urlscan.io logo urlscan.io
SecurityTrails logo

www.andiamoinbanca.com Open in urlscan Pro
104.16.196.13  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://andiamoinbanca.com/
Effective URL: https://www.andiamoinbanca.com/
Submission Tags: @ecarlesi possiblethreat Search All
Submission: On December 03 via api from IT — Scanned from IT
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 2 countries across 6 domains to perform 19 HTTP transactions. The main IP is 104.16.196.13, located in and belongs to CLOUDFLARENET, US. The main domain is www.andiamoinbanca.com.
TLS certificate: Issued by E1 on October 26th 2023. Valid for: 3 months.
This is the only time www.andiamoinbanca.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 2 104.19.153.75 13335 (CLOUDFLAR...)
8 104.16.196.13 13335 (CLOUDFLAR...)
1 151.101.66.217 54113 (FASTLY)
1 142.250.186.138 15169 (GOOGLE)
4 104.18.211.119 13335 (CLOUDFLAR...)
1 104.16.56.101 13335 (CLOUDFLAR...)
3 142.250.185.227 15169 (GOOGLE)
19 7
2    104.19.153.75 (None, )

ASN13335 (CLOUDFLARENET, US)
andiamoinbanca.com
8    104.16.196.13 (None, )

ASN13335 (CLOUDFLARENET, US)
www.andiamoinbanca.com
1    151.101.66.217 (United States)

ASN54113 (FASTLY, US)
js.sentry-cdn.com
1    142.250.186.138 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f10.1e100.net
fonts.googleapis.com
4    104.18.211.119 (None, )

ASN13335 (CLOUDFLARENET, US)
popmenucloud.com
1    104.16.56.101 (None, )

ASN13335 (CLOUDFLARENET, US)
static.cloudflareinsights.com
3    142.250.185.227 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f3.1e100.net
fonts.gstatic.com
Apex Domain
Subdomains		 Transfer
10 andiamoinbanca.com
andiamoinbanca.com
www.andiamoinbanca.com
1 MB
4 popmenucloud.com
popmenucloud.com — Cisco Umbrella Rank: 52943
36 KB
3 gstatic.com
fonts.gstatic.com
116 KB
1 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 864
7 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29
1 KB
1 sentry-cdn.com
js.sentry-cdn.com — Cisco Umbrella Rank: 6063
2 KB
19 6
Domain Requested by
8 www.andiamoinbanca.com www.andiamoinbanca.com
static.cloudflareinsights.com
4 popmenucloud.com www.andiamoinbanca.com
3 fonts.gstatic.com fonts.googleapis.com
2 andiamoinbanca.com 2 redirects
1 static.cloudflareinsights.com www.andiamoinbanca.com
1 fonts.googleapis.com www.andiamoinbanca.com
1 js.sentry-cdn.com www.andiamoinbanca.com
19 7

This site contains no links.

Subject Issuer Validity Valid
www.andiamoinbanca.com
E1		 2023-10-26 -
2024-01-24		 3 months crt.sh
*.sentry-cdn.com
GlobalSign Atlas R3 DV TLS CA 2023 Q3		 2023-08-01 -
2024-09-01		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-05-01 -
2024-04-30		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://www.andiamoinbanca.com/
Frame ID: 412795061F58905E9CA7DF5AA8B99145
Requests: 19 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Andiamo in Banca - Restaurant in South San Francisco, CA

Page URL History Show full URLs

  1. http://andiamoinbanca.com/ HTTP 301
    https://andiamoinbanca.com/ HTTP 301
    https://www.andiamoinbanca.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <[^>]+data-react
Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Page Statistics

19
Requests

95 %
HTTPS

0 %
IPv6

6
Domains

7
Subdomains

7
IPs

2
Countries

1240 kB
Transfer

2883 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://andiamoinbanca.com/ HTTP 301
    https://andiamoinbanca.com/ HTTP 301
    https://www.andiamoinbanca.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

19 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.andiamoinbanca.com/
Redirect Chain
  • http://andiamoinbanca.com/
  • https://andiamoinbanca.com/
  • https://www.andiamoinbanca.com/
248 KB
32 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.andiamoinbanca.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.196.13 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4849c7da0684f98f3b7c0be770b5d2a3460ce07c91c212faf0ccdcfa2b5234b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
it-IT,it;q=0.9

