gruppo.bancobpm.it Open in urlscan Pro
66.22.35.29 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://gruppo.bancobpm.it/
Effective URL:
https://gruppo.bancobpm.it/
Submission: On December 28 via api (December 28th 2022, 4:19:18 am UTC) from US — Scanned from IT

Summary HTTP 87 Redirects Links 10 Behaviour Indicators

Summary

This website contacted 46 IPs in 10 countries across 43 domains to perform 87 HTTP transactions. The main IP is 66.22.35.29, located in United States and belongs to RADWARE, IL. The main domain is gruppo.bancobpm.it.
TLS certificate: Issued by Sectigo RSA Extended Validation Secur... on December 1st 2022. Valid for: a year.

This is the only time gruppo.bancobpm.it was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
28	66.22.35.29 66.22.35.29	48851 (RADWARE) (RADWARE)
2	2a00:1450:400... 2a00:1450:400d:808::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:400d:807::2008	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400d:807::2003	15169 (GOOGLE) (GOOGLE)
1	2a02:2638::14 2a02:2638::14	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
4 5	2a02:2638::1c 2a02:2638::1c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	178.250.0.157 178.250.0.157	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2600:9000:223... 2600:9000:223c:5600:1:76cf:fe80:93a1	16509 (AMAZON-02) (AMAZON-02)
2 5	193.0.160.129 193.0.160.129	54312 (ROCKETFUEL) (ROCKETFUEL)
1	178.250.2.151 178.250.2.151	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
4 4	142.250.201.194 142.250.201.194	15169 (GOOGLE) (GOOGLE)
2 3	37.252.171.84 37.252.171.84	29990 (ASN-APPNEX) (ASN-APPNEX)
1 3	34.241.134.251 34.241.134.251	16509 (AMAZON-02) (AMAZON-02)
1	34.98.64.218 34.98.64.218	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	3.124.210.90 3.124.210.90	16509 (AMAZON-02) (AMAZON-02)
2	18.158.8.202 18.158.8.202	16509 (AMAZON-02) (AMAZON-02)
2	92.123.38.97 92.123.38.97	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	108.138.17.118 108.138.17.118	16509 (AMAZON-02) (AMAZON-02)
1 3	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
1	3.231.172.211 3.231.172.211	14618 (AMAZON-AES) (AMAZON-AES)
1 2	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
1	23.203.125.189 23.203.125.189	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	185.94.180.126 185.94.180.126	35220 (SPOTX-AMS) (SPOTX-AMS)
2	2600:1f18:612... 2600:1f18:612b:4264:d47e:9b8d:b43d:b5ab	14618 (AMAZON-AES) (AMAZON-AES)
1	54.74.181.165 54.74.181.165	16509 (AMAZON-02) (AMAZON-02)
2	34.247.119.70 34.247.119.70	16509 (AMAZON-02) (AMAZON-02)
2 4	18.158.158.96 18.158.158.96	16509 (AMAZON-02) (AMAZON-02)
2 2	151.101.194.49 151.101.194.49	54113 (FASTLY) (FASTLY)
2	178.250.0.163 178.250.0.163	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	104.18.33.19 104.18.33.19	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	3.122.74.191 3.122.74.191	16509 (AMAZON-02) (AMAZON-02)
1	20.13.96.71 20.13.96.71	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	18.196.238.199 18.196.238.199	16509 (AMAZON-02) (AMAZON-02)
1	185.86.139.106 185.86.139.106	201081 (SMARTADSE...) (SMARTADSERVER)
1	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
1	23.203.125.36 23.203.125.36	16625 (AKAMAI-AS) (AKAMAI-AS)
1	13.248.245.213 13.248.245.213	16509 (AMAZON-02) (AMAZON-02)
1 2	18.156.0.31 18.156.0.31	16509 (AMAZON-02) (AMAZON-02)
1	37.157.3.28 37.157.3.28	198622 (ADFORM) (ADFORM)
1	185.255.84.152 185.255.84.152	200271 (IGUANE-) (IGUANE-)
1	141.95.33.111 141.95.33.111	16276 (OVH) (OVH)
1	34.117.157.22 34.117.157.22	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	3.74.120.124 3.74.120.124	16509 (AMAZON-02) (AMAZON-02)
1	185.64.190.80 185.64.190.80	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	104.70.110.28 104.70.110.28	16625 (AKAMAI-AS) (AKAMAI-AS)
1	54.194.137.201 54.194.137.201	16509 (AMAZON-02) (AMAZON-02)
1	3.23.121.164 3.23.121.164	16509 (AMAZON-02) (AMAZON-02)
87	46

28 66.22.35.29 (United States)

ASN48851 (RADWARE, IL)

gruppo.bancobpm.it	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:808::200a (Ireland)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400d:807::2008 (Ireland)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:807::2003 (Ireland)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638::14 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dynamic.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a02:2638::1c (France) 4 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223c:5600:1:76cf:fe80:93a1 (United States)

ASN16509 (AMAZON-02, US)

c1.rfihub.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 193.0.160.129 (United States) 2 redirects

ASN54312 (ROCKETFUEL, US)

20841584p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
a.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.151 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

sslwidget.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.201.194 (United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: bud02s35-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.252.171.84 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.241.134.251 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-241-134-251.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.124.210.90 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-124-210-90.eu-central-1.compute.amazonaws.com

ps.eyeota.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.158.8.202 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-158-8-202.eu-central-1.compute.amazonaws.com

e1.emxdgt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 92.123.38.97 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a92-123-38-97.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.17.118 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-108-138-17-118.fra56.r.cloudfront.net

live.rezync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.244.174.68 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.231.172.211 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-231-172-211.compute-1.amazonaws.com

bpi.rtactivate.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.80.39.216 (Canada) 1 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.203.125.189 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a23-203-125-189.deploy.static.akamaitechnologies.com

x.dlx.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.94.180.126 (Amsterdam, Netherlands) 1 redirects

ASN35220 (SPOTX-AMS, US)

sync.search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1f18:612b:4264:d47e:9b8d:b43d:b5ab (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
criteo-partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.74.181.165 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-74-181-165.eu-west-1.compute.amazonaws.com

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.247.119.70 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-247-119-70.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.158.158.96 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-158-158-96.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.194.49 (United States) 2 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.0.163 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.33.19 (None, )

ASN13335 (CLOUDFLARENET, US)

r.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.122.74.191 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-122-74-191.eu-central-1.compute.amazonaws.com

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 20.13.96.71 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

sync.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.196.238.199 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-196-238-199.eu-central-1.compute.amazonaws.com

match.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.139.106 (France)

ASN201081 (SMARTADSERVER, FR)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)

sync-t1.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.203.125.36 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a23-203-125-36.deploy.static.akamaitechnologies.com

criteo-sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.248.245.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.156.0.31 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.3.28 (Denmark)

ASN198622 (ADFORM, DK)

cm.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.255.84.152 (France)

ASN200271 (IGUANE-, FR)

visitor.omnitagjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.95.33.111 (Germany)

ASN16276 (OVH, FR)
PTR: ns3203177.ip-141-95-33.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.117.157.22 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 22.157.117.34.bc.googleusercontent.com

matching.ivitrack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.74.120.124 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-74-120-124.eu-central-1.compute.amazonaws.com

exchange.mediavine.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.70.110.28 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a104-70-110-28.deploy.static.akamaitechnologies.com

ad.yieldlab.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.194.137.201 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-194-137-201.eu-west-1.compute.amazonaws.com

sync-criteo.ads.yieldmo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.23.121.164 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-23-121-164.us-east-2.compute.amazonaws.com

s.thebrighttag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
28	bancobpm.it gruppo.bancobpm.it	3 MB
10	criteo.com 4 redirects dynamic.criteo.com — Cisco Umbrella Rank: 3522 gum.criteo.com — Cisco Umbrella Rank: 433 mug.criteo.com — Cisco Umbrella Rank: 2069 sslwidget.criteo.com — Cisco Umbrella Rank: 1823 dis.criteo.com — Cisco Umbrella Rank: 890	27 KB
5	rfihub.com 2 redirects 20841584p.rfihub.com a.rfihub.com — Cisco Umbrella Rank: 3670 p.rfihub.com — Cisco Umbrella Rank: 1107	7 KB
4	bidswitch.net 2 redirects x.bidswitch.net — Cisco Umbrella Rank: 375	2 KB
4	doubleclick.net 4 redirects cm.g.doubleclick.net — Cisco Umbrella Rank: 278	743 B
3	casalemedia.com 1 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 772 r.casalemedia.com — Cisco Umbrella Rank: 1578	2 KB
3	rlcdn.com 1 redirects idsync.rlcdn.com — Cisco Umbrella Rank: 465	524 B
3	demdex.net 1 redirects dpm.demdex.net — Cisco Umbrella Rank: 252	3 KB
3	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 275	3 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 115	223 KB
2	yahoo.com 1 redirects ups.analytics.yahoo.com — Cisco Umbrella Rank: 368	508 B
2	360yield.com 1 redirects ad.360yield.com — Cisco Umbrella Rank: 754	854 B
2	everesttech.net 2 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 836	610 B
2	krxd.net beacon.krxd.net — Cisco Umbrella Rank: 745	673 B
2	tremorhub.com partners.tremorhub.com — Cisco Umbrella Rank: 1379 criteo-partners.tremorhub.com — Cisco Umbrella Rank: 2586	365 B
2	spotxchange.com 1 redirects sync.search.spotxchange.com — Cisco Umbrella Rank: 752	1 KB
2	media.net contextual.media.net — Cisco Umbrella Rank: 681	1 KB
2	emxdgt.com e1.emxdgt.com — Cisco Umbrella Rank: 961	77 B
2	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2158	403 B
2	gstatic.com fonts.gstatic.com	56 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 111	2 KB
1	thebrighttag.com s.thebrighttag.com — Cisco Umbrella Rank: 2440	269 B
1	yieldmo.com sync-criteo.ads.yieldmo.com — Cisco Umbrella Rank: 2234	220 B
1	yieldlab.net ad.yieldlab.net — Cisco Umbrella Rank: 4189	360 B
1	pubmatic.com simage2.pubmatic.com — Cisco Umbrella Rank: 852	578 B
1	mediavine.com exchange.mediavine.com — Cisco Umbrella Rank: 1408	880 B
1	ivitrack.com matching.ivitrack.com — Cisco Umbrella Rank: 2795	274 B
1	id5-sync.com id5-sync.com — Cisco Umbrella Rank: 510	1 KB
1	omnitagjs.com visitor.omnitagjs.com — Cisco Umbrella Rank: 1021	235 B
1	adform.net cm.adform.net — Cisco Umbrella Rank: 1940	163 B
1	3lift.com eb2.3lift.com — Cisco Umbrella Rank: 461	140 B
1	teads.tv criteo-sync.teads.tv — Cisco Umbrella Rank: 2053	172 B
1	taboola.com sync-t1.taboola.com — Cisco Umbrella Rank: 1285	99 B
1	smartadserver.com rtb-csync.smartadserver.com — Cisco Umbrella Rank: 637	163 B
1	sharethrough.com match.sharethrough.com — Cisco Umbrella Rank: 617	35 B
1	outbrain.com sync.outbrain.com — Cisco Umbrella Rank: 898	145 B
1	agkn.com aa.agkn.com — Cisco Umbrella Rank: 615	377 B
1	addthis.com x.dlx.addthis.com — Cisco Umbrella Rank: 1909	191 B
1	rtactivate.com bpi.rtactivate.com — Cisco Umbrella Rank: 2292	109 B
1	rezync.com 1 redirects live.rezync.com — Cisco Umbrella Rank: 2874	780 B
1	eyeota.net ps.eyeota.net — Cisco Umbrella Rank: 1271	344 B
1	openx.net us-u.openx.net — Cisco Umbrella Rank: 568	273 B
1	rfihub.net c1.rfihub.net — Cisco Umbrella Rank: 6150	6 KB
87	43

	Domain	Requested by
28	gruppo.bancobpm.it	gruppo.bancobpm.it
5	gum.criteo.com	4 redirects dynamic.criteo.com
4	x.bidswitch.net	2 redirects
4	cm.g.doubleclick.net	4 redirects
3	idsync.rlcdn.com	1 redirects
3	p.rfihub.com	2 redirects
3	dpm.demdex.net	1 redirects
3	ib.adnxs.com	2 redirects
3	www.googletagmanager.com	gruppo.bancobpm.it www.googletagmanager.com
2	ups.analytics.yahoo.com	1 redirects
2	ad.360yield.com	1 redirects
2	dis.criteo.com
2	sync-tm.everesttech.net	2 redirects
2	beacon.krxd.net
2	sync.search.spotxchange.com	1 redirects
2	dsum-sec.casalemedia.com	1 redirects
2	contextual.media.net
2	e1.emxdgt.com
2	region1.google-analytics.com	www.googletagmanager.com
2	fonts.gstatic.com	fonts.googleapis.com
2	fonts.googleapis.com	gruppo.bancobpm.it
1	s.thebrighttag.com
1	sync-criteo.ads.yieldmo.com
1	ad.yieldlab.net
1	criteo-partners.tremorhub.com
1	simage2.pubmatic.com
1	exchange.mediavine.com
1	matching.ivitrack.com
1	id5-sync.com
1	visitor.omnitagjs.com
1	cm.adform.net
1	eb2.3lift.com
1	criteo-sync.teads.tv
1	sync-t1.taboola.com
1	rtb-csync.smartadserver.com
1	match.sharethrough.com
1	sync.outbrain.com
1	r.casalemedia.com
1	aa.agkn.com
1	partners.tremorhub.com
1	x.dlx.addthis.com
1	bpi.rtactivate.com
1	live.rezync.com	1 redirects
1	ps.eyeota.net
1	us-u.openx.net
1	a.rfihub.com
1	sslwidget.criteo.com	dynamic.criteo.com
1	20841584p.rfihub.com	c1.rfihub.net
1	c1.rfihub.net	gruppo.bancobpm.it
1	mug.criteo.com
1	dynamic.criteo.com	www.googletagmanager.com
87	51

This site contains links to these domains. Also see Links.

