urlscan.io logo urlscan.io
SecurityTrails logo

leadplaza.it Open in urlscan Pro
135.125.9.57  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://news.bonusinyourinbox.com/VlBDVF8NztsOQzA/AANAvWtK5jUdU3dkYyosgppEYVaF8_Xa-4ORP812jknLIwgHquOY4zPXUsia03JVN0thAkiCzfdOYKN2...
Effective URL: https://leadplaza.it/iltuo_prestito2022/?nome=&cognome=&email=&aff_sub=XXXX&aff_id=1304&importo=&lp=n&advice_id=102ec...
Submission: On December 20 via manual from IT — Scanned from ES
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 13 IPs in 8 countries across 13 domains to perform 32 HTTP transactions. The main IP is 135.125.9.57, located in France and belongs to OVH, FR. The main domain is leadplaza.it.
TLS certificate: Issued by R3 on November 23rd 2023. Valid for: 3 months.
This is the only time leadplaza.it was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 130.193.104.10 197518 (RACKMARKT)
1 192.46.236.54 63949 (AKAMAI-LI...)
1 1 18.202.89.33 16509 (AMAZON-02)
12 135.125.9.57 16276 (OVH)
1 2a00:1450:400... 15169 (GOOGLE)
4 95.211.66.34 60781 (LEASEWEB-...)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 46.8.152.14 213119 (ALZ-SOFTW...)
2 2.19.106.209 16625 (AKAMAI-AS)
1 2001:4860:480... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 70.42.32.223 13789 (INTERNAP-...)
32 13
1    130.193.104.10 (Spain)

ASN197518 (RACKMARKT, ES)
news.bonusinyourinbox.com
1    192.46.236.54 (Frankfurt am Main, Germany)

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: 192-46-236-54.ip.linodeusercontent.com
spt.ynk4you.com
1    18.202.89.33 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-202-89-33.eu-west-1.compute.amazonaws.com
aff.rapidaconsegna.it
12    135.125.9.57 (France)

ASN16276 (OVH, FR)
PTR: ns3186739.ip-135-125-9.eu
leadplaza.it
1    2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
4    95.211.66.34 (Alphen aan den Rijn, Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: hosted-by.leaseweb.com
clickiocmp.com
up.clickiocdn.com
s.clickiocdn.com
1    2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
3    2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    46.8.152.14 (London, United Kingdom)

ASN213119 (ALZ-SOFTWARE-AS, GB)
cdn.clickiocdn.com
2    2.19.106.209 (Düsseldorf, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-106-209.deploy.static.akamaitechnologies.com
amplify.outbrain.com
wave.outbrain.com
1    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
1    2a00:1450:400c:c06::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.es
2    70.42.32.223 (United States)

ASN13789 (INTERNAP-BLK3, US)
PTR: ny.outbrain.com
tr.outbrain.com
Apex Domain
Subdomains		 Transfer
12 leadplaza.it
leadplaza.it
831 KB
4 outbrain.com
amplify.outbrain.com — Cisco Umbrella Rank: 2795
tr.outbrain.com — Cisco Umbrella Rank: 2619
wave.outbrain.com — Cisco Umbrella Rank: 2771
9 KB
4 clickiocdn.com
up.clickiocdn.com — Cisco Umbrella Rank: 46816
cdn.clickiocdn.com — Cisco Umbrella Rank: 147063
s.clickiocdn.com — Cisco Umbrella Rank: 45905
110 KB
3 gstatic.com
fonts.gstatic.com
68 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 36
158 KB
2 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 340
fonts.googleapis.com — Cisco Umbrella Rank: 29
33 KB
1 google.es
www.google.es — Cisco Umbrella Rank: 25078
408 B
1 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 75
243 B
1 google.com
region1.analytics.google.com — Cisco Umbrella Rank: 2693
252 B
1 clickiocmp.com
clickiocmp.com — Cisco Umbrella Rank: 74630
74 KB
1 rapidaconsegna.it
aff.rapidaconsegna.it
2 KB
1 ynk4you.com
spt.ynk4you.com — Cisco Umbrella Rank: 684287
735 B
1 bonusinyourinbox.com
news.bonusinyourinbox.com
152 B
32 13
Domain Requested by
12 leadplaza.it leadplaza.it
3 fonts.gstatic.com fonts.googleapis.com
2 tr.outbrain.com amplify.outbrain.com
2 up.clickiocdn.com leadplaza.it
2 www.googletagmanager.com leadplaza.it
www.googletagmanager.com
1 wave.outbrain.com amplify.outbrain.com
1 s.clickiocdn.com clickiocmp.com
1 www.google.es leadplaza.it
1 stats.g.doubleclick.net www.googletagmanager.com
1 region1.analytics.google.com www.googletagmanager.com
1 amplify.outbrain.com www.googletagmanager.com
1 cdn.clickiocdn.com clickiocmp.com
1 fonts.googleapis.com leadplaza.it
1 clickiocmp.com leadplaza.it
1 ajax.googleapis.com leadplaza.it
1 aff.rapidaconsegna.it 1 redirects
1 spt.ynk4you.com
1 news.bonusinyourinbox.com 1 redirects
32 18

This site contains links to these domains. Also see Links.

