/st/594309/52702208/skeleton.js?adsafe_url=http%3A%2F%2Fit-aggiornare.online%2Femark.php%3Fsecret_key%3Dlh9i1mrkscpun20yvb587x4zjfowag&adsafe_type=abdq&adsafe_u...
https://static.adsafeprotected.com/skeleton.js

17 B
240 B

37ms
37ms

Script
application/javascript

54.154.69.174
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/skeleton.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.154.69.174 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05

Request headers

Referer: http://it-aggiornare.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 14:31:21 GMT
last-modified: Mon, 17 Aug 2020 23:54:35 GMT
server: nginx/1.16.1
age: 1078935
etag: "53fab767ecbd3bf07990b10246befbd4"
x-cache-status: HIT
content-type: application/javascript
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 17

Redirect headers

pragma: no-cache
date: Mon, 15 Mar 2021 14:31:21 GMT
x-server-name: app25.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/skeleton.js
cache-control: no-cache
content-length: 0
server: nginx

GET
H2 200 sca.17.5.1.js Show response
static.adsafeprotected.com/ Frame 7CE5 82 KB
22 KB 40ms
40ms Script
application/javascript 54.154.69.174
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.5.1.js
Requested by: Host: it-aggiornare.online
URL: http://it-aggiornare.online/emark.php?secret_key=lh9i1mrkscpun20yvb587x4zjfowag
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.154.69.174 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 134bdfef6b19c84bcb7dfc55f32065853ffdf1b05a8661caf172e56edacd427f

Request headers

Referer: http://it-aggiornare.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 14:31:21 GMT
content-encoding: gzip
last-modified: Thu, 04 Mar 2021 17:39:07 GMT
server: nginx/1.16.1
age: 21
etag: W/"793767aa29c23c195c863f01f1e83e06"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 318ms
109ms Image
image/gif 34.206.100.214
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=594309&asId=4614e4c0-3ea3-b1d8-2f57-7889b829a6ad&tv=%7Bc:6WCQ6f,pingTime:-2,time:206,type:a,im:%7Bsf:0,pom:1,prf:%7BbdA:768,bdZ:901,beA:907,beZ:908,mfA:1074,cmA:1075,inA:1076,inZ:1082,prA:1082,prZ:1086,si:1092,poA:1093,poZ:1103,cmZ:1103,mfZ:1103,loA:1107,loZ:1108,ltA:1112,ltZ:1112%7D%7D,env:%7Bgca:true,cca:false,gca2:false%7D,clog:%5B%7Bpiv:99,vs:i,r:,w:1600,h:1200,t:185%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:1,cnod:1,intblk:1,gm:0,slTimes:%7Bi:206,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:184,wc:0.0.1600.1200,ac:-10.-10.1600.1200,am:a,cc:-10.-10.1600.1200,piv:99,obst:0,th:0,reas:,bkn:%7Bpiv:%5B33~75%5D,as:%5B33~1600.1200%5D%7D%7D%5D,slEventCount:1,em:false,fr:true,e:,tt:rjss,dtt:0,fm:srJMw5f+1*.594309-52702208%7C11%7C12%7C131%7C14,idMap:1*,rmeas:1,rend:1,renddet:IMG.qs,slid:%5Badv_click%5D,sinceFw:19,readyFired:true%7D&br=u
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.206.100.214 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: http://it-aggiornare.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Mar 2021 14:31:21 GMT
x-server-name: dt28.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H/1.1 200
OK sca.17.5.1.js Show response
static.adsafeprotected.com/ Frame 8BAC 82 KB
22 KB 36ms
36ms Script
application/javascript 54.154.69.174
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://static.adsafeprotected.com/sca.17.5.1.js
Requested by: Host: it-aggiornare.online
URL: http://it-aggiornare.online/emark.php?secret_key=lh9i1mrkscpun20yvb587x4zjfowag
Protocol: HTTP/1.1
Server: 54.154.69.174 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 134bdfef6b19c84bcb7dfc55f32065853ffdf1b05a8661caf172e56edacd427f