Response headers

cache-control
public, max-age=30
cf-cache-status
HIT
cf-ray
82f859b17c9a3761-MXP
content-encoding
br
content-type
text/html; charset=utf-8
date
Sun, 03 Dec 2023 02:23:55 GMT
expires
Sun, 03 Dec 2023 02:24:25 GMT
last-modified
Sun, 03 Dec 2023 01:49:35 GMT
link
</assets/shared-c2a860e5c0730dd6e77b7c47b5d5e6763fa32dd641778b9d8297f83bc1832cf6.css>; rel=preload; as=style; nopush,</assets/consumer-058aa47ac7dc8626794c194123a205615d7e735b9b44f11f4a03f55f6bf05d05.css>; rel=preload; as=style; nopush
popmenu-ratelimit-limit
1000000
popmenu-ratelimit-remaining
999999
popmenu-ratelimit-reset
1701568175
popmenu-version
901007ae9f665154380730556895042808a2d07f
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
vary
Accept-Encoding, Origin
x-content-type-options
nosniff
x-download-options
noopen
x-envoy-upstream-service-time
63
x-frame-options
SAMEORIGIN
x-permitted-cross-domain-policies
none
x-request-id
43481586-ea3e-4172-84c2-51f04a9f9051
x-runtime
0.055314
x-xss-protection
1; mode=block

Redirect headers

cache-control
public, max-age=30
cf-cache-status
EXPIRED
cf-ray
82f859b018044c43-MXP
content-type
text/html; charset=utf-8
date
Sun, 03 Dec 2023 02:23:55 GMT
expires
Sun, 03 Dec 2023 02:24:25 GMT
location
//www.andiamoinbanca.com
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
vary
Accept-Encoding, Origin
x-content-type-options
nosniff
x-download-options
noopen
x-envoy-upstream-service-time
31
x-frame-options
SAMEORIGIN
x-permitted-cross-domain-policies
none
x-request-id
ea26fe10-22b8-4854-b9f6-cbd8208eecb5
x-runtime
0.028562
x-xss-protection
1; mode=block
shared-c2a860e5c0730dd6e77b7c47b5d5e6763fa32dd641778b9d8297f83bc1832cf6.css
www.andiamoinbanca.com/assets/ 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.andiamoinbanca.com/assets/shared-c2a860e5c0730dd6e77b7c47b5d5e6763fa32dd641778b9d8297f83bc1832cf6.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.196.13 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d217d76214d2e694aa3016c59215af3e84a0b6ec8f8864b6a3bfd7de6da98df

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.andiamoinbanca.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 02:23:55 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Fri, 01 Dec 2023 14:24:28 GMT
server
cloudflare
cf-polished
origSize=7123
vary
Accept-Encoding, Origin
content-type
text/css
cache-control
public, max-age=31536000
x-envoy-upstream-service-time
1
cf-ray
82f859b26cd53761-MXP
expires
Mon, 02 Dec 2024 02:23:55 GMT
consumer-058aa47ac7dc8626794c194123a205615d7e735b9b44f11f4a03f55f6bf05d05.css
www.andiamoinbanca.com/assets/ 		150 KB
31 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.andiamoinbanca.com/assets/consumer-058aa47ac7dc8626794c194123a205615d7e735b9b44f11f4a03f55f6bf05d05.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.196.13 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
db18e7a0cfbc77c70b2b5cd7fed5909a5a5a27b80f374d77860683c2797857ee