Domain
www.bancobpm.it
youweb.bancobpm.it
ibbweb.tecmarket.it
www.acf.consob.it
www.linkedin.com
twitter.com
www.facebook.com
www.instagram.com

Subject Issuer	Validity	Valid
www.gruppo.bancobpm.it Sectigo RSA Extended Validation Secure Server CA	`2022-12-01` - `2023-12-01`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-10-31` - `2023-01-26`	3 months	crt.sh
*.rfihub.net Amazon	`2022-11-29` - `2023-12-29`	a year	crt.sh
*.rfihub.com Sectigo RSA Domain Validation Secure Server CA	`2022-05-24` - `2023-05-24`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
*.emxdgt.com Go Daddy Secure Certificate Authority - G2	`2022-05-18` - `2023-06-19`	a year	crt.sh
*.media.net DigiCert SHA2 Secure Server CA	`2022-02-20` - `2023-02-22`	a year	crt.sh
rtactivate.com Amazon	`2022-04-13` - `2023-05-12`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2022-02-03` - `2023-02-25`	a year	crt.sh
odc-pixel-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2022-02-26` - `2023-03-01`	a year	crt.sh
*.tremorhub.com Amazon	`2022-03-24` - `2023-04-22`	a year	crt.sh
*.agkn.com RapidSSL Global TLS RSA4096 SHA256 2022 CA1	`2022-09-06` - `2023-09-21`	a year	crt.sh
beacon.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2022-10-20` - `2023-10-19`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-23` - `2023-06-22`	a year	crt.sh
*.outbrain.com Thawte RSA CA 2018	`2022-11-06` - `2023-11-28`	a year	crt.sh
*.sharethrough.com Amazon	`2022-07-14` - `2023-08-12`	a year	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-01-25` - `2023-01-25`	a year	crt.sh
*.taboola.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-12-08` - `2023-12-31`	a year	crt.sh
teads.tv R3	`2022-10-27` - `2023-01-25`	3 months	crt.sh
*.3lift.com Amazon	`2022-05-13` - `2023-06-11`	a year	crt.sh
*.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2022-05-18` - `2023-06-16`	a year	crt.sh
omnitagjs.com Sectigo RSA Domain Validation Secure Server CA	`2022-06-21` - `2023-07-21`	a year	crt.sh
*.id5-sync.com R3	`2022-11-09` - `2023-02-07`	3 months	crt.sh
itm.ivitrack.com R3	`2022-12-05` - `2023-03-05`	3 months	crt.sh
exchange.mediavine.com Amazon	`2022-07-06` - `2023-08-04`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2022-06-13` - `2023-07-14`	a year	crt.sh
*.yieldlab.net DigiCert TLS RSA SHA256 2020 CA1	`2022-11-16` - `2023-11-15`	a year	crt.sh
*.ads.yieldmo.com Amazon	`2022-06-02` - `2023-07-01`	a year	crt.sh

This page contains 4 frames:

Primary Page: https://gruppo.bancobpm.it/
Frame ID: DB2AE55B83CC029BD372C5BF4A7DA10A
Requests: 41 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=gruppo.bancobpm.it&origin=onetag
Frame ID: 3B2C089303715D45E46AF18BCA7ECE74
Requests: 2 HTTP requests in this frame

Frame: https://20841584p.rfihub.com/ca.html?ver=9&rb=46839&ca=20841584&_o=46839&_t=20841584&pe=https%3A%2F%2Fgruppo.bancobpm.it%2F&pf=&ra=5541897796748723
Frame ID: 83740B3D13867A7EB017DA23CB2DF2ED
Requests: 19 HTTP requests in this frame

Frame: https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-E9PzcV30zFgxwA0rdWO2D-rrbxMl_9SNNBkXUA&expires=30
Frame ID: 7286C84B9A2D5CF48AD6D258B7B3954D
Requests: 26 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Gruppo Banco BPM | Sito istituzionale del gruppo finanziario

Page URL History Show full URLs

http://gruppo.bancobpm.it/ HTTP 307
https://gruppo.bancobpm.it/ Page URL

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Slick (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

<link [^>]+(?:/([\d.]+)/)?slick-theme\.css

Page Statistics

87
Requests

79 %
HTTPS

17 %
IPv6

43
Domains

51
Subdomains

46
IPs

10
Countries

3093 kB
Transfer

5830 kB
Size

54
Cookies

10 Outgoing links

These are links going to different origins than the main page.

URL: https://www.bancobpm.it/
Title: Vai al sito commerciale

Search URL Search Domain Scan URL

URL: https://youweb.bancobpm.it/WEBHT/login
Title: ACCEDI

Search URL Search Domain Scan URL

URL: https://ibbweb.tecmarket.it/Youbiz.Web/Security/Sec
Title: ACCEDI

Search URL Search Domain Scan URL

URL: https://www.bancobpm.it/trasparenza

Search URL Search Domain Scan URL

URL: https://www.acf.consob.it/
Title: Acf

Search URL Search Domain Scan URL

URL: https://www.bancobpm.it/trasparenza/
Title: Trasparenza

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/bancobpm

Search URL Search Domain Scan URL

URL: https://twitter.com/BancoBPMSpa

Search URL Search Domain Scan URL

URL: https://www.facebook.com/BancoBPM/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/bancobpm

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://gruppo.bancobpm.it/ HTTP 307
https://gruppo.bancobpm.it/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 39

https://gum.criteo.com/sid/json?origin=onetag&domain=bancobpm.it&sn=ChromeSyncframe&so=0&topUrl=gruppo.bancobpm.it&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=xUCvqXxLcFR4K1hpWk1BTVRUQTZ0S1J3RU1mL2E0TzVRUys1N2NqaUtHRFFwV3lUZ2p0OWRNNi9YWG55QW9hc1ZWdnZuYk8waHNhcU1nNVlHdGV3OFNCUERiaW4zbEh4SDNSN1E0QlFsVldCODNMbU95WW1MOEo3RHV1TFdibnBZZDhZUUdVL0pheVNrK0ZaaHdVNzNCek5jTGJ3WVlqbzM5V2JFUjUxM0g1OE0zSTRtd2UybGFxdmpOR1ZhYldoK1FvU1Y4Sk16T1E5NmJGd3Z5cDJFN0loOTRVajVGcnB6NVVpQ3VmMGZzdVFONEpwc2xJUjRCU3MzbElCTS9PZGM5dVRmVGJVRXZMcmFNMlN1TmtLc2hHK0hhdz09fA&cppv=2

Request Chain 43

https://cm.g.doubleclick.net/pixel?&in=0&google_nid=zeta_interactive&google_cm=&google_sc=&google_hm=NTEyNDMyMjMyNDMzMDA1ODYzMQ==&forward= HTTP 302
https://cm.g.doubleclick.net/pixel?in=0&google_nid=zeta_interactive&google_cm=&google_sc=&google_hm=NTEyNDMyMjMyNDMzMDA1ODYzMQ==&forward=&google_tc= HTTP 302
https://a.rfihub.com/cm?pub=445&in=0&forward=&google_gid=CAESED-rHtHxVVtb8AyHwBUjSjM&google_cver=1

Request Chain 44

https://ib.adnxs.com/setuid?entity=18&code=5124322324330058631 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D18%26code%3D5124322324330058631

Request Chain 45

https://dpm.demdex.net/ibs:dpid=1121&dpuuid=5124322324330058631&redir= HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=5124322324330058631&redir=

Request Chain 47

https://p.rfihub.com/cm?pub=24472&in=1 HTTP 302
https://ps.eyeota.net/match?uid=5124322324330058631&bid=omt9pi0

Request Chain 50

https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5124322324330058631&referrer=https%3A%2F%2Fgruppo.bancobpm.it%2F HTTP 302
https://p.rfihub.com/cm?pub=39342&in=0&userid=6f2cdfb9-eb04-44ad-a4ac-1de0cd3a02f5%3A1672201155.1710062&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3D6f2cdfb9-eb04-44ad-a4ac-1de0cd3a02f5%253A1672201155.1710062 HTTP 302
https://idsync.rlcdn.com/501709.gif?partner_uid=6f2cdfb9-eb04-44ad-a4ac-1de0cd3a02f5%3A1672201155.1710062 HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm HTTP 302
https://idsync.rlcdn.com/362358.gif?google_gid=CAESELChbm2eOtvh75lAzemQhEI&google_cver=1

Request Chain 52

https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5124322324330058631&forward= HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5124322324330058631&forward=&C=1

Request Chain 55

https://sync.search.spotxchange.com/partner?adv_id=7180&uid=5124322324330058631&img=1 HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7180&uid=5124322324330058631&img=1&__user_check__=1&sync_id=ca24ea93-8666-11ed-8c0e-1974e5cf0306

Request Chain 59

https://x.bidswitch.net/sync?dsp_id=119&user_id=5124322324330058631&expires=30 HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=119&user_id=5124322324330058631&expires=30

Request Chain 60

https://sync-tm.everesttech.net/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D&_test=Y6vDwwAHR8uvpwAZ HTTP 302
https://p.rfihub.com/cm?in=1&pub=21653&userid=Y6vDwwAHR8uvpwAZ&_test=Y6vDwwAHR8uvpwAZ

Request Chain 61

https://x.bidswitch.net/sync?dsp_id=46&user_id=k-E9PzcV30zFgxwA0rdWO2D-rrbxMl_9SNNBkXUA&expires=30 HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-E9PzcV30zFgxwA0rdWO2D-rrbxMl_9SNNBkXUA&expires=30

Request Chain 62

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-HR8XXl30zFgxwA0rdWO2D-rrbxOmmpvF_7VP3g&google_cm&google_hm=ay1IUjhYWGwzMHpGZ3h3QTByZFdPMkQtcnJieE9tbXB2Rl83VlAzZw HTTP 302
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-HR8XXl30zFgxwA0rdWO2D-rrbxOmmpvF_7VP3g&google_gid=CAESEGajczyidhRjMrLFexSqKDw&google_cver=1&google_ula=913071,0

Request Chain 63

https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP 302
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=6444606497853958368

Request Chain 65

https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-hiBUvF30zFgxwA0rdWO2D-rrbxNJk-DwafyLqA HTTP 302
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-hiBUvF30zFgxwA0rdWO2D-rrbxNJk-DwafyLqA

Request Chain 73

https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-W62ObV30zFgxwA0rdWO2D-rrbxPZn81EPNcFog HTTP 302
https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-W62ObV30zFgxwA0rdWO2D-rrbxPZn81EPNcFog&verify=true

Request Chain 77

https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40 HTTP 302
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=eWEmFBS34ZSxDwhbcljrD6sZjIw8IF17

Request Chain 85

https://gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40 HTTP 302
https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=yc2ZB5eGCmdIutsgdii6xM4KqTYZ5fgh

Request Chain 86

https://gum.criteo.com/sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40 HTTP 302
https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=EtNGG2hA4nmgzix3OdWmadgTyPXgUKGI

87 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
gruppo.bancobpm.it/
Redirect Chain

http://gruppo.bancobpm.it/
https://gruppo.bancobpm.it/

740 KB
281 KB

269ms
203ms

Document
text/html

66.22.35.29
RADWARE

General

Check archive.org

Show headers Download Go to

Full URL

https://gruppo.bancobpm.it/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

66.22.35.29 , United States, ASN48851 (RADWARE, IL),

Reverse DNS

Software

RemoveIdentity /

Resource Hash

1944c4148ea5e3040f1bc73bd6942d041b2f882e0435731fe519f87783330a9d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

cache-control: private
content-encoding: gzip
content-language: it
content-type: text/html; charset=utf-8
date: Wed, 28 Dec 2022 04:19:13 GMT
etag: "bd8d7-DYspFtWmtxKhzgFQmJh2hO/5VyQ"
server: RemoveIdentity
strict-transport-security: max-age=31536000;includeSubDomains;preload
vary: Accept-Encoding
x-cache-expired-at: -1h -30m -49s -418ms
x-cache-status: HIT
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1;mode=block

Redirect headers

Cross-Origin-Resource-Policy: Cross-Origin
Location: https://gruppo.bancobpm.it/
Non-Authoritative-Reason: HSTS

GET
H2 200 css
fonts.googleapis.com/ 7 KB
1 KB 170ms
64ms Stylesheet
text/css 2a00:1450:400d:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:300,400,600,800&display=swap

Requested by

Host: gruppo.bancobpm.it
URL: https://gruppo.bancobpm.it/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2479f244dcd4b057ee9dbefa8125613b7b4b2a25908172d043a14fbfab89c82e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://gruppo.bancobpm.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 28 Dec 2022 04:19:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 28 Dec 2022 04:19:13 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 28 Dec 2022 04:19:13 GMT

GET
H2 200 css
fonts.googleapis.com/ 5 KB
645 B 189ms
82ms Stylesheet
text/css 2a00:1450:400d:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Oswald:300,400,600

Requested by

Host: gruppo.bancobpm.it
URL: https://gruppo.bancobpm.it/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1d29681664cfba7e83f660f672516ca3d894195ce76b29884793f7a87c37517d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://gruppo.bancobpm.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 28 Dec 2022 04:19:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 28 Dec 2022 04:11:34 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 28 Dec 2022 04:19:13 GMT

GET
H2 200 style.css
gruppo.bancobpm.it/static/icomoon/ 1 KB
980 B 75ms
72ms Stylesheet
text/css 66.22.35.29
RADWARE

General

Check archive.org

Show headers Download Go to

Full URL

https://gruppo.bancobpm.it/static/icomoon/style.css

Requested by

Host: gruppo.bancobpm.it
URL: https://gruppo.bancobpm.it/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

66.22.35.29 , United States, ASN48851 (RADWARE, IL),

Reverse DNS

Software

RemoveIdentity /

Resource Hash

956a29e4b4d1d52e7105260b871f0b1b001c915a0cd0a5e19d8ef5ef1380c522

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://gruppo.bancobpm.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000;includeSubDomains;preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 28 Dec 2022 04:19:13 GMT
last-modified: Thu, 29 Sep 2022 13:28:49 GMT
server: RemoveIdentity
etag: W/"598-183896f7e68"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css; charset=UTF-8
cache-control: public, max-age=0
accept-ranges: bytes
content-length: 636
x-xss-protection: 1;mode=block

GET
H2 200 slick.css
gruppo.bancobpm.it/static/custom/slick/ 2 KB
1 KB 77ms
74ms Stylesheet
text/css 66.22.35.29
RADWARE