Request headers

Referer: http://it-aggiornare.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 15 Mar 2021 14:31:21 GMT
Content-Encoding: gzip
Last-Modified: Thu, 04 Mar 2021 17:39:07 GMT
Server: nginx/1.16.1
Age: 4
ETag: W/"793767aa29c23c195c863f01f1e83e06"
X-Cache-Status: HIT
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=315360000
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK mon
pixel.adsafeprotected.com/ 43 B
305 B 45ms
45ms Image
image/gif 52.19.211.247
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://pixel.adsafeprotected.com/mon?anId=926174&campId=1540x1024&pubId=19942847&chanId=21721897975&placementId=5637328012&pubCreative=138339485436&pubOrder=2828105473&cb=222202221&impId=&ias_adpath=%23adv_click&adsafe_url=http%3A%2F%2Fit-aggiornare.online%2Femark.php%3Fsecret_key%3Dlh9i1mrkscpun20yvb587x4zjfowag&adsafe_type=abdq&adsafe_url=http%3A%2F%2Fit-aggiornare.online%2F&adsafe_type=f&adsafe_jsinfo=,id:65eea56f-53ff-2a64-d916-aa19a6062532,c:6WCQ6S,sl:inView,em:true,fr:true,mn:app14ie,pt:1-5-15,wc:0.0.1600.1200,ac:-10.-10.1600.1200,am:sp,cc:0.0.1600.1200,piv:99,obst:0,th:0,reas:,br:u,abv:na,an:n,oam:0,scm:publ1.grpm1,nbld:0,fm:srJMw63+11%7C12%7C13*.926174%7C131%7C14%7C15,idMap:13*,pl:,rmeas:1,rend:1,renddet:A.qs.tn,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,thd:1,et:195,oid:1c89f3da-859b-11eb-999b-02c390e9b11a,v:19.8.171,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Protocol: HTTP/1.1
Server: 52.19.211.247 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: http://it-aggiornare.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 15 Mar 2021 14:31:21 GMT
X-Server-Name: app15.ie.303net.net
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
304 B 198ms
178ms Image
image/gif 34.206.100.214
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://dt.adsafeprotected.com/dt?anId=926174&asId=65eea56f-53ff-2a64-d916-aa19a6062532&tv=%7Bc:6WCQ6T,pingTime:-8,time:196,type:l,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:196,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:194,wc:0.0.1600.1200,ac:-10.-10.1600.1200,am:sp,cc:0.0.1600.1200,piv:99,obst:0,th:0,reas:,bkn:%7Bpiv:%5B15~75%5D,as:%5B14~1600.1200%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:srJMw63+11%7C12%7C13*.926174%7C131%7C14%7C15,idMap:13*,rmeas:1,rend:1,renddet:A.qs.tn%7D&br=u
Protocol: HTTP/1.1
Server: 34.206.100.214 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: http://it-aggiornare.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 15 Mar 2021 14:31:21 GMT
X-Server-Name: dt29.va.303net.net
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
304 B 197ms
178ms Image
image/gif 34.206.100.214
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://dt.adsafeprotected.com/dt?anId=926174&asId=65eea56f-53ff-2a64-d916-aa19a6062532&tv=%7Bc:6WCQ78,pingTime:-2,time:211,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:103,beZ:104,mfA:281,cmA:282,inA:282,inZ:287,prA:287,prZ:291,si:298,poA:299,poZ:306,cmZ:306,mfZ:306,loA:309,loZ:310,ltA:314,ltZ:314%7D%7D,sca:%7Bdfp:%7Bdf:0%7D%7D,env:%7Bgca:true,cca:false,gca2:false%7D,clog:%5B%7Bpiv:99,vs:i,r:,w:1600,h:1200,t:194%7D%5D,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:211,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:194,wc:0.0.1600.1200,ac:-10.-10.1600.1200,am:sp,cc:0.0.1600.1200,piv:99,obst:0,th:0,reas:,bkn:%7Bpiv:%5B31~75%5D,as:%5B30~1600.1200%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:srJMw63+11%7C12%7C13*.926174%7C131%7C14%7C15,idMap:13*,rmeas:1,rend:1,renddet:A.qs.tn,slid:%5Bgoogle_ads_iframe_/5180/libero/webmail/login/step1_0,google_ads_iframe_/5180/libero/webmail/login/step1_0__container__,adsplash,wrapper-iol%5D,sinceFw:15,readyFired:true%7D&br=u
Protocol: HTTP/1.1
Server: 34.206.100.214 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: http://it-aggiornare.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 15 Mar 2021 14:31:21 GMT
X-Server-Name: dt12.va.303net.net
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
216 B 190ms
103ms Image
image/gif 34.206.100.214
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=594309&asId=4614e4c0-3ea3-b1d8-2f57-7889b829a6ad&tv=%7Bc:6WCQ8d,time:328,type:e,im:%7Bimprf:%7Bttecl:432,ecd:38,tsecr:1%7D%7D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:1,cnod:1,intblk:1,gm:0,slTimes:%7Bi:328,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:184,wc:0.0.1600.1200,ac:-10.-10.1600.1200,am:a,cc:-10.-10.1600.1200,piv:99,obst:0,th:0,reas:,bkn:%7Bpiv:%5B155~75%5D,as:%5B155~1600.1200%5D%7D%7D%5D,slEventCount:1,em:false,fr:true,e:,tt:rjss,dtt:0,fm:srJMw5f+1*.594309-52702208%7C11%7C12%7C13.926174%7C131%7C14,idMap:1*,rmeas:1,rend:1,renddet:IMG.qs%7D&br=u
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.206.100.214 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: http://it-aggiornare.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Mar 2021 14:31:21 GMT
x-server-name: dt04.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
23 B 39ms
38ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=gpt_pgbrk&pvsid=119263131271876&vrg=2021030901&nw_id=5180&nslots=1&eid=21068530%2C676982961%2C21069710&pub_url=http%3A%2F%2Fit-aggiornare.online%2Femark.php%3Fsecret_key%3Dlh9i1mrkscpun20yvb587x4zjfowag&qid=COXe89PBsu8CFQfnuwgdnM0G8g&iu=%2F5180%2Flibero%2Fwebmail%2Flogin%2Fstep1&e=0&ret=1540x1024&req=1540x1024%7C300x600&bm=0&efh=0&stk=0&ifi=1

