urlscan.io logo urlscan.io
SecurityTrails logo

creditoveloce.info Open in urlscan Pro
161.35.72.115  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://news.offertatua.it/re?l=D0Ilju300I683ktaxI1ITl4zfm45u&s=JHOKDGKLHLDCGPJC
Effective URL: https://creditoveloce.info/pre-landing-new/?ref=8-
Submission: On June 29 via api from IE — Scanned from IT
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 16 IPs in 6 countries across 17 domains to perform 27 HTTP transactions. The main IP is 161.35.72.115, located in Frankfurt am Main, Germany and belongs to DIGITALOCEAN-ASN, US. The main domain is creditoveloce.info.
TLS certificate: Issued by R3 on June 10th 2022. Valid for: 3 months.
This is the only time creditoveloce.info was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 91.192.43.154 15960 (GLOBALACCESS)
1 1 63.34.252.79 16509 (AMAZON-02)
1 1 2a06:98c1:312... 13335 (CLOUDFLAR...)
2 161.35.72.115 14061 (DIGITALOC...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a03:2880:f02... 32934 (FACEBOOK)
2 2a00:1450:400... 15169 (GOOGLE)
1 142.250.186.130 15169 (GOOGLE)
3 164.90.162.187 14061 (DIGITALOC...)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
2 151.101.193.44 54113 (FASTLY)
2 104.19.133.78 13335 (CLOUDFLAR...)
2 2a03:2880:f12... 32934 (FACEBOOK)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 141.226.228.48 200478 (TABOOLA-AS)
27 16
1    91.192.43.154 (Germany)

ASN15960 (GLOBALACCESS, DE)
news.offertatua.it
1    63.34.252.79 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-34-252-79.eu-west-1.compute.amazonaws.com
ct.tk2gk.com
1    2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)
trk.elds.it
2    161.35.72.115 (Frankfurt am Main, Germany)

ASN14061 (DIGITALOCEAN-ASN, US)
creditoveloce.info
1    2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)
maxcdn.bootstrapcdn.com
1    2a00:1450:4001:810::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net
www.googleadservices.com
3    164.90.162.187 (Frankfurt am Main, Germany)

ASN14061 (DIGITALOCEAN-ASN, US)
spsk.cc
2    2606:4700:10::ac43:247d (United States)

ASN13335 (CLOUDFLARENET, US)
js-tag.zemanta.com
p1.zemanta.com
2    151.101.193.44 (United States)

ASN54113 (FASTLY, US)
cdn.taboola.com
trc.taboola.com
2    104.19.133.78 (None, )

ASN13335 (CLOUDFLARENET, US)
a.mgid.com
2    2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    2a00:1450:400c:c08::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
2    2a00:1450:4001:829::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.it
1    141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)
trc-events.taboola.com
Apex Domain
Subdomains		 Transfer
3 taboola.com
cdn.taboola.com — Cisco Umbrella Rank: 982
trc.taboola.com — Cisco Umbrella Rank: 672
trc-events.taboola.com — Cisco Umbrella Rank: 1600
19 KB
3 spsk.cc
spsk.cc
2 KB
2 google.it
www.google.it — Cisco Umbrella Rank: 17199
655 B
2 google.com
www.google.com — Cisco Umbrella Rank: 8
655 B
2 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 119
googleads.g.doubleclick.net — Cisco Umbrella Rank: 54
2 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 96
500 B
2 mgid.com
a.mgid.com — Cisco Umbrella Rank: 18547
6 KB
2 zemanta.com
js-tag.zemanta.com — Cisco Umbrella Rank: 24138
p1.zemanta.com — Cisco Umbrella Rank: 12526
4 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 49
20 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 155
110 KB
2 creditoveloce.info
creditoveloce.info
3 KB
1 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 126
15 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 89
51 KB
1 bootstrapcdn.com
maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 741
22 KB
1 elds.it
trk.elds.it
678 B
1 tk2gk.com
ct.tk2gk.com
2 KB
1 offertatua.it
news.offertatua.it
289 B
27 17
Domain Requested by
3 spsk.cc www.googletagmanager.com
spsk.cc
2 www.google.it creditoveloce.info
2 www.google.com creditoveloce.info
2 www.facebook.com creditoveloce.info
2 a.mgid.com creditoveloce.info
2 www.google-analytics.com www.googletagmanager.com
creditoveloce.info
2 connect.facebook.net creditoveloce.info
connect.facebook.net
2 creditoveloce.info creditoveloce.info
1 trc-events.taboola.com cdn.taboola.com
1 googleads.g.doubleclick.net www.googleadservices.com
1 stats.g.doubleclick.net www.google-analytics.com
1 p1.zemanta.com creditoveloce.info
1 trc.taboola.com cdn.taboola.com
1 cdn.taboola.com creditoveloce.info
1 js-tag.zemanta.com creditoveloce.info
1 www.googleadservices.com www.googletagmanager.com
1 www.googletagmanager.com creditoveloce.info
1 maxcdn.bootstrapcdn.com creditoveloce.info
1 trk.elds.it 1 redirects
1 ct.tk2gk.com 1 redirects
1 news.offertatua.it 1 redirects
27 21

