www.leadplaza.it Open in urlscan Pro
85.234.159.99 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://news.promodalweb.it/re?l=D0Ie45il0I47utalnI1ITk7xmb7lo&s=ALJBHLNDGAMPCNJG&req=nome%3DKatia%26cognome%3DRinaldi%26ema...
Effective URL:
https://www.leadplaza.it/prestitoperte2019/?nome=Katia&cognome=Rinaldi&email=rinaldik@posteitaliane&aff_sub=&aff_id=17&im...
Submission: On March 19 via api (March 19th 2020, 8:31:30 am UTC) from IT

Summary HTTP 16 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 6 IPs in 4 countries across 9 domains to perform 16 HTTP transactions. The main IP is 85.234.159.99, located in United Kingdom and belongs to SIMPLYTRANSIT, GB. The main domain is www.leadplaza.it.
TLS certificate: Issued by Let's Encrypt Authority X3 on February 12th 2020. Valid for: 3 months.

This is the only time www.leadplaza.it was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	91.192.43.152 91.192.43.152	15960 (GLOBALACCESS) (GLOBALACCESS)
1 1	34.250.4.239 34.250.4.239	16509 (AMAZON-02) (AMAZON-02)
1 1	54.72.119.160 54.72.119.160	16509 (AMAZON-02) (AMAZON-02)
1 10	85.234.159.99 85.234.159.99	29550 (SIMPLYTRA...) (SIMPLYTRANSIT)
1	2a00:1450:400... 2a00:1450:4001:816::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6812:e134	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
16	6

1 91.192.43.152 (Germany) 1 redirects

ASN15960 (GLOBALACCESS, DE)

news.promodalweb.it	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.250.4.239 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-250-4-239.eu-west-1.compute.amazonaws.com

tracking.trkadviceme.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.72.119.160 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-72-119-160.eu-west-1.compute.amazonaws.com

adviceme.go2cloud.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 85.234.159.99 (United Kingdom) 1 redirects

ASN29550 (SIMPLYTRANSIT, GB)
PTR: 85-234-159-99.static.as29550.net

www.leadplaza.it	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:816::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:e134 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f02d:12:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f12d:83:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	leadplaza.it 1 redirects www.leadplaza.it	1 MB
2	facebook.com www.facebook.com	573 B
2	facebook.net connect.facebook.net	143 KB
1	onesignal.com cdn.onesignal.com	3 KB
1	googleapis.com ajax.googleapis.com	32 KB
1	go2cloud.org 1 redirects adviceme.go2cloud.org	2 KB
1	trkadviceme.com 1 redirects tracking.trkadviceme.com	532 B
1	promodalweb.it 1 redirects news.promodalweb.it	324 B
0	jquery.com Failed code.jquery.com Failed
16	9

	Domain	Requested by
10	www.leadplaza.it	1 redirects www.leadplaza.it
2	www.facebook.com	www.leadplaza.it
2	connect.facebook.net	www.leadplaza.it connect.facebook.net
1	cdn.onesignal.com	www.leadplaza.it
1	ajax.googleapis.com	www.leadplaza.it
1	adviceme.go2cloud.org	1 redirects
1	tracking.trkadviceme.com	1 redirects
1	news.promodalweb.it	1 redirects
0	code.jquery.com Failed	www.leadplaza.it
16	9

This site contains links to these domains. Also see Links.

Domain
www.adviceme.it

Subject Issuer	Validity	Valid
leadplaza.it Let's Encrypt Authority X3	`2020-02-12` - `2020-05-12`	3 months	crt.sh
*.storage.googleapis.com GTS CA 1O1	`2020-03-03` - `2020-05-26`	3 months	crt.sh
ssl898578.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2019-10-11` - `2020-04-18`	6 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2020-03-01` - `2020-05-30`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://www.leadplaza.it/prestitoperte2019/?nome=Katia&cognome=Rinaldi&email=rinaldik@posteitaliane&aff_sub=&aff_id=17&importo=&source=
Frame ID: 8DEBBE69395F336FF9B548A1369891F4
Requests: 16 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://news.promodalweb.it/re?l=D0Ie45il0I47utalnI1ITk7xmb7lo&s=ALJBHLNDGAMPCNJG&req=nome%3DKatia%26cog... HTTP 302
http://tracking.trkadviceme.com/aff_c?offer_id=705&aff_id=17&file_id=8914&dest=prestitoperte2019&nome=Katia&... HTTP 302
https://adviceme.go2cloud.org/aff_c?offer_id=705&aff_id=17&file_id=8914&dest=prestitoperte2019&nome=Katia&... HTTP 302
https://www.leadplaza.it/prestitoperte2019?nome=Katia&cognome=Rinaldi&email=rinaldik@posteitaliane&af... HTTP 301
https://www.leadplaza.it/prestitoperte2019/?nome=Katia&cognome=Rinaldi&email=rinaldik@posteitaliane&a... Page URL

