track.adform.net Open in urlscan Pro
37.157.6.252 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://track.adform.net/serving/container/?pm=625469&lid=38325283&ctype=1&media=1257577&PageName=SceltaOfferta&sysvars=%...
Submission: On June 18 via api (June 18th 2019, 12:40:47 pm UTC) from IT

Summary HTTP 47 Redirects Behaviour Indicators

Summary

This website contacted 32 IPs in 8 countries across 31 domains to perform 47 HTTP transactions. The main IP is 37.157.6.252, located in Denmark and belongs to ADFORM, DK. The main domain is track.adform.net.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on February 2nd 2018. Valid for: 2 years.

This is the only time track.adform.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	37.157.6.252 37.157.6.252	198622 (ADFORM) (ADFORM)
1	2a00:1450:400... 2a00:1450:4001:818::2008	15169 (GOOGLE) (GOOGLE - Google LLC)
1 2	52.94.216.48 52.94.216.48	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	2a00:1288:84:... 2a00:1288:84:800::1002	203219 (YAHOO-AMA) (YAHOO-AMA)
1	92.123.25.41 92.123.25.41	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
4	2a03:2880:f01... 2a03:2880:f01c:216:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK - Facebook)
1	91.228.74.140 91.228.74.140	27281 (QUANTCAST) (QUANTCAST - Quantcast Corporation)
1	151.101.36.157 151.101.36.157	54113 (FASTLY) (FASTLY - Fastly)
3	151.1.245.21 151.1.245.21	3242 (ASN-ITNET) (ASN-ITNET)
1	216.58.206.2 216.58.206.2	15169 (GOOGLE) (GOOGLE - Google LLC)
1	104.244.42.69 104.244.42.69	13414 (TWITTER) (TWITTER - Twitter Inc.)
2	2a00:1450:400... 2a00:1450:4001:824::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
2	2a00:1450:400... 2a00:1450:4001:816::2004	15169 (GOOGLE) (GOOGLE - Google LLC)
2	2a00:1450:400... 2a00:1450:4001:80b::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
3	2a03:2880:f11... 2a03:2880:f11c:8083:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK - Facebook)
2	193.0.160.129 193.0.160.129	54312 (ROCKETFUEL) (ROCKETFUEL - Rocket Fuel Inc.)
1	185.31.128.128 185.31.128.128	54312 (ROCKETFUEL) (ROCKETFUEL - Rocket Fuel Inc.)
1	2600:9000:200... 2600:9000:2001:ce00:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	91.228.74.163 91.228.74.163	27281 (QUANTCAST) (QUANTCAST - Quantcast Corporation)
1	104.244.42.67 104.244.42.67	13414 (TWITTER) (TWITTER - Twitter Inc.)
2	104.111.214.206 104.111.214.206	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
13 16	54.228.215.115 54.228.215.115	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
2 2	35.156.24.221 35.156.24.221	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1 2	35.157.167.170 35.157.167.170	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1 2	104.111.215.135 104.111.215.135	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
1	213.19.162.80 213.19.162.80	26667 (RUBICONPR...) (RUBICONPROJECT - The Rubicon Project)
2	151.101.2.2 151.101.2.2	54113 (FASTLY) (FASTLY - Fastly)
1	185.64.189.110 185.64.189.110	62713 (AS-PUBMATIC) (AS-PUBMATIC - PubMatic)
1 2	52.58.75.147 52.58.75.147	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1 2	54.93.143.241 54.93.143.241	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	185.33.223.215 185.33.223.215	29990 (ASN-APPNEXUS) (ASN-APPNEXUS - AppNexus)
1	34.95.92.78 34.95.92.78	15169 (GOOGLE) (GOOGLE - Google LLC)
1 2	173.241.240.143 173.241.240.143	36089 (OPENX-AS1) (OPENX-AS1 - OPENX TECHNOLOGIES)
2 2	172.217.18.2 172.217.18.2	15169 (GOOGLE) (GOOGLE - Google LLC)
47	32

1 37.157.6.252 (Denmark)

ASN198622 (ADFORM, DK)
PTR: s1.adform.net

track.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:818::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.94.216.48 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)

aax-eu.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1288:84:800::1002 (United Kingdom)

ASN203219 (YAHOO-AMA, NL)

s.yimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 92.123.25.41 (France)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a92-123-25-41.deploy.static.akamaitechnologies.com

c1.rfihub.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f01c:216:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.228.74.140 (United Kingdom)

ASN27281 (QUANTCAST - Quantcast Corporation, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.36.157 (Amsterdam, Netherlands)

ASN54113 (FASTLY - Fastly, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.1.245.21 (Italy)

ASN3242 (ASN-ITNET, IT)
PTR: bv01.er.bemail.it

bv01.er.bemail.it	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.206.2 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s20-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.69 (United States)

ASN13414 (TWITTER - Twitter Inc., US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:824::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:816::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f11c:8083:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 193.0.160.129 (Netherlands)

ASN54312 (ROCKETFUEL - Rocket Fuel Inc., US)

a.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.31.128.128 (United States)

ASN54312 (ROCKETFUEL - Rocket Fuel Inc., US)

20792338p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2001:ce00:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.228.74.163 (United Kingdom)

ASN27281 (QUANTCAST - Quantcast Corporation, US)

pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.67 (United States)

ASN13414 (TWITTER - Twitter Inc., US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.111.214.206 (Netherlands)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a104-111-214-206.deploy.static.akamaitechnologies.com

s.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 54.228.215.115 (Dublin, Ireland) 13 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-228-215-115.eu-west-1.compute.amazonaws.com

d.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.156.24.221 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-35-156-24-221.eu-central-1.compute.amazonaws.com

pixel.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.157.167.170 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-35-157-167-170.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.111.215.135 (Netherlands) 1 redirects

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a104-111-215-135.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.19.162.80 (United Kingdom)

ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.2.2 (United States)

ASN54113 (FASTLY - Fastly, US)

sync.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC - PubMatic, Inc., US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.58.75.147 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-58-75-147.eu-central-1.compute.amazonaws.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.93.143.241 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-93-143-241.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.33.223.215 (Netherlands)

ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US)
PTR: 315.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.95.92.78 (United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: 78.92.95.34.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 173.241.240.143 (Amsterdam, Netherlands) 1 redirects

ASN36089 (OPENX-AS1 - OPENX TECHNOLOGIES, INC., US)
PTR: ox-173-241-240-143.xa.dc.openx.org

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.18.2 (United States) 2 redirects

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s28-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	adroll.com 13 redirects s.adroll.com d.adroll.com	25 KB
4	doubleclick.net 2 redirects googleads.g.doubleclick.net cm.g.doubleclick.net	3 KB
4	facebook.net connect.facebook.net	137 KB
3	rfihub.com a.rfihub.com 20792338p.rfihub.com	635 B
3	facebook.com www.facebook.com	750 B
3	bemail.it bv01.er.bemail.it	2 KB
2	openx.net 1 redirects us-u.openx.net	599 B
2	bidswitch.net 1 redirects x.bidswitch.net	840 B
2	3lift.com 1 redirects eb2.3lift.com	694 B
2	casalemedia.com 1 redirects dsum-sec.casalemedia.com	2 KB
2	yahoo.com 1 redirects ups.analytics.yahoo.com	829 B
2	advertising.com 2 redirects pixel.advertising.com	720 B
2	google.de www.google.de	218 B
2	google.com www.google.com	228 B
2	quantserve.com secure.quantserve.com pixel.quantserve.com	6 KB
2	amazon-adsystem.com 1 redirects aax-eu.amazon-adsystem.com	786 B
1	rlcdn.com idsync.rlcdn.com	40 B
1	adnxs.com ib.adnxs.com	856 B
1	taboola.com trc.taboola.com	205 B
1	pubmatic.com simage2.pubmatic.com	817 B
1	outbrain.com sync.outbrain.com	332 B
1	rubiconproject.com pixel.rubiconproject.com	371 B
1	twitter.com analytics.twitter.com	266 B
1	quantcount.com rules.quantcount.com	1 KB
1	t.co t.co	170 B
1	googleadservices.com www.googleadservices.com	9 KB
1	ads-twitter.com static.ads-twitter.com	2 KB
1	rfihub.net c1.rfihub.net	7 KB
1	yimg.com s.yimg.com	4 KB
1	googletagmanager.com www.googletagmanager.com	25 KB
1	adform.net track.adform.net	4 KB
47	31

	Domain	Requested by
16	d.adroll.com	13 redirects s.adroll.com
4	connect.facebook.net	track.adform.net connect.facebook.net
3	www.facebook.com	track.adform.net
3	bv01.er.bemail.it	track.adform.net bv01.er.bemail.it
2	cm.g.doubleclick.net	2 redirects
2	us-u.openx.net	1 redirects
2	x.bidswitch.net	1 redirects
2	eb2.3lift.com	1 redirects
2	dsum-sec.casalemedia.com	1 redirects
2	ups.analytics.yahoo.com	1 redirects
2	pixel.advertising.com	2 redirects
2	s.adroll.com	track.adform.net
2	a.rfihub.com	c1.rfihub.net
2	www.google.de	track.adform.net
2	www.google.com	track.adform.net
2	googleads.g.doubleclick.net	www.googleadservices.com
2	aax-eu.amazon-adsystem.com	1 redirects track.adform.net
1	idsync.rlcdn.com
1	ib.adnxs.com
1	trc.taboola.com
1	simage2.pubmatic.com
1	sync.outbrain.com
1	pixel.rubiconproject.com
1	analytics.twitter.com	static.ads-twitter.com
1	pixel.quantserve.com	track.adform.net
1	rules.quantcount.com	secure.quantserve.com
1	20792338p.rfihub.com	c1.rfihub.net
1	t.co	track.adform.net
1	www.googleadservices.com	www.googletagmanager.com
1	static.ads-twitter.com	track.adform.net
1	secure.quantserve.com	track.adform.net
1	c1.rfihub.net	track.adform.net
1	s.yimg.com	track.adform.net
1	www.googletagmanager.com	track.adform.net
1	track.adform.net
47	35

This site contains no links.

Subject Issuer	Validity	Valid
track.adform.net DigiCert SHA2 Secure Server CA	`2018-02-02` - `2019-10-02`	2 years	crt.sh
*.google-analytics.com Google Internet Authority G3	`2019-05-21` - `2019-08-13`	3 months	crt.sh
aax-eu.amazon-adsystem.com Amazon	`2018-12-12` - `2019-12-10`	a year	crt.sh
*.yahoo.com DigiCert SHA2 High Assurance Server CA	`2019-06-03` - `2019-07-18`	a month	crt.sh
*.rfihub.net DigiCert SHA2 Secure Server CA	`2019-01-25` - `2020-04-25`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2019-06-06` - `2019-09-04`	3 months	crt.sh
*.quantserve.com DigiCert SHA2 High Assurance Server CA	`2018-10-16` - `2019-10-21`	a year	crt.sh
ads-twitter.com DigiCert SHA2 High Assurance Server CA	`2018-08-16` - `2019-08-21`	a year	crt.sh
bv01.er.bemail.it Let's Encrypt Authority X3	`2019-06-14` - `2019-09-12`	3 months	crt.sh
www.googleadservices.com Google Internet Authority G3	`2019-05-21` - `2019-08-13`	3 months	crt.sh
t.co DigiCert SHA2 High Assurance Server CA	`2019-03-07` - `2020-03-07`	a year	crt.sh
*.g.doubleclick.net Google Internet Authority G3	`2019-05-21` - `2019-08-13`	3 months	crt.sh
www.google.com Google Internet Authority G3	`2019-05-21` - `2019-08-13`	3 months	crt.sh
www.google.de Google Internet Authority G3	`2019-05-21` - `2019-08-13`	3 months	crt.sh
*.rfihub.com DigiCert SHA2 Secure Server CA	`2016-07-20` - `2019-09-03`	3 years	crt.sh
*.twitter.com DigiCert SHA2 High Assurance Server CA	`2019-01-28` - `2020-01-28`	a year	crt.sh
*.adroll.com DigiCert SHA2 Secure Server CA	`2018-12-19` - `2020-03-19`	a year	crt.sh
ups.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2019-05-08` - `2019-11-04`	6 months	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2019-05-08` - `2020-03-09`	10 months	crt.sh
*.rubiconproject.com DigiCert SHA2 Secure Server CA	`2019-01-10` - `2021-01-14`	2 years	crt.sh
f2.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2019-04-01` - `2019-09-07`	5 months	crt.sh
*.pubmatic.com Sectigo RSA Organization Validation Secure Server CA	`2019-02-22` - `2021-02-21`	2 years	crt.sh
*.3lift.com Amazon	`2018-07-31` - `2019-08-31`	a year	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2019-04-17` - `2020-05-04`	a year	crt.sh
*.adnxs.com DigiCert ECC Secure Server CA	`2019-01-23` - `2021-03-08`	2 years	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2019-04-24` - `2020-04-23`	a year	crt.sh
*.openx.net DigiCert ECC Secure Server CA	`2019-02-08` - `2020-05-12`	a year	crt.sh

This page contains 5 frames:

Primary Page: https://track.adform.net/serving/container/?pm=625469&lid=38325283&ctype=1&media=1257577&PageName=SceltaOfferta&sysvars=%7c%7c%7c%7c&itm=eyJzdjI2IjoiL3Byb21vLXNwZWNpYWxlLmh0bWwifQ&rnd=1887679515&cpref=&loc=https%3a%2f%2fwww.nowtv.it%2fpromo-speciale.html%3fdcmp%3dTRIAL_DEM_PERF_PROS_DEM_CPA-Refine%2520Direct-na-LP_Promo_Giugno19-DEM_Refine_CPA_Promo_giu2019
Frame ID: 2AC3914DEEB4F6308D6695BB6BBCD7CF
Requests: 43 HTTP requests in this frame

Frame: https://20792338p.rfihub.com/ca.html?rfiidc=1871597491648598312&rfiaid=0b705f7b1f5b496c85713c2d7734ee37&ver=9&rb=34170&ca=20792338&_o=34170&_t=20792338&pe=https%3A%2F%2Ftrack.adform.net%2Fserving%2Fcontainer%2F%3Fpm%3D625469%26lid%3D38325283%26ctype%3D1%26media%3D1257577%26PageName%3DSceltaOfferta%26sysvars%3D%257c%257c%257c%257c%26itm%3DeyJzdjI2IjoiL3Byb21vLXNwZWNpYWxlLmh0bWwifQ%26rnd%3D1887679515%26cpref%3D%26loc%3Dhttps%253a%252f%252fwww.nowtv.it%252fpromo-speciale.html%253fdcmp%253dTRIAL_DEM_PERF_PROS_DEM_CPA-Refine%252520Direct-na-LP_Promo_Giugno19-DEM_Refine_CPA_Promo_giu2019&pf=&ra=5772756144506155
Frame ID: 1395592F184C1F34F4D6EDD3E2BB22C8
Requests: 1 HTTP requests in this frame

Frame: https://bv01.er.bemail.it/api/v1/?be=%5B%22bebox_code%3DBE-4005-22%22%2C%22js_client%3Djavascript%22%2C%22item%3DSceltaOfferta%22%2C%22action%3Ditem%22%2C%22%22%2C%22ver%3Dv4%22%2C%22url%3Dhttps%253A%252F%252Ftrack.adform.net%252Fserving%252Fcontainer%252F%253Fpm%253D625469%2526lid%253D38325283%2526ctype%253D1%2526media%253D1257577%2526PageName%253DSceltaOfferta%2526sysvars%253D%25257c%25257c%25257c%25257c%2526itm%253DeyJzdjI2IjoiL3Byb21vLXNwZWNpYWxlLmh0bWwifQ%2526rnd%253D1887679515%2526cpref%253D%2526loc%253Dhttps%25253a%25252f%25252fwww.nowtv.it%25252fpromo-speciale.html%25253fdcmp%25253dTRIAL_DEM_PERF_PROS_DEM_CPA-Refine%25252520Direct-na-LP_Promo_Giugno19-DEM_Refine_CPA_Promo_giu2019%22%2C%22host%3Dtrack.adform.net%22%2C%22search%3D%253Fpm%253D625469%2526lid%253D38325283%2526ctype%253D1%2526media%253D1257577%2526PageName%253DSceltaOfferta%2526sysvars%253D%25257c%25257c%25257c%25257c%2526itm%253DeyJzdjI2IjoiL3Byb21vLXNwZWNpYWxlLmh0bWwifQ%2526rnd%253D1887679515%2526cpref%253D%2526loc%253Dhttps%25253a%25252f%25252fwww.nowtv.it%25252fpromo-speciale.html%25253fdcmp%25253dTRIAL_DEM_PERF_PROS_DEM_CPA-Refine%25252520Direct-na-LP_Promo_Giugno19-DEM_Refine_CPA_Promo_giu2019%22%5D
Frame ID: 2E9C99E5E9DCC9CC87A36C7FBD59C393
Requests: 1 HTTP requests in this frame