General

Check archive.org

Show headers Download Go to

Full URL

https://gruppo.bancobpm.it/static/custom/slick/slick.css

Requested by

Host: gruppo.bancobpm.it
URL: https://gruppo.bancobpm.it/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

66.22.35.29 , United States, ASN48851 (RADWARE, IL),

Reverse DNS

Software

RemoveIdentity /

Resource Hash

5b674aee5eacd18701c17228c9d884ce9a85809dc42d72fbed173d4875c53bc5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://gruppo.bancobpm.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000;includeSubDomains;preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 28 Dec 2022 04:19:13 GMT
last-modified: Thu, 29 Sep 2022 13:28:49 GMT
server: RemoveIdentity
etag: W/"793-183896f7e68"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css; charset=UTF-8
cache-control: public, max-age=0
accept-ranges: bytes
content-length: 786
x-xss-protection: 1;mode=block

GET
H2 200 slick-theme.css
gruppo.bancobpm.it/static/custom/slick/ 3 KB
1 KB 227ms
224ms Stylesheet
text/css 66.22.35.29
RADWARE

General

Check archive.org

Show headers Download Go to

Full URL

https://gruppo.bancobpm.it/static/custom/slick/slick-theme.css

Requested by

Host: gruppo.bancobpm.it
URL: https://gruppo.bancobpm.it/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

66.22.35.29 , United States, ASN48851 (RADWARE, IL),

Reverse DNS

Software

RemoveIdentity /

Resource Hash

42d4434af346d7a8b59fa2e7f84d78ef5892634164bc9b165c6bda4cd6e845b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://gruppo.bancobpm.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000;includeSubDomains;preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 28 Dec 2022 04:19:13 GMT
last-modified: Thu, 29 Sep 2022 13:28:49 GMT
server: RemoveIdentity
etag: W/"ce6-183896f7e68"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css; charset=UTF-8
cache-control: public, max-age=0
accept-ranges: bytes
content-length: 1095
x-xss-protection: 1;mode=block

GET
H2 200 main-439e9c6e21b86b56318e.js Show response
gruppo.bancobpm.it/_next/static/chunks/ 20 KB
7 KB 267ms
264ms Script
application/javascript 66.22.35.29
RADWARE

General

Check archive.org

Show headers Download Go to

Full URL

https://gruppo.bancobpm.it/_next/static/chunks/main-439e9c6e21b86b56318e.js

Requested by

Host: gruppo.bancobpm.it
URL: https://gruppo.bancobpm.it/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

66.22.35.29 , United States, ASN48851 (RADWARE, IL),

Reverse DNS

Software

RemoveIdentity /

Resource Hash

90c14ae1978476c9e395e68fa9be8ee349143c7343afb004b4c50f32265b2069

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://gruppo.bancobpm.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000;includeSubDomains;preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 28 Dec 2022 04:19:13 GMT
last-modified: Wed, 12 Oct 2022 10:07:21 GMT
server: RemoveIdentity
etag: W/"51d7-183cba9b7a8"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
content-length: 7195
x-xss-protection: 1;mode=block

GET
H2 200 webpack-eb080e3f091731f228fb.js Show response
gruppo.bancobpm.it/_next/static/chunks/ 2 KB
1 KB 243ms
240ms Script
application/javascript 66.22.35.29
RADWARE

General

Check archive.org

Show headers Download Go to

Full URL

https://gruppo.bancobpm.it/_next/static/chunks/webpack-eb080e3f091731f228fb.js

Requested by

Host: gruppo.bancobpm.it
URL: https://gruppo.bancobpm.it/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

66.22.35.29 , United States, ASN48851 (RADWARE, IL),

Reverse DNS

Software

RemoveIdentity /

Resource Hash

75fa1c4760ad6194a99710872e3612002c84c4df8339a57be0cb4aad1bde794a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://gruppo.bancobpm.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000;includeSubDomains;preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 28 Dec 2022 04:19:13 GMT
last-modified: Wed, 12 Oct 2022 10:07:21 GMT
server: RemoveIdentity
etag: W/"603-183cba9b7a8"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
content-length: 751
x-xss-protection: 1;mode=block

GET
H2 200 framework.1cde045124b4a7914091.js Show response
gruppo.bancobpm.it/_next/static/chunks/ 127 KB
40 KB 226ms
224ms Script
application/javascript 66.22.35.29
RADWARE

General

Check archive.org

Show headers Download Go to

Full URL

https://gruppo.bancobpm.it/_next/static/chunks/framework.1cde045124b4a7914091.js

Requested by

Host: gruppo.bancobpm.it
URL: https://gruppo.bancobpm.it/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

66.22.35.29 , United States, ASN48851 (RADWARE, IL),

Reverse DNS

Software

RemoveIdentity /

Resource Hash

cdc29d63165b4fd44fdfa268c5e5cac92050deb861405b56522a8d1be96b8d22

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://gruppo.bancobpm.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000;includeSubDomains;preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 28 Dec 2022 04:19:13 GMT
last-modified: Wed, 12 Oct 2022 10:07:21 GMT
server: RemoveIdentity
etag: W/"1fa17-183cba9b7a8"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
content-length: 40746
x-xss-protection: 1;mode=block

GET
H2 200 05d954cf.de205ed1b5b32ecadaf9.js Show response
gruppo.bancobpm.it/_next/static/chunks/ 48 KB
16 KB 298ms
296ms Script
application/javascript 66.22.35.29
RADWARE

General

Check archive.org

Show headers Download Go to

Full URL

https://gruppo.bancobpm.it/_next/static/chunks/05d954cf.de205ed1b5b32ecadaf9.js

Requested by

Host: gruppo.bancobpm.it
URL: https://gruppo.bancobpm.it/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

66.22.35.29 , United States, ASN48851 (RADWARE, IL),

Reverse DNS

Software

RemoveIdentity /

Resource Hash

544cb898944142fdee644f5a99254b3d92703153f2e63b263483852b25634f9c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://gruppo.bancobpm.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000;includeSubDomains;preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 28 Dec 2022 04:19:13 GMT
last-modified: Wed, 12 Oct 2022 10:07:21 GMT
server: RemoveIdentity
etag: W/"bf2a-183cba9b7a8"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
content-length: 15571
x-xss-protection: 1;mode=block

GET
H2 200 deb14356.7d78cadf5cd89f8d6fbb.js Show response
gruppo.bancobpm.it/_next/static/chunks/ 231 KB
74 KB 290ms
288ms Script
application/javascript 66.22.35.29
RADWARE

General

Check archive.org

Show headers Download Go to

Full URL

https://gruppo.bancobpm.it/_next/static/chunks/deb14356.7d78cadf5cd89f8d6fbb.js

Requested by

Host: gruppo.bancobpm.it
URL: https://gruppo.bancobpm.it/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

66.22.35.29 , United States, ASN48851 (RADWARE, IL),

Reverse DNS

Software

RemoveIdentity /

Resource Hash

ae49f99cf95759f66b4b938eb0f944a62afb4299c96ce934043c04a4ebb9d70e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://gruppo.bancobpm.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000;includeSubDomains;preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 28 Dec 2022 04:19:13 GMT
last-modified: Wed, 12 Oct 2022 10:07:21 GMT
server: RemoveIdentity
etag: W/"39b63-183cba9b7a8"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
content-length: 75736
x-xss-protection: 1;mode=block

GET
H2 200 commons.c91d44cfc82ae77892b8.js Show response
gruppo.bancobpm.it/_next/static/chunks/ 195 KB
63 KB 325ms
323ms Script
application/javascript 66.22.35.29
RADWARE

General

Check archive.org

Show headers Download Go to

Full URL

https://gruppo.bancobpm.it/_next/static/chunks/commons.c91d44cfc82ae77892b8.js

Requested by

Host: gruppo.bancobpm.it
URL: https://gruppo.bancobpm.it/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

66.22.35.29 , United States, ASN48851 (RADWARE, IL),

Reverse DNS

Software

RemoveIdentity /

Resource Hash

8121ed02fc719a1b5cd843c6af78e25f81fe71745140abc0c2b5231478885f6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://gruppo.bancobpm.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000;includeSubDomains;preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 28 Dec 2022 04:19:13 GMT
last-modified: Wed, 12 Oct 2022 10:07:21 GMT
server: RemoveIdentity
etag: W/"30dfe-183cba9b7a8"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
content-length: 64166
x-xss-protection: 1;mode=block

GET
H2 200 ec773a4788a490c6c4cd1ff19dacd4544c335fb6.980f7f0946d88aa40cab.js Show response
gruppo.bancobpm.it/_next/static/chunks/ 163 KB
49 KB 274ms
272ms Script
application/javascript 66.22.35.29
RADWARE

General

Check archive.org

Show headers Download Go to

Full URL

https://gruppo.bancobpm.it/_next/static/chunks/ec773a4788a490c6c4cd1ff19dacd4544c335fb6.980f7f0946d88aa40cab.js

Requested by

Host: gruppo.bancobpm.it
URL: https://gruppo.bancobpm.it/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

66.22.35.29 , United States, ASN48851 (RADWARE, IL),

Reverse DNS

Software

RemoveIdentity /

Resource Hash

a589b80c242c30c50a51fceff96d24e7bb81489c886cac4d308e205b8d8a0f78

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://gruppo.bancobpm.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000;includeSubDomains;preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 28 Dec 2022 04:19:13 GMT
last-modified: Wed, 12 Oct 2022 10:07:21 GMT
server: RemoveIdentity
etag: W/"28a99-183cba9b7a8"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
content-length: 49737
x-xss-protection: 1;mode=block

GET
H2 200 96acc7c018f15fbed0339a44ecd30945a0201eb9.1132c8d943362e1af185.js Show response
gruppo.bancobpm.it/_next/static/chunks/ 1 MB
333 KB 324ms
323ms Script
application/javascript 66.22.35.29
RADWARE

General

Check archive.org

Show headers Download Go to

Full URL

https://gruppo.bancobpm.it/_next/static/chunks/96acc7c018f15fbed0339a44ecd30945a0201eb9.1132c8d943362e1af185.js

Requested by

Host: gruppo.bancobpm.it
URL: https://gruppo.bancobpm.it/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

66.22.35.29 , United States, ASN48851 (RADWARE, IL),

Reverse DNS

Software

RemoveIdentity /

Resource Hash

f7b4ccfb087bc962c4203e26273b4edbde230350f5a92097b8a29d44196d7277

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://gruppo.bancobpm.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000;includeSubDomains;preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 28 Dec 2022 04:19:13 GMT
last-modified: Wed, 12 Oct 2022 10:07:21 GMT
server: RemoveIdentity
etag: W/"13f50c-183cba9b7a8"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
x-xss-protection: 1;mode=block

GET
H2 200 4af7f62ab2562a4b80ae6362f4b5cb8f98ce1a1a.114ec0a6d88606594a34.js Show response
gruppo.bancobpm.it/_next/static/chunks/ 11 KB
4 KB 265ms
263ms Script
application/javascript 66.22.35.29
RADWARE

General

Check archive.org

Show headers Download Go to

Full URL

https://gruppo.bancobpm.it/_next/static/chunks/4af7f62ab2562a4b80ae6362f4b5cb8f98ce1a1a.114ec0a6d88606594a34.js

Requested by

Host: gruppo.bancobpm.it
URL: https://gruppo.bancobpm.it/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

66.22.35.29 , United States, ASN48851 (RADWARE, IL),

Reverse DNS

Software

RemoveIdentity /

Resource Hash

50f2914d3be98f1b28dc285da3f4ff3f3d775f31b47c4ff752c4a19cd8bd57a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://gruppo.bancobpm.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000;includeSubDomains;preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 28 Dec 2022 04:19:13 GMT
last-modified: Wed, 12 Oct 2022 10:07:21 GMT
server: RemoveIdentity
etag: W/"2c7a-183cba9b7a8"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
content-length: 3506
x-xss-protection: 1;mode=block

GET
H2 200 _app-7ae17fc3e36c02bc8f5d.js Show response
gruppo.bancobpm.it/_next/static/chunks/pages/ 109 KB
22 KB 267ms
266ms Script
application/javascript 66.22.35.29
RADWARE

General

Check archive.org

Show headers Download Go to

Full URL

https://gruppo.bancobpm.it/_next/static/chunks/pages/_app-7ae17fc3e36c02bc8f5d.js

Requested by

Host: gruppo.bancobpm.it
URL: https://gruppo.bancobpm.it/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

66.22.35.29 , United States, ASN48851 (RADWARE, IL),

Reverse DNS

Software

RemoveIdentity /

Resource Hash

3230ea6b99dcd996024c323641ae0983e58f6b27b73aec44a7110d3b1e2d62bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://gruppo.bancobpm.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000;includeSubDomains;preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 28 Dec 2022 04:19:13 GMT
last-modified: Wed, 12 Oct 2022 10:07:21 GMT
server: RemoveIdentity
etag: W/"1b2a9-183cba9b7a8"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
content-length: 22390
x-xss-protection: 1;mode=block

GET
H2 200 page-09abab7885fd63379e95.js Show response
gruppo.bancobpm.it/_next/static/chunks/pages/ 18 KB
5 KB 299ms
298ms Script
application/javascript 66.22.35.29
RADWARE

General

Check archive.org

Show headers Download Go to

Full URL

https://gruppo.bancobpm.it/_next/static/chunks/pages/page-09abab7885fd63379e95.js

Requested by

Host: gruppo.bancobpm.it
URL: https://gruppo.bancobpm.it/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

66.22.35.29 , United States, ASN48851 (RADWARE, IL),

Reverse DNS

Software

RemoveIdentity /

Resource Hash

7e940b255608a80d5c0fe47fe1e84ca11f88b1dcc14a988046a011d7cc0a572b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://gruppo.bancobpm.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000;includeSubDomains;preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 28 Dec 2022 04:19:13 GMT
last-modified: Wed, 12 Oct 2022 10:07:21 GMT
server: RemoveIdentity
etag: W/"48b5-183cba9b7a8"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
content-length: 5199
x-xss-protection: 1;mode=block

