Submitted URL: http://trk.elds.it/click?pid=59&offer_id=33&sub1=scontorapido/
Effective URL: https://prestitiscout.it/affiliate-prestitiscout-sept-2021/?&ref=59-scontorapido%2F
Submission: On October 28 via api from NL — Scanned from IT

Summary

This website contacted 8 IPs in 3 countries across 9 domains to perform 33 HTTP transactions. The main IP is 104.248.19.6, located in Frankfurt am Main, Germany and belongs to DIGITALOCEAN-ASN, US. The main domain is prestitiscout.it.
TLS certificate: Issued by R3 on October 21st 2023. Valid for: 3 months.
This is the only time prestitiscout.it was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 188.114.96.3 13335 (CLOUDFLAR...)
1 1 167.172.161.210 14061 (DIGITALOC...)
11 104.248.19.6 14061 (DIGITALOC...)
3 142.250.186.74 15169 (GOOGLE)
6 134.209.251.157 14061 (DIGITALOC...)
4 157.240.0.6 32934 (FACEBOOK)
4 142.250.185.227 15169 (GOOGLE)
2 172.64.103.11 13335 (CLOUDFLAR...)
1 142.250.181.232 15169 (GOOGLE)
2 157.240.0.35 32934 (FACEBOOK)
33 8
Apex Domain
Subdomains
Transfer
11 prestitiscout.it
prestitiscout.it
991 KB
7 e-leads.it
sp.e-leads.it
form.e-leads.it
1 MB
4 gstatic.com
fonts.gstatic.com
82 KB
4 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 174
178 KB
3 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 31
3 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 110
216 B
2 fontawesome.com
use.fontawesome.com — Cisco Umbrella Rank: 1002
84 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 35
87 KB
1 elds.it
trk.elds.it
883 B
33 9
Domain Requested by
11 prestitiscout.it prestitiscout.it
6 form.e-leads.it prestitiscout.it
form.e-leads.it
4 fonts.gstatic.com fonts.googleapis.com
4 connect.facebook.net prestitiscout.it
connect.facebook.net
form.e-leads.it
3 fonts.googleapis.com prestitiscout.it
form.e-leads.it
2 www.facebook.com prestitiscout.it
form.e-leads.it
2 use.fontawesome.com form.e-leads.it
use.fontawesome.com
1 www.googletagmanager.com form.e-leads.it
1 sp.e-leads.it 1 redirects
1 trk.elds.it 1 redirects
33 10

This site contains links to these domains. Also see Links.

Domain
finanziatiora.it
e-leads.it
Subject Issuer Validity Valid
prestitiscout.it
R3
2023-10-21 -
2024-01-19
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2023-10-09 -
2024-01-01
3 months crt.sh
form.e-leads.it
R3
2023-10-15 -
2024-01-13
3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2023-08-07 -
2023-11-05
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2023-10-09 -
2024-01-01
3 months crt.sh
use.fontawesome.com
Cloudflare Inc ECC CA-3
2023-10-12 -
2024-10-10
a year crt.sh
*.google-analytics.com
GTS CA 1C3
2023-10-09 -
2024-01-01
3 months crt.sh

This page contains 2 frames:

Primary Page: https://prestitiscout.it/affiliate-prestitiscout-sept-2021/?&ref=59-scontorapido%2F
Frame ID: E27C0D6E32AA10D7D6E9098CDE903E72
Requests: 20 HTTP requests in this frame

Frame: https://form.e-leads.it/form/finance/?aff_id=1kAySCliereFM6QmWw9ehzev2Ks2&aff_ref=59-scontorapido%2F&bg_color=%23ffffff&btn_color=%23F56217&type=cessione&orientation=v&host=prestitiscout.it&url=https%3A%2F%2Fprestitiscout.it%2Faffiliate-prestitiscout-sept-2021%2F%3F%26ref%3D59-scontorapido%252F&frameId=3KlKa
Frame ID: 03A2371E1802D9EC5E31B821E93ECAFC
Requests: 13 HTTP requests in this frame

Screenshot

Page Title

PrestitiScout | Prestiti fino a 75.000€

Page URL History Show full URLs

  1. http://trk.elds.it/click?pid=59&offer_id=33&sub1=scontorapido/ HTTP 302
    https://sp.e-leads.it/t/prestitiscout?ref=59-scontorapido/ HTTP 302
    https://prestitiscout.it/affiliate-prestitiscout-sept-2021/?&ref=59-scontorapido%2F Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

33
Requests

100 %
HTTPS

0 %
IPv6

9
Domains

10
Subdomains

8
IPs

3
Countries

2794 kB
Transfer

4351 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://trk.elds.it/click?pid=59&offer_id=33&sub1=scontorapido/ HTTP 302
    https://sp.e-leads.it/t/prestitiscout?ref=59-scontorapido/ HTTP 302
    https://prestitiscout.it/affiliate-prestitiscout-sept-2021/?&ref=59-scontorapido%2F Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