Frame: https://bv01.er.bemail.it/api/v1/?be=%5B%22bebox_code%3DBE-1805-19%22%2C%22js_client%3Djavascript%22%2C%22action%3Dstop_homepage%22%2C%22%22%2C%22ver%3Dv4%22%2C%22url%3Dhttps%253A%252F%252Ftrack.adform.net%252Fserving%252Fcontainer%252F%253Fpm%253D625469%2526lid%253D38325283%2526ctype%253D1%2526media%253D1257577%2526PageName%253DSceltaOfferta%2526sysvars%253D%25257c%25257c%25257c%25257c%2526itm%253DeyJzdjI2IjoiL3Byb21vLXNwZWNpYWxlLmh0bWwifQ%2526rnd%253D1887679515%2526cpref%253D%2526loc%253Dhttps%25253a%25252f%25252fwww.nowtv.it%25252fpromo-speciale.html%25253fdcmp%25253dTRIAL_DEM_PERF_PROS_DEM_CPA-Refine%25252520Direct-na-LP_Promo_Giugno19-DEM_Refine_CPA_Promo_giu2019%22%2C%22host%3Dtrack.adform.net%22%2C%22search%3D%253Fpm%253D625469%2526lid%253D38325283%2526ctype%253D1%2526media%253D1257577%2526PageName%253DSceltaOfferta%2526sysvars%253D%25257c%25257c%25257c%25257c%2526itm%253DeyJzdjI2IjoiL3Byb21vLXNwZWNpYWxlLmh0bWwifQ%2526rnd%253D1887679515%2526cpref%253D%2526loc%253Dhttps%25253a%25252f%25252fwww.nowtv.it%25252fpromo-speciale.html%25253fdcmp%25253dTRIAL_DEM_PERF_PROS_DEM_CPA-Refine%25252520Direct-na-LP_Promo_Giugno19-DEM_Refine_CPA_Promo_giu2019%22%5D
Frame ID: C6126C4750B42E6746D29EA6FA88A24C
Requests: 1 HTTP requests in this frame

Frame: https://a.rfihub.com/pstats.html?rb=34170&ca=20792338&ri=bf4e50a95ad3d81248564b4977328c78&rfiidc=1871597491648598312&rfiaid=0b705f7b1f5b496c85713c2d7734ee37&stats=%7B%2213488%22%3A%223204%2C1%22%2C%2217243%22%3A%223081%2C1%22%2C%2231937%22%3A%2211628%2C1%22%2C%2240977%22%3A%223212%2C1%22%2C%2242261%22%3A%2271%2C1%22%2C%2251433%22%3A%2227%2C1%22%2C%2252220%22%3A%22153%2C1%22%2C%2253707%22%3A%228977%2C1%22%2C%2253935%22%3A%22180%2C1%22%2C%2254497%22%3A%227855%2C1%22%2C%2254645%22%3A%224085%2C1%22%2C%2254651%22%3A%223044%2C2%22%2C%2254855%22%3A%2224%2C1%22%2C%2254863%22%3A%22%22%2C%2255065%22%3A%221175%2C1%22%2C%2255073%22%3A%22186%2C1%22%2C%2255507%22%3A%224773%2C1%22%2C%2256659%22%3A%223151%2C1%22%2C%2256885%22%3A%226269%2C1%22%2C%2257207%22%3A%223160%2C2%22%2C%2257291%22%3A%223926%2C1%22%2C%2257293%22%3A%224234%2C1%22%2C%2257297%22%3A%228828%2C1%22%2C%2257299%22%3A%224295%2C2%22%2C%2257303%22%3A%224861%2C1%22%2C%2257347%22%3A%229656%2C2%22%2C%2257363%22%3A%223457%2C1%22%2C%2257419%22%3A%224307%2C2%22%2C%2257795%22%3A%225355%2C1%22%2C%2257895%22%3A%226503%2C1%22%2C%2258143%22%3A%2210423%2C2%22%2C%2258487%22%3A%226925%2C1%22%2C%2258523%22%3A%2212213%2C2%22%2C%2258553%22%3A%227166%2C1%22%7D&ra=8313121703008828
Frame ID: FCBE850A67C78CDC59B9CF93F53D6835
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

AdRoll (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /(?:a|s)\.adroll\.com/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i

Quantcast (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /\.quantserve\.com\/quant\.js/i

Page Statistics

47
Requests

100 %
HTTPS

24 %
IPv6

31
Domains

35
Subdomains

32
IPs

8
Countries

224 kB
Transfer

719 kB
Size

5
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1

https://aax-eu.amazon-adsystem.com/s/iu3?d=forester-did&ex-fargs=%3Fid%3D94d1cf9b-c775-a625-05b6-84e772d13e81%26type%3D55%26m%3D35691&ex-fch=416613&ex-src=www.nowtv.it/&ex-hargs=v%3D1.0%3Bc%3D9405481110402%3Bp%3D94D1CF9B-C775-A625-05B6-84E772D13E81&cb=968389555193960100 HTTP 302
https://aax-eu.amazon-adsystem.com/s/iu3?d=forester-did&ex-fargs=%3Fid%3D94d1cf9b-c775-a625-05b6-84e772d13e81%26type%3D55%26m%3D35691&ex-fch=416613&ex-src=www.nowtv.it/&ex-hargs=v%3D1.0%3Bc%3D9405481110402%3Bp%3D94D1CF9B-C775-A625-05B6-84E772D13E81&cb=968389555193960100&dcc=t

Request Chain 29

https://d.adroll.com/pixel/M3PXNOL3IVAO7CMJ6HJTJQ/3YWS2VQCNREXJN5ZDV6B6Z?adroll_fpc=b6b2552e3f82af839073946a72576636-1560861632736&pv=11632631300.817686&cookie=&adroll_s_ref=&keyw=&arrfrr=https%3A%2F%2Ftrack.adform.net%2Fserving%2Fcontainer%2F%3Fpm%3D625469%26lid%3D38325283%26ctype%3D1%26media%3D1257577%26PageName%3DSceltaOfferta%26sysvars%3D%257c%257c%257c%257c%26itm%3DeyJzdjI2IjoiL3Byb21vLXNwZWNpYWxlLmh0bWwifQ%26rnd%3D1887679515%26cpref%3D%26loc%3Dhttps%253a%252f%252fwww.nowtv.it%252fpromo-speciale.html%253fdcmp%253dTRIAL_DEM_PERF_PROS_DEM_CPA-Refine%252520Direct-na-LP_Promo_Giugno19-DEM_Refine_CPA_Promo_giu2019 HTTP 302
https://s.adroll.com/pixel/M3PXNOL3IVAO7CMJ6HJTJQ/3YWS2VQCNREXJN5ZDV6B6Z/QHZOZQY46BFEPDAWPHMWKJ.js

Request Chain 31

https://d.adroll.com/cm/aol/out?advertisable=M3PXNOL3IVAO7CMJ6HJTJQ HTTP 302
https://pixel.advertising.com/ups/55980/sync?uid=NTI0Y2UwNmVlMDA2NDJhNjY5OTMyZWIxZTgxN2IyYzQ&_origin=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA HTTP 302
https://pixel.advertising.com/ups/55980/sync?uid=NTI0Y2UwNmVlMDA2NDJhNjY5OTMyZWIxZTgxN2IyYzQ&_origin=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&verify=true HTTP 302
https://ups.analytics.yahoo.com/ups/55980/sync?uid=NTI0Y2UwNmVlMDA2NDJhNjY5OTMyZWIxZTgxN2IyYzQ&_origin=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&apid=UP44c4a272-91c6-11e9-97be-022d17832c2c HTTP 302
https://ups.analytics.yahoo.com/ups/55980/sync?uid=NTI0Y2UwNmVlMDA2NDJhNjY5OTMyZWIxZTgxN2IyYzQ&_origin=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&apid=UP44c4a272-91c6-11e9-97be-022d17832c2c&verify=true

Request Chain 32

https://d.adroll.com/cm/index/out?advertisable=M3PXNOL3IVAO7CMJ6HJTJQ HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=NTI0Y2UwNmVlMDA2NDJhNjY5OTMyZWIxZTgxN2IyYzQ&expiration=1592397635 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=NTI0Y2UwNmVlMDA2NDJhNjY5OTMyZWIxZTgxN2IyYzQ&expiration=1592397635&C=1

Request Chain 33

https://d.adroll.com/cm/n/out?advertisable=M3PXNOL3IVAO7CMJ6HJTJQ HTTP 302
https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=NTI0Y2UwNmVlMDA2NDJhNjY5OTMyZWIxZTgxN2IyYzQ&expires=365

Request Chain 34

https://d.adroll.com/cm/outbrain/out?advertisable=M3PXNOL3IVAO7CMJ6HJTJQ HTTP 302
https://sync.outbrain.com/adroll/pixel?user_id=NTI0Y2UwNmVlMDA2NDJhNjY5OTMyZWIxZTgxN2IyYzQ

Request Chain 35

https://d.adroll.com/cm/pubmatic/out?advertisable=M3PXNOL3IVAO7CMJ6HJTJQ HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMwNiZ0bD01MjU2MDA&piggybackCookie=NTI0Y2UwNmVlMDA2NDJhNjY5OTMyZWIxZTgxN2IyYzQ&gdpr=1&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXyACACYAIIA

Request Chain 36

https://d.adroll.com/cm/taboola/out?advertisable=M3PXNOL3IVAO7CMJ6HJTJQ HTTP 302
https://trc.taboola.com/sg/adroll-network/1/rtb-h/?taboola_hm=NTI0Y2UwNmVlMDA2NDJhNjY5OTMyZWIxZTgxN2IyYzQ

Request Chain 37

https://d.adroll.com/cm/triplelift/out?advertisable=M3PXNOL3IVAO7CMJ6HJTJQ HTTP 302
https://eb2.3lift.com/xuid?mid=4714&xuid=NTI0Y2UwNmVlMDA2NDJhNjY5OTMyZWIxZTgxN2IyYzQ&dongle=c85e HTTP 302
https://eb2.3lift.com/xuid?ld=1&mid=4714&xuid=NTI0Y2UwNmVlMDA2NDJhNjY5OTMyZWIxZTgxN2IyYzQ&dongle=c85e&gdpr=1&cmp_cs=

Request Chain 39

https://d.adroll.com/cm/b/out?advertisable=M3PXNOL3IVAO7CMJ6HJTJQ HTTP 302
https://x.bidswitch.net/sync?dsp_id=44&user_id=NTI0Y2UwNmVlMDA2NDJhNjY5OTMyZWIxZTgxN2IyYzQ HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=NTI0Y2UwNmVlMDA2NDJhNjY5OTMyZWIxZTgxN2IyYzQ

Request Chain 40

https://d.adroll.com/cm/x/out?advertisable=M3PXNOL3IVAO7CMJ6HJTJQ HTTP 302
https://ib.adnxs.com/setuid?entity=172&code=NTI0Y2UwNmVlMDA2NDJhNjY5OTMyZWIxZTgxN2IyYzQ

Request Chain 41

https://d.adroll.com/cm/l/out?advertisable=M3PXNOL3IVAO7CMJ6HJTJQ HTTP 302
https://idsync.rlcdn.com/377928.gif?partner_uid=524ce06ee00642a669932eb1e817b2c4

Request Chain 42

https://d.adroll.com/cm/o/out?advertisable=M3PXNOL3IVAO7CMJ6HJTJQ HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537103138&val=524ce06ee00642a669932eb1e817b2c4 HTTP 302
https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=524ce06ee00642a669932eb1e817b2c4

Request Chain 43

https://d.adroll.com/cm/g/out?advertisable=M3PXNOL3IVAO7CMJ6HJTJQ&google_nid=adroll5 HTTP 302
https://cm.g.doubleclick.net/pixel?google_sc&google_nid=artb&google_hm=UkzgbuAGQqZpky6x6BeyxA&google_ula=1535926 HTTP 302
https://cm.g.doubleclick.net/pixel?google_sc=&google_nid=artb&google_hm=UkzgbuAGQqZpky6x6BeyxA&google_ula=1535926&google_tc= HTTP 302
https://d.adroll.com/cm/g/in?google_ula=1535926,0

47 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
track.adform.net/serving/container/ 9 KB
4 KB 350ms
32ms Document
text/html 37.157.6.252
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://track.adform.net/serving/container/?pm=625469&lid=38325283&ctype=1&media=1257577&PageName=SceltaOfferta&sysvars=%7c%7c%7c%7c&itm=eyJzdjI2IjoiL3Byb21vLXNwZWNpYWxlLmh0bWwifQ&rnd=1887679515&cpref=&loc=https%3a%2f%2fwww.nowtv.it%2fpromo-speciale.html%3fdcmp%3dTRIAL_DEM_PERF_PROS_DEM_CPA-Refine%2520Direct-na-LP_Promo_Giugno19-DEM_Refine_CPA_Promo_giu2019
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.252 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS: s1.adform.net
Software: nginx /
Resource Hash: 4403e1177cb3913a42f7db193b68d06c8875f4380a4fe99365f54d7862f43ea9

Request headers

:method: GET
:authority: track.adform.net
:scheme: https
:path: /serving/container/?pm=625469&lid=38325283&ctype=1&media=1257577&PageName=SceltaOfferta&sysvars=%7c%7c%7c%7c&itm=eyJzdjI2IjoiL3Byb21vLXNwZWNpYWxlLmh0bWwifQ&rnd=1887679515&cpref=&loc=https%3a%2f%2fwww.nowtv.it%2fpromo-speciale.html%3fdcmp%3dTRIAL_DEM_PERF_PROS_DEM_CPA-Refine%2520Direct-na-LP_Promo_Giugno19-DEM_Refine_CPA_Promo_giu2019
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
server: nginx
date: Tue, 18 Jun 2019 12:40:16 GMT
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
content-encoding: gzip
expires: -1
vary: Accept-Encoding
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 65 KB
25 KB 18ms
16ms Script
application/javascript 2a00:1450:4001:818::2008
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-975262201

Requested by

Host: track.adform.net
URL: https://track.adform.net/serving/container/?pm=625469&lid=38325283&ctype=1&media=1257577&PageName=SceltaOfferta&sysvars=%7c%7c%7c%7c&itm=eyJzdjI2IjoiL3Byb21vLXNwZWNpYWxlLmh0bWwifQ&rnd=1887679515&cpref=&loc=https%3a%2f%2fwww.nowtv.it%2fpromo-speciale.html%3fdcmp%3dTRIAL_DEM_PERF_PROS_DEM_CPA-Refine%2520Direct-na-LP_Promo_Giugno19-DEM_Refine_CPA_Promo_giu2019

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f41e99535ff8f2c647d41d7dd241db1cdacac565497c6c1e4f419af90d5470f3

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://track.adform.net/serving/container/?pm=625469&lid=38325283&ctype=1&media=1257577&PageName=SceltaOfferta&sysvars=%7c%7c%7c%7c&itm=eyJzdjI2IjoiL3Byb21vLXNwZWNpYWxlLmh0bWwifQ&rnd=1887679515&cpref=&loc=https%3a%2f%2fwww.nowtv.it%2fpromo-speciale.html%3fdcmp%3dTRIAL_DEM_PERF_PROS_DEM_CPA-Refine%2520Direct-na-LP_Promo_Giugno19-DEM_Refine_CPA_Promo_giu2019
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 18 Jun 2019 12:40:16 GMT
content-encoding: br
last-modified: Mon, 17 Jun 2019 23:12:11 GMT
server: Google Tag Manager
access-control-allow-origin: http://www.googletagmanager.com
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-length: 25379
x-xss-protection: 0
expires: Tue, 18 Jun 2019 12:40:16 GMT

GET
H/1.1

200
OK

iu3
aax-eu.amazon-adsystem.com/s/
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/iu3?d=forester-did&ex-fargs=%3Fid%3D94d1cf9b-c775-a625-05b6-84e772d13e81%26type%3D55%26m%3D35691&ex-fch=416613&ex-src=www.nowtv.it/&ex-hargs=v%3D1.0%3Bc%3D94054...
https://aax-eu.amazon-adsystem.com/s/iu3?d=forester-did&ex-fargs=%3Fid%3D94d1cf9b-c775-a625-05b6-84e772d13e81%26type%3D55%26m%3D35691&ex-fch=416613&ex-src=www.nowtv.it/&ex-hargs=v%3D1.0%3Bc%3D94054...

