urlscan.io logo urlscan.io
SecurityTrails logo

landing.offerteperte.net Open in urlscan Pro
178.255.74.101  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://n0w.it/JVhpK
Effective URL: https://landing.offerteperte.net/chetariffa/tim/f1/a/?url=http%3A%2F%2Fsms.ediscom.it%2FPlatform%2FLead%2FCTL%2Fsave.htm%3Ftoken%...
Submission: On February 23 via manual from IT
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 5 countries across 10 domains to perform 19 HTTP transactions. The main IP is 178.255.74.101, located in Italy and belongs to ASN-IDC T.NO.OM.I.NC, IT. The main domain is landing.offerteperte.net.
TLS certificate: Issued by Let's Encrypt Authority X3 on February 11th 2020. Valid for: 3 months.
This is the only time landing.offerteperte.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 178.255.74.104 20746 (ASN-IDC T...)
8 178.255.74.101 20746 (ASN-IDC T...)
1 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700::68... 13335 (CLOUDFLAR...)
2 147.75.32.99 54825 (PACKET)
1 2 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 147.75.32.13 54825 (PACKET)
19 8
1    178.255.74.104 (Italy)

ASN20746 (ASN-IDC T.NO.OM.I.NC, IT)
PTR: paruzzaro.espotter.net
n0w.it
8    178.255.74.101 (Italy)

ASN20746 (ASN-IDC T.NO.OM.I.NC, IT)
PTR: oleggio.espotter.net
landing.offerteperte.net
1    2a00:1450:4001:821::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2606:4700::6811:4004 (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
2    147.75.32.99 (Amsterdam, Netherlands)

ASN54825 (PACKET, US)
PTR: pkt-ams-k2-shared-ingress12
static.hotjar.com
vars.hotjar.com
2    2a00:1450:4001:800::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
3    2a00:1450:4001:820::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2a00:1450:400c:c0a::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a00:1450:4001:808::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:81f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
1    147.75.32.13 (Amsterdam, Netherlands)

ASN54825 (PACKET, US)
PTR: pkt-ams-k2-shared-ingress9
script.hotjar.com
Domain Requested by
8 landing.offerteperte.net landing.offerteperte.net
3 fonts.gstatic.com landing.offerteperte.net
2 www.google-analytics.com 1 redirects landing.offerteperte.net
2 cdnjs.cloudflare.com landing.offerteperte.net
1 vars.hotjar.com static.hotjar.com
1 script.hotjar.com static.hotjar.com
1 www.google.de landing.offerteperte.net
1 www.google.com 1 redirects
1 stats.g.doubleclick.net 1 redirects
1 static.hotjar.com landing.offerteperte.net
1 fonts.googleapis.com landing.offerteperte.net
1 n0w.it 1 redirects
19 12

This site contains links to these domains. Also see Links.

Domain
www.ediscom.it
sms.ediscom.it
Subject Issuer Validity Valid
landing.offerteperte.net
Let's Encrypt Authority X3		 2020-02-11 -
2020-05-11		 3 months crt.sh
*.storage.googleapis.com
GTS CA 1O1		 2020-02-12 -
2020-05-06		 3 months crt.sh
cloudflare.com
CloudFlare Inc ECC CA-2		 2020-01-07 -
2020-10-09		 9 months crt.sh
static.hotjar.com
Let's Encrypt Authority X3		 2020-02-03 -
2020-05-03		 3 months crt.sh
*.google-analytics.com
GTS CA 1O1		 2020-02-12 -
2020-05-06		 3 months crt.sh
*.google.com
GTS CA 1O1		 2020-02-12 -
2020-05-06		 3 months crt.sh
www.google.de
GTS CA 1O1		 2020-02-12 -
2020-05-06		 3 months crt.sh
script.hotjar.com
Let's Encrypt Authority X3		 2020-02-03 -
2020-05-03		 3 months crt.sh
vars.hotjar.com
Let's Encrypt Authority X3		 2020-02-03 -
2020-05-03		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://landing.offerteperte.net/chetariffa/tim/f1/a/?url=http%3A%2F%2Fsms.ediscom.it%2FPlatform%2FLead%2FCTL%2Fsave.htm%3Ftoken%3D22d2989f0201667354a7281cf01f9842%26s%3D222097818%26d%3D65290&cellulare=3489173994
Frame ID: 7FD8615B9BA40C967D5678604742DEB9
Requests: 18 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-469cf41adb11dc78be68c1ae7f9457a4.html
Frame ID: 0BF1AE88CA4CDD4FCF9450F77174B83F
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://n0w.it/JVhpK HTTP 302
    https://landing.offerteperte.net/chetariffa/tim/f1/a/?url=http%3A%2F%2Fsms.ediscom.it%2FPlatform%2FLead%2FCTL... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /php\/?([\d.]+)?/i
Overall confidence: 100%
Detected patterns
  • headers server /Unix/i
Overall confidence: 100%
Detected patterns
  • headers server /OpenSSL(?:\/([\d.]+[a-z]?))?/i
Overall confidence: 100%
Detected patterns
  • headers server /\b(?:mod_)?DAV\b(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • headers server /mod_ssl(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|\b)HTTPD)/i
  • headers server /\b(?:mod_)?DAV\b(?:\/([\d.]+))?/i
  • headers server /mod_ssl(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Page Statistics