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://it-aggiornare.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Mar 2021 14:31:21 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 103ms
103ms Image
image/gif 34.206.100.214
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=594309&asId=4614e4c0-3ea3-b1d8-2f57-7889b829a6ad&tv=%7Bc:6WCQcb,pingTime:-10,time:574,type:s,mvn:ZnNjPTEyLHNkPTMsbm89Nyxhc3A9MQ--,fsc:17.5.1v220002022000220000002002222000022220200000222220222020002222022002222202002220222022222022222000000200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022020000000020000000000000000000002220002220000022200202202220022000200222022200200022202220020222222000220000222202222202222000002002002222222222220022202200022002220202202,sd:MTcuNS4xdjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNS4xdk1vemlsbGF8fE5ldHNjYXBlfHxufHwxMnx8bnx8MHx8bnx8TGludXggeDg2XzY0fHxHZWNrb3x8MjAwMzAxMDd8fC02MHx8TW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzg5LjAuNDM4OS43MiBTYWZhcmkvNTM3LjM2fHwxfHwxfHxHb29nbGUgSW5jLnx8bg--,asp:1615818681587%7C%7C0644e17d0d6d7398ed005d7ad81124a0%7C%7Cf34e96995ddf3ff5eb1bfde138cfe29c%7C%7Cb8d708ee40e128dcf99759e16711993f%7C%7Ce5f505f444e8bca761a416765033f77f%7C%7C2571885d7cc432d4190a9c6a864b8c0a%7C%7C15a29176353b8ba89b7669f2219efeff%7C%7C2c3f9189d94ee0219e8339b535705fe7%7C%7C1614879537%7D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.206.100.214 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: http://it-aggiornare.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Mar 2021 14:31:21 GMT
x-server-name: dt01.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 callback=iol.dmp.getProfile Show response
ad.crwdcntrl.net/5/c=6199/pe=y/ 161 B
372 B 125ms
42ms Script
application/javascript 52.210.253.186
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.crwdcntrl.net/5/c=6199/pe=y/callback=iol.dmp.getProfile
Requested by: Host: i.plug.it
URL: https://i.plug.it/banners/js/adv_library3_https.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.210.253.186 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 7a7badbffce2cc0bcb768131a45fdc54d37f531721096d80e0285e875f259de8

Request headers

Referer: http://it-aggiornare.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Mar 2021 14:31:22 GMT
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.12.151
content-type: application/javascript;charset=UTF-8
content-length: 161
expires: 0