0
0

184ms
183ms

Image
text/html

52.94.216.48
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aax-eu.amazon-adsystem.com/s/iu3?d=forester-did&ex-fargs=%3Fid%3D94d1cf9b-c775-a625-05b6-84e772d13e81%26type%3D55%26m%3D35691&ex-fch=416613&ex-src=www.nowtv.it/&ex-hargs=v%3D1.0%3Bc%3D9405481110402%3Bp%3D94D1CF9B-C775-A625-05B6-84E772D13E81&cb=968389555193960100&dcc=t
Requested by: Host: track.adform.net
URL: https://track.adform.net/serving/container/?pm=625469&lid=38325283&ctype=1&media=1257577&PageName=SceltaOfferta&sysvars=%7c%7c%7c%7c&itm=eyJzdjI2IjoiL3Byb21vLXNwZWNpYWxlLmh0bWwifQ&rnd=1887679515&cpref=&loc=https%3a%2f%2fwww.nowtv.it%2fpromo-speciale.html%3fdcmp%3dTRIAL_DEM_PERF_PROS_DEM_CPA-Refine%2520Direct-na-LP_Promo_Giugno19-DEM_Refine_CPA_Promo_giu2019
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.94.216.48 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://track.adform.net/serving/container/?pm=625469&lid=38325283&ctype=1&media=1257577&PageName=SceltaOfferta&sysvars=%7c%7c%7c%7c&itm=eyJzdjI2IjoiL3Byb21vLXNwZWNpYWxlLmh0bWwifQ&rnd=1887679515&cpref=&loc=https%3a%2f%2fwww.nowtv.it%2fpromo-speciale.html%3fdcmp%3dTRIAL_DEM_PERF_PROS_DEM_CPA-Refine%2520Direct-na-LP_Promo_Giugno19-DEM_Refine_CPA_Promo_giu2019
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Redirect headers

Pragma: no-cache
Date: Tue, 18 Jun 2019 12:40:16 GMT
Server: Server
Vary: User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://aax-eu.amazon-adsystem.com/s/iu3?d=forester-did&ex-fargs=%3Fid%3D94d1cf9b-c775-a625-05b6-84e772d13e81%26type%3D55%26m%3D35691&ex-fch=416613&ex-src=www.nowtv.it/&ex-hargs=v%3D1.0%3Bc%3D9405481110402%3Bp%3D94D1CF9B-C775-A625-05B6-84E772D13E81&cb=968389555193960100&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 ytc.js Show response
s.yimg.com/wi/ 16 KB
4 KB 29ms
23ms Script
application/javascript 2a00:1288:84:800::1002
YAHOO-AMA

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/ytc.js

Requested by

Protocol

Security

TLS 1.3, , CHACHA20_POLY1305

Server

2a00:1288:84:800::1002 , United Kingdom, ASN203219 (YAHOO-AMA, NL),

Reverse DNS

Software

ATS /

Resource Hash

0ec54a58d35ac36a9f5917750661e0addae1fd94087ede2bb0fcb26d781be049

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://track.adform.net/serving/container/?pm=625469&lid=38325283&ctype=1&media=1257577&PageName=SceltaOfferta&sysvars=%7c%7c%7c%7c&itm=eyJzdjI2IjoiL3Byb21vLXNwZWNpYWxlLmh0bWwifQ&rnd=1887679515&cpref=&loc=https%3a%2f%2fwww.nowtv.it%2fpromo-speciale.html%3fdcmp%3dTRIAL_DEM_PERF_PROS_DEM_CPA-Refine%2520Direct-na-LP_Promo_Giugno19-DEM_Refine_CPA_Promo_giu2019
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

ats-carp-promotion: 1
date: Tue, 18 Jun 2019 12:26:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 822
x-amz-server-side-encryption: AES256
status: 200
content-length: 4448
strict-transport-security: max-age=15552000
x-amz-request-id: B8D374845188A63D
x-amz-id-2: IfaPDgALMnbB35y56XYxEZCRVqycFGfvgfYWjqKVOZdfZc9YmryVZ8i+w0sNhwlljPOft8bJUE4=
referrer-policy: no-referrer-when-downgrade
x-amz-expiration: expiry-date="Sun, 05 Jul 2020 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified: Fri, 31 May 2019 22:18:05 GMT
server: ATS
etag: "1d72561a5f66715aa4a2babd0b8987c9-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
x-amz-version-id: Dh6yBlFuV3eUpSuznZOxayGIozmAPxNs
x-xss-protection: 1; mode=block
cache-control: public,max-age=3600
accept-ranges: bytes
content-type: application/javascript

GET
H/1.1 200
OK tc.min.js Show response
c1.rfihub.net/js/ 20 KB
7 KB 1091ms
21ms Script
application/x-javascript 92.123.25.41
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://c1.rfihub.net/js/tc.min.js
Requested by: Host: track.adform.net
URL: https://track.adform.net/serving/container/?pm=625469&lid=38325283&ctype=1&media=1257577&PageName=SceltaOfferta&sysvars=%7c%7c%7c%7c&itm=eyJzdjI2IjoiL3Byb21vLXNwZWNpYWxlLmh0bWwifQ&rnd=1887679515&cpref=&loc=https%3a%2f%2fwww.nowtv.it%2fpromo-speciale.html%3fdcmp%3dTRIAL_DEM_PERF_PROS_DEM_CPA-Refine%2520Direct-na-LP_Promo_Giugno19-DEM_Refine_CPA_Promo_giu2019
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 92.123.25.41 , France, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a92-123-25-41.deploy.static.akamaitechnologies.com
Software: Jetty(9.0.6.v20130930) /
Resource Hash: cb2bb21705b9cce9781d02c9223f3344a65bd5314027d11c5a8518ad4bd84e84

Request headers

Referer: https://track.adform.net/serving/container/?pm=625469&lid=38325283&ctype=1&media=1257577&PageName=SceltaOfferta&sysvars=%7c%7c%7c%7c&itm=eyJzdjI2IjoiL3Byb21vLXNwZWNpYWxlLmh0bWwifQ&rnd=1887679515&cpref=&loc=https%3a%2f%2fwww.nowtv.it%2fpromo-speciale.html%3fdcmp%3dTRIAL_DEM_PERF_PROS_DEM_CPA-Refine%2520Direct-na-LP_Promo_Giugno19-DEM_Refine_CPA_Promo_giu2019
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 18 Jun 2019 12:40:17 GMT
Content-Encoding: gzip
Last-Modified: Sun, 05 May 2019 15:49:00 GMT
Server: Jetty(9.0.6.v20130930)
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control: public, max-age=3600
Connection: keep-alive
Content-Type: application/x-javascript
Content-Length: 6375
Expires: Tue, 18 Jun 2019 13:40:17 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 53 KB
16 KB 21ms
16ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

657f79c4d5a6ea502202651151811d195b49cf9cf22fd7f8edaeefe2f8cc8fc4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://track.adform.net/serving/container/?pm=625469&lid=38325283&ctype=1&media=1257577&PageName=SceltaOfferta&sysvars=%7c%7c%7c%7c&itm=eyJzdjI2IjoiL3Byb21vLXNwZWNpYWxlLmh0bWwifQ&rnd=1887679515&cpref=&loc=https%3a%2f%2fwww.nowtv.it%2fpromo-speciale.html%3fdcmp%3dTRIAL_DEM_PERF_PROS_DEM_CPA-Refine%2520Direct-na-LP_Promo_Giugno19-DEM_Refine_CPA_Promo_giu2019
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
vary: Origin, Accept-Encoding
content-length: 16120
x-xss-protection: 0
pragma: public
x-fb-debug: lEHDZ0Je1JsmHrggEwj/hXlHsX0/5DHQYfEHPqJu1KU0RpOZyDZ+v5JwQYJhHMUs/A1JnIxP1xXRsEHFtC+WlQ==
x-fb-trip-id: 1475214379
date: Tue, 18 Jun 2019 12:40:16 GMT
x-frame-options: DENY
access-control-allow-methods: OPTIONS
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://connect.facebook.net
access-control-expose-headers: X-FB-Debug, X-Loader-Length
cache-control: public, max-age=1200
access-control-allow-credentials: true
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK quant.js Show response
secure.quantserve.com/ 12 KB
6 KB 15637ms
26ms Script
application/x-javascript 91.228.74.140
Quantcast Corpora...

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: track.adform.net
URL: https://track.adform.net/serving/container/?pm=625469&lid=38325283&ctype=1&media=1257577&PageName=SceltaOfferta&sysvars=%7c%7c%7c%7c&itm=eyJzdjI2IjoiL3Byb21vLXNwZWNpYWxlLmh0bWwifQ&rnd=1887679515&cpref=&loc=https%3a%2f%2fwww.nowtv.it%2fpromo-speciale.html%3fdcmp%3dTRIAL_DEM_PERF_PROS_DEM_CPA-Refine%2520Direct-na-LP_Promo_Giugno19-DEM_Refine_CPA_Promo_giu2019
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.228.74.140 , United Kingdom, ASN27281 (QUANTCAST - Quantcast Corporation, US),
Reverse DNS
Software: QS /
Resource Hash: 404a9b0ffbcc813e8ddbb8d8510a24a69c09079282f8083ee94f4adc5d627176

Request headers

Referer: https://track.adform.net/serving/container/?pm=625469&lid=38325283&ctype=1&media=1257577&PageName=SceltaOfferta&sysvars=%7c%7c%7c%7c&itm=eyJzdjI2IjoiL3Byb21vLXNwZWNpYWxlLmh0bWwifQ&rnd=1887679515&cpref=&loc=https%3a%2f%2fwww.nowtv.it%2fpromo-speciale.html%3fdcmp%3dTRIAL_DEM_PERF_PROS_DEM_CPA-Refine%2520Direct-na-LP_Promo_Giugno19-DEM_Refine_CPA_Promo_giu2019
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 18 Jun 2019 12:40:32 GMT
Content-Encoding: gzip
Last-Modified: Tue, 18-Jun-2019 12:40:32 GMT
Server: QS
ETag: M0-e2b9884a
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: private, no-transform, max-age=604800
Connection: keep-alive
Content-Length: 5456
Expires: Tue, 25 Jun 2019 12:40:32 GMT

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 5 KB
2 KB 23ms
21ms Script
application/javascript 151.101.36.157
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: track.adform.net
URL: https://track.adform.net/serving/container/?pm=625469&lid=38325283&ctype=1&media=1257577&PageName=SceltaOfferta&sysvars=%7c%7c%7c%7c&itm=eyJzdjI2IjoiL3Byb21vLXNwZWNpYWxlLmh0bWwifQ&rnd=1887679515&cpref=&loc=https%3a%2f%2fwww.nowtv.it%2fpromo-speciale.html%3fdcmp%3dTRIAL_DEM_PERF_PROS_DEM_CPA-Refine%2520Direct-na-LP_Promo_Giugno19-DEM_Refine_CPA_Promo_giu2019
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.36.157 Amsterdam, Netherlands, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: /
Resource Hash: 319949c8c08b86e9c35ea542c0dc0c30cedaa9b8d3d3c3327a36c91aefbd8af5

Request headers

Referer: https://track.adform.net/serving/container/?pm=625469&lid=38325283&ctype=1&media=1257577&PageName=SceltaOfferta&sysvars=%7c%7c%7c%7c&itm=eyJzdjI2IjoiL3Byb21vLXNwZWNpYWxlLmh0bWwifQ&rnd=1887679515&cpref=&loc=https%3a%2f%2fwww.nowtv.it%2fpromo-speciale.html%3fdcmp%3dTRIAL_DEM_PERF_PROS_DEM_CPA-Refine%2520Direct-na-LP_Promo_Giugno19-DEM_Refine_CPA_Promo_giu2019
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 18 Jun 2019 12:40:16 GMT
content-encoding: gzip
age: 76603
x-cache: HIT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200
content-length: 1954
x-served-by: cache-ams21051-AMS
last-modified: Tue, 23 Jan 2018 19:05:33 GMT
x-timer: S1560861616.470650,VS0,VE0
etag: "b7b33882a4f3ffd5cbf07434f3137166+gzip"
vary: Accept-Encoding,Host
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
cache-control: no-cache
accept-ranges: bytes

GET
H/1.1 200
OK analytics.js Show response
bv01.er.bemail.it/js/v4/ 2 KB
2 KB 4505ms
42ms Script
application/javascript 151.1.245.21
ASN-ITNET

General

Check archive.org

Show headers Download Go to

Full URL: https://bv01.er.bemail.it/js/v4/analytics.js
Requested by: Host: track.adform.net
URL: https://track.adform.net/serving/container/?pm=625469&lid=38325283&ctype=1&media=1257577&PageName=SceltaOfferta&sysvars=%7c%7c%7c%7c&itm=eyJzdjI2IjoiL3Byb21vLXNwZWNpYWxlLmh0bWwifQ&rnd=1887679515&cpref=&loc=https%3a%2f%2fwww.nowtv.it%2fpromo-speciale.html%3fdcmp%3dTRIAL_DEM_PERF_PROS_DEM_CPA-Refine%2520Direct-na-LP_Promo_Giugno19-DEM_Refine_CPA_Promo_giu2019
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 151.1.245.21 , Italy, ASN3242 (ASN-ITNET, IT),
Reverse DNS: bv01.er.bemail.it
Software: nginx/1.10.2 /
Resource Hash: 3c34c9d62dd9a8381a9ea49ac2deb0af23991e5e1cb24a91e278b195eb0346ce

Request headers

Referer: https://track.adform.net/serving/container/?pm=625469&lid=38325283&ctype=1&media=1257577&PageName=SceltaOfferta&sysvars=%7c%7c%7c%7c&itm=eyJzdjI2IjoiL3Byb21vLXNwZWNpYWxlLmh0bWwifQ&rnd=1887679515&cpref=&loc=https%3a%2f%2fwww.nowtv.it%2fpromo-speciale.html%3fdcmp%3dTRIAL_DEM_PERF_PROS_DEM_CPA-Refine%2520Direct-na-LP_Promo_Giugno19-DEM_Refine_CPA_Promo_giu2019
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 18 Jun 2019 12:40:20 GMT
Via: 1.1 varnish-v4
Last-Modified: Thu, 14 Dec 2017 12:08:09 GMT
Server: nginx/1.10.2
Age: 545757
ETag: "717-5604bbcc9c66c"
X-Varnish: 501310164 468435633
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: application/javascript
Content-Length: 1815

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 23 KB
9 KB 18ms
17ms Script
text/javascript 216.58.206.2
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-975262201

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

cafe /

Resource Hash

f1e6382aa070301007ee92dbaaef83c9f6075f9d86ee3632c82a609f02c6fc1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://track.adform.net/serving/container/?pm=625469&lid=38325283&ctype=1&media=1257577&PageName=SceltaOfferta&sysvars=%7c%7c%7c%7c&itm=eyJzdjI2IjoiL3Byb21vLXNwZWNpYWxlLmh0bWwifQ&rnd=1887679515&cpref=&loc=https%3a%2f%2fwww.nowtv.it%2fpromo-speciale.html%3fdcmp%3dTRIAL_DEM_PERF_PROS_DEM_CPA-Refine%2520Direct-na-LP_Promo_Giugno19-DEM_Refine_CPA_Promo_giu2019
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 18 Jun 2019 12:40:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 8912
x-xss-protection: 0
server: cafe
etag: 11386026576561889187
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 18 Jun 2019 12:40:16 GMT

GET
H2 200 737606229724597 Show response
connect.facebook.net/signals/config/ 228 KB
60 KB 13ms
7ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/737606229724597?v=2.8.51&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

71670672640fd572fbb149b300e36ab32df279760d0ce16cb1f12b94fb088268

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://track.adform.net/serving/container/?pm=625469&lid=38325283&ctype=1&media=1257577&PageName=SceltaOfferta&sysvars=%7c%7c%7c%7c&itm=eyJzdjI2IjoiL3Byb21vLXNwZWNpYWxlLmh0bWwifQ&rnd=1887679515&cpref=&loc=https%3a%2f%2fwww.nowtv.it%2fpromo-speciale.html%3fdcmp%3dTRIAL_DEM_PERF_PROS_DEM_CPA-Refine%2520Direct-na-LP_Promo_Giugno19-DEM_Refine_CPA_Promo_giu2019
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
vary: Origin, Accept-Encoding
content-length: 61414
x-xss-protection: 0
pragma: public
x-fb-debug: JFJIEMnJ76FdrQfbfieYJTMwtVUHAt2Yb7MxQooLwaZZypBMzhqruI+Gtv5FsqCJuKIvHHvwDrlBbsiXCZl/SA==
x-fb-trip-id: 1475214379
date: Tue, 18 Jun 2019 12:40:16 GMT
x-frame-options: DENY
access-control-allow-methods: OPTIONS
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://connect.facebook.net
access-control-expose-headers: X-FB-Debug, X-Loader-Length
cache-control: public, max-age=1200
access-control-allow-credentials: true
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 adsct
t.co/i/ 43 B
170 B 150ms
138ms Image
image/gif 104.244.42.69
Twitter Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?p_id=Twitter&p_user_id=0&txn_id=o0yql&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.69 , United States, ASN13414 (TWITTER - Twitter Inc., US),

Reverse DNS

Software

tsa_f /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block; report=https://twitter.com/i/xss_report