Domain
cdn.signorprestito.it
privacy.signorprestito.it
bit.ly
www.adviceme.it
clickio.com
Subject Issuer Validity Valid
spt.ynk4you.com
R3		 2023-11-20 -
2024-02-18		 3 months crt.sh
leadplaza.it
R3		 2023-11-23 -
2024-02-21		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
s.clickiocdn.com
R3		 2023-11-29 -
2024-02-27		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.clickiocdn.com
R3		 2023-10-24 -
2024-01-22		 3 months crt.sh
*.clickio.com
R3		 2023-11-16 -
2024-02-14		 3 months crt.sh
*.outbrain.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-12-14 -
2024-12-14		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.google.es
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://leadplaza.it/iltuo_prestito2022/?nome=&cognome=&email=&aff_sub=XXXX&aff_id=1304&importo=&lp=n&advice_id=102eca8f85f4d853e0d8f68d331407
Frame ID: 4C005749C3DBA2B1BC5A87DC4D66F82F
Requests: 32 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Page URL History Show full URLs

  1. https://aff.rapidaconsegna.it/aff_c?offer_id=1813&aff_id=1304&file_id=17208&aff_sub=XXXX&dest=iltuo_presti... HTTP 302
    https://leadplaza.it/iltuo_prestito2022/?nome=&cognome=&email=&aff_sub=XXXX&aff_id=1304&importo=&... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

32
Requests

100 %
HTTPS

47 %
IPv6

13
Domains

18
Subdomains

13
IPs

8
Countries

1285 kB
Transfer

2328 kB
Size

10
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://aff.rapidaconsegna.it/aff_c?offer_id=1813&aff_id=1304&file_id=17208&aff_sub=XXXX&dest=iltuo_prestito2022/&nome=&cognome=&email=&rate=&importo=&aff_sub5=eopdvtijkwzm1j0xys9C163411502 HTTP 302
    https://leadplaza.it/iltuo_prestito2022/?nome=&cognome=&email=&aff_sub=XXXX&aff_id=1304&importo=&lp=n&advice_id=102eca8f85f4d853e0d8f68d331407 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://news.bonusinyourinbox.com/VlBDVF8NztsOQzA/AANAvWtK5jUdU3dkYyosgppEYVaF8_Xa-4ORP812jknLIwgHquOY4zPXUsia03JVN0thAkiCzfdOYKN21PtS-4mOVdeUCSY-gHQcEcHSWS5IX6bVztElrbwvhtrmUl2ekX4LX4SCmztQR3ExEZHi89VENEoeISqG6c-QLoGXzUPmt471Uo5GIshtScWUssmIER9nnS1Op6dHsH-eo8__5B19WUENU HTTP 302
  • https://spt.ynk4you.com/v2/click/eopdvtijkwzm1j0xys9

32 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
eopdvtijkwzm1j0xys9
spt.ynk4you.com/v2/click/
Redirect Chain
  • https://news.bonusinyourinbox.com/VlBDVF8NztsOQzA/AANAvWtK5jUdU3dkYyosgppEYVaF8_Xa-4ORP812jknLIwgHquOY4zPXUsia03JVN0thAkiCzfdOYKN21PtS-4mOVdeUCSY-gHQcEcHSWS5IX6bVztElrbwvhtrmUl2ekX4LX4SCmztQR3ExEZH...
  • https://spt.ynk4you.com/v2/click/eopdvtijkwzm1j0xys9
0
735 B 		Document
General
Check archive.org
Download Go to
Full URL
https://spt.ynk4you.com/v2/click/eopdvtijkwzm1j0xys9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.46.236.54 Frankfurt am Main, Germany, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
192-46-236-54.ip.linodeusercontent.com
Software
openresty / PHP/7.4.28
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
es-ES,es;q=0.9

Response headers

content-encoding
gzip
content-length
20
content-type
text/html; charset=UTF-8
date
Wed, 20 Dec 2023 15:17:12 GMT
p3p
policyref="http://spt.ynk4you.com/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa OUR NOR UNI COM NAV INT";
refresh
0; URL=https://aff.rapidaconsegna.it/aff_c?offer_id=1813&aff_id=1304&file_id=17208&aff_sub=XXXX&dest=iltuo_prestito2022/&nome=&cognome=&email=&rate=&importo=&aff_sub5=eopdvtijkwzm1j0xys9C163411502
server
openresty
vary
Accept-Encoding
x-powered-by
PHP/7.4.28
x-robots-tag
noindex
x-served-by
spt.ynk4you.com

Redirect headers

content-length
2
content-type
text/html; charset=UTF-8
date
Wed, 20 Dec 2023 15:18:07 GMT
location
https://spt.ynk4you.com/v2/click/eopdvtijkwzm1j0xys9
server
Apache/2.4.52 (Ubuntu)
Primary Request /
leadplaza.it/iltuo_prestito2022/
Redirect Chain
  • https://aff.rapidaconsegna.it/aff_c?offer_id=1813&aff_id=1304&file_id=17208&aff_sub=XXXX&dest=iltuo_prestito2022/&nome=&cognome=&email=&rate=&importo=&aff_sub5=eopdvtijkwzm1j0xys9C163411502
  • https://leadplaza.it/iltuo_prestito2022/?nome=&cognome=&email=&aff_sub=XXXX&aff_id=1304&importo=&lp=n&advice_id=102eca8f85f4d853e0d8f68d331407
25 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://leadplaza.it/iltuo_prestito2022/?nome=&cognome=&email=&aff_sub=XXXX&aff_id=1304&importo=&lp=n&advice_id=102eca8f85f4d853e0d8f68d331407
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
135.125.9.57 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3186739.ip-135-125-9.eu
Software
nginx / PHP/5.4.45 PleskLin
Resource Hash
03faa66c9a34454a2d7463ea13a625872001e6353bd65c542fbbef45f4cf3d1e