33 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
prestitiscout.it/affiliate-prestitiscout-sept-2021/
Redirect Chain
  • http://trk.elds.it/click?pid=59&offer_id=33&sub1=scontorapido/
  • https://sp.e-leads.it/t/prestitiscout?ref=59-scontorapido/
  • https://prestitiscout.it/affiliate-prestitiscout-sept-2021/?&ref=59-scontorapido%2F
15 KB
4 KB
Document
General
Full URL
https://prestitiscout.it/affiliate-prestitiscout-sept-2021/?&ref=59-scontorapido%2F
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.248.19.6 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
prestitiscout.it
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
8862241d325ed68fa8c9cf798434634414a040a3dd02787c06f84d72f63327a5

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
it-IT,it;q=0.9

Response headers

Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
3981
Content-Type
text/html; charset=UTF-8
Date
Sat, 28 Oct 2023 18:52:40 GMT
Keep-Alive
timeout=5, max=100
Server
Apache/2.4.41 (Ubuntu)
Vary
Accept-Encoding

Redirect headers

Access-Control-Allow-Origin
*
Connection
keep-alive
Content-Length
218
Content-Type
text/html; charset=utf-8
Date
Sat, 28 Oct 2023 18:52:40 GMT
Location
https://prestitiscout.it/affiliate-prestitiscout-sept-2021/?&ref=59-scontorapido%2F
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept
X-Powered-By
Express
vendor.css
prestitiscout.it/affiliate-prestitiscout-sept-2021/assets/css/
365 KB
47 KB
Stylesheet
General
Full URL
https://prestitiscout.it/affiliate-prestitiscout-sept-2021/assets/css/vendor.css
Requested by
Host: prestitiscout.it
URL: https://prestitiscout.it/affiliate-prestitiscout-sept-2021/?&ref=59-scontorapido%2F
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.248.19.6 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
prestitiscout.it
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
0c806fd02de94f0c464e744d9692e79a21ddf62dd15e4bce9f53d5460ca1e2b0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://prestitiscout.it/affiliate-prestitiscout-sept-2021/?&ref=59-scontorapido%2F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Sat, 28 Oct 2023 18:52:40 GMT
Content-Encoding
gzip
Last-Modified
Thu, 26 May 2022 13:09:51 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"5b3be-5dfe9e7bbefca-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
47716
style.css
prestitiscout.it/affiliate-prestitiscout-sept-2021/assets/css/
71 KB
10 KB
Stylesheet
General
Full URL
https://prestitiscout.it/affiliate-prestitiscout-sept-2021/assets/css/style.css
Requested by
Host: prestitiscout.it
URL: https://prestitiscout.it/affiliate-prestitiscout-sept-2021/?&ref=59-scontorapido%2F
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.248.19.6 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
prestitiscout.it
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
7cfd2930bcdcc40ca5f3ebc37b81e4e82d28df819f1481e2b8bd6141d9d8facf

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://prestitiscout.it/affiliate-prestitiscout-sept-2021/?&ref=59-scontorapido%2F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Sat, 28 Oct 2023 18:52:40 GMT
Content-Encoding
gzip
Last-Modified
Thu, 26 May 2022 13:09:51 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"11bfe-5dfe9e7bb632a-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
10356
logo-light.png
prestitiscout.it/affiliate-prestitiscout-sept-2021/assets/images/logo/
59 KB
59 KB
Image
General
Full URL
https://prestitiscout.it/affiliate-prestitiscout-sept-2021/assets/images/logo/logo-light.png
Requested by
Host: prestitiscout.it
URL: https://prestitiscout.it/affiliate-prestitiscout-sept-2021/?&ref=59-scontorapido%2F
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.248.19.6 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
prestitiscout.it
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
253c60ff8cf8a3c603d3bdd46d3433065dcbab0addde97c97c93b80218b7eba8

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://prestitiscout.it/affiliate-prestitiscout-sept-2021/?&ref=59-scontorapido%2F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Sat, 28 Oct 2023 18:52:40 GMT
Last-Modified
Thu, 26 May 2022 13:09:53 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"eaf3-5dfe9e7db00e4"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
60147
illustration.jpg
prestitiscout.it/affiliate-prestitiscout-sept-2021/assets/images/illustration/
736 KB
736 KB
Image
General
Full URL
https://prestitiscout.it/affiliate-prestitiscout-sept-2021/assets/images/illustration/illustration.jpg
Requested by
Host: prestitiscout.it
URL: https://prestitiscout.it/affiliate-prestitiscout-sept-2021/?&ref=59-scontorapido%2F
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.248.19.6 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
prestitiscout.it
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
7c589d97fb555d52b58dc498d2a1d2490bea71e2b3a1063efefb88049eb124b5