GET
H2 200 transparenza.png
gruppo.bancobpm.it/media/2019/08/ 12 KB
12 KB 54ms
53ms Image
image/png 66.22.35.29
RADWARE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gruppo.bancobpm.it/media/2019/08/transparenza.png

Requested by

Host: gruppo.bancobpm.it
URL: https://gruppo.bancobpm.it/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

66.22.35.29 , United States, ASN48851 (RADWARE, IL),

Reverse DNS

Software

RemoveIdentity /

Resource Hash

2352d20f7d20c845e53cd180443b733c6e4a97614719290148e61234634d347e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://gruppo.bancobpm.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000;includeSubDomains;preload
date: Wed, 28 Dec 2022 04:19:13 GMT
x-content-type-options: nosniff
last-modified: Thu, 28 Nov 2019 12:16:16 GMT
server: RemoveIdentity
etag: "72e59a2e5a5d51:0"
x-frame-options: SAMEORIGIN
content-type: image/png
accept-ranges: bytes
content-length: 12236
x-xss-protection: 1;mode=block

GET
H2 200 Banner-istituzionale-1920x565_Tavola-disegno-1.jpg
gruppo.bancobpm.it/media/ 2 MB
2 MB 60ms
59ms Image
image/jpeg 66.22.35.29
RADWARE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gruppo.bancobpm.it/media/Banner-istituzionale-1920x565_Tavola-disegno-1.jpg

Requested by

Host: gruppo.bancobpm.it
URL: https://gruppo.bancobpm.it/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

66.22.35.29 , United States, ASN48851 (RADWARE, IL),

Reverse DNS

Software

RemoveIdentity /

Resource Hash

413253006eb20693c8091400073ae0ef3f1e0161df1e101878d3e64719f8d01d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://gruppo.bancobpm.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000;includeSubDomains;preload
date: Wed, 28 Dec 2022 04:19:13 GMT
x-content-type-options: nosniff
last-modified: Tue, 06 Dec 2022 10:55:20 GMT
server: RemoveIdentity
etag: "351e183c619d91:0"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
accept-ranges: bytes
content-length: 1594155
x-xss-protection: 1;mode=block

GET
H2 200 pdf.svg
gruppo.bancobpm.it/media/icons/ 3 KB
3 KB 66ms
65ms Image
image/svg+xml 66.22.35.29
RADWARE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gruppo.bancobpm.it/media/icons/pdf.svg

Requested by

Host: gruppo.bancobpm.it
URL: https://gruppo.bancobpm.it/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

66.22.35.29 , United States, ASN48851 (RADWARE, IL),

Reverse DNS

Software

RemoveIdentity /

Resource Hash

f3218e0bd433a05b911b2198011a5801f858b9b1ac7c96c87f66379431b79817

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://gruppo.bancobpm.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000;includeSubDomains;preload
date: Wed, 28 Dec 2022 04:19:13 GMT
x-content-type-options: nosniff
last-modified: Thu, 28 Nov 2019 12:25:52 GMT
server: RemoveIdentity
etag: "34eaaaf9e6a5d51:0"
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
accept-ranges: bytes
content-length: 2599
x-xss-protection: 1;mode=block

GET
H2 200 download.svg
gruppo.bancobpm.it/media/icons/ 700 B
976 B 55ms
54ms Image
image/svg+xml 66.22.35.29
RADWARE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gruppo.bancobpm.it/media/icons/download.svg

Requested by

Host: gruppo.bancobpm.it
URL: https://gruppo.bancobpm.it/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

66.22.35.29 , United States, ASN48851 (RADWARE, IL),

Reverse DNS

Software

RemoveIdentity /

Resource Hash

45745158a57714e698a9fb32cc6495780a19b5cc70348910665fad03baf9b5c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://gruppo.bancobpm.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000;includeSubDomains;preload
date: Wed, 28 Dec 2022 04:19:13 GMT
x-content-type-options: nosniff
last-modified: Thu, 06 Oct 2022 23:56:36 GMT
server: RemoveIdentity
etag: "092a444dfd9d81:0"
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
accept-ranges: bytes
content-length: 700
x-xss-protection: 1;mode=block

GET
H2 200 _buildManifest.js Show response
gruppo.bancobpm.it/_next/static/SIVuxMufJTFx7ukJGaHV7/ 1008 B
917 B 55ms
55ms Script
application/javascript 66.22.35.29
RADWARE

General

Check archive.org

Show headers Download Go to

Full URL

https://gruppo.bancobpm.it/_next/static/SIVuxMufJTFx7ukJGaHV7/_buildManifest.js

Requested by

Host: gruppo.bancobpm.it
URL: https://gruppo.bancobpm.it/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

66.22.35.29 , United States, ASN48851 (RADWARE, IL),

Reverse DNS

Software

RemoveIdentity /

Resource Hash

a5ae296481f255fd8d290fe112dd1bef64b02a3865d78d004e29cf7b566eb417

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://gruppo.bancobpm.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000;includeSubDomains;preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 28 Dec 2022 04:19:13 GMT
last-modified: Wed, 12 Oct 2022 10:07:21 GMT
server: RemoveIdentity
etag: W/"3f0-183cba9b7a8"
vary: Accept-Encoding,Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
content-length: 540
x-xss-protection: 1;mode=block

GET
H2 200 _ssgManifest.js Show response
gruppo.bancobpm.it/_next/static/SIVuxMufJTFx7ukJGaHV7/ 76 B
539 B 298ms
298ms Script
application/javascript 66.22.35.29
RADWARE

General

Check archive.org

Show headers Download Go to

Full URL

https://gruppo.bancobpm.it/_next/static/SIVuxMufJTFx7ukJGaHV7/_ssgManifest.js

Requested by

Host: gruppo.bancobpm.it
URL: https://gruppo.bancobpm.it/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

66.22.35.29 , United States, ASN48851 (RADWARE, IL),

Reverse DNS

Software

RemoveIdentity /

Resource Hash

653f3e53e89b4f8548ff86c19e92bb3c6b84b6be7485a320b1e00893ed877479

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://gruppo.bancobpm.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000;includeSubDomains;preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 28 Dec 2022 04:19:13 GMT
last-modified: Wed, 12 Oct 2022 10:07:21 GMT
server: RemoveIdentity
etag: W/"4c-183cba9b7a8"
vary: Accept-Encoding,Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
content-length: 163
x-xss-protection: 1;mode=block

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 287 KB
72 KB 167ms
63ms Script
application/javascript 2a00:1450:400d:807::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-W2S5HS7

Requested by

Host: gruppo.bancobpm.it
URL: https://gruppo.bancobpm.it/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9e159a9fe1b93342811fedbcc5a3a50ab5322c911ab766030a8c5ba75990df32

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://gruppo.bancobpm.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 28 Dec 2022 04:19:14 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 73413
x-xss-protection: 0
last-modified: Wed, 28 Dec 2022 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 28 Dec 2022 04:19:14 GMT

GET
DATA 200
OK truncated
/ 172 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7881d4931e3ae905b7699084ba798584714fa1f45ec0fbcd88f5dc1eebebcf2b

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v25/ 30 KB
31 KB 140ms
39ms Font
font/woff2 2a00:1450:400d:807::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:300,400,600,800&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://gruppo.bancobpm.it
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 26 Dec 2022 09:20:18 GMT
x-content-type-options: nosniff
age: 154736
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30928
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 26 Dec 2023 09:20:18 GMT

GET
H2 200 icomoon.ttf
gruppo.bancobpm.it/static/icomoon/fonts/ 5 KB
5 KB 53ms
53ms Font
font/ttf 66.22.35.29
RADWARE

General

Check archive.org

Show headers Download Go to

Full URL

https://gruppo.bancobpm.it/static/icomoon/fonts/icomoon.ttf

Requested by

Host: gruppo.bancobpm.it
URL: https://gruppo.bancobpm.it/static/icomoon/style.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

66.22.35.29 , United States, ASN48851 (RADWARE, IL),

Reverse DNS

Software

RemoveIdentity /

Resource Hash

3b0dadf4423a134071b59bd3dee5dc7eb17334f6e8559cf1d2676231670d587f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Referer: https://gruppo.bancobpm.it/static/icomoon/style.css
Origin: https://gruppo.bancobpm.it
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000;includeSubDomains;preload
date: Wed, 28 Dec 2022 04:19:13 GMT
x-content-type-options: nosniff
last-modified: Thu, 29 Sep 2022 13:28:49 GMT
server: RemoveIdentity
etag: W/"123c-183896f7e68"
x-frame-options: SAMEORIGIN
content-type: font/ttf
cache-control: public, max-age=0
accept-ranges: bytes
content-length: 4668
x-xss-protection: 1;mode=block

GET
H2 200 slick.woff
gruppo.bancobpm.it/static/custom/slick/fonts/ 1 KB
2 KB 63ms
63ms Font
font/woff 66.22.35.29
RADWARE

General

Check archive.org

Show headers Download Go to

Full URL

https://gruppo.bancobpm.it/static/custom/slick/fonts/slick.woff

Requested by

Host: gruppo.bancobpm.it
URL: https://gruppo.bancobpm.it/static/custom/slick/slick-theme.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

66.22.35.29 , United States, ASN48851 (RADWARE, IL),

Reverse DNS

Software

RemoveIdentity /

Resource Hash

26726bac4060abb1226e6ceebc1336e84930fe7a7af1b3895a109d067f5b5dcc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Referer: https://gruppo.bancobpm.it/static/custom/slick/slick-theme.css
Origin: https://gruppo.bancobpm.it
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000;includeSubDomains;preload
date: Wed, 28 Dec 2022 04:19:13 GMT
x-content-type-options: nosniff
last-modified: Thu, 29 Sep 2022 13:28:49 GMT
server: RemoveIdentity
etag: W/"564-183896f7e68"
x-frame-options: SAMEORIGIN
content-type: font/woff
cache-control: public, max-age=0
accept-ranges: bytes
content-length: 1380
x-xss-protection: 1;mode=block

GET
H2 200 TK3iWkUHHAIjg752GT8G.woff2
fonts.gstatic.com/s/oswald/v49/ 25 KB
25 KB 146ms
82ms Font
font/woff2 2a00:1450:400d:807::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/oswald/v49/TK3iWkUHHAIjg752GT8G.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald:300,400,600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

35c92598a5f32c018dc630f57b183b0284c211ce9c222e5b36840a62115262f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://gruppo.bancobpm.it
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 26 Dec 2022 21:12:07 GMT
x-content-type-options: nosniff
age: 112027
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25372
x-xss-protection: 0
last-modified: Mon, 18 Jul 2022 19:24:05 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 26 Dec 2023 21:12:07 GMT

GET
H2 200 ld.js Show response
dynamic.criteo.com/js/ld/ 42 KB
15 KB 130ms
63ms Script
application/javascript 2a02:2638::14
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://dynamic.criteo.com/js/ld/ld.js?a=101268

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W2S5HS7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::14 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

f3dfa92ea898179d33c912369ac0602c7379862ff19168dbf489205b63c5b935

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://gruppo.bancobpm.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 28 Dec 2022 04:19:13 GMT
content-encoding: br
strict-transport-security: max-age=31536000; preload;
server: Kestrel
vary: Origin, Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public,max-age=10800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 218 KB
75 KB 68ms
67ms Script
application/javascript 2a00:1450:400d:807::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-H819FG2J5P&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W2S5HS7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a5c169486559b0e82dbbecb26aceb82b3685e220505b254d4e98a7f2f116d10f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://gruppo.bancobpm.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 28 Dec 2022 04:19:14 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 77086
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 28 Dec 2022 04:19:14 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 216 KB
75 KB 62ms
62ms Script
application/javascript 2a00:1450:400d:807::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-NM60HKNYPF&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W2S5HS7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ac1780539284acbea9abd8cc08ef7aa2a23c76e211830ae42a7d556b948f9a2d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://gruppo.bancobpm.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 28 Dec 2022 04:19:14 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 76974
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 28 Dec 2022 04:19:14 GMT

POST
H2 200 / Show response
gruppo.bancobpm.it/teleborsa/ 2 KB
1023 B 212ms
212ms Fetch
application/json 66.22.35.29
RADWARE

General

Check archive.org

Show headers Download Go to

Full URL

https://gruppo.bancobpm.it/teleborsa/

Requested by

Host: gruppo.bancobpm.it
URL: https://gruppo.bancobpm.it/_next/static/chunks/96acc7c018f15fbed0339a44ecd30945a0201eb9.1132c8d943362e1af185.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

66.22.35.29 , United States, ASN48851 (RADWARE, IL),

Reverse DNS

Software

RemoveIdentity /

Resource Hash

8ad6dd946ae435a6df837d8dd36671a4660e2d87207ced7e33ac1af9f5e076fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Accept: text/xml
Referer: https://gruppo.bancobpm.it/
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/xml

Response headers

strict-transport-security: max-age=31536000;includeSubDomains;preload
date: Wed, 28 Dec 2022 04:19:14 GMT
x-content-type-options: nosniff
content-encoding: gzip
server: RemoveIdentity
etag: W/"8c9-XWGHJPn8j6wKQiT4PbnXmtXzxVU"
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
content-language: it
x-xss-protection: 1;mode=block

GET
H2 200 ics.svg
gruppo.bancobpm.it/media/icons/ 4 KB
4 KB 66ms
65ms Image
image/svg+xml 66.22.35.29
RADWARE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gruppo.bancobpm.it/media/icons/ics.svg

Requested by

Host: gruppo.bancobpm.it
URL: https://gruppo.bancobpm.it/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

66.22.35.29 , United States, ASN48851 (RADWARE, IL),

Reverse DNS

Software

RemoveIdentity /

Resource Hash

1b2119561d1e6f2b6c8e9849d69b904fae37496c91e40142efe583bd24cd7492

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://gruppo.bancobpm.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000;includeSubDomains;preload
date: Wed, 28 Dec 2022 04:19:13 GMT
x-content-type-options: nosniff
last-modified: Thu, 28 Nov 2019 12:25:51 GMT
server: RemoveIdentity
etag: "f845d2f8e6a5d51:0"
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
accept-ranges: bytes
content-length: 3682
x-xss-protection: 1;mode=block

GET
H2 200 page-09abab7885fd63379e95.js
gruppo.bancobpm.it/_next/static/chunks/pages/ 0
5 KB 53ms
53ms Other
application/javascript 66.22.35.29
RADWARE