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.andiamoinbanca.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 02:23:55 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Fri, 01 Dec 2023 14:24:28 GMT
server
cloudflare
vary
Accept-Encoding, Origin
content-type
text/css
cache-control
public, max-age=31536000
x-envoy-upstream-service-time
1
cf-ray
82f859b26cd63761-MXP
expires
Mon, 02 Dec 2024 02:23:55 GMT
ef5d9bbac3354b759bfd7a23c3313b3f.min.js
js.sentry-cdn.com/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.sentry-cdn.com/ef5d9bbac3354b759bfd7a23c3313b3f.min.js
Requested by
Host: www.andiamoinbanca.com
URL: https://www.andiamoinbanca.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d0ad98fb16f33fd1c080dd7c3f3e5fb905065ac525d68b416d303ccef16c3ee6
Security Headers
Name Value
Content-Security-Policy default-src 'none'; script-src 'self' 'unsafe-inline' 'report-sample' 'unsafe-eval' s1.sentry-cdn.com js.sentry-cdn.com browser.sentry-cdn.com statuspage-production.s3.amazonaws.com static.zdassets.com aui-cdn.atlassian.com connect-cdn.atl-paas.net js.stripe.com 'strict-dynamic' cdn.pendo.io data.pendo.io pendo-io-static.storage.googleapis.com pendo-static-5634074999128064.storage.googleapis.com; base-uri 'none'; frame-ancestors 'self' *.sentry.io; style-src 'unsafe-inline' *; font-src * data:; frame-src app.pendo.io js.stripe.com sentry.io; img-src blob: data: *; media-src *; connect-src 'self' *.algolia.net *.algolianet.com *.algolia.io sentry.io *.sentry.io s1.sentry-cdn.com o1.ingest.sentry.io api2.amplitude.com app.pendo.io data.pendo.io reload.getsentry.net t687h3m0nh65.statuspage.io sentry.zendesk.com ekr.zdassets.com maps.googleapis.com app.pendo.io; object-src 'self'; report-uri https://o1.ingest.sentry.io/api/54785/security/?sentry_key=f724a8a027db45f5b21507e7142ff78e&sentry_release=bf3d4d8ee4c8cd6755eea1f956fbcb76364b92bc
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.andiamoinbanca.com/
Origin
https://www.andiamoinbanca.com
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy
default-src 'none'; script-src 'self' 'unsafe-inline' 'report-sample' 'unsafe-eval' s1.sentry-cdn.com js.sentry-cdn.com browser.sentry-cdn.com statuspage-production.s3.amazonaws.com static.zdassets.com aui-cdn.atlassian.com connect-cdn.atl-paas.net js.stripe.com 'strict-dynamic' cdn.pendo.io data.pendo.io pendo-io-static.storage.googleapis.com pendo-static-5634074999128064.storage.googleapis.com; base-uri 'none'; frame-ancestors 'self' *.sentry.io; style-src 'unsafe-inline' *; font-src * data:; frame-src app.pendo.io js.stripe.com sentry.io; img-src blob: data: *; media-src *; connect-src 'self' *.algolia.net *.algolianet.com *.algolia.io sentry.io *.sentry.io s1.sentry-cdn.com o1.ingest.sentry.io api2.amplitude.com app.pendo.io data.pendo.io reload.getsentry.net t687h3m0nh65.statuspage.io sentry.zendesk.com ekr.zdassets.com maps.googleapis.com app.pendo.io; object-src 'self'; report-uri https://o1.ingest.sentry.io/api/54785/security/?sentry_key=f724a8a027db45f5b21507e7142ff78e&sentry_release=bf3d4d8ee4c8cd6755eea1f956fbcb76364b92bc
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 03 Dec 2023 02:23:55 GMT
strict-transport-security
max-age=31536000; includeSubDomains
age
2414
x-envoy-upstream-service-time
27
content-length
1217
x-xss-protection
1; mode=block
x-served-by
getsentry-web-default-common-production-dcfd7cfd5-n5f9p, cache-chi-klot8100041-CHI, cache-lin2290029-LIN
x-frame-options
deny
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=3600, s-maxage=60, stale-while-revalidate=315360000, stale-if-error=315360000
x-envoy-attempt-count
1
accept-ranges
bytes
timing-allow-origin
*
css
fonts.googleapis.com/ 		21 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Vollkorn:400,400i,700,700i|Montserrat:400,400i,700,700i|Playfair+Display:400,400i,700,700i&display=swap
Requested by
Host: www.andiamoinbanca.com
URL: https://www.andiamoinbanca.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f10.1e100.net
Software
ESF /
Resource Hash
a7b63683f3ab2fc4a610ce2d3d795b7c9f3312dc14952213f9cc79c19009ffbc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.andiamoinbanca.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 03 Dec 2023 02:23:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 03 Dec 2023 02:23:55 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 03 Dec 2023 02:23:55 GMT
b13471b0-2110-4915-8070-410b3aef2aa8.jpg
popmenucloud.com/cdn-cgi/image/width%3D1920%2Cheight%3D1920%2Cfit%3Dscale-down%2Cformat%3Dauto%2Cquality%3D20/hdakmqyj/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://popmenucloud.com/cdn-cgi/image/width%3D1920%2Cheight%3D1920%2Cfit%3Dscale-down%2Cformat%3Dauto%2Cquality%3D20/hdakmqyj/b13471b0-2110-4915-8070-410b3aef2aa8.jpg
Requested by
Host: www.andiamoinbanca.com
URL: https://www.andiamoinbanca.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.211.119 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2a82a1aa5e22898c7878dd59db4d768c247c0eddf38f75609204094a6e915f67
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options nosniff