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 104ms
103ms Image
image/gif 34.206.100.214
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=594309&asId=4614e4c0-3ea3-b1d8-2f57-7889b829a6ad&tv=%7Bc:6WCQmi,pingTime:1,time:1201,type:p,clog:%5B%7Bpiv:99,vs:i,r:,w:1600,h:1200,t:185%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:1,cnod:1,intblk:1,gm:0,slTimes:%7Bi:1201,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:184,wc:0.0.1600.1200,ac:-10.-10.1600.1200,am:a,cc:-10.-10.1600.1200,piv:99,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1028~75%5D,as:%5B1028~1600.1200%5D%7D%7D%5D,slEventCount:1,em:false,fr:true,e:,tt:rjss,dtt:106,fm:srJMw5f+1*.594309-52702208%7C11%7C12%7C13.926174%7C131%7C14,idMap:1*,rmeas:1,rend:1,renddet:IMG.qs%7D&br=u
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.206.100.214 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: http://it-aggiornare.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Mar 2021 14:31:22 GMT
x-server-name: dt25.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
304 B 99ms
98ms Image
image/gif 34.206.100.214
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://dt.adsafeprotected.com/dt?anId=926174&asId=65eea56f-53ff-2a64-d916-aa19a6062532&tv=%7Bc:6WCQnc,pingTime:1,time:1207,type:p,clog:%5B%7Bpiv:99,vs:i,r:,w:1600,h:1200,t:194%7D%5D,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1207,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:194,wc:0.0.1600.1200,ac:-10.-10.1600.1200,am:sp,cc:0.0.1600.1200,piv:99,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1026~75%5D,as:%5B1025~1600.1200%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:199,fm:srJMw63+11%7C12%7C13*.926174%7C131%7C14%7C15,idMap:13*,rmeas:1,rend:1,renddet:A.qs.tn%7D&br=u
Protocol: HTTP/1.1
Server: 34.206.100.214 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: http://it-aggiornare.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 15 Mar 2021 14:31:22 GMT
X-Server-Name: dt61.va.303net.net
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
304 B 101ms
100ms Image
image/gif 34.206.100.214
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://dt.adsafeprotected.com/dt?anId=926174&asId=65eea56f-53ff-2a64-d916-aa19a6062532&tv=%7Bc:6WCQnd,pingTime:1,time:1208,type:c,clog:%5B%7Bpiv:99,vs:i,r:,w:1600,h:1200,t:194%7D%5D,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1208,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:194,wc:0.0.1600.1200,ac:-10.-10.1600.1200,am:sp,cc:0.0.1600.1200,piv:99,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1027~75%5D,as:%5B1026~1600.1200%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:199,fm:srJMw63+11%7C12%7C13*.926174%7C131%7C14%7C15,idMap:13*,rmeas:1,rend:1,renddet:A.qs.tn,metricId:publ1,cmr:t%7D&br=u
Protocol: HTTP/1.1
Server: 34.206.100.214 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: http://it-aggiornare.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 15 Mar 2021 14:31:22 GMT
X-Server-Name: dt16.va.303net.net
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
304 B 208ms
188ms Image
image/gif 34.206.100.214
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://dt.adsafeprotected.com/dt?anId=926174&asId=65eea56f-53ff-2a64-d916-aa19a6062532&tv=%7Bc:6WCQnd,pingTime:1,time:1208,type:c,clog:%5B%7Bpiv:99,vs:i,r:,w:1600,h:1200,t:194%7D%5D,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1209,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:194,wc:0.0.1600.1200,ac:-10.-10.1600.1200,am:sp,cc:0.0.1600.1200,piv:99,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1028~75%5D,as:%5B1027~1600.1200%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:199,fm:srJMw63+11%7C12%7C13*.926174%7C131%7C14%7C15,idMap:13*,rmeas:1,rend:1,renddet:A.qs.tn,metricId:grpm1,cmr:t%7D&br=u
Protocol: HTTP/1.1
Server: 34.206.100.214 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: http://it-aggiornare.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 15 Mar 2021 14:31:22 GMT
X-Server-Name: dt02.va.303net.net
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H2 200 gn
secure-it.imrworldwide.com/cgi-bin/ 44 B
336 B 40ms
40ms Image
image/gif 52.214.158.139
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-it.imrworldwide.com/cgi-bin/gn?prd=dcr&ci=it-605193&ch=it-605193_c10_LiberoMessaging_BRW_S&asn=LiberoMessaging_BRW&fp_id=&fp_cr_tm=&fp_acc_tm=&fp_emm_tm=&ve_id=&devmodel=&manuf=&sysname=&sysversion=&sessionId=nr1cqpzioaq2ik1500b9ymfrdcoqv1615818680&prv=1&c6=vc,c10&ca=NA&c13=asid,PB842EDC3-BDDA-4494-9CDE-8B0150370A55&c32=segA,NA&c33=segB,NA&c34=segC,NA&c15=apn,&sup=1&segment2=&segment1=&forward=0&plugv=&playerv=&ad=0&cr=V&c9=devid,&enc=true&c1=nuid,999&at=view&rt=text&c16=sdkv,bj.6.0.0&c27=cln,0&crs=&lat=&lon=&c29=plid,16158186805037040&c30=bldv,6.0.0.587&st=dcr&c7=osgrp,&c8=devgrp,&c10=plt,&c40=adbid,&c14=osver,NA&c26=dmap,1&dd=&hrd=&wkd=&c35=adrsid,&c36=cref1,&c37=cref2,&c11=agg,1&c12=apv,&c51=adl,0&c52=noad,0&devtypid=&pc=NA&c53=fef,n&c54=oad,&c55=cref3,&c57=adldf,2&ai=1615818680440&c3=st,c&c64=starttm,1615818682&adid=1615818680440&c58=isLive,false&c59=sesid,&c61=createtm,1615818681&c63=pipMode,&uoo=&c68=bndlid,&nodeTM=&logTM=&c73=phtype,&c74=dvcnm,&c76=adbsnid,&c44=progen,&davty=0&si=http%3A%2F%2Fit-aggiornare.online%2Femark.php%3Fsecret_key%3Dlh9i1mrkscpun20yvb587x4zjfowag&c66=mediaurl,&c62=sendTime,1615818681&rnd=337414
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.214.158.139 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-214-158-139.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

