urlscan.io logo urlscan.io
SecurityTrails logo

185.198.117.126 Open in urlscan Pro
185.198.117.126  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
URL: https://185.198.117.126/it
Submission: On February 14 via api from BY — Scanned from IT
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 14 IPs in 4 countries across 11 domains to perform 42 HTTP transactions. The main IP is 185.198.117.126, located in Italy and belongs to . The main domain is 185.198.117.126.
TLS certificate: Issued by GlobalSign RSA OV SSL CA 2018 on August 4th 2023. Valid for: a year.
This is the only time 185.198.117.126 was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Nexi (Banking)

Domain & IP information

20    185.198.117.126 (Italy)

ASN- ()
185.198.117.126
1    151.101.64.114 (United States)

ASN54113 (FASTLY, US)
cdn.evgnet.com
1    2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
2    2a00:1450:4001:809::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2a00:1450:4001:830::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    2600:9000:26e8:5800:5:b7cc:d3c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
sdk.privacy-center.org
1    2606:4700:10::6816:1cc (United States)

ASN13335 (CLOUDFLARENET, US)
acsbapp.com
4    2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    54.73.50.138 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-73-50-138.eu-west-1.compute.amazonaws.com
apps.mypurecloud.ie
1    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
1    2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
5    3.229.37.255 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-229-37-255.compute-1.amazonaws.com
apps.mypurecloud.com
Apex Domain
Subdomains		 Transfer
5 mypurecloud.com
apps.mypurecloud.com — Cisco Umbrella Rank: 10510
189 KB
5 gstatic.com
www.gstatic.com
fonts.gstatic.com
434 KB
2 privacy-center.org
sdk.privacy-center.org — Cisco Umbrella Rank: 4378
88 KB
2 google.com
www.google.com — Cisco Umbrella Rank: 2
3 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 52
210 KB
1 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 120
455 B
1 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2000
254 B
1 mypurecloud.ie
apps.mypurecloud.ie — Cisco Umbrella Rank: 95769
7 KB
1 acsbapp.com
acsbapp.com — Cisco Umbrella Rank: 4541
90 KB
1 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 434
31 KB
1 evgnet.com
cdn.evgnet.com — Cisco Umbrella Rank: 4093
42 KB
42 11
Domain Requested by
5 apps.mypurecloud.com apps.mypurecloud.ie
4 www.gstatic.com www.google.com
www.gstatic.com
2 sdk.privacy-center.org 185.198.117.126
sdk.privacy-center.org
2 www.google.com 185.198.117.126
www.gstatic.com
2 www.googletagmanager.com 185.198.117.126
www.googletagmanager.com
1 fonts.gstatic.com www.google.com
1 pagead2.googlesyndication.com www.googletagmanager.com
1 region1.google-analytics.com www.googletagmanager.com
1 apps.mypurecloud.ie 185.198.117.126
1 acsbapp.com 185.198.117.126
1 ajax.googleapis.com 185.198.117.126
1 cdn.evgnet.com 185.198.117.126
42 12

This site contains links to these domains. Also see Links.

Domain
ecommerce.nexi.it
www.nexi.it
it-it.facebook.com
www.youtube.com
twitter.com
it.linkedin.com
Subject Issuer Validity Valid
www.nexi.it
GlobalSign RSA OV SSL CA 2018		 2023-08-04 -
2024-08-21		 a year crt.sh
cdn.evergage.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-03-06 -
2024-03-04		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2024-01-29 -
2024-04-22		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2024-01-29 -
2024-04-22		 3 months crt.sh
www.google.com
GTS CA 1C3		 2024-01-29 -
2024-04-22		 3 months crt.sh
*.privacy-center.org
Amazon RSA 2048 M02		 2023-03-25 -
2024-04-22		 a year crt.sh
acsbapp.com
GTS CA 1P5		 2023-12-26 -
2024-03-25		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2024-01-29 -
2024-04-22		 3 months crt.sh
mypurecloud.ie
Amazon RSA 2048 M01		 2023-08-20 -
2024-09-16		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2024-01-29 -
2024-04-22		 3 months crt.sh
mypurecloud.com
Amazon RSA 2048 M03		 2023-08-19 -
2024-09-15		 a year crt.sh

This page contains 2 frames:

Primary Page: https://185.198.117.126/it
Frame ID: 49D30F715DFEBBC42FE76C150C977251
Requests: 38 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ld7ALUZAAAAAK4iDeutbuh9DdH-o4dwFyb6FGIP&co=aHR0cHM6Ly8xODUuMTk4LjExNy4xMjY6NDQz&hl=it&v=x5WWoE57Fv0d6ATKsLDIAKnt&size=invisible&cb=gdblltx9uqqe
Frame ID: 19C291431ECAC48EC25D31D277D25926
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Nexi, l’innovazione dei pagamenti digitali in Italia

Detected technologies

Overall confidence: 100%
Detected patterns
  • /etc\.clientlibs/
Overall confidence: 100%
Detected patterns
  • sdk\.privacy-center\.org/.*/loader\.js
Overall confidence: 100%
Detected patterns
  • apps\.mypurecloud\.\w+/widgets/([\d.]+)
  • apps\.mypurecloud\.\w+
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

42
Requests

52 %
HTTPS

69 %
IPv6

11
Domains

12
Subdomains

14
IPs

4
Countries

2754 kB
Transfer

5329 kB
Size

5
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

42 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request it
185.198.117.126/ 		132 KB
31 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://185.198.117.126/it
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.198.117.126 , Italy, ASN (),
Reverse DNS
Software
/
Resource Hash
fe106d4c9ba6d6f402e94852ef2ea01313f1b6bf1771f5bd7f4f7397044b70ff
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language
it-IT,it;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Methods
GET, HEAD
Connection
Keep-Alive
Content-Encoding
gzip
Content-Security-Policy
frame-ancestors 'self'
Content-Type
text/html; charset=UTF-8
Date
Wed, 14 Feb 2024 09:05:56 GMT
ETag
"21134-611469a118f7e"
Keep-Alive
timeout=5, max=89
Last-Modified
Tue, 13 Feb 2024 17:19:50 GMT
P3P
policyref="/w3c/p3p.xml", CP="IDC DSP COR NID DEVi OUR BUS INT"
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
evergage.min.js
cdn.evgnet.com/beacon/nexipayments/engage/scripts/ 		144 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.evgnet.com/beacon/nexipayments/engage/scripts/evergage.min.js
Requested by
Host: 185.198.117.126
URL: https://185.198.117.126/it
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.64.114 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
681834065104f982c30d1423fdf02c1a084fa738c48d1eba546b7f9f40630597