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://prestitiscout.it/affiliate-prestitiscout-sept-2021/?&ref=59-scontorapido%2F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Sat, 28 Oct 2023 18:52:40 GMT
Last-Modified
Thu, 26 May 2022 13:09:53 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"b7ffc-5dfe9e7db7de4"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
753660
css
fonts.googleapis.com/
4 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto:400,500&display=swap
Requested by
Host: prestitiscout.it
URL: https://prestitiscout.it/affiliate-prestitiscout-sept-2021/?&ref=59-scontorapido%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.74 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f10.1e100.net
Software
ESF /
Resource Hash
c4ec171d8f202fb90c55007f2dc8ab43a7d089d5e7b717eb03b41fdb3907b261
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://prestitiscout.it/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 28 Oct 2023 18:52:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 28 Oct 2023 17:24:43 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 28 Oct 2023 18:52:40 GMT
css2
fonts.googleapis.com/
11 KB
818 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Montserrat:ital,wght@0,400;0,500;0,600;0,700;1,600;1,700&display=swap
Requested by
Host: prestitiscout.it
URL: https://prestitiscout.it/affiliate-prestitiscout-sept-2021/?&ref=59-scontorapido%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.74 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f10.1e100.net
Software
ESF /
Resource Hash
1956919fb766fd8e549c21624b19b714382f47d69026067710784a5a7548ff0f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://prestitiscout.it/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 28 Oct 2023 18:52:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 28 Oct 2023 18:52:40 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 28 Oct 2023 18:52:40 GMT
simple-line-icons.css
prestitiscout.it/affiliate-prestitiscout-sept-2021/assets/simple-line-icons/css/
12 KB
3 KB
Stylesheet
General
Full URL
https://prestitiscout.it/affiliate-prestitiscout-sept-2021/assets/simple-line-icons/css/simple-line-icons.css
Requested by
Host: prestitiscout.it
URL: https://prestitiscout.it/affiliate-prestitiscout-sept-2021/?&ref=59-scontorapido%2F
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.248.19.6 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
prestitiscout.it
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
cdd31dce65b6e3bd3c540a14b265a314bd9bd3718e5eaff74ad0fad9109a838f

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://prestitiscout.it/affiliate-prestitiscout-sept-2021/?&ref=59-scontorapido%2F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Sat, 28 Oct 2023 18:52:40 GMT
Content-Encoding
gzip
Last-Modified
Thu, 26 May 2022 13:09:54 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"31d2-5dfe9e7e68a02-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
2679
jquery-3.5.1.min.js
prestitiscout.it/affiliate-prestitiscout-sept-2021/assets/js/vendor/
147 KB
37 KB
Script
General
Full URL
https://prestitiscout.it/affiliate-prestitiscout-sept-2021/assets/js/vendor/jquery-3.5.1.min.js
Requested by
Host: prestitiscout.it
URL: https://prestitiscout.it/affiliate-prestitiscout-sept-2021/?&ref=59-scontorapido%2F
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.248.19.6 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
prestitiscout.it
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
6e7e019e8348c366ad234e388d1d52ea7c06a0c573af42915f8d865ca4a0943f

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://prestitiscout.it/affiliate-prestitiscout-sept-2021/?&ref=59-scontorapido%2F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Sat, 28 Oct 2023 18:52:40 GMT
Content-Encoding
gzip
Last-Modified
Thu, 26 May 2022 13:09:54 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"24da8-5dfe9e7e5af42-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
37090
vendor.js
prestitiscout.it/affiliate-prestitiscout-sept-2021/assets/js/
288 KB
62 KB
Script
General
Full URL
https://prestitiscout.it/affiliate-prestitiscout-sept-2021/assets/js/vendor.js
Requested by
Host: prestitiscout.it
URL: https://prestitiscout.it/affiliate-prestitiscout-sept-2021/?&ref=59-scontorapido%2F
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.248.19.6 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
prestitiscout.it
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
08c586f0ec154c7258f2d2432d743b90fae0508230c44fdfd0a922ef14f5c982

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://prestitiscout.it/affiliate-prestitiscout-sept-2021/?&ref=59-scontorapido%2F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Sat, 28 Oct 2023 18:52:40 GMT
Content-Encoding
gzip
Last-Modified
Thu, 26 May 2022 13:09:52 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"481df-5dfe9e7c3eea8-gzip"
Vary
Accept-Encoding
Transfer-Encoding
chunked
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
functions.js
prestitiscout.it/affiliate-prestitiscout-sept-2021/assets/js/
10 KB
3 KB
Script
General
Full URL
https://prestitiscout.it/affiliate-prestitiscout-sept-2021/assets/js/functions.js
Requested by
Host: prestitiscout.it
URL: https://prestitiscout.it/affiliate-prestitiscout-sept-2021/?&ref=59-scontorapido%2F
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.248.19.6 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
prestitiscout.it
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
ef56a973562d280dc1a5b19212f101c3c25431a14bed12be747048999134ed2c

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://prestitiscout.it/affiliate-prestitiscout-sept-2021/?&ref=59-scontorapido%2F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Sat, 28 Oct 2023 18:52:40 GMT
Content-Encoding
gzip
Last-Modified
Thu, 26 May 2022 13:09:52 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"2604-5dfe9e7c2c5c8-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
2708
eleads-lib.js
form.e-leads.it/
6 KB
6 KB
Script
General
Full URL
https://form.e-leads.it/eleads-lib.js
Requested by
Host: prestitiscout.it
URL: https://prestitiscout.it/affiliate-prestitiscout-sept-2021/?&ref=59-scontorapido%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
134.209.251.157 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) / Express
Resource Hash
9975dc7b192770426c65e61691462786885b77138d950c8369cfe6cd7daacc9e