19
Requests

100 %
HTTPS

64 %
IPv6

10
Domains

12
Subdomains

8
IPs

5
Countries

148 kB
Transfer

576 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://n0w.it/JVhpK HTTP 302
    https://landing.offerteperte.net/chetariffa/tim/f1/a/?url=http%3A%2F%2Fsms.ediscom.it%2FPlatform%2FLead%2FCTL%2Fsave.htm%3Ftoken%3D22d2989f0201667354a7281cf01f9842%26s%3D222097818%26d%3D65290&cellulare=3489173994 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 13
  • https://www.google-analytics.com/r/collect?v=1&_v=j81&a=2107769922&t=pageview&_s=1&dl=https%3A%2F%2Flanding.offerteperte.net%2Fchetariffa%2Ftim%2Ff1%2Fa%2F%3Furl%3Dhttp%253A%252F%252Fsms.ediscom.it%252FPlatform%252FLead%252FCTL%252Fsave.htm%253Ftoken%253D22d2989f0201667354a7281cf01f9842%2526s%253D222097818%2526d%253D65290%26cellulare%3D3489173994&dp=%2Fchetariffa%2Ftim%2Ff1%2Fa%2F%3Furl%3Dhttp%253A%252F%252Fsms.ediscom.it%252FPlatform%252FLead%252FCTL%252Fsave.htm%253Ftoken%253D22d2989f0201667354a7281cf01f9842%2526s%253D222097818%2526d%253D65290%26cellulare%3D3489173994&ul=en-us&de=UTF-8&dt=Chetariffa.it%20-%20TIM%20SUPER%20FIBRA&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEAB~&jid=1624939486&gjid=806213467&cid=553557848.1582481549&tid=UA-47560169-22&_gid=2080701079.1582481549&_r=1&z=482188550 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-47560169-22&cid=553557848.1582481549&jid=1624939486&_gid=2080701079.1582481549&gjid=806213467&_v=j81&z=482188550 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-47560169-22&cid=553557848.1582481549&jid=1624939486&_v=j81&z=482188550 HTTP 302
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-47560169-22&cid=553557848.1582481549&jid=1624939486&_v=j81&z=482188550&slf_rd=1&random=1894917396

19 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
landing.offerteperte.net/chetariffa/tim/f1/a/
Redirect Chain
  • http://n0w.it/JVhpK
  • https://landing.offerteperte.net/chetariffa/tim/f1/a/?url=http%3A%2F%2Fsms.ediscom.it%2FPlatform%2FLead%2FCTL%2Fsave.htm%3Ftoken%3D22d2989f0201667354a7281cf01f9842%26s%3D222097818%26d%3D65290&cellu...
7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://landing.offerteperte.net/chetariffa/tim/f1/a/?url=http%3A%2F%2Fsms.ediscom.it%2FPlatform%2FLead%2FCTL%2Fsave.htm%3Ftoken%3D22d2989f0201667354a7281cf01f9842%26s%3D222097818%26d%3D65290&cellulare=3489173994
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
178.255.74.101 , Italy, ASN20746 (ASN-IDC T.NO.OM.I.NC, IT),
Reverse DNS
oleggio.espotter.net
Software
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1c DAV/2 PHP/5.4.13 / PHP/5.4.13
Resource Hash
d8a2edad741c4466ac21df3c438a84782ce5af047f003f7e912789a98577e71a

Request headers

Host
landing.offerteperte.net
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 23 Feb 2020 18:12:28 GMT
Server
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1c DAV/2 PHP/5.4.13
X-Powered-By
PHP/5.4.13
Vary
User-Agent,Accept-Encoding
Content-Encoding
gzip
Content-Length
2621
Keep-Alive
timeout=2
Connection
Keep-Alive
Content-Type
text/html