Request headers

Referer
https://spt.ynk4you.com/v2/click/eopdvtijkwzm1j0xys9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
es-ES,es;q=0.9

Response headers

cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-encoding
br
content-type
text/html
date
Wed, 20 Dec 2023 15:18:08 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
pragma
no-cache
server
nginx
x-powered-by
PHP/5.4.45 PleskLin

Redirect headers

Access-Control-Allow-Headers
Tune-SDK-Version
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
354
Content-Type
text/html; charset=iso-8859-1
Date
Wed, 20 Dec 2023 15:18:08 GMT
Expires
Sat, 26 Jul 1997 05:00:00 GMT
Location
https://leadplaza.it/iltuo_prestito2022/?nome=&cognome=&email=&aff_sub=XXXX&aff_id=1304&importo=&lp=n&advice_id=102eca8f85f4d853e0d8f68d331407
P3p
CP="NOI CUR OUR NOR INT"
Pragma
no-cache
Server
nginx
Tracking_id
102eca8f85f4d853e0d8f68d331407
X-Request-Id
76cf927a57ee67febc34b99ec649a6e3
X-Robots-Tag
noindex, nofollow
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.6.2/ 		89 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.6.2/jquery.min.js
Requested by
Host: leadplaza.it
URL: https://leadplaza.it/iltuo_prestito2022/?nome=&cognome=&email=&aff_sub=XXXX&aff_id=1304&importo=&lp=n&advice_id=102eca8f85f4d853e0d8f68d331407
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d16d07a0353405fcec95f7efc50a2621bc7425f9a5e8895078396fb0dc460c4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://leadplaza.it/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 08:59:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
109096
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32245
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 18 Dec 2024 08:59:52 GMT
style.css
leadplaza.it/iltuo_prestito2022/ 		11 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://leadplaza.it/iltuo_prestito2022/style.css
Requested by
Host: leadplaza.it
URL: https://leadplaza.it/iltuo_prestito2022/?nome=&cognome=&email=&aff_sub=XXXX&aff_id=1304&importo=&lp=n&advice_id=102eca8f85f4d853e0d8f68d331407
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
135.125.9.57 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3186739.ip-135-125-9.eu
Software
nginx / PleskLin
Resource Hash
12c818641ffaf0e19183c033c9117fd92c1dae0237821f4f39aa75fabf22c26b

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://leadplaza.it/iltuo_prestito2022/?nome=&cognome=&email=&aff_sub=XXXX&aff_id=1304&importo=&lp=n&advice_id=102eca8f85f4d853e0d8f68d331407
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 15:18:08 GMT
content-encoding
br
last-modified
Tue, 10 Oct 2023 07:35:48 GMT
server
nginx
etag
W/"6524fed4-2aa5"
x-powered-by
PleskLin
content-type
text/css
consent_224765.js
clickiocmp.com/t/ 		208 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://clickiocmp.com/t/consent_224765.js
Requested by
Host: leadplaza.it
URL: https://leadplaza.it/iltuo_prestito2022/?nome=&cognome=&email=&aff_sub=XXXX&aff_id=1304&importo=&lp=n&advice_id=102eca8f85f4d853e0d8f68d331407
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
95.211.66.34 Alphen aan den Rijn, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
hosted-by.leaseweb.com
Software
nginx/1.20.1 /
Resource Hash
dfa85498ae211b2a5da0e258c15c649d0ba16cda70cd4a63d5f26239d226d5c0

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://leadplaza.it/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 15:18:08 GMT
content-encoding
gzip
last-modified
Mon, 20 Nov 2023 13:11:47 GMT
server
nginx/1.20.1
etag
W/"655b5b13-340d4"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
iseu
eu
cache-control
max-age=60
expires
Wed, 20 Dec 2023 15:19:08 GMT
css2
fonts.googleapis.com/ 		8 KB
1012 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Lato:ital,wght@0,100;0,300;0,400;0,700;0,900;1,100;1,300;1,400;1,700;1,900&display=swap
Requested by
Host: leadplaza.it
URL: https://leadplaza.it/iltuo_prestito2022/?nome=&cognome=&email=&aff_sub=XXXX&aff_id=1304&importo=&lp=n&advice_id=102eca8f85f4d853e0d8f68d331407
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3dd5fbdf219d660d206f06bd5e0b4aaf1298c6f795a196ddceb3a69526947f66
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://leadplaza.it/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 20 Dec 2023 15:18:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 20 Dec 2023 13:37:58 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 20 Dec 2023 15:18:08 GMT
popup.js
leadplaza.it/iltuo_prestito2022/js/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://leadplaza.it/iltuo_prestito2022/js/popup.js
Requested by
Host: leadplaza.it
URL: https://leadplaza.it/iltuo_prestito2022/?nome=&cognome=&email=&aff_sub=XXXX&aff_id=1304&importo=&lp=n&advice_id=102eca8f85f4d853e0d8f68d331407
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
135.125.9.57 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3186739.ip-135-125-9.eu
Software
nginx /
Resource Hash