Request headers

Referer: https://track.adform.net/serving/container/?pm=625469&lid=38325283&ctype=1&media=1257577&PageName=SceltaOfferta&sysvars=%7c%7c%7c%7c&itm=eyJzdjI2IjoiL3Byb21vLXNwZWNpYWxlLmh0bWwifQ&rnd=1887679515&cpref=&loc=https%3a%2f%2fwww.nowtv.it%2fpromo-speciale.html%3fdcmp%3dTRIAL_DEM_PERF_PROS_DEM_CPA-Refine%2520Direct-na-LP_Promo_Giugno19-DEM_Refine_CPA_Promo_giu2019
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 18 Jun 2019 12:40:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200, 200 OK
x-twitter-response-tags: BouncerCompliant
strict-transport-security: max-age=0
content-length: 65
x-xss-protection: 1; mode=block; report=https://twitter.com/i/xss_report
x-response-time: 109
pragma: no-cache
last-modified: Tue, 18 Jun 2019 12:40:16 GMT
server: tsa_f
x-frame-options: SAMEORIGIN
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 1a513e4b8066468cfb6b7e9cc38c3fd1
x-transaction: 0045170e00e3fab5
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/975262201/ 3 KB
1 KB 32ms
18ms Script
text/javascript 2a00:1450:4001:824::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/975262201/?random=1560861616574&cv=9&fst=1560861616574&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa651&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Ftrack.adform.net%2Fserving%2Fcontainer%2F%3Fpm%3D625469%26lid%3D38325283%26ctype%3D1%26media%3D1257577%26PageName%3DSceltaOfferta%26sysvars%3D%257c%257c%257c%257c%26itm%3DeyJzdjI2IjoiL3Byb21vLXNwZWNpYWxlLmh0bWwifQ%26rnd%3D1887679515%26cpref%3D%26loc%3Dhttps%253a%252f%252fwww.nowtv.it%252fpromo-speciale.html%253fdcmp%253dTRIAL_DEM_PERF_PROS_DEM_CPA-Refine%252520Direct-na-LP_Promo_Giugno19-DEM_Refine_CPA_Promo_giu2019&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

b5c17e58e4a9fdc5b6029977a6b0a57153e615fbb67a81aea50928059e3c9932

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://track.adform.net/serving/container/?pm=625469&lid=38325283&ctype=1&media=1257577&PageName=SceltaOfferta&sysvars=%7c%7c%7c%7c&itm=eyJzdjI2IjoiL3Byb21vLXNwZWNpYWxlLmh0bWwifQ&rnd=1887679515&cpref=&loc=https%3a%2f%2fwww.nowtv.it%2fpromo-speciale.html%3fdcmp%3dTRIAL_DEM_PERF_PROS_DEM_CPA-Refine%2520Direct-na-LP_Promo_Giugno19-DEM_Refine_CPA_Promo_giu2019
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 18 Jun 2019 12:40:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: text/javascript; charset=UTF-8
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: no-cache, must-revalidate
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 1211
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/975262201/ 3 KB
1 KB 32ms
20ms Script
text/javascript 2a00:1450:4001:824::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/975262201/?random=1560861616581&cv=9&fst=1560861616581&num=1&value=1&currency_code=EUR&label=xNzRCL3mzIYBEPmjhdED&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa651&sendb=1&data=event%3Dconversion&frm=0&url=https%3A%2F%2Ftrack.adform.net%2Fserving%2Fcontainer%2F%3Fpm%3D625469%26lid%3D38325283%26ctype%3D1%26media%3D1257577%26PageName%3DSceltaOfferta%26sysvars%3D%257c%257c%257c%257c%26itm%3DeyJzdjI2IjoiL3Byb21vLXNwZWNpYWxlLmh0bWwifQ%26rnd%3D1887679515%26cpref%3D%26loc%3Dhttps%253a%252f%252fwww.nowtv.it%252fpromo-speciale.html%253fdcmp%253dTRIAL_DEM_PERF_PROS_DEM_CPA-Refine%252520Direct-na-LP_Promo_Giugno19-DEM_Refine_CPA_Promo_giu2019&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

9fcdb425fe296f1b51ebc5eea0e37d11532add0a48e0b6639231203aff5c5a4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://track.adform.net/serving/container/?pm=625469&lid=38325283&ctype=1&media=1257577&PageName=SceltaOfferta&sysvars=%7c%7c%7c%7c&itm=eyJzdjI2IjoiL3Byb21vLXNwZWNpYWxlLmh0bWwifQ&rnd=1887679515&cpref=&loc=https%3a%2f%2fwww.nowtv.it%2fpromo-speciale.html%3fdcmp%3dTRIAL_DEM_PERF_PROS_DEM_CPA-Refine%2520Direct-na-LP_Promo_Giugno19-DEM_Refine_CPA_Promo_giu2019
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 18 Jun 2019 12:40:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: text/javascript; charset=UTF-8
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: no-cache, must-revalidate
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 1280
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 inferredEvents.js Show response
connect.facebook.net/signals/plugins/ 1 KB
893 B 12ms
8ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/plugins/inferredEvents.js?v=2.8.51

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

cd1c301a8e7960a1786e2a959226b0b78b56dbea284bd114265f1662d6ca280e

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://track.adform.net/serving/container/?pm=625469&lid=38325283&ctype=1&media=1257577&PageName=SceltaOfferta&sysvars=%7c%7c%7c%7c&itm=eyJzdjI2IjoiL3Byb21vLXNwZWNpYWxlLmh0bWwifQ&rnd=1887679515&cpref=&loc=https%3a%2f%2fwww.nowtv.it%2fpromo-speciale.html%3fdcmp%3dTRIAL_DEM_PERF_PROS_DEM_CPA-Refine%2520Direct-na-LP_Promo_Giugno19-DEM_Refine_CPA_Promo_giu2019
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
vary: Accept-Encoding
content-length: 772
x-xss-protection: 0
pragma: public
x-fb-debug: mzVd91Jx1SxUTONCU3SX/dQOztoN5j6YZtwm7tEsmPwFEta753bxSZkN7mtyiuSpyvcY8GP7GEHvjLN5ui+ZaA==
x-fb-trip-id: 1475214379
date: Tue, 18 Jun 2019 12:40:16 GMT
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/975262201/ 42 B
114 B 33ms
33ms Image
image/gif 2a00:1450:4001:816::2004
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/975262201/?random=1560861616574&cv=9&fst=1560859200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa651&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Ftrack.adform.net%2Fserving%2Fcontainer%2F%3Fpm%3D625469%26lid%3D38325283%26ctype%3D1%26media%3D1257577%26PageName%3DSceltaOfferta%26sysvars%3D%257c%257c%257c%257c%26itm%3DeyJzdjI2IjoiL3Byb21vLXNwZWNpYWxlLmh0bWwifQ%26rnd%3D1887679515%26cpref%3D%26loc%3Dhttps%253a%252f%252fwww.nowtv.it%252fpromo-speciale.html%253fdcmp%253dTRIAL_DEM_PERF_PROS_DEM_CPA-Refine%252520Direct-na-LP_Promo_Giugno19-DEM_Refine_CPA_Promo_giu2019&async=1&fmt=3&cdct=2&is_vtc=1&random=1234571222&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://track.adform.net/serving/container/?pm=625469&lid=38325283&ctype=1&media=1257577&PageName=SceltaOfferta&sysvars=%7c%7c%7c%7c&itm=eyJzdjI2IjoiL3Byb21vLXNwZWNpYWxlLmh0bWwifQ&rnd=1887679515&cpref=&loc=https%3a%2f%2fwww.nowtv.it%2fpromo-speciale.html%3fdcmp%3dTRIAL_DEM_PERF_PROS_DEM_CPA-Refine%2520Direct-na-LP_Promo_Giugno19-DEM_Refine_CPA_Promo_giu2019
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 18 Jun 2019 12:40:16 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/975262201/ 42 B
109 B 65ms
25ms Image
image/gif 2a00:1450:4001:80b::2003
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/975262201/?random=1560861616574&cv=9&fst=1560859200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa651&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Ftrack.adform.net%2Fserving%2Fcontainer%2F%3Fpm%3D625469%26lid%3D38325283%26ctype%3D1%26media%3D1257577%26PageName%3DSceltaOfferta%26sysvars%3D%257c%257c%257c%257c%26itm%3DeyJzdjI2IjoiL3Byb21vLXNwZWNpYWxlLmh0bWwifQ%26rnd%3D1887679515%26cpref%3D%26loc%3Dhttps%253a%252f%252fwww.nowtv.it%252fpromo-speciale.html%253fdcmp%253dTRIAL_DEM_PERF_PROS_DEM_CPA-Refine%252520Direct-na-LP_Promo_Giugno19-DEM_Refine_CPA_Promo_giu2019&async=1&fmt=3&cdct=2&is_vtc=1&random=1234571222&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://track.adform.net/serving/container/?pm=625469&lid=38325283&ctype=1&media=1257577&PageName=SceltaOfferta&sysvars=%7c%7c%7c%7c&itm=eyJzdjI2IjoiL3Byb21vLXNwZWNpYWxlLmh0bWwifQ&rnd=1887679515&cpref=&loc=https%3a%2f%2fwww.nowtv.it%2fpromo-speciale.html%3fdcmp%3dTRIAL_DEM_PERF_PROS_DEM_CPA-Refine%2520Direct-na-LP_Promo_Giugno19-DEM_Refine_CPA_Promo_giu2019
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 18 Jun 2019 12:40:16 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/975262201/ 42 B
114 B 65ms
28ms Image
image/gif 2a00:1450:4001:816::2004
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/975262201/?random=1560861616581&cv=9&fst=1560859200000&num=1&value=1&currency_code=EUR&label=xNzRCL3mzIYBEPmjhdED&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa651&sendb=1&data=event%3Dconversion&frm=0&url=https%3A%2F%2Ftrack.adform.net%2Fserving%2Fcontainer%2F%3Fpm%3D625469%26lid%3D38325283%26ctype%3D1%26media%3D1257577%26PageName%3DSceltaOfferta%26sysvars%3D%257c%257c%257c%257c%26itm%3DeyJzdjI2IjoiL3Byb21vLXNwZWNpYWxlLmh0bWwifQ%26rnd%3D1887679515%26cpref%3D%26loc%3Dhttps%253a%252f%252fwww.nowtv.it%252fpromo-speciale.html%253fdcmp%253dTRIAL_DEM_PERF_PROS_DEM_CPA-Refine%252520Direct-na-LP_Promo_Giugno19-DEM_Refine_CPA_Promo_giu2019&async=1&fmt=3&cdct=2&is_vtc=1&random=63429821&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://track.adform.net/serving/container/?pm=625469&lid=38325283&ctype=1&media=1257577&PageName=SceltaOfferta&sysvars=%7c%7c%7c%7c&itm=eyJzdjI2IjoiL3Byb21vLXNwZWNpYWxlLmh0bWwifQ&rnd=1887679515&cpref=&loc=https%3a%2f%2fwww.nowtv.it%2fpromo-speciale.html%3fdcmp%3dTRIAL_DEM_PERF_PROS_DEM_CPA-Refine%2520Direct-na-LP_Promo_Giugno19-DEM_Refine_CPA_Promo_giu2019
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 18 Jun 2019 12:40:16 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/975262201/ 42 B
109 B 90ms
53ms Image
image/gif 2a00:1450:4001:80b::2003
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/975262201/?random=1560861616581&cv=9&fst=1560859200000&num=1&value=1&currency_code=EUR&label=xNzRCL3mzIYBEPmjhdED&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa651&sendb=1&data=event%3Dconversion&frm=0&url=https%3A%2F%2Ftrack.adform.net%2Fserving%2Fcontainer%2F%3Fpm%3D625469%26lid%3D38325283%26ctype%3D1%26media%3D1257577%26PageName%3DSceltaOfferta%26sysvars%3D%257c%257c%257c%257c%26itm%3DeyJzdjI2IjoiL3Byb21vLXNwZWNpYWxlLmh0bWwifQ%26rnd%3D1887679515%26cpref%3D%26loc%3Dhttps%253a%252f%252fwww.nowtv.it%252fpromo-speciale.html%253fdcmp%253dTRIAL_DEM_PERF_PROS_DEM_CPA-Refine%252520Direct-na-LP_Promo_Giugno19-DEM_Refine_CPA_Promo_giu2019&async=1&fmt=3&cdct=2&is_vtc=1&random=63429821&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://track.adform.net/serving/container/?pm=625469&lid=38325283&ctype=1&media=1257577&PageName=SceltaOfferta&sysvars=%7c%7c%7c%7c&itm=eyJzdjI2IjoiL3Byb21vLXNwZWNpYWxlLmh0bWwifQ&rnd=1887679515&cpref=&loc=https%3a%2f%2fwww.nowtv.it%2fpromo-speciale.html%3fdcmp%3dTRIAL_DEM_PERF_PROS_DEM_CPA-Refine%2520Direct-na-LP_Promo_Giugno19-DEM_Refine_CPA_Promo_giu2019
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 18 Jun 2019 12:40:16 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
250 B 9ms
7ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=737606229724597&ev=PageView&dl=https%3A%2F%2Ftrack.adform.net%2Fserving%2Fcontainer%2F%3Fpm%3D625469%26lid%3D38325283%26ctype%3D1%26media%3D1257577%26PageName%3DSceltaOfferta%26sysvars%3D%257c%257c%257c%257c%26itm%3DeyJzdjI2IjoiL3Byb21vLXNwZWNpYWxlLmh0bWwifQ%26rnd%3D1887679515%26cpref%3D%26loc%3Dhttps%253a%252f%252fwww.nowtv.it%252fpromo-speciale.html%253fdcmp%253dTRIAL_DEM_PERF_PROS_DEM_CPA-Refine%252520Direct-na-LP_Promo_Giugno19-DEM_Refine_CPA_Promo_giu2019&rl=&if=false&ts=1560861616673&sw=1600&sh=1200&v=2.8.51&r=stable&a=dvadglow&ec=0&o=30&fbp=fb.1.1560861616670.1757788210&it=1560861616518&coo=false&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://track.adform.net/serving/container/?pm=625469&lid=38325283&ctype=1&media=1257577&PageName=SceltaOfferta&sysvars=%7c%7c%7c%7c&itm=eyJzdjI2IjoiL3Byb21vLXNwZWNpYWxlLmh0bWwifQ&rnd=1887679515&cpref=&loc=https%3a%2f%2fwww.nowtv.it%2fpromo-speciale.html%3fdcmp%3dTRIAL_DEM_PERF_PROS_DEM_CPA-Refine%2520Direct-na-LP_Promo_Giugno19-DEM_Refine_CPA_Promo_giu2019
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 18 Jun 2019 12:40:16 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
content-length: 44
expires: Tue, 18 Jun 2019 12:40:16 GMT

GET
H/1.1 200
OK idr.js Show response
a.rfihub.com/ 83 B
635 B 334ms
22ms Script
application/javascript 193.0.160.129
Rocket Fuel Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://a.rfihub.com/idr.js?_callback=window.RocketfuelBCP.jsonpCallbacks.request_cmZpSWRJbkNhY2hl
Requested by: Host: c1.rfihub.net
URL: https://c1.rfihub.net/js/tc.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 193.0.160.129 , Netherlands, ASN54312 (ROCKETFUEL - Rocket Fuel Inc., US),
Reverse DNS
Software: Jetty(9.0.6.v20130930) /
Resource Hash: 6a95a35c7dce851334e55c5793e3876841cbbf642f574e8c71ce6e9818da31da

Request headers

Referer: https://track.adform.net/serving/container/?pm=625469&lid=38325283&ctype=1&media=1257577&PageName=SceltaOfferta&sysvars=%7c%7c%7c%7c&itm=eyJzdjI2IjoiL3Byb21vLXNwZWNpYWxlLmh0bWwifQ&rnd=1887679515&cpref=&loc=https%3a%2f%2fwww.nowtv.it%2fpromo-speciale.html%3fdcmp%3dTRIAL_DEM_PERF_PROS_DEM_CPA-Refine%2520Direct-na-LP_Promo_Giugno19-DEM_Refine_CPA_Promo_giu2019
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Cache-Control: public, max-age=33696000
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server: Jetty(9.0.6.v20130930)
Content-Type: application/javascript
Content-Length: 83
Expires: Sun, 12 Jul 2020 12:40:17 GMT