This site contains no links.

Subject Issuer Validity Valid
creditoveloce.info
R3		 2022-06-10 -
2022-09-08		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-01-29 -
2023-01-29		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-06-06 -
2022-08-29		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-04-07 -
2022-07-06		 3 months crt.sh
www.googleadservices.com
GTS CA 1C3		 2022-06-06 -
2022-08-29		 3 months crt.sh
spsk.cc
R3		 2022-05-29 -
2022-08-27		 3 months crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-11-28 -
2022-12-29		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-06-06 -
2022-08-29		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-06-06 -
2022-08-29		 3 months crt.sh
*.google.it
GTS CA 1C3		 2022-06-06 -
2022-08-29		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://creditoveloce.info/pre-landing-new/?ref=8-
Frame ID: 8B708AA709665D2EB60F0E6095B869F1
Requests: 26 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Finanziatiora | Prestito convezione INPS - Ex inpdap - NoiPA

Page URL History Show full URLs

  1. http://news.offertatua.it/re?l=D0Ilju300I683ktaxI1ITl4zfm45u&s=JHOKDGKLHLDCGPJC HTTP 302
    https://ct.tk2gk.com/aff_c?offer_id=921&aff_id=1024&file_id=5722&source=offertatua&aff_sub5=9394&... HTTP 302
    https://trk.elds.it/click?pid=8&offer_id=80&ref_id=1023f1d6afb04a7d0f3390db61b006 HTTP 302
    https://creditoveloce.info/pre-landing-new/?ref=8- Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js

Page Statistics

27
Requests

100 %
HTTPS

58 %
IPv6

17
Domains

21
Subdomains

16
IPs

6
Countries

255 kB
Transfer

849 kB
Size

15
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://news.offertatua.it/re?l=D0Ilju300I683ktaxI1ITl4zfm45u&amp;s=JHOKDGKLHLDCGPJC HTTP 302
    https://ct.tk2gk.com/aff_c?offer_id=921&aff_id=1024&file_id=5722&source=offertatua&aff_sub5=9394&url_id=8406&amp;s=JHOKDGKLHLDCGPJC HTTP 302
    https://trk.elds.it/click?pid=8&offer_id=80&ref_id=1023f1d6afb04a7d0f3390db61b006 HTTP 302
    https://creditoveloce.info/pre-landing-new/?ref=8- Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

27 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
creditoveloce.info/pre-landing-new/
Redirect Chain
  • http://news.offertatua.it/re?l=D0Ilju300I683ktaxI1ITl4zfm45u&amp;s=JHOKDGKLHLDCGPJC
  • https://ct.tk2gk.com/aff_c?offer_id=921&aff_id=1024&file_id=5722&source=offertatua&aff_sub5=9394&url_id=8406&amp;s=JHOKDGKLHLDCGPJC
  • https://trk.elds.it/click?pid=8&offer_id=80&ref_id=1023f1d6afb04a7d0f3390db61b006
  • https://creditoveloce.info/pre-landing-new/?ref=8-
13 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://creditoveloce.info/pre-landing-new/?ref=8-
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
161.35.72.115 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
f544686016d321990a3fd3980f14f77f4c07a7824ffd4f698b42bba59d8c7e4d