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://leadplaza.it/iltuo_prestito2022/?nome=&cognome=&email=&aff_sub=XXXX&aff_id=1304&importo=&lp=n&advice_id=102eca8f85f4d853e0d8f68d331407
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 15:18:08 GMT
content-encoding
br
last-modified
Mon, 09 Mar 2015 10:36:43 GMT
server
nginx
etag
W/"3fe-510d89c3124c0"
content-type
text/html
apertura.jpg
leadplaza.it/iltuo_prestito2022/ 		363 KB
363 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://leadplaza.it/iltuo_prestito2022/apertura.jpg
Requested by
Host: leadplaza.it
URL: https://leadplaza.it/iltuo_prestito2022/?nome=&cognome=&email=&aff_sub=XXXX&aff_id=1304&importo=&lp=n&advice_id=102eca8f85f4d853e0d8f68d331407
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
135.125.9.57 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3186739.ip-135-125-9.eu
Software
nginx / PleskLin
Resource Hash
f35c5d040f8829b3db247f444f99eed3d683f199e61f08620622a241d200bdb9

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://leadplaza.it/iltuo_prestito2022/?nome=&cognome=&email=&aff_sub=XXXX&aff_id=1304&importo=&lp=n&advice_id=102eca8f85f4d853e0d8f68d331407
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 15:18:08 GMT
last-modified
Thu, 05 Oct 2023 16:17:59 GMT
server
nginx
etag
"651ee1b7-5aa5f"
x-powered-by
PleskLin
content-type
image/jpeg
accept-ranges
bytes
content-length
371295
testo.png
leadplaza.it/iltuo_prestito2022/ 		67 KB
67 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://leadplaza.it/iltuo_prestito2022/testo.png
Requested by
Host: leadplaza.it
URL: https://leadplaza.it/iltuo_prestito2022/?nome=&cognome=&email=&aff_sub=XXXX&aff_id=1304&importo=&lp=n&advice_id=102eca8f85f4d853e0d8f68d331407
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
135.125.9.57 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3186739.ip-135-125-9.eu
Software
nginx / PleskLin
Resource Hash
4ded34abae28d605c585d4375d417525522e71001457e8dc97e661f4b6133a50

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://leadplaza.it/iltuo_prestito2022/?nome=&cognome=&email=&aff_sub=XXXX&aff_id=1304&importo=&lp=n&advice_id=102eca8f85f4d853e0d8f68d331407
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 15:18:08 GMT
last-modified
Fri, 13 Oct 2023 13:53:03 GMT
server
nginx
etag
"65294bbf-10b72"
x-powered-by
PleskLin
content-type
image/png
accept-ranges
bytes
content-length
68466
assicurazioni.png
leadplaza.it/iltuo_prestito2022/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://leadplaza.it/iltuo_prestito2022/assicurazioni.png
Requested by
Host: leadplaza.it
URL: https://leadplaza.it/iltuo_prestito2022/?nome=&cognome=&email=&aff_sub=XXXX&aff_id=1304&importo=&lp=n&advice_id=102eca8f85f4d853e0d8f68d331407
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
135.125.9.57 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3186739.ip-135-125-9.eu
Software
nginx / PleskLin
Resource Hash
702d5e07de50905e95fc8ba8967540167647ae8b9100862fffedfa2f1a7ce91e

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://leadplaza.it/iltuo_prestito2022/?nome=&cognome=&email=&aff_sub=XXXX&aff_id=1304&importo=&lp=n&advice_id=102eca8f85f4d853e0d8f68d331407
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 15:18:08 GMT
last-modified
Thu, 05 Oct 2023 16:17:56 GMT
server
nginx
etag
"651ee1b4-175a"
x-powered-by
PleskLin
content-type
image/png
accept-ranges
bytes
content-length
5978
rate.png
leadplaza.it/iltuo_prestito2022/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://leadplaza.it/iltuo_prestito2022/rate.png
Requested by
Host: leadplaza.it
URL: https://leadplaza.it/iltuo_prestito2022/?nome=&cognome=&email=&aff_sub=XXXX&aff_id=1304&importo=&lp=n&advice_id=102eca8f85f4d853e0d8f68d331407
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
135.125.9.57 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3186739.ip-135-125-9.eu
Software
nginx / PleskLin
Resource Hash
2747571741b6a873be6a405d67af325ec7719ce55a028c757cda96cb2c3deeb8

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://leadplaza.it/iltuo_prestito2022/?nome=&cognome=&email=&aff_sub=XXXX&aff_id=1304&importo=&lp=n&advice_id=102eca8f85f4d853e0d8f68d331407
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 15:18:08 GMT
last-modified
Thu, 05 Oct 2023 16:17:56 GMT
server
nginx
etag
"651ee1b4-1423"
x-powered-by
PleskLin
content-type
image/png
accept-ranges
bytes
content-length
5155
garanzie.png
leadplaza.it/iltuo_prestito2022/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://leadplaza.it/iltuo_prestito2022/garanzie.png
Requested by
Host: leadplaza.it
URL: https://leadplaza.it/iltuo_prestito2022/?nome=&cognome=&email=&aff_sub=XXXX&aff_id=1304&importo=&lp=n&advice_id=102eca8f85f4d853e0d8f68d331407
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
135.125.9.57 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3186739.ip-135-125-9.eu
Software
nginx / PleskLin
Resource Hash
22d40e16c1bfa5a17f7f081b968c4b032d0f20222b0ec973c645e27dd9e37586