GET
H/1.1 200
OK Cookie set ca.html
20792338p.rfihub.com/ Frame 1395 0
0 1068ms
13ms Document
text/html 185.31.128.128
Rocket Fuel Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://20792338p.rfihub.com/ca.html?rfiidc=1871597491648598312&rfiaid=0b705f7b1f5b496c85713c2d7734ee37&ver=9&rb=34170&ca=20792338&_o=34170&_t=20792338&pe=https%3A%2F%2Ftrack.adform.net%2Fserving%2Fcontainer%2F%3Fpm%3D625469%26lid%3D38325283%26ctype%3D1%26media%3D1257577%26PageName%3DSceltaOfferta%26sysvars%3D%257c%257c%257c%257c%26itm%3DeyJzdjI2IjoiL3Byb21vLXNwZWNpYWxlLmh0bWwifQ%26rnd%3D1887679515%26cpref%3D%26loc%3Dhttps%253a%252f%252fwww.nowtv.it%252fpromo-speciale.html%253fdcmp%253dTRIAL_DEM_PERF_PROS_DEM_CPA-Refine%252520Direct-na-LP_Promo_Giugno19-DEM_Refine_CPA_Promo_giu2019&pf=&ra=5772756144506155
Requested by: Host: c1.rfihub.net
URL: https://c1.rfihub.net/js/tc.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 185.31.128.128 , United States, ASN54312 (ROCKETFUEL - Rocket Fuel Inc., US),
Reverse DNS
Software: Jetty(9.0.6.v20130930) /
Resource Hash

Request headers

Host: 20792338p.rfihub.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer: https://track.adform.net/serving/container/?pm=625469&lid=38325283&ctype=1&media=1257577&PageName=SceltaOfferta&sysvars=%7c%7c%7c%7c&itm=eyJzdjI2IjoiL3Byb21vLXNwZWNpYWxlLmh0bWwifQ&rnd=1887679515&cpref=&loc=https%3a%2f%2fwww.nowtv.it%2fpromo-speciale.html%3fdcmp%3dTRIAL_DEM_PERF_PROS_DEM_CPA-Refine%2520Direct-na-LP_Promo_Giugno19-DEM_Refine_CPA_Promo_giu2019
Accept-Encoding: gzip, deflate, br
Cookie: rud=H4sIAAAAAAAAAOMSNrQwNzS1NDexNDQzsTC1tDA2NBLiM9QNtyzPDfWPsPT1icqS4jU0NTOwMDM0MzS3MDcHABgzupw0AAAA; ruds=H4sIAAAAAAAAAOMSNrQwNzS1NDexNDQzsTC1tDA2NBLiM9QNtyzPDfWPsPT1icoCAOfHSpQlAAAA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://track.adform.net/serving/container/?pm=625469&lid=38325283&ctype=1&media=1257577&PageName=SceltaOfferta&sysvars=%7c%7c%7c%7c&itm=eyJzdjI2IjoiL3Byb21vLXNwZWNpYWxlLmh0bWwifQ&rnd=1887679515&cpref=&loc=https%3a%2f%2fwww.nowtv.it%2fpromo-speciale.html%3fdcmp%3dTRIAL_DEM_PERF_PROS_DEM_CPA-Refine%2520Direct-na-LP_Promo_Giugno19-DEM_Refine_CPA_Promo_giu2019

Response headers

P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Set-Cookie: eud=H4sIAAAAAAAAAF3PKw6AMBCE4fBKCARBuAgV3ZTr9QjIysrKykpkj1CJRCJR6P7yyySzO65ZlJbdiBJlDtEBjnCCM_zAH2zb2g72cIAjnOACv7zXoQ8OPfrgONQ-x9oXnOEC3_BHT9g7I4ftin9gv9X-AQ2RFpYAAgAA;Path=/;Domain=.rfihub.com;Expires=Sun, 12-Jul-2020 12:40:18 GMT rud=H4sIAAAAAAAAAOMSNrQwNzS1NDexNDQzsTC1tDA2NBLiM9QNtyzPDfWPsPT1icqS4jU0NTOwMDM0MzS3MDcHABgzupw0AAAA;Path=/;Domain=.rfihub.com;Expires=Sun, 12-Jul-2020 12:40:18 GMT ruds=H4sIAAAAAAAAAOMSNrQwNzS1NDexNDQzsTC1tDA2NBLiM9QNtyzPDfWPsPT1icoCAOfHSpQlAAAA;Path=/;Domain=.rfihub.com
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control: no-cache
Content-Type: text/html
Content-Encoding: gzip
Vary: Accept-Encoding, User-Agent
Transfer-Encoding: chunked
Server: Jetty(9.0.6.v20130930)

GET
H2 200 /
www.facebook.com/tr/ 44 B
250 B 7ms
6ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=737606229724597&ev=Microdata&dl=https%3A%2F%2Ftrack.adform.net%2Fserving%2Fcontainer%2F%3Fpm%3D625469%26lid%3D38325283%26ctype%3D1%26media%3D1257577%26PageName%3DSceltaOfferta%26sysvars%3D%257c%257c%257c%257c%26itm%3DeyJzdjI2IjoiL3Byb21vLXNwZWNpYWxlLmh0bWwifQ%26rnd%3D1887679515%26cpref%3D%26loc%3Dhttps%253a%252f%252fwww.nowtv.it%252fpromo-speciale.html%253fdcmp%253dTRIAL_DEM_PERF_PROS_DEM_CPA-Refine%252520Direct-na-LP_Promo_Giugno19-DEM_Refine_CPA_Promo_giu2019&rl=&if=false&ts=1560861618178&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.8.51&r=stable&a=dvadglow&ec=1&o=30&fbp=fb.1.1560861618177.487499225&it=1560861616518&coo=false&es=automatic&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://track.adform.net/serving/container/?pm=625469&lid=38325283&ctype=1&media=1257577&PageName=SceltaOfferta&sysvars=%7c%7c%7c%7c&itm=eyJzdjI2IjoiL3Byb21vLXNwZWNpYWxlLmh0bWwifQ&rnd=1887679515&cpref=&loc=https%3a%2f%2fwww.nowtv.it%2fpromo-speciale.html%3fdcmp%3dTRIAL_DEM_PERF_PROS_DEM_CPA-Refine%2520Direct-na-LP_Promo_Giugno19-DEM_Refine_CPA_Promo_giu2019
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 18 Jun 2019 12:40:18 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
content-length: 44
expires: Tue, 18 Jun 2019 12:40:18 GMT

GET
H/1.1 200
OK Cookie set /
bv01.er.bemail.it/api/v1/ Frame 2E9C 0
0 117ms
115ms Document
image/gif 151.1.245.21
ASN-ITNET

General

Check archive.org

Show headers Download Go to

Full URL: https://bv01.er.bemail.it/api/v1/?be=%5B%22bebox_code%3DBE-4005-22%22%2C%22js_client%3Djavascript%22%2C%22item%3DSceltaOfferta%22%2C%22action%3Ditem%22%2C%22%22%2C%22ver%3Dv4%22%2C%22url%3Dhttps%253A%252F%252Ftrack.adform.net%252Fserving%252Fcontainer%252F%253Fpm%253D625469%2526lid%253D38325283%2526ctype%253D1%2526media%253D1257577%2526PageName%253DSceltaOfferta%2526sysvars%253D%25257c%25257c%25257c%25257c%2526itm%253DeyJzdjI2IjoiL3Byb21vLXNwZWNpYWxlLmh0bWwifQ%2526rnd%253D1887679515%2526cpref%253D%2526loc%253Dhttps%25253a%25252f%25252fwww.nowtv.it%25252fpromo-speciale.html%25253fdcmp%25253dTRIAL_DEM_PERF_PROS_DEM_CPA-Refine%25252520Direct-na-LP_Promo_Giugno19-DEM_Refine_CPA_Promo_giu2019%22%2C%22host%3Dtrack.adform.net%22%2C%22search%3D%253Fpm%253D625469%2526lid%253D38325283%2526ctype%253D1%2526media%253D1257577%2526PageName%253DSceltaOfferta%2526sysvars%253D%25257c%25257c%25257c%25257c%2526itm%253DeyJzdjI2IjoiL3Byb21vLXNwZWNpYWxlLmh0bWwifQ%2526rnd%253D1887679515%2526cpref%253D%2526loc%253Dhttps%25253a%25252f%25252fwww.nowtv.it%25252fpromo-speciale.html%25253fdcmp%25253dTRIAL_DEM_PERF_PROS_DEM_CPA-Refine%25252520Direct-na-LP_Promo_Giugno19-DEM_Refine_CPA_Promo_giu2019%22%5D
Requested by: Host: bv01.er.bemail.it
URL: https://bv01.er.bemail.it/js/v4/analytics.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 151.1.245.21 , Italy, ASN3242 (ASN-ITNET, IT),
Reverse DNS: bv01.er.bemail.it
Software: nginx/1.10.2 / PHP/5.4.16
Resource Hash

Request headers

Host: bv01.er.bemail.it
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer: https://track.adform.net/serving/container/?pm=625469&lid=38325283&ctype=1&media=1257577&PageName=SceltaOfferta&sysvars=%7c%7c%7c%7c&itm=eyJzdjI2IjoiL3Byb21vLXNwZWNpYWxlLmh0bWwifQ&rnd=1887679515&cpref=&loc=https%3a%2f%2fwww.nowtv.it%2fpromo-speciale.html%3fdcmp%3dTRIAL_DEM_PERF_PROS_DEM_CPA-Refine%2520Direct-na-LP_Promo_Giugno19-DEM_Refine_CPA_Promo_giu2019
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://track.adform.net/serving/container/?pm=625469&lid=38325283&ctype=1&media=1257577&PageName=SceltaOfferta&sysvars=%7c%7c%7c%7c&itm=eyJzdjI2IjoiL3Byb21vLXNwZWNpYWxlLmh0bWwifQ&rnd=1887679515&cpref=&loc=https%3a%2f%2fwww.nowtv.it%2fpromo-speciale.html%3fdcmp%3dTRIAL_DEM_PERF_PROS_DEM_CPA-Refine%2520Direct-na-LP_Promo_Giugno19-DEM_Refine_CPA_Promo_giu2019

Response headers

Server: nginx/1.10.2
Date: Tue, 18 Jun 2019 12:40:21 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
X-Powered-By: PHP/5.4.16
Set-Cookie: _be=BE1-2019061814-93890-0.022431001560861621-8e046c642e3fb1e642dff6abc5040b1b; expires=Sun, 12-Jul-2020 12:40:21 GMT; path=/; domain=bemail.it _be_ssl=BE1-2019061814-93890-0.022431001560861621-8e046c642e3fb1e642dff6abc5040b1b; expires=Sun, 12-Jul-2020 12:40:21 GMT; path=/; domain=bemail.it; secure
X-Varnish: 501271034
Age: 0
Via: 1.1 varnish-v4
Accept-Ranges: bytes

GET
H/1.1 200
OK Cookie set /
bv01.er.bemail.it/api/v1/ Frame C612 0
0 156ms
45ms Document
image/gif 151.1.245.21
ASN-ITNET

General

Check archive.org

Show headers Download Go to

Full URL: https://bv01.er.bemail.it/api/v1/?be=%5B%22bebox_code%3DBE-1805-19%22%2C%22js_client%3Djavascript%22%2C%22action%3Dstop_homepage%22%2C%22%22%2C%22ver%3Dv4%22%2C%22url%3Dhttps%253A%252F%252Ftrack.adform.net%252Fserving%252Fcontainer%252F%253Fpm%253D625469%2526lid%253D38325283%2526ctype%253D1%2526media%253D1257577%2526PageName%253DSceltaOfferta%2526sysvars%253D%25257c%25257c%25257c%25257c%2526itm%253DeyJzdjI2IjoiL3Byb21vLXNwZWNpYWxlLmh0bWwifQ%2526rnd%253D1887679515%2526cpref%253D%2526loc%253Dhttps%25253a%25252f%25252fwww.nowtv.it%25252fpromo-speciale.html%25253fdcmp%25253dTRIAL_DEM_PERF_PROS_DEM_CPA-Refine%25252520Direct-na-LP_Promo_Giugno19-DEM_Refine_CPA_Promo_giu2019%22%2C%22host%3Dtrack.adform.net%22%2C%22search%3D%253Fpm%253D625469%2526lid%253D38325283%2526ctype%253D1%2526media%253D1257577%2526PageName%253DSceltaOfferta%2526sysvars%253D%25257c%25257c%25257c%25257c%2526itm%253DeyJzdjI2IjoiL3Byb21vLXNwZWNpYWxlLmh0bWwifQ%2526rnd%253D1887679515%2526cpref%253D%2526loc%253Dhttps%25253a%25252f%25252fwww.nowtv.it%25252fpromo-speciale.html%25253fdcmp%25253dTRIAL_DEM_PERF_PROS_DEM_CPA-Refine%25252520Direct-na-LP_Promo_Giugno19-DEM_Refine_CPA_Promo_giu2019%22%5D
Requested by: Host: bv01.er.bemail.it
URL: https://bv01.er.bemail.it/js/v4/analytics.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 151.1.245.21 , Italy, ASN3242 (ASN-ITNET, IT),
Reverse DNS: bv01.er.bemail.it
Software: nginx/1.10.2 / PHP/5.4.16
Resource Hash

Request headers

Host: bv01.er.bemail.it
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer: https://track.adform.net/serving/container/?pm=625469&lid=38325283&ctype=1&media=1257577&PageName=SceltaOfferta&sysvars=%7c%7c%7c%7c&itm=eyJzdjI2IjoiL3Byb21vLXNwZWNpYWxlLmh0bWwifQ&rnd=1887679515&cpref=&loc=https%3a%2f%2fwww.nowtv.it%2fpromo-speciale.html%3fdcmp%3dTRIAL_DEM_PERF_PROS_DEM_CPA-Refine%2520Direct-na-LP_Promo_Giugno19-DEM_Refine_CPA_Promo_giu2019
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://track.adform.net/serving/container/?pm=625469&lid=38325283&ctype=1&media=1257577&PageName=SceltaOfferta&sysvars=%7c%7c%7c%7c&itm=eyJzdjI2IjoiL3Byb21vLXNwZWNpYWxlLmh0bWwifQ&rnd=1887679515&cpref=&loc=https%3a%2f%2fwww.nowtv.it%2fpromo-speciale.html%3fdcmp%3dTRIAL_DEM_PERF_PROS_DEM_CPA-Refine%2520Direct-na-LP_Promo_Giugno19-DEM_Refine_CPA_Promo_giu2019

Response headers

Server: nginx/1.10.2
Date: Tue, 18 Jun 2019 12:40:21 GMT
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.4.16
Set-Cookie: _be=BE1-2019061814-15349-0.117823001560861621-7080968f9c3036a75d9b63b1a2958efb; expires=Sun, 12-Jul-2020 12:40:21 GMT; path=/; domain=bemail.it _be_ssl=BE1-2019061814-15349-0.117823001560861621-7080968f9c3036a75d9b63b1a2958efb; expires=Sun, 12-Jul-2020 12:40:21 GMT; path=/; domain=bemail.it; secure
X-Varnish: 501713354
Age: 0
Via: 1.1 varnish-v4
Accept-Ranges: bytes

GET
H2 200 rules-p-BZSYSpSSPmj6q.js Show response
rules.quantcount.com/ 2 KB
1 KB 22ms
21ms Script
application/x-javascript 2600:9000:2001:ce00:6:44e3:f8c0:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-BZSYSpSSPmj6q.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2001:ce00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e580d5fc2a2f5bc83b15259648c67d2c29ac38f42d053a07dc58aaaca0a7535f

Request headers

Referer: https://track.adform.net/serving/container/?pm=625469&lid=38325283&ctype=1&media=1257577&PageName=SceltaOfferta&sysvars=%7c%7c%7c%7c&itm=eyJzdjI2IjoiL3Byb21vLXNwZWNpYWxlLmh0bWwifQ&rnd=1887679515&cpref=&loc=https%3a%2f%2fwww.nowtv.it%2fpromo-speciale.html%3fdcmp%3dTRIAL_DEM_PERF_PROS_DEM_CPA-Refine%2520Direct-na-LP_Promo_Giugno19-DEM_Refine_CPA_Promo_giu2019
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 18 Jun 2019 07:01:05 GMT
content-encoding: gzip
last-modified: Mon, 10 Jun 2019 15:44:20 GMT
server: AmazonS3
x-amz-cf-pop: AMS1
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
status: 200
cache-control: max-age=3600
x-amz-cf-id: KzcqfO7RD0UiMZPfDR4FJoGdDs4FQv-Py9_knkkp7RGDKjUsIcsaOg==
via: 1.1 dd2e87141f0c93647821ace3080db8c7.cloudfront.net (CloudFront)