General

Check archive.org

Show headers Download Go to

Full URL

https://gruppo.bancobpm.it/_next/static/chunks/pages/page-09abab7885fd63379e95.js

Requested by

Host: gruppo.bancobpm.it
URL: https://gruppo.bancobpm.it/_next/static/chunks/main-439e9c6e21b86b56318e.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

66.22.35.29 , United States, ASN48851 (RADWARE, IL),

Reverse DNS

Software

RemoveIdentity /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://gruppo.bancobpm.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000;includeSubDomains;preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 28 Dec 2022 04:19:13 GMT
last-modified: Wed, 12 Oct 2022 10:07:21 GMT
server: RemoveIdentity
etag: W/"48b5-183cba9b7a8"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
content-length: 5199
x-xss-protection: 1;mode=block

GET
H2 200 magazine-5b773bd0496632f6dcb4.js
gruppo.bancobpm.it/_next/static/chunks/pages/ 0
17 KB 57ms
57ms Other
application/javascript 66.22.35.29
RADWARE

General

Check archive.org

Show headers Download Go to

Full URL

https://gruppo.bancobpm.it/_next/static/chunks/pages/magazine-5b773bd0496632f6dcb4.js

Requested by

Host: gruppo.bancobpm.it
URL: https://gruppo.bancobpm.it/_next/static/chunks/main-439e9c6e21b86b56318e.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

66.22.35.29 , United States, ASN48851 (RADWARE, IL),

Reverse DNS

Software

RemoveIdentity /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://gruppo.bancobpm.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000;includeSubDomains;preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 28 Dec 2022 04:19:13 GMT
last-modified: Wed, 12 Oct 2022 10:07:21 GMT
server: RemoveIdentity
etag: W/"c95b-183cba9b7a8"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
content-length: 16889
x-xss-protection: 1;mode=block

GET
H2 200 giovani.jpg
gruppo.bancobpm.it/media/ 250 KB
251 KB 143ms
143ms Image
image/jpeg 66.22.35.29
RADWARE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gruppo.bancobpm.it/media/giovani.jpg

Requested by

Host: gruppo.bancobpm.it
URL: https://gruppo.bancobpm.it/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

66.22.35.29 , United States, ASN48851 (RADWARE, IL),

Reverse DNS

Software

RemoveIdentity /

Resource Hash

c9b1707498b2914cc54fd121bc54ebf66621ba736c8e5f5ed863e0108bfda449

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://gruppo.bancobpm.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000;includeSubDomains;preload
date: Wed, 28 Dec 2022 04:19:13 GMT
x-content-type-options: nosniff
last-modified: Thu, 10 Jun 2021 11:55:58 GMT
server: RemoveIdentity
etag: "a332c693ef5dd71:0"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
accept-ranges: bytes
content-length: 256243
x-xss-protection: 1;mode=block

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 3B2C 15 KB
6 KB 99ms
33ms Document
text/html 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?topUrl=gruppo.bancobpm.it&origin=onetag

Requested by

Host: dynamic.criteo.com
URL: https://dynamic.criteo.com/js/ld/ld.js?a=101268

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

aeb779d96af4bfa1b664c203d52fbd9ef573b84a31b34314668325fc784e1b13

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://gruppo.bancobpm.it/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 28 Dec 2022 04:19:14 GMT
server: Kestrel
server-processing-duration-in-ticks: 753420
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

POST
H2 204 collect
region1.google-analytics.com/g/ 0
349 B 82ms
32ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-H819FG2J5P&gtm=2oebu0&_p=1874279472&cid=175561005.1672201155&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1672201154&sct=1&seg=0&dl=https%3A%2F%2Fgruppo.bancobpm.it%2F&dt=Gruppo%20Banco%20BPM%20%7C%20Sito%20istituzionale%20del%20gruppo%20finanziario&en=page_view&_fv=1&_nsi=1&_ss=2&ep.anonymizeIp=true&ep.allowLinker=true
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-H819FG2J5P&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://gruppo.bancobpm.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Dec 2022 04:19:14 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://gruppo.bancobpm.it
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 63ms
33ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-NM60HKNYPF&gtm=2oebu0&_p=1874279472&cid=175561005.1672201155&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1672201154&sct=1&seg=0&dl=https%3A%2F%2Fgruppo.bancobpm.it%2F&dt=Gruppo%20Banco%20BPM%20%7C%20Sito%20istituzionale%20del%20gruppo%20finanziario&en=page_view&_fv=1&_ss=1&ep.anonymizeIp=true&ep.allowLinker=true
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-NM60HKNYPF&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://gruppo.bancobpm.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Dec 2022 04:19:14 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://gruppo.bancobpm.it
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame 3B2C
Redirect Chain

https://gum.criteo.com/sid/json?origin=onetag&domain=bancobpm.it&sn=ChromeSyncframe&so=0&topUrl=gruppo.bancobpm.it&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=xUCvqXxLcFR4K1hpWk1BTVRUQTZ0S1J3RU1mL2E0TzVRUys1N2NqaUtHRFFwV3lUZ2p0OWRNNi9YWG55QW9hc1ZWdnZuYk8waHNhcU1nNVlHdGV3OFNCUERiaW4zbEh4SDNSN1E0QlFsVldCODNMbU95WW1MOEo3RHV1TF...

431 B
673 B

247ms
35ms

Fetch
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=xUCvqXxLcFR4K1hpWk1BTVRUQTZ0S1J3RU1mL2E0TzVRUys1N2NqaUtHRFFwV3lUZ2p0OWRNNi9YWG55QW9hc1ZWdnZuYk8waHNhcU1nNVlHdGV3OFNCUERiaW4zbEh4SDNSN1E0QlFsVldCODNMbU95WW1MOEo3RHV1TFdibnBZZDhZUUdVL0pheVNrK0ZaaHdVNzNCek5jTGJ3WVlqbzM5V2JFUjUxM0g1OE0zSTRtd2UybGFxdmpOR1ZhYldoK1FvU1Y4Sk16T1E5NmJGd3Z5cDJFN0loOTRVajVGcnB6NVVpQ3VmMGZzdVFONEpwc2xJUjRCU3MzbElCTS9PZGM5dVRmVGJVRXZMcmFNMlN1TmtLc2hHK0hhdz09fA&cppv=2

Protocol

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

95f6974e52b137fbd1313995d46541cb75e7c61f9071e83780233b7e373104d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Dec 2022 04:19:14 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2461745
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 28 Dec 2022 04:19:13 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=xUCvqXxLcFR4K1hpWk1BTVRUQTZ0S1J3RU1mL2E0TzVRUys1N2NqaUtHRFFwV3lUZ2p0OWRNNi9YWG55QW9hc1ZWdnZuYk8waHNhcU1nNVlHdGV3OFNCUERiaW4zbEh4SDNSN1E0QlFsVldCODNMbU95WW1MOEo3RHV1TFdibnBZZDhZUUdVL0pheVNrK0ZaaHdVNzNCek5jTGJ3WVlqbzM5V2JFUjUxM0g1OE0zSTRtd2UybGFxdmpOR1ZhYldoK1FvU1Y4Sk16T1E5NmJGd3Z5cDJFN0loOTRVajVGcnB6NVVpQ3VmMGZzdVFONEpwc2xJUjRCU3MzbElCTS9PZGM5dVRmVGJVRXZMcmFNMlN1TmtLc2hHK0hhdz09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 845587
content-length: 0
expires: 0

GET
H2 200 tc.min.js Show response
c1.rfihub.net/js/ 19 KB
6 KB 116ms
25ms Script
application/x-javascript 2600:9000:223c:5600:1:76cf:fe80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c1.rfihub.net/js/tc.min.js
Requested by: Host: gruppo.bancobpm.it
URL: https://gruppo.bancobpm.it/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:5600:1:76cf:fe80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Jetty(9.3.29.v20201019) /
Resource Hash: 7ef97b12890fc6fee67f869c6e1f74b6719de7d66ac0d649c8d7386a80b4c30f

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://gruppo.bancobpm.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 28 Dec 2022 03:59:05 GMT
content-encoding: gzip
via: 1.1 22993faf725ff29c940e58cb14ddf668.cloudfront.net (CloudFront)
last-modified: Wed, 28 Dec 2022 03:58:55 GMT
server: Jetty(9.3.29.v20201019)
x-amz-cf-pop: FRA56-P2
age: 1209
x-cache: Hit from cloudfront
content-type: application/x-javascript
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: public, max-age=3600
content-length: 6162
x-amz-cf-id: blKTRWeMcFTkz6nKi_sVnffTIuIplS-JemLSI502loZ0Q-zu0kO2ZQ==
expires: Wed, 28 Dec 2022 04:59:05 GMT

GET
H/1.1 200
OK ca.html Show response
20841584p.rfihub.com/ Frame 8374 2 KB
3 KB 188ms
47ms Document
text/html 193.0.160.129
ROCKETFUEL

General

Check archive.org

Show headers Download Go to

Full URL: https://20841584p.rfihub.com/ca.html?ver=9&rb=46839&ca=20841584&_o=46839&_t=20841584&pe=https%3A%2F%2Fgruppo.bancobpm.it%2F&pf=&ra=5541897796748723
Requested by: Host: c1.rfihub.net
URL: https://c1.rfihub.net/js/tc.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 193.0.160.129 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software: Jetty(9.3.29.v20201019) /
Resource Hash: 5bbdd344e3c77a0f19b6c7ec8d7ea2ddca4f7b2e2ee3755ce79a8a0cca7d1e6f

Request headers

Referer: https://gruppo.bancobpm.it/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

Cache-Control: no-cache
Content-Length: 2500
Content-Type: text/html;charset=utf-8
Date: Wed, 28 Dec 2022 04:19:14 GMT
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server: Jetty(9.3.29.v20201019)

GET
H2 200 event Show response
sslwidget.criteo.com/ 8 KB
4 KB 320ms
59ms Script
application/x-javascript 178.250.2.151
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://sslwidget.criteo.com/event?a=101268&v=5.12.3&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvh&p2=e%3Ddis&adce=1&bundle=qF3QLF9GbiUyQkE3cExCWU1Xb1Nya3B3VFpkdENmckZoTzhGZ2JoUU10eGUxMExaRU5kNTVic2QzMTFGemRBWnBpQ1FkSThxRTZGVE9yc04lMkJ4JTJCV3RPamNsam9Qd1kxM1dKYW53Y2VXVTlpZElHVkd3UG5GM2pucHN4T0hGeE1EU2clMkZwSGQzZU9OOXZ4dmdzV0Zkd1I4bnpmQlhQZyUzRCUzRA&tld=bancobpm.it&dy=1&fu=https%253A%252F%252Fgruppo.bancobpm.it%252F&dtycbr=72234

Requested by

Host: dynamic.criteo.com
URL: https://dynamic.criteo.com/js/ld/ld.js?a=101268

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

dd73f0abae3409af308412cb704ee1503793c1453e71224ebede67459f622f4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://gruppo.bancobpm.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Dec 2022 04:19:14 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Kestrel
content-type: application/x-javascript
access-control-allow-origin: *
p3p: NON DSP COR CURa PSA PSD OUR BUS NAV STA
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 21215455
timing-allow-origin: *
expires: 0

GET
H/1.1

200
OK

cm
a.rfihub.com/ Frame 8374
Redirect Chain

https://cm.g.doubleclick.net/pixel?&in=0&google_nid=zeta_interactive&google_cm=&google_sc=&google_hm=NTEyNDMyMjMyNDMzMDA1ODYzMQ==&forward=
https://cm.g.doubleclick.net/pixel?in=0&google_nid=zeta_interactive&google_cm=&google_sc=&google_hm=NTEyNDMyMjMyNDMzMDA1ODYzMQ==&forward=&google_tc=
https://a.rfihub.com/cm?pub=445&in=0&forward=&google_gid=CAESED-rHtHxVVtb8AyHwBUjSjM&google_cver=1

42 B
1 KB

209ms
69ms

Image
image/gif

193.0.160.129
ROCKETFUEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.rfihub.com/cm?pub=445&in=0&forward=&google_gid=CAESED-rHtHxVVtb8AyHwBUjSjM&google_cver=1
Protocol: HTTP/1.1
Server: 193.0.160.129 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software: Jetty(9.3.29.v20201019) /
Resource Hash: 47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://20841584p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/gif
Date: Wed, 28 Dec 2022 04:19:15 GMT
Cache-Control: no-cache
Server: Jetty(9.3.29.v20201019)
Content-Length: 42
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma: no-cache
date: Wed, 28 Dec 2022 04:19:15 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://a.rfihub.com/cm?pub=445&in=0&forward=&google_gid=CAESED-rHtHxVVtb8AyHwBUjSjM&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 311
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

bounce
ib.adnxs.com/ Frame 8374
Redirect Chain

https://ib.adnxs.com/setuid?entity=18&code=5124322324330058631
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D18%26code%3D5124322324330058631

43 B
1 KB

27ms
27ms

Image
image/gif

37.252.171.84
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D18%26code%3D5124322324330058631

Protocol

HTTP/1.1

Server

37.252.171.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://20841584p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 28 Dec 2022 04:19:15 GMT
AN-X-Request-Uuid: d6f82dd3-92b4-4a7d-b24e-0676efad4952
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 192.145.127.221; 192.145.127.221; 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 28 Dec 2022 04:19:15 GMT
AN-X-Request-Uuid: 060b9453-638a-49ac-9ec6-55f645435849
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D18%26code%3D5124322324330058631
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 192.145.127.221; 192.145.127.221; 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

demconf.jpg
dpm.demdex.net/ Frame 8374
Redirect Chain

https://dpm.demdex.net/ibs:dpid=1121&dpuuid=5124322324330058631&redir=
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=5124322324330058631&redir=

42 B
942 B

49ms
48ms

Image
image/gif

34.241.134.251
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=5124322324330058631&redir=

Protocol

HTTP/1.1

Server

34.241.134.251 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-241-134-251.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://20841584p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v045-07bcfe959.edge-irl1.demdex.com 1 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: 31CwGV0rQgA=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS: dcs-prod-irl1-2-v045-0bb46f593.edge-irl1.demdex.com 0 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: ud/U64+ZQ8Q=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=5124322324330058631&redir=
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 sd
us-u.openx.net/w/1.0/ Frame 8374 43 B
273 B 125ms
33ms Image
image/gif 34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537073062&val=5124322324330058631&r=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://20841584p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Dec 2022 04:19:15 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1