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://185.198.117.126/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

x-amz-version-id
tJJm_XaB23NBElAGTMYQUjP6lOqbmnhX
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
date
Wed, 14 Feb 2024 09:05:56 GMT
x-amz-request-id
ERGN76M8HC0T0KJC
age
110
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
x-amz-replication-status
COMPLETED
content-length
42410
x-amz-id-2
IVV+G7sqgnHRkvqpPBRMWvk5hFNgxfdJONnM85MRfst+YPc8oWbvB4elwNOjHka+/28lmNB1KHxcXSCWklaru8ycPAZB5Nv93v822iepR0Y=
x-served-by
cache-iad-kcgs7200109-IAD, cache-mxp6921-MXP
x-amz-meta-evergage-sum
f796e3e856dc0615278df80269c66f4dd1fa1a16
last-modified
Mon, 22 Jan 2024 22:19:04 GMT
server
AmazonS3
x-timer
S1707901556.346259,VS0,VE1
etag
"ac3404833c9f1936add004a5adcc83f3"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=120
accept-ranges
bytes
timing-allow-origin
*
x-amz-meta-evergage-beacon-ver
16
x-cache-hits
82527, 1
clientlib-site.css
185.198.117.126/etc.clientlibs/nexinew/clientlibs/ 		286 KB
79 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://185.198.117.126/etc.clientlibs/nexinew/clientlibs/clientlib-site.css
Requested by
Host: 185.198.117.126
URL: https://185.198.117.126/it
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.198.117.126 , Italy, ASN (),
Reverse DNS
Software
/
Resource Hash
fba15097c263db75abe48e8a19dd939fefca68d0f4c248e6d0bc9c1f420924ce
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Frame-Options SAMEORIGIN

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://185.198.117.126/it
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date
Wed, 14 Feb 2024 09:05:56 GMT
Content-Security-Policy
frame-ancestors 'self'
Content-Encoding
gzip
Last-Modified
Tue, 30 Jan 2024 10:25:17 GMT
ETag
"4796c-610272dbca1bc"
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, HEAD
Content-Type
text/css
P3P
policyref="/w3c/p3p.xml", CP="IDC DSP COR NID DEVi OUR BUS INT"
Cache-Control
max-age=300, public
Transfer-Encoding
chunked
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=88
clientlib-chatbot.css
185.198.117.126/etc.clientlibs/nexinew/clientlibs/ 		147 KB
40 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://185.198.117.126/etc.clientlibs/nexinew/clientlibs/clientlib-chatbot.css
Requested by
Host: 185.198.117.126
URL: https://185.198.117.126/it
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.198.117.126 , Italy, ASN (),
Reverse DNS
Software
/
Resource Hash
ab87a73113c2e5c71a723edd0af7e1a42f8e05a888f7f333c248f5b587075233
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Frame-Options SAMEORIGIN

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://185.198.117.126/it
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date
Wed, 14 Feb 2024 09:05:56 GMT
Content-Security-Policy
frame-ancestors 'self'
Content-Encoding
gzip
Last-Modified
Tue, 30 Jan 2024 10:25:18 GMT
ETag
"24abd-610272dd4f064"
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, HEAD
Content-Type
text/css
P3P
policyref="/w3c/p3p.xml", CP="IDC DSP COR NID DEVi OUR BUS INT"
Cache-Control
max-age=300, public
Transfer-Encoding
chunked
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=88
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.5.1/ 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js
Requested by
Host: 185.198.117.126
URL: https://185.198.117.126/it
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://185.198.117.126/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Tue, 13 Feb 2024 00:55:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
115830
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31021
x-xss-protection
0
last-modified
Fri, 08 May 2020 07:05:03 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 12 Feb 2025 00:55:26 GMT
nexi-logo-white.svg
185.198.117.126/content/dam/nexinew/icone/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://185.198.117.126/content/dam/nexinew/icone/nexi-logo-white.svg
Requested by
Host: 185.198.117.126
URL: https://185.198.117.126/it
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.198.117.126 , Italy, ASN (),
Reverse DNS
Software
/
Resource Hash
4c399d83f036f296ac9cdc6cbb47af8f77b8892218b7c0ae7c26b292f4eddd08
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Frame-Options SAMEORIGIN

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://185.198.117.126/it
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date
Wed, 14 Feb 2024 09:05:56 GMT
Content-Security-Policy
frame-ancestors 'self'
Last-Modified
Thu, 01 Feb 2024 09:51:01 GMT
ETag
"72c-6104eeedacc51"
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, HEAD
Content-Type
image/svg+xml
P3P
policyref="/w3c/p3p.xml", CP="IDC DSP COR NID DEVi OUR BUS INT"
Cache-Control
max-age=300, public
Transfer-Encoding
chunked
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=59
nexi-logo-dark.svg
185.198.117.126/content/dam/nexinew/icone/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://185.198.117.126/content/dam/nexinew/icone/nexi-logo-dark.svg
Requested by
Host: 185.198.117.126
URL: https://185.198.117.126/it
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.198.117.126 , Italy, ASN (),
Reverse DNS
Software
/
Resource Hash
2bef6e7b4bd23a7009ddf29a2896bbdc7e25a365b501b2c34b5fd42917e12337
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Frame-Options SAMEORIGIN

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://185.198.117.126/it
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date
Wed, 14 Feb 2024 09:05:56 GMT
Content-Security-Policy
frame-ancestors 'self'
Last-Modified
Thu, 01 Feb 2024 09:51:01 GMT
ETag
"8fa-6104eeee6319d"
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, HEAD
Content-Type
image/svg+xml
P3P
policyref="/w3c/p3p.xml", CP="IDC DSP COR NID DEVi OUR BUS INT"
Cache-Control
max-age=300, public
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=90
Content-Length
2298
gtm.js
www.googletagmanager.com/ 		414 KB
120 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MVCHKSD
Requested by
Host: 185.198.117.126
URL: https://185.198.117.126/it
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
2d8ee2dd768ef40ec42d89a9f9d5910f17d185ed73f643ceaa68ac1aaa093a2a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://185.198.117.126/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 09:05:56 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
122456
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 14 Feb 2024 09:05:56 GMT
hero-homepage-XPayEasy-new-d.webp
185.198.117.126/content/dam/nexinew/schede-prodotto/homepage/ 		110 KB
111 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://185.198.117.126/content/dam/nexinew/schede-prodotto/homepage/hero-homepage-XPayEasy-new-d.webp
Requested by
Host: 185.198.117.126
URL: https://185.198.117.126/it
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.198.117.126 , Italy, ASN (),
Reverse DNS
Software
/
Resource Hash
82e7bfb3324083cdd6eb00e57daf5476a8df6e67f00769d4298232cdef598c9e
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Frame-Options SAMEORIGIN