Redirect headers

Date
Sun, 23 Feb 2020 18:12:29 GMT
Server
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1c DAV/2 PHP/5.4.13
X-Powered-By
PHP/5.4.13
Location
https://landing.offerteperte.net/chetariffa/tim/f1/a/?url=http%3A%2F%2Fsms.ediscom.it%2FPlatform%2FLead%2FCTL%2Fsave.htm%3Ftoken%3D22d2989f0201667354a7281cf01f9842%26s%3D222097818%26d%3D65290&cellulare=3489173994
P3P
policyref="http://n0w.it/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa OUR NOR UNI COM NAV INT"
Content-Length
0
Keep-Alive
timeout=2
Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
css
fonts.googleapis.com/ 		4 KB
670 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Poppins:300,400,700&display=swap
Requested by
Host: landing.offerteperte.net
URL: https://landing.offerteperte.net/chetariffa/tim/f1/a/?url=http%3A%2F%2Fsms.ediscom.it%2FPlatform%2FLead%2FCTL%2Fsave.htm%3Ftoken%3D22d2989f0201667354a7281cf01f9842%26s%3D222097818%26d%3D65290&cellulare=3489173994
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a2f0e9b5c6181dbb1b09f398063eec5dfb22af5d97e635fbf7f7c1dc569630ef
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://landing.offerteperte.net/chetariffa/tim/f1/a/?url=http%3A%2F%2Fsms.ediscom.it%2FPlatform%2FLead%2FCTL%2Fsave.htm%3Ftoken%3D22d2989f0201667354a7281cf01f9842%26s%3D222097818%26d%3D65290&cellulare=3489173994
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 23 Feb 2020 18:12:28 GMT
server
ESF
date
Sun, 23 Feb 2020 18:12:28 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 23 Feb 2020 18:12:28 GMT
style.css
landing.offerteperte.net/chetariffa/tim/f1/css/ 		5 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://landing.offerteperte.net/chetariffa/tim/f1/css/style.css
Requested by
Host: landing.offerteperte.net
URL: https://landing.offerteperte.net/chetariffa/tim/f1/a/?url=http%3A%2F%2Fsms.ediscom.it%2FPlatform%2FLead%2FCTL%2Fsave.htm%3Ftoken%3D22d2989f0201667354a7281cf01f9842%26s%3D222097818%26d%3D65290&cellulare=3489173994
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
178.255.74.101 , Italy, ASN20746 (ASN-IDC T.NO.OM.I.NC, IT),
Reverse DNS
oleggio.espotter.net
Software
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1c DAV/2 PHP/5.4.13 /
Resource Hash
59703e1dc2d6f7330ac9251a16bbbc39967a3674f0be2c0aa3c9ccb345367601

Request headers

Referer
https://landing.offerteperte.net/chetariffa/tim/f1/a/?url=http%3A%2F%2Fsms.ediscom.it%2FPlatform%2FLead%2FCTL%2Fsave.htm%3Ftoken%3D22d2989f0201667354a7281cf01f9842%26s%3D222097818%26d%3D65290&cellulare=3489173994
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

Date
Sun, 23 Feb 2020 18:12:28 GMT
Last-Modified
Mon, 10 Feb 2020 11:20:06 GMT
Server
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1c DAV/2 PHP/5.4.13
ETag
"a1e22ef-147f-59e36ebe354c0"
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=2
Content-Length
5247
js.cookie.min.js
cdnjs.cloudflare.com/ajax/libs/js-cookie/2.2.0/ 		2 KB
945 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/js-cookie/2.2.0/js.cookie.min.js
Requested by
Host: landing.offerteperte.net
URL: https://landing.offerteperte.net/chetariffa/tim/f1/a/?url=http%3A%2F%2Fsms.ediscom.it%2FPlatform%2FLead%2FCTL%2Fsave.htm%3Ftoken%3D22d2989f0201667354a7281cf01f9842%26s%3D222097818%26d%3D65290&cellulare=3489173994
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:4004 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f4db76afeb499d277603609152f9e382c0fe112d44c6f8db8c136a89d9bd7682
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

Referer
https://landing.offerteperte.net/chetariffa/tim/f1/a/?url=http%3A%2F%2Fsms.ediscom.it%2FPlatform%2FLead%2FCTL%2Fsave.htm%3Ftoken%3D22d2989f0201667354a7281cf01f9842%26s%3D222097818%26d%3D65290&cellulare=3489173994
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Sun, 23 Feb 2020 18:12:28 GMT
content-encoding
br
cf-cache-status
HIT
age
19235704
cf-ray
569b2b10c91c1f3d-FRA
status
200
strict-transport-security
max-age=15780000; includeSubDomains
alt-svc
h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
last-modified
Thu, 17 May 2018 09:20:16 GMT
server
cloudflare
etag
W/"5afd4950-699"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
expires
Fri, 12 Feb 2021 18:12:28 GMT
cache-control
public, max-age=30672000
timing-allow-origin
*
served-in-seconds
0.001
cookieBox.min.js
landing.offerteperte.net/__JS/v2/ 		730 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://landing.offerteperte.net/__JS/v2/cookieBox.min.js
Requested by
Host: landing.offerteperte.net
URL: https://landing.offerteperte.net/chetariffa/tim/f1/a/?url=http%3A%2F%2Fsms.ediscom.it%2FPlatform%2FLead%2FCTL%2Fsave.htm%3Ftoken%3D22d2989f0201667354a7281cf01f9842%26s%3D222097818%26d%3D65290&cellulare=3489173994
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
178.255.74.101 , Italy, ASN20746 (ASN-IDC T.NO.OM.I.NC, IT),
Reverse DNS
oleggio.espotter.net
Software
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1c DAV/2 PHP/5.4.13 /
Resource Hash
d5c7db0ec39e271aed06a5ec6de733b7abc0968bc9fc89b8c1820c75a15aba48