200
OK

match
ps.eyeota.net/ Frame 8374
Redirect Chain

https://p.rfihub.com/cm?pub=24472&in=1
https://ps.eyeota.net/match?uid=5124322324330058631&bid=omt9pi0

0
344 B

155ms
54ms

Image
text/plain

3.124.210.90
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/match?uid=5124322324330058631&bid=omt9pi0
Protocol: HTTP/1.1
Server: 3.124.210.90 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-210-90.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://20841584p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Wed, 28 Dec 2022 04:19:15 GMT
Content-Length: 0
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

Location: https://ps.eyeota.net/match?uid=5124322324330058631&bid=omt9pi0
Date: Wed, 28 Dec 2022 04:19:15 GMT
Server: Jetty(9.3.29.v20201019)
Content-Length: 0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 204 put
e1.emxdgt.com/ Frame 8374 0
55 B 137ms
25ms Image
text/html 18.158.8.202
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e1.emxdgt.com/put?d=d16&uid=5124322324330058631
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.158.8.202 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-158-8-202.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://20841584p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 28 Dec 2022 04:19:14 GMT
content-length: 0
content-type: text/html

GET
H2 200 cksync.php
contextual.media.net/ Frame 8374 45 B
616 B 161ms
64ms Image
image/gif 92.123.38.97
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?cs=3&type=rkt&ovsid=5124322324330058631

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

92.123.38.97 Vienna, Austria, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a92-123-38-97.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://20841584p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Wed, 28 Dec 2022 04:19:15 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
content-length: 45
x-mnet-hl2: E
expires: Wed, 28 Dec 2022 04:19:15 GMT

GET
H3

200

362358.gif
idsync.rlcdn.com/ Frame 8374
Redirect Chain

https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5124322324330058631&referrer=https%3A%2F%2Fgruppo.bancobpm.it%2F
https://p.rfihub.com/cm?pub=39342&in=0&userid=6f2cdfb9-eb04-44ad-a4ac-1de0cd3a02f5%3A1672201155.1710062&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3D6f2cdfb9-eb04-44ad-a4ac-1de0cd3...
https://idsync.rlcdn.com/501709.gif?partner_uid=6f2cdfb9-eb04-44ad-a4ac-1de0cd3a02f5%3A1672201155.1710062
https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm
https://idsync.rlcdn.com/362358.gif?google_gid=CAESELChbm2eOtvh75lAzemQhEI&google_cver=1

42 B
60 B

72ms
72ms

Image
image/gif

35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/362358.gif?google_gid=CAESELChbm2eOtvh75lAzemQhEI&google_cver=1
Protocol: H3
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://20841584p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 28 Dec 2022 04:19:15 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

Redirect headers

pragma: no-cache
date: Wed, 28 Dec 2022 04:19:15 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://idsync.rlcdn.com/362358.gif?google_gid=CAESELChbm2eOtvh75lAzemQhEI&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 289
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
bpi.rtactivate.com/tag/ Frame 8374 43 B
109 B 446ms
171ms Image
image/gif 3.231.172.211
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bpi.rtactivate.com/tag/?id=11017&user_id=5124322324330058631
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.231.172.211 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-231-172-211.compute-1.amazonaws.com
Software: awselb/2.0 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://20841584p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 28 Dec 2022 04:19:15 GMT
server: awselb/2.0
content-length: 43
content-type: image/gif

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 8374
Redirect Chain

https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5124322324330058631&forward=
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5124322324330058631&forward=&C=1

43 B
766 B

26ms
26ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5124322324330058631&forward=&C=1
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://20841584p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 28 Dec 2022 04:19:15 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

Pragma: no-cache
Date: Wed, 28 Dec 2022 04:19:15 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: /rum?cm_dsp_id=57&external_user_id=5124322324330058631&forward=&C=1
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 0
Expires: 0

GET
H2 200 360947.gif
idsync.rlcdn.com/ Frame 8374 42 B
448 B 106ms
34ms Image
image/gif 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/360947.gif?partner_uid=5124322324330058631
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://20841584p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 28 Dec 2022 04:19:15 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

GET
H2 200 rocketfuel_sync
x.dlx.addthis.com/e/ Frame 8374 43 B
191 B 1018ms
423ms Image
image/gif 23.203.125.189
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://x.dlx.addthis.com/e/rocketfuel_sync?na_exid=5124322324330058631

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.203.125.189 Vienna, Austria, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-203-125-189.deploy.static.akamaitechnologies.com

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://20841584p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

expires: Wed, 28 Dec 2022 04:19:16 GMT
pragma: no-cache
date: Wed, 28 Dec 2022 04:19:16 GMT
cache-control: max-age=0, no-cache, no-store
strict-transport-security: max-age=2628000
content-length: 43
content-type: image/gif

GET
H/1.1

200

partner
sync.search.spotxchange.com/ Frame 8374
Redirect Chain

https://sync.search.spotxchange.com/partner?adv_id=7180&uid=5124322324330058631&img=1
https://sync.search.spotxchange.com/partner?adv_id=7180&uid=5124322324330058631&img=1&__user_check__=1&sync_id=ca24ea93-8666-11ed-8c0e-1974e5cf0306

43 B
549 B

87ms
86ms

Image
image/gif

185.94.180.126
SPOTX-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.search.spotxchange.com/partner?adv_id=7180&uid=5124322324330058631&img=1&__user_check__=1&sync_id=ca24ea93-8666-11ed-8c0e-1974e5cf0306
Protocol: HTTP/1.1
Server: 185.94.180.126 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://20841584p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Wed, 28 Dec 2022 04:19:15 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 113
Connection: keep-alive
Content-Length: 43

Redirect headers

Date: Wed, 28 Dec 2022 04:19:15 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Location: /partner?adv_id=7180&uid=5124322324330058631&img=1&__user_check__=1&sync_id=ca24ea93-8666-11ed-8c0e-1974e5cf0306
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 120
Connection: keep-alive
Content-Length: 0

GET
H2 200 sync
partners.tremorhub.com/ Frame 8374 43 B
183 B 402ms
112ms Image
image/gif 2600:1f18:612b:4264:d47e:9b8d:b43d:b5ab
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://partners.tremorhub.com/sync?UIRF=5124322324330058631&r=w5rVEO-jiJJ1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4264:d47e:9b8d:b43d:b5ab Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://20841584p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date: Wed, 28 Dec 2022 04:19:15 GMT
server: Apache-Coyote/1.1
content-type: image/gif

GET
H2 200 g.pixel
aa.agkn.com/adscores/ Frame 8374 43 B
377 B 196ms
50ms Image
image/gif 54.74.181.165
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aa.agkn.com/adscores/g.pixel?sid=9212192898&rf=5124322324330058631
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.74.181.165 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-74-181-165.eu-west-1.compute.amazonaws.com
Software: AAWebServer /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://20841584p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Dec 2022 04:19:15 GMT
server: AAWebServer
access-control-allow-methods: GET, POST, OPTIONS
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: accept, cache-control, origin, x-requested-with, x-file-name, content-type
content-length: 43
expires: 0

GET
H2 204 usermatch.gif
beacon.krxd.net/ Frame 8374 0
337 B 194ms
47ms Image
text/plain 34.247.119.70
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner_id=rfuel&partner_user_id=5124322324330058631
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.247.119.70 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-119-70.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://20841584p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-served-by: beacon-n007-dub-prod.krxd.net
date: Wed, 28 Dec 2022 04:19:15 GMT
cache-control: private, no-cache, no-store
x-request-time: D=36 t=1672201155
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2

200

sync
x.bidswitch.net/ul_cb/ Frame 8374
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=119&user_id=5124322324330058631&expires=30
https://x.bidswitch.net/ul_cb/sync?dsp_id=119&user_id=5124322324330058631&expires=30

43 B
344 B

72ms
70ms

Image
image/gif

18.158.158.96
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/ul_cb/sync?dsp_id=119&user_id=5124322324330058631&expires=30
Protocol: H2
Server: 18.158.158.96 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-158-158-96.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://20841584p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 28 Dec 2022 04:19:15 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

Redirect headers

location: https://x.bidswitch.net/ul_cb/sync?dsp_id=119&user_id=5124322324330058631&expires=30
date: Wed, 28 Dec 2022 04:19:15 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H/1.1

200
OK

cm
p.rfihub.com/ Frame 8374
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D
https://sync-tm.everesttech.net/ct/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D&_test=Y6vDwwAHR8uvpwAZ
https://p.rfihub.com/cm?in=1&pub=21653&userid=Y6vDwwAHR8uvpwAZ&_test=Y6vDwwAHR8uvpwAZ

42 B
1 KB

40ms
39ms

Image
image/gif

193.0.160.129
ROCKETFUEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.rfihub.com/cm?in=1&pub=21653&userid=Y6vDwwAHR8uvpwAZ&_test=Y6vDwwAHR8uvpwAZ
Protocol: HTTP/1.1
Server: 193.0.160.129 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software: Jetty(9.3.29.v20201019) /
Resource Hash: 47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://20841584p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/gif
Date: Wed, 28 Dec 2022 04:19:15 GMT
Cache-Control: no-cache
Server: Jetty(9.3.29.v20201019)
Content-Length: 42
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

x-served-by: cache-mxp6965-MXP
pragma: no-cache
date: Wed, 28 Dec 2022 04:19:15 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1672201156.650675,VS0,VE0
x-cache: HIT
location: https://p.rfihub.com/cm?in=1&pub=21653&userid=Y6vDwwAHR8uvpwAZ&_test=Y6vDwwAHR8uvpwAZ
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2

200

sync
x.bidswitch.net/ul_cb/ Frame 7286
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=46&user_id=k-E9PzcV30zFgxwA0rdWO2D-rrbxMl_9SNNBkXUA&expires=30
https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-E9PzcV30zFgxwA0rdWO2D-rrbxMl_9SNNBkXUA&expires=30

43 B
344 B

70ms
68ms

Image
image/gif

18.158.158.96
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-E9PzcV30zFgxwA0rdWO2D-rrbxMl_9SNNBkXUA&expires=30
Protocol: H2
Server: 18.158.158.96 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-158-158-96.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 28 Dec 2022 04:19:15 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

Redirect headers

location: https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-E9PzcV30zFgxwA0rdWO2D-rrbxMl_9SNNBkXUA&expires=30
date: Wed, 28 Dec 2022 04:19:15 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/google/ Frame 7286
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-HR8XXl30zFgxwA0rdWO2D-rrbxOmmpvF_7VP3g&google_cm&google_hm=ay1IUjhYWGwzMHpGZ3h3QTByZFdPMkQtcnJieE9tbXB2R...
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-HR8XXl30zFgxwA0rdWO2D-rrbxOmmpvF_7VP3g&google_gid=CAESEGajczyidhRjMrLFexSqKDw&google_cver=1&google_ula=913071,0

43 B
371 B

113ms
33ms

Image
image/gif

178.250.0.163
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-HR8XXl30zFgxwA0rdWO2D-rrbxOmmpvF_7VP3g&google_gid=CAESEGajczyidhRjMrLFexSqKDw&google_cver=1&google_ula=913071,0

Protocol

Server

178.250.0.163 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Dec 2022 04:19:14 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1192428
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 28 Dec 2022 04:19:15 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-HR8XXl30zFgxwA0rdWO2D-rrbxOmmpvF_7VP3g&google_gid=CAESEGajczyidhRjMrLFexSqKDw&google_cver=1&google_ula=913071,0
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 398
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/appnexus/ Frame 7286
Redirect Chain

https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=6444606497853958368

43 B
370 B

160ms
34ms

Image
image/gif

178.250.0.163
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=6444606497853958368

Protocol

Server

178.250.0.163 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Dec 2022 04:19:14 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 2021841
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date: Wed, 28 Dec 2022 04:19:15 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 192.145.127.221; 192.145.127.221; 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 1e5bce88-4958-4034-92ad-ccbab756af8f
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=6444606497853958368
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 rum
r.casalemedia.com/ Frame 7286 43 B
870 B 112ms
56ms Image
image/gif 104.18.33.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-V1TwDV30zFgxwA0rdWO2D-rrbxM7fiq7nJdIYA
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Dec 2022 04:19:15 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mye1cGb6zemkMTPTPQJpPWkI%2F%2BH7gZdy3DsthrZIE3prY2FyExSCD77sfHOpTK7NsS9wWY24dOvDdx1VKG4DRuMl214od1pNPwHhA8%2FjTXaVVB7E%2BUl%2FAIYvCGdaUDrfbpe5"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 78077f24f8f9e907-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

GET
H2

200

match
ad.360yield.com/ul_cb/ Frame 7286
Redirect Chain

https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-hiBUvF30zFgxwA0rdWO2D-rrbxNJk-DwafyLqA
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-hiBUvF30zFgxwA0rdWO2D-rrbxNJk-DwafyLqA

43 B
448 B

74ms
73ms

Image
image/gif

3.122.74.191
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-hiBUvF30zFgxwA0rdWO2D-rrbxNJk-DwafyLqA
Protocol: H2
Server: 3.122.74.191 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-122-74-191.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 28 Dec 2022 04:19:15 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

location: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-hiBUvF30zFgxwA0rdWO2D-rrbxNJk-DwafyLqA
date: Wed, 28 Dec 2022 04:19:15 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2 200 cksync.php
contextual.media.net/ Frame 7286 45 B
621 B 75ms
69ms Image
image/gif 92.123.38.97
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-6tYabl30zFgxwA0rdWO2D-rrbxNMWo1SnX1m3Q

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

92.123.38.97 Vienna, Austria, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a92-123-38-97.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Wed, 28 Dec 2022 04:19:15 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
content-length: 45
x-mnet-hl2: E
expires: Wed, 28 Dec 2022 04:19:15 GMT

GET
H/1.1 200
OK cookie-sync
sync.outbrain.com/ Frame 7286 0
145 B 270ms
78ms Image
text/plain 20.13.96.71
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=criteo&uid=k-auRoIF30zFgxwA0rdWO2D-rrbxP8M4s97q_5Tw
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.13.96.71 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Wed, 28 Dec 2022 04:19:15 GMT
Cache-Control: no-cache
X-TraceId: d54585e00741a83f5bf92b24f03cdc3f
Content-Length: 0