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://185.198.117.126/it
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date
Wed, 14 Feb 2024 09:05:56 GMT
Content-Security-Policy
frame-ancestors 'self'
Last-Modified
Thu, 01 Feb 2024 09:51:17 GMT
ETag
"1b69a-6104eefd43f04"
X-Frame-Options
SAMEORIGIN
Access-Control-Allow-Methods
GET, HEAD
Content-Type
image/webp
P3P
policyref="/w3c/p3p.xml", CP="IDC DSP COR NID DEVi OUR BUS INT"
Transfer-Encoding
chunked
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=87
hero-homepage-smartPOS-MP-d.webp
185.198.117.126/content/dam/nexinew/schede-prodotto/homepage/ 		77 KB
78 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://185.198.117.126/content/dam/nexinew/schede-prodotto/homepage/hero-homepage-smartPOS-MP-d.webp
Requested by
Host: 185.198.117.126
URL: https://185.198.117.126/it
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.198.117.126 , Italy, ASN (),
Reverse DNS
Software
/
Resource Hash
b16d7014a313258b9097e2413e5e5ffc9cb8369b266d1861c35ff3c8a6d08a3c
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Frame-Options SAMEORIGIN

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://185.198.117.126/it
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date
Wed, 14 Feb 2024 09:05:56 GMT
Content-Security-Policy
frame-ancestors 'self'
Last-Modified
Thu, 01 Feb 2024 09:51:12 GMT
ETag
"13210-6104eef849cf8"
X-Frame-Options
SAMEORIGIN
Access-Control-Allow-Methods
GET, HEAD
Content-Type
image/webp
P3P
policyref="/w3c/p3p.xml", CP="IDC DSP COR NID DEVi OUR BUS INT"
Transfer-Encoding
chunked
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=58
hero-homepage-softPOS-d.webp
185.198.117.126/content/dam/nexinew/schede-prodotto/homepage/ 		124 KB
125 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://185.198.117.126/content/dam/nexinew/schede-prodotto/homepage/hero-homepage-softPOS-d.webp
Requested by
Host: 185.198.117.126
URL: https://185.198.117.126/it
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.198.117.126 , Italy, ASN (),
Reverse DNS
Software
/
Resource Hash
549b311eefd2b2b223406c9dc24bb05bbef70069a9e37e2de12dfb0900bb7d8b
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Frame-Options SAMEORIGIN

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://185.198.117.126/it
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date
Wed, 14 Feb 2024 09:05:56 GMT
Content-Security-Policy
frame-ancestors 'self'
Last-Modified
Thu, 01 Feb 2024 09:51:12 GMT
ETag
"1ef1e-6104eef8348fb"
X-Frame-Options
SAMEORIGIN
Access-Control-Allow-Methods
GET, HEAD
Content-Type
image/webp
P3P
policyref="/w3c/p3p.xml", CP="IDC DSP COR NID DEVi OUR BUS INT"
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=87
Content-Length
126750
ico-help.svg
185.198.117.126/content/dam/nexinew/icone/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://185.198.117.126/content/dam/nexinew/icone/ico-help.svg
Requested by
Host: 185.198.117.126
URL: https://185.198.117.126/it
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.198.117.126 , Italy, ASN (),
Reverse DNS
Software
/
Resource Hash
ec38a7e65969ef0b1b4e200c9da6432906fd95aca5813ad64b71c0ade5c97eea
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Frame-Options SAMEORIGIN

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://185.198.117.126/it
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date
Wed, 14 Feb 2024 09:05:56 GMT
Content-Security-Policy
frame-ancestors 'self'
Last-Modified
Thu, 01 Feb 2024 09:51:02 GMT
ETag
"253a-6104eeeeaf45d"
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, HEAD
Content-Type
image/svg+xml
P3P
policyref="/w3c/p3p.xml", CP="IDC DSP COR NID DEVi OUR BUS INT"
Cache-Control
max-age=300, public
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=87
Content-Length
9530
clientlib-site.js
185.198.117.126/etc.clientlibs/nexinew/clientlibs/ 		839 KB
840 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://185.198.117.126/etc.clientlibs/nexinew/clientlibs/clientlib-site.js
Requested by
Host: 185.198.117.126
URL: https://185.198.117.126/it
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.198.117.126 , Italy, ASN (),
Reverse DNS
Software
/
Resource Hash
c52f0da6b43677aa6cfa23782d214af14e0d854972a321b610a5d783ad7804d1
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Frame-Options SAMEORIGIN

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://185.198.117.126/it
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date
Wed, 14 Feb 2024 09:05:56 GMT
Content-Security-Policy
frame-ancestors 'self'
Last-Modified
Tue, 30 Jan 2024 10:25:17 GMT
ETag
"d1bea-610272dbaf66a"
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, HEAD
Content-Type
application/javascript
P3P
policyref="/w3c/p3p.xml", CP="IDC DSP COR NID DEVi OUR BUS INT"
Cache-Control
max-age=300, public
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=17
Content-Length
859114
api.js
www.google.com/recaptcha/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?render=6Ld7ALUZAAAAAK4iDeutbuh9DdH-o4dwFyb6FGIP
Requested by
Host: 185.198.117.126
URL: https://185.198.117.126/it
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
86c7f7cec2aad8e305dcf57def1edef4fb53829c04ec098562ec010b189994d6
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://185.198.117.126/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 09:05:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Wed, 14 Feb 2024 09:05:56 GMT
truncated
/ 		64 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3f15939181132a8ea3a1798da2a751abff0c0ffd3efae80b7229a921edc4f90b

Request headers

accept-language
it-IT,it;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Content-Type
image/svg+xml
loader.js
sdk.privacy-center.org/3b629be4-eb58-4096-bdbb-615b2c83c816/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sdk.privacy-center.org/3b629be4-eb58-4096-bdbb-615b2c83c816/loader.js?target=185.198.117.126
Requested by
Host: 185.198.117.126
URL: https://185.198.117.126/it
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26e8:5800:5:b7cc:d3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
bc02128438ef172e7ede1360a5c8e3ac7fbfa75ff615a68aa78d96176909eb86

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://185.198.117.126/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

x-didomi-configs-version
95
content-encoding
br
via
1.1 de11a38373aee7f9d5ba9d586bb8bfd2.cloudfront.net (CloudFront)
date
Wed, 14 Feb 2024 09:05:56 GMT
x-amz-cf-pop
FRA56-P10
x-amzn-requestid
dd0a5e68-2565-4759-b15b-6ebe81ca2172
x-amzn-trace-id
root=1-65cbb96d-2baccbfd5a92cb031dea6d83;sampled=1;lineage=eaae1266:0
vary
Accept-Encoding
etag
W/"1a7ba86646a1c6beec35f96b2a5dd41f"
content-type
application/javascript; charset=utf-8
x-cache
RefreshHit from cloudfront
cache-control
max-age=60, public
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
T37LEqHr9jUKg6O1EXC8-em1dBXrIr9eZL0hq9vtnTnyDuuDbEIlHg==
app.js
acsbapp.com/apps/app/dist/js/ 		297 KB
90 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://acsbapp.com/apps/app/dist/js/app.js
Requested by
Host: 185.198.117.126
URL: https://185.198.117.126/it
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f5c3b26ce6a5eae88fe08086da528c1706038017616dd835527fc4ded3470e43