Request headers

Referer
https://landing.offerteperte.net/chetariffa/tim/f1/a/?url=http%3A%2F%2Fsms.ediscom.it%2FPlatform%2FLead%2FCTL%2Fsave.htm%3Ftoken%3D22d2989f0201667354a7281cf01f9842%26s%3D222097818%26d%3D65290&cellulare=3489173994
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

Date
Sun, 23 Feb 2020 18:12:28 GMT
Last-Modified
Mon, 22 Jul 2019 12:23:56 GMT
Server
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1c DAV/2 PHP/5.4.13
ETag
"a2001ff-2da-58e44265b6f00"
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=2
Content-Length
730
logo_tim.png
landing.offerteperte.net/chetariffa/tim/f1/img/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://landing.offerteperte.net/chetariffa/tim/f1/img/logo_tim.png
Requested by
Host: landing.offerteperte.net
URL: https://landing.offerteperte.net/chetariffa/tim/f1/a/?url=http%3A%2F%2Fsms.ediscom.it%2FPlatform%2FLead%2FCTL%2Fsave.htm%3Ftoken%3D22d2989f0201667354a7281cf01f9842%26s%3D222097818%26d%3D65290&cellulare=3489173994
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
178.255.74.101 , Italy, ASN20746 (ASN-IDC T.NO.OM.I.NC, IT),
Reverse DNS
oleggio.espotter.net
Software
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1c DAV/2 PHP/5.4.13 /
Resource Hash
34272a20d88ae31bac51e8844f75aa9186ce64dce3cacecd736f1ee9bdc3ffb3

Request headers

Referer
https://landing.offerteperte.net/chetariffa/tim/f1/a/?url=http%3A%2F%2Fsms.ediscom.it%2FPlatform%2FLead%2FCTL%2Fsave.htm%3Ftoken%3D22d2989f0201667354a7281cf01f9842%26s%3D222097818%26d%3D65290&cellulare=3489173994
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Date
Sun, 23 Feb 2020 18:12:28 GMT
Last-Modified
Mon, 10 Feb 2020 11:20:07 GMT
Server
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1c DAV/2 PHP/5.4.13
ETag
"a1e22f5-6b6-59e36ebed3fd0"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=2
Content-Length
1718
logo_chetariffa.png
landing.offerteperte.net/chetariffa/tim/f1/img/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://landing.offerteperte.net/chetariffa/tim/f1/img/logo_chetariffa.png
Requested by
Host: landing.offerteperte.net
URL: https://landing.offerteperte.net/chetariffa/tim/f1/a/?url=http%3A%2F%2Fsms.ediscom.it%2FPlatform%2FLead%2FCTL%2Fsave.htm%3Ftoken%3D22d2989f0201667354a7281cf01f9842%26s%3D222097818%26d%3D65290&cellulare=3489173994
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
178.255.74.101 , Italy, ASN20746 (ASN-IDC T.NO.OM.I.NC, IT),
Reverse DNS
oleggio.espotter.net
Software
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1c DAV/2 PHP/5.4.13 /
Resource Hash
3b46b9d5103c7c3783256199941065270bf20da86ac65155eddbef6b9ed43e29

Request headers

Referer
https://landing.offerteperte.net/chetariffa/tim/f1/a/?url=http%3A%2F%2Fsms.ediscom.it%2FPlatform%2FLead%2FCTL%2Fsave.htm%3Ftoken%3D22d2989f0201667354a7281cf01f9842%26s%3D222097818%26d%3D65290&cellulare=3489173994
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Date
Sun, 23 Feb 2020 18:12:29 GMT
Last-Modified
Mon, 10 Feb 2020 11:20:07 GMT
Server
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1c DAV/2 PHP/5.4.13
ETag
"a1e22f4-5ad-59e36ebeaf5e0"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=2
Content-Length
1453
img.jpg
landing.offerteperte.net/chetariffa/tim/f1/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://landing.offerteperte.net/chetariffa/tim/f1/img/img.jpg
Requested by
Host: landing.offerteperte.net
URL: https://landing.offerteperte.net/chetariffa/tim/f1/a/?url=http%3A%2F%2Fsms.ediscom.it%2FPlatform%2FLead%2FCTL%2Fsave.htm%3Ftoken%3D22d2989f0201667354a7281cf01f9842%26s%3D222097818%26d%3D65290&cellulare=3489173994
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
178.255.74.101 , Italy, ASN20746 (ASN-IDC T.NO.OM.I.NC, IT),
Reverse DNS
oleggio.espotter.net
Software
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1c DAV/2 PHP/5.4.13 /
Resource Hash
ec7a889759a7bb675815497866c57d2b3c72ca3c2b7de1529b8fac40543d8583