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery[.-]([\d.]*\d)[^/]*\.js/i
script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

16
Requests

94 %
HTTPS

50 %
IPv6

9
Domains

9
Subdomains

6
IPs

4
Countries

1403 kB
Transfer

1912 kB
Size

2
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.adviceme.it/privacy
Title: clicca qui.

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://news.promodalweb.it/re?l=D0Ie45il0I47utalnI1ITk7xmb7lo&s=ALJBHLNDGAMPCNJG&req=nome%3DKatia%26cognome%3DRinaldi%26email%3Drinaldik%40posteitaliane HTTP 302
http://tracking.trkadviceme.com/aff_c?offer_id=705&aff_id=17&file_id=8914&dest=prestitoperte2019&nome=Katia&cognome=Rinaldi&email=rinaldik@posteitaliane&importo= HTTP 302
https://adviceme.go2cloud.org/aff_c?offer_id=705&aff_id=17&file_id=8914&dest=prestitoperte2019&nome=Katia&cognome=Rinaldi&email=rinaldik@posteitaliane&importo= HTTP 302
https://www.leadplaza.it/prestitoperte2019?nome=Katia&cognome=Rinaldi&email=rinaldik@posteitaliane&aff_sub=&aff_id=17&importo=&source= HTTP 301
https://www.leadplaza.it/prestitoperte2019/?nome=Katia&cognome=Rinaldi&email=rinaldik@posteitaliane&aff_sub=&aff_id=17&importo=&source= Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

16 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.leadplaza.it/prestitoperte2019/
Redirect Chain

http://news.promodalweb.it/re?l=D0Ie45il0I47utalnI1ITk7xmb7lo&s=ALJBHLNDGAMPCNJG&req=nome%3DKatia%26cognome%3DRinaldi%26email%3Drinaldik%40posteitaliane
http://tracking.trkadviceme.com/aff_c?offer_id=705&aff_id=17&file_id=8914&dest=prestitoperte2019&nome=Katia&cognome=Rinaldi&email=rinaldik@posteitaliane&importo=
https://adviceme.go2cloud.org/aff_c?offer_id=705&aff_id=17&file_id=8914&dest=prestitoperte2019&nome=Katia&cognome=Rinaldi&email=rinaldik@posteitaliane&importo=
https://www.leadplaza.it/prestitoperte2019?nome=Katia&cognome=Rinaldi&email=rinaldik@posteitaliane&aff_sub=&aff_id=17&importo=&source=
https://www.leadplaza.it/prestitoperte2019/?nome=Katia&cognome=Rinaldi&email=rinaldik@posteitaliane&aff_sub=&aff_id=17&importo=&source=

24 KB
6 KB

1064ms
1064ms

Document
text/html

85.234.159.99
SIMPLYTRANSIT

General

Check archive.org

Show headers Download Go to

Full URL: https://www.leadplaza.it/prestitoperte2019/?nome=Katia&cognome=Rinaldi&email=rinaldik@posteitaliane&aff_sub=&aff_id=17&importo=&source=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 85.234.159.99 , United Kingdom, ASN29550 (SIMPLYTRANSIT, GB),
Reverse DNS: 85-234-159-99.static.as29550.net
Software: nginx / PHP/5.4.45 PleskLin
Resource Hash: f11b4a7af55e5670d323d5b63616c9e5f5736b5dee96b04a5ccc28c9526753fb