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://prestitiscout.it/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Sat, 28 Oct 2023 18:52:40 GMT
last-modified
Thu, 24 Nov 2022 07:41:51 GMT
server
nginx/1.10.3 (Ubuntu)
x-powered-by
Express
etag
W/"1715-184a895f8a8"
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
content-length
5909
fbevents.js
connect.facebook.net/en_US/
202 KB
54 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: prestitiscout.it
URL: https://prestitiscout.it/affiliate-prestitiscout-sept-2021/?&ref=59-scontorapido%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-fra3.fbcdn.net
Software
/
Resource Hash
da88b5aaa98c29a87e083a9edc66b83263a994d39634d80696eaf0532485c142
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://prestitiscout.it/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sat, 28 Oct 2023 18:52:40 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
54253
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
a67o7rp+5+dG8TjLX8DFGb+OcKTGfIwZQx442wQjoY27YgIJr47bJEzRxjlnx1vvd/RruVo1E+FVcQP8kFq12Q==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
bg-icon.svg
prestitiscout.it/affiliate-prestitiscout-sept-2021/assets/images/background/
393 B
681 B
Image
General
Full URL
https://prestitiscout.it/affiliate-prestitiscout-sept-2021/assets/images/background/bg-icon.svg
Requested by
Host: prestitiscout.it
URL: https://prestitiscout.it/affiliate-prestitiscout-sept-2021/assets/css/style.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.248.19.6 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
prestitiscout.it
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
70fa13dd021192a0e560ab5f0c97c833060036af0c9a7d7e9c5c60c6457b476b

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://prestitiscout.it/affiliate-prestitiscout-sept-2021/assets/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Sat, 28 Oct 2023 18:52:40 GMT
Last-Modified
Thu, 26 May 2022 13:09:52 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"189-5dfe9e7ccd7e7"
Content-Type
image/svg+xml
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
393
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/
15 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,500&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f3.1e100.net
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://prestitiscout.it
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 04:06:52 GMT
x-content-type-options
nosniff
age
139548
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 26 Oct 2024 04:06:52 GMT
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v26/
32 KB
32 KB
Font
General
Full URL
https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:ital,wght@0,400;0,500;0,600;0,700;1,600;1,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f3.1e100.net
Software
sffe /
Resource Hash
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://prestitiscout.it
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 18:17:59 GMT
x-content-type-options
nosniff
age
174881
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33092
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 22:51:58 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 25 Oct 2024 18:17:59 GMT
Simple-Line-Icons.woff2
prestitiscout.it/affiliate-prestitiscout-sept-2021/assets/simple-line-icons/fonts/
29 KB
30 KB
Font
General
Full URL
https://prestitiscout.it/affiliate-prestitiscout-sept-2021/assets/simple-line-icons/fonts/Simple-Line-Icons.woff2?v=2.3.2
Requested by
Host: prestitiscout.it
URL: https://prestitiscout.it/affiliate-prestitiscout-sept-2021/assets/simple-line-icons/css/simple-line-icons.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.248.19.6 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
prestitiscout.it
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
104673f4859604362a18fc6294197d8fffb8cb24ad3211e92eb04f655e18cf4a

Request headers

Referer
https://prestitiscout.it/affiliate-prestitiscout-sept-2021/assets/simple-line-icons/css/simple-line-icons.css
Origin
https://prestitiscout.it
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Sat, 28 Oct 2023 18:52:40 GMT
Last-Modified
Thu, 26 May 2022 13:09:54 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"7570-5dfe9e7ec2781"
Content-Type
font/woff2
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
30064
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/
16 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,500&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f3.1e100.net
Software
sffe /
Resource Hash
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://prestitiscout.it
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 15:18:02 GMT
x-content-type-options
nosniff
age
99278
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15920
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 26 Oct 2024 15:18:02 GMT
/
form.e-leads.it/form/finance/ Frame 03A2
2 KB
2 KB
Document
General
Full URL
https://form.e-leads.it/form/finance/?aff_id=1kAySCliereFM6QmWw9ehzev2Ks2&aff_ref=59-scontorapido%2F&bg_color=%23ffffff&btn_color=%23F56217&type=cessione&orientation=v&host=prestitiscout.it&url=https%3A%2F%2Fprestitiscout.it%2Faffiliate-prestitiscout-sept-2021%2F%3F%26ref%3D59-scontorapido%252F&frameId=3KlKa
Requested by
Host: form.e-leads.it
URL: https://form.e-leads.it/eleads-lib.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
134.209.251.157 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) / Express
Resource Hash
6228a39f024eac6f1a81f3b5bdfe99c22bda1fb6137c40d07a06c701c7af70a0