Request headers

Referer
https://landing.offerteperte.net/chetariffa/tim/f1/a/?url=http%3A%2F%2Fsms.ediscom.it%2FPlatform%2FLead%2FCTL%2Fsave.htm%3Ftoken%3D22d2989f0201667354a7281cf01f9842%26s%3D222097818%26d%3D65290&cellulare=3489173994
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Date
Sun, 23 Feb 2020 18:12:29 GMT
Last-Modified
Mon, 10 Feb 2020 11:20:06 GMT
Server
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1c DAV/2 PHP/5.4.13
ETag
"a1e22f1-1d17-59e36ebe836c0"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=2
Content-Length
7447
freccia_cta.png
landing.offerteperte.net/chetariffa/tim/f1/img/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://landing.offerteperte.net/chetariffa/tim/f1/img/freccia_cta.png
Requested by
Host: landing.offerteperte.net
URL: https://landing.offerteperte.net/chetariffa/tim/f1/a/?url=http%3A%2F%2Fsms.ediscom.it%2FPlatform%2FLead%2FCTL%2Fsave.htm%3Ftoken%3D22d2989f0201667354a7281cf01f9842%26s%3D222097818%26d%3D65290&cellulare=3489173994
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
178.255.74.101 , Italy, ASN20746 (ASN-IDC T.NO.OM.I.NC, IT),
Reverse DNS
oleggio.espotter.net
Software
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1c DAV/2 PHP/5.4.13 /
Resource Hash
b951269db99f8dc4919dfb64a5f9d2975adfdb480de7ae59fcd79b4d46902050

Request headers

Referer
https://landing.offerteperte.net/chetariffa/tim/f1/a/?url=http%3A%2F%2Fsms.ediscom.it%2FPlatform%2FLead%2FCTL%2Fsave.htm%3Ftoken%3D22d2989f0201667354a7281cf01f9842%26s%3D222097818%26d%3D65290&cellulare=3489173994
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Date
Sun, 23 Feb 2020 18:12:29 GMT
Last-Modified
Mon, 10 Feb 2020 11:20:06 GMT
Server
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1c DAV/2 PHP/5.4.13
ETag
"a1e22ed-786-59e36ebe59eb0"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=2
Content-Length
1926
whatsapp.svg
landing.offerteperte.net/chetariffa/tim/f1/img/ 		933 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://landing.offerteperte.net/chetariffa/tim/f1/img/whatsapp.svg
Requested by
Host: landing.offerteperte.net
URL: https://landing.offerteperte.net/chetariffa/tim/f1/a/?url=http%3A%2F%2Fsms.ediscom.it%2FPlatform%2FLead%2FCTL%2Fsave.htm%3Ftoken%3D22d2989f0201667354a7281cf01f9842%26s%3D222097818%26d%3D65290&cellulare=3489173994
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
178.255.74.101 , Italy, ASN20746 (ASN-IDC T.NO.OM.I.NC, IT),
Reverse DNS
oleggio.espotter.net
Software
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1c DAV/2 PHP/5.4.13 /
Resource Hash
d6d99744a6525b667395abde6839929b6a13d78656b6f9e4a6e172fd9b7a3ac6

Request headers

Referer
https://landing.offerteperte.net/chetariffa/tim/f1/a/?url=http%3A%2F%2Fsms.ediscom.it%2FPlatform%2FLead%2FCTL%2Fsave.htm%3Ftoken%3D22d2989f0201667354a7281cf01f9842%26s%3D222097818%26d%3D65290&cellulare=3489173994
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Date
Sun, 23 Feb 2020 18:12:29 GMT
Last-Modified
Mon, 10 Feb 2020 11:20:07 GMT
Server
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1c DAV/2 PHP/5.4.13
ETag
"a1e22f9-3a5-59e36ebf0e950"
Content-Type
image/svg+xml
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=2
Content-Length
933
smooth-scroll.polyfills.min.js
cdnjs.cloudflare.com/ajax/libs/smooth-scroll/15.2.1/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/smooth-scroll/15.2.1/smooth-scroll.polyfills.min.js
Requested by
Host: landing.offerteperte.net
URL: https://landing.offerteperte.net/chetariffa/tim/f1/a/?url=http%3A%2F%2Fsms.ediscom.it%2FPlatform%2FLead%2FCTL%2Fsave.htm%3Ftoken%3D22d2989f0201667354a7281cf01f9842%26s%3D222097818%26d%3D65290&cellulare=3489173994
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:4004 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1512662ffdb56b269ac9f0abfade75b58bf197915fb00475e27d1ed8357f7174
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