Request headers

:method: GET
:authority: www.leadplaza.it
:scheme: https
:path: /prestitoperte2019/?nome=Katia&cognome=Rinaldi&email=rinaldik@posteitaliane&aff_sub=&aff_id=17&importo=&source=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
server: nginx
date: Thu, 19 Mar 2020 08:31:13 GMT
content-type: text/html
x-powered-by: PHP/5.4.45 PleskLin
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
set-cookie: PHPSESSID=d1kdhrg9dm78nnsgb6svrn7sk7; path=/
content-encoding: gzip

Redirect headers

status: 301
server: nginx
date: Thu, 19 Mar 2020 08:31:12 GMT
content-type: text/html; charset=iso-8859-1
content-length: 367
location: https://www.leadplaza.it/prestitoperte2019/?nome=Katia&cognome=Rinaldi&email=rinaldik@posteitaliane&aff_sub=&aff_id=17&importo=&source=
cache-control: max-age=300
expires: Thu, 19 Mar 2020 08:36:12 GMT
x-powered-by: PleskLin

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.6.2/ 89 KB
32 KB 93ms
0ms Script
text/javascript 2a00:1450:4001:816::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.6.2/jquery.min.js

Requested by

Host: www.leadplaza.it
URL: https://www.leadplaza.it/prestitoperte2019/?nome=Katia&cognome=Rinaldi&email=rinaldik@posteitaliane&aff_sub=&aff_id=17&importo=&source=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d16d07a0353405fcec95f7efc50a2621bc7425f9a5e8895078396fb0dc460c4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.leadplaza.it/prestitoperte2019/?nome=Katia&cognome=Rinaldi&email=rinaldik@posteitaliane&aff_sub=&aff_id=17&importo=&source=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 24 Feb 2020 19:38:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2033557
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 32245
x-xss-protection: 0
last-modified: Tue, 20 Dec 2016 18:17:03 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 23 Feb 2021 19:38:36 GMT

GET
H2 200 styles.css
www.leadplaza.it/prestitoperte2019/CSS/ 11 KB
11 KB 121ms
27ms Stylesheet
text/css 85.234.159.99
SIMPLYTRANSIT

General

Check archive.org

Show headers Download Go to

Full URL: https://www.leadplaza.it/prestitoperte2019/CSS/styles.css
Requested by: Host: www.leadplaza.it
URL: https://www.leadplaza.it/prestitoperte2019/?nome=Katia&cognome=Rinaldi&email=rinaldik@posteitaliane&aff_sub=&aff_id=17&importo=&source=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 85.234.159.99 , United Kingdom, ASN29550 (SIMPLYTRANSIT, GB),
Reverse DNS: 85-234-159-99.static.as29550.net
Software: nginx / PleskLin
Resource Hash: 2b592601dbaa6cf843ee1c65250c45401b8eacedf50687f9c5b33cf05f60b61d

Request headers

Referer: https://www.leadplaza.it/prestitoperte2019/?nome=Katia&cognome=Rinaldi&email=rinaldik@posteitaliane&aff_sub=&aff_id=17&importo=&source=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Thu, 19 Mar 2020 08:31:13 GMT
last-modified: Fri, 24 Jan 2020 15:55:58 GMT
server: nginx
x-powered-by: PleskLin
etag: "5e2b138e-2a85"
content-type: text/css
status: 200
accept-ranges: bytes
content-length: 10885

GET
H2 200 popup.js Show response
www.leadplaza.it/prestitoperte2019/js/ 1011 B
1 KB 121ms
27ms Script
application/javascript 85.234.159.99
SIMPLYTRANSIT

General

Check archive.org

Show headers Download Go to

Full URL: https://www.leadplaza.it/prestitoperte2019/js/popup.js
Requested by: Host: www.leadplaza.it
URL: https://www.leadplaza.it/prestitoperte2019/?nome=Katia&cognome=Rinaldi&email=rinaldik@posteitaliane&aff_sub=&aff_id=17&importo=&source=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 85.234.159.99 , United Kingdom, ASN29550 (SIMPLYTRANSIT, GB),
Reverse DNS: 85-234-159-99.static.as29550.net
Software: nginx / PleskLin
Resource Hash: 52b12da5429fc5bef9e993c9f428f571c1a912d940e12e267dcc31adecf6ab9e