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://185.198.117.126/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 09:05:56 GMT
content-encoding
br
cf-cache-status
REVALIDATED
x-guploader-uploadid
ABPtcPoe0cqxfqdjgnR8zEHr-MJ4ABwv8XaHeMcqO_MTlhr_l_NL_HLUgbg96tKYgnw2AzZ3jvKDxXY8fA
x-goog-storage-class
STANDARD
x-goog-metageneration
3
x-goog-stored-content-encoding
identity
last-modified
Mon, 12 Feb 2024 15:23:43 GMT
server
cloudflare
etag
W/"7677b0efbbcdec95b0f4c14a6f16985d"
vary
Accept-Encoding
x-goog-generation
1707751423571393
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-goog-hash
crc32c=7aeU/A==, md5=dnew77vN7JWw9MFKbxaYXQ==
access-control-expose-headers
*
cache-control
public, max-age=300, must-revalidate
x-goog-stored-content-length
303743
cf-ray
855426f8381fbb1f-MXP
expires
Thu, 13 Feb 2025 09:05:56 GMT
KarbonAppMedium.woff2
185.198.117.126/etc.clientlibs/nexinew/clientlibs/clientlib-site/resources/fonts/karbon/ 		39 KB
40 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://185.198.117.126/etc.clientlibs/nexinew/clientlibs/clientlib-site/resources/fonts/karbon/KarbonAppMedium.woff2
Requested by
Host: 185.198.117.126
URL: https://185.198.117.126/etc.clientlibs/nexinew/clientlibs/clientlib-site.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.198.117.126 , Italy, ASN (),
Reverse DNS
Software
/
Resource Hash
87526f6a2177902e89ac67e69e6152671d38625024ae399ce3ba149599614bb9
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://185.198.117.126/etc.clientlibs/nexinew/clientlibs/clientlib-site.css
Origin
https://185.198.117.126
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date
Wed, 14 Feb 2024 09:05:56 GMT
Content-Security-Policy
frame-ancestors 'self'
Last-Modified
Tue, 30 Jan 2024 10:25:16 GMT
ETag
"9a74-610272daf537d"
X-Frame-Options
SAMEORIGIN
Access-Control-Allow-Methods
GET, HEAD
Content-Type
font/woff2
P3P
policyref="/w3c/p3p.xml", CP="IDC DSP COR NID DEVi OUR BUS INT"
Cache-Control
max-age=300, public
Transfer-Encoding
chunked
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=86
nexinew.ttf
185.198.117.126/etc.clientlibs/nexinew/clientlibs/clientlib-site/resources/fonts/nexinew/ 		21 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://185.198.117.126/etc.clientlibs/nexinew/clientlibs/clientlib-site/resources/fonts/nexinew/nexinew.ttf
Requested by
Host: 185.198.117.126
URL: https://185.198.117.126/etc.clientlibs/nexinew/clientlibs/clientlib-site.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.198.117.126 , Italy, ASN (),
Reverse DNS
Software
/
Resource Hash
525ffea0234afc7e31ca14912e889ef7d13a4c2b741db7e737a1244bbd9c0b73
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://185.198.117.126/etc.clientlibs/nexinew/clientlibs/clientlib-site.css
Origin
https://185.198.117.126
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date
Wed, 14 Feb 2024 09:05:56 GMT
Content-Security-Policy
frame-ancestors 'self'
Last-Modified
Tue, 30 Jan 2024 10:25:16 GMT
ETag
"5360-610272daf14fd"
X-Frame-Options
SAMEORIGIN
Access-Control-Allow-Methods
GET, HEAD
Content-Type
application/font-sfnt
P3P
policyref="/w3c/p3p.xml", CP="IDC DSP COR NID DEVi OUR BUS INT"
Cache-Control
max-age=300, public
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=86
Content-Length
21344
KarbonApp.woff2
185.198.117.126/etc.clientlibs/nexinew/clientlibs/clientlib-site/resources/fonts/karbon/ 		40 KB
40 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://185.198.117.126/etc.clientlibs/nexinew/clientlibs/clientlib-site/resources/fonts/karbon/KarbonApp.woff2
Requested by
Host: 185.198.117.126
URL: https://185.198.117.126/etc.clientlibs/nexinew/clientlibs/clientlib-site.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.198.117.126 , Italy, ASN (),
Reverse DNS
Software
/
Resource Hash
53192495ec43c0d10022eb2fecefd9bd2967f56dab0fd98d3a3d5831422f7323
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://185.198.117.126/etc.clientlibs/nexinew/clientlibs/clientlib-site.css
Origin
https://185.198.117.126
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date
Wed, 14 Feb 2024 09:05:56 GMT
Content-Security-Policy
frame-ancestors 'self'
Last-Modified
Tue, 30 Jan 2024 10:25:16 GMT
ETag
"9e2c-610272db15335"
X-Frame-Options
SAMEORIGIN
Access-Control-Allow-Methods
GET, HEAD
Content-Type
font/woff2
P3P
policyref="/w3c/p3p.xml", CP="IDC DSP COR NID DEVi OUR BUS INT"
Cache-Control
max-age=300, public
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=88
Content-Length
40492
KarbonAppSemibold.woff2
185.198.117.126/etc.clientlibs/nexinew/clientlibs/clientlib-site/resources/fonts/karbon/ 		39 KB
40 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://185.198.117.126/etc.clientlibs/nexinew/clientlibs/clientlib-site/resources/fonts/karbon/KarbonAppSemibold.woff2
Requested by
Host: 185.198.117.126
URL: https://185.198.117.126/etc.clientlibs/nexinew/clientlibs/clientlib-site.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.198.117.126 , Italy, ASN (),
Reverse DNS
Software
/
Resource Hash
83e9a25bc3d65aa88a683b34f650213f0c74e657b29436a37ef138c2ea689dda
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://185.198.117.126/etc.clientlibs/nexinew/clientlibs/clientlib-site.css
Origin
https://185.198.117.126
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date
Wed, 14 Feb 2024 09:05:56 GMT
Content-Security-Policy
frame-ancestors 'self'
Last-Modified
Tue, 30 Jan 2024 10:25:22 GMT
ETag
"9b3c-610272e0a8b0c"
X-Frame-Options
SAMEORIGIN
Access-Control-Allow-Methods
GET, HEAD
Content-Type
font/woff2
P3P
policyref="/w3c/p3p.xml", CP="IDC DSP COR NID DEVi OUR BUS INT"
Cache-Control
max-age=300, public
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=85
Content-Length
39740
recaptcha__it.js
www.gstatic.com/recaptcha/releases/x5WWoE57Fv0d6ATKsLDIAKnt/ 		491 KB
197 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/x5WWoE57Fv0d6ATKsLDIAKnt/recaptcha__it.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6Ld7ALUZAAAAAK4iDeutbuh9DdH-o4dwFyb6FGIP
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
00c92827f3c8ea120c3458bf77302e3163d3d2b2592af2de8e646594a1d2d14a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://185.198.117.126/
Origin
https://185.198.117.126
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Tue, 13 Feb 2024 09:07:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
86314
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
200579
x-xss-protection
0
last-modified
Mon, 05 Feb 2024 05:00:25 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 12 Feb 2025 09:07:22 GMT
sdk.ea24adf02c2d0fee123982a46b4a65b41a3bd7c7.js
sdk.privacy-center.org/sdk/ea24adf02c2d0fee123982a46b4a65b41a3bd7c7/modern/ 		338 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sdk.privacy-center.org/sdk/ea24adf02c2d0fee123982a46b4a65b41a3bd7c7/modern/sdk.ea24adf02c2d0fee123982a46b4a65b41a3bd7c7.js
Requested by
Host: sdk.privacy-center.org
URL: https://sdk.privacy-center.org/3b629be4-eb58-4096-bdbb-615b2c83c816/loader.js?target=185.198.117.126
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26e8:5800:5:b7cc:d3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6e47054ea05e7e9e1adad307dea7806f82d7341078b09d9deb78c136143bf3e7