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
it-IT,it;q=0.9

Response headers

content-encoding
br
content-type
text/html
date
Wed, 29 Jun 2022 10:15:22 GMT
etag
W/"6253ec32-3447"
last-modified
Mon, 11 Apr 2022 08:52:02 GMT
server
nginx
x-powered-by
PleskLin

Redirect headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
722de681ce8ebaf7-MXP
content-length
0
date
Wed, 29 Jun 2022 10:15:22 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
location
https://creditoveloce.info/pre-landing-new/?ref=8-
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RFBm8UjoUcVIWozQz%2B4UQDz6s8J8t3wZRWxiHZMP1j2hifny3i89RFPXiOOMsjCRqV24Znz1s30%2BB1nDhUP2%2BHFCzyYeY2MtNAeh8cT60ytXKWYpELxxFahCROfYR%2BQb3JTR8fD2OgPP4g%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
custom.css
creditoveloce.info/pre-landing-new/styles/ 		539 B
451 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://creditoveloce.info/pre-landing-new/styles/custom.css
Requested by
Host: creditoveloce.info
URL: https://creditoveloce.info/pre-landing-new/?ref=8-
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
161.35.72.115 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
bd5bc927756e63904cba5af00096d1f621b6c6e0f9c7ee80a476ca6f5aa78793

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://creditoveloce.info/pre-landing-new/?ref=8-
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 10:15:22 GMT
content-encoding
gzip
etag
"21b-5dc5d0ee4157c-gzip"
last-modified
Mon, 11 Apr 2022 08:52:03 GMT
server
nginx
x-powered-by
PleskLin
vary
Accept-Encoding
content-type
text/css
x-accel-version
0.01
accept-ranges
bytes
content-length
245
bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/ 		141 KB
22 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/bootstrap.min.css
Requested by
Host: creditoveloce.info
URL: https://creditoveloce.info/pre-landing-new/?ref=8-
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c0f3dcfe93d7e380c290fe4ab838ed8cadff1596d62697f5444be460d1f876d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://creditoveloce.info/
Origin
https://creditoveloce.info
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 10:15:22 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
617, 617
age
529028
cdn-cachedat
2021-06-08 14:12:50
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
timing-allow-origin
*
access-control-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:04:04 GMT
server
cloudflare
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css; charset=utf-8
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
511f8af9d20fe38ccba2f1eab7e759a7
cf-ray
722de690ae52bb1d-MXP
cdn-requestcountrycode
US
cdn-status
200
cdn-requestpullsuccess
True
gtm.js
www.googletagmanager.com/ 		134 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-N6F9F4L
Requested by
Host: creditoveloce.info
URL: https://creditoveloce.info/pre-landing-new/?ref=8-
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
8a8eade12e56b34b811ba8234f93ed1ac9e90f0aac693c3841ac87a50d6394c2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://creditoveloce.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 10:15:23 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
51873
x-xss-protection
0
last-modified
Wed, 29 Jun 2022 09:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 29 Jun 2022 10:15:23 GMT
fbevents.js
connect.facebook.net/en_US/ 		100 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: creditoveloce.info
URL: https://creditoveloce.info/pre-landing-new/?ref=8-
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
3d79854e01d0c79408c548889dcfddd23e4ef10f11c698c831b570573ee13b97
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://creditoveloce.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
26344
x-xss-protection
0
pragma
public
x-fb-debug
Sqje1Xc4WyTaxZRfDlXeGm+Yp07ixnGfX/LYyxpEfgBvRDW5Gx+dctQAtLCslO/0w29o7fWdr5auivluZ1AEkw==
x-fb-trip-id
917726464
x-frame-options
DENY
date
Wed, 29 Jun 2022 10:15:23 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
expires
Sat, 01 Jan 2000 00:00:00 GMT
124547992575739
connect.facebook.net/signals/config/ 		288 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/124547992575739?v=2.9.62&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e36f377fa08adeacdb9342ef88a4c69d0b5d4d3e57335547197a63f57784bbf4
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://creditoveloce.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection
0
pragma
public
x-fb-debug
htjuwnHX5GKp3IpVCpk2uNReeudzkibPhHUOZaH3TeQzvEFHq5x06iZ+laxsCTQT3SvnwQy1b8z6mmgYzh21sQ==
x-fb-trip-id
917726464
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Wed, 29 Jun 2022 10:15:23 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
x-content-cdn-origin-ts
1656497723224
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N6F9F4L
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://creditoveloce.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
4790
date
Wed, 29 Jun 2022 08:55:33 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Wed, 29 Jun 2022 10:55:33 GMT
conversion_async.js
www.googleadservices.com/pagead/ 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N6F9F4L
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
a9c87374e4ec256cc7ab841753a48a58afd958317dfb7567982b014977008d1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://creditoveloce.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 10:15:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15000
x-xss-protection
0
server
cafe
etag
15252473734373555178
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 29 Jun 2022 10:15:23 GMT
client.js
spsk.cc/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://spsk.cc/client.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N6F9F4L
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
164.90.162.187 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) / Express
Resource Hash
18c1d67b135893b7225c17a1936683ba545544e4a41e495742405ddeb6f89c59