Request headers

Referer: https://www.leadplaza.it/prestitoperte2019/?nome=Katia&cognome=Rinaldi&email=rinaldik@posteitaliane&aff_sub=&aff_id=17&importo=&source=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 19 Mar 2020 08:31:13 GMT
last-modified: Fri, 06 Sep 2019 13:59:57 GMT
server: nginx
x-powered-by: PleskLin
etag: "5d72665d-3f3"
content-type: application/javascript
status: 200
accept-ranges: bytes
content-length: 1011

GET
H2 200 Repo.js Show response
www.leadplaza.it/prestitoperte2019/js/ 3 KB
3 KB 121ms
27ms Script
application/javascript 85.234.159.99
SIMPLYTRANSIT

General

Check archive.org

Show headers Download Go to

Full URL: https://www.leadplaza.it/prestitoperte2019/js/Repo.js
Requested by: Host: www.leadplaza.it
URL: https://www.leadplaza.it/prestitoperte2019/?nome=Katia&cognome=Rinaldi&email=rinaldik@posteitaliane&aff_sub=&aff_id=17&importo=&source=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 85.234.159.99 , United Kingdom, ASN29550 (SIMPLYTRANSIT, GB),
Reverse DNS: 85-234-159-99.static.as29550.net
Software: nginx / PleskLin
Resource Hash: a61e31e3d171f8b811d5e223e25f67ee3878225e77fbcdfa35458f435a88e53b

Request headers

Referer: https://www.leadplaza.it/prestitoperte2019/?nome=Katia&cognome=Rinaldi&email=rinaldik@posteitaliane&aff_sub=&aff_id=17&importo=&source=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 19 Mar 2020 08:31:13 GMT
last-modified: Fri, 06 Sep 2019 13:59:57 GMT
server: nginx
x-powered-by: PleskLin
etag: "5d72665d-b90"
content-type: application/javascript
status: 200
accept-ranges: bytes
content-length: 2960

GET
H2 200 OneSignalSDK.js Show response
cdn.onesignal.com/sdks/ 8 KB
3 KB 137ms
30ms Script
application/javascript 2606:4700::6812:e134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js
Requested by: Host: www.leadplaza.it
URL: https://www.leadplaza.it/prestitoperte2019/?nome=Katia&cognome=Rinaldi&email=rinaldik@posteitaliane&aff_sub=&aff_id=17&importo=&source=
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 03287280ffc2f50b1c9b477d00acb16fec7797d50e3a89a2dcb5589e36e413c0

Request headers

Referer: https://www.leadplaza.it/prestitoperte2019/?nome=Katia&cognome=Rinaldi&email=rinaldik@posteitaliane&aff_sub=&aff_id=17&importo=&source=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 19 Mar 2020 08:31:13 GMT
content-encoding: gzip
cf-cache-status: HIT
server: cloudflare
age: 1307
etag: W/"f242ff15a186d9d5dc1c33cc46f2d4a1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public, max-age=43200
cf-ray: 5765d5fe6fdddfdb-FRA
expires: Thu, 19 Mar 2020 20:31:13 GMT

GET
H2 200 logo.jpg
www.leadplaza.it/prestitoperte2019/img/ 4 KB
5 KB 121ms
27ms Image
image/jpeg 85.234.159.99
SIMPLYTRANSIT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.leadplaza.it/prestitoperte2019/img/logo.jpg
Requested by: Host: www.leadplaza.it
URL: https://www.leadplaza.it/prestitoperte2019/?nome=Katia&cognome=Rinaldi&email=rinaldik@posteitaliane&aff_sub=&aff_id=17&importo=&source=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 85.234.159.99 , United Kingdom, ASN29550 (SIMPLYTRANSIT, GB),
Reverse DNS: 85-234-159-99.static.as29550.net
Software: nginx / PleskLin
Resource Hash: c8887c21bbb4435b855cbcf8e8a18a70004a8bfeca262a99c3a38f828dd9a516

Request headers

Referer: https://www.leadplaza.it/prestitoperte2019/?nome=Katia&cognome=Rinaldi&email=rinaldik@posteitaliane&aff_sub=&aff_id=17&importo=&source=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 19 Mar 2020 08:31:13 GMT
last-modified: Fri, 06 Sep 2019 13:59:54 GMT
server: nginx
x-powered-by: PleskLin
etag: "5d72665a-1195"
content-type: image/jpeg
status: 200
accept-ranges: bytes
content-length: 4501