Request headers

Referer
https://prestitiscout.it/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
it-IT,it;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-origin
*
cache-control
public, max-age=0
content-length
2008
content-type
text/html; charset=UTF-8
date
Sat, 28 Oct 2023 18:52:40 GMT
etag
W/"7d8-18b1d9c8513"
last-modified
Wed, 11 Oct 2023 07:21:18 GMT
server
nginx/1.10.3 (Ubuntu)
x-powered-by
Express
124547992575739
connect.facebook.net/signals/config/
139 KB
36 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/124547992575739?v=2.9.136&r=stable&domain=prestitiscout.it
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-fra3.fbcdn.net
Software
/
Resource Hash
206d344080945db64b91139ee1fc634e9d58940310ddc45fffac36d9e05f1aae
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://prestitiscout.it/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sat, 28 Oct 2023 18:52:40 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
36863
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
9+WVRGw17FajX0hA58xVOyrA1vh8pU9cZ2fU8bjdKhq0IXDC+cIbWUJruLztUNK1eM7AN1GY1904XRUA8nWlaw==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
all.css
use.fontawesome.com/releases/v5.5.0/css/ Frame 03A2
50 KB
12 KB
Stylesheet
General
Full URL
https://use.fontawesome.com/releases/v5.5.0/css/all.css
Requested by
Host: form.e-leads.it
URL: https://form.e-leads.it/form/finance/?aff_id=1kAySCliereFM6QmWw9ehzev2Ks2&aff_ref=59-scontorapido%2F&bg_color=%23ffffff&btn_color=%23F56217&type=cessione&orientation=v&host=prestitiscout.it&url=https%3A%2F%2Fprestitiscout.it%2Faffiliate-prestitiscout-sept-2021%2F%3F%26ref%3D59-scontorapido%252F&frameId=3KlKa
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.103.11 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9e4cac65c7a5ee0bd0743afefcabdd3e73854e1284ac9ac433813d6231f550f2

Request headers

Referer
https://form.e-leads.it/
Origin
https://form.e-leads.it
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Sat, 28 Oct 2023 18:52:41 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
48X7C0AG8GMP80W0
age
1729873
alt-svc
h3=":443"; ma=86400
x-amz-id-2
wvkgRCVn2g2ooLqoghiMeoY/FXsVc+4jG9IQjhZS4pGOedjTyurgBcreA5nbuCC6oQoZmPWeHY8=
last-modified
Wed, 30 Jun 2021 15:43:32 GMT
server
cloudflare
etag
W/"1cc6c92172d124fbd305ba3d8e263333"
access-control-max-age
3000
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ql2JScfTTc5z3V%2BdmP7WEv3LVbH%2BIMzJdedYYBdugfxe11ProDqxUUQmiK821KLkRdW3P3NnMOr4uImHt5CF%2FloSCAOrNrnif0lJkWXDaX8An%2BYo%2BNyKAglaWS4qVKZUhRfZ9kmp"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31556926
cf-ray
81d560944b2e3627-FRA
css
fonts.googleapis.com/ Frame 03A2
3 KB
738 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Open+Sans
Requested by
Host: form.e-leads.it
URL: https://form.e-leads.it/form/finance/?aff_id=1kAySCliereFM6QmWw9ehzev2Ks2&aff_ref=59-scontorapido%2F&bg_color=%23ffffff&btn_color=%23F56217&type=cessione&orientation=v&host=prestitiscout.it&url=https%3A%2F%2Fprestitiscout.it%2Faffiliate-prestitiscout-sept-2021%2F%3F%26ref%3D59-scontorapido%252F&frameId=3KlKa
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.74 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f10.1e100.net
Software
ESF /
Resource Hash
4ddf6973fa3421cc10d8946187a761c0317632b66442c3d20c736024fba1029f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://form.e-leads.it/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 28 Oct 2023 18:52:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 28 Oct 2023 18:23:13 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 28 Oct 2023 18:52:40 GMT
js
www.googletagmanager.com/gtag/ Frame 03A2
256 KB
87 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-MHM2CFNK4Z
Requested by
Host: form.e-leads.it
URL: https://form.e-leads.it/form/finance/?aff_id=1kAySCliereFM6QmWw9ehzev2Ks2&aff_ref=59-scontorapido%2F&bg_color=%23ffffff&btn_color=%23F56217&type=cessione&orientation=v&host=prestitiscout.it&url=https%3A%2F%2Fprestitiscout.it%2Faffiliate-prestitiscout-sept-2021%2F%3F%26ref%3D59-scontorapido%252F&frameId=3KlKa
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.232 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
e855f3b94f73555f3e210c7119e0a90c5d3d6a6c8c765e1a5aaba49cea637a9d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://form.e-leads.it/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Sat, 28 Oct 2023 18:52:41 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
88739
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 28 Oct 2023 18:52:41 GMT
styles.6f44cc24ae62abc70e47.css
form.e-leads.it/form/ Frame 03A2
125 KB
26 KB
Stylesheet
General
Full URL
https://form.e-leads.it/form/styles.6f44cc24ae62abc70e47.css
Requested by
Host: form.e-leads.it
URL: https://form.e-leads.it/form/finance/?aff_id=1kAySCliereFM6QmWw9ehzev2Ks2&aff_ref=59-scontorapido%2F&bg_color=%23ffffff&btn_color=%23F56217&type=cessione&orientation=v&host=prestitiscout.it&url=https%3A%2F%2Fprestitiscout.it%2Faffiliate-prestitiscout-sept-2021%2F%3F%26ref%3D59-scontorapido%252F&frameId=3KlKa
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
134.209.251.157 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) / Express
Resource Hash
2da25296ce3639ea205e6ce801a314d91d061a8b512444ce958300a0e2810969