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.andiamoinbanca.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 02:23:55 GMT
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options
nosniff
cf-cache-status
MISS
last-modified
Thu, 09 Jun 2022 19:54:06 GMT
cf-bgj
imgq:20,h2pri
server
cloudflare
etag
"cf5Y925zaanQBymURLFAPAxMQFl2HkeVyr79-XCUGQDQ:82b459cacd2e838ce15c9b11855d9cf6"
vary
Accept, Accept-Encoding
content-type
image/avif
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
82f859b2bf9bbaf7-MXP
content-length
17045
cf-resized
internal=ok/h q=0 n=14+170 c=0+0 v=2023.9.8 l=17045
83e6598a-f1f1-4888-86a8-73009d4d0b10.jpg
popmenucloud.com/cdn-cgi/image/width%3D320%2Cheight%3D320%2Cfit%3Dscale-down%2Cformat%3Dauto%2Cquality%3D5/hdakmqyj/ 		921 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://popmenucloud.com/cdn-cgi/image/width%3D320%2Cheight%3D320%2Cfit%3Dscale-down%2Cformat%3Dauto%2Cquality%3D5/hdakmqyj/83e6598a-f1f1-4888-86a8-73009d4d0b10.jpg
Requested by
Host: www.andiamoinbanca.com
URL: https://www.andiamoinbanca.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.211.119 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c7718d5592e152f22c95fe561507e42266d554e60f2153ba817c4d8ae734217a
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options nosniff

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.andiamoinbanca.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 02:23:55 GMT
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options
nosniff
cf-cache-status
MISS
last-modified
Thu, 09 Jun 2022 19:53:59 GMT
cf-bgj
imgq:5,h2pri
server
cloudflare
etag
"cf2eYIISzgApa_2kFve5Q7C4PzGnwiV6JvCWon1Zi0DQ:0a1dfe30157bdd937efa374faac6de19"
vary
Accept, Accept-Encoding
content-type
image/avif
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
82f859b2bf9cbaf7-MXP
content-length
921
cf-resized
internal=ok/h q=0 n=10+245 c=0+0 v=2023.9.8 l=921
88ed4bb4-96b4-4596-b7a4-b4c1f74a90ae.jpg
popmenucloud.com/cdn-cgi/image/width%3D320%2Cheight%3D320%2Cfit%3Dscale-down%2Cformat%3Dauto%2Cquality%3D5/hdakmqyj/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://popmenucloud.com/cdn-cgi/image/width%3D320%2Cheight%3D320%2Cfit%3Dscale-down%2Cformat%3Dauto%2Cquality%3D5/hdakmqyj/88ed4bb4-96b4-4596-b7a4-b4c1f74a90ae.jpg
Requested by
Host: www.andiamoinbanca.com
URL: https://www.andiamoinbanca.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.211.119 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f72b1c444470e4b9e855b68a05815e4084b9cacba5f474a5eb7c3bd3b2022c4f
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options nosniff