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://185.198.117.126/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Tue, 13 Feb 2024 15:17:51 GMT
content-encoding
br
via
1.1 de11a38373aee7f9d5ba9d586bb8bfd2.cloudfront.net (CloudFront)
last-modified
Tue, 13 Feb 2024 15:17:27 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P10
age
64086
etag
W/"f817a89190fa2e6962e95737a8a2a59e-1"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
BpV6et9hUjj3sQ1QrlnLk0zpQCX6OqIdUZ6PPwYeDPsFtBeeQme2Zg==
js
www.googletagmanager.com/gtag/ 		271 KB
90 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-2EQBRC1CMY&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MVCHKSD
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
7e0012f9553028f5020afabeedf8f228b007212ba46ca2c93c9f69e18834983c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://185.198.117.126/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 09:05:56 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
92534
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 14 Feb 2024 09:05:56 GMT
anchor
www.google.com/recaptcha/api2/ Frame 19C2 		7 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ld7ALUZAAAAAK4iDeutbuh9DdH-o4dwFyb6FGIP&co=aHR0cHM6Ly8xODUuMTk4LjExNy4xMjY6NDQz&hl=it&v=x5WWoE57Fv0d6ATKsLDIAKnt&size=invisible&cb=gdblltx9uqqe
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/x5WWoE57Fv0d6ATKsLDIAKnt/recaptcha__it.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
0aa36da742e4c3b7c0364bf23d22b7521af22648869570130a37f8678633742b
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-K0cQmkvBL9lZ5ZM4c4pv8w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://185.198.117.126/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language
it-IT,it;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-K0cQmkvBL9lZ5ZM4c4pv8w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 14 Feb 2024 09:05:56 GMT
expires
Wed, 14 Feb 2024 09:05:56 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
cxbus.min.js
apps.mypurecloud.ie/widgets/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apps.mypurecloud.ie/widgets/cxbus.min.js
Requested by
Host: 185.198.117.126
URL: https://185.198.117.126/etc.clientlibs/nexinew/clientlibs/clientlib-site.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.73.50.138 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-73-50-138.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
c6effbed30ae0b7219fd6e4a1b6a55755673ef6ee43ce88ad8c9154e51418c41
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://185.198.117.126/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 09:05:57 GMT
content-encoding
gzip
x-amz-version-id
1kAEZv3DDIl6UzBFjZH9psDU6j6aHD5B
last-modified
Wed, 15 Nov 2023 08:57:08 GMT
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-request-id
JN9J3T8DCRW1EZ5M
etag
"15e290c6392b7f9f12f9d72ed3a6506a"
content-type
text/javascript
cache-control
max-age=0, no-cache
content-length
6977
x-amz-id-2
6RjxYNPhxvcz9RVNXYA8/EWFAx1oRqh6VXshxS/c7nq+6YEobB+kcurWCarnkuC0Ke+pYcxVGl8=
it.help.json
185.198.117.126/content/nexinew/ 		2 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://185.198.117.126/content/nexinew/it.help.json
Requested by
Host: 185.198.117.126
URL: https://185.198.117.126/etc.clientlibs/nexinew/clientlibs/clientlib-site.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.198.117.126 , Italy, ASN (),
Reverse DNS
Software
/
Resource Hash
98366494099531830eeb14c92bc8ac1c439dd4fcdeb4d29d037c3711a52e7b65
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Frame-Options SAMEORIGIN

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://185.198.117.126/it
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date
Wed, 14 Feb 2024 09:05:57 GMT
Content-Security-Policy
frame-ancestors 'self'
Last-Modified
Tue, 13 Feb 2024 17:19:47 GMT
ETag
"9d7-6114699e7d492"
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, HEAD
Content-Type
application/json
P3P
policyref="/w3c/p3p.xml", CP="IDC DSP COR NID DEVi OUR BUS INT"
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=78
Content-Length
2519
styles__ltr.css
www.gstatic.com/recaptcha/releases/x5WWoE57Fv0d6ATKsLDIAKnt/ Frame 19C2 		55 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/x5WWoE57Fv0d6ATKsLDIAKnt/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ld7ALUZAAAAAK4iDeutbuh9DdH-o4dwFyb6FGIP&co=aHR0cHM6Ly8xODUuMTk4LjExNy4xMjY6NDQz&hl=it&v=x5WWoE57Fv0d6ATKsLDIAKnt&size=invisible&cb=gdblltx9uqqe
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 06:33:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
9141
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24606
x-xss-protection
0
last-modified
Mon, 05 Feb 2024 05:00:25 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 13 Feb 2025 06:33:36 GMT
recaptcha__it.js
www.gstatic.com/recaptcha/releases/x5WWoE57Fv0d6ATKsLDIAKnt/ Frame 19C2 		491 KB
196 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/x5WWoE57Fv0d6ATKsLDIAKnt/recaptcha__it.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ld7ALUZAAAAAK4iDeutbuh9DdH-o4dwFyb6FGIP&co=aHR0cHM6Ly8xODUuMTk4LjExNy4xMjY6NDQz&hl=it&v=x5WWoE57Fv0d6ATKsLDIAKnt&size=invisible&cb=gdblltx9uqqe
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
00c92827f3c8ea120c3458bf77302e3163d3d2b2592af2de8e646594a1d2d14a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Tue, 13 Feb 2024 09:07:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
86315
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
200579
x-xss-protection
0
last-modified
Mon, 05 Feb 2024 05:00:25 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 12 Feb 2025 09:07:22 GMT
box-homepage-smartPOS-t.jpg
185.198.117.126/content/dam/nexinew/schede-prodotto/homepage/ 		38 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://185.198.117.126/content/dam/nexinew/schede-prodotto/homepage/box-homepage-smartPOS-t.jpg
Requested by
Host: 185.198.117.126
URL: https://185.198.117.126/it
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.198.117.126 , Italy, ASN (),
Reverse DNS
Software
/
Resource Hash
ee7ec12edfe6e8890809d003fa214bbbf2b1d2ef7f6b6126936d0dbb0b56cd8e
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Frame-Options SAMEORIGIN