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://form.e-leads.it/form/finance/?aff_id=1kAySCliereFM6QmWw9ehzev2Ks2&aff_ref=59-scontorapido%2F&bg_color=%23ffffff&btn_color=%23F56217&type=cessione&orientation=v&host=prestitiscout.it&url=https%3A%2F%2Fprestitiscout.it%2Faffiliate-prestitiscout-sept-2021%2F%3F%26ref%3D59-scontorapido%252F&frameId=3KlKa
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Sat, 28 Oct 2023 18:52:40 GMT
content-encoding
gzip
last-modified
Wed, 11 Oct 2023 07:21:18 GMT
server
nginx/1.10.3 (Ubuntu)
x-powered-by
Express
etag
W/"1f47d-18b1d9c8513"
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=0
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
runtime.06daa30a2963fa413676.js
form.e-leads.it/form/ Frame 03A2
1 KB
2 KB
Script
General
Full URL
https://form.e-leads.it/form/runtime.06daa30a2963fa413676.js
Requested by
Host: form.e-leads.it
URL: https://form.e-leads.it/form/finance/?aff_id=1kAySCliereFM6QmWw9ehzev2Ks2&aff_ref=59-scontorapido%2F&bg_color=%23ffffff&btn_color=%23F56217&type=cessione&orientation=v&host=prestitiscout.it&url=https%3A%2F%2Fprestitiscout.it%2Faffiliate-prestitiscout-sept-2021%2F%3F%26ref%3D59-scontorapido%252F&frameId=3KlKa
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
134.209.251.157 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) / Express
Resource Hash
eb3d5f2600910179bef8b0709214b7c721ea66e92ebb35bc282264beb2631eaf

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://form.e-leads.it/form/finance/?aff_id=1kAySCliereFM6QmWw9ehzev2Ks2&aff_ref=59-scontorapido%2F&bg_color=%23ffffff&btn_color=%23F56217&type=cessione&orientation=v&host=prestitiscout.it&url=https%3A%2F%2Fprestitiscout.it%2Faffiliate-prestitiscout-sept-2021%2F%3F%26ref%3D59-scontorapido%252F&frameId=3KlKa
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Sat, 28 Oct 2023 18:52:40 GMT
last-modified
Wed, 11 Oct 2023 07:21:18 GMT
server
nginx/1.10.3 (Ubuntu)
x-powered-by
Express
etag
W/"5a0-18b1d9c8513"
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
content-length
1440
polyfills.38cfeb63b91a963d9fbf.js
form.e-leads.it/form/ Frame 03A2
58 KB
59 KB
Script
General
Full URL
https://form.e-leads.it/form/polyfills.38cfeb63b91a963d9fbf.js
Requested by
Host: form.e-leads.it
URL: https://form.e-leads.it/form/finance/?aff_id=1kAySCliereFM6QmWw9ehzev2Ks2&aff_ref=59-scontorapido%2F&bg_color=%23ffffff&btn_color=%23F56217&type=cessione&orientation=v&host=prestitiscout.it&url=https%3A%2F%2Fprestitiscout.it%2Faffiliate-prestitiscout-sept-2021%2F%3F%26ref%3D59-scontorapido%252F&frameId=3KlKa
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
134.209.251.157 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) / Express
Resource Hash
cd9bf5e322757904d39d567079553d73a445806c914f3eb24a9f8caca84d0081

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://form.e-leads.it/form/finance/?aff_id=1kAySCliereFM6QmWw9ehzev2Ks2&aff_ref=59-scontorapido%2F&bg_color=%23ffffff&btn_color=%23F56217&type=cessione&orientation=v&host=prestitiscout.it&url=https%3A%2F%2Fprestitiscout.it%2Faffiliate-prestitiscout-sept-2021%2F%3F%26ref%3D59-scontorapido%252F&frameId=3KlKa
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Sat, 28 Oct 2023 18:52:40 GMT
last-modified
Wed, 11 Oct 2023 07:21:18 GMT
server
nginx/1.10.3 (Ubuntu)
x-powered-by
Express
etag
W/"e8a9-18b1d9c8513"
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
content-length
59561
main.fe1f7e0dae94918d0c92.js
form.e-leads.it/form/ Frame 03A2
1 MB
1 MB
Script
General
Full URL
https://form.e-leads.it/form/main.fe1f7e0dae94918d0c92.js
Requested by
Host: form.e-leads.it
URL: https://form.e-leads.it/form/finance/?aff_id=1kAySCliereFM6QmWw9ehzev2Ks2&aff_ref=59-scontorapido%2F&bg_color=%23ffffff&btn_color=%23F56217&type=cessione&orientation=v&host=prestitiscout.it&url=https%3A%2F%2Fprestitiscout.it%2Faffiliate-prestitiscout-sept-2021%2F%3F%26ref%3D59-scontorapido%252F&frameId=3KlKa
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
134.209.251.157 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) / Express
Resource Hash
a3d477a1255c13bd4366c9ac39bd149b373a26720210fcbca6f7482b2ff19d9b