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.andiamoinbanca.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 02:23:55 GMT
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Thu, 09 Jun 2022 19:53:59 GMT
cf-bgj
imgq:5,h2pri
server
cloudflare
etag
"cfy50l-UBHXRyi6j9PPriCJX0EGnwiV6JvCWon1Zi0DQ:5c73c3c324a68727b84b81133fd730e1"
vary
Accept, Accept-Encoding
content-type
image/avif
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
82f859b2cfa6baf7-MXP
content-length
1189
cf-resized
internal=ok/h q=0 n=16+203 c=0+0 v=2023.9.8 l=1189
consumer-bundle.modern_consumer.b910ff6fa7a7aeb2d765.v1.js
www.andiamoinbanca.com/webpack/production/ 		0
497 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.andiamoinbanca.com/webpack/production/consumer-bundle.modern_consumer.b910ff6fa7a7aeb2d765.v1.js
Requested by
Host: www.andiamoinbanca.com
URL: https://www.andiamoinbanca.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.196.13 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.andiamoinbanca.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 02:23:55 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Fri, 01 Dec 2023 05:14:11 GMT
server
cloudflare
cf-polished
origSize=2277613
vary
Accept-Encoding, Origin
content-type
application/javascript
cache-control
public, max-age=31536000
x-envoy-upstream-service-time
1
cf-ray
82f859b2cce83761-MXP
expires
Mon, 02 Dec 2024 02:23:55 GMT
v84a3a4012de94ce1a686ba8c167c359c1696973893317
static.cloudflareinsights.com/beacon.min.js/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317
Requested by
Host: www.andiamoinbanca.com
URL: https://www.andiamoinbanca.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.56.101 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101

Request headers

Referer
https://www.andiamoinbanca.com/
Origin
https://www.andiamoinbanca.com
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 02:23:55 GMT
content-encoding
gzip
last-modified
Tue, 10 Oct 2023 21:38:13 GMT
server
cloudflare
etag
W/"2023.10.0"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
82f859b2ffe00e13-MXP
consumer-bundle.modern_consumer.b910ff6fa7a7aeb2d765.v1.js
www.andiamoinbanca.com/webpack/production/ 		2 MB
497 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.andiamoinbanca.com/webpack/production/consumer-bundle.modern_consumer.b910ff6fa7a7aeb2d765.v1.js
Requested by
Host: www.andiamoinbanca.com
URL: https://www.andiamoinbanca.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.196.13 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
462f35fa1525b76d5395d82910e3469cbe5e71de1b78bd0abc88c7235a7c55d2

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.andiamoinbanca.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 02:23:55 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Fri, 01 Dec 2023 05:14:11 GMT
server
cloudflare
age
0
cf-polished
origSize=2277613
vary
Accept-Encoding, Origin
content-type
application/javascript
cache-control
public, max-age=31536000
x-envoy-upstream-service-time
1
cf-ray
82f859b36d0e3761-MXP
expires
Mon, 02 Dec 2024 02:23:55 GMT
5210f350-cca8-4ca3-86a4-cd79d656c6c9.png
popmenucloud.com/cdn-cgi/image/width=300,height=300,format=auto,fit=scale-down/hdakmqyj/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://popmenucloud.com/cdn-cgi/image/width=300,height=300,format=auto,fit=scale-down/hdakmqyj/5210f350-cca8-4ca3-86a4-cd79d656c6c9.png
Requested by
Host: www.andiamoinbanca.com
URL: https://www.andiamoinbanca.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.211.119 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c83536a181449eb0faddf28a4d0408b6621a77986b74b7d2a4d9a6a7fbeb82d8
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options nosniff