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://creditoveloce.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 29 Jun 2022 10:15:23 GMT
Last-Modified
Tue, 02 Feb 2021 10:20:37 GMT
Server
nginx/1.18.0 (Ubuntu)
X-Powered-By
Express
ETag
W/"436-17762422118"
Content-Type
application/javascript; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=0
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1078
zcpt.js
js-tag.zemanta.com/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-tag.zemanta.com/zcpt.js
Requested by
Host: creditoveloce.info
URL: https://creditoveloce.info/pre-landing-new/?ref=8-
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:247d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
707a1c5f8a523cba04451bdb18c5ad0a346e21a6b9b220c56dc3c6186a81d20a

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://creditoveloce.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 10:15:23 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 14 Apr 2022 08:02:43 GMT
server
cloudflare
age
3454
etag
W/"93b00e61c579c3c722803da1899d3af9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=14400
cf-ray
722de6928a83374e-MXP
x-amz-request-id
CGHYFTMF0HS0WNTR
x-amz-id-2
F1A/+VQpO1CCCUYzSn2GDmPau7XGoXUYeAoyC3wLQh3IRMCZexTeFBdaPwccwsvAOkX57QoHOcs=
tfa.js
cdn.taboola.com/libtrc/unip/1454286/ 		55 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/unip/1454286/tfa.js
Requested by
Host: creditoveloce.info
URL: https://creditoveloce.info/pre-landing-new/?ref=8-
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
eddcb0d86923705e2a08b16e7ba04dd216ae2cfd18c139a270c00a24cf4b6e1e

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://creditoveloce.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id
MrvXW_cOsHTMRb.8fIT.5GXBC7AWguYj
content-encoding
gzip
etag
"cfc904ec8e225619b1bec87f205cf8ed"
age
1
x-cache
HIT
x-amz-replication-status
PENDING
content-length
17388
x-amz-id-2
+h9coDnjm581R+OCsYp7i2fT0Q9qIztjUNvZgwU3Ay11bVchzSDvU5r2hVrqybS97QVjzHOv6Zk=
x-served-by
cache-mxp6970-MXP
last-modified
Sun, 26 Jun 2022 11:04:28 GMT
server
AmazonS3
x-timer
S1656497723.280697,VS0,VE1
date
Wed, 29 Jun 2022 10:15:23 GMT
vary
Accept-Encoding
x-amz-request-id
1EK5QF5C7MHXA7TQ
via
1.1 varnish
cache-control
private,max-age=14401
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
95
x-cache-hits
1
mgsensor.js
a.mgid.com/ 		16 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.mgid.com/mgsensor.js?d=1656497723209
Requested by
Host: creditoveloce.info
URL: https://creditoveloce.info/pre-landing-new/?ref=8-
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4a08c761769c3a3c7543a9a9159c6cb6045e7b5d4c641b2e4e4c124b57e11b2f