GET
H2 200 scrittablu.png
www.leadplaza.it/prestitoperte2019/img/ 19 KB
19 KB 27ms
27ms Image
image/png 85.234.159.99
SIMPLYTRANSIT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.leadplaza.it/prestitoperte2019/img/scrittablu.png
Requested by: Host: www.leadplaza.it
URL: https://www.leadplaza.it/prestitoperte2019/?nome=Katia&cognome=Rinaldi&email=rinaldik@posteitaliane&aff_sub=&aff_id=17&importo=&source=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 85.234.159.99 , United Kingdom, ASN29550 (SIMPLYTRANSIT, GB),
Reverse DNS: 85-234-159-99.static.as29550.net
Software: nginx / PleskLin
Resource Hash: 083acc6a05949ff5dcc3495606e51b6b707ec21cd2852b85ed392646f2e3fbe1

Request headers

Referer: https://www.leadplaza.it/prestitoperte2019/?nome=Katia&cognome=Rinaldi&email=rinaldik@posteitaliane&aff_sub=&aff_id=17&importo=&source=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 19 Mar 2020 08:31:13 GMT
last-modified: Fri, 06 Sep 2019 13:59:54 GMT
server: nginx
x-powered-by: PleskLin
etag: "5d72665a-4be6"
content-type: image/png
status: 200
accept-ranges: bytes
content-length: 19430

GET
H2 200 scrittacorsivo_inv.png
www.leadplaza.it/prestitoperte2019/img/ 71 KB
71 KB 35ms
35ms Image
image/png 85.234.159.99
SIMPLYTRANSIT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.leadplaza.it/prestitoperte2019/img/scrittacorsivo_inv.png
Requested by: Host: www.leadplaza.it
URL: https://www.leadplaza.it/prestitoperte2019/?nome=Katia&cognome=Rinaldi&email=rinaldik@posteitaliane&aff_sub=&aff_id=17&importo=&source=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 85.234.159.99 , United Kingdom, ASN29550 (SIMPLYTRANSIT, GB),
Reverse DNS: 85-234-159-99.static.as29550.net
Software: nginx / PleskLin
Resource Hash: c66b7810f1d1388d8b85834b722d6c42031ddb9ed99a2c3deb73a2bb71fd49c1

Request headers

Referer: https://www.leadplaza.it/prestitoperte2019/?nome=Katia&cognome=Rinaldi&email=rinaldik@posteitaliane&aff_sub=&aff_id=17&importo=&source=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 19 Mar 2020 08:31:13 GMT
last-modified: Fri, 06 Sep 2019 13:59:55 GMT
server: nginx
x-powered-by: PleskLin
etag: "5d72665b-11cf8"
content-type: image/png
status: 200
accept-ranges: bytes
content-length: 72952

GET
H2 200 steps1.png
www.leadplaza.it/prestitoperte2019/img/ 38 KB
38 KB 35ms
35ms Image
image/png 85.234.159.99
SIMPLYTRANSIT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.leadplaza.it/prestitoperte2019/img/steps1.png
Requested by: Host: www.leadplaza.it
URL: https://www.leadplaza.it/prestitoperte2019/?nome=Katia&cognome=Rinaldi&email=rinaldik@posteitaliane&aff_sub=&aff_id=17&importo=&source=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 85.234.159.99 , United Kingdom, ASN29550 (SIMPLYTRANSIT, GB),
Reverse DNS: 85-234-159-99.static.as29550.net
Software: nginx / PleskLin
Resource Hash: decb78ae3b6e0295ebb284e5f71d814ceeaa9d1bae2969ab6359973ca4081b3b

Request headers

Referer: https://www.leadplaza.it/prestitoperte2019/?nome=Katia&cognome=Rinaldi&email=rinaldik@posteitaliane&aff_sub=&aff_id=17&importo=&source=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 19 Mar 2020 08:31:13 GMT
last-modified: Fri, 06 Sep 2019 13:59:55 GMT
server: nginx
x-powered-by: PleskLin
etag: "5d72665b-9662"
content-type: image/png
status: 200
accept-ranges: bytes
content-length: 38498