GET
H/1.1 200
OK pixel;r=920248516;labels=_fp.event.Default;rf=0;a=p-BZSYSpSSPmj6q;url=https%3A%2F%2Ftrack.adform.net%2Fserving%2Fcontainer%2F%3Fpm%3D625469%26lid%3D38325283%26ctype%3D1%26media%3D1257577%26PageName...
pixel.quantserve.com/ 35 B
594 B 141ms
29ms Image
image/gif 91.228.74.163
Quantcast Corpora...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.quantserve.com/pixel;r=920248516;labels=_fp.event.Default;rf=0;a=p-BZSYSpSSPmj6q;url=https%3A%2F%2Ftrack.adform.net%2Fserving%2Fcontainer%2F%3Fpm%3D625469%26lid%3D38325283%26ctype%3D1%26media%3D1257577%26PageName%3DSceltaOfferta%26sysvars%3D%257c%257c%257c%257c%26itm%3DeyJzdjI2IjoiL3Byb21vLXNwZWNpYWxlLmh0bWwifQ%26rnd%3D1887679515%26cpref%3D%26loc%3Dhttps%253a%252f%252fwww.nowtv.it%252fpromo-speciale.html%253fdcmp%253dTRIAL_DEM_PERF_PROS_DEM_CPA-Refine%252520Direct-na-LP_Promo_Giugno19-DEM_Refine_CPA_Promo_giu2019;fpan=1;fpa=P0-1404577520-1560861632126;ns=0;ce=1;qjs=1;qv=4c19192-20180628134937;cm=;ref=;je=0;sr=1600x1200x24;enc=n;dst=0;et=1560861632125;tzo=0;ogl=
Requested by: Host: track.adform.net
URL: https://track.adform.net/serving/container/?pm=625469&lid=38325283&ctype=1&media=1257577&PageName=SceltaOfferta&sysvars=%7c%7c%7c%7c&itm=eyJzdjI2IjoiL3Byb21vLXNwZWNpYWxlLmh0bWwifQ&rnd=1887679515&cpref=&loc=https%3a%2f%2fwww.nowtv.it%2fpromo-speciale.html%3fdcmp%3dTRIAL_DEM_PERF_PROS_DEM_CPA-Refine%2520Direct-na-LP_Promo_Giugno19-DEM_Refine_CPA_Promo_giu2019
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.228.74.163 , United Kingdom, ASN27281 (QUANTCAST - Quantcast Corporation, US),
Reverse DNS
Software: QS /
Resource Hash: a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Request headers

Referer: https://track.adform.net/serving/container/?pm=625469&lid=38325283&ctype=1&media=1257577&PageName=SceltaOfferta&sysvars=%7c%7c%7c%7c&itm=eyJzdjI2IjoiL3Byb21vLXNwZWNpYWxlLmh0bWwifQ&rnd=1887679515&cpref=&loc=https%3a%2f%2fwww.nowtv.it%2fpromo-speciale.html%3fdcmp%3dTRIAL_DEM_PERF_PROS_DEM_CPA-Refine%2520Direct-na-LP_Promo_Giugno19-DEM_Refine_CPA_Promo_giu2019
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 18 Jun 2019 12:40:32 GMT
Server: QS
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
Cache-Control: private, no-cache, no-store, proxy-revalidate
Connection: keep-alive
Content-Type: image/gif
Content-Length: 35
Expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 adsct Show response
analytics.twitter.com/i/ 31 B
266 B 134ms
134ms Script
application/javascript 104.244.42.67
Twitter Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.twitter.com/i/adsct?p_id=Twitter&p_user_id=0&txn_id=o0yql&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&tpx_cb=twttr.conversion.loadPixels&tw_document_href=https%3A%2F%2Ftrack.adform.net%2Fserving%2Fcontainer%2F%3Fpm%3D625469%26lid%3D38325283%26ctype%3D1%26media%3D1257577%26PageName%3DSceltaOfferta%26sysvars%3D%257c%257c%257c%257c%26itm%3DeyJzdjI2IjoiL3Byb21vLXNwZWNpYWxlLmh0bWwifQ%26rnd%3D1887679515%26cpref%3D%26loc%3Dhttps%253a%252f%252fwww.nowtv.it%252fpromo-speciale.html%253fdcmp%253dTRIAL_DEM_PERF_PROS_DEM_CPA-Refine%252520Direct-na-LP_Promo_Giugno19-DEM_Refine_CPA_Promo_giu2019

Requested by

Host: static.ads-twitter.com
URL: https://static.ads-twitter.com/uwt.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.67 , United States, ASN13414 (TWITTER - Twitter Inc., US),

Reverse DNS

Software

tsa_f /

Resource Hash

df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block; report=https://twitter.com/i/xss_report

Request headers

Referer: https://track.adform.net/serving/container/?pm=625469&lid=38325283&ctype=1&media=1257577&PageName=SceltaOfferta&sysvars=%7c%7c%7c%7c&itm=eyJzdjI2IjoiL3Byb21vLXNwZWNpYWxlLmh0bWwifQ&rnd=1887679515&cpref=&loc=https%3a%2f%2fwww.nowtv.it%2fpromo-speciale.html%3fdcmp%3dTRIAL_DEM_PERF_PROS_DEM_CPA-Refine%2520Direct-na-LP_Promo_Giugno19-DEM_Refine_CPA_Promo_giu2019
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 18 Jun 2019 12:40:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200, 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 57
x-xss-protection: 1; mode=block; report=https://twitter.com/i/xss_report
x-response-time: 114
pragma: no-cache
last-modified: Tue, 18 Jun 2019 12:40:32 GMT
server: tsa_f
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: application/javascript;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 74cae2362b0f9d96ec7fd1db5b481a1c
x-transaction: 00ace39700c3e30a
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H/1.1 200
OK roundtrip.js Show response
s.adroll.com/j/ 32 KB
11 KB 29ms
28ms Script
text/javascript 104.111.214.206
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/roundtrip.js
Requested by: Host: track.adform.net
URL: https://track.adform.net/serving/container/?pm=625469&lid=38325283&ctype=1&media=1257577&PageName=SceltaOfferta&sysvars=%7c%7c%7c%7c&itm=eyJzdjI2IjoiL3Byb21vLXNwZWNpYWxlLmh0bWwifQ&rnd=1887679515&cpref=&loc=https%3a%2f%2fwww.nowtv.it%2fpromo-speciale.html%3fdcmp%3dTRIAL_DEM_PERF_PROS_DEM_CPA-Refine%2520Direct-na-LP_Promo_Giugno19-DEM_Refine_CPA_Promo_giu2019
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.214.206 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a104-111-214-206.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 8aa2d4a076b1df43e751a2dca70d57a2c6098758addfc7c13e7076337564e0fd

Request headers

Referer: https://track.adform.net/serving/container/?pm=625469&lid=38325283&ctype=1&media=1257577&PageName=SceltaOfferta&sysvars=%7c%7c%7c%7c&itm=eyJzdjI2IjoiL3Byb21vLXNwZWNpYWxlLmh0bWwifQ&rnd=1887679515&cpref=&loc=https%3a%2f%2fwww.nowtv.it%2fpromo-speciale.html%3fdcmp%3dTRIAL_DEM_PERF_PROS_DEM_CPA-Refine%2520Direct-na-LP_Promo_Giugno19-DEM_Refine_CPA_Promo_giu2019
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id: Y2HhOfr_kKpiwiGZEOdqRmM2sQhnK_2O
Content-Encoding: gzip
x-amz-request-id: AA50DE7108927E5D
x-amz-server-side-encryption: AES256
Access-Control-Max-Age: 600
Date: Tue, 18 Jun 2019 12:40:32 GMT
Connection: keep-alive
Content-Length: 10323
x-amz-id-2: zBgZZy+7svyNRx5F9Ocx+DrtPjRMYxE5oZPEgt+wax1VW25Mj78UDrD84NF0eZCuFDLzkKTh+xk=
Last-Modified: Mon, 10 Jun 2019 19:13:27 GMT
Server: AmazonS3
ETag: "089df3afc0b2c1dede17edfaf42eee33"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H/1.1 200
OK M3PXNOL3IVAO7CMJ6HJTJQ Show response
d.adroll.com/consent/check/ 40 B
499 B 379ms
32ms Script
application/javascript 54.228.215.115
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://d.adroll.com/consent/check/M3PXNOL3IVAO7CMJ6HJTJQ?_s=14bf75ef109cae50ed0a681b10ecd266
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.228.215.115 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-54-228-215-115.eu-west-1.compute.amazonaws.com
Software: nginx/1.14.1 /
Resource Hash: 867bd168728faba904fe15de941932d1d7537130b0edb918970901435cf39929

Request headers

Referer: https://track.adform.net/serving/container/?pm=625469&lid=38325283&ctype=1&media=1257577&PageName=SceltaOfferta&sysvars=%7c%7c%7c%7c&itm=eyJzdjI2IjoiL3Byb21vLXNwZWNpYWxlLmh0bWwifQ&rnd=1887679515&cpref=&loc=https%3a%2f%2fwww.nowtv.it%2fpromo-speciale.html%3fdcmp%3dTRIAL_DEM_PERF_PROS_DEM_CPA-Refine%2520Direct-na-LP_Promo_Giugno19-DEM_Refine_CPA_Promo_giu2019
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 18 Jun 2019 12:40:32 GMT
Server: nginx/1.14.1
P3P: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Type: application/javascript
Content-Length: 40

GET
H/1.1

200
OK

QHZOZQY46BFEPDAWPHMWKJ.js Show response
s.adroll.com/pixel/M3PXNOL3IVAO7CMJ6HJTJQ/3YWS2VQCNREXJN5ZDV6B6Z/
Redirect Chain

https://d.adroll.com/pixel/M3PXNOL3IVAO7CMJ6HJTJQ/3YWS2VQCNREXJN5ZDV6B6Z?adroll_fpc=b6b2552e3f82af839073946a72576636-1560861632736&pv=11632631300.817686&cookie=&adroll_s_ref=&keyw=&arrfrr=https%3A%...
https://s.adroll.com/pixel/M3PXNOL3IVAO7CMJ6HJTJQ/3YWS2VQCNREXJN5ZDV6B6Z/QHZOZQY46BFEPDAWPHMWKJ.js

15 KB
5 KB

92ms
24ms

Script
text/javascript

104.111.214.206
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/pixel/M3PXNOL3IVAO7CMJ6HJTJQ/3YWS2VQCNREXJN5ZDV6B6Z/QHZOZQY46BFEPDAWPHMWKJ.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.214.206 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a104-111-214-206.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: f39aeaa637e03ae50fbc9b5f1bc3f38ee6fa9761c72419e9518a0855ce68b661

Request headers

Referer: https://track.adform.net/serving/container/?pm=625469&lid=38325283&ctype=1&media=1257577&PageName=SceltaOfferta&sysvars=%7c%7c%7c%7c&itm=eyJzdjI2IjoiL3Byb21vLXNwZWNpYWxlLmh0bWwifQ&rnd=1887679515&cpref=&loc=https%3a%2f%2fwww.nowtv.it%2fpromo-speciale.html%3fdcmp%3dTRIAL_DEM_PERF_PROS_DEM_CPA-Refine%2520Direct-na-LP_Promo_Giugno19-DEM_Refine_CPA_Promo_giu2019
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id: BJ00UUlZZysBs4YIFxgREVDzvAYm8JHj
Content-Encoding: gzip
x-amz-request-id: 312650CB78392508
x-amz-server-side-encryption: AES256
Access-Control-Max-Age: 600
Date: Tue, 18 Jun 2019 12:40:32 GMT
Connection: keep-alive
Content-Length: 4252
x-amz-id-2: AV5SBqVpR1fUaqEqQe7r+0gogPGNO7hJTDCvvzG1tlqwfiMR8Ouhy0QpCLGDi94Kesyky7IRvRk=
Last-Modified: Tue, 18 Jun 2019 12:08:23 GMT
Server: AmazonS3
ETag: "80610e1e8c3196b8abc63fb65a2b924e"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

Redirect headers

Date: Tue, 18 Jun 2019 12:40:32 GMT
X-Segment-Display-Name
P3P: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
Connection: keep-alive
Content-Length: 0
Pragma: no-cache
X-Conversion-Value: 0.0
Server: nginx/1.14.1
X-Rule: *
X-Segment-Eid: QHZOZQY46BFEPDAWPHMWKJ
Location: https://s.adroll.com/pixel/M3PXNOL3IVAO7CMJ6HJTJQ/3YWS2VQCNREXJN5ZDV6B6Z/QHZOZQY46BFEPDAWPHMWKJ.js
Cache-Control: no-store, no-cache, must-revalidate
X-Pixel-Eid: 3YWS2VQCNREXJN5ZDV6B6Z
X-Segment-Name: *
X-Advertisable-Eid: M3PXNOL3IVAO7CMJ6HJTJQ
X-Conversion-Currency: EUR

GET
H2 200 275001629523093 Show response
connect.facebook.net/signals/config/ 228 KB
60 KB 9ms
9ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/275001629523093?v=2.8.51&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

b46a2631c1d4fe6384be47099bd5ecf6d05be6b58f10d5880cfd77636379be84

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://track.adform.net/serving/container/?pm=625469&lid=38325283&ctype=1&media=1257577&PageName=SceltaOfferta&sysvars=%7c%7c%7c%7c&itm=eyJzdjI2IjoiL3Byb21vLXNwZWNpYWxlLmh0bWwifQ&rnd=1887679515&cpref=&loc=https%3a%2f%2fwww.nowtv.it%2fpromo-speciale.html%3fdcmp%3dTRIAL_DEM_PERF_PROS_DEM_CPA-Refine%2520Direct-na-LP_Promo_Giugno19-DEM_Refine_CPA_Promo_giu2019
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
vary: Origin, Accept-Encoding
content-length: 61414
x-xss-protection: 0
pragma: public
x-fb-debug: 9NltozhQYdurMlOwdlr+kAVR9svWD1vJXjLMnHasC00wkhYkZIUnhCyWan/JdwOY3b4ZHHZ+AIttcIvzveVeeg==
x-fb-trip-id: 1475214379
date: Tue, 18 Jun 2019 12:40:32 GMT
x-frame-options: DENY
access-control-allow-methods: OPTIONS
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://connect.facebook.net
access-control-expose-headers: X-FB-Debug, X-Loader-Length
cache-control: public, max-age=1200
access-control-allow-credentials: true
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

204

sync
ups.analytics.yahoo.com/ups/55980/
Redirect Chain

https://d.adroll.com/cm/aol/out?advertisable=M3PXNOL3IVAO7CMJ6HJTJQ
https://pixel.advertising.com/ups/55980/sync?uid=NTI0Y2UwNmVlMDA2NDJhNjY5OTMyZWIxZTgxN2IyYzQ&_origin=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA
https://pixel.advertising.com/ups/55980/sync?uid=NTI0Y2UwNmVlMDA2NDJhNjY5OTMyZWIxZTgxN2IyYzQ&_origin=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&verify=true
https://ups.analytics.yahoo.com/ups/55980/sync?uid=NTI0Y2UwNmVlMDA2NDJhNjY5OTMyZWIxZTgxN2IyYzQ&_origin=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&apid=UP44c4a272-91c6-11e9-97be-02...
https://ups.analytics.yahoo.com/ups/55980/sync?uid=NTI0Y2UwNmVlMDA2NDJhNjY5OTMyZWIxZTgxN2IyYzQ&_origin=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&apid=UP44c4a272-91c6-11e9-97be-02...