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://creditoveloce.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 10:15:23 GMT
content-encoding
br
cf-cache-status
DYNAMIC
x-mg-request-uuid
c30d32c6-f712-416c-9c62-2b2fc93fc69c
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cf-ray
722de6928f0a3742-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
server
cloudflare
/
www.facebook.com/tr/ 		44 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=124547992575739&ev=PageView&dl=https%3A%2F%2Fcreditoveloce.info%2Fpre-landing-new%2F%3Fref%3D8-&rl=&if=false&ts=1656497723292&sw=1600&sh=1200&v=2.9.62&r=stable&ec=0&o=30&fbp=fb.1.1656497723291.1625045923&it=1656497723154&coo=false&exp=p1&rqm=GET
Requested by
Host: creditoveloce.info
URL: https://creditoveloce.info/pre-landing-new/?ref=8-
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://creditoveloce.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 10:15:23 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
44
expires
Wed, 29 Jun 2022 10:15:23 GMT
json
trc.taboola.com/1454286/trc/3/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/1454286/trc/3/json?tim=1656497723302&data=%7B%22id%22%3A900%2C%22ii%22%3A%22%2Fpre-landing-new%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1656497723298%2C%22cv%22%3A%2220220626-8-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fcreditoveloce.info%2Fpre-landing-new%2F%3Fref%3D8-%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%3Fref%3D8-%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3De-leads-financial-sc%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1656497723302%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Fcreditoveloce.info%2Fpre-landing-new%2F%3Fref%3D8-%22%2C%22tos%22%3A1%2C%22ssd%22%3A1%2C%22scd%22%3A100%2C%22supv%22%3Atrue%7D%7D&pubit=i
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1454286/tfa.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
a0257d60930766a47d709b7b367fb41d24b0b8e030fd3370a106cac6f302e9a9