GET jquery-1.9.1.js
code.jquery.com/ 0
0

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 126 KB
30 KB 8ms
7ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.leadplaza.it
URL: https://www.leadplaza.it/prestitoperte2019/?nome=Katia&cognome=Rinaldi&email=rinaldik@posteitaliane&aff_sub=&aff_id=17&importo=&source=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5a91c6d3e635c0bd1551a53cf0769328132151a7732039170280d500dbcb4685

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.leadplaza.it/prestitoperte2019/?nome=Katia&cognome=Rinaldi&email=rinaldik@posteitaliane&aff_sub=&aff_id=17&importo=&source=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-27=":443"; ma=3600
content-length: 30466
x-xss-protection: 0
pragma: public
x-fb-debug: PqjI5kqS/VEWYv8rKqPF5owoSgJX3A9Q4Ll9cfc8pscg6qTQwV8VkILsrk8Ev3RhYDeFPLxgK4L1BVzG41JMJw==
x-fb-trip-id: 1850256238
date: Thu, 19 Mar 2020 08:31:13 GMT, Thu, 19 Mar 2020 08:31:13 GMT
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 coppia_progetti2.jpg
www.leadplaza.it/prestitoperte2019/img/ 1 MB
1 MB 62ms
62ms Image
image/jpeg 85.234.159.99
SIMPLYTRANSIT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.leadplaza.it/prestitoperte2019/img/coppia_progetti2.jpg
Requested by: Host: www.leadplaza.it
URL: https://www.leadplaza.it/prestitoperte2019/?nome=Katia&cognome=Rinaldi&email=rinaldik@posteitaliane&aff_sub=&aff_id=17&importo=&source=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 85.234.159.99 , United Kingdom, ASN29550 (SIMPLYTRANSIT, GB),
Reverse DNS: 85-234-159-99.static.as29550.net
Software: nginx / PleskLin
Resource Hash: 0c7fc148d4903838f5b17280876117c3a5a84d6fe32d53bd3b52870483c643c9

Request headers

Referer: https://www.leadplaza.it/prestitoperte2019/CSS/styles.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 19 Mar 2020 08:31:13 GMT
last-modified: Fri, 06 Sep 2019 13:59:53 GMT
server: nginx
x-powered-by: PleskLin
etag: "5d726659-10b8a0"
content-type: image/jpeg
status: 200
accept-ranges: bytes
content-length: 1095840

GET
H2 200 2336543853291975 Show response
connect.facebook.net/signals/config/ 447 KB
112 KB 69ms
69ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/2336543853291975?v=2.9.15&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c1df5d5e38d41b3cfa53ebfa8b57a419430e3e4b6957ff24bb65d8b042106042

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.leadplaza.it/prestitoperte2019/?nome=Katia&cognome=Rinaldi&email=rinaldik@posteitaliane&aff_sub=&aff_id=17&importo=&source=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-27=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: mlFTF4UJqv2LJA0dmp1T/48aaN5rUgQ8zhOhVVlvF5QRpsrq5mf5rjluaiNXLWYDSZSCOrM/LWqafEGzUC1pAg==
x-fb-trip-id: 1850256238
date: Thu, 19 Mar 2020 08:31:13 GMT, Thu, 19 Mar 2020 08:31:13 GMT
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
323 B 6ms
6ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2336543853291975&ev=PageView&dl=https%3A%2F%2Fwww.leadplaza.it%2Fprestitoperte2019%2F%3Fnome%3DKatia%26cognome%3DRinaldi%26email%3Drinaldik%40posteitaliane%26aff_sub%3D%26aff_id%3D17%26importo%3D%26source%3D&rl=&if=false&ts=1584606673798&sw=1600&sh=1200&v=2.9.15&r=stable&ec=0&o=30&fbp=fb.1.1584606673797.118738524&it=1584606673702&coo=false&rqm=GET