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://form.e-leads.it/form/finance/?aff_id=1kAySCliereFM6QmWw9ehzev2Ks2&aff_ref=59-scontorapido%2F&bg_color=%23ffffff&btn_color=%23F56217&type=cessione&orientation=v&host=prestitiscout.it&url=https%3A%2F%2Fprestitiscout.it%2Faffiliate-prestitiscout-sept-2021%2F%3F%26ref%3D59-scontorapido%252F&frameId=3KlKa
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Sat, 28 Oct 2023 18:52:40 GMT
last-modified
Wed, 11 Oct 2023 07:21:18 GMT
server
nginx/1.10.3 (Ubuntu)
x-powered-by
Express
etag
W/"13df61-18b1d9c8513"
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
content-length
1302369
/
www.facebook.com/tr/
0
185 B
Image
General
Full URL
https://www.facebook.com/tr/?id=124547992575739&ev=PageView&dl=https%3A%2F%2Fprestitiscout.it%2Faffiliate-prestitiscout-sept-2021%2F%3F%26ref%3D59-scontorapido%252F&rl=&if=false&ts=1698519161003&sw=1600&sh=1200&v=2.9.136&r=stable&ec=0&o=4126&fbp=fb.1.1698519161001.1627291063&cs_est=true&ler=empty&it=1698519160936&coo=false&rqm=GET
Requested by
Host: prestitiscout.it
URL: https://prestitiscout.it/affiliate-prestitiscout-sept-2021/?&ref=59-scontorapido%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.0.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-fra3.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://prestitiscout.it/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Sat, 28 Oct 2023 18:52:41 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
fbevents.js
connect.facebook.net/en_US/ Frame 03A2
202 KB
53 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: form.e-leads.it
URL: https://form.e-leads.it/form/finance/?aff_id=1kAySCliereFM6QmWw9ehzev2Ks2&aff_ref=59-scontorapido%2F&bg_color=%23ffffff&btn_color=%23F56217&type=cessione&orientation=v&host=prestitiscout.it&url=https%3A%2F%2Fprestitiscout.it%2Faffiliate-prestitiscout-sept-2021%2F%3F%26ref%3D59-scontorapido%252F&frameId=3KlKa
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-fra3.fbcdn.net
Software
/
Resource Hash
da88b5aaa98c29a87e083a9edc66b83263a994d39634d80696eaf0532485c142
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://form.e-leads.it/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sat, 28 Oct 2023 18:52:41 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
54253
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
PcE5lWJpXLC82geKJV7nI/PkhNuwT26jXC99+2N0zepjeBQJpwyp/pNxEH3C5vi65fMY5nreVWkInzpdv3tiLg==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
fonts.gstatic.com/s/opensans/v36/ Frame 03A2
18 KB
18 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v36/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f3.1e100.net
Software
sffe /
Resource Hash
441e23601fe7525a142857c98cbb2784997579d51a17f736d7964dceee609709
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://form.e-leads.it
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 18:18:21 GMT
x-content-type-options
nosniff
age
174860
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18664
x-xss-protection
0
last-modified
Thu, 14 Sep 2023 01:36:18 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 25 Oct 2024 18:18:21 GMT
fa-solid-900.woff2
use.fontawesome.com/releases/v5.5.0/webfonts/ Frame 03A2
72 KB
73 KB
Font
General
Full URL
https://use.fontawesome.com/releases/v5.5.0/webfonts/fa-solid-900.woff2
Requested by
Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.5.0/css/all.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.103.11 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7798165ee5a3c6809310d8261dcbe7c8d0c12d795b7b09a71af3eb86ec8f33f2

Request headers

Referer
https://use.fontawesome.com/releases/v5.5.0/css/all.css
Origin
https://form.e-leads.it
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Sat, 28 Oct 2023 18:52:41 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
TCJ5FT88D991TRYP
age
1854485
alt-svc
h3=":443"; ma=86400
content-length
73852
x-amz-id-2
2lqqT17kWkWWqUDOYme/cD68cPyo/P5HnxN9TcMFdQ0sMpZUmnew2n9skwIj/MtS4acvvsJ2cL0=
last-modified
Wed, 30 Jun 2021 15:43:51 GMT
server
cloudflare
etag
"fb493903265cad425ccdf8e04fc2de61"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
font/woff2
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J7QjC2K789DKjp8xKVPfVpITJNuoX%2B0W55nemQ0RSJ1GU8h3CF%2Fzyi5H2c%2FUeZ%2FekmomYTaxNYiyDf4E6YnFt0H72x9%2F8HfY3gGjW1AIWZpjSvHKOvkLrXZFrbtiHgLJsWOXAvnS"}],"group":"cf-nel","max_age":604800}
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control
max-age=31556926
accept-ranges
bytes
cf-ray
81d560958d1a3627-FRA
1210762275771509
connect.facebook.net/signals/config/ Frame 03A2
133 KB
35 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/1210762275771509?v=2.9.136&r=stable&domain=prestitiscout.it
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-fra3.fbcdn.net
Software
/
Resource Hash
be7e17a4344e1e91d9eb1810dccd169d5f42da5c553718cad1b608c000bec89a
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://form.e-leads.it/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sat, 28 Oct 2023 18:52:41 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
35350
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
tiQcn8jcvifpU8w+beuiOtoJW+3/cLaVziNTNQNwEWl88AnapUOtmQ7CuzhZTrVT4PbTHf+5ko/FV9OL9/rX4w==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ Frame 03A2
0
31 B
Image
General
Full URL
https://www.facebook.com/tr/?id=1210762275771509&ev=PageView&dl=https%3A%2F%2Fform.e-leads.it%2Fform%2Ffinance%3Faff_id%3D1kAySCliereFM6QmWw9ehzev2Ks2%26aff_ref%3D59-scontorapido%252F%26bg_color%3D%2523ffffff%26btn_color%3D%2523F56217%26type%3Dcessione%26orientation%3Dv%26host%3Dprestitiscout.it%26url%3Dhttps%3A%252F%252Fprestitiscout.it%252Faffiliate-prestitiscout-sept-2021%252F%253F%2526ref%253D59-scontorapido%25252F%26frameId%3D3KlKa&rl=https%3A%2F%2Fprestitiscout.it%2F&if=true&ts=1698519161295&sw=1600&sh=1200&v=2.9.136&r=stable&ec=0&o=4126&ler=other&it=1698519161217&coo=false&rqm=GET
Requested by
Host: form.e-leads.it
URL: https://form.e-leads.it/form/finance?aff_id=1kAySCliereFM6QmWw9ehzev2Ks2&aff_ref=59-scontorapido%2F&bg_color=%23ffffff&btn_color=%23F56217&type=cessione&orientation=v&host=prestitiscout.it&url=https:%2F%2Fprestitiscout.it%2Faffiliate-prestitiscout-sept-2021%2F%3F%26ref%3D59-scontorapido%252F&frameId=3KlKa
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.0.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-fra3.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://form.e-leads.it/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Sat, 28 Oct 2023 18:52:41 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0