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://leadplaza.it/iltuo_prestito2022/?nome=&cognome=&email=&aff_sub=XXXX&aff_id=1304&importo=&lp=n&advice_id=102eca8f85f4d853e0d8f68d331407
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 15:18:08 GMT
last-modified
Thu, 05 Oct 2023 16:17:56 GMT
server
nginx
etag
"651ee1b4-10c4"
x-powered-by
PleskLin
content-type
image/png
accept-ranges
bytes
content-length
4292
3.png
leadplaza.it/iltuo_prestito2022/ 		74 KB
74 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://leadplaza.it/iltuo_prestito2022/3.png
Requested by
Host: leadplaza.it
URL: https://leadplaza.it/iltuo_prestito2022/?nome=&cognome=&email=&aff_sub=XXXX&aff_id=1304&importo=&lp=n&advice_id=102eca8f85f4d853e0d8f68d331407
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
135.125.9.57 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3186739.ip-135-125-9.eu
Software
nginx / PleskLin
Resource Hash
9a3d6523ec9c13b6f40716c1390b2c19dc501ca3ee619f6edcff1b63133b8a6f

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://leadplaza.it/iltuo_prestito2022/?nome=&cognome=&email=&aff_sub=XXXX&aff_id=1304&importo=&lp=n&advice_id=102eca8f85f4d853e0d8f68d331407
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 15:18:08 GMT
last-modified
Thu, 05 Oct 2023 16:15:09 GMT
server
nginx
etag
"651ee10d-127ad"
x-powered-by
PleskLin
content-type
image/png
accept-ranges
bytes
content-length
75693
1.png
leadplaza.it/iltuo_prestito2022/ 		61 KB
61 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://leadplaza.it/iltuo_prestito2022/1.png
Requested by
Host: leadplaza.it
URL: https://leadplaza.it/iltuo_prestito2022/?nome=&cognome=&email=&aff_sub=XXXX&aff_id=1304&importo=&lp=n&advice_id=102eca8f85f4d853e0d8f68d331407
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
135.125.9.57 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3186739.ip-135-125-9.eu
Software
nginx / PleskLin
Resource Hash
cecdbd861f3dd34c202170ae32113bdaa748ccbaa07d36fad6e8431e94da3ba3

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://leadplaza.it/iltuo_prestito2022/?nome=&cognome=&email=&aff_sub=XXXX&aff_id=1304&importo=&lp=n&advice_id=102eca8f85f4d853e0d8f68d331407
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 15:18:08 GMT
last-modified
Thu, 05 Oct 2023 16:15:09 GMT
server
nginx
etag
"651ee10d-f3b6"
x-powered-by
PleskLin
content-type
image/png
accept-ranges
bytes
content-length
62390
2.png
leadplaza.it/iltuo_prestito2022/ 		66 KB
66 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://leadplaza.it/iltuo_prestito2022/2.png
Requested by
Host: leadplaza.it
URL: https://leadplaza.it/iltuo_prestito2022/?nome=&cognome=&email=&aff_sub=XXXX&aff_id=1304&importo=&lp=n&advice_id=102eca8f85f4d853e0d8f68d331407
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
135.125.9.57 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3186739.ip-135-125-9.eu
Software
nginx / PleskLin
Resource Hash
e93d793f339f5d67c1d09fb61210e1520f98a37c926bd86d096139fdf308caee

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://leadplaza.it/iltuo_prestito2022/?nome=&cognome=&email=&aff_sub=XXXX&aff_id=1304&importo=&lp=n&advice_id=102eca8f85f4d853e0d8f68d331407
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 15:18:08 GMT
last-modified
Thu, 05 Oct 2023 16:15:09 GMT
server
nginx
etag
"651ee10d-10686"
x-powered-by
PleskLin
content-type
image/png
accept-ranges
bytes
content-length
67206
recensioni.jpg
leadplaza.it/iltuo_prestito2022/ 		175 KB
175 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://leadplaza.it/iltuo_prestito2022/recensioni.jpg
Requested by
Host: leadplaza.it
URL: https://leadplaza.it/iltuo_prestito2022/?nome=&cognome=&email=&aff_sub=XXXX&aff_id=1304&importo=&lp=n&advice_id=102eca8f85f4d853e0d8f68d331407
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
135.125.9.57 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3186739.ip-135-125-9.eu
Software
nginx / PleskLin
Resource Hash
07da5980c7a81b51a4cea92a8380b8d69927326092b56f954028d5219bcf5c96