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://creditoveloce.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-vcl-time-ms
35
date
Wed, 29 Jun 2022 10:15:23 GMT
content-encoding
gzip
server
nginx
x-timer
S1656497723.329602,VS0,VE35
x-served-by
cache-mxp6970-MXP
vary
Accept-Encoding
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
*
access-control-allow-credentials
true
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
via
1.1 varnish
x-cache-hits
0
/
p1.zemanta.com/v2/p/js/41835/PAGE_VIEW/ 		26 B
112 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p1.zemanta.com/v2/p/js/41835/PAGE_VIEW/?bust=07827020807086371&optOut=false
Requested by
Host: creditoveloce.info
URL: https://creditoveloce.info/pre-landing-new/?ref=8-
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:247d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://creditoveloce.info/pre-landing-new/?ref=8-
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 10:15:23 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
722de692dae9374e-MXP
content-type
image/gif
x-robots-tag
none
content-length
26
collect
stats.g.doubleclick.net/j/ 		4 B
443 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-124159496-2&cid=963234813.1656497723&jid=38820770&gjid=698459631&_gid=11371521.1656497723&_u=YGBAgEABAAAAAE~&z=626614813
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c08::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
b4cd4f889e2c7dd71da12d2b0a29aa6346de2e5d8b3c882d7700d64c700f661d
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://creditoveloce.info/
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Wed, 29 Jun 2022 10:15:23 GMT
content-type
text/plain
access-control-allow-origin
https://creditoveloce.info
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=1545173451&t=pageview&_s=1&dl=https%3A%2F%2Fcreditoveloce.info%2Fpre-landing-new%2F%3Fref%3D8-&ul=en-us&de=UTF-8&dt=Finanziatiora%20%7C%20Prestito%20convezione%20INPS%20-%20Ex%20inpdap%20-%20NoiPA&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgEAB~&jid=38820770&gjid=698459631&cid=963234813.1656497723&tid=UA-124159496-2&_gid=11371521.1656497723&gtm=2wg6r0N6F9F4L&z=1401227396
Requested by
Host: creditoveloce.info
URL: https://creditoveloce.info/pre-landing-new/?ref=8-
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://creditoveloce.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Jun 2022 10:18:06 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
86237
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/750383324/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/750383324/?random=1656497723378&cv=9&fst=1656497723378&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg6r0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fcreditoveloce.info%2Fpre-landing-new%2F%3Fref%3D8-&tiba=Finanziatiora%20%7C%20Prestito%20convezione%20INPS%20-%20Ex%20inpdap%20-%20NoiPA&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
60825542af928568913134c385a102f4be900e3dc6fc6ddeb5482c322936c201
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://creditoveloce.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Jun 2022 10:15:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1075
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
1x1.gif
a.mgid.com/ 		43 B
273 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.mgid.com/1x1.gif?id=698440&type=c&tg=&r=https%3A%2F%2Fcreditoveloce.info%2Fpre-landing-new%2F%3Fref%3D8-&utmc=0&utmt=0&nv=1&utms=&utmcp=&utmm=&clid=&clidv=0&cmgid=0&cmtid=0&cmtuid=0&d=1656497723415
Requested by
Host: creditoveloce.info
URL: https://creditoveloce.info/pre-landing-new/?ref=8-
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://creditoveloce.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 10:15:23 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif
cf-ray
722de6939a8f375f-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
ga-audiences
www.google.com/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-124159496-2&cid=963234813.1656497723&jid=38820770&_u=YGBAgEABAAAAAE~&z=404729130
Requested by
Host: creditoveloce.info
URL: https://creditoveloce.info/pre-landing-new/?ref=8-
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://creditoveloce.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Jun 2022 10:15:23 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.it/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.it/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-124159496-2&cid=963234813.1656497723&jid=38820770&_u=YGBAgEABAAAAAE~&z=404729130
Requested by
Host: creditoveloce.info
URL: https://creditoveloce.info/pre-landing-new/?ref=8-
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://creditoveloce.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Jun 2022 10:15:23 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/750383324/ 		42 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/750383324/?random=1656497723378&cv=9&fst=1656496800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg6r0&sendb=1&frm=0&url=https%3A%2F%2Fcreditoveloce.info%2Fpre-landing-new%2F%3Fref%3D8-&tiba=Finanziatiora%20%7C%20Prestito%20convezione%20INPS%20-%20Ex%20inpdap%20-%20NoiPA&async=1&fmt=3&is_vtc=1&random=1361942815&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: creditoveloce.info
URL: https://creditoveloce.info/pre-landing-new/?ref=8-
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://creditoveloce.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Jun 2022 10:15:23 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.it/pagead/1p-user-list/750383324/ 		42 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.it/pagead/1p-user-list/750383324/?random=1656497723378&cv=9&fst=1656496800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg6r0&sendb=1&frm=0&url=https%3A%2F%2Fcreditoveloce.info%2Fpre-landing-new%2F%3Fref%3D8-&tiba=Finanziatiora%20%7C%20Prestito%20convezione%20INPS%20-%20Ex%20inpdap%20-%20NoiPA&async=1&fmt=3&is_vtc=1&random=1361942815&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: creditoveloce.info
URL: https://creditoveloce.info/pre-landing-new/?ref=8-
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://creditoveloce.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Jun 2022 10:15:23 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
event
spsk.cc/api/ 		16 B
291 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://spsk.cc/api/event
Requested by
Host: spsk.cc
URL: https://spsk.cc/client.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
164.90.162.187 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) / Express
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Request headers

Referer
https://creditoveloce.info/
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
content-type
application/json