0
472 B

11ms
10ms

Image
text/plain

35.157.167.170
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ups.analytics.yahoo.com/ups/55980/sync?uid=NTI0Y2UwNmVlMDA2NDJhNjY5OTMyZWIxZTgxN2IyYzQ&_origin=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&apid=UP44c4a272-91c6-11e9-97be-022d17832c2c&verify=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.157.167.170 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-35-157-167-170.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://track.adform.net/serving/container/?pm=625469&lid=38325283&ctype=1&media=1257577&PageName=SceltaOfferta&sysvars=%7c%7c%7c%7c&itm=eyJzdjI2IjoiL3Byb21vLXNwZWNpYWxlLmh0bWwifQ&rnd=1887679515&cpref=&loc=https%3a%2f%2fwww.nowtv.it%2fpromo-speciale.html%3fdcmp%3dTRIAL_DEM_PERF_PROS_DEM_CPA-Refine%2520Direct-na-LP_Promo_Giugno19-DEM_Refine_CPA_Promo_giu2019
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 204
date: Tue, 18 Jun 2019 12:40:37 GMT
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

status: 302
date: Tue, 18 Jun 2019 12:40:37 GMT
content-length: 0
location: https://ups.analytics.yahoo.com/ups/55980/sync?uid=NTI0Y2UwNmVlMDA2NDJhNjY5OTMyZWIxZTgxN2IyYzQ&_origin=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&apid=UP44c4a272-91c6-11e9-97be-022d17832c2c&verify=true
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/
Redirect Chain

https://d.adroll.com/cm/index/out?advertisable=M3PXNOL3IVAO7CMJ6HJTJQ
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=NTI0Y2UwNmVlMDA2NDJhNjY5OTMyZWIxZTgxN2IyYzQ&expiration=1592397635
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=NTI0Y2UwNmVlMDA2NDJhNjY5OTMyZWIxZTgxN2IyYzQ&expiration=1592397635&C=1

43 B
898 B

40ms
39ms

Image
image/gif

104.111.215.135
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=NTI0Y2UwNmVlMDA2NDJhNjY5OTMyZWIxZTgxN2IyYzQ&expiration=1592397635&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.215.135 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a104-111-215-135.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://track.adform.net/serving/container/?pm=625469&lid=38325283&ctype=1&media=1257577&PageName=SceltaOfferta&sysvars=%7c%7c%7c%7c&itm=eyJzdjI2IjoiL3Byb21vLXNwZWNpYWxlLmh0bWwifQ&rnd=1887679515&cpref=&loc=https%3a%2f%2fwww.nowtv.it%2fpromo-speciale.html%3fdcmp%3dTRIAL_DEM_PERF_PROS_DEM_CPA-Refine%2520Direct-na-LP_Promo_Giugno19-DEM_Refine_CPA_Promo_giu2019
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 18 Jun 2019 12:40:35 GMT
Server: Apache
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Tue, 18 Jun 2019 12:40:35 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 18 Jun 2019 12:40:35 GMT
Server: Apache
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=NTI0Y2UwNmVlMDA2NDJhNjY5OTMyZWIxZTgxN2IyYzQ&expiration=1592397635&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 333
Expires: Tue, 18 Jun 2019 12:40:35 GMT

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/
Redirect Chain

https://d.adroll.com/cm/n/out?advertisable=M3PXNOL3IVAO7CMJ6HJTJQ
https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=NTI0Y2UwNmVlMDA2NDJhNjY5OTMyZWIxZTgxN2IyYzQ&expires=365

42 B
371 B

1073ms
17ms

Image
image/gif

213.19.162.80
The Rubicon Project

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=NTI0Y2UwNmVlMDA2NDJhNjY5OTMyZWIxZTgxN2IyYzQ&expires=365
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 213.19.162.80 , United Kingdom, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US),
Reverse DNS
Software: Rubicon Project /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://track.adform.net/serving/container/?pm=625469&lid=38325283&ctype=1&media=1257577&PageName=SceltaOfferta&sysvars=%7c%7c%7c%7c&itm=eyJzdjI2IjoiL3Byb21vLXNwZWNpYWxlLmh0bWwifQ&rnd=1887679515&cpref=&loc=https%3a%2f%2fwww.nowtv.it%2fpromo-speciale.html%3fdcmp%3dTRIAL_DEM_PERF_PROS_DEM_CPA-Refine%2520Direct-na-LP_Promo_Giugno19-DEM_Refine_CPA_Promo_giu2019
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 18 Jun 2019 12:40:35 GMT
Server: Rubicon Project
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Type: image/gif
Content-Length: 42
X-RPHost: 1YOuDUB3EtQyLlNCr8nC8Q
Expires: 0

Redirect headers

Pragma: no-cache
Date: Tue, 18 Jun 2019 12:40:35 GMT
Server: nginx/1.14.1
P3P: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
Location: https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=NTI0Y2UwNmVlMDA2NDJhNjY5OTMyZWIxZTgxN2IyYzQ&expires=365
Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Length: 124

GET
H2

200

pixel
sync.outbrain.com/adroll/
Redirect Chain

https://d.adroll.com/cm/outbrain/out?advertisable=M3PXNOL3IVAO7CMJ6HJTJQ
https://sync.outbrain.com/adroll/pixel?user_id=NTI0Y2UwNmVlMDA2NDJhNjY5OTMyZWIxZTgxN2IyYzQ

0
332 B

96ms
96ms

Image
text/plain

151.101.2.2
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/adroll/pixel?user_id=NTI0Y2UwNmVlMDA2NDJhNjY5OTMyZWIxZTgxN2IyYzQ
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.2 , United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://track.adform.net/serving/container/?pm=625469&lid=38325283&ctype=1&media=1257577&PageName=SceltaOfferta&sysvars=%7c%7c%7c%7c&itm=eyJzdjI2IjoiL3Byb21vLXNwZWNpYWxlLmh0bWwifQ&rnd=1887679515&cpref=&loc=https%3a%2f%2fwww.nowtv.it%2fpromo-speciale.html%3fdcmp%3dTRIAL_DEM_PERF_PROS_DEM_CPA-Refine%2520Direct-na-LP_Promo_Giugno19-DEM_Refine_CPA_Promo_giu2019
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 18 Jun 2019 12:40:35 GMT
via: 1.1 varnish, 1.1 varnish
traffic-path: NYDC1, JFK, HHN, Europe1
x-traceid: c0d3314cbcb686751cd3ece0edd674c9
x-timer: S1560861636.577626,VS0,VE89
x-cache: MISS, MISS
status: 200
backend-ip: 104.156.90.42
x-cache-hits: 0, 0
accept-ranges: bytes, bytes
content-length: 0
x-served-by: cache-jfk8142-JFK, cache-hhn1531-HHN

Redirect headers

Pragma: no-cache
Date: Tue, 18 Jun 2019 12:40:35 GMT
Server: nginx/1.14.1
P3P: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
Location: https://sync.outbrain.com/adroll/pixel?user_id=NTI0Y2UwNmVlMDA2NDJhNjY5OTMyZWIxZTgxN2IyYzQ
Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Length: 96

GET
H/1.1

200
OK

Pug
simage2.pubmatic.com/AdServer/
Redirect Chain

https://d.adroll.com/cm/pubmatic/out?advertisable=M3PXNOL3IVAO7CMJ6HJTJQ
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMwNiZ0bD01MjU2MDA&piggybackCookie=NTI0Y2UwNmVlMDA2NDJhNjY5OTMyZWIxZTgxN2IyYzQ&gdpr=1&gdpr_consent=BOOoKswOOoKswA2ABBENA...

1 B
817 B

2311ms
19ms

Image
text/html

185.64.189.110
PubMatic

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMwNiZ0bD01MjU2MDA&piggybackCookie=NTI0Y2UwNmVlMDA2NDJhNjY5OTMyZWIxZTgxN2IyYzQ&gdpr=1&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXyACACYAIIA
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC - PubMatic, Inc., US),
Reverse DNS
Software: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://track.adform.net/serving/container/?pm=625469&lid=38325283&ctype=1&media=1257577&PageName=SceltaOfferta&sysvars=%7c%7c%7c%7c&itm=eyJzdjI2IjoiL3Byb21vLXNwZWNpYWxlLmh0bWwifQ&rnd=1887679515&cpref=&loc=https%3a%2f%2fwww.nowtv.it%2fpromo-speciale.html%3fdcmp%3dTRIAL_DEM_PERF_PROS_DEM_CPA-Refine%2520Direct-na-LP_Promo_Giugno19-DEM_Refine_CPA_Promo_giu2019
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 18 Jun 2019 12:40:37 GMT
X-lat: Pug22057:0:520
Server: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6
Cache-Control: no-store, no-cache, private
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
X-Cnection: close
Content-Type: text/html; charset=utf-8
Content-Length: 1

Redirect headers

Pragma: no-cache
Date: Tue, 18 Jun 2019 12:40:35 GMT
Server: nginx/1.14.1
P3P: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMwNiZ0bD01MjU2MDA&piggybackCookie=NTI0Y2UwNmVlMDA2NDJhNjY5OTMyZWIxZTgxN2IyYzQ&gdpr=1&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXyACACYAIIA
Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Length: 220

GET
H2

204

/
trc.taboola.com/sg/adroll-network/1/rtb-h/
Redirect Chain

https://d.adroll.com/cm/taboola/out?advertisable=M3PXNOL3IVAO7CMJ6HJTJQ
https://trc.taboola.com/sg/adroll-network/1/rtb-h/?taboola_hm=NTI0Y2UwNmVlMDA2NDJhNjY5OTMyZWIxZTgxN2IyYzQ

0
205 B

19ms
18ms

Image
text/plain

151.101.2.2
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/adroll-network/1/rtb-h/?taboola_hm=NTI0Y2UwNmVlMDA2NDJhNjY5OTMyZWIxZTgxN2IyYzQ
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.2 , United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://track.adform.net/serving/container/?pm=625469&lid=38325283&ctype=1&media=1257577&PageName=SceltaOfferta&sysvars=%7c%7c%7c%7c&itm=eyJzdjI2IjoiL3Byb21vLXNwZWNpYWxlLmh0bWwifQ&rnd=1887679515&cpref=&loc=https%3a%2f%2fwww.nowtv.it%2fpromo-speciale.html%3fdcmp%3dTRIAL_DEM_PERF_PROS_DEM_CPA-Refine%2520Direct-na-LP_Promo_Giugno19-DEM_Refine_CPA_Promo_giu2019
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 18 Jun 2019 12:40:35 GMT
via: 1.1 varnish
server: nginx
x-timer: S1560861636.642554,VS0,VE11
x-served-by: cache-hhn1531-HHN
x-cache: MISS
status: 204
accept-ranges: bytes
x-cache-hits: 0

Redirect headers

Pragma: no-cache
Date: Tue, 18 Jun 2019 12:40:35 GMT
Server: nginx/1.14.1
P3P: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
Location: https://trc.taboola.com/sg/adroll-network/1/rtb-h/?taboola_hm=NTI0Y2UwNmVlMDA2NDJhNjY5OTMyZWIxZTgxN2IyYzQ
Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Length: 111

GET
H2

200

xuid
eb2.3lift.com/
Redirect Chain

https://d.adroll.com/cm/triplelift/out?advertisable=M3PXNOL3IVAO7CMJ6HJTJQ
https://eb2.3lift.com/xuid?mid=4714&xuid=NTI0Y2UwNmVlMDA2NDJhNjY5OTMyZWIxZTgxN2IyYzQ&dongle=c85e
https://eb2.3lift.com/xuid?ld=1&mid=4714&xuid=NTI0Y2UwNmVlMDA2NDJhNjY5OTMyZWIxZTgxN2IyYzQ&dongle=c85e&gdpr=1&cmp_cs=

37 B
335 B

15ms
14ms

Image
image/gif

52.58.75.147
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?ld=1&mid=4714&xuid=NTI0Y2UwNmVlMDA2NDJhNjY5OTMyZWIxZTgxN2IyYzQ&dongle=c85e&gdpr=1&cmp_cs=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.58.75.147 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-58-75-147.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer: https://track.adform.net/serving/container/?pm=625469&lid=38325283&ctype=1&media=1257577&PageName=SceltaOfferta&sysvars=%7c%7c%7c%7c&itm=eyJzdjI2IjoiL3Byb21vLXNwZWNpYWxlLmh0bWwifQ&rnd=1887679515&cpref=&loc=https%3a%2f%2fwww.nowtv.it%2fpromo-speciale.html%3fdcmp%3dTRIAL_DEM_PERF_PROS_DEM_CPA-Refine%2520Direct-na-LP_Promo_Giugno19-DEM_Refine_CPA_Promo_giu2019
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
date: Tue, 18 Jun 2019 12:40:36 GMT
cache-control: no-cache, no-store, must-revalidate
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
content-length: 37
content-type: image/gif

Redirect headers

status: 302
date: Tue, 18 Jun 2019 12:40:36 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
location: /xuid?ld=1&mid=4714&xuid=NTI0Y2UwNmVlMDA2NDJhNjY5OTMyZWIxZTgxN2IyYzQ&dongle=c85e&gdpr=1&cmp_cs=
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H/1.1 200
OK 3YWS2VQCNREXJN5ZDV6B6Z
d.adroll.com/onp/M3PXNOL3IVAO7CMJ6HJTJQ/ 42 B
532 B 55ms
35ms Image
image/gif 54.228.215.115
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.adroll.com/onp/M3PXNOL3IVAO7CMJ6HJTJQ/3YWS2VQCNREXJN5ZDV6B6Z?pv=11632631300.817686&ev=t%3Dtop%26f%3D0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.228.215.115 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-54-228-215-115.eu-west-1.compute.amazonaws.com
Software: nginx/1.14.1 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://track.adform.net/serving/container/?pm=625469&lid=38325283&ctype=1&media=1257577&PageName=SceltaOfferta&sysvars=%7c%7c%7c%7c&itm=eyJzdjI2IjoiL3Byb21vLXNwZWNpYWxlLmh0bWwifQ&rnd=1887679515&cpref=&loc=https%3a%2f%2fwww.nowtv.it%2fpromo-speciale.html%3fdcmp%3dTRIAL_DEM_PERF_PROS_DEM_CPA-Refine%2520Direct-na-LP_Promo_Giugno19-DEM_Refine_CPA_Promo_giu2019
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 18 Jun 2019 12:40:35 GMT
Server: nginx/1.14.1
P3P: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Type: image/gif
X-Advertisable-Eid: M3PXNOL3IVAO7CMJ6HJTJQ
Content-Length: 42

GET
H2

200

sync
x.bidswitch.net/ul_cb/
Redirect Chain

https://d.adroll.com/cm/b/out?advertisable=M3PXNOL3IVAO7CMJ6HJTJQ
https://x.bidswitch.net/sync?dsp_id=44&user_id=NTI0Y2UwNmVlMDA2NDJhNjY5OTMyZWIxZTgxN2IyYzQ
https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=NTI0Y2UwNmVlMDA2NDJhNjY5OTMyZWIxZTgxN2IyYzQ

43 B
380 B

62ms
62ms

Image
image/gif

54.93.143.241
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=NTI0Y2UwNmVlMDA2NDJhNjY5OTMyZWIxZTgxN2IyYzQ
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.93.143.241 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-54-93-143-241.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://track.adform.net/serving/container/?pm=625469&lid=38325283&ctype=1&media=1257577&PageName=SceltaOfferta&sysvars=%7c%7c%7c%7c&itm=eyJzdjI2IjoiL3Byb21vLXNwZWNpYWxlLmh0bWwifQ&rnd=1887679515&cpref=&loc=https%3a%2f%2fwww.nowtv.it%2fpromo-speciale.html%3fdcmp%3dTRIAL_DEM_PERF_PROS_DEM_CPA-Refine%2520Direct-na-LP_Promo_Giugno19-DEM_Refine_CPA_Promo_giu2019
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
date: Tue, 18 Jun 2019 12:40:35 GMT
cache-control: no-cache, no-store, must-revalidate
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
content-length: 43
content-type: image/gif

Redirect headers

status: 302
date: Tue, 18 Jun 2019 12:40:35 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
location: https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=NTI0Y2UwNmVlMDA2NDJhNjY5OTMyZWIxZTgxN2IyYzQ
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H/1.1

200
OK

setuid
ib.adnxs.com/
Redirect Chain

https://d.adroll.com/cm/x/out?advertisable=M3PXNOL3IVAO7CMJ6HJTJQ
https://ib.adnxs.com/setuid?entity=172&code=NTI0Y2UwNmVlMDA2NDJhNjY5OTMyZWIxZTgxN2IyYzQ

43 B
856 B

1562ms
21ms

Image
image/gif

185.33.223.215
AppNexus

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=172&code=NTI0Y2UwNmVlMDA2NDJhNjY5OTMyZWIxZTgxN2IyYzQ

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.215 , Netherlands, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),

Reverse DNS

315.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://track.adform.net/serving/container/?pm=625469&lid=38325283&ctype=1&media=1257577&PageName=SceltaOfferta&sysvars=%7c%7c%7c%7c&itm=eyJzdjI2IjoiL3Byb21vLXNwZWNpYWxlLmh0bWwifQ&rnd=1887679515&cpref=&loc=https%3a%2f%2fwww.nowtv.it%2fpromo-speciale.html%3fdcmp%3dTRIAL_DEM_PERF_PROS_DEM_CPA-Refine%2520Direct-na-LP_Promo_Giugno19-DEM_Refine_CPA_Promo_giu2019
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 18 Jun 2019 12:40:39 GMT
AN-X-Request-Uuid: 72f8f25f-545a-45ec-8524-820de5eb3d83
Content-Type: image/gif
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 83.97.23.28; 83.97.23.28; 315.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.143:80
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 18 Jun 2019 12:40:35 GMT
Server: nginx/1.14.1
P3P: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
Location: https://ib.adnxs.com/setuid?entity=172&code=NTI0Y2UwNmVlMDA2NDJhNjY5OTMyZWIxZTgxN2IyYzQ
Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Length: 93

GET
H2

204

377928.gif
idsync.rlcdn.com/
Redirect Chain

https://d.adroll.com/cm/l/out?advertisable=M3PXNOL3IVAO7CMJ6HJTJQ
https://idsync.rlcdn.com/377928.gif?partner_uid=524ce06ee00642a669932eb1e817b2c4