Referer: http://it-aggiornare.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Mar 2021 14:31:22 GMT
server: nginx
access-control-allow-methods: POST, OPTIONS
p3p: P3P policyref="http://secure-it.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
access-control-allow-origin: *
cache-control: no-cache
content-type: image/gif
content-length: 44
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
304 B 104ms
104ms Image
image/gif 34.206.100.214
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://dt.adsafeprotected.com/dt?anId=926174&asId=65eea56f-53ff-2a64-d916-aa19a6062532&tv=%7Bc:6WCQry,pingTime:-10,time:1477,type:s,mvn:ZnNjPTEyLHNkPTMsbm89Nyxhc3A9MQ--,fsc:17.5.1v220002022000220000002002222000022220200000222220222020002222022002222202002220222022222022222000000200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022020000000020000000000000000000002220002220000022200202202220022000200222022200200022202220020222222000220000222202222202222000002002002222222222220022202200022002220202202,sd:MTcuNS4xdjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNS4xdk1vemlsbGF8fE5ldHNjYXBlfHxufHwxMnx8bnx8MHx8bnx8TGludXggeDg2XzY0fHxHZWNrb3x8MjAwMzAxMDd8fC02MHx8TW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzg5LjAuNDM4OS43MiBTYWZhcmkvNTM3LjM2fHwxfHwxfHxHb29nbGUgSW5jLnx8bg--,asp:1615818681587%7C%7C0644e17d0d6d7398ed005d7ad81124a0%7C%7Cf34e96995ddf3ff5eb1bfde138cfe29c%7C%7Cb8d708ee40e128dcf99759e16711993f%7C%7Ce5f505f444e8bca761a416765033f77f%7C%7C2571885d7cc432d4190a9c6a864b8c0a%7C%7C15a29176353b8ba89b7669f2219efeff%7C%7C2c3f9189d94ee0219e8339b535705fe7%7C%7C1614879537,sca:%7Bspg:4614e4c0-3ea3-b1d8-2f57-7889b829a6ad%7D%7D
Protocol: HTTP/1.1
Server: 34.206.100.214 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: http://it-aggiornare.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 15 Mar 2021 14:31:22 GMT
X-Server-Name: dt11.va.303net.net
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 109ms
108ms Image
image/gif 34.206.100.214
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=594309&asId=4614e4c0-3ea3-b1d8-2f57-7889b829a6ad&tv=%7Bc:6WCRoO,pingTime:5,time:5201,type:p,clog:%5B%7Bpiv:99,vs:i,r:,w:1600,h:1200,t:185%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:1,cnod:1,intblk:1,gm:0,slTimes:%7Bi:5201,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:184,wc:0.0.1600.1200,ac:-10.-10.1600.1200,am:a,cc:-10.-10.1600.1200,piv:99,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5028~75%5D,as:%5B5028~1600.1200%5D%7D%7D%5D,slEventCount:1,em:false,fr:true,e:,tt:rjss,dtt:106,fm:srJMw5f+1*.594309-52702208%7C11%7C12%7C13.926174%7C131%7C14,idMap:1*,rmeas:1,rend:1,renddet:IMG.qs%7D&br=u
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.206.100.214 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: http://it-aggiornare.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Mar 2021 14:31:26 GMT
x-server-name: dt58.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
304 B 106ms
105ms Image
image/gif 34.206.100.214
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://dt.adsafeprotected.com/dt?anId=926174&asId=65eea56f-53ff-2a64-d916-aa19a6062532&tv=%7Bc:6WCRpI,pingTime:5,time:5207,type:p,clog:%5B%7Bpiv:99,vs:i,r:,w:1600,h:1200,t:194%7D%5D,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:5207,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:194,wc:0.0.1600.1200,ac:-10.-10.1600.1200,am:sp,cc:0.0.1600.1200,piv:99,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5026~75%5D,as:%5B5025~1600.1200%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:107,fm:srJMw63+11%7C12%7C13*.926174%7C131%7C14%7C15,idMap:13*,rmeas:1,rend:1,renddet:A.qs.tn%7D&br=u
Protocol: HTTP/1.1
Server: 34.206.100.214 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: http://it-aggiornare.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 15 Mar 2021 14:31:26 GMT
X-Server-Name: dt59.va.303net.net
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Libero (Online)