Referer
https://landing.offerteperte.net/chetariffa/tim/f1/a/?url=http%3A%2F%2Fsms.ediscom.it%2FPlatform%2FLead%2FCTL%2Fsave.htm%3Ftoken%3D22d2989f0201667354a7281cf01f9842%26s%3D222097818%26d%3D65290&cellulare=3489173994
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Sun, 23 Feb 2020 18:12:28 GMT
content-encoding
br
cf-cache-status
HIT
age
2637477
cf-ray
569b2b111a1b1f3d-FRA
status
200
strict-transport-security
max-age=15780000; includeSubDomains
alt-svc
h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
last-modified
Wed, 23 Jan 2019 20:00:52 GMT
server
cloudflare
etag
W/"5c48c7f4-192d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
expires
Fri, 12 Feb 2021 18:12:28 GMT
cache-control
public, max-age=30672000
timing-allow-origin
*
served-in-seconds
0.001
hotjar-1153404.js
static.hotjar.com/c/ 		70 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-1153404.js?sv=6
Requested by
Host: landing.offerteperte.net
URL: https://landing.offerteperte.net/chetariffa/tim/f1/a/?url=http%3A%2F%2Fsms.ediscom.it%2FPlatform%2FLead%2FCTL%2Fsave.htm%3Ftoken%3D22d2989f0201667354a7281cf01f9842%26s%3D222097818%26d%3D65290&cellulare=3489173994
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
147.75.32.99 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
pkt-ams-k2-shared-ingress12
Software
/
Resource Hash
43aede2413389e791ad90b7168bb0b3eebd5f3864eb69fce5bf538d342f0dd2f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://landing.offerteperte.net/chetariffa/tim/f1/a/?url=http%3A%2F%2Fsms.ediscom.it%2FPlatform%2FLead%2FCTL%2Fsave.htm%3Ftoken%3D22d2989f0201667354a7281cf01f9842%26s%3D222097818%26d%3D65290&cellulare=3489173994
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Sun, 23 Feb 2020 18:12:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
application/javascript
section-io-tag
hotjar
age
201
status
200
access-control-max-age
600
section-io-cache
Hit
content-length
7989
x-cache-hit
1
x-frame-options
SAMEORIGIN
etag
W/ab9724f60663518e1e98c39b781385ad
vary
Accept-Encoding
section-io-origin-status
304
access-control-allow-origin
*
cache-control
max-age=60
section-io-origin-time-seconds
0.085
accept-ranges
bytes
section-io-id
4381cf3852cc6538a2dffe99f9b32600
section-origin-responded
true
analytics.js
www.google-analytics.com/ 		44 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: landing.offerteperte.net
URL: https://landing.offerteperte.net/chetariffa/tim/f1/a/?url=http%3A%2F%2Fsms.ediscom.it%2FPlatform%2FLead%2FCTL%2Fsave.htm%3Ftoken%3D22d2989f0201667354a7281cf01f9842%26s%3D222097818%26d%3D65290&cellulare=3489173994
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://landing.offerteperte.net/chetariffa/tim/f1/a/?url=http%3A%2F%2Fsms.ediscom.it%2FPlatform%2FLead%2FCTL%2Fsave.htm%3Ftoken%3D22d2989f0201667354a7281cf01f9842%26s%3D222097818%26d%3D65290&cellulare=3489173994
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 06 Feb 2020 00:21:02 GMT
server
Golfe2
age
1438
date
Sun, 23 Feb 2020 17:48:30 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
18174
expires
Sun, 23 Feb 2020 19:48:30 GMT
pxiEyp8kv8JHgFVrJJfecnFHGPc.woff2
fonts.gstatic.com/s/poppins/v9/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v9/pxiEyp8kv8JHgFVrJJfecnFHGPc.woff2
Requested by
Host: landing.offerteperte.net
URL: https://landing.offerteperte.net/chetariffa/tim/f1/a/?url=http%3A%2F%2Fsms.ediscom.it%2FPlatform%2FLead%2FCTL%2Fsave.htm%3Ftoken%3D22d2989f0201667354a7281cf01f9842%26s%3D222097818%26d%3D65290&cellulare=3489173994
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fab32ccef85408b763c899ad7c0b910c96c76dc9ed7158ce304fdcd3c0bf8388
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/css?family=Poppins:300,400,700&display=swap
Origin
https://landing.offerteperte.net
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 19 Feb 2020 10:33:06 GMT
x-content-type-options
nosniff
last-modified
Tue, 08 Oct 2019 21:22:04 GMT
server
sffe
age
373162
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
7968
x-xss-protection
0
expires
Thu, 18 Feb 2021 10:33:06 GMT
ga-audiences
www.google.de/ads/
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j81&a=2107769922&t=pageview&_s=1&dl=https%3A%2F%2Flanding.offerteperte.net%2Fchetariffa%2Ftim%2Ff1%2Fa%2F%3Furl%3Dhttp%253A%252F%252Fsms.ediscom.it...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-47560169-22&cid=553557848.1582481549&jid=1624939486&_gid=2080701079.1582481549&gjid=806213467&_v=j81&z=482188550
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-47560169-22&cid=553557848.1582481549&jid=1624939486&_v=j81&z=482188550
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-47560169-22&cid=553557848.1582481549&jid=1624939486&_v=j81&z=482188550&slf_rd=1&random=1894917396
42 B
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-47560169-22&cid=553557848.1582481549&jid=1624939486&_v=j81&z=482188550&slf_rd=1&random=1894917396
Requested by
Host: landing.offerteperte.net
URL: https://landing.offerteperte.net/chetariffa/tim/f1/a/?url=http%3A%2F%2Fsms.ediscom.it%2FPlatform%2FLead%2FCTL%2Fsave.htm%3Ftoken%3D22d2989f0201667354a7281cf01f9842%26s%3D222097818%26d%3D65290&cellulare=3489173994
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://landing.offerteperte.net/chetariffa/tim/f1/a/?url=http%3A%2F%2Fsms.ediscom.it%2FPlatform%2FLead%2FCTL%2Fsave.htm%3Ftoken%3D22d2989f0201667354a7281cf01f9842%26s%3D222097818%26d%3D65290&cellulare=3489173994
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 23 Feb 2020 18:12:29 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 23 Feb 2020 18:12:29 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-47560169-22&cid=553557848.1582481549&jid=1624939486&_v=j81&z=482188550&slf_rd=1&random=1894917396
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
302
cache-control
no-cache, no-store, must-revalidate
content-type
text/html; charset=UTF-8
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pxiByp8kv8JHgFVrLCz7Z1xlFd2JQEk.woff2
fonts.gstatic.com/s/poppins/v9/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v9/pxiByp8kv8JHgFVrLCz7Z1xlFd2JQEk.woff2
Requested by
Host: landing.offerteperte.net
URL: https://landing.offerteperte.net/chetariffa/tim/f1/a/?url=http%3A%2F%2Fsms.ediscom.it%2FPlatform%2FLead%2FCTL%2Fsave.htm%3Ftoken%3D22d2989f0201667354a7281cf01f9842%26s%3D222097818%26d%3D65290&cellulare=3489173994
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
56a522e79770e488da6015ed10f8c2bdafbcd87a7c6d443f7a293579bd0ef58d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/css?family=Poppins:300,400,700&display=swap
Origin
https://landing.offerteperte.net
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 04 Feb 2020 03:01:06 GMT
x-content-type-options
nosniff
last-modified
Tue, 08 Oct 2019 21:22:29 GMT
server
sffe
age
1696283
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
7924
x-xss-protection
0
expires
Wed, 03 Feb 2021 03:01:06 GMT
pxiByp8kv8JHgFVrLDz8Z1xlFd2JQEk.woff2
fonts.gstatic.com/s/poppins/v9/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v9/pxiByp8kv8JHgFVrLDz8Z1xlFd2JQEk.woff2
Requested by
Host: landing.offerteperte.net
URL: https://landing.offerteperte.net/chetariffa/tim/f1/a/?url=http%3A%2F%2Fsms.ediscom.it%2FPlatform%2FLead%2FCTL%2Fsave.htm%3Ftoken%3D22d2989f0201667354a7281cf01f9842%26s%3D222097818%26d%3D65290&cellulare=3489173994
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0fe2aa289162af5650c4a5ad04948ed0872b83982060632f75b9dbd8520d2c8b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/css?family=Poppins:300,400,700&display=swap
Origin
https://landing.offerteperte.net
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 31 Jan 2020 00:54:34 GMT
x-content-type-options
nosniff
last-modified
Tue, 08 Oct 2019 21:22:10 GMT
server
sffe
age
2049475
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
7988
x-xss-protection
0
expires
Sat, 30 Jan 2021 00:54:34 GMT
modules.98591d9c2c879f3aa719.js
script.hotjar.com/ 		401 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.98591d9c2c879f3aa719.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1153404.js?sv=6
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
147.75.32.13 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
pkt-ams-k2-shared-ingress9
Software
/
Resource Hash
b7998710121f07b527b21d744ba7b194204c6416b0a09bbf8040442dfcc41c4b