Verdicts & Comments Add Verdict or Comment

24 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| documentPictureInPicture object| s string| u object| e object| el_p function| fbq function| _fbq function| $ function| jQuery object| bootstrap function| Waypoint function| Popper function| WOW function| messageReceived function| el_resizeIframe function| el_makeid object| style object| par string| url object| classname string| id object| div object| ifrm

1 Cookies

Domain/Path Name / Value
.prestitiscout.it/ Name: _fbp
Value: fb.1.1698519161001.1627291063

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
form.e-leads.it
prestitiscout.it
sp.e-leads.it
trk.elds.it
use.fontawesome.com
www.facebook.com
www.googletagmanager.com
104.248.19.6
134.209.251.157
142.250.181.232
142.250.185.227
142.250.186.74
157.240.0.35
157.240.0.6
167.172.161.210
172.64.103.11
188.114.96.3
08c586f0ec154c7258f2d2432d743b90fae0508230c44fdfd0a922ef14f5c982
0c806fd02de94f0c464e744d9692e79a21ddf62dd15e4bce9f53d5460ca1e2b0
104673f4859604362a18fc6294197d8fffb8cb24ad3211e92eb04f655e18cf4a
1956919fb766fd8e549c21624b19b714382f47d69026067710784a5a7548ff0f
206d344080945db64b91139ee1fc634e9d58940310ddc45fffac36d9e05f1aae
253c60ff8cf8a3c603d3bdd46d3433065dcbab0addde97c97c93b80218b7eba8
2da25296ce3639ea205e6ce801a314d91d061a8b512444ce958300a0e2810969
441e23601fe7525a142857c98cbb2784997579d51a17f736d7964dceee609709
4ddf6973fa3421cc10d8946187a761c0317632b66442c3d20c736024fba1029f
6228a39f024eac6f1a81f3b5bdfe99c22bda1fb6137c40d07a06c701c7af70a0
6e7e019e8348c366ad234e388d1d52ea7c06a0c573af42915f8d865ca4a0943f
70fa13dd021192a0e560ab5f0c97c833060036af0c9a7d7e9c5c60c6457b476b
7798165ee5a3c6809310d8261dcbe7c8d0c12d795b7b09a71af3eb86ec8f33f2
7c589d97fb555d52b58dc498d2a1d2490bea71e2b3a1063efefb88049eb124b5
7cfd2930bcdcc40ca5f3ebc37b81e4e82d28df819f1481e2b8bd6141d9d8facf
8862241d325ed68fa8c9cf798434634414a040a3dd02787c06f84d72f63327a5
9975dc7b192770426c65e61691462786885b77138d950c8369cfe6cd7daacc9e
9e4cac65c7a5ee0bd0743afefcabdd3e73854e1284ac9ac433813d6231f550f2
a3d477a1255c13bd4366c9ac39bd149b373a26720210fcbca6f7482b2ff19d9b
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
be7e17a4344e1e91d9eb1810dccd169d5f42da5c553718cad1b608c000bec89a
c4ec171d8f202fb90c55007f2dc8ab43a7d089d5e7b717eb03b41fdb3907b261
cd9bf5e322757904d39d567079553d73a445806c914f3eb24a9f8caca84d0081
cdd31dce65b6e3bd3c540a14b265a314bd9bd3718e5eaff74ad0fad9109a838f
da88b5aaa98c29a87e083a9edc66b83263a994d39634d80696eaf0532485c142
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e855f3b94f73555f3e210c7119e0a90c5d3d6a6c8c765e1a5aaba49cea637a9d
eb3d5f2600910179bef8b0709214b7c721ea66e92ebb35bc282264beb2631eaf
ef56a973562d280dc1a5b19212f101c3c25431a14bed12be747048999134ed2c
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615