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.andiamoinbanca.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 02:23:55 GMT
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Thu, 09 Jun 2022 19:49:46 GMT
cf-bgj
imgq:85,h2pri
server
cloudflare
etag
"cfvXa59v6KmP3b4j7qhqiYkTc-oYwEMUC5x5JzQUHmDQ:d3fe56204d03f29c6da7d8c06efe6743"
vary
Accept, Accept-Encoding
content-type
image/avif
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
82f859b36fe6baf7-MXP
content-length
15882
cf-resized
internal=ok/h q=0 n=10+72 c=0+0 v=2023.9.8 l=15882
0yb9GDoxxrvAnPhYGxkpaE0.woff2
fonts.gstatic.com/s/vollkorn/v23/ 		45 KB
46 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/vollkorn/v23/0yb9GDoxxrvAnPhYGxkpaE0.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Vollkorn:400,400i,700,700i|Montserrat:400,400i,700,700i|Playfair+Display:400,400i,700,700i&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f3.1e100.net
Software
sffe /
Resource Hash
bb27b60db2c5fb11d568ae6cf79a8977df9796a2cfcd37b46162a49b09b96c01
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.andiamoinbanca.com
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 07:20:01 GMT
x-content-type-options
nosniff
age
68634
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
46448
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 22:26:22 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 01 Dec 2024 07:20:01 GMT
nuFiD-vYSZviVYUb_rj3ij__anPXDTzYgA.woff2
fonts.gstatic.com/s/playfairdisplay/v36/ 		37 KB
37 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/playfairdisplay/v36/nuFiD-vYSZviVYUb_rj3ij__anPXDTzYgA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Vollkorn:400,400i,700,700i|Montserrat:400,400i,700,700i|Playfair+Display:400,400i,700,700i&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f3.1e100.net
Software
sffe /
Resource Hash
b06a5d272de6f4e0ba3f8db8338da394f8716987f7a7e764a22b6e903c0f94cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.andiamoinbanca.com
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 23:58:03 GMT
x-content-type-options
nosniff
age
95152
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37964
x-xss-protection
0
last-modified
Thu, 24 Aug 2023 20:43:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 30 Nov 2024 23:58:03 GMT
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v26/ 		32 KB
32 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Vollkorn:400,400i,700,700i|Montserrat:400,400i,700,700i|Playfair+Display:400,400i,700,700i&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f3.1e100.net
Software
sffe /
Resource Hash
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.andiamoinbanca.com
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 07:18:49 GMT
x-content-type-options
nosniff
age
68706
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33092
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 22:51:58 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 01 Dec 2024 07:18:49 GMT
8873.modern_consumer.14ba506139385f47202d.v1.js
www.andiamoinbanca.com/webpack/production/ 		57 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.andiamoinbanca.com/webpack/production/8873.modern_consumer.14ba506139385f47202d.v1.js
Requested by
Host: www.andiamoinbanca.com
URL: https://www.andiamoinbanca.com/webpack/production/consumer-bundle.modern_consumer.b910ff6fa7a7aeb2d765.v1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.196.13 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
167f757135c6326175fbcb5d9ee74a26038c20b8dbbdc28cf1ec66652bc82c97

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.andiamoinbanca.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 02:23:55 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Fri, 01 Dec 2023 05:14:11 GMT
server
cloudflare
cf-polished
origSize=58651
vary
Accept-Encoding, Origin
content-type
application/javascript
cache-control
public, max-age=31536000
x-envoy-upstream-service-time
2
cf-ray
82f859b4fd703761-MXP
expires
Mon, 02 Dec 2024 02:23:55 GMT
eventable.modern_consumer.aa8d24ab9a68878d27d6.v1.js
www.andiamoinbanca.com/webpack/production/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.andiamoinbanca.com/webpack/production/eventable.modern_consumer.aa8d24ab9a68878d27d6.v1.js
Requested by
Host: www.andiamoinbanca.com
URL: https://www.andiamoinbanca.com/webpack/production/consumer-bundle.modern_consumer.b910ff6fa7a7aeb2d765.v1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.196.13 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b126fac077cae3c086f1a42b796d5ccab6546bb7e0de342e73211aa2fe52952d

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.andiamoinbanca.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 02:23:55 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Fri, 01 Dec 2023 05:14:11 GMT
server
cloudflare
cf-polished
origSize=4251
vary
Accept-Encoding, Origin
content-type
application/javascript
cache-control
public, max-age=31536000
x-envoy-upstream-service-time
1
cf-ray
82f859b4fd723761-MXP
expires
Mon, 02 Dec 2024 02:23:55 GMT
17659b75-8d96-4f7c-b4ff-4d7bf754da38
https://www.andiamoinbanca.com/ 		300 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.andiamoinbanca.com/17659b75-8d96-4f7c-b4ff-4d7bf754da38
Requested by
Host: www.andiamoinbanca.com
URL: https://www.andiamoinbanca.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
add6bb614b4cb833883191bc02f55e7bf6ab110ad3229f7e933810fa0eed41e5

Request headers

accept-language
it-IT,it;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Length
300
Content-Type
text/javascript
rum
www.andiamoinbanca.com/cdn-cgi/ 		0
154 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.andiamoinbanca.com/cdn-cgi/rum?
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.196.13 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.andiamoinbanca.com/
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type
application/json

Response headers

date
Sun, 03 Dec 2023 02:23:55 GMT
x-content-type-options
nosniff
server
cloudflare
vary
Origin
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://www.andiamoinbanca.com
x-frame-options
DENY
access-control-allow-credentials
true
cf-ray
82f859b5edd93761-MXP