Request headers

Referer
https://landing.offerteperte.net/chetariffa/tim/f1/a/?url=http%3A%2F%2Fsms.ediscom.it%2FPlatform%2FLead%2FCTL%2Fsave.htm%3Ftoken%3D22d2989f0201667354a7281cf01f9842%26s%3D222097818%26d%3D65290&cellulare=3489173994
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Sun, 23 Feb 2020 18:12:29 GMT
content-encoding
br
content-type
application/javascript
age
357662
status
200
section-io-cache
Hit
content-length
71247
last-modified
Wed, 19 Feb 2020 14:48:15 GMT
etag
"5a53ba26c41981e45edfb1e066cd2795"
vary
Accept-Encoding
section-io-origin-status
200
access-control-allow-origin
*
cache-control
max-age=31536000
section-io-origin-time-seconds
0.025
accept-ranges
bytes
section-io-id
37b9970b414d84e25e8192ad1855d899
section-origin-responded
true
box-469cf41adb11dc78be68c1ae7f9457a4.html
vars.hotjar.com/ Frame 0BF1 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://vars.hotjar.com/box-469cf41adb11dc78be68c1ae7f9457a4.html
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1153404.js?sv=6
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
147.75.32.99 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
pkt-ams-k2-shared-ingress12
Software
/
Resource Hash