Response headers

Date
Wed, 29 Jun 2022 10:15:23 GMT
ETag
W/"10-oV4hJxRVSENxc/wX8+mA4/Pe4tA"
Server
nginx/1.18.0 (Ubuntu)
X-Powered-By
Express
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Connection
keep-alive
Content-Length
16
event
spsk.cc/api/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://spsk.cc/api/event
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
164.90.162.187 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) / Express
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://creditoveloce.info
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Access-Control-Allow-Headers
content-type
Access-Control-Allow-Methods
GET,HEAD,PUT,PATCH,POST,DELETE
Access-Control-Allow-Origin
*
Connection
keep-alive
Content-Length
0
Date
Wed, 29 Jun 2022 10:15:23 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Access-Control-Request-Headers
X-Powered-By
Express
/
www.facebook.com/tr/ 		44 B
91 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=124547992575739&ev=Microdata&dl=https%3A%2F%2Fcreditoveloce.info%2Fpre-landing-new%2F%3Fref%3D8-&rl=&if=false&ts=1656497724794&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Finanziatiora%20%7C%20Prestito%20convezione%20INPS%20-%20Ex%20inpdap%20-%20NoiPA%22%2C%22meta%3Adescription%22%3A%22Prestiti%20in%20convenzione%20INPS%20-%20ex%20INPDAP%20fino%20a%2075.000%E2%82%AC%22%2C%22meta%3Akeywords%22%3A%22%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.62&r=stable&ec=1&o=30&fbp=fb.1.1656497723291.1625045923&it=1656497723154&coo=false&es=automatic&tm=3&exp=p1&rqm=GET
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://creditoveloce.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 10:15:24 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority
u=3,i
expires
Wed, 29 Jun 2022 10:15:24 GMT
unip
trc-events.taboola.com/1454286/log/3/ 		0
248 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc-events.taboola.com/1454286/log/3/unip?en=pre_d_eng_tb&tos=1551&scd=100&ssd=1&est=1656497723300&ver=35&isls=true&src=i&invt=1500&rv=1&tim=1656497724852&vi=1656497723298&ri=7f051782d7c3c65866dddb2b8766fd1e&ref=null&cv=20220626-8-RELEASE&item-url=https%3A%2F%2Fcreditoveloce.info%2Fpre-landing-new%2F%3Fref%3D8-
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1454286/tfa.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://creditoveloce.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-origin
https://creditoveloce.info
pragma
no-cache
date
Wed, 29 Jun 2022 10:15:24 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

Verdicts & Comments Add Verdict or Comment

43 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| dataLayer function| fbq function| _fbq function| selectJob function| getParameterByName object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga function| zemApi object| _tfa object| MgSensorData function| _typeof object| TFASC object| TRC object| _taboola number| taboola_view_id object| TRCImpl function| __trcError object| gaplugins object| gaGlobal object| gaData function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO object| MgSensor function| MgSensorInvoke function| MgSensorInvoke0 object| _mgq function| _mgqp number| _mgqt number| _mgqi object| _mgr object| _mghl object| spsk