107 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			it-aggiornare.online/	1969-12-31 23:59:59	Name: PHPSESSID Value: p4kv0fbtua91uvgv76mdcsjbne

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://i.plug.it/banners/js/adv_lib_login_2step_v2.js(Line 2) Message: ADV LIBRARY Login : 04 Ago 2020
console-api	log	URL: https://i.plug.it/banners/js/adv_library3_https.js(Line 277) Message: ADV PROFILE = 0
console-api	debug	URL: https://static.adsafeprotected.com/sca.17.5.1.js(Line 32) Message: a: 0.0009765625 ms

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.crwdcntrl.net
ad.doubleclick.net
adservice.google.com
adservice.google.de
ajax.googleapis.com
b3b86867db61b5090f26e8265180658c.safeframe.googlesyndication.com
bcp.crwdcntrl.net
cdn-gl.imrworldwide.com
dt.adsafeprotected.com
fonts.googleapis.com
fonts.gstatic.com
i.plug.it
it-aggiornare.online
italiaonline01.wt-eu02.net
nr1cqpzioaq2ik1500b9ymfrdcoqv1615818680.nuid.imrworldwide.com
onetag.mgr.consensu.org
pagead2.googlesyndication.com
pixel.adsafeprotected.com
sb.scorecardresearch.com
secure-it.imrworldwide.com
securepubads.g.doubleclick.net
static.adsafeprotected.com
tpc.googlesyndication.com
www.googletagservices.com
104.108.64.33
13.226.159.37
142.250.186.162
185.54.150.20
216.58.212.166
2600:9000:2182:8a00:1d:667e:2a40:93a1
2600:9000:2182:9200:2:42d9:3100:93a1
2a00:1450:4001:800::2003
2a00:1450:4001:801::200a
2a00:1450:4001:803::2002
2a00:1450:4001:811::2002
2a00:1450:4001:812::2002
2a00:1450:4001:827::2002
2a00:1450:4001:829::2001
2a00:1450:4001:82a::2001
2a00:1450:4001:82a::200a
2a01:238:20a:202:1157::
34.206.100.214
34.253.109.165
51.89.9.254
52.19.211.247
52.210.253.186
52.214.158.139
54.154.69.174
00be4a75e748a196d522a7353e1555308e1122ad1eda6218ce6092de72c5e340
03fbcda1b153bb9b94b9aca47499f9143275e55a99ba7a91a848d49f9e3ca87d
0718476f9aeec1cbd746c569d6768a28c021163de52ceb5c7d89005484f16b8e
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
09e63fb20d7667032db4289f4d2961a7ab6f7a1db54429ec15de44d2cb36ee38
0ba07e08d2ad0d4194d88c94c8392ae676dfef46671495ce15daf7b5cbc6d0fd
134bdfef6b19c84bcb7dfc55f32065853ffdf1b05a8661caf172e56edacd427f
24369e1b2461af9dcefecaf9cc93d64cf22a4c5bac32506100b9e21014507bcf
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
3644b05a80a39d358a32738da463cafff406fd9f0309901692bf9ade61839ab8
3a24007e6749a9a4c471fe0db993ed48445f6ba22695a15f6379d58fdaee18f4
3aa49a969f76a3ee00b5f62de7cdd16ae54961ebc19a18e28f6a5c834ccf7b5d
3b5bc6d26c769e37f841843c2a43bf668edb5144fe3e0800c846eb2990690773