GET
H2 204 v1
match.sharethrough.com/sync/ Frame 7286 0
35 B 184ms
24ms Image
text/plain 18.196.238.199
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-fC9I5F30zFgxwA0rdWO2D-rrbxOJmFMRWW1HMA
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.196.238.199 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-196-238-199.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 28 Dec 2022 04:19:15 GMT

GET
H/1.1 200
OK /
rtb-csync.smartadserver.com/redir/ Frame 7286 43 B
163 B 175ms
36ms Image
image/gif 185.86.139.106
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-6mLTPV30zFgxwA0rdWO2D-rrbxONi8I0ESf2wg
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.106 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 28 Dec 2022 04:19:14 GMT
transfer-encoding: chunked
content-type: image/gif

GET
H2 200 /
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame 7286 0
99 B 164ms
39ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-7LhtvV30zFgxwA0rdWO2D-rrbxM3LnqiHvVfkQ
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 28 Dec 2022 04:19:15 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 47557

GET
H2 200 um
criteo-sync.teads.tv/ Frame 7286 23 B
172 B 248ms
89ms Image
image/gif 23.203.125.36
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://criteo-sync.teads.tv/um?eid=80&uid=k-Svqbol30zFgxwA0rdWO2D-rrbxMXLgXn8IHL8Q
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.203.125.36 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-203-125-36.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.9 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

expires: Wed, 28 Dec 2022 04:19:15 GMT
pragma: no-cache
date: Wed, 28 Dec 2022 04:19:15 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.9
content-length: 23
content-type: image/gif

GET
H2 200 xuid
eb2.3lift.com/ Frame 7286 37 B
140 B 134ms
26ms Image
image/gif 13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=2711&xuid=k-i0d2c130zFgxwA0rdWO2D-rrbxMJvjUdwzkG2A&dongle=013b
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 28 Dec 2022 04:19:15 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H2

204

sync
ups.analytics.yahoo.com/ups/58301/ Frame 7286
Redirect Chain

https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-W62ObV30zFgxwA0rdWO2D-rrbxPZn81EPNcFog
https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-W62ObV30zFgxwA0rdWO2D-rrbxPZn81EPNcFog&verify=true

0
121 B

120ms
103ms

Image
text/plain

18.156.0.31
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-W62ObV30zFgxwA0rdWO2D-rrbxPZn81EPNcFog&verify=true

Protocol

Server

18.156.0.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.25 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 28 Dec 2022 04:19:15 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location: https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-W62ObV30zFgxwA0rdWO2D-rrbxPZn81EPNcFog&verify=true
date: Wed, 28 Dec 2022 04:19:15 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 204 put
e1.emxdgt.com/ Frame 7286 0
22 B 30ms
25ms Image
text/html 18.158.8.202
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e1.emxdgt.com/put?d=d53&uid=k-y3BgeF30zFgxwA0rdWO2D-rrbxNxsiV_KgtjhA
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.158.8.202 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-158-8-202.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 28 Dec 2022 04:19:14 GMT
content-length: 0
content-type: text/html

GET
H2 200 pixel
cm.adform.net/ Frame 7286 43 B
163 B 256ms
114ms Image
image/gif 37.157.3.28
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.adform.net/pixel?adform_pid=15&adform_pc=k-JPUFll30zFgxwA0rdWO2D-rrbxNnPw0nnLIliw
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.3.28 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 28 Dec 2022 04:19:15 GMT
last-modified: Wed, 17 Apr 2019 14:00:27 GMT
server: nginx
accept-ranges: bytes
etag: "5cb7317b-2b"
content-length: 43
content-type: image/gif

GET
H2 200 sync
visitor.omnitagjs.com/visitor/ Frame 7286 49 B
235 B 261ms
35ms Image
image/gif 185.255.84.152
IGUANE-

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://visitor.omnitagjs.com/visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=CRITEO&visitor=k-haw0PV30zFgxwA0rdWO2D-rrbxOKC2KdnbsgXQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.255.84.152 , France, ASN200271 (IGUANE-, FR),

Reverse DNS

Software

ayl-lb-fra02 /

Resource Hash

d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Dec 2022 04:19:15 GMT
x-content-type-options: nosniff
server: ayl-lb-fra02
vary: Accept-Encoding
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 1
content-length: 49
expires: 0

GET
H/1.1

200
OK

ibs:dpid=28645&dpuuid=eWEmFBS34ZSxDwhbcljrD6sZjIw8IF17
dpm.demdex.net/ Frame 7286
Redirect Chain

https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=eWEmFBS34ZSxDwhbcljrD6sZjIw8IF17

42 B
942 B

65ms
65ms

Image
image/gif

34.241.134.251
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=28645&dpuuid=eWEmFBS34ZSxDwhbcljrD6sZjIw8IF17

Protocol

HTTP/1.1

Server

34.241.134.251 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-241-134-251.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v045-071cdea73.edge-irl1.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: pG5tWBFyTwg=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

location: https://dpm.demdex.net/ibs:dpid=28645&dpuuid=eWEmFBS34ZSxDwhbcljrD6sZjIw8IF17
date: Wed, 28 Dec 2022 04:19:15 GMT
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 1231495
content-length: 0

GET
H/1.1 200 9.gif
id5-sync.com/s/966/ Frame 7286 43 B
1 KB 243ms
29ms Image
image/gif 141.95.33.111
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/s/966/9.gif?puid=k-juFLh130zFgxwA0rdWO2D-rrbxMkXxUqcx1dPw

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

141.95.33.111 , Germany, ASN16276 (OVH, FR),

Reverse DNS

ns3203177.ip-141-95-33.eu

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type: image/gif;charset=UTF-8
date: Wed, 28 Dec 2022 04:19:15 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
transfer-encoding: chunked
p3p: CP="CAO PSA OUR"

GET
H2 200 sync
matching.ivitrack.com/ Frame 7286 42 B
274 B 239ms
33ms Image
image/gif 34.117.157.22
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://matching.ivitrack.com/sync?realm=criteo&uid=k-OtpSDV30zFgxwA0rdWO2D-rrbxMgzmmfDwGcDA
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.157.22 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 22.157.117.34.bc.googleusercontent.com
Software: istio-envoy /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 28 Dec 2022 04:19:15 GMT
x-envoy-decorator-operation: tag-manager.programmatic.svc.cluster.local:3000/*
via: 1.1 google
server: istio-envoy
content-type: image/gif
cache-control: public, max-age=86400
x-envoy-upstream-service-time: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

GET
H2 200 push
exchange.mediavine.com/usersync/ Frame 7286 0
880 B 191ms
99ms Image
text/html 3.74.120.124
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://exchange.mediavine.com/usersync/push?partner=criteo&partnerId=k-c_SZjl30zFgxwA0rdWO2D-rrbxOFoEHDJMY15w
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.74.120.124 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-74-120-124.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 28 Dec 2022 04:19:15 GMT
cache-control: private, no-cache
access-control-allow-credentials: true
content-encoding: gzip
vary: Origin, Accept-Encoding
content-type: text/html; charset=utf-8

GET
H2 200 Pug
simage2.pubmatic.com/AdServer/ Frame 7286 42 B
578 B 213ms
38ms Image
image/gif 185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-n8f6R130zFgxwA0rdWO2D-rrbxP_GEFMdz-1Qg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Wed, 28 Dec 2022 04:19:15 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 200 sync
criteo-partners.tremorhub.com/ Frame 7286 43 B
182 B 199ms
184ms Image
image/gif 2600:1f18:612b:4264:d47e:9b8d:b43d:b5ab
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://criteo-partners.tremorhub.com/sync?UICR=k-aDbRsF30zFgxwA0rdWO2D-rrbxMHu6wIB8M1tw
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4264:d47e:9b8d:b43d:b5ab Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date: Wed, 28 Dec 2022 04:19:15 GMT
server: Apache-Coyote/1.1
content-type: image/gif

GET
H/1.1 204
No Content m
ad.yieldlab.net/ Frame 7286 0
360 B 229ms
57ms Image
text/plain 104.70.110.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.yieldlab.net/m?dt_id=8664&ext_id=k-rXk19l30zFgxwA0rdWO2D-rrbxM2r1Y3AMTDfg

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.70.110.28 Vienna, Austria, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-70-110-28.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 28 Dec 2022 04:19:15 GMT
x-content-type-options: nosniff
x-frame-options: DENY
Cache-Control: no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection: keep-alive
x-xss-protection: 1; mode=block
x-application-context: application
Expires: Tue, 27 Dec 2022 04:19:15 GMT

GET
H2 200 sync
sync-criteo.ads.yieldmo.com/ Frame 7286 43 B
220 B 219ms
47ms Image
image/gif 54.194.137.201
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-criteo.ads.yieldmo.com/sync?id=k-MdJcIl30zFgxwA0rdWO2D-rrbxPqaVF1-Ifv7A&pn_id=criteo&ext=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.194.137.201 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-194-137-201.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Wed, 28 Dec 2022 04:19:15 GMT
content-type: image/gif
content-length: 43
access-control-allow-methods: GET, OPTIONS
access-control-request-headers: Cache-Control, Pragma

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame 7286
Redirect Chain

https://gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40
https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=yc2ZB5eGCmdIutsgdii6xM4KqTYZ5fgh

0
336 B

88ms
84ms

Image
text/plain

34.247.119.70
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=yc2ZB5eGCmdIutsgdii6xM4KqTYZ5fgh
Protocol: H2
Server: 34.247.119.70 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-119-70.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-served-by: beacon-n015-dub-prod.krxd.net
date: Wed, 28 Dec 2022 04:19:15 GMT
cache-control: private, no-cache, no-store
x-request-time: D=28 t=1672201155
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=yc2ZB5eGCmdIutsgdii6xM4KqTYZ5fgh
date: Wed, 28 Dec 2022 04:19:14 GMT
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 990379
content-length: 0

GET
H2

200

cs
s.thebrighttag.com/ Frame 7286
Redirect Chain

https://gum.criteo.com/sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40
https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=EtNGG2hA4nmgzix3OdWmadgTyPXgUKGI

35 B
269 B

467ms
118ms

Image
image/gif

3.23.121.164
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=EtNGG2hA4nmgzix3OdWmadgTyPXgUKGI
Protocol: H2
Server: 3.23.121.164 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-23-121-164.us-east-2.compute.amazonaws.com
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Dec 2022 04:19:16 GMT
x-bt-requestid: ca856780-8666-11ed-a869-0000ac170385
server: nginx
content-type: image/gif
access-control-allow-origin
p3p: CP=NOI DSP COR NID
cache-control: private, must-revalidate
content-length: 35
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=EtNGG2hA4nmgzix3OdWmadgTyPXgUKGI
date: Wed, 28 Dec 2022 04:19:14 GMT
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 1553183
content-length: 0