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://185.198.117.126/it
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date
Wed, 14 Feb 2024 09:05:57 GMT
Content-Security-Policy
frame-ancestors 'self'
Last-Modified
Thu, 01 Feb 2024 09:51:02 GMT
ETag
"9699-6104eeee9cc29"
X-Frame-Options
SAMEORIGIN
Access-Control-Allow-Methods
GET, HEAD
Content-Type
image/jpeg
P3P
policyref="/w3c/p3p.xml", CP="IDC DSP COR NID DEVi OUR BUS INT"
Cache-Control
max-age=300, public
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=15
Content-Length
38553
box_hp_glossy.webp
185.198.117.126/content/dam/nexinew/schede-prodotto/homepage/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://185.198.117.126/content/dam/nexinew/schede-prodotto/homepage/box_hp_glossy.webp
Requested by
Host: 185.198.117.126
URL: https://185.198.117.126/it
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.198.117.126 , Italy, ASN (),
Reverse DNS
Software
/
Resource Hash
96f9d4c21570a8d3a0653888fa5672bc7bda8765cb91297cce3655637ac7abdd
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Frame-Options SAMEORIGIN

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://185.198.117.126/it
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date
Wed, 14 Feb 2024 09:05:57 GMT
Content-Security-Policy
frame-ancestors 'self'
Last-Modified
Thu, 01 Feb 2024 09:51:12 GMT
ETag
"270a-6104eef8d9831"
X-Frame-Options
SAMEORIGIN
Access-Control-Allow-Methods
GET, HEAD
Content-Type
image/webp
P3P
policyref="/w3c/p3p.xml", CP="IDC DSP COR NID DEVi OUR BUS INT"
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=78
Content-Length
9994
box-micropagamenti-homepage-t.jpg
185.198.117.126/content/dam/nexinew/schede-prodotto/homepage/ 		115 KB
116 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://185.198.117.126/content/dam/nexinew/schede-prodotto/homepage/box-micropagamenti-homepage-t.jpg
Requested by
Host: 185.198.117.126
URL: https://185.198.117.126/it
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.198.117.126 , Italy, ASN (),
Reverse DNS
Software
/
Resource Hash
a82b5532e47a5ee41f5300a9870e0c058c76bdd98a7c343d3c307a5afb60a47d
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Frame-Options SAMEORIGIN

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://185.198.117.126/it
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date
Wed, 14 Feb 2024 09:05:57 GMT
Content-Security-Policy
frame-ancestors 'self'
Last-Modified
Thu, 01 Feb 2024 09:51:04 GMT
ETag
"1cc6b-6104eef10f5f2"
X-Frame-Options
SAMEORIGIN
Access-Control-Allow-Methods
GET, HEAD
Content-Type
image/jpeg
P3P
policyref="/w3c/p3p.xml", CP="IDC DSP COR NID DEVi OUR BUS INT"
Cache-Control
max-age=300, public
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=81
Content-Length
117867
chat.conf.js
185.198.117.126/etc.clientlibs/nexinew/clientlibs/clientlib-chatbot/resources/ 		6 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://185.198.117.126/etc.clientlibs/nexinew/clientlibs/clientlib-chatbot/resources/chat.conf.js
Requested by
Host: apps.mypurecloud.ie
URL: https://apps.mypurecloud.ie/widgets/cxbus.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.198.117.126 , Italy, ASN (),
Reverse DNS
Software
/
Resource Hash
150fd1546211f131573249933ccba2a53c936ef81e73aabffbc01e7d92ff38b1
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Frame-Options SAMEORIGIN

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://185.198.117.126/it
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date
Wed, 14 Feb 2024 09:05:57 GMT
Content-Security-Policy
frame-ancestors 'self'
Last-Modified
Tue, 30 Jan 2024 10:25:20 GMT
ETag
"1931-610272dedd37c"
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, HEAD
Content-Type
application/javascript
P3P
policyref="/w3c/p3p.xml", CP="IDC DSP COR NID DEVi OUR BUS INT"
Cache-Control
max-age=300, public
Transfer-Encoding
chunked
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=76
collect
region1.google-analytics.com/g/ 		0
254 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-2EQBRC1CMY&gtm=45je42c0v876108219z8841327514za200&_p=1707901556298&gcs=G101&gcd=13q3t3p3p5&npa=1&dma_cps=-&dma=1&tcfd=1000h&tt=external&ir=0&cid=959739986.1707901557&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=denied&_s=1&dt=%2Fit&sid=1707901556&sct=1&seg=0&dl=https%3A%2F%2F185.198.117.126%2Fit&en=page_view&_fv=1&_nsi=1&_ss=1&epn.is_internal_traffic=0&epn.device_pixel_ratio=1&ep.navigation_type=navigate&ep.new_tab=new&epn.redirect_count=0&epn.tab_count=1&ep.tab_id=951457a5-d9bf-48b7-b975-1245db7c9774&ep.container_id=GTM-MVCHKSD&epn.is_nb_customer=0&ep.connection_speed=4g&epn.cookies_bytes=185&epn.from_virtual_agent=0&epn.cookie_didomi_ready=0&ep.container_version=224&tfd=1106
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-2EQBRC1CMY&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://185.198.117.126/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Feb 2024 09:05:57 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://185.198.117.126
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
landing
pagead2.googlesyndication.com/pagead/ 		42 B
455 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/landing?gcs=G101&gcd=13q3t3p3p5&rnd=1304299992.1707901557&url=https%3A%2F%2F185.198.117.126%2Fit&dma_cps=-&dma=1&npa=1&tcfd=1000h&gtm=45He42c0n81MVCHKSDv841327514za200
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MVCHKSD
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://185.198.117.126/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Feb 2024 09:05:57 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 19C2 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/recaptcha/api2/logo_48.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/x5WWoE57Fv0d6ATKsLDIAKnt/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/x5WWoE57Fv0d6ATKsLDIAKnt/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Tue, 13 Feb 2024 08:50:20 GMT
x-content-type-options
nosniff
age
87337
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2228
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
expires
Tue, 20 Feb 2024 08:50:20 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 19C2 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ld7ALUZAAAAAK4iDeutbuh9DdH-o4dwFyb6FGIP&co=aHR0cHM6Ly8xODUuMTk4LjExNy4xMjY6NDQz&hl=it&v=x5WWoE57Fv0d6ATKsLDIAKnt&size=invisible&cb=gdblltx9uqqe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Tue, 13 Feb 2024 08:50:21 GMT
x-content-type-options
nosniff
age
87336
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 12 Feb 2025 08:50:21 GMT
widgets-core.min.js
apps.mypurecloud.com/widgets/9.0.017.06/plugins/ 		374 KB
113 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apps.mypurecloud.com/widgets/9.0.017.06/plugins/widgets-core.min.js
Requested by
Host: apps.mypurecloud.ie
URL: https://apps.mypurecloud.ie/widgets/cxbus.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.229.37.255 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-229-37-255.compute-1.amazonaws.com
Software
nginx /
Resource Hash
277d580f0cd80ebd1c02fd14e1112aee45d6c3f1deb38dbfd0e8bef970f56c2f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://185.198.117.126/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 09:05:57 GMT
content-encoding
gzip
x-amz-version-id
sNSaqInlZw24bK6kxbMy6zRCGNOYx6Jg
last-modified
Thu, 20 Aug 2020 19:39:23 GMT
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-request-id
5EWNDQN9J5N9YNWK
etag
"c628f4a51576c80a45e13461dd41bb65"
content-type
text/javascript
cache-control
max-age=0, no-cache
content-length
115520
x-amz-id-2
M3WK8egASWweiwNejLRWx6yJfKhaDhyXPIBOoQGJrIUbEip8TFbOOGCfJCX5LKFYaYzTrV3a8i4=
widgets-it.i18n.json
185.198.117.126/etc.clientlibs/nexinew/clientlibs/clientlib-chatbot/resources/ 		21 KB
22 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://185.198.117.126/etc.clientlibs/nexinew/clientlibs/clientlib-chatbot/resources/widgets-it.i18n.json
Requested by
Host: apps.mypurecloud.com
URL: https://apps.mypurecloud.com/widgets/9.0.017.06/plugins/widgets-core.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.198.117.126 , Italy, ASN (),
Reverse DNS
Software
/
Resource Hash
3144b710d0730bdf9ab50eefcf6b10e1f01e508c64fc7fcf00dc5ab10cd12bc2
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Frame-Options SAMEORIGIN