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://leadplaza.it/iltuo_prestito2022/?nome=&cognome=&email=&aff_sub=XXXX&aff_id=1304&importo=&lp=n&advice_id=102eca8f85f4d853e0d8f68d331407
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 15:18:08 GMT
last-modified
Thu, 05 Oct 2023 16:17:57 GMT
server
nginx
etag
"651ee1b5-2bb61"
x-powered-by
PleskLin
content-type
image/jpeg
accept-ranges
bytes
content-length
179041
gtm.js
www.googletagmanager.com/ 		200 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-W4QKX97
Requested by
Host: leadplaza.it
URL: https://leadplaza.it/iltuo_prestito2022/?nome=&cognome=&email=&aff_sub=XXXX&aff_id=1304&importo=&lp=n&advice_id=102eca8f85f4d853e0d8f68d331407
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
4fe3c730203590fc722b1b6be6bd18c3fae60b86c858f8560ba55743eba34353
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://leadplaza.it/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 15:18:08 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
71544
x-xss-protection
0
last-modified
Wed, 20 Dec 2023 15:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 20 Dec 2023 15:18:08 GMT
S6u9w4BMUTPHh50XSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ 		22 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh50XSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:ital,wght@0,100;0,300;0,400;0,700;0,900;1,100;1,300;1,400;1,700;1,900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08664859baab5ed98f0bf818ed77e38464ff1826dc6406d5ecbd651409afbd92
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://leadplaza.it
accept-language
es-ES,es;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 09:05:28 GMT
x-content-type-options
nosniff
age
108760
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
22504
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:12:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 18 Dec 2024 09:05:28 GMT
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:ital,wght@0,100;0,300;0,400;0,700;0,900;1,100;1,300;1,400;1,700;1,900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://leadplaza.it
accept-language
es-ES,es;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 15:36:20 GMT
x-content-type-options
nosniff
age
171708
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23580
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:17:22 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 17 Dec 2024 15:36:20 GMT
S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:ital,wght@0,100;0,300;0,400;0,700;0,900;1,100;1,300;1,400;1,700;1,900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://leadplaza.it
accept-language
es-ES,es;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 14:33:15 GMT
x-content-type-options
nosniff
age
175493
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23040
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:07:25 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 17 Dec 2024 14:33:15 GMT
/
up.clickiocdn.com/consent/log/ 		42 B
158 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://up.clickiocdn.com/consent/log/?r=548909382&site_id=224765&version=1694447032&csid=2983&tcf2=1&stv=3&uid=17030854890921292&state=21
Requested by
Host: leadplaza.it
URL: https://leadplaza.it/iltuo_prestito2022/?nome=&cognome=&email=&aff_sub=XXXX&aff_id=1304&importo=&lp=n&advice_id=102eca8f85f4d853e0d8f68d331407
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
95.211.66.34 Alphen aan den Rijn, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
hosted-by.leaseweb.com
Software
nginx/1.20.1 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://leadplaza.it/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 20 Dec 2023 15:18:09 GMT
cache-control
no-cache
iseu
eu
server
nginx/1.20.1
content-length
42
content-type
image/gif
vendor-list.json
cdn.clickiocdn.com/t/cmp/v3/ 		558 KB
93 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.clickiocdn.com/t/cmp/v3/vendor-list.json
Requested by
Host: clickiocmp.com
URL: https://clickiocmp.com/t/consent_224765.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
46.8.152.14 London, United Kingdom, ASN213119 (ALZ-SOFTWARE-AS, GB),
Reverse DNS
Software
nginx/1.24.0 /
Resource Hash
a3da1fc68850dbf7fec2bef8f38f15746ef841f3d7d905cb75ddf7b56c7d4aa4

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://leadplaza.it/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 15:18:09 GMT
content-encoding
gzip
last-modified
Fri, 15 Dec 2023 02:05:03 GMT
server
nginx/1.24.0
etag
W/"657bb44f-8b862"
content-type
application/json
access-control-allow-origin
*
iseu
eu
cache-control
max-age=1800
expires
Wed, 20 Dec 2023 15:48:09 GMT
/
up.clickiocdn.com/consent/log/ 		42 B
159 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://up.clickiocdn.com/consent/log/?r=548910390&site_id=224765&version=1694447032&csid=2983&tcf2=1&stv=3&uid=17030854890921292&state=2&vcnt=172
Requested by
Host: leadplaza.it
URL: https://leadplaza.it/iltuo_prestito2022/?nome=&cognome=&email=&aff_sub=XXXX&aff_id=1304&importo=&lp=n&advice_id=102eca8f85f4d853e0d8f68d331407
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
95.211.66.34 Alphen aan den Rijn, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
hosted-by.leaseweb.com
Software
nginx/1.20.1 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://leadplaza.it/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 20 Dec 2023 15:18:09 GMT
cache-control
no-cache
iseu
eu
server
nginx/1.20.1
content-length
42
content-type
image/gif
js
www.googletagmanager.com/gtag/ 		260 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-H3WFRQDTDQ&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W4QKX97
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
6aa802e73ed97ec4943b63f494966f5f83c313da37303e4f69a2ca805c794ad8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://leadplaza.it/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 15:18:09 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
90010
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 20 Dec 2023 15:18:09 GMT
obtp.js
amplify.outbrain.com/cp/ 		26 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://amplify.outbrain.com/cp/obtp.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W4QKX97
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.19.106.209 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-106-209.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
c91d4a23e0001862471bd7f67ca563d90b10f95d32b6f0af3874ef27d399388f