Request headers

:method
GET
:authority
vars.hotjar.com
:scheme
https
:path
/box-469cf41adb11dc78be68c1ae7f9457a4.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest
iframe
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
referer
https://landing.offerteperte.net/chetariffa/tim/f1/a/?url=http%3A%2F%2Fsms.ediscom.it%2FPlatform%2FLead%2FCTL%2Fsave.htm%3Ftoken%3D22d2989f0201667354a7281cf01f9842%26s%3D222097818%26d%3D65290&cellulare=3489173994
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
iframe
Referer
https://landing.offerteperte.net/chetariffa/tim/f1/a/?url=http%3A%2F%2Fsms.ediscom.it%2FPlatform%2FLead%2FCTL%2Fsave.htm%3Ftoken%3D22d2989f0201667354a7281cf01f9842%26s%3D222097818%26d%3D65290&cellulare=3489173994

Response headers

status
200
date
Sun, 23 Feb 2020 18:12:29 GMT
content-type
text/html
content-length
851
last-modified
Wed, 29 Jan 2020 12:33:12 GMT
etag
"d594f1d4c3e5dbd6b556c60d34e0daea"
cache-control
max-age=31536000
content-encoding
br
section-io-origin-status
200
section-io-origin-time-seconds
0.030
section-origin-responded
true
age
2180357
vary
Accept-Encoding
section-io-cache
Hit
accept-ranges
bytes
section-io-id
305a7c99e379007f44568ac960625427

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate function| hj object| _hjSettings string| GoogleAnalyticsObject function| ga function| Cookies object| google_tag_data object| gaplugins object| gaGlobal object| gaData function| SmoothScroll object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled

4 Cookies

Domain/Path Name / Value
.offerteperte.net/ Name: _gid
Value: GA1.2.2080701079.1582481549
.offerteperte.net/ Name: _hjid
Value: 66c87f57-44a3-408e-bc35-1b2a1fc395bc
.offerteperte.net/ Name: _gat
Value: 1
.offerteperte.net/ Name: _ga
Value: GA1.2.553557848.1582481549

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdnjs.cloudflare.com
fonts.googleapis.com
fonts.gstatic.com
landing.offerteperte.net
n0w.it
script.hotjar.com
static.hotjar.com
stats.g.doubleclick.net
vars.hotjar.com
www.google-analytics.com
www.google.com
www.google.de
147.75.32.13
147.75.32.99
178.255.74.101
178.255.74.104
2606:4700::6811:4004
2a00:1450:4001:800::200e
2a00:1450:4001:808::2004
2a00:1450:4001:81f::2003
2a00:1450:4001:820::2003
2a00:1450:4001:821::200a
2a00:1450:400c:c0a::9b
0fe2aa289162af5650c4a5ad04948ed0872b83982060632f75b9dbd8520d2c8b
1512662ffdb56b269ac9f0abfade75b58bf197915fb00475e27d1ed8357f7174
34272a20d88ae31bac51e8844f75aa9186ce64dce3cacecd736f1ee9bdc3ffb3
3b46b9d5103c7c3783256199941065270bf20da86ac65155eddbef6b9ed43e29
43aede2413389e791ad90b7168bb0b3eebd5f3864eb69fce5bf538d342f0dd2f
56a522e79770e488da6015ed10f8c2bdafbcd87a7c6d443f7a293579bd0ef58d
59703e1dc2d6f7330ac9251a16bbbc39967a3674f0be2c0aa3c9ccb345367601
a2f0e9b5c6181dbb1b09f398063eec5dfb22af5d97e635fbf7f7c1dc569630ef
b7998710121f07b527b21d744ba7b194204c6416b0a09bbf8040442dfcc41c4b
b951269db99f8dc4919dfb64a5f9d2975adfdb480de7ae59fcd79b4d46902050
d5c7db0ec39e271aed06a5ec6de733b7abc0968bc9fc89b8c1820c75a15aba48
d6d99744a6525b667395abde6839929b6a13d78656b6f9e4a6e172fd9b7a3ac6
d8a2edad741c4466ac21df3c438a84782ce5af047f003f7e912789a98577e71a
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
ec7a889759a7bb675815497866c57d2b3c72ca3c2b7de1529b8fac40543d8583
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f4db76afeb499d277603609152f9e382c0fe112d44c6f8db8c136a89d9bd7682
fab32ccef85408b763c899ad7c0b910c96c76dc9ed7158ce304fdcd3c0bf8388