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://185.198.117.126/it
X-Requested-With
XMLHttpRequest
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date
Wed, 14 Feb 2024 09:05:58 GMT
Content-Security-Policy
frame-ancestors 'self'
Last-Modified
Tue, 30 Jan 2024 10:25:15 GMT
ETag
"52df-610272da13c7a"
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, HEAD
Content-Type
application/json
P3P
policyref="/w3c/p3p.xml", CP="IDC DSP COR NID DEVi OUR BUS INT"
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=6
Content-Length
21215
webchat.min.js
apps.mypurecloud.com/widgets/9.0.017.06/plugins/ 		120 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apps.mypurecloud.com/widgets/9.0.017.06/plugins/webchat.min.js
Requested by
Host: apps.mypurecloud.ie
URL: https://apps.mypurecloud.ie/widgets/cxbus.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.229.37.255 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-229-37-255.compute-1.amazonaws.com
Software
nginx /
Resource Hash
7868fcedcf56c4b7b929da3bb3738c2476aaa349498103b7ac308c3724f2efb8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://185.198.117.126/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 09:05:58 GMT
content-encoding
gzip
x-amz-version-id
I8r9IWjlAwme6kGXcvwZtThDXcvWYQhV
last-modified
Thu, 20 Aug 2020 19:39:23 GMT
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-request-id
Q8WERDNJHYXQXKDP
etag
"48cbcd6f99f8f2301f9835cd67756e27"
content-type
text/javascript
cache-control
max-age=0, no-cache
content-length
32958
x-amz-id-2
bcpdr3AlOvChdrT6G1ru9sOXcAgMpZvbTWMLs+F+pfKOultBEYZteeqLact5cxsiDt2ZsfVTMWk=
richmediabridge.min.js
apps.mypurecloud.com/widgets/9.0.017.06/plugins/ 		77 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apps.mypurecloud.com/widgets/9.0.017.06/plugins/richmediabridge.min.js
Requested by
Host: apps.mypurecloud.ie
URL: https://apps.mypurecloud.ie/widgets/cxbus.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.229.37.255 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-229-37-255.compute-1.amazonaws.com
Software
nginx /
Resource Hash
9f0f857a31f056484b7a7a6486f84a2b8bc7fd551e825e968d2527f1bd28677c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://185.198.117.126/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 09:05:58 GMT
content-encoding
gzip
x-amz-version-id
IMIicDamFGxbMPKPpl8uycurEy7omy_h
last-modified
Thu, 20 Aug 2020 19:39:23 GMT
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-request-id
J7J4RAAM2BQ4578K
etag
"9b37619d557157ff17bf07ccbbdd37ee"
content-type
text/javascript
cache-control
max-age=0, no-cache
content-length
22301
x-amz-id-2
3gLrkhE47lRPooeZ5u23yI4tlYf+nJRo11Gcqa+nP5s+l6T8E2iN2+B60CeW0/MoNNBR8iYtUzQ=
webchatservice.min.js
apps.mypurecloud.com/widgets/9.0.017.06/plugins/ 		649 B
1012 B 		Script
General
Check archive.org
Download Go to
Full URL
https://apps.mypurecloud.com/widgets/9.0.017.06/plugins/webchatservice.min.js
Requested by
Host: apps.mypurecloud.ie
URL: https://apps.mypurecloud.ie/widgets/cxbus.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.229.37.255 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-229-37-255.compute-1.amazonaws.com
Software
nginx /
Resource Hash
f088650e838facc2134a418e8b0a1f1e4ec30a593ab24c56d91a7281ff7df1c4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://185.198.117.126/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 09:05:58 GMT
x-amz-version-id
jJfv2IEwbzrhl82XxQczlICOAZExJG96
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Thu, 20 Aug 2020 19:39:23 GMT
server
nginx
x-amz-request-id
Q6GNWYKZ3NNKMGAJ
etag
"4877fdb51b5ae81b286e1b6e2fde69ff"
content-type
text/javascript
cache-control
max-age=0, no-cache
content-length
649
x-amz-id-2
/9t6XDMrdci5B1Ob9PYjKCTkemEx/2OZG38yIM8rAct4x5QXUc5ngnx2YGUbEPnDnpaDbO+xsRQ=
webchatservicelegacy.mod.js
apps.mypurecloud.com/widgets/9.0.017.06/plugins/ 		63 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apps.mypurecloud.com/widgets/9.0.017.06/plugins/webchatservicelegacy.mod.js
Requested by
Host: apps.mypurecloud.ie
URL: https://apps.mypurecloud.ie/widgets/cxbus.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.229.37.255 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-229-37-255.compute-1.amazonaws.com
Software
nginx /
Resource Hash
d05b19db324ae8ce48fdda064c33ba463f3bcdd20117552b4e9a019e89fdd63d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://185.198.117.126/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 09:05:58 GMT
content-encoding
gzip
x-amz-version-id
Bb4kSLxGmNMKUSTFexpQJZT8immlY.DW
last-modified
Thu, 20 Aug 2020 19:39:23 GMT
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-request-id
JE7HHH87JSYQ63F4
etag
"0984a5d27e9f5a159c17e72ccbe996a0"
content-type
text/javascript
cache-control
max-age=0, no-cache
content-length
19515
x-amz-id-2
B9mnAzjiORWlKybNLq6H/LyLN06WJZdIA/LGcWHnzuDfeLqG0/5z07ozIq8hUSgA0Sl3rGDGOr0=

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Nexi (Banking)