15 Cookies

Domain/Path Name / Value
ct.tk2gk.com/ Name: aff_ran_url_921
Value: 8406
ct.tk2gk.com/ Name: enc_aff_session_921
Value: ENC03962145e6e8cb4e0b95e40185fd0f7fca185b56cc826094fb62d895433c53f1665e029c8eaf5fa92ae1a168423f4a92240e18d51908c89901914df8cb5525c656fb2d57a5413bec7cbdea30199885470dbc43b45bbe008c4eca57f10888315d8fc7af7229ae6d8e49c877aa5d4fec88f41823078ab363de04d1681b17eb865dbb09cd74e1
ct.tk2gk.com/ Name: ho_mob
Value: eyJtb2JpbGVfZGV2aWNlX29zIjoiRGVza3RvcCIsIm1vYmlsZV9vc192ZXJzaW9uIjoiMCIsIm1vYmlsZV9kZXZpY2VfbW9kZWwiOiJDaHJvbWUiLCJtb2JpbGVfZGV2aWNlX2JyYW5kIjoiR29vZ2xlIiwibW9iaWxlX2Jyb3dzZXIiOiJDaHJvbWUgRGVza3RvcCIsIm1vYmlsZV9icm93c2VyX3ZlcnNpb24iOiIxMDMiLCJtb2JpbGVfY2FycmllciI6Ij8iLCJ1c2VyX2FnZW50IjoiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IFg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgTGlrZSBHZWNrbykgQ2hyb21lLzEwMy4wLjUwNjAuNTMgU2FmYXJpLzUzNy4zNiIsImFjY2VwdF9sYW5ndWFnZSI6Iml0LUlULGl0O3E9MC45IiwiY29ubmVjdGlvbl9zcGVlZCI6ImJyb2FkYmFuZCJ9
trk.elds.it/ Name: afclick
Value: 62bc263a78e8460001ba8253
trk.elds.it/ Name: afoffers
Value: {"80":1656497722}
.creditoveloce.info/ Name: _gcl_au
Value: 1.1.1199783057.1656497723
.creditoveloce.info/ Name: _fbp
Value: fb.1.1656497723291.1625045923
.creditoveloce.info/ Name: _ga
Value: GA1.2.963234813.1656497723
.creditoveloce.info/ Name: _gid
Value: GA1.2.11371521.1656497723
.creditoveloce.info/ Name: _dc_gtm_UA-124159496-2
Value: 1
.mgid.com/ Name: __cf_bm
Value: O.VdtCyXRW0Uz3dUAwHSxz_nEqgyhWkh2Jcpila3FU4-1656497723-0-AX9EVNBE2YZTmJwaJ1ILgqCwRfoQ+MhOwgfafZoNn6gQw4UW5KsDQuMyJr8z6qa804mllrZCbzRr4NrpY/g8IYI=
creditoveloce.info/ Name: MgidSensorNVis
Value: 1
creditoveloce.info/ Name: MgidSensorHref
Value: https://creditoveloce.info/pre-landing-new/?ref=8-
.facebook.com/ Name: fr
Value: 0osgqZv2Eqc6Tgqep..BivCY7...1.0.BivCY7.
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.mgid.com
cdn.taboola.com
connect.facebook.net
creditoveloce.info
ct.tk2gk.com
googleads.g.doubleclick.net
js-tag.zemanta.com
maxcdn.bootstrapcdn.com
news.offertatua.it
p1.zemanta.com
spsk.cc
stats.g.doubleclick.net
trc-events.taboola.com
trc.taboola.com
trk.elds.it
www.facebook.com
www.google-analytics.com
www.google.com
www.google.it
www.googleadservices.com
www.googletagmanager.com
104.19.133.78
141.226.228.48
142.250.186.130
151.101.193.44
161.35.72.115
164.90.162.187
2606:4700:10::ac43:247d
2606:4700::6812:acf
2a00:1450:4001:80b::2002
2a00:1450:4001:80f::200e
2a00:1450:4001:810::2008
2a00:1450:4001:829::2004
2a00:1450:4001:831::2003
2a00:1450:400c:c08::9b
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
2a06:98c1:3120::3
63.34.252.79
91.192.43.154
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
18c1d67b135893b7225c17a1936683ba545544e4a41e495742405ddeb6f89c59
2c0f3dcfe93d7e380c290fe4ab838ed8cadff1596d62697f5444be460d1f876d
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
3d79854e01d0c79408c548889dcfddd23e4ef10f11c698c831b570573ee13b97
4a08c761769c3a3c7543a9a9159c6cb6045e7b5d4c641b2e4e4c124b57e11b2f
60825542af928568913134c385a102f4be900e3dc6fc6ddeb5482c322936c201
707a1c5f8a523cba04451bdb18c5ad0a346e21a6b9b220c56dc3c6186a81d20a
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8a8eade12e56b34b811ba8234f93ed1ac9e90f0aac693c3841ac87a50d6394c2
a0257d60930766a47d709b7b367fb41d24b0b8e030fd3370a106cac6f302e9a9
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a9c87374e4ec256cc7ab841753a48a58afd958317dfb7567982b014977008d1b
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
b4cd4f889e2c7dd71da12d2b0a29aa6346de2e5d8b3c882d7700d64c700f661d
bd5bc927756e63904cba5af00096d1f621b6c6e0f9c7ee80a476ca6f5aa78793
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
e36f377fa08adeacdb9342ef88a4c69d0b5d4d3e57335547197a63f57784bbf4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eddcb0d86923705e2a08b16e7ba04dd216ae2cfd18c139a270c00a24cf4b6e1e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f544686016d321990a3fd3980f14f77f4c07a7824ffd4f698b42bba59d8c7e4d