48c3fa6f86c54f1d9bb519220713d4b0a1f8cd1a589a3c03b9fa82e98ecb13e3
49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504
51f6db1b46a265c22e6383ef24c9e7451e34feec809286a6ab221f4b61890c8d
54ea3b729d9ff4a499d3bf59b0497606ceb27b7100c60d74d28467224f3983f9
55137ab76eea957ac63037bfaf5fb94a5257f7624774b46ca8006cb941e81728
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3
68c4d9331a88b41197ba5625c67eb73b18f2a961eb96f22372b4a1ef5da76ee1
68cfa5d1e626ad1796c8c8db8276c8196f7235100b9ae6f7380a4f8920bd994c
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
748365fe534f00319188a55aea6bb4a10b9497c92b3053aa5d2ae93b63579993
76f8ebf46fa95c31efb8a764b15a3a0849c11346454a026f003cdda43add1749
7a7badbffce2cc0bcb768131a45fdc54d37f531721096d80e0285e875f259de8
8239d985179b5598a3b76db41bbd8842530e4e37e82665dc6449ed97b20c6227
984af48e7efc952d96c92943d3dc213bfc599182fac15dfb9409eaa655b38f34
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
ab62fe971dd4b318621de81bfd9315f50f36bd50791512128cea651f3ef136d1
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
bb4aef635e086d0038cae945d59214d1da5cec786b04c7cad9621a2f7e2582a1
bb631cb41d70ab6f8a07ab80b053676bca8589e7e1d835827f30e1bffbed91c5
bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05
c1ca15aa8598ac972f25c8812a1c189cd22f8926ec7b890bc8ea6a70a7779fd1
c474bd7069e315e89fc96778d70b8f1de3518413e2abee1b294871fdad6887d4
c8c998831c68de988f5ef84f6b4e64c3fd2bc9799cdaf419eca86094f207a150
ce1fc118ce58922807cd6223f6412463c48eb744bda33883bc900deb51d4cf93
d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39
dc321f6f1ccd09a5946f7d33247cfbde5fce3989175adf883fd198ff91a8161e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1f2e0e5d7b5b02f89ba769649c49b9589dcac727fa66f47a1517a469ec0e046
f3e3d5425770004b388a131cbd8193fd93bc5a5eae4523cb549d7f7655db0eca
fbcfdd7948d008668a2e6f0fbc0eec91979b0a1b6ef92091973127c0158abd80

it-aggiornare.online Open in urlscan Pro 2a01:238:20a:202:1157:: Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

68 Requests

75 %HTTPS

50 %IPv6

15 Domains

24 Subdomains

25 IPs

4 Countries

873 kBTransfer

1965 kBSize

1 Cookies

10 Outgoing links

Page URL History

Redirected requests

68 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

it-aggiornare.online Open in urlscan Pro
2a01:238:20a:202:1157:: Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

68
Requests

75 %
HTTPS

50 %
IPv6

15
Domains

24
Subdomains

25
IPs

4
Countries

873 kB
Transfer

1965 kB
Size

1
Cookies

68 HTTP transactions
1 data transactions