0
40 B

118ms
115ms

Image
text/plain

34.95.92.78
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/377928.gif?partner_uid=524ce06ee00642a669932eb1e817b2c4
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.95.92.78 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 78.92.95.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://track.adform.net/serving/container/?pm=625469&lid=38325283&ctype=1&media=1257577&PageName=SceltaOfferta&sysvars=%7c%7c%7c%7c&itm=eyJzdjI2IjoiL3Byb21vLXNwZWNpYWxlLmh0bWwifQ&rnd=1887679515&cpref=&loc=https%3a%2f%2fwww.nowtv.it%2fpromo-speciale.html%3fdcmp%3dTRIAL_DEM_PERF_PROS_DEM_CPA-Refine%2520Direct-na-LP_Promo_Giugno19-DEM_Refine_CPA_Promo_giu2019
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 204
date: Tue, 18 Jun 2019 12:40:40 GMT
via: 1.1 google
alt-svc: clear

Redirect headers

Pragma: no-cache
Date: Tue, 18 Jun 2019 12:40:39 GMT
Server: nginx/1.14.1
P3P: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
Location: https://idsync.rlcdn.com/377928.gif?partner_uid=524ce06ee00642a669932eb1e817b2c4
Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Length: 86

GET
H2

200

sd
us-u.openx.net/w/1.0/
Redirect Chain

https://d.adroll.com/cm/o/out?advertisable=M3PXNOL3IVAO7CMJ6HJTJQ
https://us-u.openx.net/w/1.0/sd?id=537103138&val=524ce06ee00642a669932eb1e817b2c4
https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=524ce06ee00642a669932eb1e817b2c4

43 B
256 B

21ms
20ms

Image
image/gif

173.241.240.143
OPENX TECHNOLOGIES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=524ce06ee00642a669932eb1e817b2c4
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 173.241.240.143 Amsterdam, Netherlands, ASN36089 (OPENX-AS1 - OPENX TECHNOLOGIES, INC., US),
Reverse DNS: ox-173-241-240-143.xa.dc.openx.org
Software: OXGW/16.146.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://track.adform.net/serving/container/?pm=625469&lid=38325283&ctype=1&media=1257577&PageName=SceltaOfferta&sysvars=%7c%7c%7c%7c&itm=eyJzdjI2IjoiL3Byb21vLXNwZWNpYWxlLmh0bWwifQ&rnd=1887679515&cpref=&loc=https%3a%2f%2fwww.nowtv.it%2fpromo-speciale.html%3fdcmp%3dTRIAL_DEM_PERF_PROS_DEM_CPA-Refine%2520Direct-na-LP_Promo_Giugno19-DEM_Refine_CPA_Promo_giu2019
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 18 Jun 2019 12:40:40 GMT
server: OXGW/16.146.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
status: 200
cache-control: private, max-age=0, no-cache
content-type: image/gif
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

status: 302
date: Tue, 18 Jun 2019 12:40:39 GMT
server: OXGW/16.146.0
content-length: 0
location: https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=524ce06ee00642a669932eb1e817b2c4
p3p: CP="CUR ADM OUR NOR STA NID"

GET
H/1.1

200
OK

in
d.adroll.com/cm/g/
Redirect Chain

https://d.adroll.com/cm/g/out?advertisable=M3PXNOL3IVAO7CMJ6HJTJQ&google_nid=adroll5
https://cm.g.doubleclick.net/pixel?google_sc&google_nid=artb&google_hm=UkzgbuAGQqZpky6x6BeyxA&google_ula=1535926
https://cm.g.doubleclick.net/pixel?google_sc=&google_nid=artb&google_hm=UkzgbuAGQqZpky6x6BeyxA&google_ula=1535926&google_tc=
https://d.adroll.com/cm/g/in?google_ula=1535926,0

42 B
533 B

31ms
29ms

Image
image/gif

54.228.215.115
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.adroll.com/cm/g/in?google_ula=1535926,0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.228.215.115 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-54-228-215-115.eu-west-1.compute.amazonaws.com
Software: nginx/1.14.1 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://track.adform.net/serving/container/?pm=625469&lid=38325283&ctype=1&media=1257577&PageName=SceltaOfferta&sysvars=%7c%7c%7c%7c&itm=eyJzdjI2IjoiL3Byb21vLXNwZWNpYWxlLmh0bWwifQ&rnd=1887679515&cpref=&loc=https%3a%2f%2fwww.nowtv.it%2fpromo-speciale.html%3fdcmp%3dTRIAL_DEM_PERF_PROS_DEM_CPA-Refine%2520Direct-na-LP_Promo_Giugno19-DEM_Refine_CPA_Promo_giu2019
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 18 Jun 2019 12:40:40 GMT
Server: nginx/1.14.1
P3P: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Type: image/gif
Content-Length: 42
X-Result: g.-1.-1.1535926.0.-1

Redirect headers

pragma: no-cache
date: Tue, 18 Jun 2019 12:40:40 GMT
server: HTTP server (unknown)
location: https://d.adroll.com/cm/g/in?google_ula=1535926,0
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 302
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 246
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
250 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=275001629523093&ev=PageView&dl=https%3A%2F%2Ftrack.adform.net%2Fserving%2Fcontainer%2F%3Fpm%3D625469%26lid%3D38325283%26ctype%3D1%26media%3D1257577%26PageName%3DSceltaOfferta%26sysvars%3D%257c%257c%257c%257c%26itm%3DeyJzdjI2IjoiL3Byb21vLXNwZWNpYWxlLmh0bWwifQ%26rnd%3D1887679515%26cpref%3D%26loc%3Dhttps%253a%252f%252fwww.nowtv.it%252fpromo-speciale.html%253fdcmp%253dTRIAL_DEM_PERF_PROS_DEM_CPA-Refine%252520Direct-na-LP_Promo_Giugno19-DEM_Refine_CPA_Promo_giu2019&rl=&if=false&ts=1560861632891&cd[segment_eid]=QHZOZQY46BFEPDAWPHMWKJ&sw=1600&sh=1200&v=2.8.51&r=stable&a=dvadglow&ec=0&o=29&fbp=fb.1.1560861632890.250539627&it=1560861616518&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://track.adform.net/serving/container/?pm=625469&lid=38325283&ctype=1&media=1257577&PageName=SceltaOfferta&sysvars=%7c%7c%7c%7c&itm=eyJzdjI2IjoiL3Byb21vLXNwZWNpYWxlLmh0bWwifQ&rnd=1887679515&cpref=&loc=https%3a%2f%2fwww.nowtv.it%2fpromo-speciale.html%3fdcmp%3dTRIAL_DEM_PERF_PROS_DEM_CPA-Refine%2520Direct-na-LP_Promo_Giugno19-DEM_Refine_CPA_Promo_giu2019
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 18 Jun 2019 12:40:32 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
content-length: 44
expires: Tue, 18 Jun 2019 12:40:32 GMT

GET
H/1.1 200
OK Cookie set pstats.html
a.rfihub.com/ Frame FCBE 0
0 3826ms
18ms Document
text/html 193.0.160.129
Rocket Fuel Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://a.rfihub.com/pstats.html?rb=34170&ca=20792338&ri=bf4e50a95ad3d81248564b4977328c78&rfiidc=1871597491648598312&rfiaid=0b705f7b1f5b496c85713c2d7734ee37&stats=%7B%2213488%22%3A%223204%2C1%22%2C%2217243%22%3A%223081%2C1%22%2C%2231937%22%3A%2211628%2C1%22%2C%2240977%22%3A%223212%2C1%22%2C%2242261%22%3A%2271%2C1%22%2C%2251433%22%3A%2227%2C1%22%2C%2252220%22%3A%22153%2C1%22%2C%2253707%22%3A%228977%2C1%22%2C%2253935%22%3A%22180%2C1%22%2C%2254497%22%3A%227855%2C1%22%2C%2254645%22%3A%224085%2C1%22%2C%2254651%22%3A%223044%2C2%22%2C%2254855%22%3A%2224%2C1%22%2C%2254863%22%3A%22%22%2C%2255065%22%3A%221175%2C1%22%2C%2255073%22%3A%22186%2C1%22%2C%2255507%22%3A%224773%2C1%22%2C%2256659%22%3A%223151%2C1%22%2C%2256885%22%3A%226269%2C1%22%2C%2257207%22%3A%223160%2C2%22%2C%2257291%22%3A%223926%2C1%22%2C%2257293%22%3A%224234%2C1%22%2C%2257297%22%3A%228828%2C1%22%2C%2257299%22%3A%224295%2C2%22%2C%2257303%22%3A%224861%2C1%22%2C%2257347%22%3A%229656%2C2%22%2C%2257363%22%3A%223457%2C1%22%2C%2257419%22%3A%224307%2C2%22%2C%2257795%22%3A%225355%2C1%22%2C%2257895%22%3A%226503%2C1%22%2C%2258143%22%3A%2210423%2C2%22%2C%2258487%22%3A%226925%2C1%22%2C%2258523%22%3A%2212213%2C2%22%2C%2258553%22%3A%227166%2C1%22%7D&ra=8313121703008828
Requested by: Host: c1.rfihub.net
URL: https://c1.rfihub.net/js/tc.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 193.0.160.129 , Netherlands, ASN54312 (ROCKETFUEL - Rocket Fuel Inc., US),
Reverse DNS
Software: Jetty(9.0.6.v20130930) /
Resource Hash

Request headers

Host: a.rfihub.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer: https://track.adform.net/serving/container/?pm=625469&lid=38325283&ctype=1&media=1257577&PageName=SceltaOfferta&sysvars=%7c%7c%7c%7c&itm=eyJzdjI2IjoiL3Byb21vLXNwZWNpYWxlLmh0bWwifQ&rnd=1887679515&cpref=&loc=https%3a%2f%2fwww.nowtv.it%2fpromo-speciale.html%3fdcmp%3dTRIAL_DEM_PERF_PROS_DEM_CPA-Refine%2520Direct-na-LP_Promo_Giugno19-DEM_Refine_CPA_Promo_giu2019
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://track.adform.net/serving/container/?pm=625469&lid=38325283&ctype=1&media=1257577&PageName=SceltaOfferta&sysvars=%7c%7c%7c%7c&itm=eyJzdjI2IjoiL3Byb21vLXNwZWNpYWxlLmh0bWwifQ&rnd=1887679515&cpref=&loc=https%3a%2f%2fwww.nowtv.it%2fpromo-speciale.html%3fdcmp%3dTRIAL_DEM_PERF_PROS_DEM_CPA-Refine%2520Direct-na-LP_Promo_Giugno19-DEM_Refine_CPA_Promo_giu2019

Response headers

P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Set-Cookie: eud=H4sIAAAAAAAAALvEymtoamZgYWZoZmJobmh6C43_CI3_Co3_C40_iw2VvwqNfwqNfwuN_wiN_wuNP4kdlb8Ijb8LjX8Ljf8Kjd_EgcbnRuPzoLlfEM1_wqh8AP9A2cRQAQAA;Path=/;Domain=.rfihub.com;Expires=Sun, 12-Jul-2020 12:40:41 GMT rud=H4sIAAAAAAAAAOMSNrQwNzS1NDexNDQzsTC1tDA2NBLiM9QNtyzPDfWPsPT1icqS4jU0NTOwMAOqMAQqBgAjYjnCNAAAAA;Path=/;Domain=.rfihub.com;Expires=Sun, 12-Jul-2020 12:40:41 GMT ruds=H4sIAAAAAAAAAOMSNrQwNzS1NDexNDQzsTC1tDA2NBLiM9QNtyzPDfWPsPT1icoCAOfHSpQlAAAA;Path=/;Domain=.rfihub.com
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: text/html; charset=ISO-8859-1
Content-Encoding: gzip
Vary: Accept-Encoding, User-Agent
Transfer-Encoding: chunked
Server: Jetty(9.0.6.v20130930)

Verdicts & Comments Add Verdict or Comment

61 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.rfihub.com/	1969-12-31 23:59:59	Name: ruds Value: H4sIAAAAAAAAAOMSNjQwMTQyMTM2NjQzNTY1sTQ2NxPiM9S1MLGICvTRdTOxMMwCALTEiTAlAAAA
.rfihub.com/	1970-01-19 10:55:57	Name: eud Value: H4sIAAAAAAAAAFMScC0uDHSyBIFUQ4MKZ9MsXkNTMwMLM0MzYwNTSwsAUeElgCEAAAA
.rfihub.com/	1969-12-31 23:59:59	Name: euds Value: H4sIAAAAAAAAAFMScC0uDHSyBIFUQ4MKZ1MAVJ-GFRIAAAA
.rfihub.com/	1970-01-19 10:55:57	Name: rud Value: H4sIAAAAAAAAAOMSNjQwMTQyMTM2NjQzNTY1sTQ2NxPiM9S1MLGICvTRdTOxMMyS4jU0NTOwMDM0MzYwtbQAAAgHEUU0AAAA
.adform.net/	1970-01-19 10:58:50	Name: __qca Value: P0-1404577520-1560861632126

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

20792338p.rfihub.com
a.rfihub.com
aax-eu.amazon-adsystem.com
analytics.twitter.com
bv01.er.bemail.it
c1.rfihub.net
cm.g.doubleclick.net
connect.facebook.net
d.adroll.com
dsum-sec.casalemedia.com
eb2.3lift.com
googleads.g.doubleclick.net
ib.adnxs.com
idsync.rlcdn.com
pixel.advertising.com
pixel.quantserve.com
pixel.rubiconproject.com
rules.quantcount.com
s.adroll.com
s.yimg.com
secure.quantserve.com
simage2.pubmatic.com
static.ads-twitter.com
sync.outbrain.com
t.co
track.adform.net
trc.taboola.com
ups.analytics.yahoo.com
us-u.openx.net
www.facebook.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
x.bidswitch.net
104.111.214.206
104.111.215.135
104.244.42.67
104.244.42.69
151.1.245.21
151.101.2.2
151.101.36.157
172.217.18.2
173.241.240.143
185.31.128.128
185.33.223.215
185.64.189.110
193.0.160.129
213.19.162.80
216.58.206.2
2600:9000:2001:ce00:6:44e3:f8c0:93a1
2a00:1288:84:800::1002
2a00:1450:4001:80b::2003
2a00:1450:4001:816::2004
2a00:1450:4001:818::2008
2a00:1450:4001:824::2002
2a03:2880:f01c:216:face:b00c:0:3
2a03:2880:f11c:8083:face:b00c:0:25de
34.95.92.78
35.156.24.221
35.157.167.170
37.157.6.252
52.58.75.147
52.94.216.48
54.228.215.115
54.93.143.241
91.228.74.140
91.228.74.163
92.123.25.41
0ec54a58d35ac36a9f5917750661e0addae1fd94087ede2bb0fcb26d781be049
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
319949c8c08b86e9c35ea542c0dc0c30cedaa9b8d3d3c3327a36c91aefbd8af5
3c34c9d62dd9a8381a9ea49ac2deb0af23991e5e1cb24a91e278b195eb0346ce
404a9b0ffbcc813e8ddbb8d8510a24a69c09079282f8083ee94f4adc5d627176
4403e1177cb3913a42f7db193b68d06c8875f4380a4fe99365f54d7862f43ea9
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
657f79c4d5a6ea502202651151811d195b49cf9cf22fd7f8edaeefe2f8cc8fc4
6a95a35c7dce851334e55c5793e3876841cbbf642f574e8c71ce6e9818da31da
71670672640fd572fbb149b300e36ab32df279760d0ce16cb1f12b94fb088268
867bd168728faba904fe15de941932d1d7537130b0edb918970901435cf39929
8aa2d4a076b1df43e751a2dca70d57a2c6098758addfc7c13e7076337564e0fd
9fcdb425fe296f1b51ebc5eea0e37d11532add0a48e0b6639231203aff5c5a4f
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b46a2631c1d4fe6384be47099bd5ecf6d05be6b58f10d5880cfd77636379be84
b5c17e58e4a9fdc5b6029977a6b0a57153e615fbb67a81aea50928059e3c9932
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
cb2bb21705b9cce9781d02c9223f3344a65bd5314027d11c5a8518ad4bd84e84
cd1c301a8e7960a1786e2a959226b0b78b56dbea284bd114265f1662d6ca280e
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e580d5fc2a2f5bc83b15259648c67d2c29ac38f42d053a07dc58aaaca0a7535f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1e6382aa070301007ee92dbaaef83c9f6075f9d86ee3632c82a609f02c6fc1f
f39aeaa637e03ae50fbc9b5f1bc3f38ee6fa9761c72419e9518a0855ce68b661
f41e99535ff8f2c647d41d7dd241db1cdacac565497c6c1e4f419af90d5470f3

track.adform.net Open in urlscan Pro 37.157.6.252 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

47 Requests

100 %HTTPS

24 %IPv6

31 Domains

35 Subdomains

32 IPs

8 Countries

224 kBTransfer

719 kBSize

5 Cookies

0 Outgoing links

Redirected requests

47 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

track.adform.net Open in urlscan Pro
37.157.6.252 Public Scan

Screenshot
Live screenshot

Full Image

47
Requests

100 %
HTTPS

24 %
IPv6

31
Domains

35
Subdomains

32
IPs

8
Countries

224 kB
Transfer

719 kB
Size

5
Cookies

47 HTTP transactions
0 data transactions