Verdicts & Comments Add Verdict or Comment

30 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture function| popmenuIsModernBrowser function| popmenuInjectChunksTags function| popmenuResolveFirstInteractionForTests object| popmenuFirstInteraction object| Sentry function| popmenuHydrated boolean| sentryTracingEnabled function| isSentryLoading function| isSentryLoaded function| loadSentry string| sentryLazy function| sentryCaptureMessage function| sentryCaptureException object| POPMENU_APOLLO_STATE object| POPMENU_SERVER_SIDE_MEMO object| popmenuLatePrefetchingBundles object| __cfBeacon object| __LOADABLE_LOADED_CHUNKS__ object| regeneratorRuntime object| ReactOnRails boolean| __REACT_ON_RAILS_EVENT_HANDLERS_RAN_ONCE__ object| IntlPolyfill object| __REACT_INTL_CONTEXT__ number| 2f1acc6c3a606b082e5eef5e54414ffb function| popmenuResolveFirstInteractionTimeout object| __APOLLO_CLIENT__ object| POPMENU_CLIENT boolean| popmenuHydrationFinished string| __x

3 Cookies

Domain/Path Name / Value
.andiamoinbanca.com/ Name: __cfruid
Value: 6509bdc9eff982c6ebc0e5279f69d369fff406b6-1701570234
.andiamoinbanca.com/ Name: __cf_bm
Value: YGhMOnGnPkRwrDvV_IdcGosvDEYCKJNSP2hQaRB.7x8-1701570235-0-AYpRrSvVw/rb2McLxlwthj7wurXMle9Ujhi/DumMOH99jnfSH8HwolACRb2p1aaW/PUlYTV815W9Vsd1FJHJy2o=
.popmenucloud.com/ Name: __cf_bm
Value: nvaAJ00FIaww4qUgUyUHqi_P.U3lFod9oUgGxS7Fpc8-1701570235-0-AVuI/TJ+VfIB/8ShcigMxDyjxKkay58xLHp0K2Dc9U1F99zhAH/jSaWasrGeiuVFrcfC+sc3cd379WM4I4XdZ0Q=

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

andiamoinbanca.com
fonts.googleapis.com
fonts.gstatic.com
js.sentry-cdn.com
popmenucloud.com
static.cloudflareinsights.com
www.andiamoinbanca.com
104.16.196.13
104.16.56.101
104.18.211.119
104.19.153.75
142.250.185.227
142.250.186.138
151.101.66.217
167f757135c6326175fbcb5d9ee74a26038c20b8dbbdc28cf1ec66652bc82c97
2a82a1aa5e22898c7878dd59db4d768c247c0eddf38f75609204094a6e915f67
462f35fa1525b76d5395d82910e3469cbe5e71de1b78bd0abc88c7235a7c55d2
4849c7da0684f98f3b7c0be770b5d2a3460ce07c91c212faf0ccdcfa2b5234b2
5d217d76214d2e694aa3016c59215af3e84a0b6ec8f8864b6a3bfd7de6da98df
6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101
a7b63683f3ab2fc4a610ce2d3d795b7c9f3312dc14952213f9cc79c19009ffbc
add6bb614b4cb833883191bc02f55e7bf6ab110ad3229f7e933810fa0eed41e5
b06a5d272de6f4e0ba3f8db8338da394f8716987f7a7e764a22b6e903c0f94cf
b126fac077cae3c086f1a42b796d5ccab6546bb7e0de342e73211aa2fe52952d
bb27b60db2c5fb11d568ae6cf79a8977df9796a2cfcd37b46162a49b09b96c01
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
c7718d5592e152f22c95fe561507e42266d554e60f2153ba817c4d8ae734217a
c83536a181449eb0faddf28a4d0408b6621a77986b74b7d2a4d9a6a7fbeb82d8
d0ad98fb16f33fd1c080dd7c3f3e5fb905065ac525d68b416d303ccef16c3ee6
db18e7a0cfbc77c70b2b5cd7fed5909a5a5a27b80f374d77860683c2797857ee
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f72b1c444470e4b9e855b68a05815e4084b9cacba5f474a5eb7c3bd3b2022c4f