72 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| dataLayer object| nexinew object| Evergage string| VE_CUSTOM_EVENT_NAME string| TO_LAUNCHER_MESSAGE_TYPE string| TO_LAUNCHER_PAYLOAD_TYPE object| eventLinkId object| evgr function| sendMessageToEvergageLauncher number| evergageBeaconParseTimeStart object| SalesforceInteractions number| evergageBeaconParseTimeEnd function| render function| $ function| jQuery boolean| gdprAppliesGlobally object| chatUtilities object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client string| didomiCountry string| didomiRegion object| didomiGeoRegulations object| google_tag_manager function| postscribe object| google_tag_manager_external object| google_tag_data object| didomiEventListeners object| didomiOnReady object| nodeList function| onYouTubeIframeAPIReady object| webpackChunkaccess_widget object| pure_JSON object| pure_CSS function| pure_URL function| pure_fetch function| pure_Set function| pure_Map object| AJS object| acsbJS object| AccessiBe object| acsb object| accessWidget object| webpackChunkDidomi object| Didomi function| __tcfapi object| DidomiSanitizing object| didomiState object| recaptcha object| closure_lm_680485 object| regeneratorRuntime object| picturefillCFG function| picturefill function| clearImmediate function| setImmediate boolean| VimeoPlayerResizeEmbeds_ boolean| VimeoSeoMetadataAppended boolean| VimeoCheckedUrlTimeParam object| thePicker object| deviceBreakpoints function| webpackHotUpdate object| CXBus object| gaGlobal object| _genesys object| _gt function| widgetsJsonpFunction function| pure_addEventListener function| pure_removeEventListener

5 Cookies

Domain/Path Name / Value
185.198.117.126/ Name: TS0168694d
Value: 01d37309fca53d5e038469155ccb81ce0f9fcd4872a513b78113ce7627da61d16bdefadd4ad662c151d1e0d6c7d527d7d021040c50
185.198.117.126/ Name: _sfid_f19e
Value: {%22anonymousId%22:%22f4dcfa45d1171e55%22}
185.198.117.126/ Name: _evga_bdf8
Value: {%22uuid%22:%22f4dcfa45d1171e55%22}
185.198.117.126/ Name: _ga
Value: GA1.1.959739986.1707901557
185.198.117.126/ Name: _ga_2EQBRC1CMY
Value: GS1.1.1707901556.1.0.1707901558.0.0.0

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors 'self'
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

acsbapp.com
ajax.googleapis.com
apps.mypurecloud.com
apps.mypurecloud.ie
cdn.evgnet.com
fonts.gstatic.com
pagead2.googlesyndication.com
region1.google-analytics.com
sdk.privacy-center.org
www.google.com
www.googletagmanager.com
www.gstatic.com
151.101.64.114
185.198.117.126
2001:4860:4802:34::36
2600:9000:26e8:5800:5:b7cc:d3c0:93a1
2606:4700:10::6816:1cc
2a00:1450:4001:806::200a
2a00:1450:4001:809::2008
2a00:1450:4001:80f::2002
2a00:1450:4001:82b::2003
2a00:1450:4001:830::2004
2a00:1450:4001:831::2003
3.229.37.255
54.73.50.138
00c92827f3c8ea120c3458bf77302e3163d3d2b2592af2de8e646594a1d2d14a
0aa36da742e4c3b7c0364bf23d22b7521af22648869570130a37f8678633742b
150fd1546211f131573249933ccba2a53c936ef81e73aabffbc01e7d92ff38b1
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
277d580f0cd80ebd1c02fd14e1112aee45d6c3f1deb38dbfd0e8bef970f56c2f
2bef6e7b4bd23a7009ddf29a2896bbdc7e25a365b501b2c34b5fd42917e12337
2d8ee2dd768ef40ec42d89a9f9d5910f17d185ed73f643ceaa68ac1aaa093a2a
3144b710d0730bdf9ab50eefcf6b10e1f01e508c64fc7fcf00dc5ab10cd12bc2
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3f15939181132a8ea3a1798da2a751abff0c0ffd3efae80b7229a921edc4f90b
4c399d83f036f296ac9cdc6cbb47af8f77b8892218b7c0ae7c26b292f4eddd08
525ffea0234afc7e31ca14912e889ef7d13a4c2b741db7e737a1244bbd9c0b73
53192495ec43c0d10022eb2fecefd9bd2967f56dab0fd98d3a3d5831422f7323
549b311eefd2b2b223406c9dc24bb05bbef70069a9e37e2de12dfb0900bb7d8b
681834065104f982c30d1423fdf02c1a084fa738c48d1eba546b7f9f40630597
6e47054ea05e7e9e1adad307dea7806f82d7341078b09d9deb78c136143bf3e7
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
7868fcedcf56c4b7b929da3bb3738c2476aaa349498103b7ac308c3724f2efb8
7e0012f9553028f5020afabeedf8f228b007212ba46ca2c93c9f69e18834983c
82e7bfb3324083cdd6eb00e57daf5476a8df6e67f00769d4298232cdef598c9e
83e9a25bc3d65aa88a683b34f650213f0c74e657b29436a37ef138c2ea689dda
86c7f7cec2aad8e305dcf57def1edef4fb53829c04ec098562ec010b189994d6
87526f6a2177902e89ac67e69e6152671d38625024ae399ce3ba149599614bb9
96f9d4c21570a8d3a0653888fa5672bc7bda8765cb91297cce3655637ac7abdd
98366494099531830eeb14c92bc8ac1c439dd4fcdeb4d29d037c3711a52e7b65
9f0f857a31f056484b7a7a6486f84a2b8bc7fd551e825e968d2527f1bd28677c
a82b5532e47a5ee41f5300a9870e0c058c76bdd98a7c343d3c307a5afb60a47d
ab87a73113c2e5c71a723edd0af7e1a42f8e05a888f7f333c248f5b587075233
b16d7014a313258b9097e2413e5e5ffc9cb8369b266d1861c35ff3c8a6d08a3c
bc02128438ef172e7ede1360a5c8e3ac7fbfa75ff615a68aa78d96176909eb86
c52f0da6b43677aa6cfa23782d214af14e0d854972a321b610a5d783ad7804d1
c6effbed30ae0b7219fd6e4a1b6a55755673ef6ee43ce88ad8c9154e51418c41
d05b19db324ae8ce48fdda064c33ba463f3bcdd20117552b4e9a019e89fdd63d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ec38a7e65969ef0b1b4e200c9da6432906fd95aca5813ad64b71c0ade5c97eea
ee7ec12edfe6e8890809d003fa214bbbf2b1d2ef7f6b6126936d0dbb0b56cd8e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f088650e838facc2134a418e8b0a1f1e4ec30a593ab24c56d91a7281ff7df1c4
f5c3b26ce6a5eae88fe08086da528c1706038017616dd835527fc4ded3470e43
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
fba15097c263db75abe48e8a19dd939fefca68d0f4c248e6d0bc9c1f420924ce
fe106d4c9ba6d6f402e94852ef2ea01313f1b6bf1771f5bd7f4f7397044b70ff