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://leadplaza.it/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Wed, 20 Dec 2023 15:18:09 GMT
Content-Encoding
gzip
Last-Modified
Wed, 20 Dec 2023 13:05:28 GMT
Server
AkamaiNetStorage
ETag
"928c0d1860f13b981036d5c18f950ac2:1703078882.762337"
Vary
Accept-Encoding
Content-Type
application/x-javascript
X-RG
EU
Cache-Control
max-age=1200
X-CC
ES
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
7779
Expires
Wed, 20 Dec 2023 15:38:09 GMT
collect
region1.analytics.google.com/g/ 		0
252 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-H3WFRQDTDQ&gtm=45je3bt0v878787410z89100402679&_p=1703085488769&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=457816390.1703085489&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1703085489&sct=1&seg=0&dl=https%3A%2F%2Fleadplaza.it%2Filtuo_prestito2022%2F%3Fnome%3D%26cognome%3D%26email%3D%26aff_sub%3DXXXX%26aff_id%3D1304%26importo%3D%26lp%3Dn%26advice_id%3D102eca8f85f4d853e0d8f68d331407&dr=https%3A%2F%2Fspt.ynk4you.com%2F&dt=&en=page_view&_fv=1&_nsi=1&_ss=1&ep.anonymizeIp=true&tfd=1191
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-H3WFRQDTDQ&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://leadplaza.it/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Dec 2023 15:18:09 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://leadplaza.it
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
243 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-H3WFRQDTDQ&cid=457816390.1703085489&gtm=45je3bt0v878787410z89100402679&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-H3WFRQDTDQ&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c06::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://leadplaza.it/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Dec 2023 15:18:09 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://leadplaza.it
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.es/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.es/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-H3WFRQDTDQ&cid=457816390.1703085489&gtm=45je3bt0v878787410z89100402679&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=764116575
Requested by
Host: leadplaza.it
URL: https://leadplaza.it/iltuo_prestito2022/?nome=&cognome=&email=&aff_sub=XXXX&aff_id=1304&importo=&lp=n&advice_id=102eca8f85f4d853e0d8f68d331407
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://leadplaza.it/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Dec 2023 15:18:09 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
google-vendor-list.json
s.clickiocdn.com/t/cmp/v3/ 		55 KB
16 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.clickiocdn.com/t/cmp/v3/google-vendor-list.json
Requested by
Host: clickiocmp.com
URL: https://clickiocmp.com/t/consent_224765.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
95.211.66.34 Alphen aan den Rijn, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
hosted-by.leaseweb.com
Software
nginx/1.20.1 /
Resource Hash
6a709ee8d08f91138fdab145dc984a089a117fba383e0c1c51854b699daa0b12

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://leadplaza.it/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 15:18:09 GMT
content-encoding
gzip
last-modified
Wed, 20 Dec 2023 02:05:02 GMT
server
nginx/1.20.1
etag
W/"65824bce-daf9"
content-type
application/json
access-control-allow-origin
*
iseu
eu
cache-control
max-age=1800
expires
Wed, 20 Dec 2023 15:48:09 GMT
cachedClickId
tr.outbrain.com/ 		35 B
220 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tr.outbrain.com/cachedClickId?marketerId=00be7278fa16fe2ff8f6308333ad400022
Requested by
Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.223 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://leadplaza.it/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Wed, 20 Dec 2023 15:18:09 GMT
content-encoding
br
X-TraceId
e113a6ba06fd4f979d082f60d44c2f83
Content-Length
39
Content-Type
application/javascript
00be7278fa16fe2ff8f6308333ad400022
wave.outbrain.com/mtWavesBundler/handler/ 		2 B
375 B 		Script
General
Check archive.org
Download Go to
Full URL
https://wave.outbrain.com/mtWavesBundler/handler/00be7278fa16fe2ff8f6308333ad400022
Requested by
Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.19.106.209 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-106-209.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://leadplaza.it/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Wed, 20 Dec 2023 15:18:09 GMT
ob-sent-time
1703055348217
ETag
W/"2-vyGp6PvFo4RvsFtPoIWeCReyIC8"
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
X-RG
EU
Cache-Control
max-age=60
X-CC
ES
Connection
keep-alive
X-TraceId
36022c7083399dd6de77dd7b50323dab
Content-Length
2
Expires
Wed, 20 Dec 2023 15:19:09 GMT
unifiedPixel
tr.outbrain.com/ 		53 B
248 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tr.outbrain.com/unifiedPixel?optOut=false&bust=007257799055118341&referrer=https%3A%2F%2Fspt.ynk4you.com%2F&marketerId=00be7278fa16fe2ff8f6308333ad400022&name=PAGE_VIEW&dl=https%3A%2F%2Fleadplaza.it%2Filtuo_prestito2022%2F%3Fnome%3D%26cognome%3D%26email%3D%26aff_sub%3DXXXX%26aff_id%3D1304%26importo%3D%26lp%3Dn%26advice_id%3D102eca8f85f4d853e0d8f68d331407&g=1&obApiVersion=2.0-gtm&obtpVersion=2.0.5
Requested by
Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.223 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
b51f3497b0a65f1e1e87e75f5e7e823d871c23bcf76a5ee4101783c8f939e553

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://leadplaza.it/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Wed, 20 Dec 2023 15:18:09 GMT
Cache-Control
no-cache
content-encoding
br
X-TraceId
9067b713b57f31f393a3c63add66b6b1
Content-Length
54
Content-Type
image/gif;

Verdicts & Comments Add Verdict or Comment

25 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| documentPictureInPicture function| $ function| jQuery object| dataLayer function| attivatooltip function| disattivatooltip function| imposta_cap function| calcolacomune function| invia_form function| seleziona function| vai_step2 function| controllo_importo function| avvia_cellulare object| __lxG__ object| __lxG__consent__ object| googletag object| adsbygoogle object| google_tag_manager object| google_tag_data function| obApi function| onYouTubeIframeAPIReady object| gaGlobal function| __tcfapi function| apiObj