Verdicts & Comments Add Verdict or Comment

31 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

54 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
gruppo.bancobpm.it/	1970-01-20 08:31:27	Name: connect.sid Value: s%3A5e_1T6DpqLPms_84jUesQe90Px1PJbSi.58K80GXvPo%2BpMTywdXDk8qdNLdkvt%2FfzkZTEVTCwKkk
.bancobpm.it/	1970-01-20 10:39:37	Name: _gcl_au Value: 1.1.1632479202.1672201154
.bancobpm.it/	1970-01-20 18:06:01	Name: _ga_H819FG2J5P Value: GS1.1.1672201154.1.0.1672201154.0.0.0
.bancobpm.it/	1970-01-20 18:06:01	Name: _ga Value: GA1.1.175561005.1672201155
.bancobpm.it/	1970-01-20 18:06:01	Name: _ga_NM60HKNYPF Value: GS1.1.1672201154.1.0.1672201154.0.0.0
.criteo.com/	1970-01-20 17:51:37	Name: uid Value: 146e2da8-f1c5-477c-9f18-35266723b1bf
.bancobpm.it/	1970-01-20 17:59:25	Name: cto_bundle Value: qF3QLF9GbiUyQkE3cExCWU1Xb1Nya3B3VFpkdENmckZoTzhGZ2JoUU10eGUxMExaRU5kNTVic2QzMTFGemRBWnBpQ1FkSThxRTZGVE9yc04lMkJ4JTJCV3RPamNsam9Qd1kxM1dKYW53Y2VXVTlpZElHVkd3UG5GM2pucHN4T0hGeE1EU2clMkZwSGQzZU9OOXZ4dmdzV0Zkd1I4bnpmQlhQZyUzRCUzRA
.rfihub.com/	1970-01-20 17:51:37	Name: rud Value: H4sIAAAAAAAA_-MSNjU0MjE2MjIGksYGBqYWZsaGQnyGupnxRgYlQd4l5i6VuQBd9q-FJQAAAA
.rfihub.com/	1969-12-31 23:59:59	Name: ruds Value: H4sIAAAAAAAA_-MSNjU0MjE2MjIGksYGBqYWZsaGQnyGupnxRgYlQd4l5i6VuQBd9q-FJQAAAA
.adnxs.com/	1970-01-20 10:39:37	Name: uuid2 Value: 6444606497853958368
.casalemedia.com/	1970-01-20 17:15:37	Name: CMID Value: Y6vDw74UaUE0cm4lXsvQiQAA
.casalemedia.com/	1970-01-20 10:39:37	Name: CMPS Value: 5222
.casalemedia.com/	1970-01-20 10:39:37	Name: CMPRO Value: 5222
.adnxs.com/	1970-01-20 10:39:37	Name: anj Value: dTM7k!M4/YErk#WF']wIg2Hb^MwC0f!1yIE`Wq3dShskA5Hr@L3kGiF$-Uy4$/[2NejJTQl]ogdTD._*PlZ[C[-kX-'uOVL
.media.net/	1970-01-20 17:15:37	Name: visitor-id Value: 3152027556092569000V10
.media.net/	1970-01-20 17:14:10	Name: data-rk Value: 5124322324330058631~~3
.demdex.net/	1970-01-20 12:49:13	Name: demdex Value: 54429864249506058033044268865805217277
.rlcdn.com/	1970-01-20 17:15:37	Name: rlas3 Value: NEaXO7LxyN2oWzU/U1zlcqvrrNN0YSUidtXn0WH1LiY=
.dpm.demdex.net/	1970-01-20 12:49:13	Name: dpm Value: 54429864249506058033044268865805217277
.rezync.com/	1970-01-20 12:48:44	Name: zync-uuid Value: 6f2cdfb9-eb04-44ad-a4ac-1de0cd3a02f5:1672201155.1710062
live.rezync.com/	1970-01-20 12:49:13	Name: sd-session-id Value: .eJwNyksKwzAMANG7aB0XSf6k9WWCY8tg2rglSjcNuXu9GXgwJywf2bfUpR8Qj_0rE-RXG1KIJ2j7bfKECJ7YWWY7ahH9PViCawIV1fbuSyvjCZVzqevDyIrOOJeKSS5lQ0UwF5uQq48UZmYk8v5GMyEGhusP1IkmdA.Y6vDww.u0ggmVKFVQ_JnwLWGj3mi-pKa-E
.eyeota.net/	1970-01-20 08:30:01	Name: SERVERID Value: 17931~DM
.media.net/	1970-01-20 09:13:13	Name: data-c Value: k-6tYabl30zFgxwA0rdWO2D-rrbxNMWo1SnX1m3Q~~3
.media.net/	1970-01-20 09:13:13	Name: data-c-ts Value: 1672201155
.doubleclick.net/	1970-01-20 17:51:37	Name: IDE Value: AHWqTUlMpVjYkRoDybQX7APwcJjiE710H1o6iSzRX95MN13Ii_B7zK0hawEq3v5hZGE
.casalemedia.com/	1970-01-20 10:39:37	Name: CMTS Value: 3267
.rlcdn.com/	1970-01-20 09:56:25	Name: pxrc Value: CMOHr50GEgYIuuoBEAA=
.krxd.net/	1970-01-20 12:49:13	Name: _kuid_ Value: PSLnG8cO
.bidswitch.net/	1970-01-20 17:15:37	Name: c Value: 1672201155
.bidswitch.net/	1970-01-20 17:15:37	Name: tuuid_lu Value: 1672201155
.bidswitch.net/	1970-01-20 17:15:37	Name: tuuid Value: 652c2750-06ec-448c-93d9-03833e11e607
.360yield.com/	1970-01-20 10:39:37	Name: tuuid Value: e418f04b-c1a5-4bb5-a6b2-db7429efadf3
.360yield.com/	1970-01-20 10:39:37	Name: tuuid_lu Value: 1672201155
.spotxchange.com/	1970-01-20 09:10:20	Name: audience Value: ca24ea59-8666-11ed-8c0e-1974e5cf0306
.everesttech.net/	1970-01-20 17:15:37	Name: everest_g_v2 Value: g_surferid~Y6vDwwAHR8uvpwAZ
.360yield.com/	1970-01-20 10:39:37	Name: um Value: !38,Ia1l8vmp7NAAr52QHIezfpxbUUvIYI26jK8JHMz90IWtIZLF5KXkZcfRSClEYOYblSdrOSrI,1679977155
.360yield.com/	1970-01-20 10:39:37	Name: umeh Value: !38,0,1734409155,-1
.yahoo.com/	1970-01-20 17:15:58	Name: A3 Value: d=AQABBMPDq2MCEDr_ShEe877iHhP_MPjVA-8FEgEBAQEVrWO1YwAAAAAA_eMAAA&S=AQAAAjWV_fEh7YTnFKwv17o8jZs
.analytics.yahoo.com/	1970-01-20 17:15:37	Name: IDSYNC Value: 18zh~293g
exchange.mediavine.com/	1970-01-20 08:50:10	Name: mv_tokens Value: %7B%22mv_uuid%22%3A%22ca43caa0-8666-11ed-a608-a3f31cfe965b%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 08:50:10	Name: mv_tokens_eu-v1 Value: %7B%22mv_uuid%22%3A%22ca43caa0-8666-11ed-a608-a3f31cfe965b%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 08:50:10	Name: am_tokens Value: %7B%22mv_uuid%22%3A%22ca43caa0-8666-11ed-a608-a3f31cfe965b%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 08:50:10	Name: am_tokens_eu-v1 Value: %7B%22mv_uuid%22%3A%22ca43caa0-8666-11ed-a608-a3f31cfe965b%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 08:50:10	Name: criteo Value: %7B%22id%22%3A%22k-c_SZjl30zFgxwA0rdWO2D-rrbxOFoEHDJMY15w%22%2C%22version%22%3A%22criteo%22%7D
.rfihub.com/	1969-12-31 23:59:59	Name: euds Value: H4sIAAAAAAAA_-OSMXR2dA12ddEt8ijxqAgLK0mycKz0KHcKzQrO8l3FKBBpVuZSXu7oEWRRWlZQ7hjVxGJulmaUnJKWZKmbmmRgomtikpiim2iSmKxrmJJqkJxinGhglGZqZWhmbmRkYGhoaqpnaG5oYGBmBAAY1vukawAAAA
.rfihub.com/	1970-01-20 17:51:37	Name: eud Value: H4sIAAAAAAAA_-OSMXR2dA12ddEt8ijxqAgLK0mycKz0KHcKzQrO8g3iNTQzNzIyMDQ0NTWxMJ3FiOCbWJqa7ULjn0Ljv0Lj_0LjT2JC5c9C4y9C469C429C4-9CV8-Cyr-FxDc1NDZZxCoQaVbmUl7u6BFkUVpWUO4YtYoVSYmZhfEmVjQruNGcyIvmJWFzszSj5JS0JEvd1CQDE10Tk8QU3USTxGRdw5RUg-QU40QDozRTK4QleobmhgYGZkazhJFsNjYwXCSMavIjND4Af1FbFroBAAA
.id5-sync.com/	1970-01-20 08:30:01	Name: cf Value:
.id5-sync.com/	1970-01-20 08:30:01	Name: cip Value:
.id5-sync.com/	1970-01-20 08:30:01	Name: cnac Value:
.id5-sync.com/	1970-01-20 08:30:01	Name: car Value:
.id5-sync.com/	1970-01-20 08:30:01	Name: gdpr Value:
.id5-sync.com/	1970-01-20 08:30:01	Name: callback Value:
.pubmatic.com/	1970-01-20 09:13:13	Name: KRTBCOOKIE_97 Value: 3385-uid:k-n8f6R130zFgxwA0rdWO2D-rrbxP_GEFMdz-1Qg&KRTB&23144-uid:k-n8f6R130zFgxwA0rdWO2D-rrbxP_GEFMdz-1Qg&KRTB&23286-uid:k-n8f6R130zFgxwA0rdWO2D-rrbxP_GEFMdz-1Qg&KRTB&23287-uid:k-n8f6R130zFgxwA0rdWO2D-rrbxP_GEFMdz-1Qg
.pubmatic.com/	1970-01-20 09:13:13	Name: PugT Value: 1672201155

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
rendering	warning	URL: https://gruppo.bancobpm.it/ Message: The key "" is not recognized and ignored.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

20841584p.rfihub.com
a.rfihub.com
aa.agkn.com
ad.360yield.com
ad.yieldlab.net
beacon.krxd.net
bpi.rtactivate.com
c1.rfihub.net
cm.adform.net
cm.g.doubleclick.net
contextual.media.net
criteo-partners.tremorhub.com
criteo-sync.teads.tv
dis.criteo.com
dpm.demdex.net
dsum-sec.casalemedia.com
dynamic.criteo.com
e1.emxdgt.com
eb2.3lift.com
exchange.mediavine.com
fonts.googleapis.com
fonts.gstatic.com
gruppo.bancobpm.it
gum.criteo.com
ib.adnxs.com
id5-sync.com
idsync.rlcdn.com
live.rezync.com
match.sharethrough.com
matching.ivitrack.com
mug.criteo.com
p.rfihub.com
partners.tremorhub.com
ps.eyeota.net
r.casalemedia.com
region1.google-analytics.com
rtb-csync.smartadserver.com
s.thebrighttag.com
simage2.pubmatic.com
sslwidget.criteo.com
sync-criteo.ads.yieldmo.com
sync-t1.taboola.com
sync-tm.everesttech.net
sync.outbrain.com
sync.search.spotxchange.com
ups.analytics.yahoo.com
us-u.openx.net
visitor.omnitagjs.com
www.googletagmanager.com
x.bidswitch.net
x.dlx.addthis.com
104.18.33.19
104.70.110.28
108.138.17.118
13.248.245.213
141.226.228.48
141.95.33.111
142.250.201.194
151.101.194.49
178.250.0.157
178.250.0.163
178.250.2.151
18.156.0.31
18.158.158.96
18.158.8.202
18.196.238.199
185.255.84.152
185.64.190.80
185.80.39.216
185.86.139.106
185.94.180.126
193.0.160.129
20.13.96.71
2001:4860:4802:34::36
23.203.125.189
23.203.125.36
2600:1f18:612b:4264:d47e:9b8d:b43d:b5ab
2600:9000:223c:5600:1:76cf:fe80:93a1
2a00:1450:400d:807::2003
2a00:1450:400d:807::2008
2a00:1450:400d:808::200a
2a02:2638::14
2a02:2638::1c
3.122.74.191
3.124.210.90
3.23.121.164
3.231.172.211
3.74.120.124
34.117.157.22
34.241.134.251
34.247.119.70
34.98.64.218
35.244.174.68
37.157.3.28
37.252.171.84
54.194.137.201
54.74.181.165
66.22.35.29
92.123.38.97
1944c4148ea5e3040f1bc73bd6942d041b2f882e0435731fe519f87783330a9d
1b2119561d1e6f2b6c8e9849d69b904fae37496c91e40142efe583bd24cd7492
1d29681664cfba7e83f660f672516ca3d894195ce76b29884793f7a87c37517d
2352d20f7d20c845e53cd180443b733c6e4a97614719290148e61234634d347e
2479f244dcd4b057ee9dbefa8125613b7b4b2a25908172d043a14fbfab89c82e
26726bac4060abb1226e6ceebc1336e84930fe7a7af1b3895a109d067f5b5dcc
3230ea6b99dcd996024c323641ae0983e58f6b27b73aec44a7110d3b1e2d62bc
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
35c92598a5f32c018dc630f57b183b0284c211ce9c222e5b36840a62115262f1
3b0dadf4423a134071b59bd3dee5dc7eb17334f6e8559cf1d2676231670d587f
413253006eb20693c8091400073ae0ef3f1e0161df1e101878d3e64719f8d01d
42d4434af346d7a8b59fa2e7f84d78ef5892634164bc9b165c6bda4cd6e845b5
45745158a57714e698a9fb32cc6495780a19b5cc70348910665fad03baf9b5c6
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
50f2914d3be98f1b28dc285da3f4ff3f3d775f31b47c4ff752c4a19cd8bd57a5
544cb898944142fdee644f5a99254b3d92703153f2e63b263483852b25634f9c
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5b674aee5eacd18701c17228c9d884ce9a85809dc42d72fbed173d4875c53bc5
5bbdd344e3c77a0f19b6c7ec8d7ea2ddca4f7b2e2ee3755ce79a8a0cca7d1e6f
653f3e53e89b4f8548ff86c19e92bb3c6b84b6be7485a320b1e00893ed877479
75fa1c4760ad6194a99710872e3612002c84c4df8339a57be0cb4aad1bde794a
7881d4931e3ae905b7699084ba798584714fa1f45ec0fbcd88f5dc1eebebcf2b
7e940b255608a80d5c0fe47fe1e84ca11f88b1dcc14a988046a011d7cc0a572b
7ef97b12890fc6fee67f869c6e1f74b6719de7d66ac0d649c8d7386a80b4c30f
8121ed02fc719a1b5cd843c6af78e25f81fe71745140abc0c2b5231478885f6e
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8ad6dd946ae435a6df837d8dd36671a4660e2d87207ced7e33ac1af9f5e076fe
90c14ae1978476c9e395e68fa9be8ee349143c7343afb004b4c50f32265b2069
956a29e4b4d1d52e7105260b871f0b1b001c915a0cd0a5e19d8ef5ef1380c522
95f6974e52b137fbd1313995d46541cb75e7c61f9071e83780233b7e373104d6
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
9e159a9fe1b93342811fedbcc5a3a50ab5322c911ab766030a8c5ba75990df32
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a589b80c242c30c50a51fceff96d24e7bb81489c886cac4d308e205b8d8a0f78
a5ae296481f255fd8d290fe112dd1bef64b02a3865d78d004e29cf7b566eb417
a5c169486559b0e82dbbecb26aceb82b3685e220505b254d4e98a7f2f116d10f
ac1780539284acbea9abd8cc08ef7aa2a23c76e211830ae42a7d556b948f9a2d
ae49f99cf95759f66b4b938eb0f944a62afb4299c96ce934043c04a4ebb9d70e
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
aeb779d96af4bfa1b664c203d52fbd9ef573b84a31b34314668325fc784e1b13
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
c9b1707498b2914cc54fd121bc54ebf66621ba736c8e5f5ed863e0108bfda449
cdc29d63165b4fd44fdfa268c5e5cac92050deb861405b56522a8d1be96b8d22
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
dd73f0abae3409af308412cb704ee1503793c1453e71224ebede67459f622f4d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3218e0bd433a05b911b2198011a5801f858b9b1ac7c96c87f66379431b79817
f3dfa92ea898179d33c912369ac0602c7379862ff19168dbf489205b63c5b935
f7b4ccfb087bc962c4203e26273b4edbde230350f5a92097b8a29d44196d7277

gruppo.bancobpm.it Open in urlscan Pro 66.22.35.29 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

87 Requests

79 %HTTPS

17 %IPv6

43 Domains

51 Subdomains

46 IPs

10 Countries

3093 kBTransfer

5830 kBSize

54 Cookies

10 Outgoing links

Page URL History

Redirected requests

87 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

gruppo.bancobpm.it Open in urlscan Pro
66.22.35.29 Public Scan

Screenshot
Live screenshot

Full Image

87
Requests

79 %
HTTPS

17 %
IPv6

43
Domains

51
Subdomains

46
IPs

10
Countries

3093 kB
Transfer

5830 kB
Size

54
Cookies

87 HTTP transactions
1 data transactions