Requested by

Host: www.leadplaza.it
URL: https://www.leadplaza.it/prestitoperte2019/?nome=Katia&cognome=Rinaldi&email=rinaldik@posteitaliane&aff_sub=&aff_id=17&importo=&source=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.leadplaza.it/prestitoperte2019/?nome=Katia&cognome=Rinaldi&email=rinaldik@posteitaliane&aff_sub=&aff_id=17&importo=&source=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 19 Mar 2020 08:31:13 GMT, Thu, 19 Mar 2020 08:31:13 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-27=":443"; ma=3600
content-length: 44
expires: Thu, 19 Mar 2020 08:31:13 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
250 B 6ms
6ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2336543853291975&ev=Microdata&dl=https%3A%2F%2Fwww.leadplaza.it%2Fprestitoperte2019%2F%3Fnome%3DKatia%26cognome%3DRinaldi%26email%3Drinaldik%40posteitaliane%26aff_sub%3D%26aff_id%3D17%26importo%3D%26source%3D&rl=&if=false&ts=1584606675301&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%20PrestitoPerTe%20%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.15&r=stable&ec=1&o=30&fbp=fb.1.1584606675300.1991721804&it=1584606673702&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.leadplaza.it/prestitoperte2019/?nome=Katia&cognome=Rinaldi&email=rinaldik@posteitaliane&aff_sub=&aff_id=17&importo=&source=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 19 Mar 2020 08:31:15 GMT, Thu, 19 Mar 2020 08:31:15 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-27=":443"; ma=3600
content-length: 44
expires: Thu, 19 Mar 2020 08:31:15 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: code.jquery.com
URL: http://code.jquery.com/jquery-1.9.1.js

Verdicts & Comments Add Verdict or Comment

26 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.leadplaza.it/	1970-01-19 10:19:42	Name: _fbp Value: fb.1.1584606673797.118738524
			www.leadplaza.it/	1969-12-31 23:59:59	Name: PHPSESSID Value: d1kdhrg9dm78nnsgb6svrn7sk7

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js(Line 1) Message: OneSignal: Using fallback ES5 Stub for backwards compatibility.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adviceme.go2cloud.org
ajax.googleapis.com
cdn.onesignal.com
code.jquery.com
connect.facebook.net
news.promodalweb.it
tracking.trkadviceme.com
www.facebook.com
www.leadplaza.it
code.jquery.com
2606:4700::6812:e134
2a00:1450:4001:816::200a
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
34.250.4.239
54.72.119.160
85.234.159.99
91.192.43.152
03287280ffc2f50b1c9b477d00acb16fec7797d50e3a89a2dcb5589e36e413c0
083acc6a05949ff5dcc3495606e51b6b707ec21cd2852b85ed392646f2e3fbe1
0c7fc148d4903838f5b17280876117c3a5a84d6fe32d53bd3b52870483c643c9
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
2b592601dbaa6cf843ee1c65250c45401b8eacedf50687f9c5b33cf05f60b61d
52b12da5429fc5bef9e993c9f428f571c1a912d940e12e267dcc31adecf6ab9e
5a91c6d3e635c0bd1551a53cf0769328132151a7732039170280d500dbcb4685
a61e31e3d171f8b811d5e223e25f67ee3878225e77fbcdfa35458f435a88e53b
c1df5d5e38d41b3cfa53ebfa8b57a419430e3e4b6957ff24bb65d8b042106042
c66b7810f1d1388d8b85834b722d6c42031ddb9ed99a2c3deb73a2bb71fd49c1
c8887c21bbb4435b855cbcf8e8a18a70004a8bfeca262a99c3a38f828dd9a516
d16d07a0353405fcec95f7efc50a2621bc7425f9a5e8895078396fb0dc460c4f
decb78ae3b6e0295ebb284e5f71d814ceeaa9d1bae2969ab6359973ca4081b3b
f11b4a7af55e5670d323d5b63616c9e5f5736b5dee96b04a5ccc28c9526753fb

www.leadplaza.it Open in urlscan Pro 85.234.159.99 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

16 Requests

94 %HTTPS

50 %IPv6

9 Domains

9 Subdomains

6 IPs

4 Countries

1403 kBTransfer

1912 kBSize

2 Cookies

1 Outgoing links

Page URL History

Redirected requests

16 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

26 JavaScript Global Variables

2 Cookies

1 Console Messages

Indicators

www.leadplaza.it Open in urlscan Pro
85.234.159.99 Public Scan

Screenshot
Live screenshot

Full Image

16
Requests

94 %
HTTPS

50 %
IPv6

9
Domains

9
Subdomains

6
IPs

4
Countries

1403 kB
Transfer

1912 kB
Size

2
Cookies

16 HTTP transactions
0 data transactions