10 Cookies

Domain/Path Name / Value
spt.ynk4you.com/ Name: tr[eopdvtijkwzm1j0xys9]
Value: 1
spt.ynk4you.com/ Name: track[2181]
Value: eopdvtijkwzm1j0xys9C163411502
spt.ynk4you.com/ Name: track[0]
Value: eopdvtijkwzm1j0xys9C163411502
aff.rapidaconsegna.it/ Name: enc_aff_session_1813
Value: ENC03d080a46f58cee5946d2da274519eaabc0510be8a516f53699e932cbde54a417a42f58fb774adaec28d39b1e1bdff476ba9e9cb19b7c7feb56678b0ac2ffc6aaad8b898d27678f6fde5475024d2e5e164a2ec725e5623233475f2369ddcc8698652d2367062ab570e296c683d07f4ed2cd4609804739664f412c5bdfebaec61d08a047c894427282eb23b620c1e0ea7a139ecaa8f02bdec6eb31c3172bad58a26340439a048340f70a20b063a442dd354a7d0b2c77fef2f2101554deb7e9ba3d51304e404
aff.rapidaconsegna.it/ Name: ho_mob
Value: eyJtb2JpbGVfZGV2aWNlX29zIjoiRGVza3RvcCIsIm1vYmlsZV9vc192ZXJzaW9uIjoiMCIsIm1vYmlsZV9kZXZpY2VfbW9kZWwiOiJDaHJvbWUiLCJtb2JpbGVfZGV2aWNlX2JyYW5kIjoiR29vZ2xlIiwibW9iaWxlX2Jyb3dzZXIiOiJDaHJvbWUgRGVza3RvcCIsIm1vYmlsZV9icm93c2VyX3ZlcnNpb24iOiIxMjAiLCJtb2JpbGVfY2FycmllciI6Ij8iLCJ1c2VyX2FnZW50IjoiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IFg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgTGlrZSBHZWNrbykgQ2hyb21lLzEyMC4wLjYwOTkuMTA5IFNhZmFyaS81MzcuMzYiLCJhY2NlcHRfbGFuZ3VhZ2UiOiJlcy1FUyxlcztxPTAuOSIsImNvbm5lY3Rpb25fc3BlZWQiOiJicm9hZGJhbmQifQ==
leadplaza.it/ Name: PHPSESSID
Value: aibenp1loj1ioq2gro1fb5hi56
.leadplaza.it/ Name: _gcl_au
Value: 1.1.1288951503.1703085489
.leadplaza.it/ Name: _ga
Value: GA1.1.457816390.1703085489
.leadplaza.it/ Name: _ga_H3WFRQDTDQ
Value: GS1.1.1703085489.1.1.1703085489.60.0.0
leadplaza.it/ Name: dicbo_id
Value: %7B%22dicbo_fetch%22%3A1703085490310%7D

1 Console Messages

Source Level URL
Text
network error URL: https://leadplaza.it/iltuo_prestito2022/js/popup.js
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aff.rapidaconsegna.it
ajax.googleapis.com
amplify.outbrain.com
cdn.clickiocdn.com
clickiocmp.com
fonts.googleapis.com
fonts.gstatic.com
leadplaza.it
news.bonusinyourinbox.com
region1.analytics.google.com
s.clickiocdn.com
spt.ynk4you.com
stats.g.doubleclick.net
tr.outbrain.com
up.clickiocdn.com
wave.outbrain.com
www.google.es
www.googletagmanager.com
130.193.104.10
135.125.9.57
18.202.89.33
192.46.236.54
2.19.106.209
2001:4860:4802:32::36
2a00:1450:4001:80f::2008
2a00:1450:4001:810::200a
2a00:1450:4001:813::2003
2a00:1450:4001:827::2003
2a00:1450:4001:831::200a
2a00:1450:400c:c06::9c
46.8.152.14
70.42.32.223
95.211.66.34
03faa66c9a34454a2d7463ea13a625872001e6353bd65c542fbbef45f4cf3d1e
07da5980c7a81b51a4cea92a8380b8d69927326092b56f954028d5219bcf5c96
08664859baab5ed98f0bf818ed77e38464ff1826dc6406d5ecbd651409afbd92
12c818641ffaf0e19183c033c9117fd92c1dae0237821f4f39aa75fabf22c26b
1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580
22d40e16c1bfa5a17f7f081b968c4b032d0f20222b0ec973c645e27dd9e37586
2747571741b6a873be6a405d67af325ec7719ce55a028c757cda96cb2c3deeb8
3dd5fbdf219d660d206f06bd5e0b4aaf1298c6f795a196ddceb3a69526947f66
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4ded34abae28d605c585d4375d417525522e71001457e8dc97e661f4b6133a50
4fe3c730203590fc722b1b6be6bd18c3fae60b86c858f8560ba55743eba34353
6a709ee8d08f91138fdab145dc984a089a117fba383e0c1c51854b699daa0b12
6aa802e73ed97ec4943b63f494966f5f83c313da37303e4f69a2ca805c794ad8
702d5e07de50905e95fc8ba8967540167647ae8b9100862fffedfa2f1a7ce91e
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
9a3d6523ec9c13b6f40716c1390b2c19dc501ca3ee619f6edcff1b63133b8a6f
a3da1fc68850dbf7fec2bef8f38f15746ef841f3d7d905cb75ddf7b56c7d4aa4
b51f3497b0a65f1e1e87e75f5e7e823d871c23bcf76a5ee4101783c8f939e553
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
c91d4a23e0001862471bd7f67ca563d90b10f95d32b6f0af3874ef27d399388f
cecdbd861f3dd34c202170ae32113bdaa748ccbaa07d36fad6e8431e94da3ba3
d16d07a0353405fcec95f7efc50a2621bc7425f9a5e8895078396fb0dc460c4f
dfa85498ae211b2a5da0e258c15c649d0ba16cda70cd4a63d5f26239d226d5c0
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e93d793f339f5d67c1d09fb61210e1520f98a37c926bd86d096139fdf308caee
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f35c5d040f8829b3db247f444f99eed3d683f199e61f08620622a241d200bdb9